From 42cd085a04b66bdb31013dc5729535e399747e08 Mon Sep 17 00:00:00 2001 From: speakeasybot Date: Wed, 24 Jun 2026 02:19:36 +0000 Subject: [PATCH 1/2] =?UTF-8?q?##=20Python=20SDK=20Changes:=20*=20`cribl?= =?UTF-8?q?=5Fcontrol=5Fplane.packs.sources.create()`:=20=20=20*=20=20`req?= =?UTF-8?q?uest=5Fbody`=20**Changed**=20(Breaking=20=E2=9A=A0=EF=B8=8F)=20?= =?UTF-8?q?=20=20*=20=20`response.items[]`=20**Changed**=20*=20`cribl=5Fco?= =?UTF-8?q?ntrol=5Fplane.lakes.datasets.list()`:=20=20=20*=20=20`request`?= =?UTF-8?q?=20**Changed**=20(Breaking=20=E2=9A=A0=EF=B8=8F)=20=20=20*=20?= =?UTF-8?q?=20`response.items[]`=20**Changed**=20*=20`cribl=5Fcontrol=5Fpl?= =?UTF-8?q?ane.sources.create()`:=20=20=20*=20=20`request`=20**Changed**?= =?UTF-8?q?=20(Breaking=20=E2=9A=A0=EF=B8=8F)=20=20=20*=20=20`response.ite?= =?UTF-8?q?ms[]`=20**Changed**=20*=20`cribl=5Fcontrol=5Fplane.collectors.l?= =?UTF-8?q?ist()`:=20=20=20*=20=20`request.collector=5Ftype`=20**Changed**?= =?UTF-8?q?=20(Breaking=20=E2=9A=A0=EF=B8=8F)=20=20=20*=20=20`response.ite?= =?UTF-8?q?ms[].union(SavedJobResponseCollection).collector`=20**Changed**?= =?UTF-8?q?=20*=20`cribl=5Fcontrol=5Fplane.sources.update()`:=20=20=20*=20?= =?UTF-8?q?=20`request.input`=20**Changed**=20(Breaking=20=E2=9A=A0?= =?UTF-8?q?=EF=B8=8F)=20=20=20*=20=20`response.items[]`=20**Changed**=20*?= =?UTF-8?q?=20`cribl=5Fcontrol=5Fplane.packs.sources.update()`:=20=20=20*?= =?UTF-8?q?=20=20`request.input`=20**Changed**=20(Breaking=20=E2=9A=A0?= =?UTF-8?q?=EF=B8=8F)=20=20=20*=20=20`response.items[]`=20**Changed**=20*?= =?UTF-8?q?=20`cribl=5Fcontrol=5Fplane.destinations.list()`:=20=20=20*=20?= =?UTF-8?q?=20`request.type`=20**Changed**=20=20=20*=20=20`response.items[?= =?UTF-8?q?]`=20**Changed**=20*=20`cribl=5Fcontrol=5Fplane.destinations.up?= =?UTF-8?q?date()`:=20=20=20*=20=20`request.output`=20**Changed**=20=20=20?= =?UTF-8?q?*=20=20`response.items[]`=20**Changed**=20*=20`cribl=5Fcontrol?= =?UTF-8?q?=5Fplane.sources.pq.get()`:=20=20`response.items[].args.union(R?= =?UTF-8?q?unnableJobCollection).collector`=20**Changed**=20*=20`cribl=5Fc?= =?UTF-8?q?ontrol=5Fplane.packs.sources.get()`:=20=20`response.items[]`=20?= =?UTF-8?q?**Changed**=20*=20`cribl=5Fcontrol=5Fplane.sources.delete()`:?= =?UTF-8?q?=20=20`response.items[]`=20**Changed**=20*=20`cribl=5Fcontrol?= =?UTF-8?q?=5Fplane.packs.sources.delete()`:=20=20`response.items[]`=20**C?= =?UTF-8?q?hanged**=20*=20`cribl=5Fcontrol=5Fplane.packs.sources.pq.get()`?= =?UTF-8?q?:=20=20`response.items[].args.union(RunnableJobCollection).coll?= =?UTF-8?q?ector`=20**Changed**=20*=20`cribl=5Fcontrol=5Fplane.packs.desti?= =?UTF-8?q?nations.list()`:=20=20=20*=20=20`request.type`=20**Changed**=20?= =?UTF-8?q?=20=20*=20=20`response.items[]`=20**Changed**=20*=20`cribl=5Fco?= =?UTF-8?q?ntrol=5Fplane.packs.destinations.create()`:=20=20=20*=20=20`req?= =?UTF-8?q?uest=5Fbody`=20**Changed**=20=20=20*=20=20`response.items[]`=20?= =?UTF-8?q?**Changed**=20*=20`cribl=5Fcontrol=5Fplane.packs.destinations.g?= =?UTF-8?q?et()`:=20=20`response.items[]`=20**Changed**=20*=20`cribl=5Fcon?= =?UTF-8?q?trol=5Fplane.packs.destinations.update()`:=20=20=20*=20=20`requ?= =?UTF-8?q?est.output`=20**Changed**=20=20=20*=20=20`response.items[]`=20*?= =?UTF-8?q?*Changed**=20*=20`cribl=5Fcontrol=5Fplane.packs.destinations.de?= =?UTF-8?q?lete()`:=20=20`response.items[]`=20**Changed**=20*=20`cribl=5Fc?= =?UTF-8?q?ontrol=5Fplane.packs.destinations.pq.get()`:=20=20`response.ite?= =?UTF-8?q?ms[].args.union(RunnableJobCollection).collector`=20**Changed**?= =?UTF-8?q?=20*=20`cribl=5Fcontrol=5Fplane.packs.pipelines.create()`:=20?= =?UTF-8?q?=20=20*=20=20`request.conf.functions[]`=20**Changed**=20=20=20*?= =?UTF-8?q?=20=20`response.items[].conf.functions[]`=20**Changed**=20*=20`?= =?UTF-8?q?cribl=5Fcontrol=5Fplane.packs.pipelines.list()`:=20=20`response?= =?UTF-8?q?.items[].conf.functions[]`=20**Changed**=20*=20`cribl=5Fcontrol?= =?UTF-8?q?=5Fplane.packs.pipelines.delete()`:=20=20`response.items[].conf?= =?UTF-8?q?.functions[]`=20**Changed**=20*=20`cribl=5Fcontrol=5Fplane.pack?= =?UTF-8?q?s.pipelines.get()`:=20=20`response.items[].conf.functions[]`=20?= =?UTF-8?q?**Changed**=20*=20`cribl=5Fcontrol=5Fplane.packs.pipelines.upda?= =?UTF-8?q?te()`:=20=20=20*=20=20`request.conf.functions[]`=20**Changed**?= =?UTF-8?q?=20=20=20*=20=20`response.items[].conf.functions[]`=20**Changed?= =?UTF-8?q?**=20*=20`cribl=5Fcontrol=5Fplane.database=5Fconnections.list()?= =?UTF-8?q?`:=20**Added**=20*=20`cribl=5Fcontrol=5Fplane.destinations.crea?= =?UTF-8?q?te()`:=20=20=20*=20=20`request`=20**Changed**=20=20=20*=20=20`r?= =?UTF-8?q?esponse.items[]`=20**Changed**=20*=20`cribl=5Fcontrol=5Fplane.d?= =?UTF-8?q?estinations.get()`:=20=20`response.items[]`=20**Changed**=20*?= =?UTF-8?q?=20`cribl=5Fcontrol=5Fplane.packs.sources.list()`:=20=20`respon?= =?UTF-8?q?se.items[]`=20**Changed**=20*=20`cribl=5Fcontrol=5Fplane.destin?= =?UTF-8?q?ations.delete()`:=20=20`response.items[]`=20**Changed**=20*=20`?= =?UTF-8?q?cribl=5Fcontrol=5Fplane.destinations.pq.get()`:=20=20`response.?= =?UTF-8?q?items[].args.union(RunnableJobCollection).collector`=20**Change?= =?UTF-8?q?d**=20*=20`cribl=5Fcontrol=5Fplane.pipelines.create()`:=20=20?= =?UTF-8?q?=20*=20=20`request.conf.functions[]`=20**Changed**=20=20=20*=20?= =?UTF-8?q?=20`response.items[].conf.functions[]`=20**Changed**=20*=20`cri?= =?UTF-8?q?bl=5Fcontrol=5Fplane.pipelines.list()`:=20=20`response.items[].?= =?UTF-8?q?conf.functions[]`=20**Changed**=20*=20`cribl=5Fcontrol=5Fplane.?= =?UTF-8?q?pipelines.delete()`:=20=20`response.items[].conf.functions[]`?= =?UTF-8?q?=20**Changed**=20*=20`cribl=5Fcontrol=5Fplane.pipelines.get()`:?= =?UTF-8?q?=20=20`response.items[].conf.functions[]`=20**Changed**=20*=20`?= =?UTF-8?q?cribl=5Fcontrol=5Fplane.pipelines.update()`:=20=20=20*=20=20`re?= =?UTF-8?q?quest.conf.functions[]`=20**Changed**=20=20=20*=20=20`response.?= =?UTF-8?q?items[].conf.functions[]`=20**Changed**=20*=20`cribl=5Fcontrol?= =?UTF-8?q?=5Fplane.collectors.create()`:=20=20=20*=20=20`request.union(Sa?= =?UTF-8?q?vedJobCollection).collector`=20**Changed**=20=20=20*=20=20`resp?= =?UTF-8?q?onse.items[].union(SavedJobResponseCollection).collector`=20**C?= =?UTF-8?q?hanged**=20*=20`cribl=5Fcontrol=5Fplane.sources.get()`:=20=20`r?= =?UTF-8?q?esponse.items[]`=20**Changed**=20*=20`cribl=5Fcontrol=5Fplane.c?= =?UTF-8?q?ollectors.delete()`:=20=20`response.items[].union(SavedJobRespo?= =?UTF-8?q?nseCollection).collector`=20**Changed**=20*=20`cribl=5Fcontrol?= =?UTF-8?q?=5Fplane.collectors.get()`:=20=20`response.items[].union(SavedJ?= =?UTF-8?q?obResponseCollection).collector`=20**Changed**=20*=20`cribl=5Fc?= =?UTF-8?q?ontrol=5Fplane.collectors.update()`:=20=20=20*=20=20`request.sa?= =?UTF-8?q?ved=5Fjob.union(SavedJobCollection).collector`=20**Changed**=20?= =?UTF-8?q?=20=20*=20=20`response.items[].union(SavedJobResponseCollection?= =?UTF-8?q?).collector`=20**Changed**=20*=20`cribl=5Fcontrol=5Fplane.group?= =?UTF-8?q?s.acl.get()`:=20=20=20*=20=20`request.type`=20**Changed**=20=20?= =?UTF-8?q?=20*=20=20`response.items[].perms[].type.enum(apps)`=20**Added*?= =?UTF-8?q?*=20*=20`cribl=5Fcontrol=5Fplane.groups.acl.teams.get()`:=20=20?= =?UTF-8?q?=20*=20=20`request.type`=20**Changed**=20=20=20*=20=20`response?= =?UTF-8?q?.items[].perms[].type.enum(apps)`=20**Added**=20*=20`cribl=5Fco?= =?UTF-8?q?ntrol=5Fplane.lakes.datasets.create()`:=20=20=20*=20=20`request?= =?UTF-8?q?`=20**Changed**=20=20=20*=20=20`response.items[]`=20**Changed**?= =?UTF-8?q?=20*=20`cribl=5Fcontrol=5Fplane.sources.list()`:=20=20`response?= =?UTF-8?q?.items[]`=20**Changed**=20*=20`cribl=5Fcontrol=5Fplane.lakes.da?= =?UTF-8?q?tasets.delete()`:=20=20`response.items[]`=20**Changed**=20*=20`?= =?UTF-8?q?cribl=5Fcontrol=5Fplane.lakes.datasets.get()`:=20=20=20*=20=20`?= =?UTF-8?q?request.include=5Fmetrics`=20**Added**=20=20=20*=20=20`response?= =?UTF-8?q?.items[]`=20**Changed**=20*=20`cribl=5Fcontrol=5Fplane.lakes.da?= =?UTF-8?q?tasets.update()`:=20=20=20*=20=20`request`=20**Changed**=20=20?= =?UTF-8?q?=20*=20=20`response.items[]`=20**Changed**=20*=20`cribl=5Fcontr?= =?UTF-8?q?ol=5Fplane.nodes.get()`:=20=20`response.items[].info.cribl.over?= =?UTF-8?q?lay=5Fid`=20**Added**=20*=20`cribl=5Fcontrol=5Fplane.nodes.list?= =?UTF-8?q?()`:=20=20`response.items[].info.cribl.overlay=5Fid`=20**Added*?= =?UTF-8?q?*=20*=20`cribl=5Fcontrol=5Fplane.health.get()`:=20=20=20*=20=20?= =?UTF-8?q?`response.overlay`=20**Added**=20=20=20*=20=20`error.overlay`?= =?UTF-8?q?=20**Added**?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .speakeasy/gen.lock | 13378 ++++--- .speakeasy/gen.yaml | 13 +- .speakeasy/out.openapi.yaml | 31783 +++++++++++----- .speakeasy/workflow.lock | 16 +- README-PYPI.md | 54 +- README.md | 54 +- RELEASES.md | 12 +- USAGE.md | 16 +- docs/errors/healthserverstatuserror.md | 1 + docs/models/activehealthoverlaystatus.md | 10 + ...eaderconfhealthcheckauthenticationoauth.md | 9 - docs/models/authtype.md | 22 +- docs/models/azureblobauthtypeclientcert.md | 7 + docs/models/azureblobauthtypeclientsecret.md | 7 + docs/models/azureblobauthtypemanual.md | 12 + docs/models/azureblobauthtypesecret.md | 12 + docs/models/branchinfo.md | 2 +- docs/models/cacheconnection.md | 18 +- docs/models/collectortype.md | 27 + docs/models/configgroup.md | 2 +- docs/models/countedboolean.md | 2 +- docs/models/countedbranchinfo.md | 2 +- docs/models/countedconfiggroup.md | 2 +- docs/models/countedcribllakedataset.md | 2 +- .../models/counteddatabaseconnectionconfig.md | 2 +- docs/models/counteddistributedsummary.md | 2 +- docs/models/countedfunctionresponse.md | 2 +- docs/models/countedgitcommitsummary.md | 2 +- docs/models/countedgitcountresult.md | 2 +- docs/models/countedgitdiffresult.md | 2 +- docs/models/countedgitfilesresponse.md | 2 +- docs/models/countedgitinfo.md | 2 +- docs/models/countedgitlogresult.md | 2 +- docs/models/countedgitrevertresult.md | 2 +- docs/models/countedgitshowresult.md | 2 +- docs/models/countedgitstatusresult.md | 2 +- docs/models/countedinputresponse.md | 2 +- docs/models/countedinputsplunkhec.md | 2 +- docs/models/countedinputstatus.md | 2 +- docs/models/countedjobinfo.md | 2 +- docs/models/countedmasterworkerentry.md | 2 +- docs/models/countednumber.md | 2 +- docs/models/countedoutputresponse.md | 2 +- docs/models/countedoutputsamplesresponse.md | 2 +- docs/models/countedoutputstatus.md | 2 +- docs/models/countedoutputtestresponse.md | 2 +- docs/models/countedpackinfo.md | 2 +- docs/models/countedpackinstallinfo.md | 2 +- docs/models/countedpackuninstallinfo.md | 2 +- docs/models/countedpipeline.md | 2 +- docs/models/countedrestartresponse.md | 2 +- docs/models/countedroutes.md | 2 +- docs/models/countedsavedjobresponse.md | 2 +- docs/models/countedstring.md | 2 +- docs/models/countedsystemrestartresponse.md | 2 +- docs/models/countedsystemsettingsconf.md | 2 +- docs/models/countedteamaccesscontrollist.md | 2 +- docs/models/counteduseraccesscontrollist.md | 2 +- docs/models/createinputauth.md | 2 +- .../createinputauthtokencloudflarehec.md | 1 + docs/models/createinputcertificate.md | 11 + docs/models/createinputcontentconfiginput.md | 2 +- .../createinputdiscoverytypeedgeprometheus.md | 3 +- .../createinputdiscoverytypeprometheus.md | 11 +- .../createinputinputappleunifiedlogs.md | 36 +- docs/models/createinputinputconfluentcloud.md | 4 +- docs/models/createinputinputedgeprometheus.md | 6 +- docs/models/createinputinputeventhub.md | 84 +- docs/models/createinputinputjournalfiles.md | 2 +- docs/models/createinputinputkafka.md | 4 +- docs/models/createinputinputkubelogs.md | 2 + docs/models/createinputinputmsk.md | 4 +- docs/models/createinputinputprometheus.md | 4 + docs/models/createinputsystembypackauth.md | 2 +- ...inputsystembypackauthtokencloudflarehec.md | 1 + .../createinputsystembypackcertificate.md | 11 + ...eateinputsystembypackcontentconfiginput.md | 2 +- ...systembypackdiscoverytypeedgeprometheus.md | 3 +- ...nputsystembypackdiscoverytypeprometheus.md | 11 +- ...einputsystembypackinputappleunifiedlogs.md | 36 +- ...ateinputsystembypackinputconfluentcloud.md | 4 +- ...ateinputsystembypackinputedgeprometheus.md | 6 +- .../createinputsystembypackinputeventhub.md | 84 +- ...reateinputsystembypackinputjournalfiles.md | 2 +- .../createinputsystembypackinputkafka.md | 4 +- .../createinputsystembypackinputkubelogs.md | 2 + .../models/createinputsystembypackinputmsk.md | 4 +- .../createinputsystembypackinputprometheus.md | 4 + ...d => createoutputendpointdynatracehttp.md} | 6 +- ...eoutputendpointgooglecloudobservability.md | 20 + docs/models/createoutputformatcribllake.md | 11 +- .../createoutputgoogleauthenticationmethod.md | 21 + ...tputotlpversiongooglecloudobservability.md | 18 + ...> createoutputotlpversionopentelemetry.md} | 6 +- .../createoutputoutputazuredataexplorer.md | 2 +- .../models/createoutputoutputazureeventhub.md | 2 +- docs/models/createoutputoutputazurelogs.md | 2 +- docs/models/createoutputoutputchronicle.md | 2 +- docs/models/createoutputoutputclickhouse.md | 3 +- docs/models/createoutputoutputcloudwatch.md | 2 +- .../createoutputoutputconfluentcloud.md | 2 +- docs/models/createoutputoutputcriblhttp.md | 2 +- .../createoutputoutputcriblsearchengine.md | 2 +- docs/models/createoutputoutputcribltcp.md | 2 +- ...reateoutputoutputcrowdstrikenextgensiem.md | 2 +- docs/models/createoutputoutputdatadog.md | 2 +- docs/models/createoutputoutputdataset.md | 2 +- .../models/createoutputoutputdynatracehttp.md | 4 +- .../models/createoutputoutputdynatraceotlp.md | 2 +- docs/models/createoutputoutputelastic.md | 2 +- docs/models/createoutputoutputelasticcloud.md | 2 +- .../createoutputoutputgooglechronicle.md | 2 +- .../createoutputoutputgooglecloudlogging.md | 2 +- ...ateoutputoutputgooglecloudobservability.md | 47 + docs/models/createoutputoutputgooglepubsub.md | 2 +- ...teoutputoutputgrafanacloudgrafanacloud1.md | 4 +- ...teoutputoutputgrafanacloudgrafanacloud2.md | 4 +- docs/models/createoutputoutputgraphite.md | 2 +- docs/models/createoutputoutputhoneycomb.md | 2 +- docs/models/createoutputoutputhumiohec.md | 2 +- docs/models/createoutputoutputinfluxdb.md | 2 +- docs/models/createoutputoutputkafka.md | 2 +- docs/models/createoutputoutputkinesis.md | 2 +- .../createoutputoutputlocalsearchstorage.md | 3 +- docs/models/createoutputoutputloki.md | 4 +- .../createoutputoutputmicrosoftfabric.md | 2 +- docs/models/createoutputoutputmsk.md | 2 +- docs/models/createoutputoutputnewrelic.md | 2 +- .../createoutputoutputnewrelicevents.md | 2 +- .../models/createoutputoutputopentelemetry.md | 4 +- docs/models/createoutputoutputprometheus.md | 2 +- docs/models/createoutputoutputsentinel.md | 2 +- .../createoutputoutputsentineloneaisiem.md | 2 +- docs/models/createoutputoutputservicenow.md | 2 +- docs/models/createoutputoutputsignalfx.md | 2 +- docs/models/createoutputoutputsns.md | 2 +- docs/models/createoutputoutputsplunk.md | 2 +- docs/models/createoutputoutputsplunkhec.md | 2 +- docs/models/createoutputoutputsplunklb.md | 2 +- docs/models/createoutputoutputsqs.md | 2 +- docs/models/createoutputoutputstatsd.md | 2 +- docs/models/createoutputoutputstatsdext.md | 2 +- docs/models/createoutputoutputsumologic.md | 2 +- docs/models/createoutputoutputsyslog.md | 2 +- docs/models/createoutputoutputtcpjson.md | 2 +- docs/models/createoutputoutputwavefront.md | 2 +- .../createoutputoutputwebhookwebhook1.md | 2 +- .../createoutputoutputwebhookwebhook2.md | 2 +- docs/models/createoutputoutputwizhec.md | 2 +- docs/models/createoutputoutputxsiam.md | 2 +- ...utputpqcontrolsgooglecloudobservability.md | 7 + ...eoutputprotocolgooglecloudobservability.md | 18 + docs/models/createoutputrequest.md | 6 + docs/models/createoutputstatsdestination.md | 20 +- ...utputsystembypackendpointdynatracehttp.md} | 6 +- ...mbypackendpointgooglecloudobservability.md | 20 + ...createoutputsystembypackformatcribllake.md | 11 +- ...tsystembypackgoogleauthenticationmethod.md | 21 + ...packotlpversiongooglecloudobservability.md | 18 + ...utsystembypackotlpversionopentelemetry.md} | 6 +- ...tputsystembypackoutputazuredataexplorer.md | 2 +- ...teoutputsystembypackoutputazureeventhub.md | 2 +- ...createoutputsystembypackoutputazurelogs.md | 2 +- ...createoutputsystembypackoutputchronicle.md | 2 +- ...reateoutputsystembypackoutputclickhouse.md | 3 +- ...reateoutputsystembypackoutputcloudwatch.md | 2 +- ...eoutputsystembypackoutputconfluentcloud.md | 2 +- ...createoutputsystembypackoutputcriblhttp.md | 2 +- ...tputsystembypackoutputcriblsearchengine.md | 2 +- .../createoutputsystembypackoutputcribltcp.md | 2 +- ...ystembypackoutputcrowdstrikenextgensiem.md | 2 +- .../createoutputsystembypackoutputdatadog.md | 2 +- .../createoutputsystembypackoutputdataset.md | 2 +- ...teoutputsystembypackoutputdynatracehttp.md | 4 +- ...teoutputsystembypackoutputdynatraceotlp.md | 2 +- .../createoutputsystembypackoutputelastic.md | 2 +- ...ateoutputsystembypackoutputelasticcloud.md | 2 +- ...outputsystembypackoutputgooglechronicle.md | 2 +- ...putsystembypackoutputgooglecloudlogging.md | 2 +- ...tembypackoutputgooglecloudobservability.md | 47 + ...ateoutputsystembypackoutputgooglepubsub.md | 2 +- ...embypackoutputgrafanacloudgrafanacloud1.md | 4 +- ...embypackoutputgrafanacloudgrafanacloud2.md | 4 +- .../createoutputsystembypackoutputgraphite.md | 2 +- ...createoutputsystembypackoutputhoneycomb.md | 2 +- .../createoutputsystembypackoutputhumiohec.md | 2 +- .../createoutputsystembypackoutputinfluxdb.md | 2 +- .../createoutputsystembypackoutputkafka.md | 2 +- .../createoutputsystembypackoutputkinesis.md | 2 +- ...putsystembypackoutputlocalsearchstorage.md | 3 +- .../createoutputsystembypackoutputloki.md | 4 +- ...outputsystembypackoutputmicrosoftfabric.md | 2 +- .../createoutputsystembypackoutputmsk.md | 2 +- .../createoutputsystembypackoutputnewrelic.md | 2 +- ...eoutputsystembypackoutputnewrelicevents.md | 2 +- ...teoutputsystembypackoutputopentelemetry.md | 4 +- ...reateoutputsystembypackoutputprometheus.md | 2 +- .../createoutputsystembypackoutputsentinel.md | 2 +- ...tputsystembypackoutputsentineloneaisiem.md | 2 +- ...reateoutputsystembypackoutputservicenow.md | 2 +- .../createoutputsystembypackoutputsignalfx.md | 2 +- .../createoutputsystembypackoutputsns.md | 2 +- .../createoutputsystembypackoutputsplunk.md | 2 +- ...createoutputsystembypackoutputsplunkhec.md | 2 +- .../createoutputsystembypackoutputsplunklb.md | 2 +- .../createoutputsystembypackoutputsqs.md | 2 +- .../createoutputsystembypackoutputstatsd.md | 2 +- ...createoutputsystembypackoutputstatsdext.md | 2 +- ...createoutputsystembypackoutputsumologic.md | 2 +- .../createoutputsystembypackoutputsyslog.md | 2 +- .../createoutputsystembypackoutputtcpjson.md | 2 +- ...createoutputsystembypackoutputwavefront.md | 2 +- ...outputsystembypackoutputwebhookwebhook1.md | 2 +- ...outputsystembypackoutputwebhookwebhook2.md | 2 +- .../createoutputsystembypackoutputwizhec.md | 2 +- .../createoutputsystembypackoutputxsiam.md | 2 +- ...ypackpqcontrolsgooglecloudobservability.md | 7 + ...mbypackprotocolgooglecloudobservability.md | 18 + .../createoutputsystembypackrequestbody.md | 6 + ...reateoutputsystembypackstatsdestination.md | 20 +- ...ystembypacktypegooglecloudobservability.md | 16 + ...reateoutputtypegooglecloudobservability.md | 16 + docs/models/cribllakedataset.md | 4 +- docs/models/cribllakedatasetupdate.md | 6 +- docs/models/datasetmetadata.md | 2 +- docs/models/destinationtype.md | 161 +- docs/models/formatoptionscribllakedataset.md | 11 +- ...getcribllakedatasetbylakeidandidrequest.md | 9 +- .../getcribllakedatasetbylakeidformat.md | 20 + .../getcribllakedatasetbylakeidrequest.md | 20 +- .../getdatabaseconnectionconfigrequest.md | 8 + docs/models/getsavedjobrequest.md | 6 +- docs/models/groupcreaterequest.md | 2 +- docs/models/hbcriblinfo.md | 1 + docs/models/healthcheckauthenticationbasic.md | 48 +- ...coverydiscovertypehttpdiscovermethodget.md | 2 + ...overydiscovertypehttpdiscovermethodpost.md | 2 + ...covertypehttpdiscovermethodpostwithbody.md | 2 + ...sichealthcheckdiscoverydiscovertypejson.md | 4 +- ...sichealthcheckdiscoverydiscovertypelist.md | 3 + ...sichealthcheckdiscoverydiscovertypenone.md | 3 + .../healthcheckauthenticationbasicsecret.md | 47 +- ...coverydiscovertypehttpdiscovermethodget.md | 2 + ...overydiscovertypehttpdiscovermethodpost.md | 2 + ...covertypehttpdiscovermethodpostwithbody.md | 2 + ...rethealthcheckdiscoverydiscovertypejson.md | 4 +- ...rethealthcheckdiscoverydiscovertypelist.md | 3 + ...rethealthcheckdiscoverydiscovertypenone.md | 3 + docs/models/healthcheckauthenticationlogin.md | 53 +- ...coverydiscovertypehttpdiscovermethodget.md | 2 + ...overydiscovertypehttpdiscovermethodpost.md | 2 + ...covertypehttpdiscovermethodpostwithbody.md | 2 + ...ginhealthcheckdiscoverydiscovertypejson.md | 4 +- ...ginhealthcheckdiscoverydiscovertypelist.md | 3 + ...ginhealthcheckdiscoverydiscovertypenone.md | 3 + .../healthcheckauthenticationloginsecret.md | 52 +- ...coverydiscovertypehttpdiscovermethodget.md | 2 + ...overydiscovertypehttpdiscovermethodpost.md | 2 + ...covertypehttpdiscovermethodpostwithbody.md | 2 + ...rethealthcheckdiscoverydiscovertypejson.md | 4 +- ...rethealthcheckdiscoverydiscovertypelist.md | 3 + ...rethealthcheckdiscoverydiscovertypenone.md | 3 + docs/models/healthcheckauthenticationnone.md | 46 +- ...coverydiscovertypehttpdiscovermethodget.md | 2 + ...overydiscovertypehttpdiscovermethodpost.md | 2 + ...covertypehttpdiscovermethodpostwithbody.md | 2 + ...onehealthcheckdiscoverydiscovertypejson.md | 4 +- ...onehealthcheckdiscoverydiscovertypelist.md | 3 + ...onehealthcheckdiscoverydiscovertypenone.md | 3 + docs/models/healthcheckauthenticationoauth.md | 52 +- ...coverydiscovertypehttpdiscovermethodget.md | 2 + ...overydiscovertypehttpdiscovermethodpost.md | 2 + ...covertypehttpdiscovermethodpostwithbody.md | 2 + ...uthhealthcheckdiscoverydiscovertypejson.md | 4 +- ...uthhealthcheckdiscoverydiscovertypelist.md | 3 + ...uthhealthcheckdiscoverydiscovertypenone.md | 3 + .../healthcheckauthenticationoauthsecret.md | 52 +- ...coverydiscovertypehttpdiscovermethodget.md | 2 + ...overydiscovertypehttpdiscovermethodpost.md | 2 + ...covertypehttpdiscovermethodpostwithbody.md | 2 + ...rethealthcheckdiscoverydiscovertypejson.md | 4 +- ...rethealthcheckdiscoverydiscovertypelist.md | 3 + ...rethealthcheckdiscoverydiscovertypenone.md | 3 + docs/models/healthcheckcollectmethodget.md | 48 +- ...coverydiscovertypehttpdiscovermethodget.md | 2 + ...overydiscovertypehttpdiscovermethodpost.md | 2 + ...covertypehttpdiscovermethodpostwithbody.md | 2 + ...gethealthcheckdiscoverydiscovertypejson.md | 4 +- ...gethealthcheckdiscoverydiscovertypelist.md | 3 + ...gethealthcheckdiscoverydiscovertypenone.md | 3 + docs/models/healthcheckcollectmethodpost.md | 48 +- ...coverydiscovertypehttpdiscovermethodget.md | 2 + ...overydiscovertypehttpdiscovermethodpost.md | 2 + ...covertypehttpdiscovermethodpostwithbody.md | 2 + ...osthealthcheckdiscoverydiscovertypejson.md | 4 +- ...osthealthcheckdiscoverydiscovertypelist.md | 3 + ...osthealthcheckdiscoverydiscovertypenone.md | 3 + .../healthcheckcollectmethodpostwithbody.md | 48 +- ...coverydiscovertypehttpdiscovermethodget.md | 2 + ...overydiscovertypehttpdiscovermethodpost.md | 2 + ...covertypehttpdiscovermethodpostwithbody.md | 2 + ...odyhealthcheckdiscoverydiscovertypejson.md | 4 +- ...odyhealthcheckdiscoverydiscovertypelist.md | 3 + ...odyhealthcheckdiscoverydiscovertypenone.md | 3 + docs/models/healthoverlaystatus.md | 17 + docs/models/healthserverstatus.md | 1 + ...httpdiscoveryheaderconfinputprometheus.md} | 2 +- docs/models/inputappleunifiedlogsinput.md | 36 +- docs/models/inputcloudflarehecauthtoken.md | 1 + docs/models/inputconfluentcloudinput.md | 4 +- .../inputedgeprometheusdiscoverytype.md | 3 +- docs/models/inputedgeprometheusinput.md | 6 +- docs/models/inputeventhubamqpauth.md | 2 +- docs/models/inputeventhubamqpcertificate.md | 11 + docs/models/inputeventhubinput.md | 84 +- docs/models/inputjournalfilesinput.md | 2 +- docs/models/inputkafkainput.md | 4 +- docs/models/inputkubelogsinput.md | 2 + docs/models/inputmskinput.md | 4 +- docs/models/inputopenaicontentconfig.md | 2 +- docs/models/inputprometheusdiscoverytype.md | 11 +- docs/models/inputprometheusinput.md | 4 + docs/models/inputresponseauth.md | 2 +- .../inputresponseauthtokencloudflarehec.md | 1 + docs/models/inputresponsecertificate.md | 11 + .../inputresponsecontentconfigopenai.md | 2 +- ...nputresponsediscoverytypeedgeprometheus.md | 3 +- .../inputresponsediscoverytypeprometheus.md | 11 +- .../inputresponseinputappleunifiedlogs.md | 42 +- .../inputresponseinputconfluentcloud.md | 4 +- .../inputresponseinputedgeprometheus.md | 6 +- docs/models/inputresponseinputeventhub.md | 90 +- docs/models/inputresponseinputjournalfiles.md | 2 +- docs/models/inputresponseinputkafka.md | 4 +- docs/models/inputresponseinputkubelogs.md | 2 + docs/models/inputresponseinputmsk.md | 4 +- docs/models/inputresponseinputprometheus.md | 4 + .../kafkaschemaregistryauthenticationtype.md | 2 +- ...cationtypetemplateschemaregistryurlauth.md | 2 +- docs/models/lakedatasetmetrics.md | 8 +- docs/models/lakedatasetsearchconfig.md | 2 +- docs/models/noactivehealthoverlaystatus.md | 8 + docs/models/objectstoragefilter.md | 11 +- docs/models/output.md | 6 + docs/models/outputazuredataexplorer.md | 2 +- docs/models/outputazureeventhub.md | 2 +- docs/models/outputazurelogs.md | 2 +- docs/models/outputchronicle.md | 2 +- docs/models/outputclickhouse.md | 3 +- docs/models/outputcloudwatch.md | 2 +- docs/models/outputconfluentcloud.md | 2 +- docs/models/outputcriblhttp.md | 2 +- docs/models/outputcribllakeformat.md | 11 +- docs/models/outputcriblsearchengine.md | 2 +- docs/models/outputcribltcp.md | 2 +- docs/models/outputcrowdstrikenextgensiem.md | 2 +- docs/models/outputdatadog.md | 2 +- docs/models/outputdataset.md | 2 +- docs/models/outputdynatracehttp.md | 2 +- docs/models/outputdynatraceotlp.md | 2 +- docs/models/outputelastic.md | 2 +- docs/models/outputelasticcloud.md | 2 +- docs/models/outputgooglechronicle.md | 2 +- docs/models/outputgooglecloudlogging.md | 2 +- docs/models/outputgooglecloudobservability.md | 47 + .../outputgooglecloudobservabilityendpoint.md | 20 + ...observabilitygoogleauthenticationmethod.md | 21 + ...tputgooglecloudobservabilityotlpversion.md | 18 + ...utputgooglecloudobservabilitypqcontrols.md | 7 + .../outputgooglecloudobservabilityprotocol.md | 18 + .../outputgooglecloudobservabilitytype.md | 16 + docs/models/outputgooglepubsub.md | 2 +- .../models/outputgrafanacloudgrafanacloud1.md | 4 +- .../models/outputgrafanacloudgrafanacloud2.md | 4 +- docs/models/outputgraphite.md | 2 +- docs/models/outputhoneycomb.md | 2 +- docs/models/outputhumiohec.md | 2 +- docs/models/outputinfluxdb.md | 2 +- docs/models/outputkafka.md | 2 +- docs/models/outputkinesis.md | 2 +- docs/models/outputlocalsearchstorage.md | 3 +- ...utputlocalsearchstoragestatsdestination.md | 20 +- docs/models/outputloki.md | 4 +- docs/models/outputmicrosoftfabric.md | 2 +- docs/models/outputmsk.md | 2 +- docs/models/outputnewrelic.md | 2 +- docs/models/outputnewrelicevents.md | 2 +- docs/models/outputopentelemetry.md | 2 +- docs/models/outputprometheus.md | 2 +- docs/models/outputresponse.md | 6 + ...=> outputresponseendpointdynatracehttp.md} | 6 +- ...esponseendpointgooglecloudobservability.md | 20 + docs/models/outputresponseformatcribllake.md | 11 +- ...utputresponsegoogleauthenticationmethod.md | 21 + ...onseotlpversiongooglecloudobservability.md | 18 + ...outputresponseotlpversionopentelemetry.md} | 6 +- .../outputresponseoutputazuredataexplorer.md | 2 +- .../outputresponseoutputazureeventhub.md | 2 +- docs/models/outputresponseoutputazurelogs.md | 2 +- docs/models/outputresponseoutputchronicle.md | 2 +- docs/models/outputresponseoutputclickhouse.md | 3 +- docs/models/outputresponseoutputcloudwatch.md | 2 +- .../outputresponseoutputconfluentcloud.md | 2 +- docs/models/outputresponseoutputcriblhttp.md | 2 +- .../outputresponseoutputcriblsearchengine.md | 2 +- docs/models/outputresponseoutputcribltcp.md | 2 +- ...putresponseoutputcrowdstrikenextgensiem.md | 2 +- docs/models/outputresponseoutputdatadog.md | 2 +- docs/models/outputresponseoutputdataset.md | 2 +- .../outputresponseoutputdynatracehttp.md | 4 +- .../outputresponseoutputdynatraceotlp.md | 2 +- docs/models/outputresponseoutputelastic.md | 2 +- .../outputresponseoutputelasticcloud.md | 2 +- .../outputresponseoutputgooglechronicle.md | 2 +- .../outputresponseoutputgooglecloudlogging.md | 2 +- ...tresponseoutputgooglecloudobservability.md | 49 + .../outputresponseoutputgooglepubsub.md | 2 +- ...responseoutputgrafanacloudgrafanacloud1.md | 4 +- ...responseoutputgrafanacloudgrafanacloud2.md | 4 +- docs/models/outputresponseoutputgraphite.md | 2 +- docs/models/outputresponseoutputhoneycomb.md | 2 +- docs/models/outputresponseoutputhumiohec.md | 2 +- docs/models/outputresponseoutputinfluxdb.md | 2 +- docs/models/outputresponseoutputkafka.md | 2 +- docs/models/outputresponseoutputkinesis.md | 2 +- .../outputresponseoutputlocalsearchstorage.md | 3 +- docs/models/outputresponseoutputloki.md | 4 +- .../outputresponseoutputmicrosoftfabric.md | 2 +- docs/models/outputresponseoutputmsk.md | 2 +- docs/models/outputresponseoutputnewrelic.md | 2 +- .../outputresponseoutputnewrelicevents.md | 2 +- .../outputresponseoutputopentelemetry.md | 4 +- docs/models/outputresponseoutputprometheus.md | 2 +- docs/models/outputresponseoutputsentinel.md | 2 +- .../outputresponseoutputsentineloneaisiem.md | 2 +- docs/models/outputresponseoutputservicenow.md | 2 +- docs/models/outputresponseoutputsignalfx.md | 2 +- docs/models/outputresponseoutputsns.md | 2 +- docs/models/outputresponseoutputsplunk.md | 2 +- docs/models/outputresponseoutputsplunkhec.md | 2 +- docs/models/outputresponseoutputsplunklb.md | 2 +- docs/models/outputresponseoutputsqs.md | 2 +- docs/models/outputresponseoutputstatsd.md | 2 +- docs/models/outputresponseoutputstatsdext.md | 2 +- docs/models/outputresponseoutputsumologic.md | 2 +- docs/models/outputresponseoutputsyslog.md | 2 +- docs/models/outputresponseoutputtcpjson.md | 2 +- docs/models/outputresponseoutputwavefront.md | 2 +- .../outputresponseoutputwebhookwebhook1.md | 2 +- .../outputresponseoutputwebhookwebhook2.md | 2 +- docs/models/outputresponseoutputwizhec.md | 2 +- docs/models/outputresponseoutputxsiam.md | 2 +- ...ponsepqcontrolsgooglecloudobservability.md | 7 + ...esponseprotocolgooglecloudobservability.md | 18 + docs/models/outputresponsestatsdestination.md | 20 +- ...putresponsetypegooglecloudobservability.md | 16 + docs/models/outputsentinel.md | 2 +- docs/models/outputsentineloneaisiem.md | 2 +- docs/models/outputservicenow.md | 2 +- docs/models/outputsignalfx.md | 2 +- docs/models/outputsns.md | 2 +- docs/models/outputsplunk.md | 2 +- docs/models/outputsplunkhec.md | 2 +- docs/models/outputsplunklb.md | 2 +- docs/models/outputsqs.md | 2 +- docs/models/outputstatsd.md | 2 +- docs/models/outputstatsdext.md | 2 +- docs/models/outputsumologic.md | 2 +- docs/models/outputsyslog.md | 2 +- docs/models/outputtcpjson.md | 2 +- docs/models/outputwavefront.md | 2 +- docs/models/outputwebhookwebhook1.md | 2 +- docs/models/outputwebhookwebhook2.md | 2 +- docs/models/outputwizhec.md | 2 +- docs/models/outputxsiam.md | 2 +- docs/models/packinfo.md | 2 +- docs/models/packinstallinfo.md | 2 +- docs/models/pqtype.md | 2 +- docs/models/rbacresource.md | 3 +- docs/models/redisauthtypecredentialssecret.md | 5 + docs/models/redisauthtypemanual.md | 5 + docs/models/redisauthtypenone.md | 5 + docs/models/redisauthtypetextsecret.md | 5 + docs/models/redisdeploymenttypecluster.md | 5 +- docs/models/redisdeploymenttypesentinel.md | 5 +- .../redisdeploymenttypesentinelrootnode.md | 9 - docs/models/redisdeploymenttypestandalone.md | 5 + docs/models/restauthenticationbasic.md | 71 +- ...coverydiscovertypehttpdiscovermethodget.md | 1 + ...verydiscovertypehttpdiscovermethodother.md | 1 + ...overydiscovertypehttpdiscovermethodpost.md | 1 + ...covertypehttpdiscovermethodpostwithbody.md | 1 + ...ationbasicrestdiscoverydiscovertypejson.md | 25 +- ...ationbasicrestdiscoverydiscovertypelist.md | 24 +- ...ationbasicrestdiscoverydiscovertypenone.md | 24 +- ...thenticationbasicrestpaginationtypenone.md | 3 + ...tionbasicrestpaginationtyperesponsebody.md | 2 + ...onbasicrestpaginationtyperesponseheader.md | 2 + ...sicrestpaginationtyperesponseheaderlink.md | 2 + docs/models/restauthenticationbasicsecret.md | 70 +- ...coverydiscovertypehttpdiscovermethodget.md | 1 + ...verydiscovertypehttpdiscovermethodother.md | 1 + ...overydiscovertypehttpdiscovermethodpost.md | 1 + ...covertypehttpdiscovermethodpostwithbody.md | 1 + ...asicsecretrestdiscoverydiscovertypejson.md | 25 +- ...asicsecretrestdiscoverydiscovertypelist.md | 24 +- ...asicsecretrestdiscoverydiscovertypenone.md | 24 +- ...cationbasicsecretrestpaginationtypenone.md | 3 + ...sicsecretrestpaginationtyperesponsebody.md | 2 + ...csecretrestpaginationtyperesponseheader.md | 2 + ...retrestpaginationtyperesponseheaderlink.md | 2 + docs/models/restauthenticationgoogleoauth.md | 71 +- ...coverydiscovertypehttpdiscovermethodget.md | 1 + ...verydiscovertypehttpdiscovermethodother.md | 1 + ...overydiscovertypehttpdiscovermethodpost.md | 1 + ...covertypehttpdiscovermethodpostwithbody.md | 1 + ...oogleoauthrestdiscoverydiscovertypejson.md | 25 +- ...oogleoauthrestdiscoverydiscovertypelist.md | 24 +- ...oogleoauthrestdiscoverydiscovertypenone.md | 24 +- ...cationgoogleoauthrestpaginationtypenone.md | 3 + ...ogleoauthrestpaginationtyperesponsebody.md | 2 + ...leoauthrestpaginationtyperesponseheader.md | 2 + ...uthrestpaginationtyperesponseheaderlink.md | 2 + .../restauthenticationgoogleoauthsecret.md | 72 +- ...coverydiscovertypehttpdiscovermethodget.md | 1 + ...verydiscovertypehttpdiscovermethodother.md | 1 + ...overydiscovertypehttpdiscovermethodpost.md | 1 + ...covertypehttpdiscovermethodpostwithbody.md | 1 + ...authsecretrestdiscoverydiscovertypejson.md | 25 +- ...authsecretrestdiscoverydiscovertypelist.md | 24 +- ...authsecretrestdiscoverydiscovertypenone.md | 24 +- ...googleoauthsecretrestpaginationtypenone.md | 3 + ...uthsecretrestpaginationtyperesponsebody.md | 2 + ...hsecretrestpaginationtyperesponseheader.md | 2 + ...retrestpaginationtyperesponseheaderlink.md | 2 + docs/models/restauthenticationhmac.md | 69 +- ...coverydiscovertypehttpdiscovermethodget.md | 1 + ...verydiscovertypehttpdiscovermethodother.md | 1 + ...overydiscovertypehttpdiscovermethodpost.md | 1 + ...covertypehttpdiscovermethodpostwithbody.md | 1 + ...cationhmacrestdiscoverydiscovertypejson.md | 25 +- ...cationhmacrestdiscoverydiscovertypelist.md | 24 +- ...cationhmacrestdiscoverydiscovertypenone.md | 24 +- ...uthenticationhmacrestpaginationtypenone.md | 3 + ...ationhmacrestpaginationtyperesponsebody.md | 2 + ...ionhmacrestpaginationtyperesponseheader.md | 2 + ...macrestpaginationtyperesponseheaderlink.md | 2 + docs/models/restauthenticationlogin.md | 12 + ...coverydiscovertypehttpdiscovermethodget.md | 1 + ...verydiscovertypehttpdiscovermethodother.md | 1 + ...overydiscovertypehttpdiscovermethodpost.md | 1 + ...covertypehttpdiscovermethodpostwithbody.md | 1 + ...ationloginrestdiscoverydiscovertypejson.md | 25 +- ...ationloginrestdiscoverydiscovertypelist.md | 24 +- ...ationloginrestdiscoverydiscovertypenone.md | 24 +- ...thenticationloginrestpaginationtypenone.md | 3 + ...tionloginrestpaginationtyperesponsebody.md | 2 + ...onloginrestpaginationtyperesponseheader.md | 2 + ...ginrestpaginationtyperesponseheaderlink.md | 2 + docs/models/restauthenticationloginsecret.md | 17 +- ...coverydiscovertypehttpdiscovermethodget.md | 1 + ...verydiscovertypehttpdiscovermethodother.md | 1 + ...overydiscovertypehttpdiscovermethodpost.md | 1 + ...covertypehttpdiscovermethodpostwithbody.md | 1 + ...oginsecretrestdiscoverydiscovertypejson.md | 25 +- ...oginsecretrestdiscoverydiscovertypelist.md | 24 +- ...oginsecretrestdiscoverydiscovertypenone.md | 24 +- ...cationloginsecretrestpaginationtypenone.md | 3 + ...ginsecretrestpaginationtyperesponsebody.md | 2 + ...nsecretrestpaginationtyperesponseheader.md | 2 + ...retrestpaginationtyperesponseheaderlink.md | 2 + docs/models/restauthenticationnone.md | 69 +- ...coverydiscovertypehttpdiscovermethodget.md | 1 + ...verydiscovertypehttpdiscovermethodother.md | 1 + ...overydiscovertypehttpdiscovermethodpost.md | 1 + ...covertypehttpdiscovermethodpostwithbody.md | 1 + ...cationnonerestdiscoverydiscovertypejson.md | 25 +- ...cationnonerestdiscoverydiscovertypelist.md | 24 +- ...cationnonerestdiscoverydiscovertypenone.md | 24 +- ...uthenticationnonerestpaginationtypenone.md | 3 + ...ationnonerestpaginationtyperesponsebody.md | 2 + ...ionnonerestpaginationtyperesponseheader.md | 2 + ...onerestpaginationtyperesponseheaderlink.md | 2 + docs/models/restauthenticationoauth.md | 76 +- ...coverydiscovertypehttpdiscovermethodget.md | 1 + ...verydiscovertypehttpdiscovermethodother.md | 1 + ...overydiscovertypehttpdiscovermethodpost.md | 1 + ...covertypehttpdiscovermethodpostwithbody.md | 1 + ...ationoauthrestdiscoverydiscovertypejson.md | 25 +- ...ationoauthrestdiscoverydiscovertypelist.md | 24 +- ...ationoauthrestdiscoverydiscovertypenone.md | 24 +- ...thenticationoauthrestpaginationtypenone.md | 3 + ...tionoauthrestpaginationtyperesponsebody.md | 2 + ...onoauthrestpaginationtyperesponseheader.md | 2 + ...uthrestpaginationtyperesponseheaderlink.md | 2 + docs/models/restauthenticationoauthsecret.md | 77 +- ...coverydiscovertypehttpdiscovermethodget.md | 1 + ...verydiscovertypehttpdiscovermethodother.md | 1 + ...overydiscovertypehttpdiscovermethodpost.md | 1 + ...covertypehttpdiscovermethodpostwithbody.md | 1 + ...authsecretrestdiscoverydiscovertypejson.md | 25 +- ...authsecretrestdiscoverydiscovertypelist.md | 24 +- ...authsecretrestdiscoverydiscovertypenone.md | 24 +- ...cationoauthsecretrestpaginationtypenone.md | 3 + ...uthsecretrestpaginationtyperesponsebody.md | 2 + ...hsecretrestpaginationtyperesponseheader.md | 2 + ...retrestpaginationtyperesponseheaderlink.md | 2 + docs/models/restcollectmethodget.md | 71 +- ...coverydiscovertypehttpdiscovermethodget.md | 1 + ...verydiscovertypehttpdiscovermethodother.md | 1 + ...overydiscovertypehttpdiscovermethodpost.md | 1 + ...covertypehttpdiscovermethodpostwithbody.md | 1 + ...tmethodgetrestdiscoverydiscovertypejson.md | 25 +- ...tmethodgetrestdiscoverydiscovertypelist.md | 24 +- ...tmethodgetrestdiscoverydiscovertypenone.md | 24 +- ...tcollectmethodgetrestpaginationtypenone.md | 3 + ...methodgetrestpaginationtyperesponsebody.md | 2 + ...thodgetrestpaginationtyperesponseheader.md | 2 + ...getrestpaginationtyperesponseheaderlink.md | 2 + docs/models/restcollectmethodother.md | 75 +- ...coverydiscovertypehttpdiscovermethodget.md | 1 + ...verydiscovertypehttpdiscovermethodother.md | 1 + ...overydiscovertypehttpdiscovermethodpost.md | 1 + ...covertypehttpdiscovermethodpostwithbody.md | 1 + ...ethodotherrestdiscoverydiscovertypejson.md | 25 +- ...ethodotherrestdiscoverydiscovertypelist.md | 24 +- ...ethodotherrestdiscoverydiscovertypenone.md | 24 +- ...ollectmethodotherrestpaginationtypenone.md | 3 + ...thodotherrestpaginationtyperesponsebody.md | 2 + ...odotherrestpaginationtyperesponseheader.md | 2 + ...herrestpaginationtyperesponseheaderlink.md | 2 + docs/models/restcollectmethodpost.md | 71 +- ...coverydiscovertypehttpdiscovermethodget.md | 1 + ...verydiscovertypehttpdiscovermethodother.md | 1 + ...overydiscovertypehttpdiscovermethodpost.md | 1 + ...covertypehttpdiscovermethodpostwithbody.md | 1 + ...methodpostrestdiscoverydiscovertypejson.md | 25 +- ...methodpostrestdiscoverydiscovertypelist.md | 24 +- ...methodpostrestdiscoverydiscovertypenone.md | 24 +- ...collectmethodpostrestpaginationtypenone.md | 3 + ...ethodpostrestpaginationtyperesponsebody.md | 2 + ...hodpostrestpaginationtyperesponseheader.md | 2 + ...ostrestpaginationtyperesponseheaderlink.md | 2 + docs/models/restcollectmethodpostwithbody.md | 71 +- ...coverydiscovertypehttpdiscovermethodget.md | 1 + ...verydiscovertypehttpdiscovermethodother.md | 1 + ...overydiscovertypehttpdiscovermethodpost.md | 1 + ...covertypehttpdiscovermethodpostwithbody.md | 1 + ...stwithbodyrestdiscoverydiscovertypejson.md | 25 +- ...stwithbodyrestdiscoverydiscovertypelist.md | 24 +- ...stwithbodyrestdiscoverydiscovertypenone.md | 24 +- ...ethodpostwithbodyrestpaginationtypenone.md | 3 + ...twithbodyrestpaginationtyperesponsebody.md | 2 + ...ithbodyrestpaginationtyperesponseheader.md | 2 + ...odyrestpaginationtyperesponseheaderlink.md | 2 + ...overydiscovertypehttppaginationtypenone.md | 3 + ...covertypehttppaginationtyperesponsebody.md | 2 + ...vertypehttppaginationtyperesponseheader.md | 2 + ...ypehttppaginationtyperesponseheaderlink.md | 2 + ...rootnodeconfredisdeploymenttypecluster.md} | 2 +- docs/models/runnablejobcollectionrun.md | 4 +- ...ttingstyperunnablejobcollectionschedule.md | 4 +- ...stypesavedjobresponsecollectionschedule.md | 4 +- docs/models/serdetypegrok.md | 4 + docs/models/serdetypejson.md | 1 + docs/models/serdetypekvp.md | 1 + docs/models/serdetyperegex.md | 4 + docs/models/splunkauthenticationbasic.md | 5 + .../models/splunkauthenticationbasicsecret.md | 6 + docs/models/splunkauthenticationnone.md | 7 + docs/models/splunkauthenticationtoken.md | 7 + .../models/splunkauthenticationtokensecret.md | 7 + docs/models/updatepacksrequest.md | 8 +- docs/sdks/captures/README.md | 4 +- docs/sdks/collectorssdk/README.md | 182 +- docs/sdks/commits/README.md | 92 +- docs/sdks/cribl/README.md | 2 +- docs/sdks/databaseconnections/README.md | 345 +- docs/sdks/datasets/README.md | 217 +- docs/sdks/destinations/README.md | 2206 +- docs/sdks/destinationsstatuses/README.md | 60 +- docs/sdks/functions/README.md | 20 +- docs/sdks/groupssdk/README.md | 6 +- docs/sdks/health/README.md | 2 +- docs/sdks/nodes/README.md | 64 +- docs/sdks/packs/README.md | 48 +- docs/sdks/packsdestinations/README.md | 2206 +- docs/sdks/packsdestinationsstatuses/README.md | 64 +- docs/sdks/packspipelines/README.md | 2024 +- docs/sdks/packsroutes/README.md | 92 +- docs/sdks/packssources/README.md | 2056 +- docs/sdks/packssourcesstatuses/README.md | 64 +- docs/sdks/pipelines/README.md | 1916 +- docs/sdks/routessdk/README.md | 90 +- docs/sdks/settings/README.md | 2 +- docs/sdks/sources/README.md | 2056 +- docs/sdks/sourcespq/README.md | 26 +- docs/sdks/sourcesstatuses/README.md | 60 +- docs/sdks/summaries/README.md | 2 +- docs/sdks/tokens/README.md | 2 +- pyproject.toml | 2 +- src/cribl_control_plane/_version.py | 8 +- src/cribl_control_plane/captures.py | 8 +- src/cribl_control_plane/collectors_sdk.py | 216 +- src/cribl_control_plane/commits.py | 210 +- src/cribl_control_plane/cribl.py | 4 +- .../databaseconnections.py | 424 +- src/cribl_control_plane/datasets.py | 724 +- .../destinations_statuses.py | 238 +- .../errors/healthserverstatus_error.py | 6 +- src/cribl_control_plane/functions.py | 84 +- src/cribl_control_plane/groups_sdk.py | 50 +- src/cribl_control_plane/health.py | 4 +- src/cribl_control_plane/hectokens.py | 42 +- src/cribl_control_plane/models/__init__.py | 1637 +- .../models/activehealthoverlaystatus.py | 38 + ...eaderconfhealthcheckauthenticationoauth.py | 20 - src/cribl_control_plane/models/authtype.py | 106 +- .../models/azureblobcollectorconf.py | 292 + src/cribl_control_plane/models/branchinfo.py | 2 + .../models/cacheconnection.py | 12 +- .../models/collectortype.py | 18 + src/cribl_control_plane/models/configgroup.py | 2 + .../models/countedboolean.py | 2 + .../models/countedbranchinfo.py | 2 + .../models/countedconfiggroup.py | 2 + .../models/countedcribllakedataset.py | 2 + .../models/counteddatabaseconnectionconfig.py | 2 + .../models/counteddistributedsummary.py | 2 + .../models/countedfunctionresponse.py | 2 + .../models/countedgitcommitsummary.py | 2 + .../models/countedgitcountresult.py | 2 + .../models/countedgitdiffresult.py | 2 + .../models/countedgitfilesresponse.py | 2 + .../models/countedgitinfo.py | 2 + .../models/countedgitlogresult.py | 2 + .../models/countedgitrevertresult.py | 2 + .../models/countedgitshowresult.py | 2 + .../models/countedgitstatusresult.py | 2 + .../models/countedinputresponse.py | 2 + .../models/countedinputsplunkhec.py | 2 + .../models/countedinputstatus.py | 2 + .../models/countedjobinfo.py | 2 + .../models/countedmasterworkerentry.py | 2 + .../models/countednumber.py | 2 + .../models/countedoutputresponse.py | 2 + .../models/countedoutputsamplesresponse.py | 2 + .../models/countedoutputstatus.py | 2 + .../models/countedoutputtestresponse.py | 2 + .../models/countedpackinfo.py | 2 + .../models/countedpackinstallinfo.py | 2 + .../models/countedpackuninstallinfo.py | 2 + .../models/countedpipeline.py | 2 + .../models/countedrestartresponse.py | 2 + .../models/countedroutes.py | 2 + .../models/countedsavedjobresponse.py | 2 + .../models/countedstring.py | 2 + .../models/countedsystemrestartresponse.py | 2 + .../models/countedsystemsettingsconf.py | 2 + .../models/countedteamaccesscontrollist.py | 2 + .../models/counteduseraccesscontrollist.py | 2 + .../models/createinput_logged_in_users.py | 43 +- .../models/createinput_request.py | 229 +- ...createinputsystembypack_logged_in_users.py | 43 +- .../models/createinputsystembypack_request.py | 229 +- .../createoutput_outputwebhook_url_1.py | 18335 +++++++++ .../models/createoutput_request.py | 18175 +-------- .../models/createoutput_type_statsd.py | 164 +- ...eoutputsystembypack_outputwebhook_url_1.py | 18418 +++++++++ .../createoutputsystembypack_request.py | 18243 +-------- .../createoutputsystembypack_type_statsd.py | 167 +- .../models/cribllakedataset.py | 8 +- .../models/cribllakedatasetupdate.py | 12 +- .../models/datasetmetadata.py | 4 +- .../models/destinationtype.py | 1 + .../models/formatoptionscribllakedataset.py | 1 + .../getcribllakedatasetbylakeidandidop.py | 37 +- .../models/getcribllakedatasetbylakeidop.py | 43 +- .../models/getdatabaseconnectionconfigop.py | 50 + .../models/getsavedjobop.py | 17 +- .../models/groupcreaterequest.py | 2 + src/cribl_control_plane/models/hbcriblinfo.py | 4 + ...onnone_healthcheckretryrulestypebackoff.py | 1310 +- .../models/healthcheckcollectorconf.py | 808 +- .../models/healthoverlaystatus.py | 58 + .../models/healthserverstatus.py | 4 + ...httpdiscoveryheaderconfinputprometheus.py} | 4 +- src/cribl_control_plane/models/input.py | 4 +- .../models/inputappleunifiedlogs_input.py | 4 +- .../models/inputcloudflarehec_input.py | 6 + .../models/inputconfluentcloud_input.py | 20 +- .../models/inputedgeprometheus_input.py | 47 +- .../models/inputeventhub_input.py | 32 +- .../models/inputeventhubamqp_input.py | 49 +- .../models/inputjournalfiles_input.py | 4 +- .../models/inputkafka_input.py | 20 +- .../models/inputkubelogs_input.py | 16 + .../models/inputmsk_input.py | 20 +- .../models/inputopenai_input.py | 13 +- .../models/inputprometheus_input.py | 41 + .../models/inputresponse.py | 229 +- .../models/inputresponse_logged_in_users.py | 43 +- .../kafkaschemaregistryauthenticationtype.py | 4 +- ...cationtypetemplateschemaregistryurlauth.py | 4 +- .../models/lakedatasetmetrics.py | 4 +- .../models/lakedatasetsearchconfig.py | 4 +- .../models/noactivehealthoverlaystatus.py | 28 + .../models/objectstoragefilter.py | 9 +- src/cribl_control_plane/models/output.py | 36 +- .../models/outputazuredataexplorer.py | 4 +- .../models/outputazureeventhub.py | 4 +- .../models/outputazurelogs.py | 4 +- .../models/outputchronicle.py | 4 +- .../models/outputclickhouse.py | 10 +- .../models/outputcloudwatch.py | 4 +- .../models/outputconfluentcloud.py | 4 +- .../models/outputcriblhttp.py | 4 +- .../models/outputcribllake.py | 1 + .../models/outputcriblsearchengine.py | 4 +- .../models/outputcribltcp.py | 4 +- .../models/outputcrowdstrikenextgensiem.py | 4 +- .../models/outputdatadog.py | 4 +- .../models/outputdataset.py | 4 +- .../models/outputdynatracehttp.py | 4 +- .../models/outputdynatraceotlp.py | 4 +- .../models/outputelastic.py | 4 +- .../models/outputelasticcloud.py | 4 +- .../models/outputgooglechronicle.py | 4 +- .../models/outputgooglecloudlogging.py | 4 +- .../models/outputgooglecloudobservability.py | 453 + .../models/outputgooglepubsub.py | 4 +- .../models/outputgrafanacloud_union.py | 24 +- .../models/outputgraphite.py | 4 +- .../models/outputhoneycomb.py | 4 +- .../models/outputhumiohec.py | 4 +- .../models/outputinfluxdb.py | 4 +- src/cribl_control_plane/models/outputkafka.py | 4 +- .../models/outputkinesis.py | 4 +- .../models/outputlocalsearchstorage.py | 20 +- src/cribl_control_plane/models/outputloki.py | 16 +- .../models/outputmicrosoftfabric.py | 4 +- src/cribl_control_plane/models/outputmsk.py | 4 +- .../models/outputnewrelic.py | 4 +- .../models/outputnewrelicevents.py | 4 +- .../models/outputopentelemetry.py | 4 +- .../models/outputprometheus.py | 4 +- .../models/outputresponse.py | 18639 +-------- .../outputresponse_outputwebhook_url_1.py | 18815 +++++++++ .../models/outputresponse_type_statsd.py | 164 +- .../models/outputsentinel.py | 4 +- .../models/outputsentineloneaisiem.py | 4 +- .../models/outputservicenow.py | 4 +- .../models/outputsignalfx.py | 4 +- src/cribl_control_plane/models/outputsns.py | 4 +- .../models/outputsplunk.py | 4 +- .../models/outputsplunkhec.py | 4 +- .../models/outputsplunklb.py | 4 +- src/cribl_control_plane/models/outputsqs.py | 4 +- .../models/outputstatsd.py | 4 +- .../models/outputstatsdext.py | 4 +- .../models/outputsumologic.py | 4 +- .../models/outputsyslog.py | 4 +- .../models/outputtcpjson.py | 4 +- .../models/outputwavefront.py | 4 +- .../models/outputwebhook_union.py | 8 +- .../models/outputwizhec.py | 4 +- src/cribl_control_plane/models/outputxsiam.py | 4 +- src/cribl_control_plane/models/packinfo.py | 2 + .../models/packinstallinfo.py | 2 + ...nationtyperestdiscoverydiscovertypehttp.py | 66 +- .../models/pipelinefunctionredis.py | 293 +- .../models/pipelinefunctionserde.py | 68 +- src/cribl_control_plane/models/pqtype.py | 4 +- .../models/rbacresource.py | 1 + ...onbasic_restpaginationtyperequestoffset.py | 1050 +- ...iscovermethodpostwithbody_discover_type.py | 1162 +- ...ollectmethodpost_restretryrulestypenone.py | 1250 +- .../models/restcollectorconf.py | 472 +- .../rootnodeconfredisdeploymenttypecluster.py | 20 + .../models/runnablejobcollection.py | 4 - ...ttingstyperunnablejobcollectionschedule.py | 4 - ...stypesavedjobresponsecollectionschedule.py | 4 - .../models/splunkcollectorconf.py | 224 +- .../models/updatepacksop.py | 4 +- src/cribl_control_plane/nodes.py | 320 +- src/cribl_control_plane/packs.py | 216 +- .../packs_destinations_statuses.py | 238 +- src/cribl_control_plane/packs_hectokens.py | 42 +- src/cribl_control_plane/packs_pipelines.py | 252 +- src/cribl_control_plane/packs_routes.py | 238 +- src/cribl_control_plane/packs_samples.py | 10 +- src/cribl_control_plane/packs_sources.py | 14 +- .../packs_sources_statuses.py | 238 +- src/cribl_control_plane/pipelines.py | 112 +- src/cribl_control_plane/routes_sdk.py | 258 +- src/cribl_control_plane/samples.py | 10 +- src/cribl_control_plane/sdk.py | 44 +- src/cribl_control_plane/settings.py | 4 +- src/cribl_control_plane/sources.py | 14 +- src/cribl_control_plane/sources_pq.py | 80 +- src/cribl_control_plane/sources_statuses.py | 238 +- src/cribl_control_plane/summaries.py | 4 +- src/cribl_control_plane/tokens.py | 4 +- src/cribl_control_plane/types/__init__.py | 3 + .../types/base64fileinput.py | 43 + .../utils/eventstreaming.py | 215 +- src/cribl_control_plane/utils/forms.py | 5 + .../utils/requestbodies.py | 1 + src/cribl_control_plane/utils/retries.py | 95 +- src/cribl_control_plane/utils/serializers.py | 87 +- src/cribl_control_plane/utils/unions.py | 21 +- src/cribl_control_plane/versions.py | 4 +- 912 files changed, 116791 insertions(+), 74852 deletions(-) create mode 100644 docs/models/activehealthoverlaystatus.md delete mode 100644 docs/models/authrequestheaderconfhealthcheckauthenticationoauth.md create mode 100644 docs/models/collectortype.md create mode 100644 docs/models/createinputcertificate.md create mode 100644 docs/models/createinputsystembypackcertificate.md rename docs/models/{outputresponseendpoint.md => createoutputendpointdynatracehttp.md} (64%) create mode 100644 docs/models/createoutputendpointgooglecloudobservability.md create mode 100644 docs/models/createoutputgoogleauthenticationmethod.md create mode 100644 docs/models/createoutputotlpversiongooglecloudobservability.md rename docs/models/{createoutputotlpversion.md => createoutputotlpversionopentelemetry.md} (67%) create mode 100644 docs/models/createoutputoutputgooglecloudobservability.md create mode 100644 docs/models/createoutputpqcontrolsgooglecloudobservability.md create mode 100644 docs/models/createoutputprotocolgooglecloudobservability.md rename docs/models/{createoutputsystembypackendpoint.md => createoutputsystembypackendpointdynatracehttp.md} (72%) create mode 100644 docs/models/createoutputsystembypackendpointgooglecloudobservability.md create mode 100644 docs/models/createoutputsystembypackgoogleauthenticationmethod.md create mode 100644 docs/models/createoutputsystembypackotlpversiongooglecloudobservability.md rename docs/models/{createoutputsystembypackotlpversion.md => createoutputsystembypackotlpversionopentelemetry.md} (74%) create mode 100644 docs/models/createoutputsystembypackoutputgooglecloudobservability.md create mode 100644 docs/models/createoutputsystembypackpqcontrolsgooglecloudobservability.md create mode 100644 docs/models/createoutputsystembypackprotocolgooglecloudobservability.md create mode 100644 docs/models/createoutputsystembypacktypegooglecloudobservability.md create mode 100644 docs/models/createoutputtypegooglecloudobservability.md create mode 100644 docs/models/getcribllakedatasetbylakeidformat.md create mode 100644 docs/models/getdatabaseconnectionconfigrequest.md create mode 100644 docs/models/healthoverlaystatus.md rename docs/models/{requestparamconfinputopenai.md => httpdiscoveryheaderconfinputprometheus.md} (89%) create mode 100644 docs/models/inputeventhubamqpcertificate.md create mode 100644 docs/models/inputresponsecertificate.md create mode 100644 docs/models/noactivehealthoverlaystatus.md create mode 100644 docs/models/outputgooglecloudobservability.md create mode 100644 docs/models/outputgooglecloudobservabilityendpoint.md create mode 100644 docs/models/outputgooglecloudobservabilitygoogleauthenticationmethod.md create mode 100644 docs/models/outputgooglecloudobservabilityotlpversion.md create mode 100644 docs/models/outputgooglecloudobservabilitypqcontrols.md create mode 100644 docs/models/outputgooglecloudobservabilityprotocol.md create mode 100644 docs/models/outputgooglecloudobservabilitytype.md rename docs/models/{createoutputendpoint.md => outputresponseendpointdynatracehttp.md} (63%) create mode 100644 docs/models/outputresponseendpointgooglecloudobservability.md create mode 100644 docs/models/outputresponsegoogleauthenticationmethod.md create mode 100644 docs/models/outputresponseotlpversiongooglecloudobservability.md rename docs/models/{outputresponseotlpversion.md => outputresponseotlpversionopentelemetry.md} (78%) create mode 100644 docs/models/outputresponseoutputgooglecloudobservability.md create mode 100644 docs/models/outputresponsepqcontrolsgooglecloudobservability.md create mode 100644 docs/models/outputresponseprotocolgooglecloudobservability.md create mode 100644 docs/models/outputresponsetypegooglecloudobservability.md delete mode 100644 docs/models/redisdeploymenttypesentinelrootnode.md rename docs/models/{redisdeploymenttypeclusterrootnode.md => rootnodeconfredisdeploymenttypecluster.md} (98%) create mode 100644 src/cribl_control_plane/models/activehealthoverlaystatus.py delete mode 100644 src/cribl_control_plane/models/authrequestheaderconfhealthcheckauthenticationoauth.py create mode 100644 src/cribl_control_plane/models/collectortype.py create mode 100644 src/cribl_control_plane/models/createoutput_outputwebhook_url_1.py create mode 100644 src/cribl_control_plane/models/createoutputsystembypack_outputwebhook_url_1.py create mode 100644 src/cribl_control_plane/models/getdatabaseconnectionconfigop.py create mode 100644 src/cribl_control_plane/models/healthoverlaystatus.py rename src/cribl_control_plane/models/{requestparamconfinputopenai.py => httpdiscoveryheaderconfinputprometheus.py} (67%) create mode 100644 src/cribl_control_plane/models/noactivehealthoverlaystatus.py create mode 100644 src/cribl_control_plane/models/outputgooglecloudobservability.py create mode 100644 src/cribl_control_plane/models/outputresponse_outputwebhook_url_1.py create mode 100644 src/cribl_control_plane/models/rootnodeconfredisdeploymenttypecluster.py create mode 100644 src/cribl_control_plane/types/base64fileinput.py diff --git a/.speakeasy/gen.lock b/.speakeasy/gen.lock index be56aea41..f9ec4d801 100644 --- a/.speakeasy/gen.lock +++ b/.speakeasy/gen.lock @@ -1,25 +1,25 @@ lockVersion: 2.0.0 id: cfa345be-20bc-4980-a260-c3fa74040ac2 management: - docChecksum: 70fdd4175b18ed88b946718a359c1d8b - docVersion: 4.18.1-37206a7f - speakeasyVersion: 1.764.0 - generationVersion: 2.885.0 - releaseVersion: 0.8.1 - configChecksum: ae9e6a751abe1db794010c97d9111145 + docChecksum: 0c3576342e0ff7acf000ef0c8c90fa31 + docVersion: 4.18.2-fd1f0d2f + speakeasyVersion: 1.784.0 + generationVersion: 2.911.0 + releaseVersion: 0.9.0 + configChecksum: ea8ccfd017cfe594a3597deb92f9e146 repoURL: https://github.com/criblio/cribl_control_plane_sdk_python.git installationURL: https://github.com/criblio/cribl_control_plane_sdk_python.git published: true persistentEdits: - generation_id: fe725283-53f3-48b9-b828-d74f71548027 - pristine_commit_hash: 8424cd0b9a42f177f05486ca4841defa3a4dc537 - pristine_tree_hash: d64ab9f6aba5faea2d8bf1e19fa1ce3fa559da10 + generation_id: caa62ed7-caeb-4e96-9634-7f593012a5fb + pristine_commit_hash: 173e8041e959bdb649b7499e5e6e72fd64a4a91c + pristine_tree_hash: 6666c65a1962eaceee58290a441625aa24371c2b features: python: - additionalDependencies: 1.0.0 + additionalDependencies: 1.1.0 additionalProperties: 1.0.1 constsAndDefaults: 1.0.7 - core: 6.0.22 + core: 6.0.30 defaultEnabledRetries: 0.2.0 deprecations: 3.0.2 devContainers: 3.0.0 @@ -34,17 +34,17 @@ features: groups: 3.0.1 inputOutputModels: 3.0.0 jsonlResponses: 0.2.2 - methodArguments: 1.0.2 + methodArguments: 1.1.1 nameOverrides: 3.0.3 nullables: 1.0.2 oauth2ClientCredentials: 2.1.5 openEnums: 1.0.4 pagination: 3.0.10 responseFormat: 1.1.0 - retries: 3.0.5 - sdkHooks: 1.2.1 - unions: 3.1.5 - uploadStreams: 1.0.0 + retries: 3.0.7 + sdkHooks: 1.2.2 + unions: 3.1.6 + uploadStreams: 1.0.3 trackedFiles: .devcontainer/README.md: id: b170c0f184ac @@ -68,16 +68,16 @@ trackedFiles: pristine_git_object: 8d79f0abb72526f1fb34a4c03e5bba612c6ba2ae USAGE.md: id: 3aed33ce6e6f - last_write_checksum: sha1:e0a54be8a98799a8226d6083749921acba723050 - pristine_git_object: 1c19260d323f6129c0a07c42b795ff719b2ef542 + last_write_checksum: sha1:33d5d05cfee6756bfd2c5351c71c3964ef5935ee + pristine_git_object: 8cc9e84bce956a80454da0d208b68412b79c0f57 docs/errors/error.md: id: 098e4ba23534 last_write_checksum: sha1:b9aed484e63b83e470d0c6a4d331406e21a40794 pristine_git_object: 12a8838e62d7de5fc2eb855a363b7913ba3f9566 docs/errors/healthserverstatuserror.md: id: 51079fa643e6 - last_write_checksum: sha1:41df9979f50d1208c2766215786811d3e4b18e37 - pristine_git_object: 3f82df23351da7a112046bf0bcd9824d54694c7f + last_write_checksum: sha1:dc55de1393d0bb27d33fc718eb088339c7658f07 + pristine_git_object: 69f80e9794c9ac89bb0a761f80358d93467490ae docs/models/acknowledgmentsoptions.md: id: 47b82108cc80 last_write_checksum: sha1:51e90ad3e52e42a08292916c52e8590b24201813 @@ -86,6 +86,10 @@ trackedFiles: id: 4230547b8af0 last_write_checksum: sha1:f9663885466c983bcce24a5d70e51d2be713f147 pristine_git_object: 89a9f8d96a55471984901e30fedf3e1a5a75fa24 + docs/models/activehealthoverlaystatus.md: + id: bdbde09c1f96 + last_write_checksum: sha1:bcea708e5327c444ec6531e17f7cca0c03697895 + pristine_git_object: 3d327a60a54a976aa4ab159ba25c158022f6b773 docs/models/addconffunctionconfschemaaggregation.md: id: 261c472b3181 last_write_checksum: sha1:baa877b941869561b0d94de0791e006fab7c1f79 @@ -218,10 +222,6 @@ trackedFiles: id: 58e5c050a79e last_write_checksum: sha1:0003911592fc0fc502b25f4fc00f30fd654ec46f pristine_git_object: 6e78f2cf291a72575be9dd47315608dc8b9c0260 - docs/models/authrequestheaderconfhealthcheckauthenticationoauth.md: - id: fa99e9ab9fbd - last_write_checksum: sha1:47ff78fe4c0d863d266f37ab39e4bf5de281b72c - pristine_git_object: 75dc5f7a5c1d58dfc63eb57592ef2bc51208141b docs/models/authrequestparamconfhealthcheckauthenticationoauth.md: id: 644bf0df5a9c last_write_checksum: sha1:99d83d275a9bba5a5bf54bba73ef4e38c366f308 @@ -244,8 +244,8 @@ trackedFiles: pristine_git_object: 70b028406d1a1b9da9b895778b959463599b460d docs/models/authtype.md: id: e7d1386db3fa - last_write_checksum: sha1:7cbb8f20b9c6ed6ed9f7cb82778cd89078a17efa - pristine_git_object: ef6e886abb641cdc6f7dd31566811e1b425d646c + last_write_checksum: sha1:9b7ab18aae0249395e6030c687d20118ea756c16 + pristine_git_object: eec9db67cb7f5e2535803dbd746906ac2840ec06 docs/models/authtypetemplatemanualapikeyauthtype.md: id: dbfa54c0a462 last_write_checksum: sha1:20bf4c6f7d3d1656e170669dead9d57613d99510 @@ -256,8 +256,8 @@ trackedFiles: pristine_git_object: febedcbe9d29f391c7f1e66ec8415616e5717539 docs/models/azureblobauthtypeclientcert.md: id: 43225ab4b57e - last_write_checksum: sha1:4723859f8b98a609a81cb7b9ddaddfd5f8e67779 - pristine_git_object: 2c891e87075a917f4bb1e8dbf54bc634ce7a155c + last_write_checksum: sha1:50bca381458a8d9ac82f1ed6adfb1f65cf45fbc6 + pristine_git_object: 37cdd1be287d8887742a0097409611b70ed7a5d2 docs/models/azureblobauthtypeclientcertauthenticationmethod.md: id: 3a8743f5103e last_write_checksum: sha1:4d791c2a106870168ae359f15abbf2b059753336 @@ -268,8 +268,8 @@ trackedFiles: pristine_git_object: 439e94af95b8b733ff3238b2ea342b9554c1dd51 docs/models/azureblobauthtypeclientsecret.md: id: fe0db87670fb - last_write_checksum: sha1:7f0ad06d48c998c5cee4aaa5545a8bdc106fab22 - pristine_git_object: 7bc20d01c88bd265124e5a3f8509e6697da483b7 + last_write_checksum: sha1:077b351653af8207c32ee6a6105fab1d2aef4433 + pristine_git_object: 3054d2c9d9c75cf2632901891b3063534b6ae662 docs/models/azureblobauthtypeclientsecretauthenticationmethod.md: id: e2176ff6e8b1 last_write_checksum: sha1:08790fce71663c9a3e58b7d19e396413a66f23d0 @@ -280,8 +280,8 @@ trackedFiles: pristine_git_object: 1f2b7a8710c96b1948b8662438258dd7fda30137 docs/models/azureblobauthtypemanual.md: id: 181dbdd2c6e0 - last_write_checksum: sha1:34e3598cfcc5c30672f7972627ed4387be60a11f - pristine_git_object: 29ebc16ebbae2163134dcc181cbc2eba887b6687 + last_write_checksum: sha1:c08036ed124952d080a71a8010e8f4f5e4ad9f1c + pristine_git_object: ff40da17c701b60235f14b9183d0c395bcfe08b8 docs/models/azureblobauthtypemanualauthenticationmethod.md: id: 53d8fa42f588 last_write_checksum: sha1:60c6be68498c15dfedaa9b0e08cb2613bde06929 @@ -292,8 +292,8 @@ trackedFiles: pristine_git_object: e05b3a5c6ee79a404db02c155a85c867eedecbdb docs/models/azureblobauthtypesecret.md: id: a48896a3f4b8 - last_write_checksum: sha1:5ae0a3e386c0ba6d08c9288c3f4ea7e354eb0e81 - pristine_git_object: aaecce7eaacae711318013693a284e86294e2052 + last_write_checksum: sha1:22a0835988b2836205d237c5f92b332fd5a4061e + pristine_git_object: ffcd646c4e49bfecaf720a8d76c4d2f82d62a3b9 docs/models/azureblobauthtypesecretauthenticationmethod.md: id: 64f39724f021 last_write_checksum: sha1:f12f6d487382e9bf22789513abb837f8b64c3071 @@ -336,16 +336,16 @@ trackedFiles: pristine_git_object: a79ee7cd685013b8dd2847ab235419fcfac23a0c docs/models/branchinfo.md: id: c4f285e2fed9 - last_write_checksum: sha1:6c8ac372c9001dec88196dd5b069922e7596dead - pristine_git_object: d3867656c42bd70028c965da1a86f6d08336c15a + last_write_checksum: sha1:b5744654aa12367e582f6a7f8c889215380794e5 + pristine_git_object: 4457d94babb6f35d1442d2698204792bd79de143 docs/models/brokeneventprocessor.md: id: 7719725942f5 last_write_checksum: sha1:ee67a9a0e187c83970d2a419e9cb9aa6148f29ae pristine_git_object: 3db6a5516975502dde2270e03f74f11f21db5fc8 docs/models/cacheconnection.md: id: 43b19510231e - last_write_checksum: sha1:57c57021a3f6b9afc7c9990bd5179e51d61d79af - pristine_git_object: 80bd7e3027c997b7e4d89b081a38a39a34151884 + last_write_checksum: sha1:a47f18bcbcb1a9ee5c4eb1b61a608a5f5b5c8ee9 + pristine_git_object: f041a9df6e6414c98992a137ef388104dd38f100 docs/models/cacheconnectionbackfillstatus.md: id: 3dd6d4ff5926 last_write_checksum: sha1:d9db6054944d78dd04407e7d5f5c843a0401cf41 @@ -462,6 +462,10 @@ trackedFiles: id: f145eaf0b9e3 last_write_checksum: sha1:e94cf40a295818ecd9a3fdeb3c9b4716055437e8 pristine_git_object: 3c5c6de010b15a3deefce58af15ec495852c04bd + docs/models/collectortype.md: + id: 99849e66741b + last_write_checksum: sha1:9fa862de0e00dd7fc37ad9e9f766e562a34f1e80 + pristine_git_object: 73b8ba0911a3c2f87cf178c7ee3d2ad3cf322f21 docs/models/collectrequestparamconfhealthcheckcollectmethodpost.md: id: ef748d9467da last_write_checksum: sha1:1381fad72e3f6f061a6afd5d74868d7576acd8eb @@ -532,8 +536,8 @@ trackedFiles: pristine_git_object: 756bc0e7d8fc007336d24219261d3acba48e317d docs/models/configgroup.md: id: 7f7c83526f8c - last_write_checksum: sha1:16d9b4f6f5a1b04c05c54f56d6599f18203483e3 - pristine_git_object: 2bdd9d9067984a8617b4d694e42512847fceb3e7 + last_write_checksum: sha1:d224b39a50aeb07f3858580c75ff7ac1a46566c2 + pristine_git_object: b82fd12562455475d2f5de9c38a0ebf1939e1d56 docs/models/configgroupcloud.md: id: 6bba10d8b38c last_write_checksum: sha1:a88a3e4def09e1eb5d6c70053f2e5c929c6a54e5 @@ -564,156 +568,156 @@ trackedFiles: pristine_git_object: 912295987d4d2123f490e9666b6e2da35faed6f4 docs/models/countedboolean.md: id: 5f211313799e - last_write_checksum: sha1:1f6bd6e881dbf9da2beb728c72a0522d1552993c - pristine_git_object: 12463d107005e97263584329f4947d41a23566cb + last_write_checksum: sha1:7258b708d0ad6169670be23da962ad1bf96fe232 + pristine_git_object: 50aca8bea435bbb41d8fbccd49e9a4dc571fe028 docs/models/countedbranchinfo.md: id: cab30d33d1a8 - last_write_checksum: sha1:1438de1d16983e57365754fc27c362295745ab80 - pristine_git_object: 292f4ec35cd782b8c71adc5d7913148f5677e6be + last_write_checksum: sha1:8721ff1a6a1cf4587483edc6ccc4c7d999ec017a + pristine_git_object: ecd2ddc0072e35840a7ed197d5005d589260afd3 docs/models/countedconfiggroup.md: id: ccc5071913a0 - last_write_checksum: sha1:e949a7d3bf1e102c6039810282af3f99be25e035 - pristine_git_object: 062686e006741b35e3eaa307bcdd0ffc19fb4949 + last_write_checksum: sha1:a0d0e0737633b8c25927d216833bbf50d80155c2 + pristine_git_object: cc89fb4a20d82fc9c704311c61347388934e7493 docs/models/countedcribllakedataset.md: id: 6bd413f9b941 - last_write_checksum: sha1:07c58f56e63e9cb7ee675c9a907ce4846879cff7 - pristine_git_object: e8836c70e389bc96b166c4f42130f6340320eb1c + last_write_checksum: sha1:d6c7243914daabb135cfc1958c1c4a4cdf3c617d + pristine_git_object: 75467c42e7d5beb6e3fd6ca25edfe391ff2e77c0 docs/models/counteddatabaseconnectionconfig.md: id: 8a7666ff0f13 - last_write_checksum: sha1:07b47ca204a5e9d69476b3259794e04971819657 - pristine_git_object: 35aa35cdb33ac1896e1e4fef5b1e34244395ea74 + last_write_checksum: sha1:268490ef94a67d4fe3917f5f7b548df5f127adea + pristine_git_object: 0be6a8734c2b3ae24f7c7cebf2d95ce937dd2db7 docs/models/counteddistributedsummary.md: id: 75c410ab1d94 - last_write_checksum: sha1:a750cd3b59856470dbae2a745c9b1bb41f132c4c - pristine_git_object: 2f1222848e76673cebcd7b24f10ea2ccd21a44e8 + last_write_checksum: sha1:af7b315d4cf2626ab8a01f3c33bac2d38089564b + pristine_git_object: 22168af94c8581713469ce3da4bd9bbe1859b384 docs/models/countedfunctionresponse.md: id: 43b6b2e50b35 - last_write_checksum: sha1:829393a32ae6a45aa303fc86a95d89aa11a53e8e - pristine_git_object: 7b2ab1a283051ff7efab2c3ffe431caf25a93886 + last_write_checksum: sha1:c6fbbd1c9bc286fa5d15b72fcc5ffbc54446009a + pristine_git_object: d60dcaca9695e4470ab625ce8d256904e71f5c05 docs/models/countedgitcommitsummary.md: id: 1f68fdbc15aa - last_write_checksum: sha1:b0eebcda0177d16e8affd2597c852f4525052216 - pristine_git_object: 0a20e22c9a4e1cd88be355bf43ff1db648992133 + last_write_checksum: sha1:cd48f39346b91ec4f083b440ee77a72f1343888f + pristine_git_object: 7e97927e4e0174423be92ee992a0b968716651f5 docs/models/countedgitcountresult.md: id: 277799168ff0 - last_write_checksum: sha1:a4bd662e0bb5aa0ca723d7004f813dadc6598e48 - pristine_git_object: ed814c70d7d2c9294550aad0852728ffff6edbea + last_write_checksum: sha1:c669f63863c7788db727670b1067b9d8531efac4 + pristine_git_object: fc4f3ea599734bd56660e3937e30274bb42bf41d docs/models/countedgitdiffresult.md: id: ec6eb1d76f92 - last_write_checksum: sha1:b2dcfc93abb51b3b68cadd842f4cad2c07e110ec - pristine_git_object: 8a04d1a68f254919c848fd9bc475dc5aa64cf7e7 + last_write_checksum: sha1:5dd016dfbc325c26af07cee9e51db5f9ff39b20f + pristine_git_object: bcd0855abbe6680bb8b659b89d54df00dabf68a7 docs/models/countedgitfilesresponse.md: id: 19970ab201fb - last_write_checksum: sha1:c7031f3ee04a290f252030b26d281c6c22bc4a4b - pristine_git_object: 36a647fc1d5f6e25baf7f62d4004d3a99e2458f0 + last_write_checksum: sha1:900b6c42d3f67fbe9b456a6191bea9e5d6285694 + pristine_git_object: 3762208b808d4934ec93f5a0dd8669c8d921ed7c docs/models/countedgitinfo.md: id: a94cd27da873 - last_write_checksum: sha1:d66da2760f9971cb598ff7d737f8825a101cefa4 - pristine_git_object: 701c0c865089e1b9f07543f34021968888816048 + last_write_checksum: sha1:59a8868db262b1777766d81518c578f5c7b2018d + pristine_git_object: 61794b022d7feacf5b3875cf82b668bc87ac7673 docs/models/countedgitlogresult.md: id: ac70be08f130 - last_write_checksum: sha1:46b9b1a89b248abe33aa14308b3dd65a47d74c23 - pristine_git_object: 0baf15fbe4f203f694cd1cc84dd41e4b377ef336 + last_write_checksum: sha1:07d7a91ce9cdd222061640b616d733e0d9116e42 + pristine_git_object: 635d3950dfb93bee2b82fd41f3f74197cb157b5c docs/models/countedgitrevertresult.md: id: e68dc76a9769 - last_write_checksum: sha1:6c12b6ad44e106b231ff36f1def3e1b61e8a5328 - pristine_git_object: a249871305ef1f89ce2107573bb2a366621eb972 + last_write_checksum: sha1:eff337cec4f6322e51829fd9eeb3896d8654c173 + pristine_git_object: c47782fd2c46804cd61b5f7d1f764ec420e10123 docs/models/countedgitshowresult.md: id: ae859dbbd66d - last_write_checksum: sha1:1ed26a56c3c93fd0e7f6da2c0eb38609210028b7 - pristine_git_object: dec357e8a3589bc6fb11dc19f25e183d8a68de69 + last_write_checksum: sha1:0a42a526bb73a5f54a3371ddc8ffa2160745cda3 + pristine_git_object: 3b1c3bfb524aefc68516d25ec88cf6a96d63b252 docs/models/countedgitstatusresult.md: id: 9b2c819f7cdc - last_write_checksum: sha1:4bdae01e81fabb6178b5c70b32beaa229ff6396c - pristine_git_object: 34dbdfec58e980e6b320cbacb34ae4f345611015 + last_write_checksum: sha1:321e7a491bf66e3b27ad71258c1e15af79fb8f53 + pristine_git_object: 579c90084265895fbabeb7d6f9503ebdc19ab32d docs/models/countedinputresponse.md: id: b6b2fc1dbb36 - last_write_checksum: sha1:5a316899c514d9a3edbac4f7e61aaa9cbd5b3d4a - pristine_git_object: a250cb07bb5dc19d0d17b5bcc8ee65f6e280c57c + last_write_checksum: sha1:383e098836f5433edb61544dfa697725036cda76 + pristine_git_object: f72ac15be7c0b5502cd22c3de5b6ab49b656cfec docs/models/countedinputsplunkhec.md: id: 49782baf5571 - last_write_checksum: sha1:df686b28a94625219874cd0b12e0c2a2805be750 - pristine_git_object: dc20982787d87b3a11c3b6986370d1604c42c8b7 + last_write_checksum: sha1:55172fe361b3c8907bc69d0a8c7cb32217937d3b + pristine_git_object: 20b9691be7f75937c12a259e2cede1370d6c8321 docs/models/countedinputstatus.md: id: e21fc88b1b4d - last_write_checksum: sha1:0c031aeca66dcd5cff192e80f1bedc33a77d51f6 - pristine_git_object: 9ee221adeeb58f78f2acaecdd055a940812d1dcf + last_write_checksum: sha1:bee6ac90f1fbaaacfcfcad826c71b0c9fada431f + pristine_git_object: 4bb34f01ab90583ca6d0adb195fc05c0390441d6 docs/models/countedjobinfo.md: id: 0515baa0b6d8 - last_write_checksum: sha1:6680b02b16c2ed20d756f65ac50a6f20107f363d - pristine_git_object: ec7333aaf2745ffe1d47de83568b663aee7c9246 + last_write_checksum: sha1:1b7a84d4a04096bf7579345250278bf27694f88f + pristine_git_object: 1bda344faa011198814cae3ddb60340ab0b6cb18 docs/models/countedmasterworkerentry.md: id: bc5b9856a5e4 - last_write_checksum: sha1:3c078c852c5f8cfd23392aef6d89a90a16ed1dbc - pristine_git_object: fbb48838348dacc5e8e306e76189f7952eb17f12 + last_write_checksum: sha1:b8f4b57a09a7f5b913c56e6486c6279c7c7b7cf3 + pristine_git_object: a66c51e71db4ccc40c77811bddf04f7f7b4679c6 docs/models/countednumber.md: id: a265c4629b1f - last_write_checksum: sha1:c040d90d271a54afc91c04eb31954728fa9fe268 - pristine_git_object: 9cb72729d3d8adb688aedc6bb342dc918041574f + last_write_checksum: sha1:01ede441b21d43b52e4a59847f850cc1b32bf6a2 + pristine_git_object: 5920353a3ec8f0c3f4ffd28157c2d272a04a5264 docs/models/countedoutputresponse.md: id: 4361bddb2b4d - last_write_checksum: sha1:1d2208e7566c407128bf2e9f6eaad48c5c6f76f3 - pristine_git_object: 212ddf13e3c76a285d9be77468f48fb81805e183 + last_write_checksum: sha1:e0bc2253b0299da8badeddd72ad73f3951d043a2 + pristine_git_object: 0105474d75f50abcccf1bf7bfde016835e80559e docs/models/countedoutputsamplesresponse.md: id: ec9f2f9ddf91 - last_write_checksum: sha1:6541a1be3e1e011bd42f531a29368e1fcc9912a2 - pristine_git_object: 69c589722c7ec07784b9230a8a0841fb2bae8b26 + last_write_checksum: sha1:dd9274964f52d007258cd59cfddcdd2b0f00216d + pristine_git_object: 907c6385115bb3b556cc3697f1a397d014b37f39 docs/models/countedoutputstatus.md: id: 724ee60d86bd - last_write_checksum: sha1:9bcd1f1a20d56bbb8b6609504268878eee58b751 - pristine_git_object: 73e8fa0cb7806136e07968798136aec783688ad1 + last_write_checksum: sha1:150a0b94b2fe0458d064a0498ef7dfc333348ca0 + pristine_git_object: 37128975d28ffe777ccb76fa9b367deed06c8967 docs/models/countedoutputtestresponse.md: id: c7b6172a959d - last_write_checksum: sha1:bc038d2449704431fc3e047782c001b8b87229eb - pristine_git_object: 8fd742726fadbf4b695b910029630d848a72f6ca + last_write_checksum: sha1:79ed6680b9dbd21c1cb411af2af20abf77c7f051 + pristine_git_object: d9b215265514c9dae1af974095794f23309f4e65 docs/models/countedpackinfo.md: id: f473002a74bb - last_write_checksum: sha1:75df5634c4ba8f36b215a8fc45b02e7bfdd4e08a - pristine_git_object: 72f327591798c99eb2e40144c448b96f4e3577c3 + last_write_checksum: sha1:d29d6bdfb9ade45d9639291d8c6ffabcc328d29a + pristine_git_object: 0cacb92d79b914fb3ce0e7a1c7039b220f3bd60e docs/models/countedpackinstallinfo.md: id: 1af61ab7b360 - last_write_checksum: sha1:96198b2c6a8a16b765d47345b1ac486ee84fcc07 - pristine_git_object: 396e3a7814b3adb7ca5666589de6e7485bacb1aa + last_write_checksum: sha1:1068d14028125c4b25aa074ce253f31150685830 + pristine_git_object: 77fb086f86b5b5e4a23ab3fcb502150b5ea767d2 docs/models/countedpackuninstallinfo.md: id: e30a267eb9af - last_write_checksum: sha1:4d96166ba8c3413231bc23e923e62a69bbedc0d0 - pristine_git_object: 02d3d00412bdfb995c85a4cd7547e9a119d14754 + last_write_checksum: sha1:48ac76b221a48cb250cf4f558bbbc81448a286c8 + pristine_git_object: aea684986ab01154d9fcefb4251a96de316de028 docs/models/countedpipeline.md: id: 381bbf78066a - last_write_checksum: sha1:48854d4a8814256b2d0b483f5e02e9aea4a5c964 - pristine_git_object: e0cb8f11485a53fa51f037a2b1ee5682230e1099 + last_write_checksum: sha1:464eb0876697ff7c79900695ff515620014f012e + pristine_git_object: 9236223317ece14a385cbd490fe8e2f96efb4f77 docs/models/countedrestartresponse.md: id: 565297be8b11 - last_write_checksum: sha1:7e0d4d97bf2743b83786dac2c43f313a5e26d487 - pristine_git_object: 0ae1988c06038166f684c3dfe66f8f63e0908258 + last_write_checksum: sha1:886ec00c1a3e005766a4e051b53a4c0b05dd955a + pristine_git_object: 8bd8544a741b069a64859d4cfd50f0f2088e9a98 docs/models/countedroutes.md: id: 5bd8f7e84bbf - last_write_checksum: sha1:070b990f817754aae66a02fd14e4804615061c25 - pristine_git_object: b21e7b876c77130849b0c6033b4c53d669453a5a + last_write_checksum: sha1:59613b2db829caf7052a752a93f058899984fd2e + pristine_git_object: 9204b9a0ff3021addd37dfd3e4f7f11f14300be9 docs/models/countedsavedjobresponse.md: id: 4019d7ab3a8b - last_write_checksum: sha1:4dff0177a8f2431f8a08831f3e7b926a083e1236 - pristine_git_object: 409fd138af0b4ee4ff8592f8db0912f21b276544 + last_write_checksum: sha1:e1f80d5035197fe31fd91f623bfd8c79c5569eef + pristine_git_object: 8727652bf3da43797f5badaf28ec0f118ebb5d7c docs/models/countedstring.md: id: 838a204ff6ff - last_write_checksum: sha1:45de2761dde81bf3b32a61eab3c90884008e2e47 - pristine_git_object: 2fece59877495c03e2acf981876277d11afd0fde + last_write_checksum: sha1:10a8cece2ec0eb3f88882c33a09b27868018fbfa + pristine_git_object: acf48782adf431e6700565b6100b6fc14990b67e docs/models/countedsystemrestartresponse.md: id: 81d8aa8e0b67 - last_write_checksum: sha1:74ca724a16c305cb236e3185b456ea61de867eda - pristine_git_object: ff539cde7c21eb6490d1a02dd406134c5b9341a9 + last_write_checksum: sha1:e0c36878db6f1d7958a902effa13bdffb00ee410 + pristine_git_object: f1a91bf1ca5aaa88b3d808d05310f781def26213 docs/models/countedsystemsettingsconf.md: id: dc229c0f9ad5 - last_write_checksum: sha1:2f15cc2922ec2d521aa2946fa00529cf4d9d4097 - pristine_git_object: e37ce5ae9114c2dfae21b02d0221cef47ba35b51 + last_write_checksum: sha1:42061fb23db8d66de730415a60e9e25359ac97dc + pristine_git_object: b1e274a58e4738ac60fe54dfeb233ddbeb9c24c3 docs/models/countedteamaccesscontrollist.md: id: 5f38314cd2be - last_write_checksum: sha1:05e2c4146544722d20a38ad12f78dfe1104829f6 - pristine_git_object: 507b4d53551ac92f9836f6159578e3cf21cf82f2 + last_write_checksum: sha1:4a455a23e3415fa359f95711f4bc3fb4895b6a96 + pristine_git_object: a3c05a7b54aa30fed7e6e74a4efef65f5487084e docs/models/counteduseraccesscontrollist.md: id: d91eba8e54ef - last_write_checksum: sha1:155bb06a8355bfa07a2861a57e9cb4fb9b4f028f - pristine_git_object: fd500225baee8751647df644eb995d1851390f25 + last_write_checksum: sha1:2d24965e5eb0b93f641243ffe0b17617806e206c + pristine_git_object: 11537d361e735380a93e81067b704d7de8b92b9d docs/models/createauthloginresponse.md: id: c36f5e51e2e1 last_write_checksum: sha1:e2c378e925085035251685c8e7a67427de588e1e @@ -740,8 +744,8 @@ trackedFiles: pristine_git_object: e24f68290e64ed5db0a5534da1af0b0a4546b225 docs/models/createinputauth.md: id: 327e30a66f73 - last_write_checksum: sha1:9cc1280c634422bacf063764784350d721ade3f1 - pristine_git_object: 494f655675bc96fd60a692b857e8f2c10381218f + last_write_checksum: sha1:2ace32d84b9923bbd6d7c8b7cc559a0cd554e0c9 + pristine_git_object: 74de67c9cf07ad04befc0aa17bb27b14e9b06a13 docs/models/createinputauthenticationmechanism.md: id: 410669deb02c last_write_checksum: sha1:228f3d42cdeb37551915501086fbdaa630b4968e @@ -800,8 +804,8 @@ trackedFiles: pristine_git_object: 336765edb7030bfc174bff36073bb0b6e3159f1a docs/models/createinputauthtokencloudflarehec.md: id: 3ae98e79a5cf - last_write_checksum: sha1:8508bffba2f048999aaa1d3941a3090599daf662 - pristine_git_object: f322586d7c55eb438784557ce6f5b197e9916390 + last_write_checksum: sha1:5a2ad353c609a6be81b37a7d6b32c6c969838cad + pristine_git_object: c7e14a79a13cc2bcdcd8bfbabe61470c9d63f8c4 docs/models/createinputauthtokensext.md: id: 0d389cb46d97 last_write_checksum: sha1:b2061448bad737a17598b56927c94cc6761c46f5 @@ -822,6 +826,10 @@ trackedFiles: id: 89b444189d6d last_write_checksum: sha1:7aa73528952ce153300074bc27acad65ce28a0b4 pristine_git_object: 68b01c4e69b489352a6947871be11ec1c0f2cd8b + docs/models/createinputcertificate.md: + id: e5545ec89a30 + last_write_checksum: sha1:ce8dfb227d187d6798dee452d3443c738115d8c6 + pristine_git_object: 622fb9631dbc54cfead2c9dbd0b70329800c398b docs/models/createinputcheckpointing.md: id: 060ea4207c66 last_write_checksum: sha1:d17fffb50aeb571481c350181e186d429639510d @@ -848,8 +856,8 @@ trackedFiles: pristine_git_object: 48baedcf97af97e0b355b6d61a685007f6e62e0a docs/models/createinputcontentconfiginput.md: id: 55f3e20608eb - last_write_checksum: sha1:7681b0525b08a1abc13d1f61e8235aa3a8145543 - pristine_git_object: 5a7da32f9b8131c46c09948309ee62c672c9de3f + last_write_checksum: sha1:5a8e8ec54c0a40b362b5403ff99c4fcd92712139 + pristine_git_object: e2a48008296e205aba744e31d018d29da0492110 docs/models/createinputcontentconfigoffice365mgmt.md: id: 7626bd623030 last_write_checksum: sha1:9042fe09b2e521798cef09fc00d45e329603d004 @@ -888,12 +896,12 @@ trackedFiles: pristine_git_object: bb778d436cd4f36128d7d5fdf7409eb7b4ac1ff2 docs/models/createinputdiscoverytypeedgeprometheus.md: id: 0328448d7b88 - last_write_checksum: sha1:aa14db1766bf5469104c4ba5094f9ee6145bb7ae - pristine_git_object: e7462eee2e1b5d41c2bf166d3f55bc8d63dce0e2 + last_write_checksum: sha1:a7fb77e2eed67ea64ff842a1d4434bb5edd4976c + pristine_git_object: 9385ad86fee4cc16ef986d4dbc46977586c126f0 docs/models/createinputdiscoverytypeprometheus.md: id: de0194b65cae - last_write_checksum: sha1:4e79587426d8892a0c44b178d9322aeff9595651 - pristine_git_object: 27576d15522a471ff61cf487df9b4f66551edf90 + last_write_checksum: sha1:c5125ea26ee30f049b67fac6cf37a6a4809d5ef6 + pristine_git_object: 66d0ad3a13cb0b8b6e4ca2c521e9be909f054bac docs/models/createinputdiskmodesystemmetrics.md: id: 3de632ddc560 last_write_checksum: sha1:cef1b5a988edebc5a5b327773191ff448d584faa @@ -980,8 +988,8 @@ trackedFiles: pristine_git_object: 87b020160a22c9c8aca522a0b2181d8102bd935c docs/models/createinputinputappleunifiedlogs.md: id: b38e9fa29997 - last_write_checksum: sha1:5f5562c93c2749b040d01ed4e1643f0682370620 - pristine_git_object: 2ae8c1d92c5112273675d9192c114a9a3aca2655 + last_write_checksum: sha1:431d3c88b56035c434a421275d9e32b522200b2a + pristine_git_object: 273cc699b73c41ed746b1a3e8190955248d4ec03 docs/models/createinputinputappscope.md: id: afb18990ae93 last_write_checksum: sha1:d8274ae84bcd2208dd8f549fc43b1adb94053bf3 @@ -1000,8 +1008,8 @@ trackedFiles: pristine_git_object: 6c66685582a1d38d8f68bdf4fbdde937e9739183 docs/models/createinputinputconfluentcloud.md: id: 39da2b8099e8 - last_write_checksum: sha1:9897a8c92cf51cbbf138fa09ffe59914ffd2f995 - pristine_git_object: a566efeeb7febae357b0173daf3efb62f7c53a2c + last_write_checksum: sha1:05ec68c3ce09534525b231a7a4d3b220c0a1fe89 + pristine_git_object: 2e9f31dfa985f1ff1ecfcd0c36559f4d2bd97d26 docs/models/createinputinputcribl.md: id: d2255710816d last_write_checksum: sha1:b0f5ee7df110f7b8b284804289defbc75627a16c @@ -1036,16 +1044,16 @@ trackedFiles: pristine_git_object: 676b89f6eb0c28deaf6d13ddd5af8a728ace68d8 docs/models/createinputinputedgeprometheus.md: id: 20ef3d311b43 - last_write_checksum: sha1:109fa9d7c77b705d0253b2cdb74f504f06ca2f71 - pristine_git_object: 4959184892d1f415513a9789717c7fb1734f1249 + last_write_checksum: sha1:b18423b3f4cbfe78deda57ffc32544f4d554c953 + pristine_git_object: 8001d82da433cba66a3766865f416e150cbc530b docs/models/createinputinputelastic.md: id: 3d180ba57ce2 last_write_checksum: sha1:d0059be9a1c6481f308362e3475e54939c4d53b4 pristine_git_object: 9f3ca6afadf59bb773130d55fc4214e18d419f00 docs/models/createinputinputeventhub.md: id: 519e2cf82f1b - last_write_checksum: sha1:182d9ca834630b9aeacce0226722620588df0585 - pristine_git_object: dba81b7b3557fdef886732a59c3aae0e86f8c7fc + last_write_checksum: sha1:3b9ad6516e4dc9394381ced50f79f79c67843567 + pristine_git_object: 0e1f3300d7ac3af91b14d3c4a2a8c91795aa9229 docs/models/createinputinputeventhubamqp.md: id: 1d85feb8c208 last_write_checksum: sha1:9bdae2039b1e24b3d51191475c553d5a16619a52 @@ -1108,8 +1116,8 @@ trackedFiles: pristine_git_object: 43259f9f6d02693698c132818b18b4ece9325351 docs/models/createinputinputjournalfiles.md: id: 6f5fd60da521 - last_write_checksum: sha1:07f9490159491ec99e93e5fa3789a8bfccde5823 - pristine_git_object: 28e4baaad4281aaf23854cc1a72b9d652cf9228f + last_write_checksum: sha1:e5eb0b99f761678ba5578ab98b981d6ff248d620 + pristine_git_object: 1eb6457a3880f4b4b02b6ae626a2054e10f79227 docs/models/createinputinputjournalfilesrule.md: id: e4029c583895 last_write_checksum: sha1:a5a64ef36579d49718c73b50a97f64f8f20bd170 @@ -1120,8 +1128,8 @@ trackedFiles: pristine_git_object: 39bba5aeac59e6fb0ad037e114250643cbd56b1b docs/models/createinputinputkafka.md: id: bb7280cb324b - last_write_checksum: sha1:75215289c47cb75b7ea05b9f84785b4d423d208e - pristine_git_object: 11ba90ffea18bd6d9111b7eddab4f6eba0c2e788 + last_write_checksum: sha1:0e6da8ed57a86ba79a6a5ef013467656f8527f03 + pristine_git_object: f7d09f724789e8aef46b5846f0f6735afa796ebd docs/models/createinputinputkinesis.md: id: cb4f18b0fd0b last_write_checksum: sha1:f49aecb8538d2fad3e9cdacb64d51e719be13027 @@ -1132,8 +1140,8 @@ trackedFiles: pristine_git_object: e2445f7938570f7ff0b38c2d733e2ff1b19716b3 docs/models/createinputinputkubelogs.md: id: c5b79127f396 - last_write_checksum: sha1:6c02efe70aaa1be219004cbf274ff18ecbb3b574 - pristine_git_object: 8281ede17dbf69bf6157b1783804768823f335e1 + last_write_checksum: sha1:26b78c6f1c20defcef3b373bd1f75dc8a9d5d4d1 + pristine_git_object: b3726aef860f45653e434a150a8dc3125d3efc8d docs/models/createinputinputkubemetrics.md: id: e42754185352 last_write_checksum: sha1:268b8b65f3f4b895c205f7af3eaf8523576d6bbe @@ -1156,8 +1164,8 @@ trackedFiles: pristine_git_object: 982b7fb467fad154caa638af90c1e0c23e3bccba docs/models/createinputinputmsk.md: id: 15adcb66d053 - last_write_checksum: sha1:f47df3f2aec4214a4ba6724ba73e2215fca8b2f6 - pristine_git_object: ee3242eb961f58998f50d9ae5cacb3a18b724da2 + last_write_checksum: sha1:74a8eec17311bb4ab83641931bee58b7f08c652e + pristine_git_object: 9c7ae020e26af79f5928a85aadbf53725952786a docs/models/createinputinputnetflow.md: id: 1ca2f9008285 last_write_checksum: sha1:39d68158d2b46fe0d450ebe6da628a39c3249a2c @@ -1192,8 +1200,8 @@ trackedFiles: pristine_git_object: 8b9f63a7ad041031a307f3b0089be0041cc9b79f docs/models/createinputinputprometheus.md: id: 646e34e21d66 - last_write_checksum: sha1:c6f057c6dcd5d769f88a7352e01ecce05eb7ce40 - pristine_git_object: e9d9d8cf9ebaee6afe04a36026c8027cd37cc266 + last_write_checksum: sha1:ce1503766fc6fbefd53078e66c0d7a522b167ada + pristine_git_object: 63b6c9be7af80b72c5b4a94e1e553673f218632e docs/models/createinputinputprometheusrw.md: id: e52eef6a03d6 last_write_checksum: sha1:530789b241202fef069947fc182610dd9967746e @@ -1532,8 +1540,8 @@ trackedFiles: pristine_git_object: 67958c135c54cbbc071b80a63c49a91342a33191 docs/models/createinputsystembypackauth.md: id: 0301b6b19e1c - last_write_checksum: sha1:1ba4479a2b37459262aa609fc7e8addc7f05ae6d - pristine_git_object: fb0531cfc3fb1f67dd36f2cbf65f445429de3408 + last_write_checksum: sha1:348155b7d7f550c490efa52614cf1c15aa0d3ee2 + pristine_git_object: ab7fe057c57cb4e6448168bc7f1e2aaafc5f8d60 docs/models/createinputsystembypackauthenticationmechanism.md: id: 9717211a5b80 last_write_checksum: sha1:f0853681f118454a265140899ae0ee8a3def0e92 @@ -1592,8 +1600,8 @@ trackedFiles: pristine_git_object: 8366a47658a7d0681622224a73e7c117ad163c97 docs/models/createinputsystembypackauthtokencloudflarehec.md: id: 09122d4e4f24 - last_write_checksum: sha1:9342c06f98825c39752f0df0336137588db01a05 - pristine_git_object: 055b376c080292bf9d1b5d52eccfaa181faf183c + last_write_checksum: sha1:363fcc4db7716dfa0c75298406ffa3698e17d256 + pristine_git_object: 1ec9fe1e083bca1e8264fd1aad602a883bc6f95a docs/models/createinputsystembypackauthtokensext.md: id: d97bbd111275 last_write_checksum: sha1:78197cc3b99b9bff886f8d61f66c97e3420c55a0 @@ -1614,6 +1622,10 @@ trackedFiles: id: ad62de702664 last_write_checksum: sha1:cc9fc76f60a968f95241a0f59304b324235fb20f pristine_git_object: ee859542d0ab9b8537bf7e19cf64a9bde108a0f9 + docs/models/createinputsystembypackcertificate.md: + id: ee50fc08c7b2 + last_write_checksum: sha1:a270fc337982207415b67075b110b98ce73d42b8 + pristine_git_object: d71f3f6f5538638217a93ea141d11a0acb336021 docs/models/createinputsystembypackcheckpointing.md: id: bf1b9ecb5de6 last_write_checksum: sha1:8ed98e5e41c6685572562463fc362651b1df59d3 @@ -1640,8 +1652,8 @@ trackedFiles: pristine_git_object: 7428acef37a6b2abe98810e76afe768f5ebad62f docs/models/createinputsystembypackcontentconfiginput.md: id: 06ea8d90625c - last_write_checksum: sha1:023c4467a7b8b1d092874c8754db0117f828ef14 - pristine_git_object: 2dc250937442e53271cb0f4ab52504eb8dad2a1d + last_write_checksum: sha1:8afe8a9d1cf32edbd94598f93274d011c4b664c0 + pristine_git_object: 255dfe49c4e48e9ec5a7332e88f03954b4cd91fd docs/models/createinputsystembypackcontentconfigoffice365mgmt.md: id: b520840cb933 last_write_checksum: sha1:fe9413abd7a9f324924a448373aeab5d320afbab @@ -1680,12 +1692,12 @@ trackedFiles: pristine_git_object: ad3760d76901e8ab28e2a38a03745ab89865c5ba docs/models/createinputsystembypackdiscoverytypeedgeprometheus.md: id: 16571c9e2ead - last_write_checksum: sha1:6fe1f9f5a88378b9dad912f10c77c58a63eaa555 - pristine_git_object: bac78f545aa475456ebd573432fe05371d6a3236 + last_write_checksum: sha1:dce9acd21796d83f961e37266085b05461644d92 + pristine_git_object: 079e6abdf97facd73a21049fdd4f7a0c6f82b9c2 docs/models/createinputsystembypackdiscoverytypeprometheus.md: id: a13358d37a92 - last_write_checksum: sha1:b39d3bd4369679545c703c35a19de1ae9b967f52 - pristine_git_object: 309835c03c46de1b57445e217f38c68bef629fa9 + last_write_checksum: sha1:128dd6d1864a01ef4c71dcd0a8f47324fe8fba25 + pristine_git_object: 4e28f7c9fc5549e5eb6aaf5cedb71278609aa3af docs/models/createinputsystembypackdiskmodesystemmetrics.md: id: 266c40e4a053 last_write_checksum: sha1:88d94c877a3230fac1fc68652d64edcdb11e1d68 @@ -1768,8 +1780,8 @@ trackedFiles: pristine_git_object: bcf8fdc4360d2604b6b3b10d8df3bd825c5f7acf docs/models/createinputsystembypackinputappleunifiedlogs.md: id: 815af1a95329 - last_write_checksum: sha1:9b137b7e8e07859e78d45eff83dd062463dad0c9 - pristine_git_object: e6608594cd58846f7b5312c299c320e927dfb30f + last_write_checksum: sha1:f998ca62ff0d3b0d59d39712c55cab66e56d2acd + pristine_git_object: b478bce3ef1ed56a99de39e893789fd9590bdf84 docs/models/createinputsystembypackinputappscope.md: id: 7f2753eed7c8 last_write_checksum: sha1:4deacf0882acf3efca55c28afabcaf6b5bef07ed @@ -1788,8 +1800,8 @@ trackedFiles: pristine_git_object: b0a198e89ae8e5321b9fe7be98fe7810bb06014f docs/models/createinputsystembypackinputconfluentcloud.md: id: c930e9d0440e - last_write_checksum: sha1:d31d07c7d1d62dd8e12290764fbbc931e84fe1e3 - pristine_git_object: 710cd56ffa20790ec32868ec025e719c282d7175 + last_write_checksum: sha1:ad93216effd0c8b1035d18711f4bf44a1cc15cdc + pristine_git_object: bea850ff59ea17739c661d5ac74c85ee9be041e6 docs/models/createinputsystembypackinputcribl.md: id: 6a5e219a7b9b last_write_checksum: sha1:3e1a6e8003cd4ad5196416a45fae5b42af3212e4 @@ -1824,16 +1836,16 @@ trackedFiles: pristine_git_object: 9423c874c3c4d926bc37691133d40bdf8354f09f docs/models/createinputsystembypackinputedgeprometheus.md: id: 6e26d1358be1 - last_write_checksum: sha1:5052338ecc49050286942af94c9ed945d2628e10 - pristine_git_object: 7adbac44e30b4d497f73289cab982c827a682df1 + last_write_checksum: sha1:1f17464bab1c8adacce092b8404cf12f0ac1c480 + pristine_git_object: dc63efa5ba8f1f0f71cbea58cfa1a8b7668bb47d docs/models/createinputsystembypackinputelastic.md: id: 227bb3344dbb last_write_checksum: sha1:9010fa869f0a1b843b4f5ea2bb70dabfeb2ac5cf pristine_git_object: 94b177107fc8dce0a8e1e557f4fdfffdadcf020b docs/models/createinputsystembypackinputeventhub.md: id: 887d52c0e941 - last_write_checksum: sha1:bfa9dfa5dee3e54c8266a7d97c18bb7d93bb7c93 - pristine_git_object: b3335bf0a02ad991665ccff75618aece98750dac + last_write_checksum: sha1:ff1743a3f7bc438aa654153888c09c1740a65baa + pristine_git_object: 096f7c1620084a6c231f23540bc7226908d0b188 docs/models/createinputsystembypackinputeventhubamqp.md: id: e66e221b7074 last_write_checksum: sha1:1c478696dd247e412e9d9b656a7252dc5b349d98 @@ -1896,8 +1908,8 @@ trackedFiles: pristine_git_object: e6a1ae5d61c403550f823833376a8c88a7f5d75b docs/models/createinputsystembypackinputjournalfiles.md: id: f4fbfd2a7b09 - last_write_checksum: sha1:81f3b2019789259796044ab48abb5f9ff7056cd7 - pristine_git_object: f4129e4a56aac3e6edddc8de059dda284310df84 + last_write_checksum: sha1:b32c7fe73537d17d2177be7f065af1ee021b8672 + pristine_git_object: 0cc25f5cefff04e4c55def2c45ec826d1c6f8fc4 docs/models/createinputsystembypackinputjournalfilesrule.md: id: b7adac10942b last_write_checksum: sha1:afa472c2cfcd3643b2065009262f5dfa389002b7 @@ -1908,8 +1920,8 @@ trackedFiles: pristine_git_object: 0d7b32f1e96d791b4ddb1eed5008b498ef686389 docs/models/createinputsystembypackinputkafka.md: id: 372bffde20c1 - last_write_checksum: sha1:133e08e7c3326f6608511f228fa26b2b3efcc1b3 - pristine_git_object: 254609d7f3fad49c6f3825121038d9a1068f8ed2 + last_write_checksum: sha1:85f5b437b6e23116c0be2202798e25300a1d0284 + pristine_git_object: 1373f8415ed6e8ce001a8a15c7b0adddf2432ec0 docs/models/createinputsystembypackinputkinesis.md: id: 3daa324bd3e5 last_write_checksum: sha1:e22ce1c11089f524a25bd5958defaa65ef74d609 @@ -1920,8 +1932,8 @@ trackedFiles: pristine_git_object: 92dfd433ed1b774cd755be37ecb1865f30cc6e6b docs/models/createinputsystembypackinputkubelogs.md: id: da9b8da4bea6 - last_write_checksum: sha1:3bdebf4e62f30902922a4393c3a24ac982836494 - pristine_git_object: 4323a312252122a886aa1cc6fb2ada98de4c36f5 + last_write_checksum: sha1:ef6d2a8ddff4be309bf80770131a9bb193eb3e02 + pristine_git_object: ee71df8c549b4ae2f8a921341072fc509e928847 docs/models/createinputsystembypackinputkubemetrics.md: id: 2ad3c0b42808 last_write_checksum: sha1:c247264137cb88ffe57fb682632ad93559a178e8 @@ -1944,8 +1956,8 @@ trackedFiles: pristine_git_object: 61819cbcd0780e9535fdd882520c77a358677b45 docs/models/createinputsystembypackinputmsk.md: id: 545b078614cf - last_write_checksum: sha1:6b6cd092f1117fa62097258148dbb6fbb126a500 - pristine_git_object: 306588b8cbffc80fa556a45e316061323469af03 + last_write_checksum: sha1:1ef63973ba825778703a9ba17120e8654be48486 + pristine_git_object: e0f9985022d47ec8a23b797dc3ce631753392eb5 docs/models/createinputsystembypackinputnetflow.md: id: 4d77d67d0cc4 last_write_checksum: sha1:b55acf4b08b4fea7fb120792588929898041c733 @@ -1980,8 +1992,8 @@ trackedFiles: pristine_git_object: 460532a070c533751074955d64e7fe5a419a3fc5 docs/models/createinputsystembypackinputprometheus.md: id: 7be6aa5c7aaa - last_write_checksum: sha1:fc330f38707a7267e9cb2607cc486860ec7c08a8 - pristine_git_object: 755a7209b7cc5562abe92aeca1a2886903717310 + last_write_checksum: sha1:8c778695455765484052df61c9faeffb8c5ff0ee + pristine_git_object: ccea691b7fe1bc130e991f1d09e91014211b18b4 docs/models/createinputsystembypackinputprometheusrw.md: id: 6919dd351613 last_write_checksum: sha1:58328529f8613f24cb38bbec465a5ceb0d607e32 @@ -3002,14 +3014,18 @@ trackedFiles: id: 35fd34324291 last_write_checksum: sha1:7e9b9a68d121506dc407df6ca6b85464737db81c pristine_git_object: 3ee0ce22449a6293fe41066b5da9bb5e3a9c11ee - docs/models/createoutputendpoint.md: - id: 67e9d9760b1d - last_write_checksum: sha1:ec78c353de962cfabb1e1219ca14bfcffd6d16e4 - pristine_git_object: 76d02127f9802b32ecf377293415127b94f1f492 docs/models/createoutputendpointconfiguration.md: id: 62d324c4bbd7 last_write_checksum: sha1:5dd6dcf3413b7e05704de3c42f97c41b3457f1fd pristine_git_object: 880f158c23a38e80fb29f03e9da559ba977af2cf + docs/models/createoutputendpointdynatracehttp.md: + id: ac31ff302169 + last_write_checksum: sha1:5ffd77fd409d15fbc3ce75a3ea2b989fcf4511ac + pristine_git_object: e8cec37e53fc4f261522b3158c23cfc8f29be005 + docs/models/createoutputendpointgooglecloudobservability.md: + id: 71e77d3f6984 + last_write_checksum: sha1:a13e9bb70450723f4593cb1fa55715a98451ccb6 + pristine_git_object: df075d4c151639dd6b603e3f20e6ca4ec240f417 docs/models/createoutputendpointtype.md: id: a7e13d51cc84 last_write_checksum: sha1:6d77e191face7f0d81274022aa62febac91a7e59 @@ -3036,8 +3052,8 @@ trackedFiles: pristine_git_object: 16e8bd31f73c4bbb8074b5d231513c7414ec9fc5 docs/models/createoutputformatcribllake.md: id: 1826c7a15fdd - last_write_checksum: sha1:d1092da230c9d18f3c1d4a5e58a37d9b60b5ffd2 - pristine_git_object: eab7022d4ebb349abacae2b304fe0bfcb5f626fb + last_write_checksum: sha1:5ae14e8b93b793349a4322dc8aa11923ef8cf1f6 + pristine_git_object: 944ce29dda7362c42cf2e7fd28612766aba0efe2 docs/models/createoutputformatdynatracehttp.md: id: f11076fd32c7 last_write_checksum: sha1:28dd0092c335fa5b0ea546bcb8432d50e964e454 @@ -3050,6 +3066,10 @@ trackedFiles: id: 1e2fe4eb0110 last_write_checksum: sha1:56cf16f4aa06f798c797d7658e94becc2e11f302 pristine_git_object: bd4a7d168e11e511e7f7f73bda4420ae0a438164 + docs/models/createoutputgoogleauthenticationmethod.md: + id: 2f53141a08af + last_write_checksum: sha1:f6cf079bbfd6b350c5e05a8b5fa7da31f3550a01 + pristine_git_object: 4cba5db6b51c2ce214823727a7eb952d767ae043 docs/models/createoutputhostnetflow.md: id: 59fa5e300635 last_write_checksum: sha1:5949533f1b8684d67e0872aabd5200f5845b6023 @@ -3090,10 +3110,14 @@ trackedFiles: id: 739e32dc75dd last_write_checksum: sha1:e1a5404150b3c5b3fd655f7b6775be8eb9d3f9b5 pristine_git_object: 7dbf6b21b107e783b86ac67cc1d52f61e6cd444d - docs/models/createoutputotlpversion.md: - id: 91f4748a7123 - last_write_checksum: sha1:c7fdf58e538086e844bccec611612b89b87d34e3 - pristine_git_object: 5abdfb0f4b36a842922cc1551c42e1da5b1ed7f5 + docs/models/createoutputotlpversiongooglecloudobservability.md: + id: 8612bc8189f7 + last_write_checksum: sha1:4ff9500ef7f97e69db34eef6bf0ac069abc8bcbb + pristine_git_object: b260d994b67af111a08da6998335b938f21d5fb7 + docs/models/createoutputotlpversionopentelemetry.md: + id: d1e637cb9acc + last_write_checksum: sha1:9cebecbf5f954f0f701455bcb803513c461103b9 + pristine_git_object: 2c4a20b7e1dbb60fc4638af2aec182e442fb19e1 docs/models/createoutputoutputalibabaclouds3.md: id: ae7402d1afd7 last_write_checksum: sha1:e58c21ff0fd152491154efafe765626fbf7a746a @@ -3108,24 +3132,24 @@ trackedFiles: pristine_git_object: 57c21bf7281d946f2515422f5f367ea1d08bd5e3 docs/models/createoutputoutputazuredataexplorer.md: id: 08d8318591f7 - last_write_checksum: sha1:95704d8d444821272ede6b50e4f1d89b4d0a7c19 - pristine_git_object: 75ff341cf337ec6822ea034af84deb1fc8450ac2 + last_write_checksum: sha1:c5c32781bece59799580f5afb5176803b655e672 + pristine_git_object: d8eae0c134b90db3b259e183cee2fa5691677942 docs/models/createoutputoutputazureeventhub.md: id: 25053cc329fb - last_write_checksum: sha1:0ed6c15f3c452f04836dc42783af4292b74a636c - pristine_git_object: 3f68452ed03882d47e1feddb5dbd8229beb70646 + last_write_checksum: sha1:f73a9e12263bedc16a969d65a3ecfbd8412e64a1 + pristine_git_object: bac5a625933764dd4eb24880fc28f0d3fc7efa2d docs/models/createoutputoutputazurelogs.md: id: 5f4ff5471b4a - last_write_checksum: sha1:bc2c9908c7f2d5b96126cbacb12dbfb9fc6523d8 - pristine_git_object: be1c2a4484de9a4f8135e02ff8123175ee9b03c3 + last_write_checksum: sha1:a2d97f1c28c68a0fd077f5c0b533f3558895e8fe + pristine_git_object: 9d60b9ba165868c1d2352ccaa329196c14ff9b4a docs/models/createoutputoutputchronicle.md: id: 0e1174a12b2d - last_write_checksum: sha1:28fa95a4b0faed8468f634b0698900357b860a8e - pristine_git_object: 510bcb6465f0232dcac2cff509f75785744fa04b + last_write_checksum: sha1:75f42e3b5d1c35c64319617a821cce298efb0444 + pristine_git_object: 6018cdf2fcb8e0fc5e0d62223627e9d1ccfa1bef docs/models/createoutputoutputclickhouse.md: id: b666def4fa91 - last_write_checksum: sha1:09553bbee7a9779bb116468731a17d0b122afacc - pristine_git_object: 0ffad1f95e7e334ca802034eefca8ba6b4934dde + last_write_checksum: sha1:bd3027ce694f17dcbe9e9d2da5ec030bfecac115 + pristine_git_object: 68837caf9078d99e9d8c40d39f13d1d21f9af115 docs/models/createoutputoutputcloudflarer2.md: id: 4ee32170abc4 last_write_checksum: sha1:40c51e96ca30d1431fcad3846997fdce6cc71e3a @@ -3136,44 +3160,44 @@ trackedFiles: pristine_git_object: 7e2873d7500a3abcef06ca40c015b0ea3535eb52 docs/models/createoutputoutputcloudwatch.md: id: 6839cb338310 - last_write_checksum: sha1:da452a6efa63a89dbd098d338972265349b9aaa6 - pristine_git_object: b3fd414c2cb0219c0db16311605c0bc5c1544044 + last_write_checksum: sha1:2b26d8478f9119da019567f4fc144a9dc9dfdb2e + pristine_git_object: 6b100c41f87ab69a2f5f55701a864dacb2077dba docs/models/createoutputoutputconfluentcloud.md: id: e8de618fb8ce - last_write_checksum: sha1:fa8ac7c09ead7963015a5e554919bf4fa4cd12db - pristine_git_object: 2591a338b894ccbcc975df93571f7a51aa555837 + last_write_checksum: sha1:f070191edb192819a16b50082e7c8da1ae7e20b6 + pristine_git_object: 256238b8a028e1bb2dde271d40c6853d38e9ffb6 docs/models/createoutputoutputcriblhttp.md: id: 1bd6779c1a72 - last_write_checksum: sha1:5fd9f4f71a2d289ad21aa57b1be1a98393736915 - pristine_git_object: 4aa47cfb00dd63566a35b86ac1c6412ebcc0adea + last_write_checksum: sha1:24edc4dcbbdca0f1149c72136ee0d671448f0fd3 + pristine_git_object: 05b897c1c1678ad9cbefa839d856da46749055a4 docs/models/createoutputoutputcribllake.md: id: 952f5e762078 last_write_checksum: sha1:3aa29ccaa0d4c5eedde7fea19fb0bc4865ef38f2 pristine_git_object: 151ec751917d381139f9b1472f79ac33276582fe docs/models/createoutputoutputcriblsearchengine.md: id: 2ee1493169c1 - last_write_checksum: sha1:a7173f7020f899ade7938b5054674f93a8ef93ea - pristine_git_object: cc0ebe20b8f392581777a7a94bd6aec68e8de868 + last_write_checksum: sha1:754fa109f72a58b98d8fbbb532953b6b267c824d + pristine_git_object: 0d5a19fbdc2d5ced6b4aaf87b18ff5602ad15980 docs/models/createoutputoutputcribltcp.md: id: c5c310a4139f - last_write_checksum: sha1:79f40cf3c56f1acae099959e8041611805bfccda - pristine_git_object: 413a8de242baf7f054897e6ea7f4ca55eadb1b3e + last_write_checksum: sha1:4c8114c32b4d564f2fd2f3de4ec6f4c87f928861 + pristine_git_object: 9db253e37fcda1e1d580f19ffc38793a3993366a docs/models/createoutputoutputcrowdstrikenextgensiem.md: id: 0bb332dba9cc - last_write_checksum: sha1:61d25f163dbe936cc5e71becdce31e630e710679 - pristine_git_object: 03eafd55c0b48a28a5964ab184f43b0e30b1014b + last_write_checksum: sha1:65acab40785d628f9590afa9829ae18702d02d00 + pristine_git_object: 3ef4a2eeb72c75ba1d3375cad5ac2fc9a407f9f5 docs/models/createoutputoutputdatabricks.md: id: 3a34c1995e96 last_write_checksum: sha1:bb6ff7ccffdc6277d71f894e8b4a7bb3b31495bd pristine_git_object: 7e5497686802951e5e05c9c65c1aefc0d19ed98e docs/models/createoutputoutputdatadog.md: id: 3498b718c150 - last_write_checksum: sha1:595a64a51272c0d237b9ebb83efeb25ca955a83b - pristine_git_object: 637e3c3fe33d5663a2e23eb079ef88c148d63cb2 + last_write_checksum: sha1:6ab9e277955a8726fd10f7bdb67f5435d1473bbf + pristine_git_object: c95ab1f732d1a60a3b9f312e29ef19a04181c246 docs/models/createoutputoutputdataset.md: id: 7d3d766e8112 - last_write_checksum: sha1:c8ab6f35b45a810b071966b285c3019305e6ee56 - pristine_git_object: f3cc6421d3c43876785714b6e38fc718095ce53d + last_write_checksum: sha1:0ca1646929f6a744f3b9de002fca161e6c23eb44 + pristine_git_object: 658f68288dccf47cb55b95deadc8915647af53bb docs/models/createoutputoutputdefault.md: id: 6ede43dbce8e last_write_checksum: sha1:645724671283d55930b74c458e6dfa4079f46f43 @@ -3196,20 +3220,20 @@ trackedFiles: pristine_git_object: 030635564cf0335ce7d876b3db10c52f2960fa3d docs/models/createoutputoutputdynatracehttp.md: id: 5e16f9a76417 - last_write_checksum: sha1:7571f604920a9b7f814daec3a4f846ed7a1aeeeb - pristine_git_object: e52cede4c6811b9d5fb8ab7226c432258f3f88dd + last_write_checksum: sha1:f5ac69207ba877d0738fa0554657a5d0c766ae73 + pristine_git_object: 0f3ef103864e19f1fb1c5e082589b4fbe29dddb5 docs/models/createoutputoutputdynatraceotlp.md: id: 5aaf9a92c598 - last_write_checksum: sha1:9a1e2198e68dfe736dbd07f6916bc1c656f9d900 - pristine_git_object: 569121adf52d74021ccac48baa790eda5b0cff3e + last_write_checksum: sha1:8611233b87cf662d6a0a24d67be8601fbbe54d88 + pristine_git_object: b1ef4ef5b733ed8524f008127bba1fe0b0398de5 docs/models/createoutputoutputelastic.md: id: 7b351154c209 - last_write_checksum: sha1:f3c5b0de043c53ad5520130bf767464ef2946ab3 - pristine_git_object: 94511182e3341aadefff60aaccd78b13db47d0a4 + last_write_checksum: sha1:caf0c1ed23d3b4ead8d19336710f82c088f57d98 + pristine_git_object: 1721b69d443070abc77b7b0cf91d8914ac43c443 docs/models/createoutputoutputelasticcloud.md: id: 8bce78b3cab0 - last_write_checksum: sha1:f1f3a7f1b984a20498b2dcc78dd20858f7b4656d - pristine_git_object: d73eacdd50aac4f7b628d1f9e19abe79c3bc96e3 + last_write_checksum: sha1:6ce9fc704155263d514417d8fc5d963741e08e12 + pristine_git_object: b9ce3dff4f0367b7d67c2872faf5799c8cde477a docs/models/createoutputoutputexabeam.md: id: d7d7afd338c5 last_write_checksum: sha1:8cee8c7aff0caeda5b4f7661d3c60bc578f56cca @@ -3220,28 +3244,32 @@ trackedFiles: pristine_git_object: 67f1e1d0794a62886b6f5224459512a4fa82e700 docs/models/createoutputoutputgooglechronicle.md: id: f993218e38ba - last_write_checksum: sha1:27ecf6f572c6f19034002623353aeb6379d98886 - pristine_git_object: bbcb92abecb08962bec6125e6e1b53360c792188 + last_write_checksum: sha1:fb25a4172dd325adebb3b84d6492bf10c0838060 + pristine_git_object: b4cda50ae08f80313f6fedbd1f1a02056723b68a docs/models/createoutputoutputgooglecloudlogging.md: id: fd8c849932b5 - last_write_checksum: sha1:b4932cf0cf4597bba381cf98fe10a79b8bae8ab5 - pristine_git_object: 7803715cc8e44c74b481c8d1cf7093cecf86b253 + last_write_checksum: sha1:88d7f2d982963a38ce3f570521b6ec49e780feb5 + pristine_git_object: 5c83aec99be0722e1f9d4cef2bb1c15ee99c941d + docs/models/createoutputoutputgooglecloudobservability.md: + id: 0cfe46c17689 + last_write_checksum: sha1:28b861b7da66b8a513b98c96a823b38012245e0d + pristine_git_object: 356282020a7d473ca3d406993cf14c7d6c3559b8 docs/models/createoutputoutputgooglecloudstorage.md: id: b9a408afee4e last_write_checksum: sha1:450cc8533b207b770d91ce1529a19e1e62c2ef35 pristine_git_object: 03110e30693efb78cb207e0bb61ea2d9c0818d15 docs/models/createoutputoutputgooglepubsub.md: id: 5adb1168c01f - last_write_checksum: sha1:bdf0a1aa57afec013754a9a4996c82555ed602e3 - pristine_git_object: a0298faca42fe8b206ff26fc648cee3a0dc12b51 + last_write_checksum: sha1:96fd67ab48f521c58cf54e710da4a346b3250250 + pristine_git_object: 0d9d82088e3bc3ca11368585180b077feca774fb docs/models/createoutputoutputgrafanacloudgrafanacloud1.md: id: eaf672cb60ce - last_write_checksum: sha1:0048e0b0b69ca524a6e44f6ef294252331e6f8fb - pristine_git_object: 14b98527993de8e158ec6b492ee95bd0cda8c073 + last_write_checksum: sha1:769d5883353c9a14f0f6d3eaf7045bde2aa4a2fe + pristine_git_object: d90465260b7f2469dec221bdc767b9608fc7cd78 docs/models/createoutputoutputgrafanacloudgrafanacloud2.md: id: 80c2d405ea46 - last_write_checksum: sha1:3efc78c28dada3da70a7ec583f2965c61f81c071 - pristine_git_object: b3592b4ac618b8ec428d11650f3a5f72ae56528f + last_write_checksum: sha1:278ebeead959a13cc0c8bf5618433151a1b69a1c + pristine_git_object: bffe52c90a6196a5e94e793003364212938aeeab docs/models/createoutputoutputgrafanacloudpqcontrols1.md: id: 7e539cf800fb last_write_checksum: sha1:1efb47beda0e89f99358172e1ac9deb5eca3978e @@ -3264,72 +3292,72 @@ trackedFiles: pristine_git_object: 68e02eeb9a868462ba62ec11fa118639eb6b4f52 docs/models/createoutputoutputgraphite.md: id: c0e581482b22 - last_write_checksum: sha1:e5e73695f08d1bba855104dc070f3ac2cc8fc98d - pristine_git_object: fc170f2b22977de680c5c257b780b752c6d1ac89 + last_write_checksum: sha1:7dd0bc464d5e8029340fddbae713c8791400f207 + pristine_git_object: 995ffa712d0d4c071fff8f8cbf33280e51a8784d docs/models/createoutputoutputhoneycomb.md: id: b02fcca4c5e6 - last_write_checksum: sha1:140f422f0be84851c61a3aadd6ca1fe3468358c7 - pristine_git_object: 85e1de900998266f39bf265fabd1a5f51ed3532b + last_write_checksum: sha1:75981bc677f6a6f327b7ea52b7645c95f54e1fe5 + pristine_git_object: 49e57e95742d711e82c010707e52068da795ffa7 docs/models/createoutputoutputhumiohec.md: id: 6deeab0ed98e - last_write_checksum: sha1:92c262d2dde4f25bde1d6d22924457ed5cc9faec - pristine_git_object: c8d4a08e3aa7e9ecc1cef11ff89177e8cbdbf293 + last_write_checksum: sha1:978baeb5003fa118551ce8b449cb9a9175ae64db + pristine_git_object: b98d1eb0da131c7dd13592e451b222e4ac3ba6fc docs/models/createoutputoutputinfluxdb.md: id: b81b39b4580b - last_write_checksum: sha1:a3662376406bae653cdd2461d24d97e7f0b189bd - pristine_git_object: d9e039e9ccf0e2c90b836e7be8ee8da32e652335 + last_write_checksum: sha1:d55ed5a7a0ba3e694511cf429864bd5d7519bbda + pristine_git_object: 7fcd88078f2f2d1cc80c8724f178d5cec2884311 docs/models/createoutputoutputkafka.md: id: 79dd003443d1 - last_write_checksum: sha1:d296bf5f835a196ca34184367a2b4b473338716b - pristine_git_object: 67c717a6a4dc54af3977770e92b8fa3c505b9945 + last_write_checksum: sha1:33a6674edfb109264a4970790faf72284a1a98f7 + pristine_git_object: e429aef24ea0ffa661e2718426d0b0addb3f6e52 docs/models/createoutputoutputkinesis.md: id: 417f147141c9 - last_write_checksum: sha1:8bf0bd187b3dd79641750c80dbf62c6ea34db54a - pristine_git_object: 8389c5cbc8b8f9e2ad7c61a9276cb1aa35e833ad + last_write_checksum: sha1:cccc6d28d7c2b8c1feeb7976169a77e4d0a94a8c + pristine_git_object: 30c6f4bae4275784ddd794d3cef8b5c687d31876 docs/models/createoutputoutputlocalsearchstorage.md: id: 53e0801bb3b9 - last_write_checksum: sha1:6fee028f5e4e5bea0f6eb6683f7274b102af78ae - pristine_git_object: 079d9676447723726e0da1a35970f3e9a96f003b + last_write_checksum: sha1:f00db3bc92b51110ec3331dbf0cc13dbb6214a07 + pristine_git_object: e62735fdcf687f8c12f65153a24416589b28fb0f docs/models/createoutputoutputloki.md: id: 4c59fbcf8681 - last_write_checksum: sha1:f11f65afbadd7af5017fa4165d9ffd8af48a77aa - pristine_git_object: 7abe0500fd31f1c0d8e2c822471214a556af14bf + last_write_checksum: sha1:f24a77a32388a5576b89c2d3a6294ae13d24f7c0 + pristine_git_object: 6af101592a0423c067559f68ddeffea9e2433702 docs/models/createoutputoutputmicrosoftfabric.md: id: f96f00810710 - last_write_checksum: sha1:c091c3e21decd395e0c2d7282e91ca6a4ca1eb88 - pristine_git_object: 074c615a844d4fcb3dafef3707ce0f4a6433ff74 + last_write_checksum: sha1:e8db9d6a4aaa8e041b4a5068a5f4f4f007753f4d + pristine_git_object: 76b855f9d7140724ce6c017d612bcff103dd5d90 docs/models/createoutputoutputminio.md: id: fe554f56aec7 last_write_checksum: sha1:a42f7bdc5ac55c5da058be4026c728611c732c02 pristine_git_object: bb2b2190707c63c4bb7a4395486f3e084ed60fa2 docs/models/createoutputoutputmsk.md: id: 300f8957ae94 - last_write_checksum: sha1:9374fbb602ff4091e41dbd5e0f21a38f12c56276 - pristine_git_object: 6162a632d7bc139598a1977eb6e430c632bbfe2a + last_write_checksum: sha1:dd8b9cecbbd0a308402a336014ecf21fbf9eeb2e + pristine_git_object: 5233936013bbfbc9e9ebeeb455b97d89574645a1 docs/models/createoutputoutputnetflow.md: id: 7cd15c697193 last_write_checksum: sha1:35afd6fb9636d4e461f33449de73899797fa125b pristine_git_object: 3fbaf5f4adcb1c99454c4b1cb7e5ae38efac5af8 docs/models/createoutputoutputnewrelic.md: id: 420f1ae82345 - last_write_checksum: sha1:7a6c462dce63cc545c3f258f06793e26977998ff - pristine_git_object: 3c4547df2837b109e5b1a8f3dc4f73cb507fad08 + last_write_checksum: sha1:0d09a5dd7a174cb0783b7e957e7f8456b195b1d4 + pristine_git_object: a8200a7ed45492c7374bbfc24d22657e469066b1 docs/models/createoutputoutputnewrelicevents.md: id: 022f977d1c80 - last_write_checksum: sha1:9a39497d5d6c8e8473403f7c5cf829632b5f608c - pristine_git_object: a241e85a8df57c2d25dbb75fa286f6fad655eb2c + last_write_checksum: sha1:18bb6c9a8ef6e649c42bc7ce22e26a5d35ec40e0 + pristine_git_object: 2d4502ffd289bdf30857866846305da73ecf73bf docs/models/createoutputoutputnutanixobjects.md: id: 18175bc8b321 last_write_checksum: sha1:b0790d472d10bedb5d05755f450db25cd929093c pristine_git_object: 00623938cdcd714252e49275513c13d6f5a0fa50 docs/models/createoutputoutputopentelemetry.md: id: 2de451216b9b - last_write_checksum: sha1:3ede8f06b20d0bcb0231bc3aac57d9eaad61cae9 - pristine_git_object: 2ffc167f1de4c39bfa9195751c503c6cb1f02684 + last_write_checksum: sha1:0b89b9a1b17607acbf858587c7dbfafef37fb27f + pristine_git_object: 3c58232fab3fc1b7949570964853187fd5d7fc22 docs/models/createoutputoutputprometheus.md: id: 3d0c0ee9e02d - last_write_checksum: sha1:5d42eba16df14812d4e8b35f85d1884dbb0b7439 - pristine_git_object: d11b1dda99beeddbe30e1e149e20b9c16dba4d14 + last_write_checksum: sha1:a371661c649f40fb2d3f272d395df9a2fe67f038 + pristine_git_object: 41f2b4cb7f33c91823d2b1a5014709d9a383dd2d docs/models/createoutputoutputring.md: id: fea017a58dda last_write_checksum: sha1:83fd840572a9b3e110d4b2fbdd767ae83e91857b @@ -3352,72 +3380,72 @@ trackedFiles: pristine_git_object: 21ee5d03912eea67be9c71cf77a2acd4b0960540 docs/models/createoutputoutputsentinel.md: id: 68f02716f418 - last_write_checksum: sha1:d5f69db799cc64cda1c167e469df9f0f56e5475a - pristine_git_object: c8423ddc8da6ee2ecf9c8fc47cca8df5554e66a9 + last_write_checksum: sha1:65bc2a75c1347126d02e43c3555cac87966a5c51 + pristine_git_object: 8b7c09f08e818a475446ff39b23d15e947494422 docs/models/createoutputoutputsentineloneaisiem.md: id: 039e2296c8c9 - last_write_checksum: sha1:ae2494cb522649f52dc980ddab1191d9eb7b0c5b - pristine_git_object: 059106c6b7dbafeb3b71ff00811bb38f107c01b8 + last_write_checksum: sha1:3e30d40bbf6e3d5e83a569e1ffc08bb89f887312 + pristine_git_object: 90e064e85d0f7a20a011ddbc0f0dda1dde3b04c6 docs/models/createoutputoutputservicenow.md: id: dca6cdf93bab - last_write_checksum: sha1:fadff9b87a75a2ccb5c5ca71b4ecc30651f471f8 - pristine_git_object: 5aa5fea699f40d9e6069e9fb850ce13bf17302f1 + last_write_checksum: sha1:6c075626f0deb458131a3849779a31a7dfff2aa2 + pristine_git_object: cb5bbbe35a5f2fdede189daede9392b08df687b7 docs/models/createoutputoutputsignalfx.md: id: 132b8d3ecec5 - last_write_checksum: sha1:67c8084591ad2fead0fc678a4f7fff4ae7c08008 - pristine_git_object: b1ce86e7716938114d67352465334a0a2005be13 + last_write_checksum: sha1:8407f8072a0a2ab8e6e3d02667ac4078de7631c7 + pristine_git_object: 21bf4df802f078fbe1afe4f61e38dbad478fee85 docs/models/createoutputoutputsnmp.md: id: dab1b10045d8 last_write_checksum: sha1:b5328f26de3a9cf7b0ca1b1556f237f61aae233e pristine_git_object: 5f9e8c3a275b0ae897b4d2f7140fd05fc8be32e1 docs/models/createoutputoutputsns.md: id: fca9144d068b - last_write_checksum: sha1:7fce4e982dffce8538cfab5781715e46a739187b - pristine_git_object: 268f80a56d537626ea032ebdd96850a75d26bfd3 + last_write_checksum: sha1:bb3aad27d61117b9668f264a1aa460cf899196b2 + pristine_git_object: 958348ebde3d6d5ef2d8924e6b68ce98fa5b34a2 docs/models/createoutputoutputsplunk.md: id: 3de87ca18112 - last_write_checksum: sha1:b6ae2a5ce812fd7ba3021a034f0f9ba89d707a7a - pristine_git_object: e4dfa85f7e4065c3f59c16062f84e111d86614a1 + last_write_checksum: sha1:6f3c61c65968177dedcb37fd332f5763c728576c + pristine_git_object: 262ac0464d219f9e957f537b49f7db2bfd4c2277 docs/models/createoutputoutputsplunkhec.md: id: cb72d3ef844c - last_write_checksum: sha1:570c21c3c65fa1c1b74c2a01916e3804c469a439 - pristine_git_object: f8216dd906a2f9f37f9215a9db93ee2aaea7fe15 + last_write_checksum: sha1:c70f196a0c0b7260fb1333b80a1bbd00f4c0e023 + pristine_git_object: 5cc7c78c2d3e6fbfa870ed48dae391eaa351b326 docs/models/createoutputoutputsplunklb.md: id: ad9415a4429f - last_write_checksum: sha1:130f1fff6401970084d42c6992302f8c78af131b - pristine_git_object: bd29dd442d996b393da91d8c977c55e098800f78 + last_write_checksum: sha1:fb59cb6686da81641d41133f37e451b1db57ae51 + pristine_git_object: 00f72321a2c607a164fb43cbe3f966ffb0967e23 docs/models/createoutputoutputsqs.md: id: de5d9ade5e75 - last_write_checksum: sha1:1e9fa27300825d1ad8a127f2aa60ee462051ff75 - pristine_git_object: 558a0060683cc3abe9ee4f0766bcef55184b88ee + last_write_checksum: sha1:53e14aa3fcc635e7a65755d4054a964451976297 + pristine_git_object: 7c9cf0143dffd3012439cfdf0f673a8ee7b628c3 docs/models/createoutputoutputstatsd.md: id: 65a3a66a2178 - last_write_checksum: sha1:b943e3876183da46d5c6b6618043da7ce5413fe2 - pristine_git_object: 8993769c841c09e4033d7f528f50dfa1961302cc + last_write_checksum: sha1:094164d00a063918201d1801b836e1fdbc0ae8e7 + pristine_git_object: 9dacbcff897ce780e30b2c6d53e8ca710134de07 docs/models/createoutputoutputstatsdext.md: id: 2add8f4bc033 - last_write_checksum: sha1:1eb781eac36733977b32831a052873526938d9af - pristine_git_object: 88c3cee1b98c4156a545ada05836a7af7d4e8025 + last_write_checksum: sha1:acb73c44666744e425e84bbd6773ce805f3cc4c3 + pristine_git_object: 489363089124064660eed9c9801780bdab102c3b docs/models/createoutputoutputstorjs3.md: id: 3ecabbd205ee last_write_checksum: sha1:09a0d0ceab08b4481add0ebdb6ed5d490f05348d pristine_git_object: 73b8bb1a007cbc4bbca8efe94503b7881a0157b5 docs/models/createoutputoutputsumologic.md: id: 121eae5cba92 - last_write_checksum: sha1:18aea3a436353aa5715db7cb750703808edacd3d - pristine_git_object: 806b84a40a09e3f3cfaedc6f48da6c408044e2a2 + last_write_checksum: sha1:17d4f5431c010188a711ac0d6fc4a0dd1f4fbb03 + pristine_git_object: bb4da5c362f189e730021b7422bdf5ba065b23fb docs/models/createoutputoutputsyslog.md: id: 97458d090882 - last_write_checksum: sha1:701d1781c8473ee3b0c0832b0aa05a9dfba26440 - pristine_git_object: c411dbae8b8a30e088d6fd6091ceaa463b82c8df + last_write_checksum: sha1:5c821478d5d21c39628a544ca7ccf1c943b63874 + pristine_git_object: dd1fa86529f929ee496c9e1b8b375ae91671ed17 docs/models/createoutputoutputtcpjson.md: id: e3e517595c52 - last_write_checksum: sha1:24017d97c21432560290dd8f558d54663f4b17b4 - pristine_git_object: 6dd582cb1cace565ef656678e75bae0c017649db + last_write_checksum: sha1:ffae68da71b2c8f50ea1d04bb8dec563e370b580 + pristine_git_object: ea3cca70db9d87b8f0f24d4114361af85b062e44 docs/models/createoutputoutputwavefront.md: id: 75582d1313e6 - last_write_checksum: sha1:48f2479fadcd2e143a1b835169ff75437e65c035 - pristine_git_object: ae2465d4dfa2eeb4f9c6935426a3c836a4acfb9c + last_write_checksum: sha1:ccf84617f418b6df159048d904e2080ddc1e4160 + pristine_git_object: 4ffb454772dfc39487dafb44aca34476928f30c2 docs/models/createoutputoutputwebhookauthenticationtype1.md: id: aa4ff4c71ee0 last_write_checksum: sha1:8d79557c1bd396e5cb7fb2776bf4bb06b8ff50ad @@ -3464,20 +3492,20 @@ trackedFiles: pristine_git_object: f2c8973faef37f240d5d880e4747a1f9cf44e0a8 docs/models/createoutputoutputwebhookwebhook1.md: id: ca4a32977bbf - last_write_checksum: sha1:abf37f5c9a4596845e63bd9f3b8c2cbc3ea9e13d - pristine_git_object: e50ebaa4e5883c8ad3d3471ae6e5a86aff329a60 + last_write_checksum: sha1:31f3c917c0d136f8afce3e79355b27162cddcd69 + pristine_git_object: 1d1a3fe063997c3a6fde35a8adeb02ff926a4c4b docs/models/createoutputoutputwebhookwebhook2.md: id: 238586248c22 - last_write_checksum: sha1:f94e7e0dcaf51c434bc47fd15bd4808c538f7f05 - pristine_git_object: 0262b86654f84334f1775f1dec2f0d8d9b8e2e2a + last_write_checksum: sha1:208e905ffcfd904990d9034adb90766cb1fac99f + pristine_git_object: 8356c7cd2f66d941cf1cfc43e3fc5d4a78eb22d1 docs/models/createoutputoutputwizhec.md: id: ba48fd6bb3e7 - last_write_checksum: sha1:9219ba35bf38874900421bdcb4dec5d1965d42fa - pristine_git_object: b86a3105f2fd6b4d0de52aa6e9cbded2d1163df9 + last_write_checksum: sha1:ff72cd300b347e91c002c86658536f5da5ba3068 + pristine_git_object: d6312d67d80de2bdf076323a3be5f211e589ce33 docs/models/createoutputoutputxsiam.md: id: a974b174772b - last_write_checksum: sha1:469f7a26e2a75e6bbc117db5f946b77d69aa234d - pristine_git_object: 76ffe35cc8bcef8759ac0438842c2e5f7971a28b + last_write_checksum: sha1:cf1a465be0e7e32c564f40b69a7ead622a9c1481 + pristine_git_object: 4d62b57158302a20480934e22e72cfc319880930 docs/models/createoutputpayloadformat.md: id: e2c413195b8f last_write_checksum: sha1:178ce5026373fd3593437ef956eb35add057c883 @@ -3558,6 +3586,10 @@ trackedFiles: id: 5981516352ac last_write_checksum: sha1:116b85062090219e084e16c8d7eb8e5a59a7f0a4 pristine_git_object: 44c91d19d1f6a4bc515be9244dc3bc508e0829f1 + docs/models/createoutputpqcontrolsgooglecloudobservability.md: + id: 29c746302416 + last_write_checksum: sha1:df6f89cd369252a3dc572380a419e86a2a435904 + pristine_git_object: 300b9dfd3c4c969b7c84a6fa2a8dd4be0767d8d3 docs/models/createoutputpqcontrolsgooglepubsub.md: id: 131470bdf842 last_write_checksum: sha1:d65fbb55e3453b1559d78034f63916b6bdc06db5 @@ -3694,6 +3726,10 @@ trackedFiles: id: 9c6f5292d756 last_write_checksum: sha1:77576ca004372fdf49f659a3d84c68555d6b07a6 pristine_git_object: 937e7d3fc24df8ccdeb545e85d415a62c7e78181 + docs/models/createoutputprotocolgooglecloudobservability.md: + id: fb2ade09a2be + last_write_checksum: sha1:a32e53e813b833295f5d4ef5c5a7f52dffb3babf + pristine_git_object: e7538512ba019a45575514a57bef53095e84392b docs/models/createoutputprotocolsyslog.md: id: e4e870247e52 last_write_checksum: sha1:d3c4e1b796658f6bd6945c4f1a9587fe6950631c @@ -3716,8 +3752,8 @@ trackedFiles: pristine_git_object: 664b5ea0e00bc0088b78d792e0c661c9863e5b47 docs/models/createoutputrequest.md: id: dfd777b7a943 - last_write_checksum: sha1:a428b9c4ddd7ec5081a9053c21064670880fd091 - pristine_git_object: dc80cbd10a35bfd0daac798675a32dcb4ce1d3ea + last_write_checksum: sha1:7bf95591602f90b899308d155fafaa204ced0556 + pristine_git_object: e848a06cbdd3ce91424e4636099840816121cf1e docs/models/createoutputrule.md: id: 38fc5c5a5dfa last_write_checksum: sha1:1a66324314a5885729e82fb08c70bb5db9e9accf @@ -3744,8 +3780,8 @@ trackedFiles: pristine_git_object: c05d52a12843a31ef30ff933e73ed2ebbf660739 docs/models/createoutputstatsdestination.md: id: 03cae9f8591a - last_write_checksum: sha1:7a1914e843673c775cd36c7b655a3924961d822c - pristine_git_object: 29458c85ba3ad95a3267d45ac0f4f1b73bf027fa + last_write_checksum: sha1:286fc7492f52f460c3adaa1b81ba2bb8ad1b4fc3 + pristine_git_object: 271274dd75b3858f08ab713247e1ad3d2af68345 docs/models/createoutputsystembypackadditionalproperty.md: id: 1a5008d3782b last_write_checksum: sha1:9082793cbb0cbb87b7f92f67a69715c193ec6bc5 @@ -3858,14 +3894,18 @@ trackedFiles: id: d8a55b27f9ea last_write_checksum: sha1:82a6cb7321079aad916b1c13f337338afd5c693f pristine_git_object: 79d583c1d89b160605334376b81faca5331cbf8c - docs/models/createoutputsystembypackendpoint.md: - id: 3712e71429bb - last_write_checksum: sha1:44b8ff48dcc6a957f82b2acc8efcaef9eab5214e - pristine_git_object: dc5384d862d9562a738756f74a7381e5a1eda080 docs/models/createoutputsystembypackendpointconfiguration.md: id: 4e2314aeab3c last_write_checksum: sha1:7ef49cc2ae41360eb88b718b4921a65a23cb8bf4 pristine_git_object: 87d244385e09ef91c677f78f3dfd4f77716a1c52 + docs/models/createoutputsystembypackendpointdynatracehttp.md: + id: 73a71eacee62 + last_write_checksum: sha1:9e8bceab2de8b7bfb957939c9b4aba5a48d7a3c0 + pristine_git_object: a3ccdf8575befbe8c2fdb169f47f8a5246842579 + docs/models/createoutputsystembypackendpointgooglecloudobservability.md: + id: 4ba5827d45e5 + last_write_checksum: sha1:304d0cebcb55ac0622c41b2afc5ce1486e5cbcc5 + pristine_git_object: 6e308b6ec6657129d5086be4c2d874392a469f3e docs/models/createoutputsystembypackendpointtype.md: id: d6130c7992ce last_write_checksum: sha1:a28314c57a93ede9a5030a222797d32cd68f6b9f @@ -3892,8 +3932,8 @@ trackedFiles: pristine_git_object: 7403efeae8113c1c08d808ff59b1d0e04f5513f3 docs/models/createoutputsystembypackformatcribllake.md: id: aaf18dcb15c3 - last_write_checksum: sha1:1f042a1b0e95e32fdd855e0ee45335f3e8935331 - pristine_git_object: 8bc5098a1a8462a2d527b426ee9ae9a4e413be0b + last_write_checksum: sha1:e15e316ecf85e9c52e69fb9fdf0a5aba5e1fb7df + pristine_git_object: ca53a919dd33fd447e7c79f5825ecc9dfc17ceae docs/models/createoutputsystembypackformatdynatracehttp.md: id: d9563be33dc3 last_write_checksum: sha1:bc57604d1b6f62a70419852b9ac1bf133d96209f @@ -3906,6 +3946,10 @@ trackedFiles: id: ccb9e41311d4 last_write_checksum: sha1:998fea7b52634fc57a0f3417058cf51e4b490a23 pristine_git_object: 3bdf7416571a83d5fea92d75f108cb83ce60ffe3 + docs/models/createoutputsystembypackgoogleauthenticationmethod.md: + id: 11dfe53914cb + last_write_checksum: sha1:8cefc7ec82898426b7f4f690b1b614a72161ec55 + pristine_git_object: 02be43010412268905c92a0c1478311fcaf44e1d docs/models/createoutputsystembypackhostnetflow.md: id: c87c9542b38f last_write_checksum: sha1:1f8888656346a06ee0800148cc8c60424626bcf8 @@ -3946,10 +3990,14 @@ trackedFiles: id: d8f5e424a14f last_write_checksum: sha1:d03e52bc9b6b18a80961d5722c4f429f30504d80 pristine_git_object: 680d7f12b0c80577a48e9910604df9f2813a35f5 - docs/models/createoutputsystembypackotlpversion.md: - id: baf179747799 - last_write_checksum: sha1:854e76c1e8590be53ce17d9c3f480b5f1331ab53 - pristine_git_object: c444838a1808405883036b3ec4e6522ebd390f88 + docs/models/createoutputsystembypackotlpversiongooglecloudobservability.md: + id: 99ed31ec86a5 + last_write_checksum: sha1:536d0cc40bab73c28e960228c24f9f7e4c0158da + pristine_git_object: 6fbe6e35370be63fd70e0b72d4b8aa506e1a5bda + docs/models/createoutputsystembypackotlpversionopentelemetry.md: + id: 66717d397cec + last_write_checksum: sha1:11fdf9471655504c38e4cbb18623c43dc0856194 + pristine_git_object: 96d82c5951414128104841079d80ab08dc235f70 docs/models/createoutputsystembypackoutputalibabaclouds3.md: id: 953164777e6c last_write_checksum: sha1:534561cfcd6ef9ef7778546a842b5237e247003a @@ -3964,24 +4012,24 @@ trackedFiles: pristine_git_object: a524c20709e74c0363e89d97fdee1c964532fab1 docs/models/createoutputsystembypackoutputazuredataexplorer.md: id: c196c157797a - last_write_checksum: sha1:e2d29da0182fc9b045cc9cc7edb9f84f90a1d909 - pristine_git_object: 5b677e111e83d1fa6ad659021f3bc924db2ca8bb + last_write_checksum: sha1:aa624eed1494310d7f11024e97080da34e871531 + pristine_git_object: e8167427b5f5babfb10155eeae001487df5c6267 docs/models/createoutputsystembypackoutputazureeventhub.md: id: b0467b7717cc - last_write_checksum: sha1:8a06de31cb2123a0d67bfd90746e24d7a5ffeca4 - pristine_git_object: 8c83c4a417aec96f40d14c3ef4f7799d0c72765c + last_write_checksum: sha1:d1f3e46b8c15dd6643b7f1e8f4ab935cb76c0b88 + pristine_git_object: 5aa3cc0a026d4b326b428383a4965600327c7b4c docs/models/createoutputsystembypackoutputazurelogs.md: id: e7683e3d4631 - last_write_checksum: sha1:16ab5b79e91d6271630211f6473fd56e59de759c - pristine_git_object: 76b6e0e075045bcacfb5a35d936ba8946aac9b88 + last_write_checksum: sha1:079288644d6e96a752b87297fb362456e91b8277 + pristine_git_object: 05dde498998d4de70520e667ddd2ab03038226b5 docs/models/createoutputsystembypackoutputchronicle.md: id: 73842dbdd0a9 - last_write_checksum: sha1:1c95616a2bf148f3acf264cab7a8da7e16d5a7f9 - pristine_git_object: 8b65268b1254dc4c3748e52d170df4e076b3764f + last_write_checksum: sha1:794cbfe4314eed5d2602007647b2e83632cf8a31 + pristine_git_object: ec22e5812d62d2ba19841831e9a5d3b4c3e89fff docs/models/createoutputsystembypackoutputclickhouse.md: id: 976c28813973 - last_write_checksum: sha1:753e390367e4be40682d37339c24dd76047f9d8e - pristine_git_object: 6bb558d457e71555433013ec8569b9026bfec6a4 + last_write_checksum: sha1:a575d944c90c4b163df360fd0822e6c759314bfe + pristine_git_object: 973b094d562097587d6abe6bf8a40bd2fa08ec5a docs/models/createoutputsystembypackoutputcloudflarer2.md: id: 8fc60e5c1180 last_write_checksum: sha1:39faf6c1d3e90b36844f1fa0417221b908132564 @@ -3992,44 +4040,44 @@ trackedFiles: pristine_git_object: bf4ef178fbc1602d1e262db4fd6ec08ebb5c6121 docs/models/createoutputsystembypackoutputcloudwatch.md: id: ce3268693644 - last_write_checksum: sha1:ebf643839ded46f6d90e0fef546546ec5a647b37 - pristine_git_object: 0df12686e4a1eb3e73e8ff194d04d97269d2fd7f + last_write_checksum: sha1:7bddc93daf09a4d2b4373c75cff5054833729938 + pristine_git_object: 044c2f189d09dff003fae027c0ebe75658d9eb14 docs/models/createoutputsystembypackoutputconfluentcloud.md: id: 75bab27802df - last_write_checksum: sha1:79baedf680e9c31f345d3ca7330625d8fa8a1ec0 - pristine_git_object: ae2c18f60c4e5413ebbd496676e6e8b7333725f2 + last_write_checksum: sha1:8b61c198787cde84db282a51429e888798f2933d + pristine_git_object: 386e1a64ba010a9aa7d1ffa9720410be96482024 docs/models/createoutputsystembypackoutputcriblhttp.md: id: 72d132fbf9b6 - last_write_checksum: sha1:20ecf5b1f35a8fa281ca478ba36a6bf8ed90a51b - pristine_git_object: 28d8591d4cdb1d5334e8983c4c99e03698ef50ab + last_write_checksum: sha1:075dc12272413f4aef7ed1b74f680b24d9fb52be + pristine_git_object: 792203ef99ebc499919ca562b5077f287244f98c docs/models/createoutputsystembypackoutputcribllake.md: id: b00e95f1573a last_write_checksum: sha1:5033f420e9c18b7d0b9715fee6c55d71a2710cd0 pristine_git_object: 6d834f43c91f9103fcf2a8f0514f7a8ac931e5da docs/models/createoutputsystembypackoutputcriblsearchengine.md: id: f17303fd42d6 - last_write_checksum: sha1:49febed43b25fac42b905ca3ddf5986fb9ce32fb - pristine_git_object: 957a931eb27b706fd9f32d943f9f4e14751e8077 + last_write_checksum: sha1:7735cf4eafc9602b869968dad58b99af68bf6705 + pristine_git_object: 15f4e205f8589bafcc4ee3b39a1592daa041c183 docs/models/createoutputsystembypackoutputcribltcp.md: id: ac12bfc37647 - last_write_checksum: sha1:3b3d38f0590c0ca10c3350324e8f072c4609e8ce - pristine_git_object: 8c17b82c35ee19a6eb2e15a7ed745fba89e918f8 + last_write_checksum: sha1:150d52b8e054dfd9743316ef30487b11a8d920a0 + pristine_git_object: 5aebc0ed3437eefc325c5554695f63138bcbfed3 docs/models/createoutputsystembypackoutputcrowdstrikenextgensiem.md: id: 1016ac142312 - last_write_checksum: sha1:88cc4a952e003437b1534ca754e00e2eeb6b9b6b - pristine_git_object: e3d6c4e3098facd78867ef9e7e5180cdab2b46e9 + last_write_checksum: sha1:60871e27be0c0fa38d030a3e04356f4a851deebe + pristine_git_object: c078d013825fbc73e2069efe9e0023d459cb76ac docs/models/createoutputsystembypackoutputdatabricks.md: id: de4ddec59dc1 last_write_checksum: sha1:cf9b6efdbe31bf0f6b9e6114e37b4660595f72dd pristine_git_object: 1b8535958a8acde02904f940e920e52c013023df docs/models/createoutputsystembypackoutputdatadog.md: id: 7a68fa2562c7 - last_write_checksum: sha1:17c9e0097962bc917a52590b68c996d1c3defd0e - pristine_git_object: 0d89cf2ead1eabad99f2e04d96b4827c179fce1d + last_write_checksum: sha1:3362337c9e31d1914361a115352cf46c4b04fc6b + pristine_git_object: d2a8c78f43d8da180237a7ecfaafaeb40a108739 docs/models/createoutputsystembypackoutputdataset.md: id: e8a126f9a977 - last_write_checksum: sha1:16ad3e09359a6f6fa9e7ac2278c7253d71fe3384 - pristine_git_object: 83cbd755d362120ba5532e376a89c59af873123f + last_write_checksum: sha1:a73ec3722f3547126ac45d25016c4aeea0200c83 + pristine_git_object: 5c1b0d93b2765cc7ad4e50ff28b22dd66a889e81 docs/models/createoutputsystembypackoutputdefault.md: id: 96a0bbe6bb34 last_write_checksum: sha1:834915e99931a8e2ccc59237aff842c3fb08919d @@ -4052,20 +4100,20 @@ trackedFiles: pristine_git_object: 6c82bcaf38592cc513f546cb91b46b905ae5a8aa docs/models/createoutputsystembypackoutputdynatracehttp.md: id: c2f0997f04e0 - last_write_checksum: sha1:c6e7a6f55ed3bd0c16a84aeb45aa50ebabd57b47 - pristine_git_object: 1fb7d0b263569b714ab3a56f68aa86b61dc74619 + last_write_checksum: sha1:d81c7f32fd7ba8c14345ebf4df835742a4cd5a03 + pristine_git_object: cb5f40e1dc14579a9636ae66f24d5c13a24becd9 docs/models/createoutputsystembypackoutputdynatraceotlp.md: id: 7ecfbc8545ab - last_write_checksum: sha1:959c944dc90102241f9671fefdd299d2b9bf38b2 - pristine_git_object: 05349b8db48523d07901e59df174733fc20f6b6e + last_write_checksum: sha1:f31c30f8f4b02dbb6bd69a626888d6c885650cd2 + pristine_git_object: 5077afb6cbf093c2502977e65c075dc3adb86904 docs/models/createoutputsystembypackoutputelastic.md: id: 1d321b2e85a0 - last_write_checksum: sha1:e58e8659bdcb5e4b9bdec4e7ae06c9d9f71349fb - pristine_git_object: a89887a4ab529d8022fd3dbcbb95c08421cefef0 + last_write_checksum: sha1:3d6952c9996d378cfc0448d0e11a45788db363a7 + pristine_git_object: 4d5f97a5ac115260dd74c777ca45825903c6170d docs/models/createoutputsystembypackoutputelasticcloud.md: id: cc0786134511 - last_write_checksum: sha1:e960765655f8bc5b60ed3816e819c059cd0afa9f - pristine_git_object: b9a841f889e8db97c56773af31458afd09189dd4 + last_write_checksum: sha1:2f2bb0b159d0a35ae644cca31590022436ae90cc + pristine_git_object: cc50614ad18dcf81d25066b8c24b14a1d447ba54 docs/models/createoutputsystembypackoutputexabeam.md: id: 616f76116ce9 last_write_checksum: sha1:02c18c6c2b4df910c5b691346c72ca0f74109289 @@ -4076,28 +4124,32 @@ trackedFiles: pristine_git_object: 97a6dc8744397a578b8db1a1bb4a6a7d39e8e1a1 docs/models/createoutputsystembypackoutputgooglechronicle.md: id: 3b1759fd2a95 - last_write_checksum: sha1:5344ebb92261a2af4103d8f4ee895143337e1a4e - pristine_git_object: f06b07c9d5612ca063a05c9e419a01004bd5f47c + last_write_checksum: sha1:8c85ae6a07084555404b4509804497e13f0e7ab0 + pristine_git_object: 4116dbc872de39f8dedd57a8243ccb43d9845601 docs/models/createoutputsystembypackoutputgooglecloudlogging.md: id: 4eb049a15bf0 - last_write_checksum: sha1:95510279ab70d29926fe005bb3540495eeabced8 - pristine_git_object: 72a28572e9a4595a7816130d2f2e6efe066e44b7 + last_write_checksum: sha1:911daa31efa22eadc778bb669983bdd83afdd05a + pristine_git_object: 7c56eaa731c938bb29b2ffa39990ca37a9c10482 + docs/models/createoutputsystembypackoutputgooglecloudobservability.md: + id: f01929a7e336 + last_write_checksum: sha1:fe5ab1b4d1321fcc27faac92499fd5ca0dfbce2b + pristine_git_object: f6caff8c1508e0f4c0a152e318a0b5d8d16b5911 docs/models/createoutputsystembypackoutputgooglecloudstorage.md: id: 3ddc059b3754 last_write_checksum: sha1:679cd9ce066e595fd45e909f8da84fa17627778b pristine_git_object: 449045b4d4c1486105c78eda35cfb625578c6c91 docs/models/createoutputsystembypackoutputgooglepubsub.md: id: 0bc0a2bdc467 - last_write_checksum: sha1:d163e9194dec7818a4a656438e5e155161d13464 - pristine_git_object: 282dcd711cd9d5dae42547eebdd63a8c200e77ab + last_write_checksum: sha1:dfca1da4b23c101652785c342597f13650691ccc + pristine_git_object: b7b6658833d9ef90e6c536136e61776313cce270 docs/models/createoutputsystembypackoutputgrafanacloudgrafanacloud1.md: id: 87e775a42b71 - last_write_checksum: sha1:c0ef3805245c00bb36e454d4aa9d533c1085ed95 - pristine_git_object: 64732f5ac59814462f01a21d1275d7ab7968857b + last_write_checksum: sha1:be51ea54a75186474d019b555b52b2c64a15f288 + pristine_git_object: fa172d4995929bab1b0f5d21327adcd87d05b079 docs/models/createoutputsystembypackoutputgrafanacloudgrafanacloud2.md: id: a81dba301b04 - last_write_checksum: sha1:87fa99fd24f2d04623974ccb69a5e8ab2d151686 - pristine_git_object: 31efc110c09d9e2ddcbf689bdad5838a9a62d308 + last_write_checksum: sha1:ab2135fbe18592ea43beb4b10dc4d20e3c2ccc54 + pristine_git_object: 5f69685c65877865bcf6c72908c9fe5b8396cc03 docs/models/createoutputsystembypackoutputgrafanacloudpqcontrols1.md: id: 498fa9fbf0af last_write_checksum: sha1:5a713511b4f96ddd167ac2ddb9a3f53ad642ce63 @@ -4120,72 +4172,72 @@ trackedFiles: pristine_git_object: 03e5a737281079461b35783a0229c49133e94354 docs/models/createoutputsystembypackoutputgraphite.md: id: 68d5dba86f95 - last_write_checksum: sha1:8f274d03d986bf74f7a1dc64b4cc1e9b1882e4db - pristine_git_object: 95b2ae4bd5f33a9370a6e4fd0505fd6e670cc823 + last_write_checksum: sha1:2d4111d52a6216dc1ac848ff8a0faab7a2c2456b + pristine_git_object: 28110a0dd08bede2bfb17062c79442beb8873384 docs/models/createoutputsystembypackoutputhoneycomb.md: id: af32d650446b - last_write_checksum: sha1:0c955e9e665830f01964a16dab3922252f165328 - pristine_git_object: e783cee36582066ed3d821bda54e10ffb7e5087a + last_write_checksum: sha1:2c281c49418747f198a90b92a4c3b04e567d3fd7 + pristine_git_object: 4b54b05d1168b1a7397b850edf30e032e4930f5f docs/models/createoutputsystembypackoutputhumiohec.md: id: f6c19204a8c7 - last_write_checksum: sha1:efb49cfb3ee6fe012602d41b1f4f540a82786dfd - pristine_git_object: 7129f30d086401aec863400db491a12b7cfb9a21 + last_write_checksum: sha1:fb52b14124c851c5373f4cc6ec14a37fca6187f1 + pristine_git_object: 00b1a7ba9a4652736d48866b0d590d36ad6eac9f docs/models/createoutputsystembypackoutputinfluxdb.md: id: 24f0569a1c79 - last_write_checksum: sha1:38db9abf7b79930457d3af2737b9b92f07516f0f - pristine_git_object: 9f7d7d7256428d18ab60083b4f5e94e4b32c58de + last_write_checksum: sha1:43e0425c0b9076599b362a4abc88002d2caad122 + pristine_git_object: a261e2b2fc1ebe8dbf0e2a6599a979f7589ced26 docs/models/createoutputsystembypackoutputkafka.md: id: 1d37c5529efe - last_write_checksum: sha1:0e8b69551e56ac0907f7491294b2821d55d5446f - pristine_git_object: bd5408c8dcfde1fa5a3df3bca5396e1c8126a7a7 + last_write_checksum: sha1:1b14294510d6605f3807a017a091e8c0d56cb355 + pristine_git_object: 366ed0fcb37cd052d88930a4ff6dfc76e9567073 docs/models/createoutputsystembypackoutputkinesis.md: id: 99b90d324a17 - last_write_checksum: sha1:cb2469a2b3693e4175852959ed0c3ebdde424dbd - pristine_git_object: 8e3d19499f2b16539474f30e532e3da2b83afe6b + last_write_checksum: sha1:381db56f009bd9b724b19e9b524a2a0bee77d05a + pristine_git_object: ccfa27883381cdd1cbb0408cc15d3ba93f1ff874 docs/models/createoutputsystembypackoutputlocalsearchstorage.md: id: c40998fece59 - last_write_checksum: sha1:eaa18a0faddd7a56afc7f8df96ea9c2a517a1ad3 - pristine_git_object: fd58d20443ad31aae8aa69b7e9cb2c1aca6015b2 + last_write_checksum: sha1:70037a617d1f79fecf51a72e1ae136ed222a1511 + pristine_git_object: 37f86efc3eab2b7385f1c5341be425989802e160 docs/models/createoutputsystembypackoutputloki.md: id: cdaac23f4b4e - last_write_checksum: sha1:9b4565aec428f4975cd56c7460dbc7fd57271db0 - pristine_git_object: 6054daed285c4a044538ee3bb73d45f0ed0156a8 + last_write_checksum: sha1:8ac32aef0f8e101daa76b72e8c12369bf256f068 + pristine_git_object: 2637270c956a3ef06f9a662c3db9e75c2d28e338 docs/models/createoutputsystembypackoutputmicrosoftfabric.md: id: 931e783f38f3 - last_write_checksum: sha1:18f0561cea4ab8ab59a351f0049846aa338bcdea - pristine_git_object: 8e86b35fe3179df3b9ab53a18bd6bedd9df13a15 + last_write_checksum: sha1:7a2b98a495caeca59125f7b973f3c6196e9feb16 + pristine_git_object: 7d160fd7f71d65cde75fd4e7421e99d5999971a9 docs/models/createoutputsystembypackoutputminio.md: id: 5afc54eb92ea last_write_checksum: sha1:a658c17fd7a139a4af1fcacbc0180f2458904c9d pristine_git_object: 538063589c55b7d71dcb9c3ed0e0d817586b4e48 docs/models/createoutputsystembypackoutputmsk.md: id: cb925273400f - last_write_checksum: sha1:73a4812a45d170324f7b963aa44c506f14a21d1a - pristine_git_object: 9c75af01271f97f3e56d4f88e614f2104a8a0548 + last_write_checksum: sha1:ffa92ad99ff4695cf32e11ee080bf7045e2899c8 + pristine_git_object: 8730b328188fdd0ad0eab92a4d323f1afa0b3190 docs/models/createoutputsystembypackoutputnetflow.md: id: 89974408571f last_write_checksum: sha1:8d1ce1b25e7592e2cebbb887e612277609d1683a pristine_git_object: 2db45fccda6fdf031f2f5292d8001d0896684fe2 docs/models/createoutputsystembypackoutputnewrelic.md: id: 12e14dd6204e - last_write_checksum: sha1:ff3a2efe4be01cb8d6fc64803bac4e45e537b0cc - pristine_git_object: b6ab4d78c1fcd0d6572d7c1811734beeaa3bc75a + last_write_checksum: sha1:6a7a0d9b0eaa92a98ec7ef89355457305b9332c0 + pristine_git_object: 721bb6b19bf8e4249ab8029867a48cc6356f54dc docs/models/createoutputsystembypackoutputnewrelicevents.md: id: 5d1a3c690da6 - last_write_checksum: sha1:8319adf19fb6792cd61fff3005cd742680532c35 - pristine_git_object: 3d39461ba0044caf6f6a730b7fc2d68d41684327 + last_write_checksum: sha1:1d7f9db64095df4a3172a84b98e39e885a25f3c5 + pristine_git_object: 6bd56b6e0dbf3777c15ddf73ad4cdcb4243c4882 docs/models/createoutputsystembypackoutputnutanixobjects.md: id: 6f41a9eb0bff last_write_checksum: sha1:096ddb11379ff41f894c54134eb2c7e6114def79 pristine_git_object: dc794e3bfd3886044f492efaf360a57862de8197 docs/models/createoutputsystembypackoutputopentelemetry.md: id: 25144e5e512c - last_write_checksum: sha1:9082c6778f39fa83ab1cdcf001b15ab6f3c1d576 - pristine_git_object: d308b2ce63dde7ca2d5852b2def800e83315814e + last_write_checksum: sha1:af0fdc7febd0df3d9771fbcc1bf0a4b42e959d8f + pristine_git_object: c3a24ca543fe2586563daa3bc8cd13300b309742 docs/models/createoutputsystembypackoutputprometheus.md: id: 5d117a169e15 - last_write_checksum: sha1:b702f926cddb0af0be2629924f61963d41651339 - pristine_git_object: 8286b6189c5a9b8ea9f19eb7d998b71b260f8633 + last_write_checksum: sha1:5fcd71897d4b520340a32e1a9d27c90726829cdb + pristine_git_object: 9d0f750baa382f55229e472801c1b4f1e2006d39 docs/models/createoutputsystembypackoutputring.md: id: 491548a6b737 last_write_checksum: sha1:bcf1007f6fe41e5225cf582746de7016a052a30c @@ -4208,72 +4260,72 @@ trackedFiles: pristine_git_object: 743b8e1c1632a5249f961bdf1edb24a4c15e6910 docs/models/createoutputsystembypackoutputsentinel.md: id: a08f85f2e3c4 - last_write_checksum: sha1:6564c56009065ba3a9fc7cbe0694324b19389da6 - pristine_git_object: 7bb359003172d1c351f47af3a571e40542afd068 + last_write_checksum: sha1:736ef693c6f686e8fbb746281fab729699efaa8d + pristine_git_object: b469c84e5f0d5fe8e400eea99df5f912393a76ac docs/models/createoutputsystembypackoutputsentineloneaisiem.md: id: 4c9596e87797 - last_write_checksum: sha1:4927c1c2695f36da03c34c18892eeacb1b550efa - pristine_git_object: 843f69f27177da5e62cfaf0847916b763e0818da + last_write_checksum: sha1:92ffce2c64251a7499c6d19d8f566a9809d93e92 + pristine_git_object: 974c1a286bc65842f05386f81369002749e2a1df docs/models/createoutputsystembypackoutputservicenow.md: id: f961d7314e00 - last_write_checksum: sha1:6b213e4a253095107b83443f0e1ad88e2b4c48ad - pristine_git_object: 3e64edf23cf7fd5a9561ad9dcd680b6fd5231446 + last_write_checksum: sha1:7babfc9dbda90d024cdb7ac570a3b3f6fd381d55 + pristine_git_object: 0df3a136366e7aa416cf44a1c754195c7bc121f0 docs/models/createoutputsystembypackoutputsignalfx.md: id: 3b7b626521e5 - last_write_checksum: sha1:515c608cecc706220053f3d87d69066752434f3f - pristine_git_object: a207f0c89e94ed2e381690229db5bba19c827793 + last_write_checksum: sha1:c17f3859985a173c992307e86a2cc0f2fd5e32c2 + pristine_git_object: 30aebec239158fbd59d8b7a4c014b3a9246e5b59 docs/models/createoutputsystembypackoutputsnmp.md: id: b4d8d057bd06 last_write_checksum: sha1:786e581d30d1f3ada5d032741f45432d0573cecd pristine_git_object: 0a5b32307114d6957cebb8500bb46c640f044e85 docs/models/createoutputsystembypackoutputsns.md: id: 3369d5aa6262 - last_write_checksum: sha1:ad7ed13d507b6473cba478c6a5c9cf313e9abbfa - pristine_git_object: 4b5ed88be8dcd8b1d151d3eb50324495ccd674cd + last_write_checksum: sha1:d628e35352ff0f090ec802b7bb04843cd48aa353 + pristine_git_object: 5d6d4bb738b2f5dc25789f1ae28b0984fa532e34 docs/models/createoutputsystembypackoutputsplunk.md: id: d54b83e64b60 - last_write_checksum: sha1:a36d3ee0e6dffd266b075d73f3f34ffc6410027a - pristine_git_object: 5235e0b86708e23942c605f8f2b0dd30fde9eb06 + last_write_checksum: sha1:49b1ca9d30069f19b41a7269a8d72560dd862970 + pristine_git_object: bb263be6618d4041f5f5976f5b6205a316ec9da9 docs/models/createoutputsystembypackoutputsplunkhec.md: id: a0cb2a7b8f84 - last_write_checksum: sha1:637c1749ed229a5242da34da16e442cead2facc6 - pristine_git_object: 2b64639ea6f0d9d2bb059221f671365a6460fc56 + last_write_checksum: sha1:15e58c28e378f324bc7c521e41cc780661d76759 + pristine_git_object: a8ee0853ff6f35fb13c2e0d34737986073a08e9b docs/models/createoutputsystembypackoutputsplunklb.md: id: 77173ec266d5 - last_write_checksum: sha1:77046dd30847c11a0b52b297401a3883fceff56f - pristine_git_object: fffedd624cbe3b38121fb5cde03ee38071c8c6e6 + last_write_checksum: sha1:4e3884a1cd564c2a6f280a2d4fb4f7bd125f6236 + pristine_git_object: 1ad5904b23335ffca093d47d4972dbeae8291c37 docs/models/createoutputsystembypackoutputsqs.md: id: 8eb2d29a4012 - last_write_checksum: sha1:00ee847796324104bd952d7a2fa11dd2fa61eca7 - pristine_git_object: 006eabf13be31493e6772bfb6c290a63a27db988 + last_write_checksum: sha1:fbac6f3d24da04787e18e02b436b1859532cd288 + pristine_git_object: a8e9401c6999f272586af4ea0c2170a49d38ffda docs/models/createoutputsystembypackoutputstatsd.md: id: d7d545eebb49 - last_write_checksum: sha1:b4c650c32619109205597617ce8fa4610faa3580 - pristine_git_object: 41f017a9ef12f471a191fdc0b7bf651e9935a69e + last_write_checksum: sha1:3b54253f645441857cf3d8eb416c66a13d44b03e + pristine_git_object: 4301718614137f602a088a4c9030bd987747c9fe docs/models/createoutputsystembypackoutputstatsdext.md: id: 0114d7da49f3 - last_write_checksum: sha1:a6234457eaedb134ddffafabacd3babe936c85b0 - pristine_git_object: 7a1f9e90f2b345414fcb3d98e4f578e15a5eb919 + last_write_checksum: sha1:54ded879437ee0fb9bdef0f9251b809aec73e910 + pristine_git_object: e9b21132a7fb60a932a0e6094e52b27942fe2ed2 docs/models/createoutputsystembypackoutputstorjs3.md: id: cd3506a9316f last_write_checksum: sha1:ab07f0f54c3e761373da2386db7a866a46356f52 pristine_git_object: 4ed770875d310e93d16843ce87dd57a202e35825 docs/models/createoutputsystembypackoutputsumologic.md: id: 5a37a19516ac - last_write_checksum: sha1:bb6b845665ecbfc0df7293e751bda05e2d7781ca - pristine_git_object: b5123ae1d76c0a3911eff687044e48c2820f14fc + last_write_checksum: sha1:1cf26887ff604ba3e37e9d070f9a77860c957489 + pristine_git_object: 0fe8c42257a0017920ba8e1aa3a4f5f565223794 docs/models/createoutputsystembypackoutputsyslog.md: id: 229b28effba9 - last_write_checksum: sha1:78f0f46da3597d261d39c41605f1420d58bd6d5d - pristine_git_object: 89426eaf5cb4c236ceca5422ed614b91ef1d35bf + last_write_checksum: sha1:44d3350c25a761456513e35b74612e38621f68bf + pristine_git_object: 2f3ab66e2b4a049029d34b44e26cfe7a1391cef3 docs/models/createoutputsystembypackoutputtcpjson.md: id: e9ca32c2f1ca - last_write_checksum: sha1:7d8f4c72486a5643c83f424c525605f30733dbf2 - pristine_git_object: 1245de5a3e8e17a73d96226ddcd66b6812183ed1 + last_write_checksum: sha1:203bc3b0d7d87be0dbed8142b9dcb9b93213fdcd + pristine_git_object: 2f27fb79c4c1328dae62f7a2394ba4ef97d1eecd docs/models/createoutputsystembypackoutputwavefront.md: id: f9540f7165de - last_write_checksum: sha1:2f32fd4a3f904e61b19642e07fecc69f983faba7 - pristine_git_object: b9c04b440580a5b8d0d4decefa77f1a9d0597c8c + last_write_checksum: sha1:2b98d83428fd8e7946859f8e6d1fb46cbc52b4de + pristine_git_object: 51bdc2e56a4324f9ec2438bd50ae267ce23167cc docs/models/createoutputsystembypackoutputwebhookauthenticationtype1.md: id: 7d7b35a99c9b last_write_checksum: sha1:8846e8fca8d7326c463ffb34e326dbdb35092e59 @@ -4320,20 +4372,20 @@ trackedFiles: pristine_git_object: c9247de75232a11484798aac674507ad47661762 docs/models/createoutputsystembypackoutputwebhookwebhook1.md: id: 86752cf7a24a - last_write_checksum: sha1:7c065374b9845aa1a4d8da358724d145433d3b60 - pristine_git_object: a0ccebb9c7e4397f8af7bcdcb30a7bf682b7d5e0 + last_write_checksum: sha1:55a01ac3eb267a38c5e4902b6d7cc074b2291e0c + pristine_git_object: 3b4878caa1f0bb2d0b8c073ad11d88a5cda5a37d docs/models/createoutputsystembypackoutputwebhookwebhook2.md: id: 276f496a4b1f - last_write_checksum: sha1:f7dc9c3ce6405044699bd231fdd2ebcd332a708c - pristine_git_object: dcb9878fe6ffdaf48bd293671ca216e5382e4c2a + last_write_checksum: sha1:d25961d9354989834c6197f1e15494e7ec039fca + pristine_git_object: 44e6558de708fffffc6e90c3e2d6c663b74faae0 docs/models/createoutputsystembypackoutputwizhec.md: id: ba84fe43fb9c - last_write_checksum: sha1:2d3c4465c3b2f08dd8f5786b404ffb5559c80bc3 - pristine_git_object: 3a6d298176627cd4dca5464e517c4bd3f8952e58 + last_write_checksum: sha1:e794d23624904d8407ad723ea49e0efd5ec1bd68 + pristine_git_object: 5022c4a4507be777a8d787cb830befe05722c1cb docs/models/createoutputsystembypackoutputxsiam.md: id: 5b42408300c9 - last_write_checksum: sha1:f0c9076cbf07863e703b558cf8c82c33ddf287ea - pristine_git_object: bc2b8a3c2e6b390611a08e8bf35683d7ae5d3535 + last_write_checksum: sha1:c51c8de5af8f4498d4bb9d71b0bb6ad4ab52c146 + pristine_git_object: 83f18abc1598c9f8c01effffe709aa9987419883 docs/models/createoutputsystembypackpayloadformat.md: id: 4ac5a100eca8 last_write_checksum: sha1:a510053bd0ae018c28076eb8a58a124c01ce2098 @@ -4414,6 +4466,10 @@ trackedFiles: id: 6311c9eb4868 last_write_checksum: sha1:0e40827d22a4657fef6242e14273522d39f0ab28 pristine_git_object: 64652305a4fb5d55b8a5fe84f2b0e33c1fd6355a + docs/models/createoutputsystembypackpqcontrolsgooglecloudobservability.md: + id: a9d608ae11a8 + last_write_checksum: sha1:70f09646b9292826b8f0dc85d0ba56def0d70170 + pristine_git_object: 4ece09945f16ef231817803a88090cb1c4059014 docs/models/createoutputsystembypackpqcontrolsgooglepubsub.md: id: ce1cbd44ff87 last_write_checksum: sha1:312f0dcd8a4839e660688151bfa67383fb79c57a @@ -4550,6 +4606,10 @@ trackedFiles: id: 9062c4c65d89 last_write_checksum: sha1:73808e7e1d81f7bc47b75f6560da4bff3894d434 pristine_git_object: 38d60835c21990c99e792bc8b1984aecdb2f1e3f + docs/models/createoutputsystembypackprotocolgooglecloudobservability.md: + id: 6a3fff75fc35 + last_write_checksum: sha1:c07373ec164e2a3ad895f2bc31b497cab2f1817e + pristine_git_object: d940a2cbd9a94c4fe25766f267cbd8426c80e25a docs/models/createoutputsystembypackprotocolsyslog.md: id: "606742093202" last_write_checksum: sha1:4637a1bba505804658c5f61c5c3ee7e2273afdfc @@ -4576,8 +4636,8 @@ trackedFiles: pristine_git_object: c67c8c203d286b144fd7dd776572f3fa590a0a72 docs/models/createoutputsystembypackrequestbody.md: id: 6f00d97e8463 - last_write_checksum: sha1:efdd8b2cfba60bf28d1b220d9e1df64e8cebe979 - pristine_git_object: 4adf275b817c3220c63f6545b86d86adfb619575 + last_write_checksum: sha1:dd42b042e59d25342426ac78b3645fe171025333 + pristine_git_object: 6160c6d99a3923129e734c59503ebfa8e6c9c8e4 docs/models/createoutputsystembypackrule.md: id: 65f7652d3951 last_write_checksum: sha1:86c90276b68a058ec5bdf5daab770b6dc42d2157 @@ -4604,8 +4664,8 @@ trackedFiles: pristine_git_object: d3e953d0dca5e918a312b6d980aa592450394746 docs/models/createoutputsystembypackstatsdestination.md: id: 54c843147418 - last_write_checksum: sha1:0c04d279998c63835935cba4d83f01b2266ceae4 - pristine_git_object: c8b05907edea847718eddd5ce41eadb9b00556b0 + last_write_checksum: sha1:d1d90280dcc305bda1a534ed06afb165c41c4986 + pristine_git_object: 608845afebe05eb3b9d17b4ebb4343ec2c4869ee docs/models/createoutputsystembypacktelemetrytype.md: id: 9da761fe19e8 last_write_checksum: sha1:79112b589d3213704067f1a1ceee800bba689358 @@ -4750,6 +4810,10 @@ trackedFiles: id: b58215a486e1 last_write_checksum: sha1:42abd46b4fdf4929296b6db446458b1e3b464b1d pristine_git_object: 9ae5a255e0ba43aae65d38b0957505c22e22d8f6 + docs/models/createoutputsystembypacktypegooglecloudobservability.md: + id: 09325a8a045b + last_write_checksum: sha1:c32e9281a5aa289c5a1858e25954e6ffef3faf36 + pristine_git_object: c78590a9407d4f56cd25edc780cb77b06debcd08 docs/models/createoutputsystembypacktypegooglecloudstorage.md: id: 9eb6bf7e1446 last_write_checksum: sha1:7fb7c81f13fd55033786d70d2ef04346c09a2593 @@ -5094,6 +5158,10 @@ trackedFiles: id: cb59abddd6e4 last_write_checksum: sha1:6126aaf9dbdf6342690c5dee7a3f0c0b9f6e3620 pristine_git_object: 0524368349ba8fc802bf82192c47974111ad0e96 + docs/models/createoutputtypegooglecloudobservability.md: + id: 83aa27f60c43 + last_write_checksum: sha1:fcd0394c632d925529102efc189c7e8ac3a7350b + pristine_git_object: 309f31b31917d7d41acec7a31eb4e0cba22b3f7a docs/models/createoutputtypegooglecloudstorage.md: id: d6d9c5687645 last_write_checksum: sha1:c21fa598262b5890e4f9ab266be15c54948d0291 @@ -5304,12 +5372,12 @@ trackedFiles: pristine_git_object: 8e26b1deb830fd24d451eb6311f9f9d77c085fe2 docs/models/cribllakedataset.md: id: 217bd4fe0ce9 - last_write_checksum: sha1:fd85cfc6c657ffe27c333f404dad1578b96e0959 - pristine_git_object: e2d3229d51ac22ced99d0e7d7856b567cbe715a1 + last_write_checksum: sha1:9f08e4c364e528c624c283bf38462f8a0080dfb8 + pristine_git_object: 14c480c4627b0d141ee604dc508d33b5d9cb54a5 docs/models/cribllakedatasetupdate.md: id: 7da2b930e08d - last_write_checksum: sha1:b850e9392e4be1065da00480ccb1b8076ef8c0a3 - pristine_git_object: d80fb3db4aae5e9e6f845c8f831b3d49569b90be + last_write_checksum: sha1:b6b2c5070bcb75129e66b6b37bab8eaa96333a87 + pristine_git_object: 2d2611c065a4291de0ca9378f25e455becd9d5ae docs/models/currentbranchresult.md: id: c6cfe9ac027f last_write_checksum: sha1:b49aff7f36eeb2a7117b0798bf5429b53473e4bc @@ -5352,8 +5420,8 @@ trackedFiles: pristine_git_object: 77cf7ef3bd02b0469ad3274347367a9752b3b317 docs/models/datasetmetadata.md: id: f45fd0484986 - last_write_checksum: sha1:899023b8d8ca46b8a25569421c9b9feb579ce482 - pristine_git_object: a6d1e2c4dacc88b56b940fea9f0abb56c0191375 + last_write_checksum: sha1:505e167085f63fdbc352803bb5c9b4bae8c9352e + pristine_git_object: dfc1f25e914e19ff8cdc2d5f913a542f6f7641f1 docs/models/datasetmetadataruninfo.md: id: 41a1380eccc2 last_write_checksum: sha1:ca1c93c90d8edbbb08d391457856f3010a517938 @@ -5440,8 +5508,8 @@ trackedFiles: pristine_git_object: e33073f4b3d6d9598c6f776dea19496d252a566a docs/models/destinationtype.md: id: 27183f23a494 - last_write_checksum: sha1:86d7a313676365e0372838dceca33869f269f201 - pristine_git_object: 47860aaee50e17b556d12dfbddf4beb39c0baade + last_write_checksum: sha1:7e8fa3009b9cb3d9e7b0a9626e57b09cf8c3dffd + pristine_git_object: 8a7c029b3c0ec9a4f31bd116a97d479b626a44a6 docs/models/difffiles.md: id: 9247d1e22176 last_write_checksum: sha1:9a10261582991ad60f34cefd938885cb48c372ef @@ -5664,8 +5732,8 @@ trackedFiles: pristine_git_object: a44bbebedc53cf6033c52a6a7d11f142f666cbea docs/models/formatoptionscribllakedataset.md: id: 72450ba93fda - last_write_checksum: sha1:45c0e8f433abf2b7996bf162dea29b72889802dc - pristine_git_object: 9bd1e9908d2faba47d5e1396eaee54d01a623bd2 + last_write_checksum: sha1:c182489d5aef915bf38a58d8ff67869bc4b431c0 + pristine_git_object: 12f41b4e337b7fb5aa883a097f7bd19665969c85 docs/models/fullrulesetieforusewithlivedatacapturewhichusesdraftunsavedrulesets.md: id: b330d6fc9745 last_write_checksum: sha1:20c46a8d7d1eecb6d68d32a08b93ce30e00b27bc @@ -6400,16 +6468,24 @@ trackedFiles: pristine_git_object: df9d5d5a19c35b9b9b73e6c97fc969e9a8848681 docs/models/getcribllakedatasetbylakeidandidrequest.md: id: e1b26c8ed9fa - last_write_checksum: sha1:ff7f73d0436e4e36e3017fab0fc244ccda111276 - pristine_git_object: 79207f0af481471aad80ff62559adb4f3f4938dd + last_write_checksum: sha1:52f40a085c80af86999539fd00637f8c3aab759d + pristine_git_object: 4047a6363811e8b54e611052b3afaf9847205eeb + docs/models/getcribllakedatasetbylakeidformat.md: + id: 27acd662e2a2 + last_write_checksum: sha1:3b91eb929e49361711d9c603f7712bc515109766 + pristine_git_object: b044ab51b41179b94d41819362d23b77f6fcdef8 docs/models/getcribllakedatasetbylakeidrequest.md: id: ee28c307ffd4 - last_write_checksum: sha1:da4fdb4c2c88c28c184aece55539c429f0ec9f78 - pristine_git_object: e03ed488b833b796b0041d2268c36f8c3f4c28a8 + last_write_checksum: sha1:74d14d16ab33ef35d2d348b057b244df21fd13a7 + pristine_git_object: 2674648d94b3501cfbddb492e699f1a5170f67fc docs/models/getdatabaseconnectionconfigbyidrequest.md: id: 86c7f91d6e3a last_write_checksum: sha1:82e66665fd77d3c55fc49f24dec4982195f650c1 pristine_git_object: 3b0af776a65600d948e1b963343d372e73f931d1 + docs/models/getdatabaseconnectionconfigrequest.md: + id: d74c2b7952ce + last_write_checksum: sha1:377d94ec3e50cc91a4cf59b12f3c5d59bc7f7add + pristine_git_object: 702102eb00fad2764c4b3c3cce2ea06a08319f69 docs/models/getfunctionsbyidrequest.md: id: 94c36486739d last_write_checksum: sha1:3af61124effd7f3c4290e5ca414a9443894b123a @@ -6568,8 +6644,8 @@ trackedFiles: pristine_git_object: c52dbd3aa9af29a84bcb0f2245c4b4db6a7d8106 docs/models/getsavedjobrequest.md: id: 89a35447c626 - last_write_checksum: sha1:28f0a1bf7767e537ace8e3b7022e956521d452a9 - pristine_git_object: fe50e348d45893ae12aa2ec1b932f909751524c8 + last_write_checksum: sha1:f1652d490d1012abc556e3e14478797f2e59248b + pristine_git_object: 1ef533464f71ce6bd1a966f72a844c09b410e9e0 docs/models/getversioncountrequest.md: id: 175cd7888f05 last_write_checksum: sha1:32a2b08b62601870f42ce1e4fa604a2f1c42361f @@ -6696,12 +6772,12 @@ trackedFiles: pristine_git_object: 8edcd507a7ae65dfa957af24282a623714dc0315 docs/models/groupcreaterequest.md: id: eabe8de251b6 - last_write_checksum: sha1:b1cc01af92686a26dfe58dc8e77df9ebbbe162cd - pristine_git_object: 194d394c857a7042cebb921a650fb2cc4a255306 + last_write_checksum: sha1:e122bc7152a5bbedcd46d1fa7b55025ac97f799b + pristine_git_object: 67b11bf4d2d4588637a2bb5f4782096e7afb890c docs/models/hbcriblinfo.md: id: 4d3afe069b86 - last_write_checksum: sha1:a629868404bee1962d638e27d9eb74dd23cd78a9 - pristine_git_object: 683b28953baa814e6d4c50fc9e406eccfd85f259 + last_write_checksum: sha1:38b10c437ecb85d5b6598fdff467f5ec72db9383 + pristine_git_object: 63fc86921a40169575b365e7da5b23dcea2edbcd docs/models/hbleaderinfo.md: id: 7df1b8f9318d last_write_checksum: sha1:44f74ef2a0b745f54a45d425fcd72a6f494c81d2 @@ -6716,8 +6792,8 @@ trackedFiles: pristine_git_object: d264646fa167d0bd697142c7a48f247b23486f47 docs/models/healthcheckauthenticationbasic.md: id: 399fe533d668 - last_write_checksum: sha1:9bbe2b637623c8531e53893fd47abfc79e0e5d59 - pristine_git_object: c8c9edd274e488049b193002921edd80fb9ebc53 + last_write_checksum: sha1:3a80d8a2e05c6eede69008c5eba1c3e1a1876c16 + pristine_git_object: 2ee3f44b2167510611a5480b1ca31f414f4a1a74 docs/models/healthcheckauthenticationbasicauthentication.md: id: 4574ae2b3cbf last_write_checksum: sha1:623a7c880cae5afabd32861bd57e2df5dc23543c @@ -6736,48 +6812,48 @@ trackedFiles: pristine_git_object: 9bab6613db63220570f6032b20ad571071edabfb docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypehttpdiscovermethodget.md: id: 325b97354a73 - last_write_checksum: sha1:d4ff0d667d175a78de575c08bb71008103f610ba - pristine_git_object: 5716695967df233f0e1daf92bac7ee82bf1c507a + last_write_checksum: sha1:6c3de220d0b41c987203eb16199fbfddb39d1833 + pristine_git_object: 20ea174ae8f063c674f9d7de0c91a6523a875164 docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: 65ffffcaf3f6 last_write_checksum: sha1:cef8c16f7e2c359d23ca0958885cda43c02fe735 pristine_git_object: 975783e49b4b46e8da059b671d16bb98e0d8af1f docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md: id: e5cc068711a4 - last_write_checksum: sha1:56e9a7d77be7a9e2fb92eb6c901356f2284fb88d - pristine_git_object: ec3d2ce91e2ed375c41ba3cdc5a872e2f83a2899 + last_write_checksum: sha1:9d6a2fbfef855616760fd6320463377fd1ce25c8 + pristine_git_object: 2fc6f0184295be1d7c38c3522b59ab5afe5469c0 docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: 44dd7b9f2473 last_write_checksum: sha1:46b49b6f5f79c8bedc9e322d8998dfaaa83f5291 pristine_git_object: fbf5e795986cd6fb88ab092aee4a36f8e3f4beac docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: 83040a8da8d3 - last_write_checksum: sha1:7e09dac03cfc5dcc20bdfb5af7f608f7cb89fc5d - pristine_git_object: 9889dc21cd7882a8a9a758a7591f4fdc672de634 + last_write_checksum: sha1:f21749d7acc712459d449879492f8d9426aeb6fa + pristine_git_object: 91b981d2e34bf7211aacac5253405503da924d7d docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: ab6731ef6855 last_write_checksum: sha1:f601e28ebc4f34b703b574ace061d03754ae827b pristine_git_object: 6035d4452a902e0ea3beffee5c4001f8ea3c66b7 docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypejson.md: id: 20e38b8924ee - last_write_checksum: sha1:40e340ddaf398a8857c04d07761c64a0fd8b447b - pristine_git_object: 3e978fba102396940a943f1d2f1c0c7f990225f0 + last_write_checksum: sha1:c9d3dddbefc68cf5b032a8809df9f5461c34b865 + pristine_git_object: be0c59b0cf2348d9f03a65e96e4959de8e83fc2b docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypejsondiscovertype.md: id: 69cf20dcca1f last_write_checksum: sha1:90acc44405e507647aa74a271231a8db2e7e49cd pristine_git_object: 7a524ce8cfd7a0e8debc8d30201a2b92900a4c8c docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypelist.md: id: e9916c27e953 - last_write_checksum: sha1:98f0bed12a13522331caf411db69cd3ecd393ad7 - pristine_git_object: f0cbd069ddd2e93c2060c661597a760062991be2 + last_write_checksum: sha1:88250230d9ab655183921af1e27807884bce97c2 + pristine_git_object: 05a0f44b22ff7220e2c2a43169195d44669f23d4 docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypelistdiscovertype.md: id: 19503d8c0cc7 last_write_checksum: sha1:f3fc8ed67507940ed6ace248a251e5ed3d6b2170 pristine_git_object: 9aafbbb1af3eb63d8cf3d8aaf5ccccc4e2e8ea3a docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypenone.md: id: e7b14ca65e22 - last_write_checksum: sha1:fb3e66494253f64ff6305631f4c0b33072089efe - pristine_git_object: 802bdf66d840527dc15ba5db176b32b66bd94db7 + last_write_checksum: sha1:d0561e024c4fe9ed6fd9611f034848973cbc1359 + pristine_git_object: c784620ed48b3e49bd8c7abc75e2c1fa7e92712e docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypenonediscovertype.md: id: de73b61051a5 last_write_checksum: sha1:1152077a0bbe28259c1885f32516a0de15a47fad @@ -6804,8 +6880,8 @@ trackedFiles: pristine_git_object: d5acdf0ef168175909c853f9d76d29ade6b96c24 docs/models/healthcheckauthenticationbasicsecret.md: id: 7f24fd0347bd - last_write_checksum: sha1:e2750827fc8e00ab7d898edab0d5da77608d25df - pristine_git_object: 95004eae10bdea697c69d5d22cc5fe3e813db185 + last_write_checksum: sha1:4c252b5dbb01fc35eb2fbda0dedfeb0e430f22bb + pristine_git_object: ce7b6ee0b0913e6480e0d6efbb89c8daf7685214 docs/models/healthcheckauthenticationbasicsecretauthentication.md: id: a7580926cf50 last_write_checksum: sha1:30368cf9b74fb6e77edcff1324e750f397c185ce @@ -6824,48 +6900,48 @@ trackedFiles: pristine_git_object: 57ee5760f39633b9ec50fd7ea4bb8da0acb26d61 docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodget.md: id: "215155201904" - last_write_checksum: sha1:04285794e5e76f084fe52a439936435b1a980e75 - pristine_git_object: 4441af6959225559f89215b356fc95c293bbe03c + last_write_checksum: sha1:0eec415d3f59fa80b959d61eb64c3492d1daae64 + pristine_git_object: 9abab5a9a8379b5dceae180764e005b12884be2f docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: f56676bbc1d8 last_write_checksum: sha1:cda22726dd9dbd0e30dbb8dbb438c2d47bb9a8ab pristine_git_object: bb3c521531c624311c320fec759c173a09d57be0 docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md: id: 7f655ce009a0 - last_write_checksum: sha1:1f0f70d8963f580b29e6eea03cf4bd2cb4997c2d - pristine_git_object: 246d3b0d3af3d2eef5da1ad0746e624f3cf79a1e + last_write_checksum: sha1:6ae3c3dbdab257ed6f128606796246ad7b2df931 + pristine_git_object: 658638b9c479041f218ec4f2f843fc16e5b38ee5 docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: 1c04e123d5d3 last_write_checksum: sha1:b00c722d35296659feec8e7869be61febad3d83a pristine_git_object: 428dff1460c1344eeba40c6c8f8b7c5590daa6b9 docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: c5e3e7370d38 - last_write_checksum: sha1:ae7398ab8cae02f8a6276d7389fc656cadc35931 - pristine_git_object: 510325708466a514eef470f9aaf6332297cd8ea1 + last_write_checksum: sha1:9c39f1824184d9a9bd43ad777e4c989a96162f32 + pristine_git_object: 0402c4c229abd3f89e54f4f12f9d0d074a7f6dae docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: 5f1aaaa5bef7 last_write_checksum: sha1:76b87a00adf730453907ef74df5e68a2961948df pristine_git_object: 3dfde961e300f93c4cf4df72183df1751a9666f3 docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypejson.md: id: 6ba05539896f - last_write_checksum: sha1:b399516eafe5117fd2f53079168450f4b8e7c214 - pristine_git_object: 1970cdf66790a689fede6d45d564645041692665 + last_write_checksum: sha1:58725b2cd2978db2c45375c180fad0d718d02301 + pristine_git_object: 7dfcf5511a38dda3ad69df53af3a31003bbd1672 docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypejsondiscovertype.md: id: a99b47a3c00f last_write_checksum: sha1:5b75a404307106c0b4b70d4fc68c4ef9e83d7843 pristine_git_object: 5a6c774c67ab0342f832f8ee06fc17130d4c67fa docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypelist.md: id: d1c7a2976f42 - last_write_checksum: sha1:653bad2952f3414753b2fc10d60e3f7986c3b40e - pristine_git_object: bb0075f303669e64d01a9853c96e81f950cbf602 + last_write_checksum: sha1:4748c98a7affc249e5438f85c0947c222dfc10a2 + pristine_git_object: 10fdba27cd4724d67e33b5b51c3a265c2537fdf3 docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypelistdiscovertype.md: id: 1d5269025381 last_write_checksum: sha1:1c91cda4dc4f3d15c64e10c50f6d5925d84334fe pristine_git_object: a77fe91062fb8e86507d8bfc122ed1956ab11197 docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypenone.md: id: 327f564a00e4 - last_write_checksum: sha1:6146d5d9cc9f906048eb93403250743c5fc148d6 - pristine_git_object: d2b8eee47fd4b97ae372cd4a98c539d68e83a87f + last_write_checksum: sha1:e8fea589ceea1e78279e4a9067874eb365405599 + pristine_git_object: ca48a15155b6cdf6d82e39e1a1d859dc660561f1 docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypenonediscovertype.md: id: bf453d148bb1 last_write_checksum: sha1:3d60665fa8e44d685e9a470824d28004f224967d @@ -6892,8 +6968,8 @@ trackedFiles: pristine_git_object: 5394871d8fba26a769186f2d8a12487e97a74a0e docs/models/healthcheckauthenticationlogin.md: id: 0dc6dabb6bd1 - last_write_checksum: sha1:7e0e3af4bb471ab8957c21a6dd726e4c0c9afa54 - pristine_git_object: 28ab4b9253d7954a25107413c215131d46c64a64 + last_write_checksum: sha1:d0fead259ae4b86c7de5b99b5f0283ce0a97f134 + pristine_git_object: 01f977badac415b2e7eb5c98d36a15f8a67b0009 docs/models/healthcheckauthenticationloginauthentication.md: id: 030009f92cbd last_write_checksum: sha1:53cb0319390990031a7fcd40cb411452e286ae3f @@ -6912,48 +6988,48 @@ trackedFiles: pristine_git_object: 5478eed0dc83f840d3aae75c4acc7d6bdcc27fe0 docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypehttpdiscovermethodget.md: id: d5423e0aebae - last_write_checksum: sha1:d2489aa085302b0194b36f1669124f89e1f6751d - pristine_git_object: b5c3b86b9cc1a6c35d06c0509cebb3aa482d3758 + last_write_checksum: sha1:3eafa2982d32a66e6360bb01c12e507280cc1721 + pristine_git_object: 438414694e2865a5c89db495e91855e60610a276 docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: c76e8a65cac7 last_write_checksum: sha1:bed28121453ae7541dbe00134ab5b12e34b7c964 pristine_git_object: 0fd8b272401910efa58e22db2f135666d9c2ac16 docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md: id: fc8b110bd455 - last_write_checksum: sha1:2c9d801028459ac3e7f0efb8d17d33bcf9f5734a - pristine_git_object: 31db53b10ba2efd545cf5cf6f935b6f2d9558cfb + last_write_checksum: sha1:68f0b3be3a3bab0ee23fc2b419d773d6165488c0 + pristine_git_object: 6d241f644617bdc46d5314c55c9c8db0626facda docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: a4a29bf92bd5 last_write_checksum: sha1:68be5e8c660b8997879fa8d1730947d863ad6f30 pristine_git_object: 092e8e9584925ac9687fcdc222ef83bf7f5eb43c docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: 24b906d4cdbb - last_write_checksum: sha1:dd2e45d509bee4c451e3a4ff198cf3dcacb5e6d8 - pristine_git_object: 28aafd9072ac11ac0fd7c3c45c24b86c6cbfbd71 + last_write_checksum: sha1:95ca9ec0be435320fefeb36de2b924775b5c9833 + pristine_git_object: 14d9d0f5eba332875a329ff89440761e3678d9fb docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: dc3fc11a8261 last_write_checksum: sha1:8c887eb91ecaa8d1442c6a5d663464c0bce55699 pristine_git_object: 78b1136f660f9013ca06e04ace513991f8d21d5e docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypejson.md: id: 4bfdf20c4b28 - last_write_checksum: sha1:846147026d3119b37a652ec264f4629c57785491 - pristine_git_object: 5ac89bb565d1090c943d13252efa8bab5d24668d + last_write_checksum: sha1:807e9db4d1ddae7a44182becd2335ea2e1063f25 + pristine_git_object: ffa06fba4cf3be6f3870f26d3b7f8cf475a04be6 docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypejsondiscovertype.md: id: 54bb953aa7dd last_write_checksum: sha1:401de02372e3dceb590c2e9de29ce37adfc0fd02 pristine_git_object: 4e1916fa5d5fab627ac1c3a35209bbb8c75b8a32 docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypelist.md: id: c37199db9cee - last_write_checksum: sha1:a27ab5ece6b0c3689ee8da2ac0e8a2951d8bdba7 - pristine_git_object: c5c1e90b78c76ec80465423a42dc540446478e83 + last_write_checksum: sha1:04db20b2baf5eca98a2bb278ad1675d4d9541630 + pristine_git_object: f7e641b1ebef232fc22085c567c614181a6c908e docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypelistdiscovertype.md: id: 0cb09b318f4a last_write_checksum: sha1:08dbe68f021ddeedc4ce3b2271657338fab7fbe4 pristine_git_object: 89444f1be265c2f0cd48b1dcf489b17b3d3dc07f docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypenone.md: id: 56bc774321fa - last_write_checksum: sha1:9a22b63842f87755646a9856fb04710bcd1650d3 - pristine_git_object: 31d2361aa6ec794f83c1f68d2403bf0cc1367e12 + last_write_checksum: sha1:e1f0dc86a4629a895b896622dd22be84cbada13f + pristine_git_object: 18c0478d8da1ba27ef7bfde3056c22c789455129 docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypenonediscovertype.md: id: eaf797e5fe18 last_write_checksum: sha1:733140e6e162d0196369ac6ab71f5745a94a865e @@ -6980,8 +7056,8 @@ trackedFiles: pristine_git_object: 0e4e191c3615693889b416d57ee757e93d98ae13 docs/models/healthcheckauthenticationloginsecret.md: id: b4524b0ec9fc - last_write_checksum: sha1:9dd3516b490a08d82db53c10ca6debdc5013e565 - pristine_git_object: e3053e79d7b76436e6b8bcc84411b92196ae01d3 + last_write_checksum: sha1:2188403f869971d8b0fab8d96d04f98d2b05bf23 + pristine_git_object: a42187dcf4a16c113d99e2ec5b1039330d94fe13 docs/models/healthcheckauthenticationloginsecretauthentication.md: id: 78dddbab9797 last_write_checksum: sha1:ec04d1b1e564d33c55c7dd2e6ede70b28d77dfac @@ -7000,48 +7076,48 @@ trackedFiles: pristine_git_object: 08cb0eb4fcc5eb9771bd188d60a44ee988ca40b5 docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodget.md: id: 40bd8e5676c1 - last_write_checksum: sha1:d205f1b9ab6b606b38542688870f51b28e36c6c3 - pristine_git_object: 4e32d69a5b3dce69159d7c387bc7c64737a8e498 + last_write_checksum: sha1:2acbb666371de2cf255bec619113d4f92d5ad011 + pristine_git_object: 9ca376c8437b907759cb8b3aeef86f9d093d650a docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: 755bf02a1863 last_write_checksum: sha1:975574e3134af6383c5aac3c415eb370a292b070 pristine_git_object: d25f6a71fe41419705d590525ec1ebd9d06f1588 docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md: id: 67bf580b8a67 - last_write_checksum: sha1:2ad9307ec1766d59e253bc81f0af8e16d585f65b - pristine_git_object: 04505dfa6125264d2bc80ab3a8e91340dc84fd74 + last_write_checksum: sha1:d241bcc65e01d966f80fe21ace05bfed838488eb + pristine_git_object: 2e341887e70f9da12d82d82b4cfff2f170deecea docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: 1ea898e5d271 last_write_checksum: sha1:b6ff0074849acdf2832e2eb9ffd599aae974bcd6 pristine_git_object: 46d83541bbb234ea95f2961a554c660b7f604932 docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: e6f994afd603 - last_write_checksum: sha1:439aa957f2059790b71340ae2089e3e1c0fe3814 - pristine_git_object: 25bfd88e434de4f70d685f0fdd12bad333aee584 + last_write_checksum: sha1:ab91050f8b05c273b5f226c8446f750ba0206e8d + pristine_git_object: 63cdb6163e1b3e3050d51ee5b5c8efc985ee2639 docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: ff8302f6da2b last_write_checksum: sha1:d7db1c5ff7d521d86cdc37b2f1c4510e36740eeb pristine_git_object: cc7722239ac8e212cd68f55632a5ce5391e28e31 docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypejson.md: id: 2bc0af9146d7 - last_write_checksum: sha1:47694feb39e5873966c2a52957b3544007223a8e - pristine_git_object: b729d8b5a3394841be763ddac85b861c51ed840a + last_write_checksum: sha1:e80045e2e5b43d62c1e01973c2c839737220f023 + pristine_git_object: e91d2c451ed5f1c82652680bdf12624b4d8de0e5 docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypejsondiscovertype.md: id: 48b9f558fd16 last_write_checksum: sha1:eafd0b25c9219ddc1a001e9eb5c716fe4d6278d2 pristine_git_object: 2dfb1458daa709112f43a14b935acc392d9229e0 docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypelist.md: id: 9f05131d5027 - last_write_checksum: sha1:d977190ff7cce3dd00cfefaf7c90426a941cbd57 - pristine_git_object: 25bde0f18886261f5fb23674e90a25ef8c5bd61a + last_write_checksum: sha1:6e0966db8b8184c30bab52319933c50caff4f690 + pristine_git_object: 603a0936bcdc6b261d13d653f59325a558207373 docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypelistdiscovertype.md: id: d38e6edcc96e last_write_checksum: sha1:c5c436acea800ff07def1cbf42035c2465867eba pristine_git_object: c0bf0829e2f576abbabe6290bf6ae19a020d8a43 docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypenone.md: id: 9cfa8c4fae3f - last_write_checksum: sha1:6bab985768672243f9e55396604afb8c4d7ec636 - pristine_git_object: e2cdc7f21e1c0ce3c190e228cb63f9c1982d496e + last_write_checksum: sha1:1647ff8f1966aff9bd88f5791732d2d928ad4c7d + pristine_git_object: 1b41689efa35a9b91cee4bbaa2285ff550c08614 docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypenonediscovertype.md: id: cd4cec9f4f2b last_write_checksum: sha1:65a2b9a8c68ca5e751a721ca113d74b1f0c8110b @@ -7068,8 +7144,8 @@ trackedFiles: pristine_git_object: c2fe33e8b3cbe6054c6d29880461a48620bb9213 docs/models/healthcheckauthenticationnone.md: id: 4088fca5ea5b - last_write_checksum: sha1:494d2bff2338007147b92c2caeed8218043100cd - pristine_git_object: 245f9f7ef7909e96f9d415501ee624f4776d5e36 + last_write_checksum: sha1:0d76288d88914c47aac3d8bdf0f2f1913077ec94 + pristine_git_object: 06cf2e1f752bc343c229cc5e03204996325cfe31 docs/models/healthcheckauthenticationnoneauthentication.md: id: bbf4ea39a7f2 last_write_checksum: sha1:560a730047c64c9afca62865925ce88c5d6f3f3f @@ -7088,48 +7164,48 @@ trackedFiles: pristine_git_object: e8f100be8ab48ff3b35c2e4c292719bdf944957e docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypehttpdiscovermethodget.md: id: c0849d9290b6 - last_write_checksum: sha1:9c8110875ef7117b0d094b50b76c32349ca8ff95 - pristine_git_object: d08eef8424762a1d6c44fead55917702006d57fd + last_write_checksum: sha1:ea383d45707644234aa0428b6fc73c1018e71da7 + pristine_git_object: 3ce57be61127091201983611eddbaf4c8a31bfe8 docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: 3878e32f51ca last_write_checksum: sha1:6fbb5733a8028cef440b3c21bcda274ca830bff2 pristine_git_object: 08a40ab0b72f880a37ad7c7e45233727c958f741 docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md: id: 58c85dd302cc - last_write_checksum: sha1:125dc7a2c40322ce7f09978d50389d5fee8db5eb - pristine_git_object: f488943a5035b0cc29c22f6d618f2d7250d6e833 + last_write_checksum: sha1:e87ebaeb260ba65324f918e62f4a98f91ff37327 + pristine_git_object: f29b870ec7066acbab1e45685c2e1acce4e530d4 docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: d80d647356b6 last_write_checksum: sha1:046ae50980ae849da589c410b5597a1157da4272 pristine_git_object: 0699602d0e0ffd1a980dc8b456104894e244eeae docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: 22f8a4954438 - last_write_checksum: sha1:e28cd31aadf38a7b3466a0f0778d3a40438542f5 - pristine_git_object: b8a4b0c99388d05470782b33d4f5d9f34bb6b896 + last_write_checksum: sha1:8ae79d1d10e16ab9328caa0abdfce4d88b97c427 + pristine_git_object: 2fb38d759591ccc78ba12ad1458d579d68f83385 docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: 7208593e2542 last_write_checksum: sha1:e52def6c34c52bec80054fa0be4eaf714f439bfa pristine_git_object: dddc180410c5919a2e089a3230e6efcfa1e2b3c8 docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypejson.md: id: 6d4e30ea3498 - last_write_checksum: sha1:fd081cd0f545e08e4b2895b63907d41a88439c44 - pristine_git_object: 8bc8e549db86592ab87c9eea52ad2525693ed1a4 + last_write_checksum: sha1:de9f77a050243af3b8252ff350bf5d9e771b08fa + pristine_git_object: 8a10316a7854890fe43b2e4057d26bd17dac47d5 docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypejsondiscovertype.md: id: ff8fd71f154d last_write_checksum: sha1:029d5663ba9e4c1ba4d68b5a79615c10b59f1c87 pristine_git_object: 6db6737b30451f4ba65c7d8a3ab2c22ac87f7d35 docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypelist.md: id: fc81e702d358 - last_write_checksum: sha1:0af034668d9ecb589e5ffb0903bff99916e0f5dc - pristine_git_object: 5d5de4cc5610113975a5162ea59e4feaa6954f19 + last_write_checksum: sha1:8bef08a19268f403c18ceb4b61dc3ac7befed8eb + pristine_git_object: 2cdadfb375cb6cda261073749af5ee2b9e510e47 docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypelistdiscovertype.md: id: 2923e4ed8609 last_write_checksum: sha1:6a41b741e6d8dfb8815da654e546e42e0bd96ab3 pristine_git_object: 796520fe46cf6c4e7557c88d5df360ffb437251e docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypenone.md: id: c3e5ffc7eb48 - last_write_checksum: sha1:7ccc62bd270f95b4d30a10eb2b79748b23d36749 - pristine_git_object: 04cb392a080ec57b47eae94dd51661b06cfaed34 + last_write_checksum: sha1:a264f9e2809ebcfdfbd0ac3195cca30a3ad0ff36 + pristine_git_object: 0e61676f5e659fc6a0e6662099eb07935367ef8c docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypenonediscovertype.md: id: 44004dee6672 last_write_checksum: sha1:6eafbef71078ceccd1acc7ed60fe319d2ea3fd93 @@ -7156,8 +7232,8 @@ trackedFiles: pristine_git_object: ac024a332bb939fe01b7e32bd4994cb528923dd7 docs/models/healthcheckauthenticationoauth.md: id: 94982b550fac - last_write_checksum: sha1:f9420fb5a34b50a8b2559cf5cba3e643a60c4734 - pristine_git_object: 09c417fa180d166c9e621204796b45a72b57cbc1 + last_write_checksum: sha1:5b4ba8aae5680f56b3a52dcdf359a0b9f732558f + pristine_git_object: 7e042c6ea89f98996e4ee06875cca5c4067222a1 docs/models/healthcheckauthenticationoauthauthentication.md: id: 5f340ee49149 last_write_checksum: sha1:0bd69bf8e36e763286385cdfc97a1c99eb75d468 @@ -7176,48 +7252,48 @@ trackedFiles: pristine_git_object: c3f199c30c279292050a7cbcceccb0ea4c340f63 docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypehttpdiscovermethodget.md: id: 71614a513707 - last_write_checksum: sha1:4111faea4319c4c0cf2045a083d4d91e24da6718 - pristine_git_object: fe6707ea473673a1d6f9ed98cb1138d0f2f569d8 + last_write_checksum: sha1:a93d60a337e6df4884ba0a44f18152e54c9868b4 + pristine_git_object: 6a1a751d64450afe3fa9689db709b10f64d56934 docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: aebe205a0078 last_write_checksum: sha1:00bc8caa2c3a271d3e4a1aa1837000bf95aa9e2d pristine_git_object: 4ae70ecab23d1b1854119ca2175c061d4d34b619 docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md: id: f9c8a7969a76 - last_write_checksum: sha1:d7d8c9deeafc7be23bc059d13b9e884c92a914e4 - pristine_git_object: 247748554c8cc2880b8e09cb06ee63c2d3a5bea4 + last_write_checksum: sha1:bd7a642baaa180c110ebb0943049c9627c97a431 + pristine_git_object: 293ee1fbd3a8638c3aed686a5de805b2e09b4228 docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: 4f24b3dc3402 last_write_checksum: sha1:02ab5e759d3c7bdc645e5458ef30070048e120cd pristine_git_object: 04c7a697948b2620c208139f2d5ca3bf189c0377 docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: c4dee6c4dadc - last_write_checksum: sha1:4ee3b7c07ca6bb1be645ddfb5b9dbd887bc17b48 - pristine_git_object: d7e38b49fdded0ad1efeeed8ed1831cb42c7122f + last_write_checksum: sha1:f9b3fc2707d2e636fcd9ec9c6513c3fcc8a150db + pristine_git_object: fb80c8250f01d442ec4817b5ef55f4b46267f7b2 docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: 61b13c25d706 last_write_checksum: sha1:3b1929e0cb820440e7ecce5f59be8b48b2b2c001 pristine_git_object: 8da6186b6a850f420d4614bb9804f5443f7248a5 docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypejson.md: id: 8fd7b8d0d34e - last_write_checksum: sha1:72f95b2f418b8c31ecae4961c33ae10187178487 - pristine_git_object: d0fc621deac2eefe6a5ae8321afda3da03016746 + last_write_checksum: sha1:795001d18a6d6bf01af6ff9c01a8e70b6f56d453 + pristine_git_object: e7baee27ab7bfdc1f7d5bfe8d3ec0387d5e80103 docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypejsondiscovertype.md: id: f793f7ffa4e6 last_write_checksum: sha1:09fcb8951dc15442ea21dd83b6de6cc35ee5b403 pristine_git_object: a812dfe54e2cfc5abdbde7762bebea842a083234 docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypelist.md: id: 72df9e0808fb - last_write_checksum: sha1:baaa302bdc14e1dfcc3f76900588cad75a4580db - pristine_git_object: 93f23b7fa1bd20881d42b7707518b4700215efd7 + last_write_checksum: sha1:217800e38c99432bc666c32eeefe25ea8f7df672 + pristine_git_object: e755afb7bcb21146f9b56611e9c9be88ed7adbdb docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypelistdiscovertype.md: id: 51f8a9f2298d last_write_checksum: sha1:ad3944ae121ee48ceae68184d213aaea93ac334d pristine_git_object: 0c180bfa78858b352068d20b69a489ecb7351f20 docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypenone.md: id: 707df14d77bc - last_write_checksum: sha1:7304c8a2a5f7b9a47dbfa5958dcd724fb1ad24cd - pristine_git_object: 915fbeb60da7b0e4807c98427ecfda7d74e752ec + last_write_checksum: sha1:54236e3a6f03fb8c621ff1b1fa02c8631b47e6a3 + pristine_git_object: e43caa2d8f55937eedb512c495a4f3ca645a5620 docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypenonediscovertype.md: id: 05a31be3923b last_write_checksum: sha1:4152b588b5e067f07e795660ddf95072c25f1b72 @@ -7244,8 +7320,8 @@ trackedFiles: pristine_git_object: 6e2f2535dd302a635aa0641745c05789920e2210 docs/models/healthcheckauthenticationoauthsecret.md: id: ad71998be901 - last_write_checksum: sha1:5eaee39256bb069a12a3ab4b82183de21c2c0e36 - pristine_git_object: d4ec02eaf79dd882de72cf56837706434a15a4fb + last_write_checksum: sha1:08a6d1ccfb2cd8e1fcc87ec27773b3008d9a847d + pristine_git_object: e29df92b09b8775462f3f00d67873137f1b45b94 docs/models/healthcheckauthenticationoauthsecretauthentication.md: id: a0c9bb9ff375 last_write_checksum: sha1:12d79fe2aa4f26c3d6d3c0c8c3cf9f9fe53a157c @@ -7264,48 +7340,48 @@ trackedFiles: pristine_git_object: e743e6d873ed28ba5afdc65ebd06469bf69089ec docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodget.md: id: 4d2fb99d1bad - last_write_checksum: sha1:f3b9ae73b20f01b61bf738b7a7929103f8c4deb3 - pristine_git_object: 13f52ada816cc6827f7e2251aa57a33e1b53672a + last_write_checksum: sha1:8f6e62be78897d92bc5707aea6454523c47d329d + pristine_git_object: e4cc1a48864b201936b2b4e9f9327160a3b31c4a docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: 6d1b80ec0d0e last_write_checksum: sha1:16180301fa243c28feaba32e1b25f351fa34a2d3 pristine_git_object: 713f2fe5a52ef4de6c994c33c62f87ba6faf0048 docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md: id: 104a684bb27e - last_write_checksum: sha1:45dfbe1c24399d1ae38ddff400e66bbc3ae2fe49 - pristine_git_object: 5cfa74a63c72e9b3e267387810e0c49c202b3b16 + last_write_checksum: sha1:db12869965a50a7ae6cb60e7109657a6e943a4e6 + pristine_git_object: 901762925cdf0fb09c133d431a94ccf45db4d842 docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: 310bc0fe7508 last_write_checksum: sha1:7ec2f5b8e821826f3e9e5e3c9e5e91c3923bc05c pristine_git_object: 3225e891f55c4e8506e9fabeb6eec1019f2c4a75 docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: 30837ae71ce2 - last_write_checksum: sha1:0911688038d80ca83f870fba6328c4b3df236301 - pristine_git_object: a1ba8fd62e943d97ff32f1d0c82047263aa98c0a + last_write_checksum: sha1:2e191cdb543b1e688cf040d0d74a567d9c31aec1 + pristine_git_object: 08d0fb2c49bac8315de0f7ffad272f340e01be4e docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: 1cd1632276d1 last_write_checksum: sha1:a9a1c0435c6ace66cb7ece4ef986365f58038af5 pristine_git_object: ee9fde2be2a90e4c1b03259903009b9f535f4c85 docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypejson.md: id: b46670cab9c0 - last_write_checksum: sha1:3847a7fb4f11acce2d0ebd09c0330cf5067bb23f - pristine_git_object: 5e8487f5464e443689c74ee1ad3a4aac3a216179 + last_write_checksum: sha1:7ee591b6794595147e0abffae485d2478ce49e42 + pristine_git_object: 5ed64788dc4c7ab0bb266295622129ba9b3bd6a8 docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypejsondiscovertype.md: id: 504dc5465d5e last_write_checksum: sha1:573ac965bcc006f4a30a6303be26bb7aebce326e pristine_git_object: a4c847c378b181ec5e9e64e165882fa602a51438 docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypelist.md: id: 4253fe662028 - last_write_checksum: sha1:2a5295a2148fc2864a1018959147c1bcbbf1b745 - pristine_git_object: 79057f73d687543d78739b6e1e8e22cf88a47f89 + last_write_checksum: sha1:d55682b8f6b8a1a8f7a2e247f3d74329d5e4bcbf + pristine_git_object: e9ef5b9bb4ab1f0a12612e15075af5b2e5cdf32b docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypelistdiscovertype.md: id: a33bd4317443 last_write_checksum: sha1:56cbd8c6973e0d62b4868360c96c50f51c5afd78 pristine_git_object: b132c852f53e484ba6b967c78199c2a754bc5830 docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypenone.md: id: 1bb0c2efde76 - last_write_checksum: sha1:20637e328af1aeb8ff042510d42a9e1908d60be2 - pristine_git_object: 16c8c9fd3d86b10d829ff8871c47e02be2767059 + last_write_checksum: sha1:15b500e618dd28fa1eee3f814328f20e64c5f6b4 + pristine_git_object: 0641f10651e4d4a061fced6ae4e1973c0ec10383 docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypenonediscovertype.md: id: "512089675267" last_write_checksum: sha1:d82caa52b83aeec5fa2d01645ef5a58b4f23ccff @@ -7332,8 +7408,8 @@ trackedFiles: pristine_git_object: ecfac5257adf5c460bef390a1dac428602cd681b docs/models/healthcheckcollectmethodget.md: id: 656b449e0c17 - last_write_checksum: sha1:6a1b17b2f8fc7652e80285d0bb25b43f5c25d6d6 - pristine_git_object: f234dbb9f11601f2a8f2a41e761b512156abda16 + last_write_checksum: sha1:7f304fae478b7759fd4829250e572fdc05b477d6 + pristine_git_object: a2c87c3e6a1f18b741aedb5cceb6b32c5af5a4cd docs/models/healthcheckcollectmethodgetauthentication.md: id: d8ecdcbd5cd1 last_write_checksum: sha1:4e379c1a91221fbd5b8e55b01c1cd1b230f5f992 @@ -7356,48 +7432,48 @@ trackedFiles: pristine_git_object: 241e86ac66c2ff1e89cc240d1f70bf4a25ec8f48 docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypehttpdiscovermethodget.md: id: c984457dfe37 - last_write_checksum: sha1:fa07fa9b7ec552ba9b047294e2034cbe5279e7ad - pristine_git_object: 667af958acabc6e9624e2bc91c824a8d94064b9d + last_write_checksum: sha1:2af5e41d58261a11049590302922670bc3bbdd9c + pristine_git_object: a140bf8a9ad56351ed8a21c3e4a5586a3706c440 docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: 18d42f36d68b last_write_checksum: sha1:e972a8114b4e6b83df5c4fae1cd04c978ddb8356 pristine_git_object: f60cfa59086ffbb05c33ec25322f31ecdb26469f docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md: id: 188910035bf5 - last_write_checksum: sha1:fde0a8d4d6eb4709900c8059db94ca1f2543c0ad - pristine_git_object: bf497de310742653e8ca33b4b79917eca1ad18a3 + last_write_checksum: sha1:47d65a8394f1ff13ae84a3db0906adc10783ae15 + pristine_git_object: 7b9719878c370bd5a3ab145e4bee60f5a349b9b4 docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: a6478fe7143c last_write_checksum: sha1:daf10ce10536b270bd8c7cb1138d81e24b8ce232 pristine_git_object: 2a2447e8f9f20cd18af2d8115e41845ad01bafd4 docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: 653d4836970a - last_write_checksum: sha1:c8f0c25ca955202f41604e27c759b60bd8d8fe39 - pristine_git_object: 9fa0d687c74a330f2fcda7d5df4ed86b4e649727 + last_write_checksum: sha1:a4fafe5d6f08a873382fbde05d0cdf68636bf2af + pristine_git_object: 441cfa20dca6675d337a80c0871ccc27982ca5b2 docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: 570887c54e0b last_write_checksum: sha1:1af7160074511d6512fc4aaf2fc12e64c2be2bd6 pristine_git_object: 2bc3efdfcbf3f2ae34b05913a84cb9d10b0c2a35 docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypejson.md: id: 43fd5fb3107d - last_write_checksum: sha1:979268ff3dcfc7c6e0de04bb9ad66ce27d633340 - pristine_git_object: d8bb50a99ec46dce854d6cd0bb316db2f858a0ff + last_write_checksum: sha1:b5f0cab9dd29d6edf580beeafaa44b0a3b9a6082 + pristine_git_object: ae61fb06ab95d7dbcf8a8974a376d554f3b5bc2f docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypejsondiscovertype.md: id: 1db7ae8c9f08 last_write_checksum: sha1:96a34e2c889615f8955e5976fd7a6e2e447ef6e4 pristine_git_object: b6e5d0cc80cde25f278dd91fde00acd0e0ad020a docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypelist.md: id: e8d8df5c8d73 - last_write_checksum: sha1:0df69abe4edc15f5ae2922b377fa41c374e71f9e - pristine_git_object: c1bfca211b92d428f91ddcf2258d80d7adca989d + last_write_checksum: sha1:4602e8bd7cc0cc8128a706df0a4c3e2cbeed49b2 + pristine_git_object: 66ae71ddb42db8ff2889d64b0f114e94494e52f3 docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypelistdiscovertype.md: id: 4e199d49463b last_write_checksum: sha1:ab941b467e9895607c20ce86eee803fc98d1b8f1 pristine_git_object: 2e6cb9d9be5b0a5353480fa15009bb83e627b1b4 docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypenone.md: id: f2d7cb786fec - last_write_checksum: sha1:42c298b8c3ca12a32b87a2f1c8c5d62b85b8b2d8 - pristine_git_object: be8a78159ec85274ee9e6ca29762c5eef40ee052 + last_write_checksum: sha1:36d17f67a5ea4d92360287294852d820b682fc43 + pristine_git_object: e8cec4d3f44113a69c7012f5d7a46c9f084bbc43 docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypenonediscovertype.md: id: a21fc19f7f4e last_write_checksum: sha1:c8458b59159301ccf244e8b2a3d38ef6bdad9ab8 @@ -7424,8 +7500,8 @@ trackedFiles: pristine_git_object: 395ea44fbf18f134157848a28d34067e195cff5d docs/models/healthcheckcollectmethodpost.md: id: 1db52edee63f - last_write_checksum: sha1:5bee9384dc98269b2e5cdc57892c3c2aa2ab2335 - pristine_git_object: d1f8f5167b51e32fd5be54c53d2f6c8a9140ef2c + last_write_checksum: sha1:1e83986fa107a1b445a0812a15961bfb6dc5ddd7 + pristine_git_object: de418b502de0dafc67a1ba2d1bfaf46bf3b0484a docs/models/healthcheckcollectmethodpostauthentication.md: id: 225348b89169 last_write_checksum: sha1:e74104bda9d4085958cd91294581d7812aa1e02f @@ -7444,48 +7520,48 @@ trackedFiles: pristine_git_object: 28543f67f3cbf8131f6af064eb0bdbbb875b099c docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypehttpdiscovermethodget.md: id: 3e88dcb8c81c - last_write_checksum: sha1:444304c819b5c5ee3e4637a246f679cadddcd356 - pristine_git_object: 366d3f89ece4da56cbb68e324144e4520a3706f6 + last_write_checksum: sha1:f3c445dd5c602ab36e37f68d5cf18e4a80877409 + pristine_git_object: c62c4d0d974bdf14d39accb90aef366a8188a309 docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: 3b948cd23878 last_write_checksum: sha1:96a9772aee55bbb24696eee9b9f3225666c1b0a3 pristine_git_object: 6ee15124498a5eaea78b52235168ea9e79abe81b docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md: id: f8c4c4076eb4 - last_write_checksum: sha1:7debd6a19f8075fe693b7cbc4851fe52538eebcb - pristine_git_object: 9f2509132ef6eab095261e01e71f42055865825c + last_write_checksum: sha1:2e69f253f66aa87c85300155044271381009df6c + pristine_git_object: bcb4172646cf66c6a06407bf243e3526900383d0 docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: 2466e43b6a97 last_write_checksum: sha1:670a0959da6c01502e33ec708dc3f634c79e248c pristine_git_object: 267831884e873ca8eb6db1681c3c45cb5daa1600 docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: 15b900dc296b - last_write_checksum: sha1:9fb65e69ae2d6d6c91db3ce19cf8e1ecdabb0c31 - pristine_git_object: 7fe66d00850c5813aef47ded50f2f0359828ae6c + last_write_checksum: sha1:8a2f328a28b4bdf4d435286842e7d9c87af383c7 + pristine_git_object: 313cd9a7daf47616b7c34eaf1313a02a67e47fa2 docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: 695a991fea14 last_write_checksum: sha1:54f4231c9d59c8fcd6bad3a82bf4dc7386760a5d pristine_git_object: 7f1779d9f6a394e32c178beb0180a465410fb6ef docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypejson.md: id: 89ffd2a90742 - last_write_checksum: sha1:9d020390a452795392f5c725f0254e2dd101730f - pristine_git_object: 20e020d7ee72e6332498c2eafdf1fe85c09dc365 + last_write_checksum: sha1:c68399fec450f80f0071adac8fd5ab80cec95fbd + pristine_git_object: 1eaea66339f10d373b8dc73901dfe8a4d72286ca docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypejsondiscovertype.md: id: f15619f30893 last_write_checksum: sha1:bcd073adba8aa5e0ab8fc8a23866a64fd02e94db pristine_git_object: e2785ab708a8d9816c30552042c1684891e48bb1 docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypelist.md: id: b9f9b7d2483f - last_write_checksum: sha1:cf6944c7c3725366f8ae270a6244328df639098a - pristine_git_object: ea01cc93cb2915ac10c0c02553cb2d25f7bf97ad + last_write_checksum: sha1:9cc8ea67c1b547dc9f4cff762bb0c37c93f8cf88 + pristine_git_object: ce4f429ebd4994672dd8048a821ff918df18e4b4 docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypelistdiscovertype.md: id: 82d524a204a1 last_write_checksum: sha1:404ee7a8da33b294e9cce9f794f77eb2ac57ad37 pristine_git_object: c0dca478d3302e923efb873014e0e8a73572a5b7 docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypenone.md: id: dc76d62d606e - last_write_checksum: sha1:db464f497189e70b19c0a456ea76335ba13316c4 - pristine_git_object: 1be5a466d79f195628645d534fb86d3d9c1508f4 + last_write_checksum: sha1:02bebbdcb3d1554ca84800a3f8ae58684ce503ba + pristine_git_object: 50c51200401c7fa8235e912b9aaaebef1dedece1 docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypenonediscovertype.md: id: 595b21814022 last_write_checksum: sha1:496f7f1517e7198329a97fee0e30f959f2b2702b @@ -7512,8 +7588,8 @@ trackedFiles: pristine_git_object: 23b19885deb6da40d1050fe846f155919a6fd85d docs/models/healthcheckcollectmethodpostwithbody.md: id: 1d53dd3ff537 - last_write_checksum: sha1:8f66b387eefbbfa3f4bc3a9c11ff0278648c88f7 - pristine_git_object: c056fc24edab234ca569994c078c2c8a7554ba29 + last_write_checksum: sha1:a66187cf2eb399a80ef857b1c91295873d7f10a8 + pristine_git_object: b28347ebbc757b719e70adf001e4b8bcbbf1a878 docs/models/healthcheckcollectmethodpostwithbodyauthentication.md: id: ec58171a18e3 last_write_checksum: sha1:2e1a5e2d23259bebe217f82511bd87076182396e @@ -7532,48 +7608,48 @@ trackedFiles: pristine_git_object: d6c731102d1124cc726072b0e9e74a7a584473de docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypehttpdiscovermethodget.md: id: 844af9b3ad9f - last_write_checksum: sha1:a456d53afc3006f335091183217a8db2de6c7629 - pristine_git_object: c3b2da3edcf18224d908d3215b1b6f967758b939 + last_write_checksum: sha1:61e20cfbe272a1a7d106fe5adcdaea5136327ef5 + pristine_git_object: 4fbc02d9f871cd7f6c5e67a6c9e822bb87b266d1 docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: a182bfad4856 last_write_checksum: sha1:8e8c2621b805bd3fcca4dd9f6692d66ee252f64b pristine_git_object: 955498624bbbcbf42b2fa9e2b616effdba50339c docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md: id: 39ecce1e94ee - last_write_checksum: sha1:dacf52888b7aec4fd47a3be80236b443bce68001 - pristine_git_object: a00f0e799e05d0a11f75ac0312bbce3e92b11dcb + last_write_checksum: sha1:e40c0b3a0482002ad542aa80e1e2a3f857984243 + pristine_git_object: 245af925bb87cd363fedda54439b3fb2880c7682 docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: 973e2f4ed850 last_write_checksum: sha1:6f9fac16923105b2b4b7d63d6592d010c3b19f2d pristine_git_object: be57b1f9a8cf41648b3debf01a7c22b0e1579bb5 docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: a96edc3ba921 - last_write_checksum: sha1:5172d5c45fc2fb87febd50a19ab94eafe2801257 - pristine_git_object: b46a2adee9661921dd94969184c3c2acbbb97d1b + last_write_checksum: sha1:f3c223faccc92031756f6ab50db28db812b831ec + pristine_git_object: 8bfe44c1198a78743b5ffa0931db95713a2ed884 docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: 90b937e7656f last_write_checksum: sha1:38dc2bb1bc5ef4f99cdbef1c749df9255d1fbfd4 pristine_git_object: e4df44ae33b47a99d1b220d2f5a78d98be741269 docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypejson.md: id: 2565e798a508 - last_write_checksum: sha1:9c49e0af92c6d72f97b0293523b5d1ef209b2459 - pristine_git_object: b53f1e8896b97451d8cf9efae412591aa2bef2a9 + last_write_checksum: sha1:04506f80617b69116fdb00801a7f66d089c5814d + pristine_git_object: bb0d859fbca978efa76b346d263622ee5bc61826 docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypejsondiscovertype.md: id: a34d400bc001 last_write_checksum: sha1:4188001d350d7fce6b041fc302198a6cf11af894 pristine_git_object: e0475ad7ffb9ca5d9aed9e236878bc6cb85dd54c docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypelist.md: id: 7a51a655ca6d - last_write_checksum: sha1:67b9160de2fa8673824436782d8d2f7d1cd07ff2 - pristine_git_object: 611c1551ddfe8cb8f94160fc0ec1008301f0c566 + last_write_checksum: sha1:2a62aa190bbc3a6aa112f33e81c0861b6a2af0fd + pristine_git_object: e2736e699bb38181001134b33546e080d66afe14 docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypelistdiscovertype.md: id: 8af4d9bb4e7d last_write_checksum: sha1:0f540c7d30b952b9c44d9284e3f7d1d6b063d747 pristine_git_object: 622308ea3b1faab84a2a16b46eb3d886c248c05b docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypenone.md: id: 6359b9719f79 - last_write_checksum: sha1:4460cd9ec9e7c0464acee9b9712e5c4a25419f27 - pristine_git_object: 32ebbc7c49f56e9b08591cef5bd28b8696733492 + last_write_checksum: sha1:932c1467038ed7f6337e856a9c52c79df3643a8f + pristine_git_object: 1e435feced1054af0e0e98497338cfec4e14eb0c docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypenonediscovertype.md: id: 43a71b7b9e8c last_write_checksum: sha1:8509122407af19107f86b0f4aed80f1722124a25 @@ -7606,10 +7682,14 @@ trackedFiles: id: a1d90ef3f539 last_write_checksum: sha1:4f79f0475943d0b62b02c21cd285e306e29ce9ec pristine_git_object: b144d7d7ddebc784e0f9c97fd006fd53e746ec23 + docs/models/healthoverlaystatus.md: + id: 0175c8951c92 + last_write_checksum: sha1:f133beecdf3b3d06de5794139d2632bb64b72aab + pristine_git_object: 3e53c8cdeaecb9555148ae2a04c60c2034c6900a docs/models/healthserverstatus.md: id: 21caf27f9b33 - last_write_checksum: sha1:f32e5b3c60e910fb809c65780cd180ecfe963c34 - pristine_git_object: d33b3577d74220da403f91ec203aea239c2e5f01 + last_write_checksum: sha1:1cd75c96e6dd797a28c65fe85a6633ff7ea94f33 + pristine_git_object: 8f347a619dbabf1479c854869546fb9102a49354 docs/models/healthserverstatusstatus.md: id: cb806a3f5492 last_write_checksum: sha1:6139f93b14ebaf8631b3e1689af629bc5eed5a72 @@ -7634,6 +7714,10 @@ trackedFiles: id: 2d1ae61780fc last_write_checksum: sha1:730ed09b063883ec1310592e4c3795376c91c790 pristine_git_object: 1e16abe26f037aa320f14ce3508e3ffae43f9858 + docs/models/httpdiscoveryheaderconfinputprometheus.md: + id: e53e1555156d + last_write_checksum: sha1:450edf8953317f83e19e165cfa4291ee245345b8 + pristine_git_object: 8cb8a5a736bff56896aab0c82af829b2b8fd0274 docs/models/infield.md: id: b78c9498bbbd last_write_checksum: sha1:1cd7cb25aff3ffced2af81cf5416491141f05b3e @@ -7660,8 +7744,8 @@ trackedFiles: pristine_git_object: 614393c9b8efb3e2c271bba82d30fb43fa342abb docs/models/inputappleunifiedlogsinput.md: id: 1d6c3782f327 - last_write_checksum: sha1:0e151b924d0b4877a7fb058bdbf8975e326e27af - pristine_git_object: d83dcdecb194629a867ef3a5c39c60f9f257a5f3 + last_write_checksum: sha1:7d93eee42aaf1a58384a6e47ac89c142df3a9346 + pristine_git_object: 58ebcc34f670674ec35efa7628312272396b9422 docs/models/inputappleunifiedlogsreadmode.md: id: 70474b797319 last_write_checksum: sha1:8c481c97779c624ec6d3cccd5340a150970eb23f @@ -7708,8 +7792,8 @@ trackedFiles: pristine_git_object: 347d9ba857fa338f11d28f71e30bcc547d5f5459 docs/models/inputcloudflarehecauthtoken.md: id: ca8d2f929885 - last_write_checksum: sha1:fd224414ce02c8692dbd2575c7050c878117ed70 - pristine_git_object: 039b7b907f749257530b1fae4de59c6c3c43fccd + last_write_checksum: sha1:f485398efa7d5cc07babfa65b9c97909f793c887 + pristine_git_object: 3046ed575aa4d520173d7afc09cf4af9ef82c8c1 docs/models/inputcloudflarehecinput.md: id: 6e3c0dbd5424 last_write_checksum: sha1:ee6dd726e4ea268cfd7fd46a871259d2836f7e8d @@ -7736,8 +7820,8 @@ trackedFiles: pristine_git_object: 8d6f9d260d27454ba296ade8513be418ae4db279 docs/models/inputconfluentcloudinput.md: id: 2a69bbb1b1db - last_write_checksum: sha1:55b381d7e545e2c43c51603ec8819139cd140c02 - pristine_git_object: 942c8e2c2836746c15f839554f23341aedacc7ed + last_write_checksum: sha1:3e12b5e70dca6833c105b82a64198317d4ae05af + pristine_git_object: 6c2236ede340b474e01a596209f9a49f9308acb1 docs/models/inputconfluentcloudtype.md: id: 59d53de21492 last_write_checksum: sha1:0ab26a9123222e4edddee7a50281b070a604e3cb @@ -7832,12 +7916,12 @@ trackedFiles: pristine_git_object: b5fac3f1a3be5a494afea5f8670477fc2a6c1343 docs/models/inputedgeprometheusdiscoverytype.md: id: 641ee12c6cd9 - last_write_checksum: sha1:37e7a372de433a9c1066d156beab35f04c29fec3 - pristine_git_object: fe9ad3790aa5eed6678ab00c181bbbcc87adf60e + last_write_checksum: sha1:6f7395123d3db0307d59a8ec28395ba2c43dc19b + pristine_git_object: 0368a8aef054eeb2f7a910e9e6f1fbbc37bda61f docs/models/inputedgeprometheusinput.md: id: 532b9c1cd201 - last_write_checksum: sha1:6f7bf5f06981435cdee8de55a4c87d6d1f79001b - pristine_git_object: a78c2d8bf48ba4797341ca864ccba8c429961d3d + last_write_checksum: sha1:55b8fcf304cc22c4c4f81a4a79dd1c9c90f8c4a2 + pristine_git_object: 7a718dcd438b22aa1f3941fbbf0092d0d12e49e2 docs/models/inputedgeprometheuspodfilter.md: id: 6b7225d99d45 last_write_checksum: sha1:a031f2397798c1f41f621e9ff07ab2f0ed29768e @@ -7876,8 +7960,8 @@ trackedFiles: pristine_git_object: 3a51c7ff6974dd0bc777abcd5a8cd37091221a2d docs/models/inputeventhubamqpauth.md: id: 57569cdf2236 - last_write_checksum: sha1:abca895b7a165b566bc9f2bd661ee75958840c50 - pristine_git_object: 1e6c48874c4330e4a9a3ec8ada3f41b3aca3ec8f + last_write_checksum: sha1:c7d86cc3a8c2e100dea3c66d0725e91f8ef54874 + pristine_git_object: ae910561d16e3607f7de4fec73284a753ccf9fb1 docs/models/inputeventhubamqpauthenticationmechanism.md: id: d2b7f82ce6f8 last_write_checksum: sha1:0bb2a93d59742e23622f60b04e309cc7b7aab9f6 @@ -7890,6 +7974,10 @@ trackedFiles: id: 690dfd415021 last_write_checksum: sha1:cd326602d044825e883507fb65d5f4ff4b17b496 pristine_git_object: 910224887a5936553179997d1c16c9e3961df989 + docs/models/inputeventhubamqpcertificate.md: + id: ec71f003adaa + last_write_checksum: sha1:883771fe3caca3bd09f682942e57e52fe1b66d9e + pristine_git_object: e9bc74b882cef74d37f765b7ccac7427441f5626 docs/models/inputeventhubamqpcheckpointing.md: id: c85696d6d448 last_write_checksum: sha1:9139efaf859372b2245a7120b03be21baa1c0214 @@ -7904,8 +7992,8 @@ trackedFiles: pristine_git_object: 7423eb69820cc0771af535a28a2e239223c44aba docs/models/inputeventhubinput.md: id: 3be64a1725d7 - last_write_checksum: sha1:e557fc3d62146c98d0244298eff69ad73f0be3af - pristine_git_object: 09b28cbc8770e9f2d1eba73790ecc4a1e0333b5e + last_write_checksum: sha1:1c237595a75177a1fa39aa57e20761bddc0f028e + pristine_git_object: 1f103e96f2ce3dc71f3c4f65dd6af486504e1cc5 docs/models/inputeventhubtype.md: id: 76529426ef7d last_write_checksum: sha1:e00d26c28c618ea2d020b730fb5721fac4d70deb @@ -7984,8 +8072,8 @@ trackedFiles: pristine_git_object: 2a155ff383eca5095c3961ba3af87c1049250bce docs/models/inputjournalfilesinput.md: id: 922e7794863c - last_write_checksum: sha1:2d7a133ed3aa87ed15f5c5a9cec98fc5f7902b6d - pristine_git_object: 6d21971bd29cbc46e956194712704b67ce82cc5b + last_write_checksum: sha1:70e9dcc58ea44258cf960f59167b4818e5e86e83 + pristine_git_object: bca6c02eb03921161cdc4d91ee94fb1f138da127 docs/models/inputjournalfilesrule.md: id: 75f064d697eb last_write_checksum: sha1:d01ecb9eacb475daf103ad233a6dc4a4bb03aa22 @@ -7996,8 +8084,8 @@ trackedFiles: pristine_git_object: de033752262381f36b7f2e26b43ab08475a1b8d9 docs/models/inputkafkainput.md: id: 4a5a2acfffba - last_write_checksum: sha1:eed8ac00deb717a0931a046f5dad5d8253b39e82 - pristine_git_object: b2ec44cea921dd48d6014b73fbc066635cb5ca7b + last_write_checksum: sha1:c223366d1bc27c8870b806567857be4a5a98b8ef + pristine_git_object: 75e3f6717d97fb71f9d1bfd47c66f52d65f13660 docs/models/inputkafkatype.md: id: e3bf1cfa128d last_write_checksum: sha1:c8f9c2f33e632ea9e929ce80f7e335ff05358321 @@ -8032,8 +8120,8 @@ trackedFiles: pristine_git_object: ce63aa836ddf4cccdbfecce6f04af01e6024c94d docs/models/inputkubelogsinput.md: id: 4efc9fb46237 - last_write_checksum: sha1:7191f7926c4ba701b9412398c48d5070e01064fe - pristine_git_object: 48ee5367d1b46e4b497fb3393b9c6ff0e757017d + last_write_checksum: sha1:4bf935926a045830ad625814426d26acb19e7627 + pristine_git_object: c28e4d5440b6c3535278a5202f9f0370ab5c3135 docs/models/inputkubelogsrule.md: id: ff4047ed4d05 last_write_checksum: sha1:5929ac6dc36176627a16a53e3fd1ca2850d8f1c5 @@ -8096,8 +8184,8 @@ trackedFiles: pristine_git_object: c57f19fe01c9b21ff6d98ea76d3b0322049285a7 docs/models/inputmskinput.md: id: b3731009559c - last_write_checksum: sha1:058446e84218f59a211c7a0bc337f78862fe91d9 - pristine_git_object: 45b96e2f6596846aa852e7a6951b1ce393261c0f + last_write_checksum: sha1:c9119254d77aa06a2bfa32fbd078eadf7af72776 + pristine_git_object: b69915992583d8ab6dd9b351b467eca0e99db9f7 docs/models/inputmsktype.md: id: d726422d829d last_write_checksum: sha1:9d89626e214c038ff59b9cffcc6df8a7e7e57ffd @@ -8172,8 +8260,8 @@ trackedFiles: pristine_git_object: 76f2a4006805efe6819ec9674787b3efc29fa26e docs/models/inputopenaicontentconfig.md: id: 4cfb141126a4 - last_write_checksum: sha1:ff65baf7af8ec81c2f3d30dee1efac8ad7b7b896 - pristine_git_object: b14b005679cd0a2ce87baf81e0c16454aa254c8e + last_write_checksum: sha1:e41f0fde5e74cf476a2bb1b5ffe8287a49b4c64a + pristine_git_object: 646224125fb2d8a798f442bf7cb91e1d1b8364cf docs/models/inputopenaiinput.md: id: 88eba12c551e last_write_checksum: sha1:3c34b75f501bc638d9c40e710b5aee8f40b81498 @@ -8224,12 +8312,12 @@ trackedFiles: pristine_git_object: d7b69c56e388736743c891d0d2806ee8fed61d22 docs/models/inputprometheusdiscoverytype.md: id: bf99132228e2 - last_write_checksum: sha1:dd60960db35d300c969006b96a53fed4ffea66e3 - pristine_git_object: 8fbbaaf1ce9739217739b86ef93ca901fadbf847 + last_write_checksum: sha1:92189771a95de601387aeb4f285f41a2e58a2da5 + pristine_git_object: 8daa9348ab042b738cc2c6109b2e1d58dcb40d4e docs/models/inputprometheusinput.md: id: 6e6c8c002a88 - last_write_checksum: sha1:6406d6c79008a7120fa0a16684d82152cf1b803f - pristine_git_object: 6c44ebabf622d3ef3ea329bea6981027f2de4b4c + last_write_checksum: sha1:8771fc2d52b5a7a1ad1d1b8ca994072940167a04 + pristine_git_object: 76e9ce9875f2950ff3201d0d220383ff5e03ddf9 docs/models/inputprometheusmetricsprotocol.md: id: 0baf5f016581 last_write_checksum: sha1:e9b0955d7bb204efda0f8a1e16e72bea1cc62186 @@ -8272,8 +8360,8 @@ trackedFiles: pristine_git_object: b96f2b9fb6ff3c57138718e6c39f373a6bd629dc docs/models/inputresponseauth.md: id: 6ac263f690a9 - last_write_checksum: sha1:ce249961636cb59445114e1d757a78646609c9c0 - pristine_git_object: c4eadd92d7a2285206572e257a44c9c0f8864ddc + last_write_checksum: sha1:300d9f94fea06634d844cff363abc9116e70622b + pristine_git_object: 8e78394516bbce3e7be42270c2f84ca4f2640b6b docs/models/inputresponseauthenticationmechanism.md: id: 13a82ffc63f1 last_write_checksum: sha1:1113835bc0ea1830eb258ec31d5bb8fbec2aec80 @@ -8332,8 +8420,8 @@ trackedFiles: pristine_git_object: f5dd30a19cf5a990d62b462146c8af0e026e6369 docs/models/inputresponseauthtokencloudflarehec.md: id: b592460a81c7 - last_write_checksum: sha1:a4d17259453dda1283b7dca1ab19bfeb5b382b78 - pristine_git_object: 6d0f54da9e95896b5eca92430e769a4079863cf8 + last_write_checksum: sha1:92f54b8bb800d7d1c110be93583051395ee601fe + pristine_git_object: 6f8d1890f4bd5f6fb964bd4e65a5542f86982ce3 docs/models/inputresponseauthtokensext.md: id: 13d4f32818ad last_write_checksum: sha1:9c2a6cc337cf51d0eddeb8b173c3ce6e51bd8c12 @@ -8354,6 +8442,10 @@ trackedFiles: id: ee51939bfdab last_write_checksum: sha1:86b6f113cb1a1d9d6e3c67aba918ae689e062625 pristine_git_object: d98ec1cf59bc08e184b9d0558a14330d72496940 + docs/models/inputresponsecertificate.md: + id: a44fa4fbdffa + last_write_checksum: sha1:2d9a061e0009deab68e6d4e87da2d6e23d52de6a + pristine_git_object: 37d6d87188e8ae1a2eb5f4cb0845ee237825eadc docs/models/inputresponsecheckpointing.md: id: 98d7a987cefa last_write_checksum: sha1:5b793e89770bc4af61b697ed9187cccf4a3caf54 @@ -8388,8 +8480,8 @@ trackedFiles: pristine_git_object: 6655b5dab0c4e856bef98a1b38464bd0286f4fee docs/models/inputresponsecontentconfigopenai.md: id: bd0152902e70 - last_write_checksum: sha1:07f83373e82f4ad48d57013fa3c28f99a1d3a01d - pristine_git_object: 611385ef10cfba7b1982d79a24a20f8229189f09 + last_write_checksum: sha1:b463bdee0ffaa702d24c1b6ed1caa0a15d829a28 + pristine_git_object: 40b2360b7ee845444f1db9ac7201b210157fe046 docs/models/inputresponsecontentconfigwiz.md: id: 7f10673827d9 last_write_checksum: sha1:6e10bbee04b599526769c0bf5032aab5caa0a168 @@ -8420,12 +8512,12 @@ trackedFiles: pristine_git_object: 0b3b69df67b6ecd6d1d6bb0c3267a0c31228595b docs/models/inputresponsediscoverytypeedgeprometheus.md: id: 755aa83e0ed4 - last_write_checksum: sha1:11c07810202c7fcabc923046bc9194d1e3346a1d - pristine_git_object: cca6ea65640fc119b5a5da53ad31e5611cc4cbc9 + last_write_checksum: sha1:eba40e033e73ecbae0db8240406fb6367c62eaa3 + pristine_git_object: 397d64fe579e8db151e0755b6e9180c93546b559 docs/models/inputresponsediscoverytypeprometheus.md: id: fee6e156c1c6 - last_write_checksum: sha1:c5c9e3ab15b8b8502ab9e274a703e7410d88f3e6 - pristine_git_object: 0c4aaec64c692ba14f8597703d8e3e9a41717bb9 + last_write_checksum: sha1:9bb12bb996aaee2adfe7282966db4c9977f47af3 + pristine_git_object: bb98c4de266a8af2d6d7dc39a37d642ef3d88708 docs/models/inputresponsediskmodesystemmetrics.md: id: 4a020d6f33b7 last_write_checksum: sha1:d6cb715fc83dc8a58f1c02d5120a6f31def02495 @@ -8508,8 +8600,8 @@ trackedFiles: pristine_git_object: b397e44cbe77fff4bf2123f2b9a8619b798765f8 docs/models/inputresponseinputappleunifiedlogs.md: id: 690bee993e0e - last_write_checksum: sha1:e8c7af6e5e96ffd77e0f42c5965a4d4b34432f30 - pristine_git_object: 21354b351a33f5f1922d092e8d4ec26a85401ba2 + last_write_checksum: sha1:6b254e442645ad75cf8e3782ecfd52e5ff2f711a + pristine_git_object: 309dcd311dc8287ad3f763612b6680b24a537998 docs/models/inputresponseinputappscope.md: id: 93ac1b08a7ac last_write_checksum: sha1:ef9b8c2702d8fe96eb38a4e6687f22b1689e6a63 @@ -8528,8 +8620,8 @@ trackedFiles: pristine_git_object: dd3c6b9a212618d2468d9266218be5f3ccd1a3d6 docs/models/inputresponseinputconfluentcloud.md: id: 2c823147d296 - last_write_checksum: sha1:b17c7e0061d62a3c69464007a39b1d85fd149bda - pristine_git_object: 50e682ae903853a8d484e43dd6cfa3faeae28c1f + last_write_checksum: sha1:0082f311d8573bab25f4ef30c89b4183a9ed9aa3 + pristine_git_object: 73880f01d94a73d2aff344a656d599c2f2b5be4a docs/models/inputresponseinputcribl.md: id: 12ac139fe1e4 last_write_checksum: sha1:9d920c34d6c79d1f1ffcaba13597b3fbb681b7d6 @@ -8564,16 +8656,16 @@ trackedFiles: pristine_git_object: 9041ca5a78643b832ab1885062c80387ba169426 docs/models/inputresponseinputedgeprometheus.md: id: 5a1994e497f9 - last_write_checksum: sha1:4ffbc17a17db35dca3c6d65032b197d847b3bf28 - pristine_git_object: 6c6e526afa35a6069cf13e72c05c82726a4c1546 + last_write_checksum: sha1:87fa597bcde3d6f4dd31f3a8b26999394f48663f + pristine_git_object: 6f9a785bdb4060d72dbc200d02f0bbb6b3b467dc docs/models/inputresponseinputelastic.md: id: 0b1b3eecca51 last_write_checksum: sha1:9a381d0e4e721ab4e896de6cba15c1ceecb6ba6d pristine_git_object: 0d8e941e1c3411dd82a281084bea50e8b982fe91 docs/models/inputresponseinputeventhub.md: id: d3c7cc25bf8a - last_write_checksum: sha1:c78babea7b8d56f2b47fea73e756560b0d022b8b - pristine_git_object: 410c28b39cdf45ea2bb190ad6f05f2e8903781ea + last_write_checksum: sha1:216870225e7eda5e45640854586ab911c7c19068 + pristine_git_object: a126b8a4a405ca9c66dd9b72d8158f25a9e5e557 docs/models/inputresponseinputeventhubamqp.md: id: 01db0073929b last_write_checksum: sha1:6b5def506d8a83005c36ff3d4b7b4aeae84d2532 @@ -8636,8 +8728,8 @@ trackedFiles: pristine_git_object: 7c203e0bd21c1918c23eebec83529ad629a07ccc docs/models/inputresponseinputjournalfiles.md: id: bb6fee8f5d3d - last_write_checksum: sha1:9aa2ffa3ed6e4713318a25465bca1e57c1c87ce1 - pristine_git_object: 75a45877d81f479a464c6c1c119a872a3648457c + last_write_checksum: sha1:a6180dc1c89101fa6822419726ef25f0789f17fa + pristine_git_object: b64ca01193fd5ce77acf321ac54befaebc7ca835 docs/models/inputresponseinputjournalfilesrule.md: id: 8a2f6e89540c last_write_checksum: sha1:bf6da25766418c3eae9b27815361390949ca06ce @@ -8648,8 +8740,8 @@ trackedFiles: pristine_git_object: 892e78594964c09bf5377d71be79a7579cd0f7f3 docs/models/inputresponseinputkafka.md: id: 9efbb11bd1a3 - last_write_checksum: sha1:ac7a36034457eaa3784c3cbf657cafcdcabdfc98 - pristine_git_object: 59c0578d3e0114182d63310a70414aac85633f14 + last_write_checksum: sha1:e0f68a5254813a5503165623101a990437d05399 + pristine_git_object: a63c64bb63e94048dfd19691b7f3fa3e158ea2d1 docs/models/inputresponseinputkinesis.md: id: e6f3819a50e5 last_write_checksum: sha1:85079dbca83afc78a9fe9364c6a418b21b9f964f @@ -8660,8 +8752,8 @@ trackedFiles: pristine_git_object: cdfe60671715768fa25c8ec34103609d0ebeb1ca docs/models/inputresponseinputkubelogs.md: id: 67c40d04a05e - last_write_checksum: sha1:19f547e3012f2d0af8375af832086e46cd77952d - pristine_git_object: c9a3cc231a242bf00cf4369f3144ba370f31109d + last_write_checksum: sha1:ecd097842d8165d5dcfe275ddcd52cb8fef310af + pristine_git_object: afec39eb8f5923bf2b6e3a880a71aeab66cb4e79 docs/models/inputresponseinputkubemetrics.md: id: 95b8fb6d2ea4 last_write_checksum: sha1:86f40adc92c7e377a0ded73b5e0fac221b443c72 @@ -8684,8 +8776,8 @@ trackedFiles: pristine_git_object: 1f9c51bc4fb2a35ec1661f717d86a536c33b639a docs/models/inputresponseinputmsk.md: id: dbbf2620f7fc - last_write_checksum: sha1:4f5a42d9d0909c8708218da5e1aa0da6031e418e - pristine_git_object: a5155be3f91459b2081f103545dc947122e945ac + last_write_checksum: sha1:aab279cf292fe7926bcc530827f70454c700b9fd + pristine_git_object: 3a97c0c73d1d89fcdf6200df40700769c5aa4680 docs/models/inputresponseinputnetflow.md: id: 72fce0f72b6a last_write_checksum: sha1:db714f24225be84163a9286196723b0fe2488c9c @@ -8720,8 +8812,8 @@ trackedFiles: pristine_git_object: d53f73c7265d79c947127bdde508ef1553d03bf8 docs/models/inputresponseinputprometheus.md: id: 43b251fad9b5 - last_write_checksum: sha1:5fb0c51c43ee706e01cb5db71afa9de3c5b05304 - pristine_git_object: 5c30996a531e051dc75dc8257e33b88d7dcf0d60 + last_write_checksum: sha1:a6817484a306246020508ddeacc5a50670314082 + pristine_git_object: 7a68b0ec0a019e336b41d04f90328d3484d27e8b docs/models/inputresponseinputprometheusrw.md: id: bf7bdf36b510 last_write_checksum: sha1:664763af1371f69dfeb6e44e6c4ad9d00b6d20eb @@ -9800,12 +9892,12 @@ trackedFiles: pristine_git_object: c10797a6727420e03173e6621bf9b29ef3f8d658 docs/models/kafkaschemaregistryauthenticationtype.md: id: 6ceae08d33d7 - last_write_checksum: sha1:7c96a0f073a6bc66e066da5f6fff7be8a86aa00d - pristine_git_object: 659c6da0d3c32ca7b773fb2a687a3ad5d3f9f9af + last_write_checksum: sha1:54f24800417623321cb885d85d83c8eb5fd419e2 + pristine_git_object: d1c98c4e82b308d7e998757dd519918046a603a5 docs/models/kafkaschemaregistryauthenticationtypetemplateschemaregistryurlauth.md: id: 347b7e182d37 - last_write_checksum: sha1:a86775ca83a998115b40cfc3e8b73c90f711fe15 - pristine_git_object: 2c7696f737ba7198e68ac035f2d665431a70e992 + last_write_checksum: sha1:b5fad44fa1c2d610295ad18a42445e4c88f7a15a + pristine_git_object: 158ddaad5fbd76944b7b8756e8bf0b1d853809d1 docs/models/keyvaluemetadataconfoutputfilesystem.md: id: a340d23ffa39 last_write_checksum: sha1:17f0d7aca68dd15952a15a0f2a7f59d1815b4647 @@ -9816,12 +9908,12 @@ trackedFiles: pristine_git_object: 4d37b36ebf76333d58d0a6dddc4966bd21f590c6 docs/models/lakedatasetmetrics.md: id: b5762460f89d - last_write_checksum: sha1:8ec561fa27f2c028255d46a7bd417905ba490801 - pristine_git_object: d6c6c2232cbc26be338715733bc8476a20482b39 + last_write_checksum: sha1:8044a894257fa5e1bcd8a8f50d89d80d3bf49442 + pristine_git_object: b1e5506337fdf0690e9e3c0541659f2540149ea1 docs/models/lakedatasetsearchconfig.md: id: 1ae748500cc0 - last_write_checksum: sha1:55f2a448817898ae86646420e5d018b067306b01 - pristine_git_object: d59331858993f396d1578e053f8348dab3e75f2b + last_write_checksum: sha1:9f0278975c74703286a86ee49a1aceb5b5b9d149 + pristine_git_object: fe82823800d0df50c03a12612d9744aa19e50eb1 docs/models/lakeexportconfiguration.md: id: 8bd1bb7bc273 last_write_checksum: sha1:20517505110df707be9ce0650b19d6346daafb5c @@ -9962,6 +10054,10 @@ trackedFiles: id: 043e473ea7fa last_write_checksum: sha1:eb1fd45b139ed1890e2f968a250974e3786e9257 pristine_git_object: 8b42721cd9b7b17f840e12265115fc678415ae87 + docs/models/noactivehealthoverlaystatus.md: + id: 99e546c62134 + last_write_checksum: sha1:ab6f2c0edc89dc7c65f5e52740ac4823e85f5cd9 + pristine_git_object: acb0b9ddd1c218442b75b1c86948b4af6bdcd578 docs/models/nodeactiveupgradestatus.md: id: 7c400e743893 last_write_checksum: sha1:600ddcca6b4f02ca450acbb2bd74ae9a7089d389 @@ -10068,8 +10164,8 @@ trackedFiles: pristine_git_object: 6b1cbea806ff0e5ce7ae48615a166cb3abae407f docs/models/objectstoragefilter.md: id: 2205bf492ca7 - last_write_checksum: sha1:f268e3687ac3ae176001f84fc9b687f62527ec6d - pristine_git_object: 2f01cc9371ba3ac85df6114dce964ada1e3dc8f7 + last_write_checksum: sha1:a60e5696400bd23be720627bed4f1e241cca7d2b + pristine_git_object: 653dd7af93573531b506cefa30b1fcf917d16e24 docs/models/operator.md: id: 1b6d3fc58add last_write_checksum: sha1:c37c953024b0512f3f25b39ae6816d03ed498a40 @@ -10108,8 +10204,8 @@ trackedFiles: pristine_git_object: 1d582629dac6e050bd3f2b41d8ed3265d13ce5a8 docs/models/output.md: id: 376633b966cd - last_write_checksum: sha1:7d6be7bd9ad7994183c66e8ee727e3b013cdf3d1 - pristine_git_object: a2fbaf4acff16624632afbaf3a51d2cf54fad857 + last_write_checksum: sha1:e1a549bc5ad37bc07d92dc0c9fc9d892203314e5 + pristine_git_object: b4d04fd9759d3dbba74a3b962b091ad1473f5797 docs/models/outputalibabaclouds3.md: id: 8fbe1415f28b last_write_checksum: sha1:ba1f4056f8f836dbbccb8d3221cd98b82a86f7bf @@ -10140,8 +10236,8 @@ trackedFiles: pristine_git_object: bd2853e428c9c420b7da1ac4f358cf0d8d0c24f9 docs/models/outputazuredataexplorer.md: id: 69de7df3be04 - last_write_checksum: sha1:c7bc58d445d76903a9355d9bc8d5fcbf5cab7575 - pristine_git_object: 1ab3fbafd948e6e20f8c0eeb0bed5c55b2a20769 + last_write_checksum: sha1:2789ff4ba7142e90ae30d98f3f70149c6624713e + pristine_git_object: 4c6eadc19124d4332daa5c5cebb7ca054ca6c215 docs/models/outputazuredataexploreradditionalproperty.md: id: 9646dd0195fe last_write_checksum: sha1:571a367585222b5cbee15990192d7a4b9149ab09 @@ -10188,8 +10284,8 @@ trackedFiles: pristine_git_object: c6b8cc63d44a4e37b17d0d9250169053283303cb docs/models/outputazureeventhub.md: id: 0b25d7680512 - last_write_checksum: sha1:17c2883ad175608a764f0ee04190697a4c3f7a38 - pristine_git_object: a77fbf5e757217c78e188c849681dcf051559cb2 + last_write_checksum: sha1:b2460964f78bf8fba2e9be0046bb215a6f348809 + pristine_git_object: 94b150304a39223112a1af68fd22d6a4d74d72b6 docs/models/outputazureeventhubpqcontrols.md: id: f8686af2d667 last_write_checksum: sha1:386a6dafb44921dae66e73c6c8f1efc4378b601a @@ -10200,8 +10296,8 @@ trackedFiles: pristine_git_object: 30fc2388564df03f49af4545bcfbad1672241471 docs/models/outputazurelogs.md: id: 3d5350ea3402 - last_write_checksum: sha1:ff26c9ed98452f47a1db2f327ec342964e28729a - pristine_git_object: d16afc1a0f22bfc7733076e30c00d516943e530d + last_write_checksum: sha1:35be2ff4922b136558bcfe69760dda6f2a76ccc1 + pristine_git_object: c18ac5628dfb4a3165d9ade2829af0b4c81b6a80 docs/models/outputazurelogsauthenticationmethod.md: id: fc135926667d last_write_checksum: sha1:cfa899a7f733eabdbc315d0986e16908d33212db @@ -10216,8 +10312,8 @@ trackedFiles: pristine_git_object: 6005aa54f614d49f8c17f79216d9023863022c39 docs/models/outputchronicle.md: id: 2c75111afd39 - last_write_checksum: sha1:2939dcf8e2284ffebe93fd4d4ef86de3f1ae37ae - pristine_git_object: a3b8b8295d8ea97f11f679bfdda6d6f6b193e4c3 + last_write_checksum: sha1:2e1921ffccabd41dc5321b483a872ddc68c3e0eb + pristine_git_object: 4f88f9b1345cb88357f4b7dbde1e87e5083deba4 docs/models/outputchronicleauthenticationmethod.md: id: 4a92fbd31026 last_write_checksum: sha1:d8333fdf934429a53c6378594c11546942c6534e @@ -10236,8 +10332,8 @@ trackedFiles: pristine_git_object: e8fc3055c477d48bea6e9ba080d838ffa5bf6038 docs/models/outputclickhouse.md: id: 819da4daa8f8 - last_write_checksum: sha1:32bab7ce9ee28a97d55fe1337a7d47529c1ff55c - pristine_git_object: ca6429585512f404e315dda434cde22e19c847cf + last_write_checksum: sha1:0c2711acddd3f018c31e962926a5083f5f39c1e2 + pristine_git_object: b138a95ebc1f216611124b937ad0319e9a51c5ac docs/models/outputclickhousecolumnmapping.md: id: c07cb579f243 last_write_checksum: sha1:d7459740279a170f0139abaa64a3165aaa2d030c @@ -10280,8 +10376,8 @@ trackedFiles: pristine_git_object: 1b56178805d9b682ab70612bc78d4fe77589de84 docs/models/outputcloudwatch.md: id: 33a516dcb918 - last_write_checksum: sha1:a98c1cd526485dcd16bd636025293ae4c2baf30c - pristine_git_object: bd3b09c06d228a1630baaea499d859df571bc18e + last_write_checksum: sha1:cacdf842d18bd76e93e0b72623dad1a0479500a7 + pristine_git_object: a94b915106133c22ba2ccf7a25d11645c007f3a2 docs/models/outputcloudwatchpqcontrols.md: id: 689af93027b7 last_write_checksum: sha1:60f6ccc469f249e793220b92b17bba82bff01990 @@ -10292,8 +10388,8 @@ trackedFiles: pristine_git_object: ccfef2ffbe453f4a24d9be06e886a71f67f18a83 docs/models/outputconfluentcloud.md: id: b8002227130d - last_write_checksum: sha1:86e97f269c306bb9ebc16cb139a45ac819cf32e5 - pristine_git_object: d458c221ffa26752dc4147c605e0e25064b3c993 + last_write_checksum: sha1:22bf532e988f300591e5427af59a64a14aca4b27 + pristine_git_object: 0b313c008174a6572f1f10c458a53a5ec20f1395 docs/models/outputconfluentcloudpqcontrols.md: id: 7afcfd478a8d last_write_checksum: sha1:29d03941ca2bf97c62184a470bed496c68800a1a @@ -10304,8 +10400,8 @@ trackedFiles: pristine_git_object: 7cac56eb5255b06583e5cc9a953374fbe94bc87e docs/models/outputcriblhttp.md: id: 689177ba3b47 - last_write_checksum: sha1:dd5a212ea856202151350d9faa1c854062f708f3 - pristine_git_object: e4062382c324420936eb551cc13ebea28e1dd010 + last_write_checksum: sha1:597d9ce6a218698be72db280ab434d049200a9b9 + pristine_git_object: 01570bfa3b99d548cca833b09a5880ffed0eae3f docs/models/outputcriblhttppqcontrols.md: id: fa5cd17b0dfb last_write_checksum: sha1:6888b437254ee121f0106c148feba96d41c20434 @@ -10324,16 +10420,16 @@ trackedFiles: pristine_git_object: 852ed23e48e7030b52614bc44dd13ab4d21bf3a3 docs/models/outputcribllakeformat.md: id: 09c52708e170 - last_write_checksum: sha1:eb252050f7b4b3e80bc2b8995ad0e903a7e8802a - pristine_git_object: 34a09edcadbcfcc26885c5cd9414f0d645d91851 + last_write_checksum: sha1:5141909dbfd694abcc8b56ab305e92b7047aa34f + pristine_git_object: d0d65f537e184e06d1ef27f30257cd5ffe37a97c docs/models/outputcribllaketype.md: id: 8ce7ea181688 last_write_checksum: sha1:63497ecbfe9bcf84aab1300c4d9f16f8fab74caa pristine_git_object: b78a95c3f74ab4421ccc842add107833bcc66423 docs/models/outputcriblsearchengine.md: id: 0ed418fdd6c7 - last_write_checksum: sha1:3ea11e388478aba16bb07c0e439181e09ce58a6d - pristine_git_object: e3514ef22aaca19fb00be28840c5ad0df0a77eda + last_write_checksum: sha1:15cb400db3bc55697d822bea74ca8ce48ccd2712 + pristine_git_object: b9dd340e7d82274da28e5df11062e433eee287fe docs/models/outputcriblsearchenginepqcontrols.md: id: a7983f68b41a last_write_checksum: sha1:d2e6603c49d0ef7bdd9da1904e0d93e20cc96d84 @@ -10344,8 +10440,8 @@ trackedFiles: pristine_git_object: a173d4e1232a758bc53652e8feadf6657490201c docs/models/outputcribltcp.md: id: 7d25803eb5cb - last_write_checksum: sha1:595603b9cd09043da7f275b6a050338c6eed152c - pristine_git_object: 549beb1b9a704cfd2411a44c7c2af0a8878ad48c + last_write_checksum: sha1:800c079f2d75bc513971634a229ec72d39ffe70f + pristine_git_object: b31e36d34819a0b9178be6498d371a15075db69d docs/models/outputcribltcppqcontrols.md: id: 55e5d9f1b42e last_write_checksum: sha1:f9d663af0855e401a716abc5292e9dec8eab2d2a @@ -10356,8 +10452,8 @@ trackedFiles: pristine_git_object: 9682e0ca3b1a0eabd7556cc76aa59269e348877e docs/models/outputcrowdstrikenextgensiem.md: id: 5a40577338d8 - last_write_checksum: sha1:331ee6ad98f6d6d5897357bf503382970a3cd695 - pristine_git_object: 1d594fd2b882d114987e396dad5a2f2ade99ac7b + last_write_checksum: sha1:38bb35eae48d82468a02bec0f37e47bb3ed4b66f + pristine_git_object: 5625708ea6087f3d54ba3b4151b19f6b7507fcea docs/models/outputcrowdstrikenextgensiempqcontrols.md: id: 03faf876730f last_write_checksum: sha1:23ee7a28d1244694a0b1a8d8cd9e366775508037 @@ -10376,8 +10472,8 @@ trackedFiles: pristine_git_object: 1bbe3adcd4bd5ade60e91981264a6fe165b5c39f docs/models/outputdatadog.md: id: c5607e162b7d - last_write_checksum: sha1:78bfafc1f0cd099a52a4b9b51fee7ade81bf6fcf - pristine_git_object: 7692aea608d8c76e4994ddff9bd85c55e2ee1ba0 + last_write_checksum: sha1:2936f8ecc24f9de3e945184ac2956b380f34f526 + pristine_git_object: 35231026141e17dbb765102c03a1b229f40e3d65 docs/models/outputdatadogdatadogsite.md: id: 8188c241f6e7 last_write_checksum: sha1:00b243829be95baed9d14647e5ffbea8383dfd2f @@ -10400,8 +10496,8 @@ trackedFiles: pristine_git_object: 8fb54aa700ca06bcf8927a2515355c0d6b0ab62e docs/models/outputdataset.md: id: f3ae581be23f - last_write_checksum: sha1:e178729f0986468b0a4d23402fedf7bdf01ad727 - pristine_git_object: cdd216563dea1a47f2b0be4df2166a883c31400a + last_write_checksum: sha1:00e56c409e6d21c1ec6f9530c6da3c2c5cae01d3 + pristine_git_object: a3f381d5aea6dd97431ee0df3deb4878024f2bad docs/models/outputdatasetdatasetsite.md: id: caeb1dec4813 last_write_checksum: sha1:e80c475c361772618fe4aa251981f39bb7d6ef2d @@ -10460,8 +10556,8 @@ trackedFiles: pristine_git_object: 43f8046329aa7ede09d46d88e516b139dc73fbf9 docs/models/outputdynatracehttp.md: id: 2173c2e4a2f5 - last_write_checksum: sha1:9e3c1cbe5ebaa753073d008e468a908d40759992 - pristine_git_object: 1961734ffdea1b193c3b37eda7c1e60962318f8f + last_write_checksum: sha1:e33cea7926e93201e2bc95d58fc1c13475f3d969 + pristine_git_object: 64f18e83d12047cf02785c4b5cce8e6eae21911c docs/models/outputdynatracehttpauthenticationtype.md: id: 41fb300ea369 last_write_checksum: sha1:ab7e9ec07fbe0dffda4bd77da513a432d9cd81a7 @@ -10488,8 +10584,8 @@ trackedFiles: pristine_git_object: dc2a44fa2af14591f2b978978f335042b537bf46 docs/models/outputdynatraceotlp.md: id: ce1902556ff9 - last_write_checksum: sha1:24cea7d4dd8c248df8cc6fc41e74e075718efdee - pristine_git_object: 64dd5d1012890c7f0f364e58a6dc5be1027dec4d + last_write_checksum: sha1:30e6ac08ad4e4c9244669432886323599ee0c4eb + pristine_git_object: bc09339a03b28a8ef208c010228a4cc5f3abed0d docs/models/outputdynatraceotlpendpointtype.md: id: 5c7404e064a6 last_write_checksum: sha1:1ce1ea610dda34a2712a365c33cd79aaed6e1ead @@ -10508,12 +10604,12 @@ trackedFiles: pristine_git_object: 7dc75e42f92211372316aee563a17e7434fe9a9b docs/models/outputelastic.md: id: d87aa23d2d0d - last_write_checksum: sha1:87f325d725938c6c3a67aa15a714089ee56605a6 - pristine_git_object: 04f6a6da887c1a135868185e18f4f3aacb56285b + last_write_checksum: sha1:f9bde151464bea3db25d6e92a8d16308f147c331 + pristine_git_object: 817614f43f844a05ce7ee6b219921c4f4fb3268d docs/models/outputelasticcloud.md: id: a2d12f7e8323 - last_write_checksum: sha1:7d833fd12a7f3bde38ded0cc1d237130469f3efc - pristine_git_object: fd4a59db1adb084b0a838113dbf213f64d0d896e + last_write_checksum: sha1:2fe4580e62dc514bacc56d35491bd5d4934dd761 + pristine_git_object: c45e27f1ec73409b867d93216f422099479393df docs/models/outputelasticcloudpqcontrols.md: id: c556e2fc75c2 last_write_checksum: sha1:811c7efab192c4725c30eb699251bc98f1804e84 @@ -10564,8 +10660,8 @@ trackedFiles: pristine_git_object: 8d0c13805bfaa7bd7fd453a384d95d537f3e3fc8 docs/models/outputgooglechronicle.md: id: 94619dc3adca - last_write_checksum: sha1:b2c2bf8bacb75bac55292301fc9b0d803d7fc712 - pristine_git_object: 972c7e82e915ada50996521497ff553340a0271b + last_write_checksum: sha1:393c9b4a868dde82e0300117d530a254117e86b7 + pristine_git_object: 806d027efe1be351193cdb6900b2ca73689c50d8 docs/models/outputgooglechronicleapiversion.md: id: ecd24d3e8279 last_write_checksum: sha1:c45f6e313d2e05c6dfc9bb9464ab06e777b0f027 @@ -10596,8 +10692,8 @@ trackedFiles: pristine_git_object: 458900e93f2b58f485771f67de9c8f1ea068fdc4 docs/models/outputgooglecloudlogging.md: id: 95f6a474a242 - last_write_checksum: sha1:b48c165f9da514410baf2cd20e7efd7179990433 - pristine_git_object: ef51b3f0f570d95b7379cd0cc0d19c12aff1f75a + last_write_checksum: sha1:c87f1db5a15d1e0a12326b84cd81aa39d5ab3956 + pristine_git_object: 4a4de6a520607d663795586d1cf183c2f87b7489 docs/models/outputgooglecloudloggingloglocationtype.md: id: c4781ee80b75 last_write_checksum: sha1:4746a84c0e4830f488c2b9e3ff2f4568e06d4cb1 @@ -10614,6 +10710,34 @@ trackedFiles: id: 8273dac62c80 last_write_checksum: sha1:66827167735fe6043b8c91e9119e38ba32795b7f pristine_git_object: 6743061cdaa7bd433eafd0de292403b9af8967c3 + docs/models/outputgooglecloudobservability.md: + id: 8a2bc04ea225 + last_write_checksum: sha1:f21fae96fb0b4d9d32f295bb614670097fb166c1 + pristine_git_object: da269cf79f8ba5cb5f79efb46f7dc9ff0ab8aacd + docs/models/outputgooglecloudobservabilityendpoint.md: + id: 9803f82c3233 + last_write_checksum: sha1:b2b2b47eda4b7ac0dc8b4622cf26ad8ba7378080 + pristine_git_object: 49e4160e12c25f02952d84f013ce07bd2ced010b + docs/models/outputgooglecloudobservabilitygoogleauthenticationmethod.md: + id: 5b036bf3d276 + last_write_checksum: sha1:2d4faf76af7edf63347304c39436e779c3f2a1b0 + pristine_git_object: 7402471fb62d24845f42b46edef1e34b3f6b1843 + docs/models/outputgooglecloudobservabilityotlpversion.md: + id: 3134f1cb684c + last_write_checksum: sha1:e8a9864123c7b058faa6a5ea56a235f8d388bcb9 + pristine_git_object: b05c4dd75452b614574ab238e5da6f8300ae9ee7 + docs/models/outputgooglecloudobservabilitypqcontrols.md: + id: a9d08fea4601 + last_write_checksum: sha1:a9d250fb7a294c3b4a9d933f6e21e4f21a7fe57d + pristine_git_object: 80ad6c5e5aa595ecf25096dbcd94426f0765f654 + docs/models/outputgooglecloudobservabilityprotocol.md: + id: f0f9410bd7d7 + last_write_checksum: sha1:e02538df30601b4d88da48ab6cb936c22fed99dc + pristine_git_object: a1d99c675f70dcca90619ccc8eb43f25246efa9d + docs/models/outputgooglecloudobservabilitytype.md: + id: 2c43e1b5971c + last_write_checksum: sha1:580ef5cf1047c638f78336e5dfa7e36c3ed779cb + pristine_git_object: 8bf74322f9b518c2da84dd333833fa7cb9a71802 docs/models/outputgooglecloudstorage.md: id: 336c1580f008 last_write_checksum: sha1:d29edd9dfe37d8ed79a2778b59f321b1e8fb3fa2 @@ -10628,8 +10752,8 @@ trackedFiles: pristine_git_object: bf8608f61cfb1389122ddb99d22dd0e11180908f docs/models/outputgooglepubsub.md: id: 7a34d15b99d0 - last_write_checksum: sha1:d34eb8b882fdee02b94e54090ab7aec69d156620 - pristine_git_object: a33e8946d397c9a06ff5cfe1151e995b306ef78b + last_write_checksum: sha1:1e7d0c64996543c9b49fa617d8bfea22c45c2097 + pristine_git_object: 6a571d074c8b5745ccbb417a63763c56e1b1bb8c docs/models/outputgooglepubsubpqcontrols.md: id: 2d9289aafcff last_write_checksum: sha1:78c1a8b6fcd85d01511eea67c76dc966e5030839 @@ -10640,12 +10764,12 @@ trackedFiles: pristine_git_object: 7063851298539e9a069d49bf6c142b626da68c56 docs/models/outputgrafanacloudgrafanacloud1.md: id: 47024c76a9ce - last_write_checksum: sha1:0ec44d8dc3e8c0ad98e8b89e4543c5f006a2ca9f - pristine_git_object: d888cae40d329e5a58fbff5d2c42c6885a988463 + last_write_checksum: sha1:0b4f5dd264d3e757f6e128dda71fdad5234c4439 + pristine_git_object: 7775d864e4c944fb5a0396491f1b168bf1d91476 docs/models/outputgrafanacloudgrafanacloud2.md: id: ac4083195ffb - last_write_checksum: sha1:65ee94569dcd043cd32ffe9cc4780e2e2f900027 - pristine_git_object: 91662b96460f4d49eb5920b5415f2481a25d96a1 + last_write_checksum: sha1:e4c81e01b7174d9e21a871a685bb30a029ea54b8 + pristine_git_object: 0c6041931d16836178ba1a58a80eff2e018a514d docs/models/outputgrafanacloudpqcontrols1.md: id: 3697afa4f562 last_write_checksum: sha1:3ebfaabcba07b4c8afe9e05253c57e275fbb50f4 @@ -10668,8 +10792,8 @@ trackedFiles: pristine_git_object: 57fb4178d4f1e55e577bc1e55ea32fc325073bfb docs/models/outputgraphite.md: id: aa2b17306120 - last_write_checksum: sha1:26f5a3297be86e7deba6ca183b33def8d1591222 - pristine_git_object: d9e7794c566faaefc2dbdbdf4e1fcab3e85da67c + last_write_checksum: sha1:3fdc283f50d88966439f393316415ddaf771c38c + pristine_git_object: bf1a3b148b06ab5bba0dc430b2288b7386f8e502 docs/models/outputgraphitepqcontrols.md: id: cc76e181c87d last_write_checksum: sha1:59cd8113f169693a863fbdce675459f4de560c9c @@ -10680,8 +10804,8 @@ trackedFiles: pristine_git_object: 465f316028d1136fb75be423e368ceebbc5abf1b docs/models/outputhoneycomb.md: id: 8a160c53f913 - last_write_checksum: sha1:ccfb2c98d825e636ee722198d39b41ec07ac47e2 - pristine_git_object: 8ce989b4a72617e65f200e9ffbb6552ce5657cff + last_write_checksum: sha1:258a31f681923321dec5d23e0e282e62ed887b10 + pristine_git_object: 3d38c3ef7dc272545f2341407c8f37efdbe82699 docs/models/outputhoneycombpqcontrols.md: id: 965d8dc8d2b6 last_write_checksum: sha1:5cd089043179c6ae518059a550997c94d0955aa1 @@ -10692,8 +10816,8 @@ trackedFiles: pristine_git_object: 396e81e64391c6c64c858f2abddea46ffe26d324 docs/models/outputhumiohec.md: id: ae7fda9850a8 - last_write_checksum: sha1:5800ab95043f0231133a95b04e6f983202f14761 - pristine_git_object: 9adbee40a1af3187b89d42ff437d313afd3dc659 + last_write_checksum: sha1:c4eca0abbb86337d70cc9bad145b37b4deb8c31c + pristine_git_object: 013ec56592f4bab24e86033e3d33b6bfed4c04ca docs/models/outputhumiohecpqcontrols.md: id: 08c95108c1ee last_write_checksum: sha1:0c6b4e24979dc9547f943e880a5bb77605b97b94 @@ -10704,8 +10828,8 @@ trackedFiles: pristine_git_object: f1fb9bc6066ea989c080a6a1fa44f0549741c092 docs/models/outputinfluxdb.md: id: bfc39c854c06 - last_write_checksum: sha1:bfe1c46592b769db4bd0877d91f8a425f23e055c - pristine_git_object: 566614c7c2451ebdd83d563ba3df36ab72661e43 + last_write_checksum: sha1:d1d7da19e6d6de4a572f59307f156246279df10d + pristine_git_object: 32c56b658ba69f41ae10bbd708d1c420f373ed2d docs/models/outputinfluxdbauthenticationtype.md: id: 9c612d5de117 last_write_checksum: sha1:e932e46b6c89e7b17a4696c6783e969852324916 @@ -10724,8 +10848,8 @@ trackedFiles: pristine_git_object: 6fbf00ff40381644b253aa69906e200e3a72e550 docs/models/outputkafka.md: id: 385e76c3769f - last_write_checksum: sha1:3216fbeefd8d378b13a844f023f6146025bdbe92 - pristine_git_object: 35c6148a757b61d666d5a03963ff851217f9ffef + last_write_checksum: sha1:5c04ca1d86bfdc2496dcf150cbddb1663fa5c188 + pristine_git_object: 413c3e7032fbf3a752d19cd42b8fb52c083b4729 docs/models/outputkafkapqcontrols.md: id: a6c71c7c399f last_write_checksum: sha1:c853748ddde937e18c6e7c0a7e57766a2f8b8b7c @@ -10736,8 +10860,8 @@ trackedFiles: pristine_git_object: 8b759abf1e4caf51f1d0ef4de2d1f1fe63792452 docs/models/outputkinesis.md: id: 07506ada2df1 - last_write_checksum: sha1:1746211d977a99c398eb9930cd6ea445af8caf6d - pristine_git_object: c291c36b04c15e3fd62461d59ab4dfb39b63a481 + last_write_checksum: sha1:7bfd97f8d82c8f9ee5f80bf23f391931ebd2cf4a + pristine_git_object: 2a0231012f9669091ad669aed55bea416ffe34ea docs/models/outputkinesiscompression.md: id: 1573a91c2505 last_write_checksum: sha1:015fd05c10ca844807dbeb9145327997a8884ee6 @@ -10752,8 +10876,8 @@ trackedFiles: pristine_git_object: 806ae4fc4fd36f71dc76cf8923c58e5af03fc266 docs/models/outputlocalsearchstorage.md: id: b5b97101ef13 - last_write_checksum: sha1:355ad75f80eac9c76965d10eac9b92d118d70b24 - pristine_git_object: e0369f8ace20af5758ccfcf28cd1e657babe5ca9 + last_write_checksum: sha1:1f7671cbb8938428bc821964f52e8b161944122c + pristine_git_object: 760c0837c55379186326bc756371d28b1f954c68 docs/models/outputlocalsearchstoragecolumnmapping.md: id: 107b5f3a9e3f last_write_checksum: sha1:f17d8fb9e71e5ce97af9e8347280a816f8371033 @@ -10772,16 +10896,16 @@ trackedFiles: pristine_git_object: 7cd566871ddb5e35a7158e28486dd626d5d068f8 docs/models/outputlocalsearchstoragestatsdestination.md: id: e7f5f5191cce - last_write_checksum: sha1:7d34082569f1b6a39c8c0a8231a6e8939f23b9a1 - pristine_git_object: e4c18b1afa9ec6472a3a19b48bc0b96d9daaf538 + last_write_checksum: sha1:ea9f024519a40d3c3ca1a187a43553c36f04416b + pristine_git_object: d6835438d1c0708df8c55c257ce47e3a42c85cb4 docs/models/outputlocalsearchstoragetype.md: id: faa3b9b88098 last_write_checksum: sha1:a3d4339a52d65c495723e62552fc5fa6cb1ba0a7 pristine_git_object: 20b764b321a1a03e2dbd26b6029f59b2b6dda28e docs/models/outputloki.md: id: 4cf3d24ecc2c - last_write_checksum: sha1:8d40daf2528ec03e46fc707c7af11a4f7aa01527 - pristine_git_object: 5feaf7d5f9a70bcc21263be9df15895c8046f501 + last_write_checksum: sha1:b9d82212eddf5dcaa75f7008e526de5d956f08e1 + pristine_git_object: cefce9124b201711c13626a3ca509ebf2a4da6bd docs/models/outputlokipqcontrols.md: id: ed6ba4f2708c last_write_checksum: sha1:054bbcb7ff410b702b1abe15645a4d9858cd2cd0 @@ -10792,8 +10916,8 @@ trackedFiles: pristine_git_object: a55662d76b7ac5f97de2e610a80b174219d2e786 docs/models/outputmicrosoftfabric.md: id: 703f4926503b - last_write_checksum: sha1:49fbd0e8a86c6c54562ca6487457647770efc75f - pristine_git_object: 062a185e1b165185d54379da1bdf9524fe2e4aad + last_write_checksum: sha1:0b3165e5806830c44f257db9fe5b4447e5bd9979 + pristine_git_object: e24ecc4ca51e4c94570c3e4b6fb0117b28310bc0 docs/models/outputmicrosoftfabricauthentication.md: id: ef6acf5e2d67 last_write_checksum: sha1:fbc708b54cd3a988160b3521a4bdb39db27ca656 @@ -10820,8 +10944,8 @@ trackedFiles: pristine_git_object: e0ec34b06ceb2b2a75eb5d09e439c605efb9d6f1 docs/models/outputmsk.md: id: bda393102264 - last_write_checksum: sha1:d3897fdb7ea6474d17d76072577e09ee74c4b01c - pristine_git_object: b45d5a64595329df11c8cb6a63ffd32f4f7cae57 + last_write_checksum: sha1:a4d0af2eb0c325c3df2b8a15801ce4b19a2373db + pristine_git_object: a82465f2efe574ea27e952244260ccab244fdd71 docs/models/outputmskpqcontrols.md: id: 3a7b138e7cfd last_write_checksum: sha1:7fdacc9bdd612213029c59db0de9a86bbe2d51dd @@ -10844,12 +10968,12 @@ trackedFiles: pristine_git_object: a9aaabb4f657ebae427ed6521c56f578ec508075 docs/models/outputnewrelic.md: id: 198f7fbdec40 - last_write_checksum: sha1:0065fe8e5410c40208df55221084dc24f7228614 - pristine_git_object: 2cb3043098f4b6ec7677d3d3c87b935426bd3412 + last_write_checksum: sha1:fbb823a68c7981a93ffa7e3989c48bab0feb8774 + pristine_git_object: 07a485185b8181e2987218e1e5175a96ea9356ff docs/models/outputnewrelicevents.md: id: 89dd9e0d5531 - last_write_checksum: sha1:06fdcf4092c8448d4d4f91bf6852a15f3bd3d420 - pristine_git_object: c62cfe1fab3a46801bb9c56a26b94c9807eaef29 + last_write_checksum: sha1:445529dc865b60ecac6b97b16e9225ff4a10d8fd + pristine_git_object: 5fc4447c01795545cd600a7d83b64b22217b9c66 docs/models/outputnewreliceventspqcontrols.md: id: b65ff57343c1 last_write_checksum: sha1:e5b712e187bfdfe6988a1a7614169e3cd57a84da @@ -10884,8 +11008,8 @@ trackedFiles: pristine_git_object: 283ea651607257503aed99bf4dd918cbbe73736d docs/models/outputopentelemetry.md: id: 6263ff05f7c5 - last_write_checksum: sha1:52d5d8c145b6cd8512662f5d2691cd5092f65693 - pristine_git_object: af1ec513398471caa54e6a6ed2c75e9c9ec00c85 + last_write_checksum: sha1:d25097fb0e6eb8daa4d8e95f463d81cac9690434 + pristine_git_object: 4720024d8cf038d1903de706f0283b2b28f6619e docs/models/outputopentelemetryauthenticationtype.md: id: 91a224844d3f last_write_checksum: sha1:e1d597b18b3f85e453bc0084a9c58d318f8b7b85 @@ -10904,8 +11028,8 @@ trackedFiles: pristine_git_object: 5a90efded49ef49160c42fc39b2879a610c98556 docs/models/outputprometheus.md: id: f60f2df44715 - last_write_checksum: sha1:8aaeeab030aa734fd852544c0c21dde66450ad24 - pristine_git_object: 5abd3ff59d775b3c2899820e4ab2f9fe92c8bdfc + last_write_checksum: sha1:c7752d6db09cb646bdaa75466e37f85839782ed2 + pristine_git_object: 4319fc6aa252ed32bb8980c672b4a9f7dbeebf3f docs/models/outputprometheuspqcontrols.md: id: e877af7a6378 last_write_checksum: sha1:f93901a3029eb1990f832516dcda4e214a392927 @@ -10916,8 +11040,8 @@ trackedFiles: pristine_git_object: b5f26f20513a80e20c7aeb872e0148c1dbff638d docs/models/outputresponse.md: id: e09d17192e47 - last_write_checksum: sha1:1ffe5b7d1be2f5edf8b9e81e40f1675d3957b1e0 - pristine_git_object: f448adbf2798e7bea00effefb8f7ce3578cd2f54 + last_write_checksum: sha1:992b1164a298dc58fd56ce2bf4621135b6ba63b4 + pristine_git_object: e0b847ba82a381abf6a582a1da7fb34c2ef542da docs/models/outputresponseadditionalproperty.md: id: 9fe152894a06 last_write_checksum: sha1:2dbdb19d57d3aa6e7295aaff2db05169d8cd0ba8 @@ -11030,14 +11154,18 @@ trackedFiles: id: bccfac4da748 last_write_checksum: sha1:b01a56505482cb50e89135a530fbfd67c45be7b8 pristine_git_object: d67fcaab05afd9e36c201287b6c11a3a8ad23094 - docs/models/outputresponseendpoint.md: - id: e181ca5a15ba - last_write_checksum: sha1:24d6e7b3199a09e6d600101330d9326dd9fe96e1 - pristine_git_object: a4d01cb74df2ed5f0cd6cbc54e090111b9b57280 docs/models/outputresponseendpointconfiguration.md: id: 8e77af2fec15 last_write_checksum: sha1:dcf3c78d6edf7e39ae1eea9541cd49d3eea59a33 pristine_git_object: 0d7a2f0ac71293a8a44f6c1776f085fe4d817748 + docs/models/outputresponseendpointdynatracehttp.md: + id: 96301fffb232 + last_write_checksum: sha1:d926823a89ff609dcc786177f8e528608baf77b9 + pristine_git_object: 45704355402292f39e1f547047d1cd2a28e5b87a + docs/models/outputresponseendpointgooglecloudobservability.md: + id: 510044764ff8 + last_write_checksum: sha1:b2fb4b42f7dd68ae6996e23362be88c64b56b094 + pristine_git_object: 805328bef0c42019f5458338d517b696209a36dc docs/models/outputresponseendpointtype.md: id: 34c8a18f6d4e last_write_checksum: sha1:3bba7d42dacd9369d1f3b3e7d6e987db69f15792 @@ -11064,8 +11192,8 @@ trackedFiles: pristine_git_object: 78dd3a46530f411a53cb5fe66bb8d69843cf8222 docs/models/outputresponseformatcribllake.md: id: 6242624ff9b4 - last_write_checksum: sha1:82622a7f8b97c617d13896ad9d9ef07ee159d243 - pristine_git_object: 4763f3f37b190ea6ec4dfce4a78cd9ee8687776f + last_write_checksum: sha1:24ff5ed8d8f756d923a6045dfda5f1fe5c2a46b8 + pristine_git_object: 15ceac0970bd632db301cd3d1400767ca05c7585 docs/models/outputresponseformatdynatracehttp.md: id: 3a3a66a1b84e last_write_checksum: sha1:44d44fea5dd9e5b3263b737a7c7c941b39903d74 @@ -11078,6 +11206,10 @@ trackedFiles: id: daf45f6adffa last_write_checksum: sha1:643bc00d7ced72fd5efa3a1e587506ecb731001c pristine_git_object: 3190be7f0c263ef9c5422a3232a9ff3ad0cfc5c1 + docs/models/outputresponsegoogleauthenticationmethod.md: + id: 56f1669318ac + last_write_checksum: sha1:3547f10fdd915244fc7eeff83de0ab13b6191da2 + pristine_git_object: d3de0ad67d34159e64ab6959bb1c25412fde03ed docs/models/outputresponsehostnetflow.md: id: 8df13c21fd56 last_write_checksum: sha1:271fc08432e1470c275e6f4816a1f6ce7e990348 @@ -11118,10 +11250,14 @@ trackedFiles: id: dbdc3d5bbbf5 last_write_checksum: sha1:c8dc483a4b4bfaaddf190f3dfcbe53d057d7e795 pristine_git_object: b4ebe313d7584d7776f440ede5cd7018b8e77ff7 - docs/models/outputresponseotlpversion.md: - id: f76bc227bcec - last_write_checksum: sha1:94877065ba9f64021b1168fbf7f1035c440af505 - pristine_git_object: f58bf837f6bf5f44f174e4d8830c788731f38873 + docs/models/outputresponseotlpversiongooglecloudobservability.md: + id: adcc708affcb + last_write_checksum: sha1:93864ca4c2448e8375f5e34820b35b260dca842d + pristine_git_object: 664f1579f3eb0f287357e48380b37a9d23c6e7d6 + docs/models/outputresponseotlpversionopentelemetry.md: + id: bd25687620fd + last_write_checksum: sha1:9d805416ff14e76c9e2a4b0fc2b906588d5b928a + pristine_git_object: 57096bfc0d34e05e53c87c3f56cbe1c272e0815b docs/models/outputresponseoutputalibabaclouds3.md: id: 8d45296de875 last_write_checksum: sha1:8b1a3c4366a8c39b4ce2aa0c41d3e137466400c2 @@ -11136,24 +11272,24 @@ trackedFiles: pristine_git_object: adbddf0a2034d6d4fd477f24aa66314a07e9b521 docs/models/outputresponseoutputazuredataexplorer.md: id: 6709dc53e281 - last_write_checksum: sha1:eb02df6c77aa2801dea735b1ab27c271a5cf2a45 - pristine_git_object: bec92ecaa3bdc1c5b2cb5857d2c65b5d89c6f968 + last_write_checksum: sha1:9de0743877ab7e5a81457ec326e56b8d427122dd + pristine_git_object: dad46f3f4067dc54e5a4b9aee6dd5fb7f8fc7559 docs/models/outputresponseoutputazureeventhub.md: id: b44a571d1a9c - last_write_checksum: sha1:7adf091fb0ffb9fd9e3f1b08d96f0777fe1e9614 - pristine_git_object: e7ca873363c1807e8b502d088bbc3ae4f410a9e3 + last_write_checksum: sha1:1be840670fe0c4eecb8790aad19c9ad0c68eb3bd + pristine_git_object: 4872895717df45c96c5ac20e0b6f4bcea888caa2 docs/models/outputresponseoutputazurelogs.md: id: 7e530e119f7d - last_write_checksum: sha1:07c762f138cde869eb74882f7c31563e092123b9 - pristine_git_object: b0cae51e40ca03ee07ceb98cc5c8c95d981c1009 + last_write_checksum: sha1:3da9e48c8b23e9bd26d6c3482e03ffa0dbbc3225 + pristine_git_object: a212e7281d053743655c978655e32a86e8d7dbcd docs/models/outputresponseoutputchronicle.md: id: 4d691b29b4eb - last_write_checksum: sha1:374fc915ca3bc3213a17379296bb8488aa3927ba - pristine_git_object: 4894bd548ca3f5d501e12bc8de59c5f9fa368690 + last_write_checksum: sha1:a37c0f905029552b422c31987a46aa0c5d92b28e + pristine_git_object: aa4f3501514d789a6a00a70c1cafcfb3396b8456 docs/models/outputresponseoutputclickhouse.md: id: 87a9c5e49123 - last_write_checksum: sha1:0cbd10e7265be4936a00c0861c187f96789a2d19 - pristine_git_object: 11dada65c015b4656e8664f9af839bce5f862929 + last_write_checksum: sha1:d69287e500eaac117e7ce3ab9d3e13c2f7ada98b + pristine_git_object: d16a76eb83868caf3b91e71f22ab498eb6c99f32 docs/models/outputresponseoutputcloudflarer2.md: id: f6222b2f3631 last_write_checksum: sha1:f75de483dfc7f24a6a56aa9ddb339886dcb41a37 @@ -11164,44 +11300,44 @@ trackedFiles: pristine_git_object: aaf1ed9badfa2121a1cd4212ae29ef81fde1b3d7 docs/models/outputresponseoutputcloudwatch.md: id: 20b3ba45ca98 - last_write_checksum: sha1:8e7ba187dda797da47b482c48e5f2e971879c7ef - pristine_git_object: dc3eec50249bbfd32e8830d83b12b4303bd20f94 + last_write_checksum: sha1:099abfec0299c27238df3aac87ee7922c7bcc23d + pristine_git_object: 208bdde9d5ac3f6e5b7f4f6badcd557e9a192b08 docs/models/outputresponseoutputconfluentcloud.md: id: 7514bd6e96b6 - last_write_checksum: sha1:1537db3afd8b7e177ec720e3da1c59e0280a8436 - pristine_git_object: 00c35636c4a3bd935465983df194b849ed2ada09 + last_write_checksum: sha1:1789cb42eb274193de86cf269fefcdcb89ee047a + pristine_git_object: bc43b9a357fdc52fc921b567b639d05c616cde0f docs/models/outputresponseoutputcriblhttp.md: id: a09cfabc4ef2 - last_write_checksum: sha1:80ef71287454acb37e92f20ea7db9e474132e2a3 - pristine_git_object: 4582826df98bd6dcfce4847304593dcba7e1c67c + last_write_checksum: sha1:157672c92b3405e693be17324652fd7687fafb7e + pristine_git_object: 26cebfe7fd502dd3fde779c23d2aa60766906ba6 docs/models/outputresponseoutputcribllake.md: id: 74c60dc553c4 last_write_checksum: sha1:da10d0cd75d8a3469445b18996d9381398f79b86 pristine_git_object: 967cc6925782b09cb746a0e9805e91d86a191f20 docs/models/outputresponseoutputcriblsearchengine.md: id: eb2778b30827 - last_write_checksum: sha1:8f1833085eac57cef4f2fc200379b379458db710 - pristine_git_object: 96119247e325638f8a000659c2fc158c604f18f9 + last_write_checksum: sha1:742deb711e90d26e44320d7cb81be5a01e02d162 + pristine_git_object: 8de290935314347d487300f8aa6758fa10530949 docs/models/outputresponseoutputcribltcp.md: id: e78272be4efe - last_write_checksum: sha1:018d2092b107a80a2464f7caa822dde6b372036a - pristine_git_object: 18d6acdd53c3c1c28178efe64b1454dbddb00261 + last_write_checksum: sha1:045bd1b07f81e94d1ca71d4d42010d13e80a0d44 + pristine_git_object: e0761bb33ac6b63d3bc0bf25a3045edb1d63ee68 docs/models/outputresponseoutputcrowdstrikenextgensiem.md: id: ca115b05146f - last_write_checksum: sha1:5ac3ae9825879996d5ecee22a47a199a439ae46a - pristine_git_object: 3dbca64abc127242d839caa3c566095da62ba20e + last_write_checksum: sha1:441a2027dae4a01c54da1a5febe7706f20d2d8b3 + pristine_git_object: 2e7c2f83f60d5e75f9f7918e6c61189b95ce95b6 docs/models/outputresponseoutputdatabricks.md: id: 7916815682f5 last_write_checksum: sha1:afd9150f23436fa3013a92a852f639517928b0e2 pristine_git_object: c270f0235f92b864813b48a83dd9b9e8aa49279d docs/models/outputresponseoutputdatadog.md: id: eea4ae807211 - last_write_checksum: sha1:dc78c55c2908a039ba352612f23cd1af03efe0d0 - pristine_git_object: 91ffb40ecfad0af3a0dcad237ddd11df739ed2ed + last_write_checksum: sha1:9f3ee46d92d0476f1568b14156030ad8ee61c13f + pristine_git_object: d0a92cdd7c2a270d191e6e41bc56d3cc1155e985 docs/models/outputresponseoutputdataset.md: id: 3746ead5fb63 - last_write_checksum: sha1:07d928a6c2b23f4532399d1e334cef96b443a18e - pristine_git_object: 14c1c884777b780c4eddfe7f870679362254d1af + last_write_checksum: sha1:9131f0d4444d9b672c85b3ea88d33e1804d34dcf + pristine_git_object: f17374b21f39ed10fa1c2c7c1aff80f77bbea70f docs/models/outputresponseoutputdefault.md: id: d20ced2bc8af last_write_checksum: sha1:0671c0f2fc6693f83bdad65965b104658219d6ec @@ -11224,20 +11360,20 @@ trackedFiles: pristine_git_object: 4d99b8bec89ce6f29e99669fc450b7c75016d3aa docs/models/outputresponseoutputdynatracehttp.md: id: a3cbb42af6af - last_write_checksum: sha1:7fbdd242ffe64aaf58d6f520b44835d9d1942c6e - pristine_git_object: 66a1ff6b8d811b91b7cc60175079eeb3837a7720 + last_write_checksum: sha1:1658a05d08bae288161c555bffd58ec24d6b4b16 + pristine_git_object: 9333b4f96c4aaedf49c5f733b9f104ee5cd8363f docs/models/outputresponseoutputdynatraceotlp.md: id: a3a6c8f6acea - last_write_checksum: sha1:de395ab27aa00e900371bceb3c064711821b92fa - pristine_git_object: 2715a30230eaff54d45f1e963774e52db40b0a6f + last_write_checksum: sha1:ddb88f8b114e808e8b1d53d285923fc8adcaa3ad + pristine_git_object: d12ea8b91706c7218e96ef94b6d01c6fd36db0e1 docs/models/outputresponseoutputelastic.md: id: 10556fb5c25c - last_write_checksum: sha1:bddab29d08240395f9f143a1037ab99ad031a6a7 - pristine_git_object: b71adef8902461aedc8254989c1b0f5da020c57d + last_write_checksum: sha1:e607dd572c5e068a6679098b9c4fb2d8919ed6b5 + pristine_git_object: bcc0f506f50abe2141a8a2c03495efc95d978f59 docs/models/outputresponseoutputelasticcloud.md: id: 8774122802a8 - last_write_checksum: sha1:64d8b7eb15b4d135ab416e66666d49f7d349b7f8 - pristine_git_object: b91fb995e2705e41000a2f7055083e0ec7c6cf82 + last_write_checksum: sha1:d900e7f5e9afeaa900c21681ba3b591bba4f4842 + pristine_git_object: 721a555c5ab15a31a9dc190c4cfdbb69ed3eea54 docs/models/outputresponseoutputexabeam.md: id: 340aa5921897 last_write_checksum: sha1:220206a70e2355f46521230b6bd88ed6036630cb @@ -11248,28 +11384,32 @@ trackedFiles: pristine_git_object: 559012b66c2ac541496e2033344d62c1beec0be5 docs/models/outputresponseoutputgooglechronicle.md: id: 54c8ae8614b9 - last_write_checksum: sha1:d36aa5acb92c30c795d22d4b3d9f91a7837eebc1 - pristine_git_object: a648b988be548fef60a658dcca4a16f2f433e855 + last_write_checksum: sha1:6fc13b3dfae1e3019ffd6aa7dc738bed31f09020 + pristine_git_object: 298fb39d00feb09842aedaa216e2cb4ba1905d07 docs/models/outputresponseoutputgooglecloudlogging.md: id: b2f501ddfb9e - last_write_checksum: sha1:ea27d5c4da94bde65d1bfce8dab0a0451d9b3aa0 - pristine_git_object: 70c034cd7904539ccc72af35b1a4633f7edff4f9 + last_write_checksum: sha1:5f446feaf8722df9d86ce6b05528c4e5384a072d + pristine_git_object: 0712cdd3d3251d029ebd8cfd8d7581b975137290 + docs/models/outputresponseoutputgooglecloudobservability.md: + id: cdd379522813 + last_write_checksum: sha1:a0bef2e8b14d8d86763b5a066a9622b68aaf1803 + pristine_git_object: c4485dc3afd32a10e99c4b6cecfb9856e8178e3e docs/models/outputresponseoutputgooglecloudstorage.md: id: a817d6e8e2c5 last_write_checksum: sha1:4d7eff066a57be9382c065744eadaf242d74f793 pristine_git_object: 5be304f1518a4d4e79da1a6c16051db8a2ee91e6 docs/models/outputresponseoutputgooglepubsub.md: id: dfc98eb0f8c9 - last_write_checksum: sha1:9baa8d23ba4e0830949b8446428fb73bf6671a13 - pristine_git_object: b5a97c255c27612702dae749fd95a1ec7900ec4a + last_write_checksum: sha1:e5ec1de045f4600d74669ec1056390e0c4b19744 + pristine_git_object: d1e1544a691c444c018bde9f6dc3840d05922065 docs/models/outputresponseoutputgrafanacloudgrafanacloud1.md: id: 285282042b84 - last_write_checksum: sha1:2d357e0085c106fd9cd406fb533ec9bce6ebd6f2 - pristine_git_object: 56f4da7ebe7fabd07832d50e2ad9cf984e14528f + last_write_checksum: sha1:cc3eb87d3ea4d9303fa2b6db4eb203e443717c99 + pristine_git_object: fb891e82beb587a9f81a6e0b8e603c55456e6f29 docs/models/outputresponseoutputgrafanacloudgrafanacloud2.md: id: 66dc96809aa5 - last_write_checksum: sha1:2c9d7f823e23129372ccd1a37f8405d433815aa4 - pristine_git_object: 5eb88d2fb934bba8eb36b0ee13dad6eedac227e3 + last_write_checksum: sha1:2d8fa6c0b9575c563af0fb5b9ee7e563835c6dd2 + pristine_git_object: 10df618a50b0f8d2a4e29724eaf8dd10c7e5e447 docs/models/outputresponseoutputgrafanacloudpqcontrols1.md: id: 168e4fcb1f5c last_write_checksum: sha1:bf23fa374f8d0190c01687c479b168b34cd92083 @@ -11292,72 +11432,72 @@ trackedFiles: pristine_git_object: 02ea28ed2bf7cdd58ddfc6f862749f3c0d085163 docs/models/outputresponseoutputgraphite.md: id: 3c07c015faf9 - last_write_checksum: sha1:8f4d8f91185520d73683320242b87ea6c1368c68 - pristine_git_object: da616d16a0e2bf08a41525ca6ebf3556b8e4e517 + last_write_checksum: sha1:441a2e48092677805d9d9f38cb2961fc37338cbd + pristine_git_object: 0b4403ecfccb0d54d999c9b007658e22dc099803 docs/models/outputresponseoutputhoneycomb.md: id: eb46b7ddaf6d - last_write_checksum: sha1:97a2975ae372ab63009fc4d587e236e5b859dab7 - pristine_git_object: f05145228f43936d79cc1927961650f35e89e601 + last_write_checksum: sha1:2aa93f12aac98c181ce9bfae7cd5e8bedd504280 + pristine_git_object: a3ab96cb767fc6b02fc46c0a5580711314515e92 docs/models/outputresponseoutputhumiohec.md: id: 245ddd98b246 - last_write_checksum: sha1:6021dc15197b85400a1f6322d2e8e88db1e97242 - pristine_git_object: bd689410d79459f804816734763eb471424b3e95 + last_write_checksum: sha1:6045f12a1682ae971cd840c3290c375efb77efef + pristine_git_object: 8ebdbc254e7d3bf8b0e6346598315fb66b97ff5e docs/models/outputresponseoutputinfluxdb.md: id: c211d4992be4 - last_write_checksum: sha1:8c2c3450e77403e448b5c8270dd643eeb2183b6d - pristine_git_object: de907bb3501ce42a836a265bb0d09a07347cbbe7 + last_write_checksum: sha1:c5b66e1b355307a3fd1f2c558641036faaee437c + pristine_git_object: fb59d4c424990b7bb22da4a81c4bff3f66208ca0 docs/models/outputresponseoutputkafka.md: id: 04a5915ce172 - last_write_checksum: sha1:fbee96cded9e49e05f5e85f87ad5886b13643faa - pristine_git_object: 88dd788be1490115a8838b7b736d2875cc98487c + last_write_checksum: sha1:4706e38ca7dd002cd51ee07a1cafe4165aa055b4 + pristine_git_object: d3038983289e46736df674a89de0bcee74c2abde docs/models/outputresponseoutputkinesis.md: id: b92abdccc740 - last_write_checksum: sha1:17084fa43b0b776ced670b2fb3c2fcde03d4beb7 - pristine_git_object: 9cb0779055d25dc34ad91183e7be7439194b6e90 + last_write_checksum: sha1:fa8857fcac49b8c2b6a572811f0db2e71e78c4a4 + pristine_git_object: 1fd005c5d9fe630c8c77b079dbfa3b107007cfac docs/models/outputresponseoutputlocalsearchstorage.md: id: a3a009cd59b4 - last_write_checksum: sha1:0cf50811dfaa142cd84ecb21049a13567199db04 - pristine_git_object: 6853eb121ff8e1a9c583d56707dced92196cd00d + last_write_checksum: sha1:46e39d7461254e94a3749cefa5af5e8334193515 + pristine_git_object: 7b8ae60aeee8f565c6987ace99c18014dbf87c4c docs/models/outputresponseoutputloki.md: id: 55dcf35a3db2 - last_write_checksum: sha1:84579dfda9a79978fef30e67deaf8f90401a7632 - pristine_git_object: cf94421d18d9dc5c5e3acde1735d9a7f247190df + last_write_checksum: sha1:c5ac8b7ef75a6fcc1e2eacf482a8ae148a8928e2 + pristine_git_object: 5a75364e311ec8a1123a7ea87540828fd6bac89e docs/models/outputresponseoutputmicrosoftfabric.md: id: 7abd738e3ff1 - last_write_checksum: sha1:e0b0f8ca68da446ac91477e4f7f1210056c15d73 - pristine_git_object: b5dbd9fb6ed34b51f9eedb6ca8c33e751c2ae0f1 + last_write_checksum: sha1:d38c8cbf04cac632191a46f25a471295b32717c2 + pristine_git_object: afbd9d6de29fe0b5a2e0121b6b0ab532b0f9b623 docs/models/outputresponseoutputminio.md: id: d723402af2c3 last_write_checksum: sha1:134c2c21c4362329bd2aff29b1fe2d5ecba10495 pristine_git_object: d4df7071d484989da47c3f84f23d97e547157854 docs/models/outputresponseoutputmsk.md: id: a290868350a9 - last_write_checksum: sha1:17b7f3675c1fe3a44093e241565b519e1f96d59b - pristine_git_object: 07f1623645aea9e6c76bfc0067e649ff9afe7147 + last_write_checksum: sha1:478ad4c5d137db78478cc80b1863707b9bbb183c + pristine_git_object: 37e5ea57b9e2215f263b2bbcc3da26d42048d5d7 docs/models/outputresponseoutputnetflow.md: id: 9f91b6dceca1 last_write_checksum: sha1:288d60c25cfce015d495c0f2ea2c282340ff9fb3 pristine_git_object: 92627c6c07cd4ce120de9513f83b50c11da03cd2 docs/models/outputresponseoutputnewrelic.md: id: 5204f08fcc1f - last_write_checksum: sha1:2ed7d85e84da7fe8d35ec209b1936f6f25b3e4d2 - pristine_git_object: 7bfd1de1f36ae1af77128d09f5942e558c978fc8 + last_write_checksum: sha1:dc7a13b722c10f1fd7684867b3eb1f148aa451c3 + pristine_git_object: 5ee53bf25a6f254853d765cd8327f0309c73ce01 docs/models/outputresponseoutputnewrelicevents.md: id: 3a91c240fc84 - last_write_checksum: sha1:3bd1176feb89f0fd188fa77187e876fd0574eeca - pristine_git_object: 28544b77805f21f9c4460c05c3cde25496f3e764 + last_write_checksum: sha1:5cdc9099a1041f6f143309a2c5cdf6fe0a9330cd + pristine_git_object: a0e68c02d10b8739fe028e94a454bdb60383c927 docs/models/outputresponseoutputnutanixobjects.md: id: 1cb3cd9a93a3 last_write_checksum: sha1:d6078ce61b2c73ec3fa6eedbec8b6bccd8754801 pristine_git_object: 0c3533111ef296d87e461e74a02b0f26ac9a9103 docs/models/outputresponseoutputopentelemetry.md: id: f12008ff473d - last_write_checksum: sha1:7cce9cd328190ce50818672c6fa775985d177015 - pristine_git_object: db25e5a50bd6754c651897c9bac2e03e9cf47b14 + last_write_checksum: sha1:3bfb71ebfcc4a9842333687a57422783ea331f45 + pristine_git_object: 11775ec6794644045e8de46d7231924eaed3f5d5 docs/models/outputresponseoutputprometheus.md: id: "483350017891" - last_write_checksum: sha1:5f505b5a0eea6815b29237a1767a3054e3babcec - pristine_git_object: cdaf2eed6f1ad2f23d3c5d7ce2298da66a5d7faa + last_write_checksum: sha1:d2bf987263ec550b027049672a9b4993a0a6e992 + pristine_git_object: 99e354ab0d9cfdd2aa2a5093d5edc6c851efcec1 docs/models/outputresponseoutputring.md: id: f9f1ea7afe85 last_write_checksum: sha1:75bd60ef465ab53a103c5780f6430a4a00dc5cc7 @@ -11380,72 +11520,72 @@ trackedFiles: pristine_git_object: 4872d7725fa2e159a9f3da04dbd82eaa296d002c docs/models/outputresponseoutputsentinel.md: id: ca3df8b8a8bf - last_write_checksum: sha1:8479aaf117776387ce142d31efc4f4f95f5ab40a - pristine_git_object: 03581a783b5788da19d6948497694da8682a3e0f + last_write_checksum: sha1:b337340e7e51095ff849534572e55c9e24f36f72 + pristine_git_object: 218d5026780181d16c665c3d1908de1724069647 docs/models/outputresponseoutputsentineloneaisiem.md: id: 609583aadb29 - last_write_checksum: sha1:e2530b51e9442bece44eef67b545c6b480dbc9e1 - pristine_git_object: fe8aedf290f7fa0c98b6056e91b6084d3017d827 + last_write_checksum: sha1:57b87b595d47574a1dc6a729cb9d8716ddca64af + pristine_git_object: 17f98d241bfd1cddc4191cf3f12547005f5e3acd docs/models/outputresponseoutputservicenow.md: id: 6030b621ea48 - last_write_checksum: sha1:3186f65ea57d5dbac11a4a2210bf47b636ac9859 - pristine_git_object: 048caa378e6add2beb3bce9f110a5138e4c7d7d2 + last_write_checksum: sha1:dfeb5793300890a45653c5dd20f317f6d8f27895 + pristine_git_object: 3086da83bf388b15bca3a75a68a1ce26fbbec6fb docs/models/outputresponseoutputsignalfx.md: id: b4e25513f4ef - last_write_checksum: sha1:46cb31b99ba374c0c6ae1ce758b82a548e322039 - pristine_git_object: 06a2885de043449a2166422f04e0a524c19742a3 + last_write_checksum: sha1:5f30ea9a96501adfec1d972998c41bf76ae4a18f + pristine_git_object: 8688946e481ac11f7ac74cb9939fcc3053957eb9 docs/models/outputresponseoutputsnmp.md: id: 600db83620ac last_write_checksum: sha1:3fd741101939d1e0de023b6dd74483102e981c46 pristine_git_object: 1d322cef9ff3828ec7cb54ee55caa0b7b560ef6c docs/models/outputresponseoutputsns.md: id: 803b362feaf1 - last_write_checksum: sha1:f9cfed2d97e62e61d2c83702fb71baa77e1296bb - pristine_git_object: 82625ca8139b3a392d9a2e1b63e67bea8d70366c + last_write_checksum: sha1:e52863e23eb3192260b34d4ad29a31f6059fb47d + pristine_git_object: 1c1a30690184e7261ba3010f46d49471963aaf36 docs/models/outputresponseoutputsplunk.md: id: c50af938c634 - last_write_checksum: sha1:f78731ff70edf69815036b357aef84813a2ece54 - pristine_git_object: 54b1b817441d4b2438e989b62957d06afcfe3f7b + last_write_checksum: sha1:2866a33f5b87a7a43d355143485796b69bc1344e + pristine_git_object: 3e6e95384f1ccd8e37d569e0efc414c2496c1f42 docs/models/outputresponseoutputsplunkhec.md: id: 10f0a3cfb3d5 - last_write_checksum: sha1:24a64d4d6d4b9e616fc21c3fc1c51fb5198008ed - pristine_git_object: 7b75847714efdaf7e40c8e9c69b4ece0dd9a0ed1 + last_write_checksum: sha1:8865175fac36848a8a69f3e7e00f867387d7010b + pristine_git_object: 426b83947a03d81e05c19845a66f3e192a1afbc8 docs/models/outputresponseoutputsplunklb.md: id: 06aa6b6b4298 - last_write_checksum: sha1:dacd9ad7ec5b72a19dd1cf22b168767fa7432807 - pristine_git_object: 0a923ddba5c15a05126ac01dfb9ab3b42ef75d19 + last_write_checksum: sha1:deccd429622ab05f38ce2dc1ca27a6eedee283ae + pristine_git_object: 6d6c80dddb1ca5f0a3c8823278f4fbc9b44331a5 docs/models/outputresponseoutputsqs.md: id: edd53bffe0c3 - last_write_checksum: sha1:a0ce2751578473de78e687f96244ad4ceda576d9 - pristine_git_object: 3aa627e9f51e3f2a08b8ccd5cf48653967932dea + last_write_checksum: sha1:52e60006c870bdf9ce8c446ccf6ae75f48a24d97 + pristine_git_object: 32b679bb25c3ab6aa5dcdea8fa9bfca94b5e40fd docs/models/outputresponseoutputstatsd.md: id: c325f4cd7b33 - last_write_checksum: sha1:90cabe72ce0e2046d306a69986bec8261fb9fe03 - pristine_git_object: babbd4cd39b8fbc9ac6288461ae94ed78391c57c + last_write_checksum: sha1:f89ef3d5edeb77e312421154a73fb1aed5fb40f9 + pristine_git_object: e09ddf7ebafaff29d3bc16464cc15fd6d7d940d3 docs/models/outputresponseoutputstatsdext.md: id: 64c739aa8fda - last_write_checksum: sha1:c6f310f302211a6dbeef09d336b11be85f9477a1 - pristine_git_object: 94ddb821f30622a4e08d04cd8e3836ed8be4a2aa + last_write_checksum: sha1:2655dee322371920dc82f5889f74941b4f2cb807 + pristine_git_object: 906961fb74131fb51f2f4dc98e101dc8afefb814 docs/models/outputresponseoutputstorjs3.md: id: 3d326fc90757 last_write_checksum: sha1:90de7298b483c4bd9b919453af2a7a7415eaf902 pristine_git_object: 98f46632e99e4f185536558a6f1e0df608c4e926 docs/models/outputresponseoutputsumologic.md: id: 62a391a5bb67 - last_write_checksum: sha1:c81abcb22cbbe19f1f31cdd899b59e319909b3b1 - pristine_git_object: aeb1492348cee2a8754c494b0986f18f45bf6036 + last_write_checksum: sha1:cf41a50cae38c055821e81ac6cf253a8083a0d5a + pristine_git_object: a83916c3f5e449916b470bf88f1107cec9ed764d docs/models/outputresponseoutputsyslog.md: id: 8d0cef47b1c4 - last_write_checksum: sha1:e8a4e783d1f0f7c476ed54f80b80dfa34195251e - pristine_git_object: a2fcb552c7febc9a0a617a12d76bd88ee5fdf026 + last_write_checksum: sha1:bf21af7328cbbf9b0f7e83e711c4b4f6e8a9cac5 + pristine_git_object: 10a1c6d2e579ce3e5694ad6613e53e1197f4159c docs/models/outputresponseoutputtcpjson.md: id: 08d819fcd6ea - last_write_checksum: sha1:b843b77eb1d7ccf6a5433b934f259672789007a2 - pristine_git_object: c4436801d5f26384680ed21bf1c6fb9e903b22f1 + last_write_checksum: sha1:7fe8d28032c0e0e610775fcb5c37907423c78b23 + pristine_git_object: 90c4f0021cf9fe46fd21533943d530bdd8f2d597 docs/models/outputresponseoutputwavefront.md: id: 3d8b0f0c933f - last_write_checksum: sha1:50947ed123dbe6ab1b563c45a378ad6678577888 - pristine_git_object: 211715a963173c1dae5e7762b744743a97493c31 + last_write_checksum: sha1:94164173687f182d03ccba458130c698405064c4 + pristine_git_object: 1c3a5176b1334570034abc5392a42aa6e198742b docs/models/outputresponseoutputwebhookauthenticationtype1.md: id: d979a1a223fc last_write_checksum: sha1:8c676914e2eda60588721a4e8c2d2ea000c1353c @@ -11492,20 +11632,20 @@ trackedFiles: pristine_git_object: cefe266ac4b13d90c6e839165f40e73c5efcc8af docs/models/outputresponseoutputwebhookwebhook1.md: id: 76682c9f741b - last_write_checksum: sha1:88989e398b3e80f965bd34b361aada6e232e18eb - pristine_git_object: fe2ea4720748b9ba62efacdac40ba59b6d25b58d + last_write_checksum: sha1:156f670631ba8f6c2afd4cf1a0c46ada451ad86c + pristine_git_object: 0ffe9751e26e105b20fa187d89d10d8363fa6ae6 docs/models/outputresponseoutputwebhookwebhook2.md: id: c5e00d98f79f - last_write_checksum: sha1:82e44e54414448c0d123d1806aa0f609004b06bc - pristine_git_object: 8d0f9b8d0121e78163f2ef16e651debc383a16d2 + last_write_checksum: sha1:69d4e096fb6f271e651c888602ae8b9b8b5d2241 + pristine_git_object: f084c48d457f427cc437d441d64985a4f0e47447 docs/models/outputresponseoutputwizhec.md: id: ad646e280edf - last_write_checksum: sha1:708c8f7715287017d3aa9ce77441a7c026f7864b - pristine_git_object: eb2257c0d600877c6fb5917b61219703fc50d8f3 + last_write_checksum: sha1:118b5fde2c91ae9084de8ae8da5ba401fc1bf0de + pristine_git_object: 777bfe1cf2d8e21caaaedb31fb02781009eee0a2 docs/models/outputresponseoutputxsiam.md: id: 4c55c9417a75 - last_write_checksum: sha1:c493783e33f3d9f82f54c2d20ed276f6a29a7a5f - pristine_git_object: 61315f652ef58d6b7d22a70ed16bf40460a9bf64 + last_write_checksum: sha1:15e74a9620c012b3fb189a14a288fb123c144353 + pristine_git_object: ca0782568f5cecc952e38312b8751a39db44448c docs/models/outputresponsepayloadformat.md: id: bcff2dce44a9 last_write_checksum: sha1:ed95e936b3f433a13b2b9dd53af8d0de11e387aa @@ -11586,6 +11726,10 @@ trackedFiles: id: 35a8b962fea6 last_write_checksum: sha1:d1cd956470d6f49001ed2852c679e9f6d4147e60 pristine_git_object: 3212729643d50e876204883fe29b98a92f6a54e5 + docs/models/outputresponsepqcontrolsgooglecloudobservability.md: + id: b895e43307f5 + last_write_checksum: sha1:b50324018ef9b0d2ffaa57865fd9e6457b22e497 + pristine_git_object: c78010b2cc64e3a4a2d6609388da16e2bbff4345 docs/models/outputresponsepqcontrolsgooglepubsub.md: id: c5bef8f29f8e last_write_checksum: sha1:f60ecec5df8f0cb0fecbbd505f3e8456543e5b71 @@ -11722,6 +11866,10 @@ trackedFiles: id: 246af5c77ccf last_write_checksum: sha1:9daeba6511e5986bf3549286dcf6b220ef3b21ef pristine_git_object: c2d708cf6e465742c1fe3620b063f7ff606dea99 + docs/models/outputresponseprotocolgooglecloudobservability.md: + id: 042efecd3b31 + last_write_checksum: sha1:b20a95e7cd031ec7dc6ce108e1de459e741ee567 + pristine_git_object: b85ff7357de23d473e8a5afa84bedf3e0074c3a1 docs/models/outputresponseprotocolsyslog.md: id: df20ca77d210 last_write_checksum: sha1:1e17ade26cf4838e13922ebf7c0b7191f7cd980e @@ -11768,8 +11916,8 @@ trackedFiles: pristine_git_object: a9ee48b6868c11dc06e7c552b546467a229c5cf6 docs/models/outputresponsestatsdestination.md: id: 82f5e911f46b - last_write_checksum: sha1:9d8d4de345cb7f35502d16c55ccb148429dc7e7a - pristine_git_object: 7f07836f208ac0ff601502528329ccb2b7e79be3 + last_write_checksum: sha1:e0cdcc774fb4efccea85551149fcd4199b7f1294 + pristine_git_object: afbe59411d0217d8f166fd8239701df3c66f364d docs/models/outputresponsetelemetrytype.md: id: dc95d314bf48 last_write_checksum: sha1:20484ca177af4af25b409106fdbc74c62a5cae51 @@ -11914,6 +12062,10 @@ trackedFiles: id: e680b71d75e9 last_write_checksum: sha1:a06953a3ab377d94f973de98e089d8fca16ec846 pristine_git_object: b1481d569196446984bfcbfae8726c3f91fef2d4 + docs/models/outputresponsetypegooglecloudobservability.md: + id: cc56c9c1f1b1 + last_write_checksum: sha1:7408bfcd8aa91a2963b528f4a6a85459b5dead41 + pristine_git_object: 4f5cca0b4fc5973524bdab32f4e9e8c896ee35a5 docs/models/outputresponsetypegooglecloudstorage.md: id: 48c4c4d5dbf9 last_write_checksum: sha1:12f4ab94e1de0cbea86480454d6933170d433284 @@ -12160,8 +12312,8 @@ trackedFiles: pristine_git_object: a221dc097701b5e252ddc2ecee7d5ae337851bb1 docs/models/outputsentinel.md: id: 03b521a73712 - last_write_checksum: sha1:2eb26569dae781ab10d621f3224035056084c75c - pristine_git_object: 752a2fae2b46a6d8bdca1211672f9419765100ec + last_write_checksum: sha1:3339a3e94c5e266aff5e29a50340496120db6f78 + pristine_git_object: 078ab218a5eb7b69db991ff38268997c7a68a80b docs/models/outputsentinelauthtype.md: id: efc800a43d2b last_write_checksum: sha1:e3ed0983b594227945e0d51cac35ff943748443f @@ -12176,8 +12328,8 @@ trackedFiles: pristine_git_object: 505bbf3a174c2b941c44d7dc2a60d23f5f375e5d docs/models/outputsentineloneaisiem.md: id: 8c9d239317ee - last_write_checksum: sha1:97d1f7be84012983e2da8fcabc7004e4aacbec45 - pristine_git_object: ad9bba0de090b131b419ab2d5a11d3ce95956406 + last_write_checksum: sha1:bb2b7a4826e94cbc413719e39c4e0fc03d8ee717 + pristine_git_object: 1cdef647d21532634db45facf25da8c1df857215 docs/models/outputsentineloneaisiemaisiemendpointpath.md: id: 5c34286659c3 last_write_checksum: sha1:d58fc0bf28d327dac755029abc1c70f0c531d60d @@ -12204,8 +12356,8 @@ trackedFiles: pristine_git_object: b989fcdba181b3d41dfc7505e7c0e3023d893eae docs/models/outputservicenow.md: id: e62654485a98 - last_write_checksum: sha1:10c2abf89eb241ed2ac4095ec1e2dd33e9dca3ef - pristine_git_object: 65b5a07b807063d0d924ce114330621f8651a1c6 + last_write_checksum: sha1:000b8b7642ecfe42310d4d44e1527904e9b518d4 + pristine_git_object: 34a3126c305aabdb5e5345321b65ce06a8e01c3a docs/models/outputservicenowpqcontrols.md: id: ea42f6ab6dbc last_write_checksum: sha1:508714db19406fb55bd6e7d71dc02e155ea6d34e @@ -12216,8 +12368,8 @@ trackedFiles: pristine_git_object: bfe64effe6b0e9ccacf31c243d5b12988137c347 docs/models/outputsignalfx.md: id: 2ce4012a829e - last_write_checksum: sha1:733edd4773eb4a13f47708ffefaeaf5f623e1731 - pristine_git_object: f244f2b5aafbb4148c35e45d290699383570bb1a + last_write_checksum: sha1:29f4199deec00eee09077c0c5d670c1c591a5def + pristine_git_object: a313a93c169d8faa768f66139ceaf531bc1d860c docs/models/outputsignalfxpqcontrols.md: id: 870b52f48d02 last_write_checksum: sha1:0a94092e7e5de20c0f9126b08abbfc9350a9c546 @@ -12240,8 +12392,8 @@ trackedFiles: pristine_git_object: b27909aafe2f844930a65a91d0b366f750b1628f docs/models/outputsns.md: id: b60eaba50738 - last_write_checksum: sha1:4089622cbc48be16f9347791eb5610db06e2e48c - pristine_git_object: d99e2979c278e56ebb53173b7768c8298835d428 + last_write_checksum: sha1:b2a369c85acb771617347fb0d26b5c5dded8487a + pristine_git_object: d22f03e41542e23df6fc787457ca6246c25f2904 docs/models/outputsnspqcontrols.md: id: 925b86a0a808 last_write_checksum: sha1:43618cdc7f36f8b50238595f84a14e800066d49f @@ -12252,12 +12404,12 @@ trackedFiles: pristine_git_object: 45830463e22ddda95b1c3d04a5752a3d38b6646c docs/models/outputsplunk.md: id: bcf587b5fbfe - last_write_checksum: sha1:9ae5a3958b05aed11a93f3efa61faaad2d6c3e65 - pristine_git_object: 7522cd01ff1eeb3ad874670220bbaef295496b2b + last_write_checksum: sha1:5e91544e5776146473b510202789d88c9dab3590 + pristine_git_object: 31e7bcfb9748feca53632db5d812a548e82410c6 docs/models/outputsplunkhec.md: id: 90814512ad31 - last_write_checksum: sha1:d9f5735aa2a37542f881881a77b48efd81f6d97e - pristine_git_object: df4d82c7dbf860e8dba4c97f19ba09f65c5d8f82 + last_write_checksum: sha1:e3c436ef65edf019e340007b546bd27209268f2a + pristine_git_object: aa89a52ffae5c9c74195983730cca639b2e72dfa docs/models/outputsplunkhecpqcontrols.md: id: 2c28284f1a2d last_write_checksum: sha1:93150a996ee52f1134df8e8846959dffd5a6275f @@ -12272,8 +12424,8 @@ trackedFiles: pristine_git_object: 7f19a3bc55aeb22ed851c5ac65f3a20c35dcb7ce docs/models/outputsplunklb.md: id: 16f55b0ec424 - last_write_checksum: sha1:5cbb5bcb32360df07289080e5c61815fe7697383 - pristine_git_object: d0e05aadbcf902617cf9604a04f4798eb70f977b + last_write_checksum: sha1:72bcd82ef299fd36d504ef8cc73326782a749aa0 + pristine_git_object: 67f39180519195a6bb21dfd37a5679f5ca87035a docs/models/outputsplunklbauthtoken.md: id: d942f69099f2 last_write_checksum: sha1:5135d399ff06d3a4253985edc36dd000cfbe789b @@ -12300,8 +12452,8 @@ trackedFiles: pristine_git_object: 5f5f684764d9e9fe2bea90935c28ae974ef928a8 docs/models/outputsqs.md: id: d120c4556956 - last_write_checksum: sha1:fa69d879368e1a131e41541a14e303cb12901237 - pristine_git_object: 5236cbcd87026f4ee2ecfdaedb4693053dd5175d + last_write_checksum: sha1:21c7c3681cec976209eb792f1754d97253f77a88 + pristine_git_object: 1d3f84bfae6e50ee7b0b3b5fc2a125f963a18a3b docs/models/outputsqspqcontrols.md: id: e899cfa81f7e last_write_checksum: sha1:197409b9c0621b72ed0f942383ce5dfa688531a3 @@ -12316,12 +12468,12 @@ trackedFiles: pristine_git_object: af8f41b4d72e519ca59a31739e75b5ed0a45aee6 docs/models/outputstatsd.md: id: f604a1cdc9b6 - last_write_checksum: sha1:ed260c9460ea056fc1278d7c5ff0eaaa808dc201 - pristine_git_object: d79fe9600bc7e4aede438e8e54b2dd9e7f3ce908 + last_write_checksum: sha1:b66ea38f7b0606bd8cc321e8040a2c8363d85a78 + pristine_git_object: 7412c64594fcd2c071a1ceece9948c61bb08e7eb docs/models/outputstatsdext.md: id: e205fd872ea2 - last_write_checksum: sha1:73b662be62c0e991b9e8a8e43c2e73e6d98b4c7c - pristine_git_object: 640dc7ea4b5df311da691a2a5715a516a6affc81 + last_write_checksum: sha1:99369110c10c7bd9ad87efaea17c0c71f1ff01d6 + pristine_git_object: b052b76aacc60f1827770571dbf04952b1d991b3 docs/models/outputstatsdextpqcontrols.md: id: 781d1b751391 last_write_checksum: sha1:63304d5c05f71be333f067d2ebb8cd45e6e39943 @@ -12352,8 +12504,8 @@ trackedFiles: pristine_git_object: 25d4dbc5b8740a5e2d4720e3ac48e6ac0768954f docs/models/outputsumologic.md: id: a71dc7200316 - last_write_checksum: sha1:cd9638de3de49175665b2003f028a6eb43e21a4c - pristine_git_object: ec54e31e364924c187ad8f81b426698caeae6b5c + last_write_checksum: sha1:a9837c1965b12b9d53083272ff4d2b99e749de5f + pristine_git_object: 8456d3d4e016e83d8a7f3d73d466c5638d2b1c98 docs/models/outputsumologicdataformat.md: id: ef00f7359efe last_write_checksum: sha1:46fa987bccb8555582b9d453b8f2bfb7b32c8329 @@ -12368,8 +12520,8 @@ trackedFiles: pristine_git_object: 4a172efcb464a7d6020be13236079563b8581fdc docs/models/outputsyslog.md: id: efc962179ec6 - last_write_checksum: sha1:1566606f876d27dd409dbcfc4e637c9831d4714f - pristine_git_object: 4699edcba1dbd3a4bfe84517d9ede3f12768f12b + last_write_checksum: sha1:108f6cab7a89f9d070388286824a3762a3c4e36b + pristine_git_object: 107d1d805fd8e41e686957dc24d52864f92947ba docs/models/outputsyslogfacility.md: id: e87d45d48a13 last_write_checksum: sha1:374ec4c0d954873e2ef30cb78715dbbe404ab3fd @@ -12400,8 +12552,8 @@ trackedFiles: pristine_git_object: 049a27b514140951a90ea3b9e008b1c42545eac7 docs/models/outputtcpjson.md: id: c065e344e101 - last_write_checksum: sha1:902f2979f916f6c065a688dc37daf4968473e795 - pristine_git_object: 810e43c53c9141240179262f831fcff3e15b89ac + last_write_checksum: sha1:96d3495075363e9ca739df4a0079f8a29df329d4 + pristine_git_object: 0c7c6669e9e57e7df00d126b39b0ab3f088a9a37 docs/models/outputtcpjsonpqcontrols.md: id: e58eeb861f60 last_write_checksum: sha1:811f10ad135e809380d6bd102ec9c2ff2a2f6005 @@ -12420,8 +12572,8 @@ trackedFiles: pristine_git_object: 6d4fe1f6548a8b9122e863daeb06d5dc255a7549 docs/models/outputwavefront.md: id: 73fa435fcd95 - last_write_checksum: sha1:7cc40b82cb8bbd58e410f94828e95b8f6a8a1a22 - pristine_git_object: 3ef8c5e9a85a574965eb084ef583a94094791fb6 + last_write_checksum: sha1:fa17f3723f1692ee6bb239a5c07abf2cc3d07141 + pristine_git_object: 22511fe58bddf6bffcc8a08bf1cd7c5a1b14d194 docs/models/outputwavefrontpqcontrols.md: id: 8e7d762552e0 last_write_checksum: sha1:6cbd032bddb7c83e953ff8518e7fe6c9150fb731 @@ -12476,16 +12628,16 @@ trackedFiles: pristine_git_object: 40a0b92f7e646d10462f5673a27800ddc8c6dff4 docs/models/outputwebhookwebhook1.md: id: 4d526c93080a - last_write_checksum: sha1:0a6182662e51c0e59e0b0003ed731fd8939a1892 - pristine_git_object: b67c88a4e655ecba16369c5bed28db8526222a57 + last_write_checksum: sha1:81469e854cb7f47e8a8d60bf604903edf4a0986f + pristine_git_object: dd3612bde916926847a9af220a9c558a7aff7bbb docs/models/outputwebhookwebhook2.md: id: 1eb64eccdabd - last_write_checksum: sha1:1a274c3644406bfb146cea917de786954e466700 - pristine_git_object: e1028d42c7d501d061c89b113d332b615f0a08f3 + last_write_checksum: sha1:ea3bae07092085557b7f656378800c1feb3d883e + pristine_git_object: 32bd5f04d994bfdfa05b18090dad7c305098a90c docs/models/outputwizhec.md: id: 199fdc64c53d - last_write_checksum: sha1:b7ff62845cf5b85125df9defd79c05593a305c3d - pristine_git_object: e545f55cc197ac75eb48935f83588265c826d458 + last_write_checksum: sha1:d216de71c6c7281317a067eab5c4f2792e1e34b7 + pristine_git_object: 1c91ad145bc605408e581dac9f3e610b8cfd4f6b docs/models/outputwizhecpqcontrols.md: id: bfac6a997922 last_write_checksum: sha1:e6f6a3aa150b57304c4a966836753c562b6fb9cd @@ -12496,8 +12648,8 @@ trackedFiles: pristine_git_object: 3662c3e0d3d4fca9f3c94cfa8b684b1a4381807b docs/models/outputxsiam.md: id: 9bad986249b3 - last_write_checksum: sha1:4e01b91b3a6f962fd9f28dfda1f4d1d822ab35d9 - pristine_git_object: 7bb711793ff09317fea1d9787a56fa6317005e8a + last_write_checksum: sha1:e2f8ed2a5028cbcc02e58ddfc29db1a6f2214e86 + pristine_git_object: d76018f7c5ade85707061a14d998cbd443e4be3d docs/models/outputxsiamauthenticationmethod.md: id: b0bb0586f169 last_write_checksum: sha1:90d49619ff4903d4099d84b09f46f1fd7774858b @@ -12520,12 +12672,12 @@ trackedFiles: pristine_git_object: 220b723b0199a05b16878fd18d1e43cf2ea23d9c docs/models/packinfo.md: id: 1cc26c7e105b - last_write_checksum: sha1:64925e846b4f9bd383137296df0aa13a0fc498a8 - pristine_git_object: f787ae9cace74a3a5cb0a1d88fa0640a3c5c6732 + last_write_checksum: sha1:d5b75542bd3b6f60274b8592b4c73bafafa47a5c + pristine_git_object: 7b4651324abb892b03a6945834eca170301d98cf docs/models/packinstallinfo.md: id: 78d53c382d88 - last_write_checksum: sha1:ccc3abe87fad8ce7bb48a797f369c7fba11d3cc4 - pristine_git_object: cbcea9f7bb6eb182e689aa3879904e34623de31e + last_write_checksum: sha1:6cf81e439e810fe1dcaa551884a936db6a8bef04 + pristine_git_object: 66dad3480c01f75017a7a441980fa396eccbdef8 docs/models/packrequestbody1.md: id: 3845abbc326d last_write_checksum: sha1:94728e221433482f4b349c8205fe02153285b454 @@ -13284,8 +13436,8 @@ trackedFiles: pristine_git_object: d1f5463027b36f15efb0044a0399c1cc3f4ebd67 docs/models/pqtype.md: id: 98c692583770 - last_write_checksum: sha1:9c87e57ba34c6f50e0a3f590921a8298300ebecc - pristine_git_object: 326dc05c2c034acd322603d4b788ff633544349c + last_write_checksum: sha1:d73ab8d28761b02399ac019f5079f9102919e277 + pristine_git_object: 4122dfa95f76599c77264ad81fb71452b9ced694 docs/models/pqtypepqcontrols.md: id: 3de607008d47 last_write_checksum: sha1:f85f8a4b9ed0549404405a500ff463d45e8a9672 @@ -13340,8 +13492,8 @@ trackedFiles: pristine_git_object: 346847acd702a6ea032a11ec04986ecf3042095f docs/models/rbacresource.md: id: 6e329941e5da - last_write_checksum: sha1:616d9311ef901ade813dadd58461df6337e790c4 - pristine_git_object: 3331ee50562af4064c0000b4882eabd73c610fb3 + last_write_checksum: sha1:19842753bfb4098f1d68e96f1f6c6b9d09f4e965 + pristine_git_object: 1e83722e02fb458eb4ab052c347f312f71944464 docs/models/recorddataformatoptions.md: id: 264e53200815 last_write_checksum: sha1:1821e7782acd4d81375a6caac43bac4708bcb797 @@ -13356,8 +13508,8 @@ trackedFiles: pristine_git_object: 193deb90a5d8867583d562a48d97181fd89d65c8 docs/models/redisauthtypecredentialssecret.md: id: 665660cd0f4f - last_write_checksum: sha1:0c4d2a676f432ae95fc1a6c9f6edeace2100ae6f - pristine_git_object: 797fe942c6e6a02515c47efa1382353228ac4db4 + last_write_checksum: sha1:d6354ccf219973ce2a15ad7bbf72e5cdbf04c032 + pristine_git_object: a8683fbd612a7d4c9105a78c40f43d25bf0b8854 docs/models/redisauthtypecredentialssecretauthenticationmethod.md: id: 5122660f0462 last_write_checksum: sha1:b6d9f9d9e03a3e00b9d8ee710bd8db75cf5d4267 @@ -13372,8 +13524,8 @@ trackedFiles: pristine_git_object: 48e35e82ef7a1f51aeb64adaa76992e04e96f269 docs/models/redisauthtypemanual.md: id: 0ff4094565c9 - last_write_checksum: sha1:e60cdd6763d3eecc2674669518bdab8279c09ffb - pristine_git_object: 02e0ad39ab272a162d84f8efa608bfc98e532f50 + last_write_checksum: sha1:8655e4c645fc4976bd429e7627e6332878d59023 + pristine_git_object: 13df8cf3e5feae2e36c8fa55ef042f9cb8945cf2 docs/models/redisauthtypemanualauthenticationmethod.md: id: a7c42fe1ae11 last_write_checksum: sha1:ecbb52f1a839364ccb1ea1fdf873777b6fd65a39 @@ -13388,8 +13540,8 @@ trackedFiles: pristine_git_object: 0d845693884df976dff1221e46247245000d766c docs/models/redisauthtypenone.md: id: f692ac6fdaf3 - last_write_checksum: sha1:dadc66e8e945b98f8bf8dbdf7812992baae2878f - pristine_git_object: 03d2eeb955a21b69e3ab8d605e47e9e08db00d32 + last_write_checksum: sha1:72566bdd017e71b763945791ca212d86b17255c1 + pristine_git_object: 76ff1a9adfa3cfd508d349bb7c7d4f25d80bf73c docs/models/redisauthtypenoneauthenticationmethod.md: id: a7f5fc525be1 last_write_checksum: sha1:8ee9981710d7590baab1131779d48135433d6877 @@ -13404,8 +13556,8 @@ trackedFiles: pristine_git_object: 7f6a54e6f2a8021e0789a92f19bdf55d43bc8c30 docs/models/redisauthtypetextsecret.md: id: fd95d171a1b4 - last_write_checksum: sha1:4eb2b3068d5670ae95e8145787cbe1b90c4e4c8b - pristine_git_object: 4c353eac76c9cfef19235c0371887c5cfe3c8804 + last_write_checksum: sha1:627b3ed7dab615b9b984b3d69b6b7d0552dda8c4 + pristine_git_object: d905c3a41bc0c4437cee10ee01d796e37baca7cb docs/models/redisauthtypetextsecretauthenticationmethod.md: id: 6b49eb5a4416 last_write_checksum: sha1:41b252de8feb903b4ab1124f680ec8c46c87294e @@ -13420,8 +13572,8 @@ trackedFiles: pristine_git_object: 16b0de80d7ea5380bdf6608828dc20582d6055ce docs/models/redisdeploymenttypecluster.md: id: b81ba9d461fe - last_write_checksum: sha1:a58d861bab9fb1f627b50f94ed2fecc576b9a04d - pristine_git_object: fd4c360d0a097fc2c69ce9a3cc632a4ea558e05d + last_write_checksum: sha1:7516a912d824cae41b84c82145ba25a39647da3d + pristine_git_object: 472f52016f568f486d3501e1db2395837cf1261f docs/models/redisdeploymenttypeclusterauthenticationmethod.md: id: 76a09f928b1c last_write_checksum: sha1:a7275354702dd5046b26b15096d371fc207506c6 @@ -13434,14 +13586,10 @@ trackedFiles: id: fa9c9a3431ff last_write_checksum: sha1:aed2f08a57f332c93487f593b85720ae895a595c pristine_git_object: 482959d0e6bccf3e80a634cd21683029267871b4 - docs/models/redisdeploymenttypeclusterrootnode.md: - id: a66a6f6ae973 - last_write_checksum: sha1:291c495ccdb99646a73fb060b0c5c779fd7e9475 - pristine_git_object: 9d893c25a6f3397ec6cf3e66fa38736adf30ada4 docs/models/redisdeploymenttypesentinel.md: id: ae049d0515b1 - last_write_checksum: sha1:9237692343c05c0648800de38c84e25889658787 - pristine_git_object: 833c1a7893fd9acea7d8a068dcdb72617e8588aa + last_write_checksum: sha1:98bbf5d284368453e06d65a8ba9e54b84eefac59 + pristine_git_object: ad2818e7206ddc7b27d3763c8936f6c2da049d8e docs/models/redisdeploymenttypesentinelauthenticationmethod.md: id: 324dd9e68a6f last_write_checksum: sha1:57c15e597e9b45cdd0cc38a9d94c95dba110953c @@ -13454,14 +13602,10 @@ trackedFiles: id: f333b1027156 last_write_checksum: sha1:0d50dcecd60ab6ba82613845de6d8c6d60cb7fc5 pristine_git_object: c92854cfe5ecec60fa51052eb63618d3f3855cff - docs/models/redisdeploymenttypesentinelrootnode.md: - id: c285d3f84eed - last_write_checksum: sha1:218d24667c77b166b6afcb6a13bf9b2101597232 - pristine_git_object: 289d1619b9b4b961f810f2071fd40f95e7c8dfdb docs/models/redisdeploymenttypestandalone.md: id: b036f5eedf54 - last_write_checksum: sha1:76c7d859f28141d926984b7df78f5784a634f809 - pristine_git_object: c40a7e2aaad93b9909f5390d83ffaec7908200ff + last_write_checksum: sha1:1e0f742cfb14fb8b218d9a70655f1f5c8a874b03 + pristine_git_object: ac3d13b4566efc42200357cde7a0b396f859ac72 docs/models/redisdeploymenttypestandaloneauthenticationmethod.md: id: 207e1ec18d3d last_write_checksum: sha1:c713a9d0062978ad0bb082ce20605b52f83132e7 @@ -13506,10 +13650,6 @@ trackedFiles: id: 08f770d46891 last_write_checksum: sha1:ca1dc3db38471905dca6a17b84ba87c9fe1eae4d pristine_git_object: 410b61427e3abdaa35fe686bf02c69a462f13c3b - docs/models/requestparamconfinputopenai.md: - id: 53e619ab9d40 - last_write_checksum: sha1:d82879dadd71dca32d76bb5651ffc71a1587759a - pristine_git_object: 8ac0da18fec6e7215d1a3f342aaaf9b3b9b322ee docs/models/resourcepolicy.md: id: ef42181f86ba last_write_checksum: sha1:1a2d0526c5fd81e770489156ac7231472b3f84b8 @@ -13536,8 +13676,8 @@ trackedFiles: pristine_git_object: a6e9b0742507c08a5c073217eb58b27b9549cba0 docs/models/restauthenticationbasic.md: id: 690f37760f5b - last_write_checksum: sha1:cbd271b1fd0d41be2f5647633130e8f936e675f0 - pristine_git_object: f08b25e296db4a40fc75b311a7d315142cd1294f + last_write_checksum: sha1:366c4ef8fc4605324dc487ebfe6ea1ad9b312804 + pristine_git_object: 35c40805779f0047c023eaa33dd9d3c8eb2cd453 docs/models/restauthenticationbasicauthentication.md: id: 326b60565008 last_write_checksum: sha1:874c23e249a0fac20182ff3158a73927f8a6205b @@ -13564,64 +13704,64 @@ trackedFiles: pristine_git_object: ff751af33eb3f37bfb1396cfba4e2a4f9db56577 docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodget.md: id: fafa1ad2c3d7 - last_write_checksum: sha1:078581372d23eb30d6d1d61a6a1fd7d9613b189d - pristine_git_object: 5e0ae46be63190ecc287535493086fbb84b7d1df + last_write_checksum: sha1:35d1fc56781304a658ea3e3221921b9c3ccf302d + pristine_git_object: f05d3092b232d01b5113fa4cb38a754a5baf7648 docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: 93fd25b1241c last_write_checksum: sha1:9b64f78f921e65c88690cf56c144bbac63877828 pristine_git_object: 922a2fede209dc9cd27e0eff83dfc58495431989 docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodother.md: id: fc6f1c01128d - last_write_checksum: sha1:ae503f4a8ecb7bc4954720a8fed61dbb6e015474 - pristine_git_object: 156d6d0363117edc7fd46df6e0122c3df4acce90 + last_write_checksum: sha1:824b51303b4c3fb526bc655f9bf9963ac243147b + pristine_git_object: 9b55dc9bf607704d98bfa9568d70bff3b003dadc docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodotherdiscovertype.md: id: c0569732e311 last_write_checksum: sha1:7945f37fd2f267a1369ee1b71bc95fa69c918f61 pristine_git_object: 0468a86281e1ffa2907c7d8a3cbafdae2df850d5 docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodpost.md: id: bd44fe42b6ec - last_write_checksum: sha1:9a782f232e4845d2a049f60316de330534a40b72 - pristine_git_object: 27b57b6a74a989c205326d248e5d09867feb34b8 + last_write_checksum: sha1:fbc270cc2826d2f630a29fce0229576dceda8c3b + pristine_git_object: 11a5017b388e8225e6bdfa654526822cd5bceb7e docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: 69729ac78e31 last_write_checksum: sha1:23b487d58b3e2726aee15ddc542b46f5f45d0e53 pristine_git_object: 5c170018b2544130653439d0c1fe8277a97f3141 docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: f665aa370dfb - last_write_checksum: sha1:8b9c8259d63c623d3ecc36ad6705b0a649cd053a - pristine_git_object: eba4494d549042efc650421b6c3a163f034dd4b6 + last_write_checksum: sha1:4ddf921c56ddd474a93cd0d2c5a02b7539d45c9a + pristine_git_object: 4e81d7efb4a396af49d0207173e10ddb0bcb3597 docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: b4872ee15629 last_write_checksum: sha1:a92fb003ad94c88954af2c9fdebe3f5b00ec8811 pristine_git_object: cd01b9bef78bc84dbff95c7ae865c086bcb36e6f docs/models/restauthenticationbasicrestdiscoverydiscovertypejson.md: id: b3f3fc6dc73d - last_write_checksum: sha1:11e75b596e449a9834f72a7a62f1bf28ab8daf30 - pristine_git_object: cda3304ff740cc4d9c1a9f02e3eff64f309850b1 + last_write_checksum: sha1:c781144888c7b507d002fa37d0ffc9f215727efd + pristine_git_object: 408363e975c1fff1bfe0aee9893fe61c91e2d8ab docs/models/restauthenticationbasicrestdiscoverydiscovertypejsondiscovertype.md: id: 5a21caf78d50 last_write_checksum: sha1:4ebaeed60c39d2d1e773c64b8e3e4477db311563 pristine_git_object: d87b71dee083df901a3beb54786ae6c4c3721e4f docs/models/restauthenticationbasicrestdiscoverydiscovertypelist.md: id: 6142c321ab81 - last_write_checksum: sha1:689f1154c4b7d5b9d1cdf3f3bd236fc64e7d81dc - pristine_git_object: 0d205953893f7e00a474d2b825a80f4186f5211a + last_write_checksum: sha1:587ce224c9349e6262ed04bbebb01a762a84034f + pristine_git_object: d9c1c2d5319ddc4eb483d37309616388e1c624c2 docs/models/restauthenticationbasicrestdiscoverydiscovertypelistdiscovertype.md: id: 242d4d67026c last_write_checksum: sha1:ccd0cd75eb58c245da6e9028205f2c4e123c02b0 pristine_git_object: 468e05061a907914b6ee1c897f7d5e6927d483fc docs/models/restauthenticationbasicrestdiscoverydiscovertypenone.md: id: d090066d1bcc - last_write_checksum: sha1:aab90e145443f0386c217bb2490d59e43fdf9646 - pristine_git_object: 86ab4db32eb5c002871f696d6dc125c139966b9d + last_write_checksum: sha1:6c70a3a310335291697e685471d07e1ebfe90b1d + pristine_git_object: 3d00c43e0bc40f4f0128b37a0b7d139d92db38b5 docs/models/restauthenticationbasicrestdiscoverydiscovertypenonediscovertype.md: id: 5a5ea08b377b last_write_checksum: sha1:56cc27703519e0e24d833147df034241ac89e4fd pristine_git_object: 36ac2e4c03a60fa70387a5bffa9d96fc8740a4b7 docs/models/restauthenticationbasicrestpaginationtypenone.md: id: d7ac28a86f58 - last_write_checksum: sha1:303cb69a7649787cf9cbb663777d81b8dfcc1e8a - pristine_git_object: 1714258b78a0e9466ddc88b3d7b631faf3007a10 + last_write_checksum: sha1:8c1ac90ac993b105af81156d7334b184965d3cb8 + pristine_git_object: 5ed544e03fbced457c36a8936d830804a8d0efa3 docs/models/restauthenticationbasicrestpaginationtyperequestoffset.md: id: 7e6cb69e7d29 last_write_checksum: sha1:b99c13777692a1626c8c5c52dcaf651217d723d7 @@ -13632,20 +13772,20 @@ trackedFiles: pristine_git_object: 0609a2a781ce88a26a76cce4df924c8dcd0a3346 docs/models/restauthenticationbasicrestpaginationtyperesponsebody.md: id: f61023260c95 - last_write_checksum: sha1:dd97df1cc2cad9372a190a599acbf5641d098f0a - pristine_git_object: c3654d3e523d51a4b4801b737e2a27b05fbdc5ae + last_write_checksum: sha1:9f68988415de1d26d8a3c1dc3b55e267d04efa6d + pristine_git_object: 769c809dd4c36df19384fe8afbef7f404ddd5ccf docs/models/restauthenticationbasicrestpaginationtyperesponsebodyresponseattributes.md: id: 826e04f2e20c last_write_checksum: sha1:d87ab59cf5c5638fd9e21643b9cfbbe6980a030a pristine_git_object: 9ca90ea2ee75d91d4a29e2a855118764900994be docs/models/restauthenticationbasicrestpaginationtyperesponseheader.md: id: 9fd6ced614ab - last_write_checksum: sha1:86d0f258ee6f6e9490891e2f94018435a3adede9 - pristine_git_object: 81e6a692df624a2133be8a5dd198270e8546cc33 + last_write_checksum: sha1:6f45bebaddaf12f9d2883f2cef548d1a55528642 + pristine_git_object: 94b90cb54969a651121a946be400c638903013b3 docs/models/restauthenticationbasicrestpaginationtyperesponseheaderlink.md: id: bc17983f229c - last_write_checksum: sha1:ff92d6fe69d8980a51e2a4c70d4ea3e32ab829c8 - pristine_git_object: 220d51ea59268522508fce94161156e4d4aa0689 + last_write_checksum: sha1:4ab79d361759616ab05343a4f0644fea7ac08594 + pristine_git_object: bf7086877844f9774b704805c15e5bc4305c559f docs/models/restauthenticationbasicrestpaginationtyperesponseheaderresponseattributes.md: id: dac24f2f3ef1 last_write_checksum: sha1:bf99b04153cfc3fa213896ac806ce31db7d35d4b @@ -13672,8 +13812,8 @@ trackedFiles: pristine_git_object: bb374af51bc692983f2b59c03ccd2052178091cd docs/models/restauthenticationbasicsecret.md: id: 223b425be412 - last_write_checksum: sha1:686d9cec11542ae85475d53aa573039d4e8909af - pristine_git_object: 23063273bac771a20513c8123230b9531e35fbb7 + last_write_checksum: sha1:04473000a9a0c9b910155ba67cffb8f9dfb994f4 + pristine_git_object: 30feda417f0106e1031dcbef056cf9713a251b12 docs/models/restauthenticationbasicsecretauthentication.md: id: 4211cbf9c9da last_write_checksum: sha1:30a7148e5091c6d427a4e81c8e4bc72f15fa7788 @@ -13700,64 +13840,64 @@ trackedFiles: pristine_git_object: 44d8da8b05c991a72583a34dd455984f7912e236 docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodget.md: id: 5573888b44f6 - last_write_checksum: sha1:a8f427ee625ded7e1c8db169395c9e2ecb6d0d12 - pristine_git_object: dfd0eb68f468d5b63479055e90783a12ec9cf70a + last_write_checksum: sha1:a7f5cb9d4e7089af56e69349cddd4d27024f5c37 + pristine_git_object: 2e3aefe42682fa31c23c50c04be5c703a5b0f00e docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: cd9eb1d675bf last_write_checksum: sha1:4b1b8eb35d56fe0bef712bc070073b2f83bafc8e pristine_git_object: 2b862185693f8bf01feef1ddd0bbe3d7290162eb docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodother.md: id: 841da8e9344b - last_write_checksum: sha1:8b2308eaa0404acb44a2158ee4103cfed2f25c96 - pristine_git_object: a75894ad36f1a7d954f2d9a577919b0811d1075c + last_write_checksum: sha1:162ce26fe0f848b4c65a8456305d88b70893c555 + pristine_git_object: 246369b211eaaf00fdaaa0fafefc1fc64ce8d1d4 docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodotherdiscovertype.md: id: 23892770b39d last_write_checksum: sha1:5dbee3cf8718daeea611f42ec1d22046d0da4b4b pristine_git_object: a1c1461e618f6cf178b51312ce7a8584e92823f6 docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodpost.md: id: d137dc4ea219 - last_write_checksum: sha1:3d075aedbf4d23bbe15227267ca24d53722ad4b0 - pristine_git_object: 1b7ee17bba23649fcc18f1707f984c0a6d086df6 + last_write_checksum: sha1:1247eff632afa02d5861af9a06c8fd33e86633a2 + pristine_git_object: c160638a52b49529c331d383c8d8c0b01b829108 docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: 335f99f86014 last_write_checksum: sha1:01e5a56f5a1497105bf4592637e28e9157b6e115 pristine_git_object: 73496feb051a3f8e0f640207d2833914a2ef5c5c docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: 04f9fe8b3322 - last_write_checksum: sha1:f5f7e873c07dd31cf93e741d151e8ad1bfd1a218 - pristine_git_object: 56d40d56a436e1847a54c331d7fc4058cd93f7af + last_write_checksum: sha1:aa4d81b557e82fcd4f90d79128608c68e0f3a22f + pristine_git_object: 2b0910fd3ff795d3865db0830123a70e77dd43e7 docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: 7c826c74c112 last_write_checksum: sha1:c5c3fed6401b40335831ea277517cc6adf878d23 pristine_git_object: 7dc659679c2241dd2d372b46682725a9f7b6469f docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypejson.md: id: f2f4282486cc - last_write_checksum: sha1:813e7d0044945b51efab57cec5dfd1e4ec425faf - pristine_git_object: c25cfd7ca77936d7a8ab4a5162836fde7f6f907c + last_write_checksum: sha1:dd0d6f14f3435c56f6aa28e6bd8c3cedc24278bc + pristine_git_object: 9be0b766ddff317637bfa24a432310fb198ff0d2 docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypejsondiscovertype.md: id: dbc6ca3f3379 last_write_checksum: sha1:fb87d5981bc4efb616dfd157ca40c383455f6eed pristine_git_object: d3e438be3c4e47a62e6db8c9e31a6f7cdd90535d docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypelist.md: id: 0e1a08aeb6d8 - last_write_checksum: sha1:60cc82f6350456c0fc5cb856ba8f99df71158c2b - pristine_git_object: b45c4eabf172b2796f238b75c8daeec1237c0ee6 + last_write_checksum: sha1:c2ab80afca2aa09bda013a94bbfe05bb017e8251 + pristine_git_object: 0844e592497a01b3ef72f78dfd721c6a75159d26 docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypelistdiscovertype.md: id: eef9fd5cb556 last_write_checksum: sha1:2a54f265284c376706c65891a7810f320c2fca81 pristine_git_object: 131467f151927d1f740b3de1d71dabd8534056fb docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypenone.md: id: d0189eb9668c - last_write_checksum: sha1:56922b99cc2cbeac44073037c663fff82ce35e9c - pristine_git_object: 89126c3f171fab88cf5471f00f65f5c88de3eac4 + last_write_checksum: sha1:cbc80072005da810652b862869e3cbf965c283d4 + pristine_git_object: 13c045ddcb30515e5d0f6851b9b6e2100a904864 docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypenonediscovertype.md: id: 62e20b98e51d last_write_checksum: sha1:f4e5ad85e7346f1955007e3a309ce6cfb046ebb6 pristine_git_object: 1092922d95ca66a2013fc3c26ed3a7d3bc3fc37a docs/models/restauthenticationbasicsecretrestpaginationtypenone.md: id: dded138dce7a - last_write_checksum: sha1:ba0dd38513912be85fac77e5b3b6d468d3cb39b5 - pristine_git_object: d0f907276b54d916bd68386888ec6e58b6692c5e + last_write_checksum: sha1:85d9c8da713cc43e6cb3083fed6060a2b5ffa1f0 + pristine_git_object: 88a90133a8353f6e2e6595a67f0bef376d54d9fa docs/models/restauthenticationbasicsecretrestpaginationtyperequestoffset.md: id: d7bc87e54443 last_write_checksum: sha1:07e248d880716b468f45e286b65a72905a752285 @@ -13768,20 +13908,20 @@ trackedFiles: pristine_git_object: 433b6d49fabfebd0d8e3aa87bbe2135ff6e088c7 docs/models/restauthenticationbasicsecretrestpaginationtyperesponsebody.md: id: 1a1bef1736e1 - last_write_checksum: sha1:8da7bf7458f90ae93375b744cd8ed1e079e21499 - pristine_git_object: 2c2ff07b68285009cab6d383d88b09b4f6696f59 + last_write_checksum: sha1:2e996222da73b32901877bad108dad2920c6a248 + pristine_git_object: 31ea89ec464fecb2dc71b3cf400cc70a86f3d147 docs/models/restauthenticationbasicsecretrestpaginationtyperesponsebodyresponseattributes.md: id: e58c38ae87af last_write_checksum: sha1:66f740ce1bc2bc5147d6443109cfaf5de7d8a9dd pristine_git_object: 17d4635c7939c9ca77209de4474f6c08474cdf60 docs/models/restauthenticationbasicsecretrestpaginationtyperesponseheader.md: id: befa3c3aee47 - last_write_checksum: sha1:acc91c1af39173fae51670fcdb05a63bd56bc6c1 - pristine_git_object: 5bb18d2c98520f2b115878448cad70f24c29a908 + last_write_checksum: sha1:4572baf460b26a02f071f5b3e7bde462da6a1c1d + pristine_git_object: 95252fef014bd47d80270123791657210bae4ff3 docs/models/restauthenticationbasicsecretrestpaginationtyperesponseheaderlink.md: id: 7bad5193c479 - last_write_checksum: sha1:d11f6a1652c0cd3147e1627fc8db21f6f152da7b - pristine_git_object: 75195dba72a1654deae58a0961402b062576bcdd + last_write_checksum: sha1:62c7144dda585cca156cb21ca0e973db2ae73b4c + pristine_git_object: 22f634a301355e67cfbb501c8ff58e51c66afce1 docs/models/restauthenticationbasicsecretrestpaginationtyperesponseheaderresponseattributes.md: id: 822be7dbf7a8 last_write_checksum: sha1:92731f4a02cd2ecaf24cc842073fe0b01cb7452a @@ -13816,8 +13956,8 @@ trackedFiles: pristine_git_object: eaeee7092bcd2b49701b4dfd8d3196199a3c5171 docs/models/restauthenticationgoogleoauth.md: id: 7b799abc3e21 - last_write_checksum: sha1:1a46da2a5d5465fef05eaac5f07d9d348bbf86a9 - pristine_git_object: a9ef2f87524c1f3c86ba463bde513f3baae24bd5 + last_write_checksum: sha1:5d28bac5ff9e31c16be50e8ee1d3b6ec9b0a6865 + pristine_git_object: 17f02b7a4e756fe0df69018b90c1e8ebd1658673 docs/models/restauthenticationgoogleoauthauthentication.md: id: 947db7cac21c last_write_checksum: sha1:967b1c6f73d6c62089ad9e1b6e4a6e8d55d12216 @@ -13844,64 +13984,64 @@ trackedFiles: pristine_git_object: 68db2f14b7224484ebe98e607fb4284d9eb560da docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodget.md: id: b90d0679d95d - last_write_checksum: sha1:8990eb321114ea37a35704643ad0cf0414014f62 - pristine_git_object: 9e24ffbe0e9eebc218cd39931d26d1e6463ad452 + last_write_checksum: sha1:673222a77a0d2de6337aa729d598e610cd1a4d91 + pristine_git_object: f9651d2c69b98da220c24a2aba2109d7b5772266 docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: 49929611528b last_write_checksum: sha1:6bbc57cc1fc80bec9382b71ada0a9d0c4d65e27b pristine_git_object: 4b83b2673986e955db0e5c5e881f8d9076dc788d docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodother.md: id: 06c1bf6cc041 - last_write_checksum: sha1:89479eb434c353bbaa7d551808b8c6e6e6d21f15 - pristine_git_object: b64fef96e5cf21731d95d50efd8f3a0fcdbcbb20 + last_write_checksum: sha1:58e1007ee7df245e66683e6d38061be3a43e4fdd + pristine_git_object: d0e9123a74c8fcb7a61dbb96ea177d9f8ae4b5ce docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodotherdiscovertype.md: id: 656b611d3bc0 last_write_checksum: sha1:e80fb03353b7c75a50ae0bdd2c346aa576c98641 pristine_git_object: ce04607c81b38436dd4f1279e2bcc7175968a6f4 docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodpost.md: id: 3102f1b158a8 - last_write_checksum: sha1:b05e06797bdf4084c82995b6fd110ef5b24d938b - pristine_git_object: 1facdef9b86cc33fbc18b3f3b18247eb4b0d4560 + last_write_checksum: sha1:27588b3a73b077a6b860924da52fa0ab45291aa9 + pristine_git_object: e4170f3fcf7283970770857b71a4f95b512f3f4c docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: c6c2249441dc last_write_checksum: sha1:2263d6fce84593645ec8c3139a7ca317b091662b pristine_git_object: 0258a0e6593cca484ef717c580c7341e94ac543b docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: b1e21a35436f - last_write_checksum: sha1:5af24ea7984f4224728f5dd17707a39a75397aa5 - pristine_git_object: 15178abf8090013e88f5bf8f009dfb7addc5d356 + last_write_checksum: sha1:6f9e5f8394d3790c7b78abb84bf7f44998286be8 + pristine_git_object: 9a34a3d8c652ebb6beca83201a4d5e62a8083abd docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: 579c46b17bf6 last_write_checksum: sha1:68f1a3a837c3293966f386136509c8288ac35aab pristine_git_object: 4c76a180383def837e2948bca202adb83332a5a1 docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypejson.md: id: de7e4828948a - last_write_checksum: sha1:fa894a46c7263359bc609ba9eb2ddd7b137549bf - pristine_git_object: dc2b360a9f41f1a1a29f9ad13e0dd409ffa6c0d9 + last_write_checksum: sha1:25a4002131185912b043b4f915563171bf1694d5 + pristine_git_object: a61085a501f01e0032bdbc260af196136a2f4c98 docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypejsondiscovertype.md: id: e261df6e4e2f last_write_checksum: sha1:4e382f8ed4f1e9573b3ffe5510652e2036120fe3 pristine_git_object: 4193abc07518ae7ce24a78c6de86c76542aa3ec5 docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypelist.md: id: fb5e17a1786d - last_write_checksum: sha1:78c9955ab6d5c80823d85f90e83ad639d91a1f33 - pristine_git_object: 197b6f12012a40a43ac05c35b1cf7bee29ca7eca + last_write_checksum: sha1:fac2541d04a61d7db8cdece126ca3789689e784c + pristine_git_object: 74bb4c75d1d44d5ec9636e9dda30bec6bb7afe11 docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypelistdiscovertype.md: id: 6d08abf75a02 last_write_checksum: sha1:3c06a2512a5948ff3e10c0132ad340d758d9dbed pristine_git_object: f0a75b13188cfa05fa05f121719d417bded9c975 docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypenone.md: id: 927235663b07 - last_write_checksum: sha1:267734b72be43bbc5ce59e3c230dfdd0ce768f95 - pristine_git_object: 111aa64f23ad10678b4cfec522c2216ed3fab632 + last_write_checksum: sha1:09439d3465277ef48bf35251f1492e29ea6198d5 + pristine_git_object: 497416056d2720d611ea9bf080ea8bc20f0079b2 docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypenonediscovertype.md: id: 16c63efde32d last_write_checksum: sha1:bbbdb39cf3f7cb5c5ed3e2c086827f7f3df02566 pristine_git_object: f78403beca3b49ba7f521fbe6ac65798682601e8 docs/models/restauthenticationgoogleoauthrestpaginationtypenone.md: id: 6be8c1958044 - last_write_checksum: sha1:9207c837c7d439b3ef3762ac0d69e6b3ebb94562 - pristine_git_object: 480d62ad1b04f9421bb62ddffa02d7b32f1d6dd1 + last_write_checksum: sha1:844632ea913215c1bc7f2ad68fcbdcf56ddbb66a + pristine_git_object: 1c6735531ef560b3f13f9c5409d9db45a2920a52 docs/models/restauthenticationgoogleoauthrestpaginationtyperequestoffset.md: id: cb2ac80f4737 last_write_checksum: sha1:670e2db9b6bbef24e2f60d9969f3786c2c05ac8b @@ -13912,20 +14052,20 @@ trackedFiles: pristine_git_object: fa6f458653555bf0f6d81cc36f4879b282a9be85 docs/models/restauthenticationgoogleoauthrestpaginationtyperesponsebody.md: id: e2db63b5051e - last_write_checksum: sha1:73a3d4d8f6783862b4b9cf309b1a5c42fe45644d - pristine_git_object: ec69233b9697ef8d0e8cf4c540d54e5599111e10 + last_write_checksum: sha1:7cba856299595ee122835d0318f6b66de50278ba + pristine_git_object: b5fda3d176950485842c5602cda3e0efcbeb55f5 docs/models/restauthenticationgoogleoauthrestpaginationtyperesponsebodyresponseattributes.md: id: b0283c22d665 last_write_checksum: sha1:9851eda6752e906d192eebd1ab66d9a38ff39f37 pristine_git_object: 6b35e62827c46b4368805dde53278ded0a8d2d43 docs/models/restauthenticationgoogleoauthrestpaginationtyperesponseheader.md: id: 8a6317fe412e - last_write_checksum: sha1:f4a7ece5b84d86581ad62a436505db2c385aa8b2 - pristine_git_object: cc9271cdcac7e14878db20639c01115519f4b1ff + last_write_checksum: sha1:68b19e0cf9e398ac69e393a9ac6ea181d579b665 + pristine_git_object: f300fc4169ea5f607008a422308a2d0a39f06e1d docs/models/restauthenticationgoogleoauthrestpaginationtyperesponseheaderlink.md: id: 8929dfe70282 - last_write_checksum: sha1:b9a6a9057861f782a78a7edf3fcfdf61cec0822b - pristine_git_object: 717446e456ed708e723d8a87e25140f6aacdd352 + last_write_checksum: sha1:e40cf678a21b6a8bb2c90e41a7a7d347869bcc06 + pristine_git_object: 11e8206593ea2c1de56dc9b73de3fcadc2e9e306 docs/models/restauthenticationgoogleoauthrestpaginationtyperesponseheaderresponseattributes.md: id: b2cddfd24bdb last_write_checksum: sha1:c95c58d217111e32121702cf0b8935d85a5a0684 @@ -13952,8 +14092,8 @@ trackedFiles: pristine_git_object: 5447011b460ae51f5c9ddb22c3cfd7d378b8e925 docs/models/restauthenticationgoogleoauthsecret.md: id: a23fcea7d64f - last_write_checksum: sha1:28b2adbc9afa3846ec17203b0b17a1dfe6a2c6d5 - pristine_git_object: fae7fe289ca22838e444648c5608d937bbffca9b + last_write_checksum: sha1:c27c02abbe1f219d47ee4336d827f70b2fe14326 + pristine_git_object: fb636c06758716b8e0b8dabe7284c06637242d98 docs/models/restauthenticationgoogleoauthsecretauthentication.md: id: 584aad1721ce last_write_checksum: sha1:bfceacd25fdd0868effd4f95d3cadfea80db8a9a @@ -13980,64 +14120,64 @@ trackedFiles: pristine_git_object: f011e224777f203f0aba5b06d284109ec2b29cbc docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodget.md: id: fb7c17c7b9eb - last_write_checksum: sha1:7421a9ea63d950d5d20885c6dab01d9c39fb0ab5 - pristine_git_object: a2618e3b9b1c86458024ac7984bc689ec6b3bc41 + last_write_checksum: sha1:506fe52fe0f2872060fc00bd3e4ea0c72b0f0a72 + pristine_git_object: 2644a47b24868e2a79821d249b1b34095744cde5 docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: b61e5c01d4ed last_write_checksum: sha1:80d896489db27a81f07f84476e14e8378250d436 pristine_git_object: 98217f36b7b6601e4973979356161725daa06bcb docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodother.md: id: 9785cf5f543d - last_write_checksum: sha1:72ed723fa90c1d2094d29c4230884cee22754f75 - pristine_git_object: aa82675147826fc96bdb874175897ea5232d2cd2 + last_write_checksum: sha1:24cda6c8d1000e6e613c82b74f9672e974584f20 + pristine_git_object: 32d274745cfaac15f2fc8afb1918240b26a06d09 docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodotherdiscovertype.md: id: d448affed1f5 last_write_checksum: sha1:7b0c9faf32d4c678183b2c8c72fa028c4add2a90 pristine_git_object: 242457e5e200dcdcc53e0ebe9a84f193fb03c8f9 docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpost.md: id: 8f3ba2df6eb4 - last_write_checksum: sha1:2c14f91f8fe5f4a24bafa5022405097113fff312 - pristine_git_object: 2187d5227b4727715f6f60d31160cac2b201cbbc + last_write_checksum: sha1:cef682675a9f729a7aa1d373bddf997d35ec77ea + pristine_git_object: 8c4aead0aacfcce2e63a09b62b79f0bd54be6a28 docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: c39be0ee2cee last_write_checksum: sha1:f5e9be149114dbb8a94090e633b90a918abe5ba4 pristine_git_object: b2d1a5cee8e5d9480355b0a16ce7b3cc7c043c87 docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: ee805ad0c2fd - last_write_checksum: sha1:f5cd6aab147ae086df8694513d2f501678069fce - pristine_git_object: 416fbf18ecf991738da5ae3216b39ad34f21af84 + last_write_checksum: sha1:bd476a88c07e5f01f08c8f0711f5cd19e8937f98 + pristine_git_object: 99d7490312eae054b08abe44cc3abf93a26454ea docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: 2e61b4c88eb5 last_write_checksum: sha1:6ab517bdfc94812404d2eafbb380a8043953d42a pristine_git_object: a9ddadbb589b37754fc98e6bf40b5ebd772440de docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypejson.md: id: be25cccf4b0b - last_write_checksum: sha1:7b819bcdd4e9d93df3e40669d208139b3295cb56 - pristine_git_object: 423b1dfcf0298ced90548ec2f1a68a47605fe562 + last_write_checksum: sha1:ffc41004cc26bb1ab4acfe44b46f584173cd9c4d + pristine_git_object: 8c9ad5f16173886cca7a7514d9e469fe4715592c docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypejsondiscovertype.md: id: "080040751708" last_write_checksum: sha1:20d97590c2f4ee6f553cee3eef3a640d42429178 pristine_git_object: e5fe7af22e81545b5fe10ea5f4b117e4afc704a3 docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypelist.md: id: f377cdc935cf - last_write_checksum: sha1:f84b3d2be1a3dc7959b7fc31ae635d99a5bf4e38 - pristine_git_object: 00f495af93fc27d00a05c0707411a84475ab9c9a + last_write_checksum: sha1:0a607a4395afe93e4ae552659b1ecfd1a619d2eb + pristine_git_object: d55f5effb3e1909f7fb097204532cb574c97a801 docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypelistdiscovertype.md: id: df3f4f03b45f last_write_checksum: sha1:56559591921a23be98f4ce394ad89575426b40c0 pristine_git_object: 6cf6355c035d8e3511c3ac148fbb3c0bcf47ad81 docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypenone.md: id: 99e6a2f91ae1 - last_write_checksum: sha1:03dc23dc4c15d4aa1c32336244a4b0e0d0e60dc0 - pristine_git_object: a5f3ab35c8443e19f75439e6799d0fea184f9978 + last_write_checksum: sha1:f4604f78b4fc06ccd954cb17cb0cfb0b4f3578fe + pristine_git_object: 1aadc6b9946ec350b2fab47fa565d050158b7326 docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypenonediscovertype.md: id: 491f609609d4 last_write_checksum: sha1:b856e1ad28f82c8cc02eda91b8631889fbba7050 pristine_git_object: 7be9ce4aba985e0c464fdfd30192d99ce07fbfe4 docs/models/restauthenticationgoogleoauthsecretrestpaginationtypenone.md: id: f5b18ff46e5d - last_write_checksum: sha1:df87a7e58ca52661825b8c6e8e24e7905657fde0 - pristine_git_object: 3114b23726e4ec66f5c2792155fc5fd2479a927e + last_write_checksum: sha1:5063b757277bf6df9c9fdadb1932198828307673 + pristine_git_object: 5d81a02aa21e37bc916699cc0bf0452b9ca68ae4 docs/models/restauthenticationgoogleoauthsecretrestpaginationtyperequestoffset.md: id: 4e0d4ab0859d last_write_checksum: sha1:d4650450bbf153f26a77875b16017944ecb0c1c1 @@ -14048,20 +14188,20 @@ trackedFiles: pristine_git_object: b6db0f1adeecae4f7de69c77d0b6726d6b6f1898 docs/models/restauthenticationgoogleoauthsecretrestpaginationtyperesponsebody.md: id: 2011f6b715d1 - last_write_checksum: sha1:f706a1f34bfe12b9a54af15fbb7bf78333c07f13 - pristine_git_object: 040010e283dbebc8a88d80a3e636383b7e495463 + last_write_checksum: sha1:d71d2eee2cca4b53e42b290bb224d938804fbee9 + pristine_git_object: 4f5c893d0ad70506f94448688633e94406c2eb89 docs/models/restauthenticationgoogleoauthsecretrestpaginationtyperesponsebodyresponseattributes.md: id: ce833dff977d last_write_checksum: sha1:ce20bcfe1d8ac2d24ae947a68095ba6579a9481c pristine_git_object: 0a66657211ab8ced7e602485366b04f8c5a5117d docs/models/restauthenticationgoogleoauthsecretrestpaginationtyperesponseheader.md: id: d7e90ea8efce - last_write_checksum: sha1:1ed1c8f1feb93504c316a2f1b888ddd9e1b50e98 - pristine_git_object: 0d0be62f1f1e92b45c5885e6558dbb96dbcd9b0c + last_write_checksum: sha1:5fb94729a98230695f7e1ffcf78504e6ee66452a + pristine_git_object: 6c614d29337d0e5ac7a5b6bf58da4c6691502f79 docs/models/restauthenticationgoogleoauthsecretrestpaginationtyperesponseheaderlink.md: id: c60ab49c565e - last_write_checksum: sha1:8d4fb643730730e7243c88905b6264f95e2a1f7d - pristine_git_object: e4ac30f6a003afbef5afbd395cf3fc42a6986586 + last_write_checksum: sha1:f6cc576b10f4e26c343e028d811fd5e34b9dda32 + pristine_git_object: 065c4b831d69d5b747b38b9b467cd8160aba837f docs/models/restauthenticationgoogleoauthsecretrestpaginationtyperesponseheaderresponseattributes.md: id: 673ae7e48fe7 last_write_checksum: sha1:c6a007e160c6c07963ebdb53bb16e8ddfeed16af @@ -14096,8 +14236,8 @@ trackedFiles: pristine_git_object: 6649fc6a64838d2e05f4825d9a24d751be17af1c docs/models/restauthenticationhmac.md: id: 06d3c5ce283e - last_write_checksum: sha1:3c6697d41e2611a473cc1d69f657f6abac1fdc99 - pristine_git_object: 7770938e7971cc0a1b0f2cd6745d0270aab21a12 + last_write_checksum: sha1:e35a8e243b72d1d83778c3017e705be7cfc09aef + pristine_git_object: bff24fe4cc30821ea9e9119d888bf990c989c325 docs/models/restauthenticationhmacauthentication.md: id: c6c6ed4ba57f last_write_checksum: sha1:8fec868ef84cd90f34ef93c902c8a2a40d8dc65e @@ -14124,64 +14264,64 @@ trackedFiles: pristine_git_object: 32378472f79dc94c7215096beb41629950437d5f docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodget.md: id: f1de97a90c58 - last_write_checksum: sha1:14d028154841bb416241f5398abf5f41bdbe0cd7 - pristine_git_object: 473f588c2ace369ff3cc3de4ffe1c00db158bf6a + last_write_checksum: sha1:f541ee33c1438e29f95d2df3b15af25be30d0aa6 + pristine_git_object: 13a501293a474858df0fb60aa802a50e1a287f21 docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: 575632226f26 last_write_checksum: sha1:f56494678f81fa0beb6f51946590eca5027d53b1 pristine_git_object: 36dae7a70f538448492efec0e74c8a3612f04000 docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodother.md: id: f426da940530 - last_write_checksum: sha1:20798b30cb798263b72f144e6143528e405fa58e - pristine_git_object: 9296fa7c435ce39a369fe6c04b8335091af1f1ba + last_write_checksum: sha1:67ba318a949a9bfcf4512927d486fbe212be9f10 + pristine_git_object: c7015cd05ccac53e0a1d34fb1281c664acc6bb9b docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodotherdiscovertype.md: id: 2257a6085d36 last_write_checksum: sha1:19471ad5056eac47f9d7fa3b9ee7f9a7116ad3d2 pristine_git_object: df096aba90c4894904637e459f0d3827cb3ac88a docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodpost.md: id: 483bb5666625 - last_write_checksum: sha1:97f5aef3cf22a2e193c1ecce560c7a10c013dc9c - pristine_git_object: 7e7be6c7eaebe14b506863a5cd7390da5a0f2520 + last_write_checksum: sha1:35bef5f82c4688cf3434c81e8694b3c064eee3e6 + pristine_git_object: 69d6216034635e438db8b0a3d51dbaf310f23867 docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: 68e5f72c41e4 last_write_checksum: sha1:f7513825d7fa292432970068f063baed3f818828 pristine_git_object: ede0c130c9dc09201a8fd16d85ce03853e9611d5 docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: bc4ef3b885f4 - last_write_checksum: sha1:1aa314db618eab22443f14cf3e17f4bfcb736e32 - pristine_git_object: abe00fc521f1130c34191ff5d47edf622b5da258 + last_write_checksum: sha1:ff39d018b282d23afcc0dc2ec18447e3b0b5000b + pristine_git_object: 2454087de03d783467535bbb1a27fb8839c4dc60 docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: 988e6b7533be last_write_checksum: sha1:bef53c0821fce2fd2567a38f0f0b49a1220bfe0d pristine_git_object: b657762f451df2931799bc0831d0e23e8af9dcde docs/models/restauthenticationhmacrestdiscoverydiscovertypejson.md: id: 8fb99b87e540 - last_write_checksum: sha1:57d31fe47ef581dfb6682ec24c9c760b748bb92e - pristine_git_object: c3b64a4b28b86aa4eadc383e5d1d3f2d45d0bb53 + last_write_checksum: sha1:ec5bbfde9f4a18f5937a98d957f9ed2c41a1e157 + pristine_git_object: f17ffe2214b081fc2f53102d326864ca47f5b4f4 docs/models/restauthenticationhmacrestdiscoverydiscovertypejsondiscovertype.md: id: b7592d8b5a75 last_write_checksum: sha1:88bdb0b69d954a7fb45106334b1a9ec1e27e402a pristine_git_object: a6b26ae595118321fbcdcb578902c99193a0d0ea docs/models/restauthenticationhmacrestdiscoverydiscovertypelist.md: id: e4c3c3ee4c47 - last_write_checksum: sha1:d4af551c58b55fcd595e0043c585f96ee527cf52 - pristine_git_object: 5a625f5d3a0b84288f0d78c85529eb06e3a2ef9e + last_write_checksum: sha1:f83730fe70af502d99649f8a9070415703720d28 + pristine_git_object: 5ec4d8d16230772f5cf197cd95ba4edb0264e76b docs/models/restauthenticationhmacrestdiscoverydiscovertypelistdiscovertype.md: id: 00090ada876d last_write_checksum: sha1:3e5930e7d5052996c003498850159d3b0d1c38a3 pristine_git_object: 4c65131032b3cab78f95e03f9dd366f782eb9173 docs/models/restauthenticationhmacrestdiscoverydiscovertypenone.md: id: b9914754dbb4 - last_write_checksum: sha1:e6c1df3d74b8631cddc1cb5f2dc71ad1fcf1a650 - pristine_git_object: db7fb03ae91c5f32499a055b6d9154af05014ad1 + last_write_checksum: sha1:c724bc9c39ecd6b87b930725b4a91aa37958135c + pristine_git_object: fc654f059bb2ccf6019d7b25962b65c84847ad0b docs/models/restauthenticationhmacrestdiscoverydiscovertypenonediscovertype.md: id: aebadb6eebe1 last_write_checksum: sha1:f179a66df3d1df68c7d5643bd6fcf14ddbed362a pristine_git_object: 927362df60a12a9e4587776c48d7acb878b0a635 docs/models/restauthenticationhmacrestpaginationtypenone.md: id: 8f85b7e98a2b - last_write_checksum: sha1:12f6ea1bac68369812bfb0a1c5cebd8baa8a890a - pristine_git_object: d864fa0dd1a1ecb1413cf07d29a2d8502a8ec6d2 + last_write_checksum: sha1:ff3cadf6988e7490abbf800ce847a09bfa106cff + pristine_git_object: 285f556f57fae306660ab8dc2cf99af73ce0d085 docs/models/restauthenticationhmacrestpaginationtyperequestoffset.md: id: 9e2403cbc9be last_write_checksum: sha1:bc1a6400c59f080ec012a3619e8d9be3dd36c856 @@ -14192,20 +14332,20 @@ trackedFiles: pristine_git_object: 45721b60aa1937e18ad142f70cb867b141745998 docs/models/restauthenticationhmacrestpaginationtyperesponsebody.md: id: 8f685cf07351 - last_write_checksum: sha1:98e041bf4607b70f067933e22f4cd00e6860f3d6 - pristine_git_object: 01560785a28e625abb533b26fb387027b45e2cc9 + last_write_checksum: sha1:aecd87cf14a0d69428ef54dc5e731bf969a12b67 + pristine_git_object: cae4f72f9fc33ecf365ae910c47d6b4b50d42c64 docs/models/restauthenticationhmacrestpaginationtyperesponsebodyresponseattributes.md: id: 55bbbb0cf589 last_write_checksum: sha1:252a44147141c01f3184e6a069a54e29b381cdc8 pristine_git_object: de52df8a4f11c9b11524c98059804cfb4db7154b docs/models/restauthenticationhmacrestpaginationtyperesponseheader.md: id: f972f8638749 - last_write_checksum: sha1:df49fd12dfd622a4e005926ab7319cd621c77b36 - pristine_git_object: 4dbd1cb7d09d38bff2bab762d7fd0456336405c2 + last_write_checksum: sha1:2a626d444e904e9dd7efd6d040fa269dba84ca60 + pristine_git_object: 108db47dd1705026cb8035771fe7fb51fdf2ab46 docs/models/restauthenticationhmacrestpaginationtyperesponseheaderlink.md: id: e017ae3274fd - last_write_checksum: sha1:b7e33b51ad1947a83a4891616161387518ed817a - pristine_git_object: 5f5277620284d053d568f5116e40c1c04aa46187 + last_write_checksum: sha1:8b16ff94bc5f829622f59f4175014e0e0a7c3b79 + pristine_git_object: e9497629ae89e4dcbb0a5cbfa91767e811190c61 docs/models/restauthenticationhmacrestpaginationtyperesponseheaderresponseattributes.md: id: 055ab1747e4a last_write_checksum: sha1:848d70ad11c04fce1cedd2e3d1f11aed0489068f @@ -14236,8 +14376,8 @@ trackedFiles: pristine_git_object: 3c3aa0bfffb3194b9744f4d5885d6e659f249273 docs/models/restauthenticationlogin.md: id: b4f80092be2e - last_write_checksum: sha1:501f0c591aca3819eeddd71274285d060496f69f - pristine_git_object: cf5397b5af55c804d7cbf008476e228353f8b7cb + last_write_checksum: sha1:0324a85075d5f92e68005d1020b364adcc35a2cb + pristine_git_object: f473c0c0c35bb81a9f2801d946c970ea2d979785 docs/models/restauthenticationloginauthentication.md: id: 22cff08be6d4 last_write_checksum: sha1:377863d8563cbb1b5c26a247ad805d6c94a6fe71 @@ -14264,64 +14404,64 @@ trackedFiles: pristine_git_object: b0f3459cf404152f1bcae21ae6ee0e86983a4215 docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodget.md: id: 04e24b1c04d2 - last_write_checksum: sha1:0a2e61549da3b177241a7d73c31e65ba9c3df38b - pristine_git_object: 1c02d95fe55a9857c2a9852bc52b2fb5089a6957 + last_write_checksum: sha1:8b0700e78c474ffb7623ca8e68b8ab8f6f5639d3 + pristine_git_object: c26888e72ca4a0af23c019052e726e66c05c29db docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: 78129ea36f0b last_write_checksum: sha1:a06be5d7412a8c0c16e6ee5a4346ae49a361a420 pristine_git_object: 6dac3ca7adb663566b66c9d57cab4e4da2c5141d docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodother.md: id: ddfca3e7d59f - last_write_checksum: sha1:de9d1874143b405ba9a8a6916c8d47b98699ab1b - pristine_git_object: 58375060fef740866bd4ec0cd8d2ac0836cb3b57 + last_write_checksum: sha1:84b3fd04b0c9bb08ad96020bbeb55d623893f07a + pristine_git_object: b35ef4c5188f1186ee1940302f6c87fc416399e9 docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodotherdiscovertype.md: id: 44de4e3aa23c last_write_checksum: sha1:90f3fcc4d0c884ecc6091c13772d96829b4a7c49 pristine_git_object: 096d59201b2e0ac28f75c3cabd1e2605f9ac05a9 docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodpost.md: id: 61ec72a94f19 - last_write_checksum: sha1:52db4a265fd10edc4d676a7d04aa9e3a9f5c361e - pristine_git_object: f6f14586e2b6e5ebcc7c4a8da4cafd8b86f54a53 + last_write_checksum: sha1:8f7fd2c8724fbfef601b75f7e96be283d6e84c0e + pristine_git_object: 4384719b06f03a65072ef4df7345b1c85e58f6d5 docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: 43e873b8fc4f last_write_checksum: sha1:df27e4bc120ed18ba8749859acfef7c6af68f65e pristine_git_object: b5892b251b9ae146608bcf6fa7c7ae5cbbd5337f docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: cc7217e4fa5f - last_write_checksum: sha1:6bfef4c37c1a440249927aec062ba42768f798cb - pristine_git_object: a4ce76269bcab90e6196a2df58acf3a4f192a5fd + last_write_checksum: sha1:81dbe219dbce8a78fb3431d1b68c50842df4c24b + pristine_git_object: 5144a03cc67a7e385820c595deaa5564e04b56f9 docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: 0ab0729949c6 last_write_checksum: sha1:2899f200b9e1ccde043ff7b7364ff54810f79d39 pristine_git_object: b6cb321b0f18b6472d0a6b69fb473318773ec85c docs/models/restauthenticationloginrestdiscoverydiscovertypejson.md: id: 17bce59fe923 - last_write_checksum: sha1:6ab6fc7eca73045b27dac19b579364605eed116c - pristine_git_object: 962e8bb91b99f84f1e6147ce0513bad2effb6f8c + last_write_checksum: sha1:bd6c53bc284cbb340f0d7e7bf81b0ce4a95f37e2 + pristine_git_object: 2c779103d09c5f4b966196b8a60131e1c6bb4810 docs/models/restauthenticationloginrestdiscoverydiscovertypejsondiscovertype.md: id: 516443782b64 last_write_checksum: sha1:cd084a1f2a946415648681f6fc1911771d6f06f9 pristine_git_object: 30a1fd9e10e108d209af2a8155aee5187337c472 docs/models/restauthenticationloginrestdiscoverydiscovertypelist.md: id: cf536e504f3f - last_write_checksum: sha1:c0d23f1585589f03b2722264fe453b765fb3d19a - pristine_git_object: 724c1334d5c1ecc8ff598f6218e2dec9ae78cbc1 + last_write_checksum: sha1:5585fee2b0d8c7e6577b90213c4cad982b2e356e + pristine_git_object: 2b39e070515a96ff7f1cfe2df012a2e1600f1fdb docs/models/restauthenticationloginrestdiscoverydiscovertypelistdiscovertype.md: id: d370ec858dca last_write_checksum: sha1:0c4afea77a95621f8194a87cf08f47aa0eb96d27 pristine_git_object: 034ac4a5457ddedb095d8d2ab7cf8f1c3752aaa2 docs/models/restauthenticationloginrestdiscoverydiscovertypenone.md: id: dd3e8e231a29 - last_write_checksum: sha1:7c1a26a4baa4d324da623cdc74d6edefb09229ab - pristine_git_object: a1c3426d8f037618f6c40317177eade8ab9eb020 + last_write_checksum: sha1:d370f33a7c5d14e5354574df49a50a640f2571a4 + pristine_git_object: 60c5a75e2e22eb09c59920903940efd3cde01535 docs/models/restauthenticationloginrestdiscoverydiscovertypenonediscovertype.md: id: a4203a16b81b last_write_checksum: sha1:1e578a5bdb80fd2fa4bfc8e83be8fa299d2eac85 pristine_git_object: e02125a69a8f5e700e8c74e518c5e0dcdb7d12a1 docs/models/restauthenticationloginrestpaginationtypenone.md: id: eed43d456c2b - last_write_checksum: sha1:b580f0b2947337a749b8f4d2dfb74c16ac4fb080 - pristine_git_object: f5fa609afad2ae7cdcc135e48992bfc8600a11eb + last_write_checksum: sha1:c95a6b39b61c5f6770574b7c11f460b76b09bbda + pristine_git_object: 45c3202244e9f434a7d5230b894a6965f419dae4 docs/models/restauthenticationloginrestpaginationtyperequestoffset.md: id: 6de260405ab9 last_write_checksum: sha1:76b290fb48c4ba1c97a6515cc2a70843b4c5e95c @@ -14332,20 +14472,20 @@ trackedFiles: pristine_git_object: 6e864e3c802754c1e529b56d2be321ae151198dd docs/models/restauthenticationloginrestpaginationtyperesponsebody.md: id: 7f226f97a44c - last_write_checksum: sha1:1834ff9b2e39b9d21f8092fdf86e067361189477 - pristine_git_object: c36434d87180a6af0717d3eeecfbb3c31ca2dc92 + last_write_checksum: sha1:3b373b472c130c3cce9143a4ace74ed6b3d1427e + pristine_git_object: 83ac5c04be171e738caf502670a26bfe9c0472a3 docs/models/restauthenticationloginrestpaginationtyperesponsebodyresponseattributes.md: id: 3c263f195c9d last_write_checksum: sha1:4ad2d3e01d469aef885db9e7e8cf2ddb02ef8837 pristine_git_object: 9f2935492d143958ce40fbb499dc1948b82f6f89 docs/models/restauthenticationloginrestpaginationtyperesponseheader.md: id: 476e02abcc1f - last_write_checksum: sha1:a076e45f08c875cee8f29537deb7b9e6ef7cd3cf - pristine_git_object: 973f66f2a97775e426e1742eb4aa01567a8ece4c + last_write_checksum: sha1:cd7ee666998031e4febc133fb061d29cc4c88407 + pristine_git_object: 5e9a70f90a064d83fe0b33383d77d55c2ffda584 docs/models/restauthenticationloginrestpaginationtyperesponseheaderlink.md: id: ea295faff088 - last_write_checksum: sha1:9c73f2701d5a09208ee9d06d889e76ba54d61987 - pristine_git_object: f462d5234889912ba6da06b05f3339c7311ef617 + last_write_checksum: sha1:ffd93ba3f0f89c4c3f9c05bdedcd7f8668110c5a + pristine_git_object: 2de5097b3f8869a088a353296159f6dfd99fcd0c docs/models/restauthenticationloginrestpaginationtyperesponseheaderresponseattributes.md: id: e861cde572e9 last_write_checksum: sha1:9c887ad062267614f3306cab1195cbdf5d312513 @@ -14372,8 +14512,8 @@ trackedFiles: pristine_git_object: c6e451857c4cd3c2ef6f04a83703bd8ce7fb057e docs/models/restauthenticationloginsecret.md: id: f5d1eed10ee1 - last_write_checksum: sha1:0e844b3b2fdb8675ce3497c66be9d5f01a720e0c - pristine_git_object: 72fa2c17e6227d5255820dac4f1a49f7cad03dfc + last_write_checksum: sha1:c62157b6abe88b49711d83f9349ac07fc6180166 + pristine_git_object: 68d2a0438cc00c6b74acebec267458e3106f44e9 docs/models/restauthenticationloginsecretauthentication.md: id: 9afdc4a43e6d last_write_checksum: sha1:e50a65906e662f07dacad44a7f5ea073576bb636 @@ -14400,64 +14540,64 @@ trackedFiles: pristine_git_object: 83cd79c6dd50a3cdcfca1820abe82c55ad53c875 docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodget.md: id: 84debff4a66f - last_write_checksum: sha1:67c24a90557d5dc55b429c4e50722703c97996d5 - pristine_git_object: d208d5e6d1cf3513303f7aedc6cedea161f934a5 + last_write_checksum: sha1:2b62f15375eb6b364f2373912e8f4601f70b1fdc + pristine_git_object: 441880e8d7e88428c41c2d072fc78fc618878fb6 docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: 1f3e72eb9d7d last_write_checksum: sha1:bb823beb39dfcfe488484afa11ea70282b62bbc6 pristine_git_object: 3cccd015de2d083106b612641801817684dd968d docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodother.md: id: 6a07cd4a982b - last_write_checksum: sha1:da550a311df61edda6fd9743d8624d6b74b15997 - pristine_git_object: aff56c693a1a4a562c76f4edff93195d860b5e3b + last_write_checksum: sha1:f2d676598391d51b605bfbff6539d2305d65f5e7 + pristine_git_object: 2ef90cb7042212c9728d11eb6687e6448caddf78 docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodotherdiscovertype.md: id: fe002effd51d last_write_checksum: sha1:151f8270cd8c457995218813ba0e486a72103fed pristine_git_object: c9bcdb7e0cf96906c29a948f0f2a063cec3e67ac docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodpost.md: id: ffc9591f6c1e - last_write_checksum: sha1:6e7d773a9ea4adf5bf6c545ae80b2c1d5bf7bc8f - pristine_git_object: e58a75b3deeb8aebd910826f8543e31a7befc3f6 + last_write_checksum: sha1:8460c5cefc612f0b387d4cf1afd1f5d4de3e7382 + pristine_git_object: 6c597943bd0a957e00e532c671bc2b972c291a00 docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: e91e23838290 last_write_checksum: sha1:d95f63cbd3b69857b279a5edc37e38eead6b6c5e pristine_git_object: 285ec0af3192958b1cb505d442fb89617e6bad91 docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: eec2b1117502 - last_write_checksum: sha1:045a24cbe038a0b2c6e19792b55bde37651b878f - pristine_git_object: f8a820df1b0963cdefccd125c3e718749c73ff24 + last_write_checksum: sha1:3f98c11806cab8c19760f172118561eb98ca50cf + pristine_git_object: f4ec9b7bfd651c700e9507c171470b63e92c7e3e docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: f268a3871854 last_write_checksum: sha1:67807113f506e478c7b3a1e3003787442b9d8e9e pristine_git_object: def7497fe2d15de22647fbd9900f9b15236da08e docs/models/restauthenticationloginsecretrestdiscoverydiscovertypejson.md: id: c5770603b83a - last_write_checksum: sha1:67542dad67aa43925be18321c444079aa29edd75 - pristine_git_object: 885b72a3772a3b52e88406db8129ccc3a93efac5 + last_write_checksum: sha1:e8492b7319fddd6a69ebacebf0ee49451cc7b3e7 + pristine_git_object: eb1a888028684ce295d902be0dfaa0bdf0d0f43d docs/models/restauthenticationloginsecretrestdiscoverydiscovertypejsondiscovertype.md: id: 3e5519e7bdf6 last_write_checksum: sha1:dc2b6f22eadba3b3b56e02d31eef78a26558d43c pristine_git_object: f58643b1f8beeb743768207ce7d41a52ff9c045f docs/models/restauthenticationloginsecretrestdiscoverydiscovertypelist.md: id: 6c8ba6d11763 - last_write_checksum: sha1:b73b3556a6c6bc1015b9dbf3ddcf3b7ee4e9c734 - pristine_git_object: 1a8bceba09628e53bae660f50024e49a66b985d7 + last_write_checksum: sha1:816c94a7cebaf6baca988a3a37cdf07a04bde335 + pristine_git_object: 83f0c570b1fe55d971561e999a38363b5ef0d7c3 docs/models/restauthenticationloginsecretrestdiscoverydiscovertypelistdiscovertype.md: id: b020e8a116da last_write_checksum: sha1:c213667ebea29f9f065deca0188dd51d741928cc pristine_git_object: fbf452d6bdb846a1e66892b37391aeb042b4e34c docs/models/restauthenticationloginsecretrestdiscoverydiscovertypenone.md: id: bb38eb52953c - last_write_checksum: sha1:96734ee4bedb58b8ba207ffc0e2a952fc953cc2b - pristine_git_object: 66f930e0d6a98b0b0ca2e072849fecd10a16c054 + last_write_checksum: sha1:54f535d40f1524fcf11cca80f544cbdbffdfd0d6 + pristine_git_object: 65981ea39aeff69b6aa50fa8b25027e7e339c7fa docs/models/restauthenticationloginsecretrestdiscoverydiscovertypenonediscovertype.md: id: 9516e8f59fc6 last_write_checksum: sha1:e1a3aa3b6d075de8460fc9f979d73bf076e85d45 pristine_git_object: 79cd46ac7d4a34f4653f04d11428bd9514301428 docs/models/restauthenticationloginsecretrestpaginationtypenone.md: id: 614c8e4a9862 - last_write_checksum: sha1:f111e28e600fad2be4c1a8eed5b4d2a04011852e - pristine_git_object: 7e84ce2ecb0a0881dede530f23ecc0fa6d10fe43 + last_write_checksum: sha1:9d35ce946446d586889f1fc2014bf00d46227f7b + pristine_git_object: 3989d8329620948f562d22675a5ecb5e7770b737 docs/models/restauthenticationloginsecretrestpaginationtyperequestoffset.md: id: 2e3baa8d3f13 last_write_checksum: sha1:2cfc9c39ae87f0ce10c66ade4bdbdc45d7b8dac5 @@ -14468,20 +14608,20 @@ trackedFiles: pristine_git_object: 525334101479dce3b9839cc380a61ee9a2e9dacf docs/models/restauthenticationloginsecretrestpaginationtyperesponsebody.md: id: 5b947abaa076 - last_write_checksum: sha1:37833e1eadb19608af47b08968203b6546a0ec1d - pristine_git_object: c1b96c809ef77ba07e0bbe7e3afcbc1fe8d9a252 + last_write_checksum: sha1:6b8519d8929b8c4783647f84e50bbe3b6f87f295 + pristine_git_object: bea5885e01a6c8174a8535f3b7813fd2c612e1a3 docs/models/restauthenticationloginsecretrestpaginationtyperesponsebodyresponseattributes.md: id: 8bc6886c1b0e last_write_checksum: sha1:4eca1ff414c63f21c6383b1ecac39a182ff35dca pristine_git_object: 42ac2f14a335707b823afd60d5ef06a21a494c12 docs/models/restauthenticationloginsecretrestpaginationtyperesponseheader.md: id: 00644805f026 - last_write_checksum: sha1:c005046720227db657b42bb2e73cec4cac0421da - pristine_git_object: 0d5212e15726400742f94545ac6e5321d27ce648 + last_write_checksum: sha1:8c06c4d21d3da4f2a673c0fedc157cf450f78306 + pristine_git_object: 1561430cafcf1b796c3125f8dcd1240548d2b9e5 docs/models/restauthenticationloginsecretrestpaginationtyperesponseheaderlink.md: id: 7e39ada2ce3f - last_write_checksum: sha1:5da3a75a23b0162fbf14166c890a0ef788251a6b - pristine_git_object: 8d3f67891c11718427288d03ed3aad172fefd1bc + last_write_checksum: sha1:a46560293462f53468cbacb5b11e654f6161c7f4 + pristine_git_object: 5249e181f75ea4810b602adb1bf739b692cbe955 docs/models/restauthenticationloginsecretrestpaginationtyperesponseheaderresponseattributes.md: id: c52a05ab2b10 last_write_checksum: sha1:dc74ae1f7d725c75664361b4fca5d8ef4727e9a3 @@ -14516,8 +14656,8 @@ trackedFiles: pristine_git_object: e22c20f6f592f7d489c939b1ded4569acb8d61ba docs/models/restauthenticationnone.md: id: 71410ecf04e2 - last_write_checksum: sha1:3a74486c7a4326a95bf96b317d0de5f7fdf271a2 - pristine_git_object: 98c09ebfdc2dec2ad0659ce70e9fd1579f4d1c0f + last_write_checksum: sha1:ce2746abb35806aacfc8b0a1422b605966b7d210 + pristine_git_object: 3c80d5d1f658c0a6ecb36ee070f9df03181f7572 docs/models/restauthenticationnoneauthentication.md: id: 692d888142f1 last_write_checksum: sha1:17d134ccccc93f58ce5425b9e398b995d2d11410 @@ -14544,64 +14684,64 @@ trackedFiles: pristine_git_object: f7f1f2998641eb4a49798d633d3460d04b7d1d12 docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodget.md: id: f339d4399c4d - last_write_checksum: sha1:d633c72625042e6bf86885cdfeb5572ffb2c24a9 - pristine_git_object: b0f880b7dc2e8cd5c912af837c98685a3fcb1a4a + last_write_checksum: sha1:9e2df191eb04561f18f3f9aef993a8dd55232a4f + pristine_git_object: 4903fbdb0a24cbd94a4efde5b62d7928c82cdec6 docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: 42d6f15525a9 last_write_checksum: sha1:5f42a58e5e5cd24603006f2bc04b6ffa176b1cc1 pristine_git_object: 7ebda10509f2aaa88f7b131aa160d3221bd95d8b docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodother.md: id: 61f550b19e06 - last_write_checksum: sha1:58e7f9c906a0926723ad05c62470430676c790b0 - pristine_git_object: fd27bce85324ec909d1036b7aac502d7b38bb9d5 + last_write_checksum: sha1:73538e1837638e929a0917c7692b2d3748a3b90c + pristine_git_object: fd54288bf2beabbaa48d91b7130f12c7634ce561 docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodotherdiscovertype.md: id: 146a45cc077d last_write_checksum: sha1:58641547f46cecc44975af27e74717608f62eaff pristine_git_object: 67da1efe3c2dce46f1cec912a4af14199fd38419 docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodpost.md: id: 94d09d546fc5 - last_write_checksum: sha1:e45cf2514f5bb7a9960bd1d907e9610891e4c7a2 - pristine_git_object: 083f21f95841a6221a8f3caad8902dec32402520 + last_write_checksum: sha1:9fab6f60a05f33b6a1f1ca871d4b0952c6a701cc + pristine_git_object: 49d356fdfcb5a7f7230c2c04edf2cc7f12da9adc docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: dda8e1faa04a last_write_checksum: sha1:64fa30b939e367e6cd406dbd3e48745e347346ab pristine_git_object: 60bf3ba7d4b60c884a0f7684f1c40e640da6847d docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: ae354fac8503 - last_write_checksum: sha1:b3e32a82c6883ff0c88aab41ab525a74b33b6893 - pristine_git_object: 570b0fe43a50559f7a6c378943bb8dcd44238dbb + last_write_checksum: sha1:c06e65dca4c4f299547fc8ea594192611060cd9e + pristine_git_object: 07780abadc0f1636740c34fb702e5da25a904601 docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: 1c20346e503c last_write_checksum: sha1:b7303334646f10b12190a2dc336f0fc8a9106971 pristine_git_object: dd5adc00f09a3d9c3a458d151639a89ab57f5566 docs/models/restauthenticationnonerestdiscoverydiscovertypejson.md: id: 7861aa3ea068 - last_write_checksum: sha1:05a18aade4fc671d4e02bd0689befe40d15baf1e - pristine_git_object: 020c40e9f9bf3ca201a863be627a53a9f6fa77a9 + last_write_checksum: sha1:21e1d72b9f97fdb4a7518d4f8684c624288249d7 + pristine_git_object: ef0953ac5aa84c0c16495385570a36468ae55364 docs/models/restauthenticationnonerestdiscoverydiscovertypejsondiscovertype.md: id: af9271a4438e last_write_checksum: sha1:8630fdf32a94b0d4d767425c34d1628a0b6ffc54 pristine_git_object: 9b91622d260a089c83a3b5c509d50e10671c1449 docs/models/restauthenticationnonerestdiscoverydiscovertypelist.md: id: 8bcc309706a0 - last_write_checksum: sha1:934d36371ad7f82f60145314b9814e85a580b0f0 - pristine_git_object: bedd57d96cd57eba57049544bd92e5782576b6fb + last_write_checksum: sha1:e5691f9f06ccf473a8fa5037f3e34bce0732937b + pristine_git_object: 2941daac81a24653025a41dbe800c85ff28c836e docs/models/restauthenticationnonerestdiscoverydiscovertypelistdiscovertype.md: id: a807f666b746 last_write_checksum: sha1:b6ad118311130dff12feec6d84a7ca8239d09059 pristine_git_object: 5a11a49d888923577cb7a24cc9cf5c93cd995903 docs/models/restauthenticationnonerestdiscoverydiscovertypenone.md: id: 1273403a7bb1 - last_write_checksum: sha1:d59b61023ebb6eeb6ed04799c5e47ae28206f3f3 - pristine_git_object: 633da646386ab19b086dd3bdc82e620410e67462 + last_write_checksum: sha1:350f97d9650bc96d2da781bf686c17c4ab546de9 + pristine_git_object: 0ed27720ee3b17bca1965067f68e422f1fc1afd4 docs/models/restauthenticationnonerestdiscoverydiscovertypenonediscovertype.md: id: 38993e573f2a last_write_checksum: sha1:e57543cae5a4a162dbc74f5d08dc3352dfb04ece pristine_git_object: 5a8ad5f4c4335c02fe94c17f2c00451fb58c8a0d docs/models/restauthenticationnonerestpaginationtypenone.md: id: cdf05518940d - last_write_checksum: sha1:530b659048191dc8df586827360dfccca7b4eede - pristine_git_object: e22634582bf2252a4524073d9a214c90c16ee8e8 + last_write_checksum: sha1:0b452f5a5fd2c1b54bef28ae9463e8fe61c1d130 + pristine_git_object: 5e80f369a7fe1e9018fb5517176f4434abc4222c docs/models/restauthenticationnonerestpaginationtyperequestoffset.md: id: 785ff93147bf last_write_checksum: sha1:6d5fd7dea7e94a86e28f86b1ef82b4ba8530cf14 @@ -14612,20 +14752,20 @@ trackedFiles: pristine_git_object: 9229e91bc6a4fbc58418c3a8f44453d4affe5931 docs/models/restauthenticationnonerestpaginationtyperesponsebody.md: id: d6ef92107b23 - last_write_checksum: sha1:a043d5d9585ea5b17ef6b25dbb99fa617e8a3811 - pristine_git_object: 663cce4d9652e4af6659ef40bd288e8be1d0f2e8 + last_write_checksum: sha1:57223f0288b135944830e91bbfaaa9a8245e9c67 + pristine_git_object: 815fbc6546c03a3f2c459e0766d747db28ac2f6f docs/models/restauthenticationnonerestpaginationtyperesponsebodyresponseattributes.md: id: 5b3b4bab3823 last_write_checksum: sha1:31b4fd9af8f1793ad1dbb1df83110a55d07c4b3c pristine_git_object: b144acf1fa698481c41b79dc86d4aefce1f862db docs/models/restauthenticationnonerestpaginationtyperesponseheader.md: id: a421dd915016 - last_write_checksum: sha1:3690b51b3ca9c1a451ed5e8670b966a1521f4ab3 - pristine_git_object: 18e8f0231e156e8630fbef69f66365e91fe44508 + last_write_checksum: sha1:6d964b25892048a2025a49d4d21d68c53fcf12b0 + pristine_git_object: a064748385e22d8f98bc49aa87a660a994f108ea docs/models/restauthenticationnonerestpaginationtyperesponseheaderlink.md: id: 4f5a0a4dffaf - last_write_checksum: sha1:c1223bb180b6487ad2248531bc6c9487fd56da96 - pristine_git_object: 3cce101b92dc1ceeced6b50a946fd2869dc6fd7e + last_write_checksum: sha1:c30e03674b316618e597bdb11e993b07ccc1de81 + pristine_git_object: dbc95719bf9f8608b38908caa4d1511fc2801ae8 docs/models/restauthenticationnonerestpaginationtyperesponseheaderresponseattributes.md: id: 9d75ddba5518 last_write_checksum: sha1:1e37abc25f03a5ccb639182223be14b00c04378e @@ -14656,8 +14796,8 @@ trackedFiles: pristine_git_object: fe9a992a068bc09c64415e734892d3974898afa5 docs/models/restauthenticationoauth.md: id: 24a2e0a8017a - last_write_checksum: sha1:673837bf974344c6cd9dcd617e0270a43f20d6a1 - pristine_git_object: e74031e42ab1f1e6e566c97232c1208f1b0dd3ab + last_write_checksum: sha1:243c6ce5e47a467c5f9868af68f6da7c0f9fbcbd + pristine_git_object: 873c1ef6c233e4cfbbd701350cbfba00be487e50 docs/models/restauthenticationoauthauthentication.md: id: 5ed7407cb5d7 last_write_checksum: sha1:33022ada0b83b6404220fe1bb012ead32419118e @@ -14684,64 +14824,64 @@ trackedFiles: pristine_git_object: 18f7d7c9a549c27254e810789cc548e9619a2894 docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodget.md: id: 7fb443fd1131 - last_write_checksum: sha1:3e0408d9d2a024dc8f09ea7cb84a39e4a4c393a1 - pristine_git_object: 931d0e40fd78477b601c3a7253dd1e8c17a232e1 + last_write_checksum: sha1:7ad2043bdaed04b27ff36f2857aba6bd0844abaf + pristine_git_object: d850bdfa7be4b6ecd83a00fbca26e4c4ed1f4e63 docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: d89e9bdcb556 last_write_checksum: sha1:7d990b6bdccc8bff57f01558169102071071018e pristine_git_object: 5560d7c77d93c67ee3b3d08f142ef83b13e19e85 docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodother.md: id: 2e00109602a5 - last_write_checksum: sha1:fbab1d43f24faab1f483ae469b9c323161a39d9a - pristine_git_object: da74c95ae10e86f6f42084d72b407c9db268132a + last_write_checksum: sha1:5772c8c9fcd3c6c6827536f295d5d577ef6ec72a + pristine_git_object: 40af4d1882c4adcf38717a62ce2650ef7590ea1d docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodotherdiscovertype.md: id: b4240eebbe00 last_write_checksum: sha1:129211eb3ad861b99cb0fbf8d71abfd3000ddd54 pristine_git_object: 6e868ccc03783d75fef7aa51587c1cd66238e80e docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodpost.md: id: 771b0cdce1c7 - last_write_checksum: sha1:303ea3ab5c915bf260db2dd9168aff6b6053431f - pristine_git_object: 9333789f6ba2456099a67c58f6cc05f6b9c57ffe + last_write_checksum: sha1:073272390acd778a51ebd9e4245dd76960939440 + pristine_git_object: 5acc2c05cf0f20359bb91dfc5234ffc7bedd7484 docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: 808003ca08d2 last_write_checksum: sha1:9c7c6581a84c4ebd21d2dd65210b181f04cdac9b pristine_git_object: 3b80c0f72ce5c0e13fd40dfb8fc69aefc70fa785 docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: 71a511ee8c8a - last_write_checksum: sha1:8f23ca10551ab3966065d16de61ddffb6fbad83a - pristine_git_object: c073e37c49c1db266d5a347fe0f28e837488d190 + last_write_checksum: sha1:16ce75cbce0054d741b0d6da291f52504a5ad771 + pristine_git_object: d0f830dbeb93bacd00023b28ea744d14dde325eb docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: b5f2cdd35bd9 last_write_checksum: sha1:859518481df28240920e9d5ceaa37c77d92404ba pristine_git_object: 4d55cb32eeb668610fbdf28b2a32bbf22694fffe docs/models/restauthenticationoauthrestdiscoverydiscovertypejson.md: id: 8d9c95bb587d - last_write_checksum: sha1:9b80ba776d17a749c303a3993f6931e0a113c3ea - pristine_git_object: 96cf542d198b5fd34e6226d22d03fa746b61154d + last_write_checksum: sha1:b6e1013b781bf4ee2c7b0f2f08523ff89cac39dc + pristine_git_object: 1ea6c9c30b5b91e661379cd54dcabc4b63b06900 docs/models/restauthenticationoauthrestdiscoverydiscovertypejsondiscovertype.md: id: 9e25ffbd0414 last_write_checksum: sha1:83ed9b2b51b8eb549562e0ae25358cf2832c69e2 pristine_git_object: b5a1ad0a08efd3d913f8ada4beb957a8ace9e08c docs/models/restauthenticationoauthrestdiscoverydiscovertypelist.md: id: 87058eb9a3b4 - last_write_checksum: sha1:8b1d1b6f6550e276aa759b3cbafbb3852a194cc6 - pristine_git_object: e0431558a76d908dd6f348bc7d0b6b2bc4c2f880 + last_write_checksum: sha1:5ac9bbda9bcafa8410fe0e10609531e1a962f87b + pristine_git_object: 488ee29765cc1807f8465911aa5c7f9e558ffbe9 docs/models/restauthenticationoauthrestdiscoverydiscovertypelistdiscovertype.md: id: 4d69c168ee30 last_write_checksum: sha1:e7073d3f04e9492828f1896a19b59ac33a1b5ec3 pristine_git_object: f9cdce1aae356b114e66c9229d304f4205611803 docs/models/restauthenticationoauthrestdiscoverydiscovertypenone.md: id: ee72325dddf7 - last_write_checksum: sha1:872a368679ec92f3a3d5d429b4957372b9998c0d - pristine_git_object: 860c177ad3aaee7a431469915478a83953f1eb8f + last_write_checksum: sha1:31f2509f94429ad0b4895b872cc3b7820af4416c + pristine_git_object: 00f0e90ba1dba56c4e910f6aeccf2bc1b9b7e2a9 docs/models/restauthenticationoauthrestdiscoverydiscovertypenonediscovertype.md: id: 0bc342b6b754 last_write_checksum: sha1:500acccbd62ba91fbcc96a855fb1ba59f7191e6b pristine_git_object: 15443591300b564c36579d3530c9658616230053 docs/models/restauthenticationoauthrestpaginationtypenone.md: id: 0e92e6079179 - last_write_checksum: sha1:1e9fbfe3fb033f391518c052ea35b0784b1344d9 - pristine_git_object: 200667a5f3e893b6d399b1aa5c3ad1fc58d3b5a4 + last_write_checksum: sha1:c472121e42a302e5727f22bb9b4d71783119489c + pristine_git_object: f24d1f6cb71e2e7030f827d856b88bb501e0d712 docs/models/restauthenticationoauthrestpaginationtyperequestoffset.md: id: 422db5b4308d last_write_checksum: sha1:420e742b2a20532349c4fcb51753ec0fe8526f1b @@ -14752,20 +14892,20 @@ trackedFiles: pristine_git_object: f601e101eff87710730613f00f40e2562d7aacdf docs/models/restauthenticationoauthrestpaginationtyperesponsebody.md: id: 85179c5a5294 - last_write_checksum: sha1:4497bb83b953e0ec753db3a9fe3a394cb350e179 - pristine_git_object: 258789b82456a19e608e88a971b645f21254d904 + last_write_checksum: sha1:f657d80cebc6f3ff3731a63bb054e96185fab72f + pristine_git_object: 7a7faa4b93c41c6d7100624a2cf0d9beff5911f2 docs/models/restauthenticationoauthrestpaginationtyperesponsebodyresponseattributes.md: id: f163e0791bfe last_write_checksum: sha1:0d8792bc3248db2db3ee66799f22142b79b65904 pristine_git_object: 669aa3fabb4706de2f0d2d55b40531687284e170 docs/models/restauthenticationoauthrestpaginationtyperesponseheader.md: id: 8d512ace4035 - last_write_checksum: sha1:c1886dfc4ee415f6bc43f14580e79e3f97e694df - pristine_git_object: 2d2fa80148083304c3354fd0df3f89006777d3ac + last_write_checksum: sha1:17c35d450df7af7a005303fe6e04a5f921dea28d + pristine_git_object: 7d4135e22516f248c674e91cfc5d95f126e2f805 docs/models/restauthenticationoauthrestpaginationtyperesponseheaderlink.md: id: f5b0636c51f7 - last_write_checksum: sha1:04b875a6bd90c68c0df1849b0f890889d744edba - pristine_git_object: 641d4711600a958e1e04aa086dd935c6422a1cbf + last_write_checksum: sha1:65d1a95345f0c879b6f585b27395e79e13a77720 + pristine_git_object: 4f6f7e6f4554b8b195839f711e828c932b1c3914 docs/models/restauthenticationoauthrestpaginationtyperesponseheaderresponseattributes.md: id: ff7eafa9641f last_write_checksum: sha1:095271c004ac5ad05069e0604158cb13868d2673 @@ -14792,8 +14932,8 @@ trackedFiles: pristine_git_object: 98c690dcd902c7aa4ff392dca6c57f3045fbc143 docs/models/restauthenticationoauthsecret.md: id: 893ef9048c9c - last_write_checksum: sha1:ade53502024fc0366f6c87c282df551a1dba622e - pristine_git_object: 8aa89491a36df369f66836e11036b76b323f7c99 + last_write_checksum: sha1:51729d28eaa8cca4986474bb11491c6fe1c946a6 + pristine_git_object: d5dc2f9922c9f0884a5e5e3a1c23cd71ecc69c51 docs/models/restauthenticationoauthsecretauthentication.md: id: 41309e495b6a last_write_checksum: sha1:bac5baaa2ffab0e6473f897c46bc947ab64dac75 @@ -14820,64 +14960,64 @@ trackedFiles: pristine_git_object: d3a9eb131d6dc135c72402322cb99220f90b0f54 docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodget.md: id: 2720735a7c14 - last_write_checksum: sha1:3f6a784e955947e985be510fb3a2dd195f44cb4f - pristine_git_object: 925d4a93e0cfb917ae67bf7fd79c8a810e14d78c + last_write_checksum: sha1:d65c823fe3eb06da0bebe3edd24ce509122bb14d + pristine_git_object: 783cb4d072539f71cecf3e6cb8576207787ac96e docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: 415be441fdac last_write_checksum: sha1:cf54ffb490f5552d3210347ee00c08dc27ddffa1 pristine_git_object: 3bc1da492f055d1e34fa402ec5606b7db17eeb7a docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodother.md: id: fe0b4ec0f454 - last_write_checksum: sha1:af77ae4168508ed7330d533c86242e9cc9281523 - pristine_git_object: b1137a3cad32bdc4d007d73f1cc933f2981b1515 + last_write_checksum: sha1:cd97e4c74923c54d95f9ecf5044c48e2cdc20fa2 + pristine_git_object: d0869e6434aed1dbf37d1dfae63a7f4ae39069fd docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodotherdiscovertype.md: id: 214d796816b6 last_write_checksum: sha1:c84ba996849d040a7beba10b6995ff719301aeb5 pristine_git_object: bffdc874c529805bff9b2428e4ac059d169a09c6 docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpost.md: id: dbad9f961a71 - last_write_checksum: sha1:2e0b32a0b24e831779b687e0d8eb9e948cd24b7d - pristine_git_object: e38e53f8984d373f1e8373c08daf65106d88cc07 + last_write_checksum: sha1:608902023aafbcb568cc875acd6f4c715b1776df + pristine_git_object: 05247bfcf638ede106e67757324678a7b64854a1 docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: 0d6218b203e0 last_write_checksum: sha1:13165395b6a3fa555ccf311afd8de1d77f013f3f pristine_git_object: 1c29f5db3b436a8cc96c999e8ecf710a88dbda3e docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: 6d11251272e6 - last_write_checksum: sha1:46ed00c2ae7c73ee5a676fa453209dd94e5e3c49 - pristine_git_object: 6110a6c22837b6ae5c649e8507e33853bcb32c8d + last_write_checksum: sha1:35a0c6bf6ce28d414bcc1146c50a85e3407542fa + pristine_git_object: 7b3e80dce8ab78c0a7e7a8c64053db3796cbfc1d docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: c7dd2cf2905a last_write_checksum: sha1:76c56312f711450a990de7854db8e639f428ed42 pristine_git_object: dd881efb26ffd30a2dc12d548d118edbefcb05d5 docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypejson.md: id: b5db2283d4ef - last_write_checksum: sha1:16609fe86100defad797f63fee34672c548832fc - pristine_git_object: 82442d9785bd0bb906d0bc4636d597104e01c3f2 + last_write_checksum: sha1:03720505415267f22bf59171846e2163cf86e260 + pristine_git_object: ced56fe30b108c0b490e3b4015c7b370d67a8142 docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypejsondiscovertype.md: id: bee6025ce12a last_write_checksum: sha1:eba1539d9503acda246d7225af96527542ae80fb pristine_git_object: a62872988d101aa4541e0bca956033819f81d0e4 docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypelist.md: id: 5564bb872acc - last_write_checksum: sha1:0d9f0b2926eef7c19a78145967d5f4c46225fd19 - pristine_git_object: 2815af0afb79615f73829e482d775a72d51b0c65 + last_write_checksum: sha1:dea34bbf0226119620f60f137db74833681ba3b8 + pristine_git_object: 0378d001ba93523512e3269a7bb58d8263dd6ba2 docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypelistdiscovertype.md: id: 6884fed27c30 last_write_checksum: sha1:cae6655b4024e0333e0a9fa7cd232ae71058ffd9 pristine_git_object: 73872bdce91bb5fd7ef14ced5ef33d6ac9e6f865 docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypenone.md: id: 19554514b154 - last_write_checksum: sha1:5e0e7486b25744cfef47d117ebfee265186df808 - pristine_git_object: 5432aebf7e322593c8dbb54f192796cd47747d0d + last_write_checksum: sha1:53ede04b906172535f1249bd558d60468dd99b0f + pristine_git_object: 1474e088c75d6442f79820c506adb24bfa6c3e62 docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypenonediscovertype.md: id: 2c39d15ac32a last_write_checksum: sha1:59a00b5acab648a58286c2f30fd9d3dcd2d0a262 pristine_git_object: 8fc7dbe7cb6440a0a2edd43d932d33885147971e docs/models/restauthenticationoauthsecretrestpaginationtypenone.md: id: 47ddfe8101fd - last_write_checksum: sha1:1b9deca1669264cbdc21e48a317db257560b0264 - pristine_git_object: 9d47a1e85f96855330dcb7bcef0db4e16a27ff9d + last_write_checksum: sha1:aadab45b2c0212df28e1ac36be246147b182de4c + pristine_git_object: 89a478b9b3620dd9c4b34fdedf0b5da69ecda7a3 docs/models/restauthenticationoauthsecretrestpaginationtyperequestoffset.md: id: 82768428c8a3 last_write_checksum: sha1:240a670c4e979b209db8b118df3798b57db4344a @@ -14888,20 +15028,20 @@ trackedFiles: pristine_git_object: 990234c6ee239baadcb7f16c552cb1e7b8137784 docs/models/restauthenticationoauthsecretrestpaginationtyperesponsebody.md: id: 7f6a4cb32b3c - last_write_checksum: sha1:ae255a246b4ce1621fe3913ed651519eafee50b0 - pristine_git_object: 3b10239cd71a2f9cec430b482850f957c1b380ae + last_write_checksum: sha1:36602358201c3818ecd241d6de988a29415babb4 + pristine_git_object: f29aa996d0a3103eee85a27036a1bbb45a51b663 docs/models/restauthenticationoauthsecretrestpaginationtyperesponsebodyresponseattributes.md: id: 7a5100767c62 last_write_checksum: sha1:555df084a97c40b376d874145137f6590a0c3f1e pristine_git_object: ac82557d1aed923cf7bdbdc9f4dedcfce147aab0 docs/models/restauthenticationoauthsecretrestpaginationtyperesponseheader.md: id: 8444ec29fcf4 - last_write_checksum: sha1:e556865d98039348652e6e08106418e6f6353578 - pristine_git_object: 39d11dd692a48e25ef6a43a47e8e78465cf5394c + last_write_checksum: sha1:3022055190fd122b66c7a20f4767fd6ac4559960 + pristine_git_object: 8c27d697c2bd2bc6e5b4ca872907f5fbaf2bb1a1 docs/models/restauthenticationoauthsecretrestpaginationtyperesponseheaderlink.md: id: f39c82c52de3 - last_write_checksum: sha1:5ef3aba1b8353fa728af3ae21748aa00565e1988 - pristine_git_object: d6388227500721c72548ea6fa404d52f431dd4bf + last_write_checksum: sha1:32740ee748e7f911f440b2fb1d3e08040afeaafc + pristine_git_object: 990d42565074d5ec5d2c5aee8b4f1b2365ffceec docs/models/restauthenticationoauthsecretrestpaginationtyperesponseheaderresponseattributes.md: id: 750ae2e87722 last_write_checksum: sha1:3b49b4382560c0da8f5eae7a932882f3aae45207 @@ -14936,8 +15076,8 @@ trackedFiles: pristine_git_object: 51f7d5c3f9c7742b64c91498ed8dcf32afb04723 docs/models/restcollectmethodget.md: id: a10998d19652 - last_write_checksum: sha1:597886c38dc8b0c7b1bd61a4ad16d4b7e281bf88 - pristine_git_object: b97973af67094aaaa9dd51f5ef33a00518bb5d6b + last_write_checksum: sha1:f35b60a0c5eab17f78d4d1137df607aeeed3e9be + pristine_git_object: e463193c51619ccd1ee20a0477ff123284cecee9 docs/models/restcollectmethodgetauthentication.md: id: 0d620b7488b0 last_write_checksum: sha1:d40aa84183fdbf397b88915b34bfb42655522715 @@ -14964,64 +15104,64 @@ trackedFiles: pristine_git_object: 08099bce06d86abf31a0886c0732c21cd0a4fbef docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodget.md: id: fbcec2f7f3d1 - last_write_checksum: sha1:9bbe82064aa98f5cf1a2cbdf2e222c222d3d5835 - pristine_git_object: 71cf52221d2c12951580a5892d3e2f62fceb6955 + last_write_checksum: sha1:59a2296bcdf94f64e97343f70764ff63e57f2396 + pristine_git_object: 4fab100d02b2ffc08824e63571f33888dda15eed docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: 208d1675a801 last_write_checksum: sha1:7dd8f90f114a774531681ef47d81675833e45b06 pristine_git_object: 3cfdf642a854d05544374a41aefda497fbd1f671 docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodother.md: id: 006e7bc1f8a7 - last_write_checksum: sha1:eb595a347da4b3a665c248d082fc006890b22f97 - pristine_git_object: f0f54f4614ed762770c2cfac7423f55ec1a48e84 + last_write_checksum: sha1:d0fb92da4e1845c5a4f2206eedf3f638dfb7cf6c + pristine_git_object: 8f6b2c26217ca9e49a1ad21f8f18dd96b3a3c442 docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodotherdiscovertype.md: id: 6cbe96b56f18 last_write_checksum: sha1:49e5a1aaf89a950ec27c351a186126bc1372b7e4 pristine_git_object: ea7f6b94d83ece071dafefb8c3c836bf2a345b2d docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodpost.md: id: 6ea0194d1c3e - last_write_checksum: sha1:80239154495624d09fe69d5fcdee64f49046d13f - pristine_git_object: 32cf197e03f819bde6f2105cbf5cdf13c303d85f + last_write_checksum: sha1:8e4cf3f2549fcbe050cb6cabb847f4d3a9fcc5d6 + pristine_git_object: d07f93fb55f07462bba6ad999c3294eac0e01d6a docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: 921961863b84 last_write_checksum: sha1:50e56b4b26fb73892e43067568082f991a4c8d50 pristine_git_object: d3d4dfb2acf1d79e9a4cf560312a7da1ec1802b8 docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: b7629aec1452 - last_write_checksum: sha1:cbc1966799e03479020ef0608beb77126226709b - pristine_git_object: adba406d69c25babf408ad41fa73ae43ef6ef34a + last_write_checksum: sha1:3b124eaffdceff02de7fc929a0359751604367c4 + pristine_git_object: f918226afdd4faff73579b2ef2970fa9f01dbef8 docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: cb3520e3c086 last_write_checksum: sha1:24c9ef1ae16a3f634c5857cfd4978f576e363a95 pristine_git_object: d5350f790358f7e5f8eb5f88ceedd4b9282f4d4f docs/models/restcollectmethodgetrestdiscoverydiscovertypejson.md: id: d257b8844a48 - last_write_checksum: sha1:9082d47efa10c069d5732727e70d2022257d8be0 - pristine_git_object: 502f658fed90ec3cf8d660772db4f9ce727eeda6 + last_write_checksum: sha1:5ae25bd24bffc385163897125b63eba41b7b9ad4 + pristine_git_object: 924744f15d64f0d8a103653d598dafbee683f531 docs/models/restcollectmethodgetrestdiscoverydiscovertypejsondiscovertype.md: id: 3e4785bd6c37 last_write_checksum: sha1:73b13f8c0e4f324c88a473a06b664813949e91b8 pristine_git_object: 91eb830585ebf94e8ca36c72cecff7756aea8d65 docs/models/restcollectmethodgetrestdiscoverydiscovertypelist.md: id: 0a5962b36b79 - last_write_checksum: sha1:7c75fb5322106e0c781837f93790f6259b02cb81 - pristine_git_object: b6f4c07413a0208708e526094a4bee3e8ec2dafd + last_write_checksum: sha1:07c29380fa1b1f0684969cf3dbf896fe690fd6d9 + pristine_git_object: 795285ea880299a6d729d14fe1b2aa9a2ef957b9 docs/models/restcollectmethodgetrestdiscoverydiscovertypelistdiscovertype.md: id: dac093c8025a last_write_checksum: sha1:ada9ed9e514330446effe51cff1bee8e198bb994 pristine_git_object: eee5b6cb667151281ba64ba9f6a0e24d85017df7 docs/models/restcollectmethodgetrestdiscoverydiscovertypenone.md: id: 18741e621698 - last_write_checksum: sha1:aca49d55cb8d371d9211988d8538514cab8616d2 - pristine_git_object: 523c42434ea096ff5ce6aaca70efcf6cfe1a40bf + last_write_checksum: sha1:55d10f242415cd328be17f84363da496e612d861 + pristine_git_object: a7153a3879d71f0ef46033a863b1810d7270d0a9 docs/models/restcollectmethodgetrestdiscoverydiscovertypenonediscovertype.md: id: f1268dabf766 last_write_checksum: sha1:16fa327847c83dc07ede9ad8c2142cea2f0ea931 pristine_git_object: b8f5b228d9033cea7ef615506f135c41f4551168 docs/models/restcollectmethodgetrestpaginationtypenone.md: id: 9a039c1a8b43 - last_write_checksum: sha1:69a5766b2638881db31b91cc100d78e53b963604 - pristine_git_object: 4e34be11d939e92ed61714917ab83cdf268ffad9 + last_write_checksum: sha1:5a7367e87b825e1f310cb793a3afe02944d1b180 + pristine_git_object: b6641c8ea3039f6a868acdc5ff6dcef13becae18 docs/models/restcollectmethodgetrestpaginationtyperequestoffset.md: id: 47b035e07eda last_write_checksum: sha1:6fb12e496277b37235a6a15e23b37294077e4083 @@ -15032,20 +15172,20 @@ trackedFiles: pristine_git_object: fa549232e5199cae0dee53b612b5409828252d56 docs/models/restcollectmethodgetrestpaginationtyperesponsebody.md: id: 3a3483582003 - last_write_checksum: sha1:523576fbd0c8ab45f8e1c6a807a8b903118a01a2 - pristine_git_object: 5f91ce75ec590cd3d5eff916c82fe17192123800 + last_write_checksum: sha1:35ba85e90a9673de0b9ef1cc468c6a61063f5c07 + pristine_git_object: 67ae99a557fa401bf91f0fd6a1d402cd2c1b3994 docs/models/restcollectmethodgetrestpaginationtyperesponsebodyresponseattributes.md: id: df3afb716573 last_write_checksum: sha1:0b69c8d167b978e2074b1b9bc9643ba404824ef9 pristine_git_object: 145eec0e3583679e413a2305600363087787ce79 docs/models/restcollectmethodgetrestpaginationtyperesponseheader.md: id: 03723c8d1cf4 - last_write_checksum: sha1:5231406b6ace66c33fe4a883987be63121c82637 - pristine_git_object: c34ed5781d6c9901acf3e439f8155214fdf0041e + last_write_checksum: sha1:e7d1432b43fadbf842bf62f07ee9acccf2544e8a + pristine_git_object: 7e7e86d4832f0d1a7e2984c8c459028db849acf0 docs/models/restcollectmethodgetrestpaginationtyperesponseheaderlink.md: id: 0847980b7461 - last_write_checksum: sha1:67e83dd2c68217423fb81bb9dcd123abf4ed7b3c - pristine_git_object: da9228c1ffba2b6bc1457d5ec36a7092fd5e4afb + last_write_checksum: sha1:f65183d6173628ce05d94a9a2ea6483fa9c72b26 + pristine_git_object: 071fc6220d1567619de7188889cdc066f4511aec docs/models/restcollectmethodgetrestpaginationtyperesponseheaderresponseattributes.md: id: 0d2c8ae87102 last_write_checksum: sha1:4013b5aa13d5452ccdb4936edfe3ebb0b03a8aa0 @@ -15076,8 +15216,8 @@ trackedFiles: pristine_git_object: c734ded3939a861d46b95a9181c2870b60969c0a docs/models/restcollectmethodother.md: id: e1e3c93eee30 - last_write_checksum: sha1:96eb18a51b2d9b9ea42c9ddf86aa8ec96d389564 - pristine_git_object: 9f8839ab026a9beab36c3c208fda0e136f629e08 + last_write_checksum: sha1:ad062b8dd8d9e076c0cec8f2d02c4f4bebc3136b + pristine_git_object: aae06df033a0217fd02246a00bacd99b91af0645 docs/models/restcollectmethodotherauthentication.md: id: ac2fa5288640 last_write_checksum: sha1:6a220c3f2c24aa601df183e48e7a427084b02542 @@ -15104,64 +15244,64 @@ trackedFiles: pristine_git_object: c889767c3a8a56390bd17d3cb861399fff9acb46 docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodget.md: id: c9a88c78a554 - last_write_checksum: sha1:b036109833d9f33c070ca4d9c9fe6d4690bb0c7e - pristine_git_object: f9dfdf321ec9936e60dfc1cded895c34fd7024c6 + last_write_checksum: sha1:da0acf00ac6fdaf1556703d23b6141a96fd93646 + pristine_git_object: c011645e52d1a3fcfed5986fcefcd0c4ecc1faf0 docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: e19299fca567 last_write_checksum: sha1:5f95d7c444fef671e9b8775bb2a59e3359ab68cd pristine_git_object: 0957b250e161d703eb07f918ae738f06c3e3bee9 docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodother.md: id: a2fb15f29492 - last_write_checksum: sha1:5390b62606914793f6533a75f987962b0bd87c62 - pristine_git_object: 775eff3024979be169350eae2863e496d781cfa8 + last_write_checksum: sha1:5980bcc6d4edbb7fe9cbdac65b4f460bb8e8fc3b + pristine_git_object: 657778fe1321d77cf15de5ec89002217d8be8e7a docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodotherdiscovertype.md: id: b1652bbfa2f0 last_write_checksum: sha1:ced324ce77422f138d82511fe5a431d3382a3bc4 pristine_git_object: 293dcaad826351fe482906e9025e5be1c30bac01 docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodpost.md: id: 827d0304bc3b - last_write_checksum: sha1:ca3452a0e3666d48b2c219415ac8a3c2bba46b57 - pristine_git_object: 89cc3ff77a2386252e63be47ab8651d06b9c5f91 + last_write_checksum: sha1:3bceba0ef060ed470200571cace1789268f075ed + pristine_git_object: 9abc9c0cc6d9406c903ad7462257c5fe708c028d docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: ea09514a0b93 last_write_checksum: sha1:230a4cd78d9ee263ada219156eff07fc310bcb99 pristine_git_object: af962780dc2dc4ddd08032b747b568463e773e5d docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: 008a61a64499 - last_write_checksum: sha1:a591d5151ccd6292732a0c052d6dcd89388c7138 - pristine_git_object: 21f54e97a5d48f6de9066a6149006c0718ac093f + last_write_checksum: sha1:ce8232233b855858299716783476d505c2825a06 + pristine_git_object: 6274cbbdacd683d16a320e57a1c0ea2aea76dd98 docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: 8ae4671bff26 last_write_checksum: sha1:fdc427d806b28db10021ae1be584a0fdf91a9e41 pristine_git_object: 7b2aa36c13a64ae8260aab2efcfe2ad0b90e3a2e docs/models/restcollectmethodotherrestdiscoverydiscovertypejson.md: id: b2c9ca326f9c - last_write_checksum: sha1:29ea4829f92e271dc0a2ad8050f459c8d225ede1 - pristine_git_object: 5e943f4c8659dba968afc610e257e613c6625e02 + last_write_checksum: sha1:3cbafa212ba407de62b4ff36d996d2aa01c31c1c + pristine_git_object: 7457763cd5733cb1a2c3fa082e2064f0c782bb00 docs/models/restcollectmethodotherrestdiscoverydiscovertypejsondiscovertype.md: id: fd158045170f last_write_checksum: sha1:b7e02b2767a569e5f85802fcb1c6bcec9a518b0f pristine_git_object: c24e27703ffc6a2e0a22e69b0998926da8dfefa2 docs/models/restcollectmethodotherrestdiscoverydiscovertypelist.md: id: c96cc89bd73a - last_write_checksum: sha1:5a781c036afa0eaebea41d6c3c639168941f84c6 - pristine_git_object: cf1d36b6032e7eae7bb98175a059d23e6f818a2d + last_write_checksum: sha1:469ae778545b7294f75d89f7c8575523f6c0d1da + pristine_git_object: 20b96bebf51375437f268b7a8a6996d8eb289278 docs/models/restcollectmethodotherrestdiscoverydiscovertypelistdiscovertype.md: id: 1cd884c97297 last_write_checksum: sha1:f1a30e68eeb0a0003a0499138b13a8c10ac2b987 pristine_git_object: 29c76286b53fcaf7b35247c361503662e686fa44 docs/models/restcollectmethodotherrestdiscoverydiscovertypenone.md: id: 1dc3a509a2ed - last_write_checksum: sha1:a3016fa04491aad5896741d8926373b96f797670 - pristine_git_object: bbc4f4d61866523c6bc4431d4a620bdf26b44e53 + last_write_checksum: sha1:39af467dfd3394f137ce8ac9d9128d64bab101dc + pristine_git_object: 8170159b86432f8ded8e08b7740e3c9f6891425a docs/models/restcollectmethodotherrestdiscoverydiscovertypenonediscovertype.md: id: 6a134059e800 last_write_checksum: sha1:744f06b1ce4470b6e41744e84533ba17f9ef18af pristine_git_object: 0cb5121753a76148f1cae7f6908a8c9b99b9883b docs/models/restcollectmethodotherrestpaginationtypenone.md: id: 5235b32c01c3 - last_write_checksum: sha1:29c37ec39d8d61f57192921432b011c70082c769 - pristine_git_object: 54a4e830e634b94c269e1383551385178ac7e413 + last_write_checksum: sha1:1ef6267ef6fe7221d391f369e7dba63e937db00c + pristine_git_object: 45660ef8a0c7066e7c24fb90b4f7224e67bc2cff docs/models/restcollectmethodotherrestpaginationtyperequestoffset.md: id: 89d2eb63420d last_write_checksum: sha1:382bdde4fdbef9850cbeece8970e3b57b24bf93a @@ -15172,20 +15312,20 @@ trackedFiles: pristine_git_object: 74e627d891ed8a9223bdb65c578845fe98f92e48 docs/models/restcollectmethodotherrestpaginationtyperesponsebody.md: id: 10fbb13c390c - last_write_checksum: sha1:2792e449390345e9e92c54aba75a90b8f27e83c7 - pristine_git_object: a17c6112a8f79b2a3e9a40d36ac8fd85927a3abd + last_write_checksum: sha1:285d9bae222f5b49d79f1d4a18d6c62c61624695 + pristine_git_object: 37099250cade38e67645e01a496b1ac2f4764778 docs/models/restcollectmethodotherrestpaginationtyperesponsebodyresponseattributes.md: id: 2c707796561f last_write_checksum: sha1:497e8012723259f05cecf5ce391703d4e30b1083 pristine_git_object: e9480d43490893ef0bec313c48aa09fec735478f docs/models/restcollectmethodotherrestpaginationtyperesponseheader.md: id: 9d2dd478211e - last_write_checksum: sha1:e8331d91793fbccaef09a79de82608bdcc5a8eaf - pristine_git_object: 19e099670d877438ae285e4be289765f70c163f9 + last_write_checksum: sha1:bd23a07176c2463d4939810e39280f3b8e6bf3d1 + pristine_git_object: 32953cd03735b643828a918a7e8130f5a58ad161 docs/models/restcollectmethodotherrestpaginationtyperesponseheaderlink.md: id: 2b8dba62423a - last_write_checksum: sha1:555b4dace69b55048eb38d5760cbc6570d417637 - pristine_git_object: 90a2dcd3019e6e2b5955801894815b67769c10e9 + last_write_checksum: sha1:f9e710086ecab45d8d77dc7543736cf62f20a8cc + pristine_git_object: d44555b3090d7b5dee57a01c3850505af06577b8 docs/models/restcollectmethodotherrestpaginationtyperesponseheaderresponseattributes.md: id: bf89dfa36f60 last_write_checksum: sha1:9a9c3eb32269d4a65484ca439d1015a71ff23c64 @@ -15216,8 +15356,8 @@ trackedFiles: pristine_git_object: cbb20b8c18ed40f4bea741488578ea85c015848c docs/models/restcollectmethodpost.md: id: d2a506070dd4 - last_write_checksum: sha1:d4be3202fb7ad6e82dff14dd32a5af434a1ba070 - pristine_git_object: 5de10863f46e774225be17264c607ab77f102e69 + last_write_checksum: sha1:c635707a031e5de39d64029e9dc4e51d69f315ef + pristine_git_object: bec34adc694f5bd174a07222891449dd082455cc docs/models/restcollectmethodpostauthentication.md: id: 2e142548e0cd last_write_checksum: sha1:7403bc750f086492d4052e671785edf12f975346 @@ -15244,64 +15384,64 @@ trackedFiles: pristine_git_object: d507adcd8922f8fe9518909e8694d5125b670075 docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodget.md: id: c95312aa62d9 - last_write_checksum: sha1:7184174d51efe9cb8e129d231025ac7a2e4a72fc - pristine_git_object: 94be1ba97308628f5d91678e1d6b1077175541ad + last_write_checksum: sha1:b041b584ad158c538df952839002fd7c1e5f38c2 + pristine_git_object: fef84e579dc6020b84ae726833827617131fa11e docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: 785976066c6a last_write_checksum: sha1:22898e3b1d10a4d3feaa70f023e7f8c5c3057943 pristine_git_object: 0806bbbca94e3a011438fe4f597577e55d810c00 docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodother.md: id: fe6d134f23f1 - last_write_checksum: sha1:1da829f3aed2afe17ae1f87aa08813d4ad988ba8 - pristine_git_object: 33c4b8a8e2f9fca50e401b475834585880d96a0c + last_write_checksum: sha1:c6183950cf0dab6da15550817476d9c583ec3bd1 + pristine_git_object: 3e3c2826e7f601c291e3878f747bec3f8cf6cca1 docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodotherdiscovertype.md: id: ad68e517a126 last_write_checksum: sha1:85c53c9dd2d665149d4226578b08d1c2484372eb pristine_git_object: b6f7835f3064c375507fbef216ff4ac8471e1d4e docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodpost.md: id: c2da514ed6c3 - last_write_checksum: sha1:36f2d98e953fae5691f1d96d6551d0b7850b558b - pristine_git_object: c1554665de604047752a1ad7467690877f0392d8 + last_write_checksum: sha1:e8f1760ce23602e4cf6a7e0389af04e681ef47cc + pristine_git_object: 08b8f040cc5991e9201cb98a25a3bb085f7c2998 docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: 2fdca9ef6575 last_write_checksum: sha1:030c7b246657302eaf53be29c66d6dec9ad21cbf pristine_git_object: 25a8ba8e0205fe7b3886edc76fc91e270e71b972 docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: 20a5f8e5066f - last_write_checksum: sha1:f3721c062a739141c4a9cda3b6f64ffdbbf6a7d1 - pristine_git_object: 96296cea7dce4622f79dfccdab3ba6abe0345926 + last_write_checksum: sha1:1e1ee5ce6bbd80160f983dc522c791b41aceb22b + pristine_git_object: 51926e5bd3aff043ceb55d200d0498f8b43ab69d docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: 919de453dd89 last_write_checksum: sha1:8c7840a1a811de3bf0a5f0483d39532415c9d550 pristine_git_object: d70777608f803e2e4025314d955408ea58bc7572 docs/models/restcollectmethodpostrestdiscoverydiscovertypejson.md: id: 2bfb9d9f517d - last_write_checksum: sha1:302c32b47457ea22a0d80f0381ed502e5f678e4a - pristine_git_object: 6beabf055ef5ae49e09f46b05b551cde51511f8c + last_write_checksum: sha1:7e8bf21afc86edc12cf98e21f9df81814e430fd7 + pristine_git_object: 9a571531bf8e63ced63db99ae997bff0e4f33022 docs/models/restcollectmethodpostrestdiscoverydiscovertypejsondiscovertype.md: id: b3e018c06e81 last_write_checksum: sha1:56c3f0638c4ae1c9878e7ea71ff73430f8dd2c15 pristine_git_object: 4aaa2d21341cf2691c4b7aac02c4e7be4cd43a86 docs/models/restcollectmethodpostrestdiscoverydiscovertypelist.md: id: 88a1387f30f7 - last_write_checksum: sha1:3cc06841c20140e73f6b95b25224ec23516bdb16 - pristine_git_object: faaa7152d121b8310cdf47c779a77faa81625603 + last_write_checksum: sha1:fe3e81726df358da0338e23cb416fb79ec7d4813 + pristine_git_object: f0e8c4f8d4588dedaa7ffd4db86c9f343d8dfd63 docs/models/restcollectmethodpostrestdiscoverydiscovertypelistdiscovertype.md: id: da9ba0ecb58a last_write_checksum: sha1:edbf24d7d31598a18a67c0ae36403af2db394cac pristine_git_object: 475bb2f2ea670c458bea833e86c4dfa4e2868d6d docs/models/restcollectmethodpostrestdiscoverydiscovertypenone.md: id: d3c0ada81dab - last_write_checksum: sha1:8dd050b664baf870170ca3cfb287512a1836b515 - pristine_git_object: fd9b84b95769870830aaff3b05f6265427b494f0 + last_write_checksum: sha1:1f99fb7fc8ddab764eee116c8e6da8212224e96c + pristine_git_object: 030b93637a20a9033fe0c679f28a852802e17f28 docs/models/restcollectmethodpostrestdiscoverydiscovertypenonediscovertype.md: id: 51a7520d9d70 last_write_checksum: sha1:3562aa30f000d5f57bb92099fdb5bb74dbbe6d7b pristine_git_object: f5381088ddbbb2137df94226848be820c0db837e docs/models/restcollectmethodpostrestpaginationtypenone.md: id: c4e6d013e139 - last_write_checksum: sha1:ee877f508d6bd9c937371dac9a8220c641cacc5f - pristine_git_object: e33175c460fe27607ad512c674447e8fca89cbcb + last_write_checksum: sha1:b0668d9dbc0c598c9ecf8a985834a6479161ca6c + pristine_git_object: 00f4192e143a1877161e9c89f5af6d2634b0069d docs/models/restcollectmethodpostrestpaginationtyperequestoffset.md: id: 2cab5bfe8015 last_write_checksum: sha1:2fe1fafd35f85e60687468dd8d568b998154b64f @@ -15312,20 +15452,20 @@ trackedFiles: pristine_git_object: 464344447dd296bdcd3f8129480437323906b7dc docs/models/restcollectmethodpostrestpaginationtyperesponsebody.md: id: 79f0276d7e8f - last_write_checksum: sha1:40169be03273c093fde75c0a9b55de3de5512160 - pristine_git_object: bef8c3c8988bc640eaa1aed385feea040aa99bf4 + last_write_checksum: sha1:39e461af202bf8d460f1dd4aedfd4cc4c16a19b0 + pristine_git_object: 86782e11fdf54b05f1e8eb54cc90a7d8400923e5 docs/models/restcollectmethodpostrestpaginationtyperesponsebodyresponseattributes.md: id: 21df9e095352 last_write_checksum: sha1:6e314b6982ae4efdf5b03aab16b354524330eeaa pristine_git_object: 8f2015e885bfcbd5daaf46afb0865cffe2186267 docs/models/restcollectmethodpostrestpaginationtyperesponseheader.md: id: 0bfbf624273e - last_write_checksum: sha1:dd7c5fd99e4f08e851f62d1a0453340f32a2ca19 - pristine_git_object: 1e0eacc4b0987b8ad2d69baf0c3e15dfbbfc7cf4 + last_write_checksum: sha1:9fc227d423bc11d41538fefa8cf5768882bfdef9 + pristine_git_object: 678714aa79e637ad5c52555f45b7b0649be77380 docs/models/restcollectmethodpostrestpaginationtyperesponseheaderlink.md: id: c6d5c3e0fb48 - last_write_checksum: sha1:b8dd774f8e4418ec595d8e10ecbe521f03d3415d - pristine_git_object: 9558f4cfb35f670a423655f85bb54d4c92b37023 + last_write_checksum: sha1:c2a809b3a8095650f597768174359d61900cb498 + pristine_git_object: 4d578aec0dbaf2f1238e86daeb26c0c3f6b07fee docs/models/restcollectmethodpostrestpaginationtyperesponseheaderresponseattributes.md: id: 28a8b51798c2 last_write_checksum: sha1:6faa197fa90976c4d4f5475ff9df95513c26b31b @@ -15356,8 +15496,8 @@ trackedFiles: pristine_git_object: e7255becbde61516dfe4f90229a2debc45f4b377 docs/models/restcollectmethodpostwithbody.md: id: 84c5f274af90 - last_write_checksum: sha1:21b01002e6fe6c4ad440368d1cf66228358d01ad - pristine_git_object: d95be800853a9017ea22176baca5eddaab8df408 + last_write_checksum: sha1:764f8bf397da0f9b139561625ba6cc73d87d0ff5 + pristine_git_object: ca005b0165320ad0fd0612bc3a656d64396d7e70 docs/models/restcollectmethodpostwithbodyauthentication.md: id: 0bbd6bea6cd3 last_write_checksum: sha1:d6c2ad5566592b9aa6706baef7b5eb1d82c5c656 @@ -15384,64 +15524,64 @@ trackedFiles: pristine_git_object: f73743640f16f3a5bfd5f9279ab75feece45a1cc docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodget.md: id: 962070c79053 - last_write_checksum: sha1:5aca192a6a98061ef4166ce0aa9994f018fb4b8f - pristine_git_object: df4a090432233f244f4d98e0d9f5ddc120e67fb5 + last_write_checksum: sha1:1db880b9b68ebc7f52f3f12d1dfe3007a08d0403 + pristine_git_object: 802e940aafafe7abbd474f0dc505a2eceeba641a docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodgetdiscovertype.md: id: eee10376f668 last_write_checksum: sha1:b18fa783fb0339a666e1053ce8affc2e9d61d9e5 pristine_git_object: 1a9ef9f25f901a47aa59614aeb8e53666604f4e4 docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodother.md: id: 516e6645d165 - last_write_checksum: sha1:b8306a3f0dfc5b54162f217c50ce8e598525ba73 - pristine_git_object: 4dfdc1f1e0bc0cc6a1b27447aa60127516f9479a + last_write_checksum: sha1:4dd07bc3e37bb25013282986fa185388572a8100 + pristine_git_object: d58111406a85ffe4d1480df7b64fefadbd52bbc4 docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodotherdiscovertype.md: id: 205eb50279b0 last_write_checksum: sha1:43fc858d8db373b89c95bd807afd0fdc2e2a047d pristine_git_object: f106d05f87c0077fbd7fce85283f075aa9ff59d5 docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodpost.md: id: 167191f358cd - last_write_checksum: sha1:b99ae6b2e2f21854804f7cfa66bd592af20a5e27 - pristine_git_object: c17d996c20623e59aadd2346fd610d2062a0efe1 + last_write_checksum: sha1:de4ac4be3bb101f8f88715c705b89c01e2797140 + pristine_git_object: f151963a56d7b4f92ff1a76698fc95aba1cab5e9 docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodpostdiscovertype.md: id: 2cd9fdae8ffc last_write_checksum: sha1:d2f5275e8d471d201c5b8896ad7698f4a3a5a743 pristine_git_object: 6ef137f49788c1dfe6e26fb03c8bcea1cadad734 docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md: id: 8b0ebc04959a - last_write_checksum: sha1:d093598d6a58f64fae7c294f72accd3486f4ab9c - pristine_git_object: 806167765514589eb64fe50aaee4cc1c51505752 + last_write_checksum: sha1:5f30069eb0d607ab0d91ac3b1737880fd622d23c + pristine_git_object: de87c053911210a346291ef3b97da7e085957e1f docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodpostwithbodydiscovertype.md: id: f32e90751922 last_write_checksum: sha1:c2ce3ef712d0b075fba0752e508c812fcf43e606 pristine_git_object: 5d0004ed7879fd46b82faf33e16638f748261b1a docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypejson.md: id: 30d23b1f3298 - last_write_checksum: sha1:592c5019f490eea6197dddfa2290d59ce8dbf8a8 - pristine_git_object: 06e6aa2c2285d5c0a50be5957b5604e8d2ec1113 + last_write_checksum: sha1:04b4153d6641c5bb30ba63d6c61be8f82d1316ea + pristine_git_object: 55b3bf0d7f7114080e7de770475e40582438a535 docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypejsondiscovertype.md: id: e0e3539879ff last_write_checksum: sha1:e7b10a8a18e905af0a1924f8eaa155c2dc84c0c1 pristine_git_object: 0246d2268b3d3d148170f9e990e5ffab7db31394 docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypelist.md: id: 0de8b7415475 - last_write_checksum: sha1:d475d2efd290dfc727491c577b80c0b9672e7cc5 - pristine_git_object: 0e3dee02e2da36c5e39edf4fa15bd39866145207 + last_write_checksum: sha1:03f090ba90330b04ca7d669d5e6dbaef57f94267 + pristine_git_object: 1a895008e7b2fb21d4818b0a9b1187560186e787 docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypelistdiscovertype.md: id: e12fd6ecfa8d last_write_checksum: sha1:e1e953d394c3fe298d94b5e625b6f2cfd32ed0b2 pristine_git_object: da2e1bde49e4f96e3d294a19b188f9c99c3288a5 docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypenone.md: id: 322ca36f875c - last_write_checksum: sha1:38b6ad7b7f5ed21645435e3a4aa8fb63b3f5d6bb - pristine_git_object: c85f08fff9f2f735c1a25787cce4806eb6256d04 + last_write_checksum: sha1:fc504e1a8d07c190b44fe108909b4346015bb889 + pristine_git_object: f01bd5bce93b2af7b2c1e610e8d9fc5299084b8c docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypenonediscovertype.md: id: 515f552bfde8 last_write_checksum: sha1:ebcaec9edc4414f1b2fafd5c6e307643ecf988c0 pristine_git_object: c61ae98093e62457a95c8b9297ac7713fd8c2aaf docs/models/restcollectmethodpostwithbodyrestpaginationtypenone.md: id: 867fcd6dfef7 - last_write_checksum: sha1:1a0441df1484dbb9de369a1a7b1e7399fbeafbf2 - pristine_git_object: a35c263bf9c9fb984c287194bbdd46ded26086a0 + last_write_checksum: sha1:86866d17a868d2d50d7fdf5d1558c492af807e4c + pristine_git_object: 4aaadff1de5e399816bdcb1519151a465d83a39d docs/models/restcollectmethodpostwithbodyrestpaginationtyperequestoffset.md: id: 56f737e078ca last_write_checksum: sha1:b12bfcc2e97e6c7bc24103f375ae7b44c24f2de7 @@ -15452,20 +15592,20 @@ trackedFiles: pristine_git_object: 6cf497e3bfc5f86a16238c7fc4e8f3dd113b9dd1 docs/models/restcollectmethodpostwithbodyrestpaginationtyperesponsebody.md: id: e7f3a182edad - last_write_checksum: sha1:c00a55610867ac48b0abd7fa5d0d758d8feae662 - pristine_git_object: 17624d32d001ea198f535572c0d4ba0761ba3620 + last_write_checksum: sha1:ec76666ecba39d3b5842effd4ddd41f5eac4ffb6 + pristine_git_object: 5932a31f44be680251d9133868b94455f97fc0bf docs/models/restcollectmethodpostwithbodyrestpaginationtyperesponsebodyresponseattributes.md: id: 9f7b9e26fe42 last_write_checksum: sha1:93340a4effc5f645553330a71d61e94586c7dcd4 pristine_git_object: faa5377c81a2acd05edcc9b1d0bb1755fbcccc45 docs/models/restcollectmethodpostwithbodyrestpaginationtyperesponseheader.md: id: 832bc86281ec - last_write_checksum: sha1:04abd83ab4158ee63ab339eb877ff6ba23f6631c - pristine_git_object: 5b5dd73040c099def4760280c3b4e65482444648 + last_write_checksum: sha1:3c8ff5a5a7ec0ebf227dd68590f5be59a908cb4d + pristine_git_object: 3f1a0ce42e2660ff86b31d65a2513822ae4882cf docs/models/restcollectmethodpostwithbodyrestpaginationtyperesponseheaderlink.md: id: 12d5666dfedf - last_write_checksum: sha1:e807bc5e7baae15d1bc46b4a21ae86494a11759d - pristine_git_object: 5fee3dca693864bd918de61515cd160292f0dcd5 + last_write_checksum: sha1:882b485a0950929988f42df9cc3e2447362fe788 + pristine_git_object: 29d4c21a7a1f3e45f96901ab5b37ea53925f3b13 docs/models/restcollectmethodpostwithbodyrestpaginationtyperesponseheaderresponseattributes.md: id: bc519ce81312 last_write_checksum: sha1:2518850a862d502b149835adefeffb5bd4922cd0 @@ -15500,8 +15640,8 @@ trackedFiles: pristine_git_object: 0db0f2078c250988cd760ed7122c1fc1b03bc0b2 docs/models/restdiscoverydiscovertypehttppaginationtypenone.md: id: 4a1b9b5ef4f7 - last_write_checksum: sha1:d21134f111a6c5081464e173e7aa7ee485a646d1 - pristine_git_object: d2818fb2ec2126b57da4b4fafe6b98f6fb168be1 + last_write_checksum: sha1:3d840d68bde8c0716ec71b942fe262b5a7757154 + pristine_git_object: 5940d63c6435f2abc0f42a7a441ea10435c2bf60 docs/models/restdiscoverydiscovertypehttppaginationtyperequestoffset.md: id: c3022c6fd252 last_write_checksum: sha1:cfdf574fe915131ef61759e3788d0ec1ef571a24 @@ -15512,20 +15652,20 @@ trackedFiles: pristine_git_object: 021c13f252fd94d7dda7661e9ff10b98a05f5942 docs/models/restdiscoverydiscovertypehttppaginationtyperesponsebody.md: id: 6be21b00287d - last_write_checksum: sha1:8f687f642a4304469564f53fb7e520c832ccccac - pristine_git_object: 3063894acd745557d29a59be701134a6ebc7fdcf + last_write_checksum: sha1:f7f9a908e3abeca15e33ff1b7e98cb3e5850f358 + pristine_git_object: d642365b0b134323be8888394a3b9457df402fbb docs/models/restdiscoverydiscovertypehttppaginationtyperesponsebodyresponseattributes.md: id: 99e024e0566c last_write_checksum: sha1:389b3ed30dfe130140936bce6a6fd7de094be898 pristine_git_object: ca1883489e43eb3e7af1a77103a35b8b9eeb38fa docs/models/restdiscoverydiscovertypehttppaginationtyperesponseheader.md: id: 0be8cd4626c9 - last_write_checksum: sha1:605689349b8dc270e6d69f5fb7218233283d00a6 - pristine_git_object: f8e497fd50bd7d94dfbfc4203ac8ee812800bc87 + last_write_checksum: sha1:0ee4c1f49721e8ce27be802b6ae44619278c22e2 + pristine_git_object: 009977556d970ce61c452387ae37b41e9555e97b docs/models/restdiscoverydiscovertypehttppaginationtyperesponseheaderlink.md: id: b1db7df2034c - last_write_checksum: sha1:30d26538dc0cb1e4c4fff571ae86cd3ce66eda97 - pristine_git_object: ded48b2a83598ac45c9c8f48f811bce111c5cb8a + last_write_checksum: sha1:9bb2f9891650298f97595523bda2a77dcf2e7ddd + pristine_git_object: 2768a323def3c82cfe08a49fb89179a49dace9bf docs/models/restdiscoverydiscovertypehttppaginationtyperesponseheaderresponseattributes.md: id: b0a518d53043 last_write_checksum: sha1:c74152b3f967179b151b2798accbbfdbad973b2e @@ -15562,6 +15702,10 @@ trackedFiles: id: c96fb7913756 last_write_checksum: sha1:a5488dcbc21873b29f22f5b0d7a90cd5f7198902 pristine_git_object: e74654725713481fd01e136f72df369810075d10 + docs/models/rootnodeconfredisdeploymenttypecluster.md: + id: 658936f84d03 + last_write_checksum: sha1:e39122b5dd3ee482662dd9fa2dfdad530fa16d88 + pristine_git_object: 8c4d600711ea2fa55523fbb5672f8ece54af5f2d docs/models/routecomment.md: id: 3db72dd26c56 last_write_checksum: sha1:ba3c2bff4c71c24c765c9f941e419cac4aab82d3 @@ -15612,8 +15756,8 @@ trackedFiles: pristine_git_object: 3a679efe481d5fc878ad4c31befcbdf38376ebcd docs/models/runnablejobcollectionrun.md: id: 833f31034926 - last_write_checksum: sha1:e367185df2228254b47db0efe1c57ce174f1b0b7 - pristine_git_object: 60fd107131fac512eed3ee264502c608b506c354 + last_write_checksum: sha1:94212e4885091ed2c293f248f337486bedf531d7 + pristine_git_object: b562426ed8395421d0e8b93999877ca185315f50 docs/models/runnablejobcollectiontypecollectionwithbreakerrulesetsconstraint.md: id: cd761a5eb4d1 last_write_checksum: sha1:dc9f986545748fdd24f0c415f5c838a0b259f582 @@ -15636,8 +15780,8 @@ trackedFiles: pristine_git_object: 296640c30c9612f0289b827b71a9d70d5f9579cf docs/models/runsettingstyperunnablejobcollectionschedule.md: id: 7dc261db0928 - last_write_checksum: sha1:4ec12b70fa3467d1282fb1b705cacc233aac5904 - pristine_git_object: 58aff8d4ca142d1e040d6229f7f4a8ae0e16f94b + last_write_checksum: sha1:8134c7bd882ba1e52cf895aea83c959532836023 + pristine_git_object: 9e11cbae785bdcd4572207e00b239b36318883f8 docs/models/runsettingstyperunnablejobcollectionscheduleearliest.md: id: 584af824eefe last_write_checksum: sha1:716bef09ed314e99fff73846f8a09ae071d93fa2 @@ -15652,8 +15796,8 @@ trackedFiles: pristine_git_object: e20ab7096576ae987fe988c3c4484e92018ab35c docs/models/runsettingstypesavedjobresponsecollectionschedule.md: id: fe943c68fba6 - last_write_checksum: sha1:a798cf4a63a0964d793d846cc4b6bf718ec352bf - pristine_git_object: 8b441dbb01caacd677f8f19a7e59ddab0c0513b5 + last_write_checksum: sha1:486e81947db0ea6fe4d54f02c0c9f6e93073d788 + pristine_git_object: 9784a610be3f1995c231f83d64e9b0614e14adf5 docs/models/runsettingstypesavedjobresponsecollectionscheduleearliest.md: id: 51c8156cf5cf last_write_checksum: sha1:9c17ab4e16d39ab6c6cf2b45ba1abbe222346ea0 @@ -15848,32 +15992,32 @@ trackedFiles: pristine_git_object: 4e8eae3756d23221044cc07c92d7aa19adc17c58 docs/models/serdetypegrok.md: id: 4d4c83a54b18 - last_write_checksum: sha1:97cecac01a7e4b45946dd9c5fecab7c15deaa367 - pristine_git_object: 760a483d9bc2aeee324a5a4827f60fa84484c5bd + last_write_checksum: sha1:88705b62926fe405aef02f04c7810e5bf88fffe8 + pristine_git_object: c3e4b5da1b04fb5627bb29af7224a8361998f9d1 docs/models/serdetypegrokoperationmode.md: id: 2dce5ff484a2 last_write_checksum: sha1:2a0c8d4abd89a115d94913b2c0ebc95f6f6e4367 pristine_git_object: 210b93127456ab9f11ea5c858f618168fca0292e docs/models/serdetypejson.md: id: 6a1fc7129128 - last_write_checksum: sha1:61d10070584c178f62c7405cc6c472e1ac041764 - pristine_git_object: 0103122bda1633af19e0ba762c45e07c39763bf4 + last_write_checksum: sha1:0b5eecdfed90fdd320e3a87fc5d42a68274850ea + pristine_git_object: faa2b1f6f753eec04cf6dae195b9b475c35c6363 docs/models/serdetypejsonoperationmode.md: id: 67ec3a3b2101 last_write_checksum: sha1:094c9e4effb753fea860bc23eb717ea9ca06808a pristine_git_object: 02932470726b5ebc3bbefc665e614d5f16fddcd1 docs/models/serdetypekvp.md: id: 6717c6215a93 - last_write_checksum: sha1:7ab68d9964344e908fd3323ca0a1acff19bcad62 - pristine_git_object: ccdbf99146bb07709c69e7b0dc366db100e06e3f + last_write_checksum: sha1:959e5c19675fbe9fbb918ff5db990ecc7d7a0f7d + pristine_git_object: 77c1309d97775e8b57b18894b68fb3c92a08b931 docs/models/serdetypekvpoperationmode.md: id: 5fc4454b9fb3 last_write_checksum: sha1:0011671fdf932b2605adec4379d6b186990fe9ac pristine_git_object: f0ccfb5a1fa586b8f77aaf141771d6426165d158 docs/models/serdetyperegex.md: id: 73320658cab9 - last_write_checksum: sha1:0081f7e9f86e3cb9d28038fd27636947048f8603 - pristine_git_object: 5906036019b9a65ef2b79d62b9582f370cdb3a1e + last_write_checksum: sha1:4856892c394c61233e81e54c76a1997e2835da4a + pristine_git_object: d902250fecbbd7134ae50976daea12b8f7622ecd docs/models/serdetyperegexoperationmode.md: id: f0e12938138e last_write_checksum: sha1:acf9ec1b697b8dc78b26114afdb9a75eee94777a @@ -15956,8 +16100,8 @@ trackedFiles: pristine_git_object: ec4484e177bba8dd91b2ce446da100f36c605dba docs/models/splunkauthenticationbasic.md: id: 1584c208b219 - last_write_checksum: sha1:c83d2ed6b135274cde67161e2289d3547685c383 - pristine_git_object: 4e4999f71cf83d245976e86b925acc284662c386 + last_write_checksum: sha1:193a738c863e06f8a6e343026be95e03993a5ed1 + pristine_git_object: 205f74c75b628433e5acb100e65b9e6f79b5d806 docs/models/splunkauthenticationbasicauthentication.md: id: a7e7619bd9eb last_write_checksum: sha1:f8f1c1613af736a5069762a3278ef15143185284 @@ -15976,8 +16120,8 @@ trackedFiles: pristine_git_object: 2a590dfab3857e2968d1573eb60a186e43ca9c3c docs/models/splunkauthenticationbasicsecret.md: id: dfc6feb357f2 - last_write_checksum: sha1:59988ea899ce1daee006129ad65b54798dbcc5e2 - pristine_git_object: 68bf0f742f1d48597afe8703f8259ae427271209 + last_write_checksum: sha1:5a9229ecae5c02837922150418c6e46d2d96fde3 + pristine_git_object: 335074c5c67b1bcf7739f27641f6a0e9159e8dac docs/models/splunkauthenticationbasicsecretauthentication.md: id: 54f306468a49 last_write_checksum: sha1:b8307b87b78cb0681a8c02faeea6f21efcd68840 @@ -16020,8 +16164,8 @@ trackedFiles: pristine_git_object: 6359e7fe113b415156056a92f64bc2a737445636 docs/models/splunkauthenticationnone.md: id: bb73be95c7d7 - last_write_checksum: sha1:8f4b4349d73239116e41cc61b6d67f2f751381a6 - pristine_git_object: 01254f06a9d7ef8153f7a86053151168f65858c4 + last_write_checksum: sha1:7d1b5957c35f1499398265e13899ebca56b7b5ed + pristine_git_object: 3af3b9497e1acab6b544190a720725dda93d26c1 docs/models/splunkauthenticationnoneauthentication.md: id: 1b0cfdd5ffbd last_write_checksum: sha1:fd8a4c44565521f466ec171d99bb662bf061039e @@ -16052,8 +16196,8 @@ trackedFiles: pristine_git_object: 954d1bc4b4b160737b9303b16846f1746ef3027f docs/models/splunkauthenticationtoken.md: id: 1c8bbf6dabd0 - last_write_checksum: sha1:0e1bb9bdc378856a4e57f8d8e7cca742d6500c66 - pristine_git_object: 11d154c0de9fdd45d3f59933df2075ad41e20772 + last_write_checksum: sha1:bf517c7a0082b119315bb39a4514ecd09e5887bd + pristine_git_object: a5ab0989d63695aeb8cf686fedc70c1d5b6c70a0 docs/models/splunkauthenticationtokenauthentication.md: id: 416f0842bfe5 last_write_checksum: sha1:efaf56bdf7fae60e85f5020711f1c411719d25a1 @@ -16072,8 +16216,8 @@ trackedFiles: pristine_git_object: 64fded75605ab095bb68225337ee93916fa7c63f docs/models/splunkauthenticationtokensecret.md: id: 351ff7971713 - last_write_checksum: sha1:27646617a0aaced050feb1c4b530128d4cc7e2fe - pristine_git_object: b38dffbedbb22687e287b10a1b254021641ea1a3 + last_write_checksum: sha1:cf06d28123177c2bb06390d5981c22836daf9574 + pristine_git_object: 50b6733b2c7272b9e8c3d954b1585d3aedcd3ce8 docs/models/splunkauthenticationtokensecretauthentication.md: id: 498fa615852e last_write_checksum: sha1:2870aa627196295accfd9f39c6d097a0246556e0 @@ -16356,8 +16500,8 @@ trackedFiles: pristine_git_object: 200f131d3b75df94c6bb4931912bf3334fb6e2d9 docs/models/updatepacksrequest.md: id: 156d63ee1536 - last_write_checksum: sha1:aa162eb5d6ccb84ec08b013aa2360cd803d4845e - pristine_git_object: d2fa4ad9e36cca1be99d8b42868f8f59f35a820c + last_write_checksum: sha1:a1a3b00f18171470fd9d423c73d4374e46172e06 + pristine_git_object: 525525cf05ec81010afcc04f5326e9d85dd4df7c docs/models/updatepipelinesbyidrequest.md: id: 397f21319a79 last_write_checksum: sha1:3a17cf87fa71e032be037b849cf30d7ea40f756c @@ -16444,152 +16588,152 @@ trackedFiles: pristine_git_object: 847be3b803b5ff4dbfb77520314952da86466177 docs/sdks/captures/README.md: id: 7598191d8c6a - last_write_checksum: sha1:fe3bec69bb0d935b95f35b36437488710b5b62c3 - pristine_git_object: cce06a0712672f46c11542aa54c73a1cbf9b9aeb + last_write_checksum: sha1:75356831099603b61d7a95613c2dc6dbbace95c7 + pristine_git_object: 7c201e288eb9f8111f59ec0b8dfd576fd40a6c69 docs/sdks/collectorssdk/README.md: id: fb156921e8e5 - last_write_checksum: sha1:887ba8a7669d64d9d603e70cfea1ef23e95597eb - pristine_git_object: 6b3fd206070d624b140ab654eea7d17136a2daac + last_write_checksum: sha1:6c7e7b226a8978fa6ecb3b2a3b526843496ffa36 + pristine_git_object: 64d885fd5245cde6dce4062f6ae7fe662bd89135 docs/sdks/commits/README.md: id: ae81a8318c17 - last_write_checksum: sha1:0826465168d489360ba63440baacab87805f85b2 - pristine_git_object: f9591dc32c219a172d6b21336cbaa0defc8c0587 + last_write_checksum: sha1:383c0b2327083071c0620f9584245a9f4d0c1c80 + pristine_git_object: 2a3f907e9b828810610df0b9606c81c09324b851 docs/sdks/configsversions/README.md: id: ac0c3c5ebd05 last_write_checksum: sha1:5856e3d18f1e0f04357bbbe25ce124b570580fdf pristine_git_object: 06f1ee80018e0a22940439deed7e779518de15e4 docs/sdks/cribl/README.md: id: 18ac8b824441 - last_write_checksum: sha1:1a3e721c8ef3b9f3d77b9f89dcde205ad9b2f6c2 - pristine_git_object: 5d83fdc974b4c32e94b02364c9adb1060d6c6f37 + last_write_checksum: sha1:41a67497989bbdf4227cb5ea07d4a93644ed0dbe + pristine_git_object: c3b23522dabfafe04a8e6760580fae139f1afe0b docs/sdks/databaseconnections/README.md: id: ef33daf326f1 - last_write_checksum: sha1:dd6bea420f7b852b8938a53c001ddf2edc934ca0 - pristine_git_object: b29d4d8cef38c631665e010945c9c4624c81f9f5 + last_write_checksum: sha1:59272e71e60df83e36fdb465b20c5897ec304a4a + pristine_git_object: b8786c04e2728aca09ef316c2927ed1046ab7fbc docs/sdks/datasets/README.md: id: deb5d90f4faf - last_write_checksum: sha1:d98d3fdce151853ed9d34c2f29478a0781fdb25a - pristine_git_object: 09d625deb57e6e389d2a417584a44ce4759ae001 + last_write_checksum: sha1:7b24539d1d70cad4bffdb176f27988b998be2ce2 + pristine_git_object: 4b60dcdf5186054034841ba890cab51fae5868a5 docs/sdks/destinations/README.md: id: e83d288899aa - last_write_checksum: sha1:761876c83be59737fe86c8c3d561217c215c77c4 - pristine_git_object: 1ed414dec4770be73a793cf28c3d1d986936eee1 + last_write_checksum: sha1:a5f7d3cdf0c071f1281ba34e723d590fbe9476f4 + pristine_git_object: 95f006894fb358edaea0d56a272dfed3612172fb docs/sdks/destinationspq/README.md: id: 4e89748a1821 last_write_checksum: sha1:cf9b0caeb13183aa9c37c51af858d7933f63fe07 pristine_git_object: dc362cd3b8dd1667d88bbc136dd35e2290924728 docs/sdks/destinationsstatuses/README.md: id: 68cf1a676863 - last_write_checksum: sha1:1e43ff98943de46a19d44cce90a5a8644c8802b3 - pristine_git_object: 6b7e8d90110d8aecb43eb66496ab9ce6374f0ba5 + last_write_checksum: sha1:d9e92066eebc7d79dad70966adf6f1cdc73478c2 + pristine_git_object: 3a34067c45032fd965407051d4a70490d674b70a docs/sdks/files/README.md: id: e576d7a117f0 last_write_checksum: sha1:3f3260be82b21079710d2df4693cbb7bfb940614 pristine_git_object: bf67473f87e805c59fcc584661eafe6d4d8c2b3b docs/sdks/functions/README.md: id: 5c831af22db5 - last_write_checksum: sha1:d958f28fb52d237923777604fa436c7d66b169b9 - pristine_git_object: 08f8194407b3d8968e4c5c3f20a86ac3032867a8 + last_write_checksum: sha1:56f424e67545b10185909d23e4f555ad2a4be968 + pristine_git_object: 37aa77833b9fff9a330e76d3b0e00239e87cd14b docs/sdks/groupssdk/README.md: id: e1199079357d - last_write_checksum: sha1:07d8845e77ef9c9f01a9085569c74d6b3147becf - pristine_git_object: b737d0dc4df875267515fbee50929f0cf5759b14 + last_write_checksum: sha1:8076a3ff7538bbaba17d9fee68f98de3e5cb2ee2 + pristine_git_object: 6b1f6bec28e5b19e64b2b257f8ff9e149b54b897 docs/sdks/health/README.md: id: 5082c50d5e82 - last_write_checksum: sha1:d283e2518cc1d7ef9af8773a9599d26631890472 - pristine_git_object: 6ff5d3fbfdf6bcec0553e3ac263fbe2b044a8213 + last_write_checksum: sha1:21f5d400999da1910d0830d5e13c87c65d837bb9 + pristine_git_object: c600ef5435b4dd8eb97e3279b0fc43cf55777138 docs/sdks/hectokens/README.md: id: 341daeeec3d1 last_write_checksum: sha1:b6a06d3f9c4d857c421ac17c8fa21cf6aaf03625 pristine_git_object: 0284fc471dd3ea9226ba764d3dcfc9c950fe76a2 docs/sdks/nodes/README.md: id: caae80e86772 - last_write_checksum: sha1:814c95875526119ed2b5e2324614288f7ac356aa - pristine_git_object: 6269563d0d040bff9f5a2224c21abe92e71243c6 + last_write_checksum: sha1:b9fa4d50bf7360857e9105db1791075eee34496a + pristine_git_object: e03cf7e81f9b57f38cb42b43a2ea12cb32e10910 docs/sdks/packs/README.md: id: aea0b099af37 - last_write_checksum: sha1:a5db42bcb57ad3bdfdca2972098f0618a14e48af - pristine_git_object: 37e3add628501584b9b25ddd1be88503d85de64f + last_write_checksum: sha1:5e315c875dc1f52c827b0700a72ebedfd0d4b9b4 + pristine_git_object: a070ffa4e0fd7a6e029217e1859168d4d841aab8 docs/sdks/packsdestinations/README.md: id: 895ef2236167 - last_write_checksum: sha1:922b6a7599b99b8b52ca993f8833a4f0075fbb5c - pristine_git_object: 1a3ce8ed2e215c49e56ab5f79de878b17dd653d8 + last_write_checksum: sha1:ff76530bb7a26d1f142a1669936068ebbe2c931b + pristine_git_object: 2e57dd58659ee88bc38258d5853fa71e5685b7a9 docs/sdks/packsdestinationspq/README.md: id: 12a1d2d7f4c4 last_write_checksum: sha1:59f774129e343c5d5e9ee5de52e29c88586cc6e3 pristine_git_object: 49ac0c613c4cbd8601f5c0d7a2ffb2edd06104ba docs/sdks/packsdestinationsstatuses/README.md: id: b196484951a5 - last_write_checksum: sha1:1557ce41fd11ec9c003a49ee3d391179b7bea34f - pristine_git_object: 20a5a5bd4cfb764680a7ac604a4c58cfc2a096f6 + last_write_checksum: sha1:51143ee4e820a154d72857f32e990325951cc8b7 + pristine_git_object: db851da43be61a7474664b4b1da0120ac4bdd41e docs/sdks/packshectokens/README.md: id: 7c22dc9d7d8c last_write_checksum: sha1:60ae8f8d9048f49f7e6a4662b6b32ceec2ea8bb7 pristine_git_object: e95294c24d3a36379494a29fd0e3b820fb40e363 docs/sdks/packspipelines/README.md: id: b0262a36d64a - last_write_checksum: sha1:387c151c459e2a9f8c73d7cc511f0af2745b9839 - pristine_git_object: e35e1a2ba783b679dd50b9dc70b7014362d441da + last_write_checksum: sha1:571856fbe1ec31573aae6310b56be53b6b610ce1 + pristine_git_object: d7c3ed86bf9a1bf44b24b7d9bc10bdab4edc71c0 docs/sdks/packsroutes/README.md: id: a1fb73e27b09 - last_write_checksum: sha1:43ec4b5c541a8946fb720befc420e1e08c0f5c74 - pristine_git_object: d0921cf8c2784230e66d5f5d103580465d181b37 + last_write_checksum: sha1:915b8b32280584469eca447c0412adfb9112fce3 + pristine_git_object: 15c6c1e70de560b90f42dd13d499ceb904acfa54 docs/sdks/packssamples/README.md: id: d2c04868bca4 last_write_checksum: sha1:a20aebfdc2295d75be66fda9645cdb8964a815c2 pristine_git_object: bd6b29a4254b0bdc7095089ae8e52a3d67ca21cf docs/sdks/packssources/README.md: id: 91cf5c639969 - last_write_checksum: sha1:53d9b38ef40f4c97042ea823b26f134e2eb3a4b1 - pristine_git_object: ec7bcc06a9866d9ec2b699f395f784be94f1e2a8 + last_write_checksum: sha1:6fc4df35a628c9cb75935e91557975dcadc59056 + pristine_git_object: be63ff168d86473427ffb8987faa5fee238c466f docs/sdks/packssourcespq/README.md: id: cbbc4cefed4b last_write_checksum: sha1:2b679517ba7ac17426b0aa11fa43a73540672d3b pristine_git_object: c77d3279db2e31fed14737e8bb53b470ae172f2b docs/sdks/packssourcesstatuses/README.md: id: 8a23b6878d48 - last_write_checksum: sha1:8e2db41efc4f3bbd4ca8c746293eadb0f5f84f83 - pristine_git_object: c58e2b6376b4e4586815847a7e16a213eb3cedb7 + last_write_checksum: sha1:d260f5ed126dab7016f7c61b30042a5599efef9a + pristine_git_object: fb60b1242dfaf2f851172089e7679317de918076 docs/sdks/pipelines/README.md: id: 96306a4a5f5a - last_write_checksum: sha1:1c51c0a203836db94ccf8d95a8f5e0e5b01e833f - pristine_git_object: d9dca8b286eeb96f7dd773ae066fc8ed44cffafd + last_write_checksum: sha1:cffe518b7d9692494265b19242e467c3f988ca15 + pristine_git_object: ada74d7b5c4c7e32bcdd597b4f9c3143f3ae9881 docs/sdks/routessdk/README.md: id: 7c151891b0a4 - last_write_checksum: sha1:e988d409fc2ce9c4175eb394ab37e63d0f463021 - pristine_git_object: deaecac1f32102ab039c92f832622b6c559693e2 + last_write_checksum: sha1:23453ee0fb6407b94fa7b2aed2c92208563ea026 + pristine_git_object: 05bf85eb61e692aaf06fb6ca387c33d6f8986864 docs/sdks/samples/README.md: id: 2b3e67e9f9a5 last_write_checksum: sha1:b49079d6bdd44cbf3dc4eebdc7e2be0fc99f5c3f pristine_git_object: d38eef3519d38ec36983acf298c3289bd00b0a24 docs/sdks/settings/README.md: id: ffd4dbcfc0ce - last_write_checksum: sha1:1a3fc25af95bd54241ad921601ebe42e19b19e18 - pristine_git_object: da1ca9eefda648e64d521643395cba75c53eb02f + last_write_checksum: sha1:f30e2178376540d7e51da86dfbb9cf6a38bdbb71 + pristine_git_object: e1c4fdb92fbc75d35d68934e2bff954d45cfdd66 docs/sdks/sources/README.md: id: c1396b2a57d9 - last_write_checksum: sha1:1a8ab91203f652650a99c02bdac8c3373732f682 - pristine_git_object: 99cd583f0b53297dbc3e895dedb21ee696996eb1 + last_write_checksum: sha1:9ddfa4f04f47bdb39265f6bc45759c34bc02d516 + pristine_git_object: 9084f1432513537432920aa7dc72fd866582d3a0 docs/sdks/sourcespq/README.md: id: 08e24f4817a2 - last_write_checksum: sha1:a4057520151db2b1f3ddb932d0bb854107e7d6b8 - pristine_git_object: a1ba878a92fbb477c13e56571c8210c95aeca48a + last_write_checksum: sha1:377faaa55698bba01bcd187ef7a0eb161fde6795 + pristine_git_object: 587205c0379f7dd6a0b124baeb240270d2411169 docs/sdks/sourcesstatuses/README.md: id: c9e00b04b7da - last_write_checksum: sha1:038008f761202dff184fd2ec56a12c3e921a0a98 - pristine_git_object: fb1420ddce3ecc31c3e02a27871b2fa127eac403 + last_write_checksum: sha1:0418284b2b12baabc4f2d0d0d67d447b96c60797 + pristine_git_object: 9326ae16b8eddbd846bb4af25cf81a8f00be515a docs/sdks/summaries/README.md: id: 0cdf4b0d3508 - last_write_checksum: sha1:f8b490ee6197ac29b05ffaa99ce499c8993594f2 - pristine_git_object: 95b185fe0554eac7e21a5316729d6d4efca1b2ff + last_write_checksum: sha1:feb5d06f10a860f23a13d89ca826b01fe78808eb + pristine_git_object: 02a1a3cbc6f9f256fab6dc1e9bfd920a3d900720 docs/sdks/teams/README.md: id: aad657749b4d last_write_checksum: sha1:1227846ec84b2eb7e2916c439a9a2df01efe522f pristine_git_object: f62f7813f52d3f8cb0ce9578e52a3c0ff7106cf8 docs/sdks/tokens/README.md: id: ca61030eb3e5 - last_write_checksum: sha1:ea77256416cde05955a7abe7825a4dd2103d0739 - pristine_git_object: 0402082cefcbdb6dd37c0a1314681e9e25e0dad0 + last_write_checksum: sha1:9232c328a1de37328d5fde5eb6d40c9ecdfc50a6 + pristine_git_object: 8d46e0ef3916d22778a6a51d3029e1e055e5dba3 docs/sdks/versionsconfigs/README.md: id: 5019616c9cac last_write_checksum: sha1:d778a1aa3f451a71badd845ac1dacb697e386e02 @@ -16612,8 +16756,8 @@ trackedFiles: pristine_git_object: 1b74b5fc91dcf2b9df16949b77bcec9b03c49e2b pyproject.toml: id: 5d07e7d72637 - last_write_checksum: sha1:bb4e1a8cdec5a74e3581e379d37ad317090dc8da - pristine_git_object: 3e16900d4d760e43721db2dcb5f9f186b16e8593 + last_write_checksum: sha1:868c781c5e153bcc3659b6decca3d4b7873d8cfe + pristine_git_object: 8585d309dadb02554621f69985098f041fa47e96 scripts/prepare_readme.py: id: e0c5957a6035 last_write_checksum: sha1:a2e0d08bb2b147a5bab939d676620d1686f3b024 @@ -16644,8 +16788,8 @@ trackedFiles: pristine_git_object: b4fad0525f29a586b91348c6d7c51c642d1e9790 src/cribl_control_plane/_version.py: id: 9c8e5f14504b - last_write_checksum: sha1:0f89b46d34297d9eeb7ed257e76d39cce797b698 - pristine_git_object: b69ab37d7bd4e8f6d39ccc62e514dc9792ddbb90 + last_write_checksum: sha1:4c786eb108fc4eff6c439bf2b3b6aa5290f63ab9 + pristine_git_object: 6a5f557328aa18afcb1b6532e419ea98a404bf02 src/cribl_control_plane/acl.py: id: 0e865a719763 last_write_checksum: sha1:946b9e00ff4cd9f5c57d0b198caa87ccbeb13bea @@ -16664,32 +16808,32 @@ trackedFiles: pristine_git_object: f4a1f0fb5d8369ea6b48f4723183179d01a536f3 src/cribl_control_plane/captures.py: id: 459fd1010156 - last_write_checksum: sha1:17f515a653675018c5a1489291d01d94bd2d9029 - pristine_git_object: c79f359f02bcfe86f795dbc9a90dba0461e17dc6 + last_write_checksum: sha1:ce3d4175fd7bd82730fac2ce3105324ac9862316 + pristine_git_object: 95c95cc33987e9040ba0707a2655dff0393202ad src/cribl_control_plane/collectors_sdk.py: id: f84df60bc0f1 - last_write_checksum: sha1:93ddf1f9304ae7b58bb8650a49afc3b7d486ea62 - pristine_git_object: 7323d61890c4dba974d09d4a6419709195482296 + last_write_checksum: sha1:2f25064b3a3d389d6375d758931fbe657501985d + pristine_git_object: b949c92b8d28b7699fed0e97973f73cecd3c98a7 src/cribl_control_plane/commits.py: id: 77b962b3c68c - last_write_checksum: sha1:17f472a88cd166810463979d8a0fe8b952fab7cd - pristine_git_object: 075caeebdc2e0b7ec07842188adc268f6da24482 + last_write_checksum: sha1:8fcf9755a4062fefa40b8ca2a62b264ff5da1614 + pristine_git_object: 39797e2900c2f53b8a88faa437110368df7c6b88 src/cribl_control_plane/configs_versions.py: id: 412313ca833a last_write_checksum: sha1:a550e3d6dc65955c4229de0d1b7764e559b4e568 pristine_git_object: 7ac4f1b4a64fc3dffba578aac6bd4c674032c701 src/cribl_control_plane/cribl.py: id: e77153ef9ff7 - last_write_checksum: sha1:fd193055f81455f35e1be6442b9bc69d30d09f22 - pristine_git_object: 437167b36c9fccf192cf210232f2f2bb968a6e18 + last_write_checksum: sha1:9c1baec7273280023123934b98cdb4a58069774f + pristine_git_object: 7038625a7ad3dc2bb67bf96e31f150dbe6d466ed src/cribl_control_plane/databaseconnections.py: id: 96bb56ae9234 - last_write_checksum: sha1:0a9af0000c570884c1ca6b54d6d91c3d12bc49a8 - pristine_git_object: bd6af90f58797324e2d0f764a2755a710927a5cb + last_write_checksum: sha1:68aaff1bf3167687b78c865ed7ab794178640427 + pristine_git_object: 6afebea41dfc631cc54f267764b415068d77746f src/cribl_control_plane/datasets.py: id: ed509c41c7d5 - last_write_checksum: sha1:88cdea71d0a358b7021baecd41f8c58d78d781af - pristine_git_object: 0645182444018e35b236a62d340179c09024e0aa + last_write_checksum: sha1:f616148e06c7def54294440359cc5daed1f44aaf + pristine_git_object: a48c1e3f4ab54bfdfdaab8a5d1e58d686718fec5 src/cribl_control_plane/destinations.py: id: 36ffc53f2f7d last_write_checksum: sha1:323154501c22e7420a4be80a73dc65c27b4490bd @@ -16700,8 +16844,8 @@ trackedFiles: pristine_git_object: 7c6936a2beaa85cabc0a6288028b37e9dac3b8e7 src/cribl_control_plane/destinations_statuses.py: id: 69c348d86773 - last_write_checksum: sha1:7ae66372d6c04f7f86aab9a698069067285c3832 - pristine_git_object: f671ac4f8da510a5d424da8cccd755441347ad2d + last_write_checksum: sha1:b04c303d06dea39515e93cc7dc385b817cd71265 + pristine_git_object: 5489ae77f39fa7b50cb98470265b591ff566e000 src/cribl_control_plane/errors/__init__.py: id: d372d9a85443 last_write_checksum: sha1:47a692ba6a453661e7095c757c430eedfaf79799 @@ -16720,8 +16864,8 @@ trackedFiles: pristine_git_object: 758a2ebe712692fb95878b4bd87a97bb63b4cae7 src/cribl_control_plane/errors/healthserverstatus_error.py: id: 10d8810cf565 - last_write_checksum: sha1:3ac17a83a4f533b33e0afce6b66a319f4ca764a2 - pristine_git_object: d5a2fa487a6b64f3bc268ffedefcd58a08a39cba + last_write_checksum: sha1:be5bb89e2ad76997ba3c5511477599933190c35c + pristine_git_object: fbd684313b26390a8cd2eacf822f91b5f46eb808 src/cribl_control_plane/errors/no_response_error.py: id: 751c1eda7c77 last_write_checksum: sha1:7f326424a7d5ae1bcd5c89a0d6b3dbda9138942f @@ -16736,24 +16880,24 @@ trackedFiles: pristine_git_object: 7fa2640e788d7c443674354e5957c28054d1609f src/cribl_control_plane/functions.py: id: 48f6a1397f02 - last_write_checksum: sha1:2b86e15b30e4c04d49243f6095f27f8146bfdbc0 - pristine_git_object: ff7ecbd170ba87be3bee2f076ba966c917e5cebd + last_write_checksum: sha1:39994abb37033c95a325181a1b1fde14fc66fd8c + pristine_git_object: b39e208eb0107c62037e37e628e19824ccf02363 src/cribl_control_plane/groups_configs.py: id: 5e1a710f5459 last_write_checksum: sha1:42bf74770fe3045659b77bb258867b6c735e2c1c pristine_git_object: fe59e5a3f3f5dcc3e4d037dc66712008545534c2 src/cribl_control_plane/groups_sdk.py: id: 7f1c5a4615e6 - last_write_checksum: sha1:193b8c771e76c5535a1641990ce42df2143c12f4 - pristine_git_object: 6f4060bac43fffde4c7b3a1df2b23c8d3ef0626e + last_write_checksum: sha1:8a3691d951f07bb87ac897dbc8ea8fb3b34ad8f4 + pristine_git_object: a30cb558377c1f4aefb48acde6e25445ba55f24e src/cribl_control_plane/health.py: id: 511124a6fd49 - last_write_checksum: sha1:6aed1914fd7e07301cb9b201dcbe8c3a63250a82 - pristine_git_object: af5b0125227738d09fe3aa3dc7e8d8d7dce0843b + last_write_checksum: sha1:f2a4fdcbc335a66cbacd6bb9f7f8fe44b7e096b7 + pristine_git_object: 39519032aa8800d816f5c16fabf422780c93f685 src/cribl_control_plane/hectokens.py: id: d43fa881e02c - last_write_checksum: sha1:cd8ecae5ff6f5fd58f77fbfe8a3111df43d435c5 - pristine_git_object: a08f558acd7dd08fc2a37cc8afc02e90021362c1 + last_write_checksum: sha1:cdfc07ab1fdb4f8c2c6ce99c7dd44137940d29af + pristine_git_object: 9899bdc1375c86d05bd415cc168d2ce0849116f4 src/cribl_control_plane/httpclient.py: id: fc5018fe7f2e last_write_checksum: sha1:5e55338d6ee9f01ab648cad4380201a8a3da7dd7 @@ -16764,8 +16908,8 @@ trackedFiles: pristine_git_object: 63af9cb836903c89e3db0d04bb4f44141014de8b src/cribl_control_plane/models/__init__.py: id: 558fbe1bf6ca - last_write_checksum: sha1:0b2411cf2a6f0cf9e3c0bfcdb3be8348605f3857 - pristine_git_object: 4cdb6873933ada043dfacc325d46021fb263f046 + last_write_checksum: sha1:207361dbb02ea8a21de252ab754a8a9a455d5815 + pristine_git_object: d7d8a3bba25ba1dfbf29dfe9146658965a914ca9 src/cribl_control_plane/models/acknowledgmentsoptions.py: id: 2537877f09eb last_write_checksum: sha1:610fd67330eee25b0afc942d175a52130576ed7d @@ -16774,6 +16918,10 @@ trackedFiles: id: 1055c1f5e1e7 last_write_checksum: sha1:3e03754a489114108b644b59b3bb1f6dd6cd55da pristine_git_object: 621505f4ce6b63db39b279f90c3dc98c9bf61d32 + src/cribl_control_plane/models/activehealthoverlaystatus.py: + id: ec79522f7a7d + last_write_checksum: sha1:1cbe6c818016c0004d14aeb8377adcf4c971e3d5 + pristine_git_object: c1a062f8ac413348eaceccadc40159ee7453b15d src/cribl_control_plane/models/addconffunctionconfschemaaggregation.py: id: a3703f348f8d last_write_checksum: sha1:1c62ef449e761aaacff50b68ce6f000951556175 @@ -16890,10 +17038,6 @@ trackedFiles: id: 818905e6fae5 last_write_checksum: sha1:dbbd0d0212b3eec96ca8038d562d6a778c42fbbc pristine_git_object: ad0b7fcd99a8e5bf9fea4e45bf4627d919b9f540 - src/cribl_control_plane/models/authrequestheaderconfhealthcheckauthenticationoauth.py: - id: 97b7a9075477 - last_write_checksum: sha1:0515d020f601da4c7c8fd52bfc56dd0ca1fbc8ca - pristine_git_object: e57cc702a689900495cd6129d407917267a8f175 src/cribl_control_plane/models/authrequestparamconfhealthcheckauthenticationoauth.py: id: 9bb25cdaaf3e last_write_checksum: sha1:55947fb4d5cc023fa1815d9bfe63396766ed79b8 @@ -16916,8 +17060,8 @@ trackedFiles: pristine_git_object: 7a0b58679a73367bd28935cb1632bbf83863e970 src/cribl_control_plane/models/authtype.py: id: 293d568a3880 - last_write_checksum: sha1:4db25cbb24c73e1dfdb5f2dcdbc0503679279879 - pristine_git_object: ec4e9a56f158ca394114c6026791eebac9298549 + last_write_checksum: sha1:2acca0cebdf2d6513876468899434372ceee81ee + pristine_git_object: 24d79d214b3cca50327a6a3add2c2f525795d100 src/cribl_control_plane/models/authtypetemplatemanualapikeyauthtype.py: id: 17b5d60d7368 last_write_checksum: sha1:da8a19945c629b11eb6263f3592b97480db35a00 @@ -16928,8 +17072,8 @@ trackedFiles: pristine_git_object: 63f90b36eba9ddc3fe18c23fd2293287da574d8d src/cribl_control_plane/models/azureblobcollectorconf.py: id: a8075973ccab - last_write_checksum: sha1:054ba43b6ea6c3a7c13039ebd5f1cae531ebf6e3 - pristine_git_object: ed46aa300cf786528105cdda8e7bac0302d942b8 + last_write_checksum: sha1:bb95eddeccbe576b52439bb6a1ea885408dd358d + pristine_git_object: c7c0dd4f7261c9c01ade2aec00e99e3b8dabf509 src/cribl_control_plane/models/azuretypeheartbeatmetadata.py: id: 8369aafe4182 last_write_checksum: sha1:e3cb922187777c7eac9a87244bd19168e904bb91 @@ -16948,16 +17092,16 @@ trackedFiles: pristine_git_object: 46de880d4999edfe24fb6d9282ae5e4803959071 src/cribl_control_plane/models/branchinfo.py: id: a11fd1a87f87 - last_write_checksum: sha1:3c6216ca72f24c1658f21d5acaf72f98507e3836 - pristine_git_object: 61587e3822e6bd6d4e2292d9ca57ee7b1ff8e3ab + last_write_checksum: sha1:4a0e043a20afb341291e9ace677854373f0ed3b5 + pristine_git_object: 3195c05fc9500ad91e3274890dd58862a1cc7b82 src/cribl_control_plane/models/brokeneventprocessor.py: id: 40f725ce9396 last_write_checksum: sha1:342048a46c166e2d13df46ed1ace15d66608b709 pristine_git_object: 78f661f047932f87b34eac3737d6da89b174becb src/cribl_control_plane/models/cacheconnection.py: id: 653c3c5fd5e5 - last_write_checksum: sha1:458c99650cff744ff7ca1f37b0b65d4158176b5b - pristine_git_object: 7f487b5a25f55135e894f33fd10a8cc4ebff7158 + last_write_checksum: sha1:5509be4f5df557864d00980be76f688b00cef5b5 + pristine_git_object: 76364a173af6982ae98c138ddef48eb00a793cea src/cribl_control_plane/models/cacheconnectionbackfillstatus.py: id: 1b17ba247d1d last_write_checksum: sha1:c3d05ace0dd021b0b4ff45f17dc638246b810585 @@ -17030,6 +17174,10 @@ trackedFiles: id: 2df084c3e90e last_write_checksum: sha1:7d28cb33439bbbbea491e0acbdb2c3e8676a81c2 pristine_git_object: afee671f5e315dcff0da47eb56a388cdbd9119bd + src/cribl_control_plane/models/collectortype.py: + id: 328b932b09c9 + last_write_checksum: sha1:c0b2fe7f9e3d90bf2e9975d3b86c26f1d8ee8208 + pristine_git_object: 230b401765a2f1fade97cf15d16c0840d30baed8 src/cribl_control_plane/models/collectrequestparamconfhealthcheckcollectmethodpost.py: id: 1f611ba795bb last_write_checksum: sha1:a2ae8e2ed31f980b069a16eff42b29b5e1c35e26 @@ -17080,8 +17228,8 @@ trackedFiles: pristine_git_object: 9d143a7c25ae8cccb3b9a299d29222cc53fb3cfb src/cribl_control_plane/models/configgroup.py: id: 5b60884e2a58 - last_write_checksum: sha1:6ead7d6effc6f836ad63a3fce2adba455d8a1ceb - pristine_git_object: 7c8bfdd94ec062e9d058afb2effe671393e00c99 + last_write_checksum: sha1:691a3c75bbfc8f021a9840dcbc8ef244fdc5b71b + pristine_git_object: e32281d14c54d674082621660da7b990a5c0c0b6 src/cribl_control_plane/models/configgroupcloud.py: id: 3f53a654cacb last_write_checksum: sha1:daf8ec45c9e7a1f776fabc6756aa1effd6dc0baa @@ -17100,156 +17248,156 @@ trackedFiles: pristine_git_object: 80252685b7732324f9c02d5ebc942d7c4ec8b97f src/cribl_control_plane/models/countedboolean.py: id: 7cbc445850e8 - last_write_checksum: sha1:fee67e7653a921cfe97bba6e6577fcb19c66e9fe - pristine_git_object: 644d62430441ca0a5b372d183fbceccc0f175268 + last_write_checksum: sha1:d228e149d16f3a82c8fbff095121fb6d6a24c4dc + pristine_git_object: c1916bfa91d74d8527e59952d81cf5fbe33c3ef6 src/cribl_control_plane/models/countedbranchinfo.py: id: ebe1c1f31c50 - last_write_checksum: sha1:4924413f33854ddb5d60b5415531f8e86f7050e2 - pristine_git_object: b7110e22f74df51ad75131557fba57d728e274fe + last_write_checksum: sha1:7bd4e807985f9d078a35a8b76490d6d911883c06 + pristine_git_object: c056e87dd410cfd0c42a7523fb49cb89d38228bc src/cribl_control_plane/models/countedconfiggroup.py: id: a02ddb0f1b74 - last_write_checksum: sha1:8622baec0f87d7d9b16ff82062c784a07efddee2 - pristine_git_object: fdc1df0ff12f599d6265a1597855cf3683cf7871 + last_write_checksum: sha1:ff87558e861099ab5db695a23ec68260cfb629d7 + pristine_git_object: afaae2f2c47d0d123b81ebc7e1abc254e7f7c3a3 src/cribl_control_plane/models/countedcribllakedataset.py: id: 50d88c37bc12 - last_write_checksum: sha1:09bc2a1ad204af4673ef97f09551776d5a889685 - pristine_git_object: cc27102655275f11b05389464304304d7f265d6c + last_write_checksum: sha1:862bd30fd56d381cce9f26fc22ed9fcd2fca56da + pristine_git_object: dd9aff9715018dd61cd95dee9f1d14cc0b9dc72f src/cribl_control_plane/models/counteddatabaseconnectionconfig.py: id: 61f7367beb04 - last_write_checksum: sha1:d0578cb026eb09de9cf55bd39af448d09e4208b7 - pristine_git_object: 7c9d1cdfc3d5c114e3e85ff65e224972097479d7 + last_write_checksum: sha1:c9ea99ffc17e114ae67c142fafaad92e90c0919e + pristine_git_object: ed95193e99f7a1f1c8fdb63785b572bb3db2eb9d src/cribl_control_plane/models/counteddistributedsummary.py: id: 43000533afde - last_write_checksum: sha1:4ae2088df0172dedbdadabdf1942d5bb11e77510 - pristine_git_object: bf4673b46180c68f920d75ef802bd037fd648369 + last_write_checksum: sha1:f9986ee8d34c1d78517fa059e262a97e8f528ca6 + pristine_git_object: cb1acfc8cd9a02c4374f2c7cacf04de627f89d79 src/cribl_control_plane/models/countedfunctionresponse.py: id: 7a23fc8b2c52 - last_write_checksum: sha1:290265d7073bdf4a3fd62feb6f96ba01fc9676c1 - pristine_git_object: 8ae16312a74976b8b166633f496324255fd359c1 + last_write_checksum: sha1:6ae13991e80989f5b6117a38c79d17f0e6956d37 + pristine_git_object: c543fca3227d703c17444e875fdf9ce4e0546e7d src/cribl_control_plane/models/countedgitcommitsummary.py: id: 4b41af9a0e3e - last_write_checksum: sha1:884cd4a5b9b92ec0984af28ee4a62aaa9464184d - pristine_git_object: 8d9b9d714c1b4aa91706d3569fcdbb731403ee55 + last_write_checksum: sha1:1d7fd836ddd110cba5eec87cb0f3265dfd38e34f + pristine_git_object: 1bf17a0664670e993975abb6f768178d8117d760 src/cribl_control_plane/models/countedgitcountresult.py: id: 5d7056ed467c - last_write_checksum: sha1:f66f0be446d621b37604d60dfde4e6921835695e - pristine_git_object: b141acad8404fb4bf61c3f5aabfa73dee23c8fb5 + last_write_checksum: sha1:b1599c25b470766d125d07a310c6dadf5148a439 + pristine_git_object: 4f73600aa1d363b3c763a485d71b00b1a9cfcce7 src/cribl_control_plane/models/countedgitdiffresult.py: id: 931bbb03ce56 - last_write_checksum: sha1:62e5fe66c4b42597c64c545076839367dc2647aa - pristine_git_object: a67f5cea54c94e88330a1b2de568475f52328b99 + last_write_checksum: sha1:0c12c09184c033c06666920872d80c164fe1c3f0 + pristine_git_object: 027f3098c8e073cc38bba31526e5d9f505ef0e83 src/cribl_control_plane/models/countedgitfilesresponse.py: id: 7645d17b436c - last_write_checksum: sha1:c9f0ac1b2875e5178d1e22ce004785f309b5c00a - pristine_git_object: 84a952fb536b6b2263776fc17c35dcf6048546c5 + last_write_checksum: sha1:6abcf4cae9b03b8df9e077834c36c662c9462a2f + pristine_git_object: 50625850504cb22b5118c66935f53d16130fb3e9 src/cribl_control_plane/models/countedgitinfo.py: id: ba429b2a6f60 - last_write_checksum: sha1:36515c8a6aedd22dfcdca79632df8104aed4fc33 - pristine_git_object: f3f3367e3a536e429fe2f5d61728536506d74d73 + last_write_checksum: sha1:7f7cd170b635e9753532ced3bf82a77ddee65d1c + pristine_git_object: 524c1cc7d270c4011426189e21b0e7fddf48e2ae src/cribl_control_plane/models/countedgitlogresult.py: id: 7b3e51a9be7c - last_write_checksum: sha1:a858194beca47f28c01c8ad2844c3f5803bb44fc - pristine_git_object: 6dfa03246855f17d1f090e17977b29a47fe4dcf0 + last_write_checksum: sha1:be3d5a82c067c3329a76c403d0d09050169eb4b2 + pristine_git_object: 5580551158bf5a584d4644fda8e8eafb8a23f04a src/cribl_control_plane/models/countedgitrevertresult.py: id: 7087b1f38284 - last_write_checksum: sha1:e4e2be53170f04d9686c9951919e14fec2a65657 - pristine_git_object: a1231bd070a2e39350636a0a391be2a4596398b9 + last_write_checksum: sha1:6b8c4e2f0fe9ec139683e94ee34f10f0c757f6cd + pristine_git_object: 943bac7623c93cb50383777d1b6ab8f89a78dab6 src/cribl_control_plane/models/countedgitshowresult.py: id: d380a585410a - last_write_checksum: sha1:9e479906acfd7ed0696456831720daac2406b796 - pristine_git_object: 93132b5db4b314fcd071d6836a57ba6ef62bb2f3 + last_write_checksum: sha1:a49497d3573bd2062deeafdf1f7e868b832a3fcf + pristine_git_object: b68460f84948f4e855293f1a157e09aa5c7f36ef src/cribl_control_plane/models/countedgitstatusresult.py: id: b4c9564ae736 - last_write_checksum: sha1:1a0e504d86f3fbd4d680bfdff00a3f3dfd09ca9a - pristine_git_object: 05e1352be71979ff5003d35b1bb96cc5f1a190b9 + last_write_checksum: sha1:d9164683e296dbcda5c677a7b7ec505cb32e4688 + pristine_git_object: c15fe53bc95320b3c9c941025b09428de72c381b src/cribl_control_plane/models/countedinputresponse.py: id: 3d905a63038a - last_write_checksum: sha1:00f6f1a15399aca66be4c8bd367dcc1444ba6617 - pristine_git_object: f0736a762a8282bbe7259e127f4aaba032d7fb24 + last_write_checksum: sha1:3c5ff959c8a8a309bfa2275851ee7a4196b6dfb4 + pristine_git_object: ab0cb02237d955431ca9d23aeb9cb89bd6d4e012 src/cribl_control_plane/models/countedinputsplunkhec.py: id: 3c1bd759857c - last_write_checksum: sha1:2f977ad071a143340ce6a4ea6f45b0c5bee8261d - pristine_git_object: 656bc438bb272ec35187098deb4f00b8ea529969 + last_write_checksum: sha1:42da1215878eacd9499fdc905beae1e261c3411b + pristine_git_object: aadea63de81d6f514beecf906f2ebd28dba3f1c7 src/cribl_control_plane/models/countedinputstatus.py: id: 90f0a4489b9d - last_write_checksum: sha1:d957f9d54329140daf4a019dc8a5341d002b4662 - pristine_git_object: d883c6bd72c828a178b3a98ecf10edbbf92e9fef + last_write_checksum: sha1:291d89d3d7f97ee69e01c2ea28499e8904ac920e + pristine_git_object: d70792b3cfdec20b7eb05101675c5bd9bf45e195 src/cribl_control_plane/models/countedjobinfo.py: id: e0f64f751352 - last_write_checksum: sha1:1555496acff99e24300be14872666592be6b4d20 - pristine_git_object: 758bc12069857490ceb71ad58ad26ed55508a404 + last_write_checksum: sha1:a1b88302ee8b5009afcdab141c2f7be57b4d4dff + pristine_git_object: 99d2aca5e47ade7caf20b00955faf96804d22191 src/cribl_control_plane/models/countedmasterworkerentry.py: id: 5d75edaca7f8 - last_write_checksum: sha1:6c0237c4b8ab755c600fa7f0e4a60f7899801b0e - pristine_git_object: 5463e62189caa8f7db583ec45727bd72fc4a25f4 + last_write_checksum: sha1:88f9e86faf4cf11a421f02eaf3d2c7ae6c496fa4 + pristine_git_object: d0d479125b0bd367b2eeff15a521ab4e988e4f01 src/cribl_control_plane/models/countednumber.py: id: 814e9e08a4b4 - last_write_checksum: sha1:c3c3ab85bd8134898c798836985184b52762d34d - pristine_git_object: d2af62805a13d50bcbeff0e2f1aac69fc2ad9a11 + last_write_checksum: sha1:c7262c7c5bd53d45cee0d9b1472c17e45a3fe2ac + pristine_git_object: 31e6e0584e824e93971a57d4e0d2008c66418003 src/cribl_control_plane/models/countedoutputresponse.py: id: 6398c5bb78c1 - last_write_checksum: sha1:6d641c631b2b688658eeb919ca14678172552d25 - pristine_git_object: 38b03d058dd3dcb9c4b2fe3d0652952609dd96af + last_write_checksum: sha1:edcad89186a23979e7295eed4bed71e7853a1148 + pristine_git_object: 4877f348f806f696953c8d7b2a0ab68021875965 src/cribl_control_plane/models/countedoutputsamplesresponse.py: id: 8fcde02eedd8 - last_write_checksum: sha1:adc247ceac548d9aa0eb88c278ab4d36bfc45617 - pristine_git_object: 49ae98566670f1d800e46adcf7ef118811648ee6 + last_write_checksum: sha1:8ae56b3514e06a87414dda985db21262b1d382ae + pristine_git_object: 85ad39101f1d04819e8f94138c0fa2aa6943ede1 src/cribl_control_plane/models/countedoutputstatus.py: id: 9e49d0e78d0e - last_write_checksum: sha1:fc4ada9d76c73208036b0f33a116c3d0bd5d1b24 - pristine_git_object: a2b463899d17a57fd9450ea4a6e67a0d805c9cec + last_write_checksum: sha1:6b346ebada0afb1069551c45d52394a26a9cc3cf + pristine_git_object: 7ec809e67e1ad638d3c0abf7c505ea0a42fb4c2e src/cribl_control_plane/models/countedoutputtestresponse.py: id: 68eccf5489d4 - last_write_checksum: sha1:f455bb1ee9ded0b414a2c10acd6fe2613282bf52 - pristine_git_object: ed7000c477e0f23d5c2d6d0f756eee85bb0e47d4 + last_write_checksum: sha1:57c98328dab3925e754552fbcb0903ba2eb75008 + pristine_git_object: b916089190ec37f3dffaf156c2b6cd445886347d src/cribl_control_plane/models/countedpackinfo.py: id: 1fb436a54b55 - last_write_checksum: sha1:cec5a25b9b8bcbc8eba6dbbf15eec145f0360841 - pristine_git_object: bf7d6c4d61b21e6a554ba1d3c6fd6c3e3f32b419 + last_write_checksum: sha1:a1aa8cf8a522ca3128311173cde558ac1cd2af35 + pristine_git_object: ea0d48f9b24e7de93481b041b3a27ab370f1922a src/cribl_control_plane/models/countedpackinstallinfo.py: id: 98dd40e065fc - last_write_checksum: sha1:8764e03125e7359f433329b292152d1d46c0fffd - pristine_git_object: eda5dab6fdf1687dc251b24c1d72cab5b27a4839 + last_write_checksum: sha1:2babca567a7870f572eb5466080ada63b3ae5182 + pristine_git_object: ea0435914d12528a734cfed3c623c469002bd7d5 src/cribl_control_plane/models/countedpackuninstallinfo.py: id: fdaffe9317b7 - last_write_checksum: sha1:5f109ab183a3139b1dc0fe5094bafac49e193cfb - pristine_git_object: 90a35b92ebdd96867d91d0bd3602378313a44eb9 + last_write_checksum: sha1:4d1c2fa702711f2282121bd0db52896544239a16 + pristine_git_object: 3d3a6d5bdcd22f06b74c44c6f38e9670c4b218db src/cribl_control_plane/models/countedpipeline.py: id: 6086a4e21e39 - last_write_checksum: sha1:1b3e90ebe14ecb92174c23439baf843db56c633b - pristine_git_object: e61605910c93d05f16bae33c03a58b81700d1302 + last_write_checksum: sha1:f3873a771e79822d9a4be5182d4e9a2608018cf2 + pristine_git_object: 37388077ea3fc8a0e196d11c986b4eea5f5f45c0 src/cribl_control_plane/models/countedrestartresponse.py: id: be2f954effb8 - last_write_checksum: sha1:9ac41e7cfb67b44ea7e5f3465175cd5e24844d84 - pristine_git_object: a121a6fb2f623875a4fa706d2609477f75275b27 + last_write_checksum: sha1:3efab67a51d88116ae3808af30baaa4e0e6e17b6 + pristine_git_object: 367fb99c4d34bb9366e81863c80368b0202975a8 src/cribl_control_plane/models/countedroutes.py: id: b2b8034f2b94 - last_write_checksum: sha1:3f0ff0919ab447c261e0e7a6779dee29e6ab1c37 - pristine_git_object: 4d0e265f228d7c226285d3fab47ec2f05fc1eb02 + last_write_checksum: sha1:91f90523d41deafab121473393f1e77a96d461ab + pristine_git_object: 37887fb06326e2639f6199411655d92b9a8138cc src/cribl_control_plane/models/countedsavedjobresponse.py: id: 4369c7a2cd37 - last_write_checksum: sha1:f4c755b55098f81261d78b87f5885386c17923cd - pristine_git_object: 1447a3f71c8d22720b67c2d344ed286226f9fa09 + last_write_checksum: sha1:e8fb425761baf7c0c21f7a4468bdec69d494b7e9 + pristine_git_object: e1e81e9e6d8caace3e7c976f4b9fd7bb7dfce914 src/cribl_control_plane/models/countedstring.py: id: a23c0c56d457 - last_write_checksum: sha1:a32daf8936f109c5ac75801b657d562535ecf116 - pristine_git_object: 53e79f5c488cd72a16cafcf49e1169a4c20c1e40 + last_write_checksum: sha1:a82ead2d8b6270904ccf6ebf2513ab7c86938682 + pristine_git_object: f374790cbaa6eecb9c000d3a142cfcaf3cad5e4c src/cribl_control_plane/models/countedsystemrestartresponse.py: id: 060d943612a6 - last_write_checksum: sha1:8efe2bcbbeb420e2fadb3b4dd97ecc0ed21acfbd - pristine_git_object: 6d56f76019abfb0852c62229143d8bc135b24a4c + last_write_checksum: sha1:f93ee058807f02d5c634b34be0d092dccbd2a078 + pristine_git_object: a110823e6cdf8fbab494b414613f2f9ddae4d9a8 src/cribl_control_plane/models/countedsystemsettingsconf.py: id: c8bc69dacdcc - last_write_checksum: sha1:35eacef3d4c7a609bf91517d4f31e0c7e1415b24 - pristine_git_object: a6c7c2040a35db59a15e04cb81d4512170e7e15c + last_write_checksum: sha1:28ce2fd1c6bf03f6a1cfa6ed6b4ac4876dea52b0 + pristine_git_object: b8a29c80b58ea2786b53c753fdb1e3dcfe12a2b6 src/cribl_control_plane/models/countedteamaccesscontrollist.py: id: a299c0bb7712 - last_write_checksum: sha1:876b641c2b66ebf24c52f50179bd66184dac1a51 - pristine_git_object: c1b27a9ecf09f72319db1bafa8b14fd13d8a4483 + last_write_checksum: sha1:aa8a9d42f347c3cea743fb54f0198ae57a0cd39f + pristine_git_object: dcdefa9705fd3489849c1e6dc25e424eed52f9ec src/cribl_control_plane/models/counteduseraccesscontrollist.py: id: 42c92ec95b5f - last_write_checksum: sha1:98c4b6684932ffa038ae3c0c25d941e1b8f9504f - pristine_git_object: 21e097a86f73853a8b138480dce749e64281e812 + last_write_checksum: sha1:3e07e0b6858687a4f64784a097cc1f5dbe0b8cc1 + pristine_git_object: 0196fd05456fe4b239bde5fb9ec4dfbb5b67fdf8 src/cribl_control_plane/models/createauthloginop.py: id: 00d898e86c94 last_write_checksum: sha1:251765e987a79d904b0bdf90182d325daac5a09d @@ -17264,44 +17412,52 @@ trackedFiles: pristine_git_object: 7dfe7cee25e0723decf70192966daa935a210420 src/cribl_control_plane/models/createinput_logged_in_users.py: id: 470e1a13290e - last_write_checksum: sha1:c7f0076e568ab76457ae2a7f3beba8c1fba0a53e - pristine_git_object: c5dca4316f38bf464ee8de494b03e5046ae86427 + last_write_checksum: sha1:8b6dfbcabed1531fa05a47dc78bc93d3a2a5f73c + pristine_git_object: dc87e1325e3dfcad932167f7c72abed36dcb7614 src/cribl_control_plane/models/createinput_request.py: id: c2056b755125 - last_write_checksum: sha1:42b31c5c3419a59a09087633a8de4b026083d6ea - pristine_git_object: f6f5717f3334a3658ce1950cb57e243903bd652c + last_write_checksum: sha1:4e480ed98b8dee14d80f18eaa2e4c6034c3f83d9 + pristine_git_object: 0e9a26db5441c0432c5fd41087ec8309a12268af src/cribl_control_plane/models/createinputhectokenbyidop.py: id: d2a2fc31d146 last_write_checksum: sha1:3f7d4b12adf786a50235db93776c854ad3947fe9 pristine_git_object: eef650237597a777cbd36dd230a0832afbb67960 src/cribl_control_plane/models/createinputsystembypack_logged_in_users.py: id: d873cbeac6fc - last_write_checksum: sha1:a2bf9c2d20bb2cdccf927621deb5c48ff412e3e0 - pristine_git_object: d3e0b0831e19f5fe841c594f106ddc810b937eda + last_write_checksum: sha1:7d25b17b0a97e399c0c72a6fc486e2dc111acec3 + pristine_git_object: 74e3000a5f3eeaec8b1cf63247309e1b836e015c src/cribl_control_plane/models/createinputsystembypack_request.py: id: 9a05ed789849 - last_write_checksum: sha1:14aa478f1313e88f4b179458c5adc3fce70a6ee2 - pristine_git_object: e03c7b297de321ee2cd08678cad7eb90235c442e + last_write_checksum: sha1:4fde745d8bb15525a9b36090f1f38c88153626d3 + pristine_git_object: 0205851b25e9e7534c9b9b04339c2147125afb7f src/cribl_control_plane/models/createinputsystemhectokenbypackandidop.py: id: 20d15344dcb5 last_write_checksum: sha1:b6cdc4ad942b4188b7fcbbbbfb85ed2a7692ed08 pristine_git_object: 517c38e4cd8df3e03f3464625bc2e1c750f6c7ed + src/cribl_control_plane/models/createoutput_outputwebhook_url_1.py: + id: 644c80fa94d9 + last_write_checksum: sha1:486b00ff9e8dd6fa891178b5adf867dd2e6b1ac6 + pristine_git_object: a2085cf732157bf2d7c4cf3c286fa2cfcd21cd03 src/cribl_control_plane/models/createoutput_request.py: id: a8665c8bc75f - last_write_checksum: sha1:50b93fa780da4b9ec9e0268fc68a33347457bf40 - pristine_git_object: c279773e196b49500e9d362c2f296d0de0c46b3f + last_write_checksum: sha1:97d35df8b20ddf225ae8bf3e050ad07f023f6eec + pristine_git_object: 3c0d4719076e7038e2e98200f4c2e3b91b0e4ac2 src/cribl_control_plane/models/createoutput_type_statsd.py: id: 3f6011d31a6b - last_write_checksum: sha1:ec4df6be1912e52719499f72048d59830ab6a2e8 - pristine_git_object: 7ef5d8228687f17b883a5188a332a71a81597823 + last_write_checksum: sha1:cdc24dc3c3766b798ac42c6b2dbbdef56643ba21 + pristine_git_object: 914706a8aecc5d7c868e03b053ee431da6632d55 + src/cribl_control_plane/models/createoutputsystembypack_outputwebhook_url_1.py: + id: a1177d5d9006 + last_write_checksum: sha1:a8d10d64950fb47f08c3f7050e7946c17ed2b8a0 + pristine_git_object: 5e70f3739e19504e3ad81a598a7cf14542d37f2a src/cribl_control_plane/models/createoutputsystembypack_request.py: id: b47a50bc9cb8 - last_write_checksum: sha1:3e33f18cc291c2c835693d462897e5587dcafd96 - pristine_git_object: eef72f50a293972c65e2abc425abdf08f56cf56a + last_write_checksum: sha1:226e0b24f35e8fce1534307632e9fb36e51a6b1c + pristine_git_object: ebd3ea1e7d54c27df06619697fa1436430e08553 src/cribl_control_plane/models/createoutputsystembypack_type_statsd.py: id: f3df7248b42c - last_write_checksum: sha1:364cd4a29a2175df16ad0a5af2fd6447e7ed008f - pristine_git_object: 0b3595c86240da2bb0f35d498d1a4e66cc59e286 + last_write_checksum: sha1:e68a892185ca25774a9ede624f994c6607b916d2 + pristine_git_object: d305cfc43cc272ee8786c7f2de5f9f40c62e436e src/cribl_control_plane/models/createoutputsystemtestbypackandidop.py: id: d061fc4b3fff last_write_checksum: sha1:5f591b9f2193252a9d83e9fe29734906f95b6c5b @@ -17328,12 +17484,12 @@ trackedFiles: pristine_git_object: 34785c89c05d3dd548db05ce55c229b07b0dbfde src/cribl_control_plane/models/cribllakedataset.py: id: f65290fae1ee - last_write_checksum: sha1:006c4965051007978cd5dabe78511d3ef781bd0d - pristine_git_object: a68255b420cd6e46eef1809b2e1ecbda29fc686f + last_write_checksum: sha1:16b128393bd9da84055955504dc03d1212e35b90 + pristine_git_object: beb2ce4dc43b651475e886ab477978e3ff6f7484 src/cribl_control_plane/models/cribllakedatasetupdate.py: id: 030ec8ded8ae - last_write_checksum: sha1:3c866e6cdfa2d11388fe7e4295b87dd24fd701e3 - pristine_git_object: f766329aea536f9fd8659ea2f208097b2385c13f + last_write_checksum: sha1:ad19316300d30fb0d00c6dec828e77050c80cc27 + pristine_git_object: 8e59cee86b0092f2b5914ff11b7673f0723e3bdf src/cribl_control_plane/models/currentbranchresult.py: id: b03cd82b5d52 last_write_checksum: sha1:8b481290a97872c095e7ed949808851c76a1b09a @@ -17368,8 +17524,8 @@ trackedFiles: pristine_git_object: 8cabef90785df56d6214c1985324109c20100b00 src/cribl_control_plane/models/datasetmetadata.py: id: 41f9523c8ccd - last_write_checksum: sha1:30ca596229d00889fc24285a7b5978d8492c4681 - pristine_git_object: cba351fd42de722d50eb83548a17e2ba591bbc07 + last_write_checksum: sha1:18f91b78ed4f74d9b6b60348b126db13b2464981 + pristine_git_object: a82cab6a6050444de79f83b3d2f4e883611b9a77 src/cribl_control_plane/models/datasetmetadataruninfo.py: id: 43d70d8a6465 last_write_checksum: sha1:3e1204bfdc1326a4233e876d47dcceba5af4723f @@ -17448,8 +17604,8 @@ trackedFiles: pristine_git_object: 85580e06b41b2873db670966df086d770eaae242 src/cribl_control_plane/models/destinationtype.py: id: 3bac940576a3 - last_write_checksum: sha1:e18c319b7531c2074e2c107cc805bc14e1458e95 - pristine_git_object: 622950d80f1184b0860108214824f8d23f031fec + last_write_checksum: sha1:30e83bdbd5f7578a7d06ee7ef1f2f244ece335a0 + pristine_git_object: be073fe56a53dc6109dad8130161abba8fe2f616 src/cribl_control_plane/models/difffiles.py: id: 76d032a8c166 last_write_checksum: sha1:7b58ec48715cdeacbbf81d562d61c50b0d99a287 @@ -17536,8 +17692,8 @@ trackedFiles: pristine_git_object: 0459af7f4e8b8d31dc5be9d295ca102561f474de src/cribl_control_plane/models/formatoptionscribllakedataset.py: id: c65d200f56bb - last_write_checksum: sha1:a30b824efd6d9ee874c88c2c1df2e023cb27445f - pristine_git_object: c2a360ecf9839713e69938a8a24d91ac7aad8548 + last_write_checksum: sha1:c936f6b05d92bc990d3268fd31a221bd60ebdd9b + pristine_git_object: d082b69680b8490de33c580318aa4d07038e0264 src/cribl_control_plane/models/functionaggregatemetrics.py: id: 3320766fdbfb last_write_checksum: sha1:3ddc7f5eb5b0ed06edd24164e7af8e52dc4ab6d2 @@ -17964,16 +18120,20 @@ trackedFiles: pristine_git_object: e13142cb7e4dd26c863326d893a1c8149973e827 src/cribl_control_plane/models/getcribllakedatasetbylakeidandidop.py: id: 1d70d2ac9aac - last_write_checksum: sha1:452a1a74a37ba79514c674e1757d9abcf6ecc583 - pristine_git_object: 76cf2b65340f77b11bac13cc9ab8eff4f14c0f85 + last_write_checksum: sha1:d9d7f5ec2d260af2a35971884b7efd9e2f9b1847 + pristine_git_object: 9c14b9986a21138c74f9e49760577e8eb97fe23f src/cribl_control_plane/models/getcribllakedatasetbylakeidop.py: id: 2bf0d8c8f207 - last_write_checksum: sha1:a32542b4b87449b4871ed50e5725c4c57246ff92 - pristine_git_object: f54eaf866ed1fcbd237c743316a7f3c7f3c1e661 + last_write_checksum: sha1:b9b01423ac635de744ae6094ec3fce03a4dfe829 + pristine_git_object: 0f5ace3af247d8c1cdfdc6a57e61935c6e9661d2 src/cribl_control_plane/models/getdatabaseconnectionconfigbyidop.py: id: c28fe8c2f294 last_write_checksum: sha1:54a5079215e8cf1bd2d3e62f98e43a54bcf72348 pristine_git_object: 3b99e8f4a5c89626bef5483e02e98b455ad08154 + src/cribl_control_plane/models/getdatabaseconnectionconfigop.py: + id: b73978213c4f + last_write_checksum: sha1:100ce222867ed79d85553f3923efb06a8eae78a9 + pristine_git_object: bc3290f2545c9d33ad3aaf733071f91b01cb1d02 src/cribl_control_plane/models/getfunctionsbyidop.py: id: bc51786995a6 last_write_checksum: sha1:ec77c173500e97ba7114d898fb2fd69f523fad3f @@ -18112,8 +18272,8 @@ trackedFiles: pristine_git_object: 7eec4197fdb9d22407f585f708953fbf6bcc828a src/cribl_control_plane/models/getsavedjobop.py: id: f0dd5e40b232 - last_write_checksum: sha1:97359c9ab1a5fd6c637fd65cea4fa2993a238bdf - pristine_git_object: 0caa1018270f31727430210b2bc8ff2245d05def + last_write_checksum: sha1:863f580a8f1fef48ae7f9db239ab448e64d55756 + pristine_git_object: 52fd8f3166aa8192eeab0bd68288271fc4f74310 src/cribl_control_plane/models/getversioncountop.py: id: f403544af82f last_write_checksum: sha1:93cfbfe402d8d872a48e22d9ab67863d31f404eb @@ -18200,32 +18360,36 @@ trackedFiles: pristine_git_object: 9b9dc9652ee25d79f0eacf2149e3f68ed876ec72 src/cribl_control_plane/models/groupcreaterequest.py: id: 2993a38accbd - last_write_checksum: sha1:9738066705398f6e629164c758f2710d28dd7759 - pristine_git_object: 04f21f1d54b6d4afd34ce8e066f8f8d073460ce0 + last_write_checksum: sha1:838767cac7463be5436e388de6c50a228c968ed1 + pristine_git_object: f3842f4a3d7bde9e2fb6a6f5a359161226cfafe8 src/cribl_control_plane/models/hbcriblinfo.py: id: d1662d5e9727 - last_write_checksum: sha1:8190978a5533dc2b3e67139ca41c8af60891a087 - pristine_git_object: 3a2882e5b56493353d37b8c5fb8eb67523a7ace2 + last_write_checksum: sha1:510df55f63338f5d18471166651eaa50b3db950f + pristine_git_object: 78d07e612f3e6c5b806a85be994cb628bbdccf2b src/cribl_control_plane/models/hbleaderinfo.py: id: 76db1d8ca963 last_write_checksum: sha1:d7cf3649b324bacfe324b0918b0227282b0c6e25 pristine_git_object: be9b10b8d060d10ca092e00c0f885e8ffe617e2a src/cribl_control_plane/models/healthcheckauthenticationnone_healthcheckretryrulestypebackoff.py: id: 7f6678eced57 - last_write_checksum: sha1:1a5404616fd7a176fa4e96bc101f1097e64f22b8 - pristine_git_object: 90b5377f40f005b628c30f6d01319b9887c9efd5 + last_write_checksum: sha1:5a4ffc7bb5959b8e8dc7953ef7186f86d944c097 + pristine_git_object: c2ba4fcfd2a0749613c5511a7b2027fba350cdeb src/cribl_control_plane/models/healthcheckcollectorconf.py: id: cebeff19b6d8 - last_write_checksum: sha1:010bd154d239cde67c8c4a074cf00a308645bb73 - pristine_git_object: 3586826cc795a4d60b0e7e7753f4fc5dc45f53d7 + last_write_checksum: sha1:ded56c6cf08174017a49d1d049fda174249edfec + pristine_git_object: ba5b62f18f70413b12c9a9b2e3f23ee62dcdd10e src/cribl_control_plane/models/healthcounttype.py: id: e05460975fbb last_write_checksum: sha1:866af2fcb4e23ca51a5a2aa87b1847c2a5c40a2f pristine_git_object: 23ed7c5bbdb02aa0453f5a1cabd0174bf9ce87c7 + src/cribl_control_plane/models/healthoverlaystatus.py: + id: 6e8f6742c511 + last_write_checksum: sha1:d57b995971c9de2052378122f7c626d2f643c244 + pristine_git_object: fc6af43626c7f0edd1228e94074943071b75f35b src/cribl_control_plane/models/healthserverstatus.py: id: 5330d50b7445 - last_write_checksum: sha1:75f2f582b3e15adf6278e08a1a810acd7b1bed01 - pristine_git_object: 4ddf3eb759868c5b3de8d2932a71239c073ef332 + last_write_checksum: sha1:6b18ccd58256be6ced902d1ef9c9e45c6930ff08 + pristine_git_object: a3a2527567fb0c863a2dfae6397fc5a8fc48cc18 src/cribl_control_plane/models/healthstringtype.py: id: 43b988cdf018 last_write_checksum: sha1:8a8ec4a07846816d49d6b86e6ecefc7817f397c9 @@ -18246,18 +18410,22 @@ trackedFiles: id: fb685a62a1e7 last_write_checksum: sha1:ccacbf132868516e39a74b019f57ccd4f1f87e53 pristine_git_object: 8c46b169583cab4fa7c1b946158e63a2adfdf33c + src/cribl_control_plane/models/httpdiscoveryheaderconfinputprometheus.py: + id: 5de4221a9db3 + last_write_checksum: sha1:593f5468e47aad24037faa01a005833836d89d4a + pristine_git_object: 7df7d96b415fb3d979d09bc028868e8a6a622490 src/cribl_control_plane/models/input.py: id: 6830a15033b0 - last_write_checksum: sha1:963bca22cecd7e1ae231beb418edd8891e7e5ed2 - pristine_git_object: 7ab2c19789eb02e01066b793d4021205b7c4e567 + last_write_checksum: sha1:8bd1ffe61ea976c3db79ee03f3ee2bf755ed3506 + pristine_git_object: c13d2f9e2db8721d3a178cd9500f69af8938c727 src/cribl_control_plane/models/inputanthropiccompliance_input.py: id: 22cda9eccc16 last_write_checksum: sha1:a15ee157793047073b0236b97da5b3f7e846e31f pristine_git_object: 428fb1f5e3edcb531da3e8c30600976ec4ecb62e src/cribl_control_plane/models/inputappleunifiedlogs_input.py: id: 16b3b9edb704 - last_write_checksum: sha1:14661f9d40b055014103845355c0e1729d0d4532 - pristine_git_object: 88d8ff1e45f00b9f0421f833bdcbffde524730c5 + last_write_checksum: sha1:bdf1561dd569fd123d915212fdc3db8fdd2ade1c + pristine_git_object: 0fdec63aeb26cd99161b626404e557ab36f85435 src/cribl_control_plane/models/inputappscope_input.py: id: cd5957422daf last_write_checksum: sha1:c2891de7826d84b089ffc5c15bfc03c28f4d6992 @@ -18268,8 +18436,8 @@ trackedFiles: pristine_git_object: 79b8fb0e23677f142f8fdeea7c773788f7b0732e src/cribl_control_plane/models/inputcloudflarehec_input.py: id: e4377eaf2ef5 - last_write_checksum: sha1:b268c56331404ff158ce851d08457f3c5e0d9259 - pristine_git_object: 402c166b7a599705cd4c4fca43fa819b21703bcc + last_write_checksum: sha1:58bf552330413da6c948af47a9ed83e476c91a9c + pristine_git_object: 6758d95b7bfc2676120a69b0f816980dba3a9f64 src/cribl_control_plane/models/inputcollection_input.py: id: 5751d6cbe10c last_write_checksum: sha1:6974342adf82122b622a26544a80d2a0640080a8 @@ -18280,8 +18448,8 @@ trackedFiles: pristine_git_object: 428fb4cc6fe0323cbb0e6bc7018ce7304e3cdf3e src/cribl_control_plane/models/inputconfluentcloud_input.py: id: 60ef0c42e033 - last_write_checksum: sha1:55df8e38ee5c38c41a20fbc5ce0a2d2a089316ec - pristine_git_object: 96e284db521c127f0f605d443bcff55fe348657e + last_write_checksum: sha1:9c90a5866a3a6747a13d2bd3720fbf7c165584dd + pristine_git_object: 8ab625b3af466b16307b77068b8559d8d68afd7d src/cribl_control_plane/models/inputcribl_input.py: id: 9357b3e36726 last_write_checksum: sha1:032dc4290aead3137b2fe727c62a0704079a9b3a @@ -18316,20 +18484,20 @@ trackedFiles: pristine_git_object: 720ed98a5f861ff1b9e9d4a3d003b65ebba4d135 src/cribl_control_plane/models/inputedgeprometheus_input.py: id: a67a10be3603 - last_write_checksum: sha1:9ceb2c8c1ad1fb766b7a297122da72a1e05a619a - pristine_git_object: 4634c811b9b82da3c3332245f21b1f4a28387ac6 + last_write_checksum: sha1:203baae5348c591bb54edd6b6ed6e254b4ca3f8e + pristine_git_object: 86dc3778470e9e34116ce0be45dd521a0f371d58 src/cribl_control_plane/models/inputelastic_input.py: id: 064748980c9b last_write_checksum: sha1:1f0941fa42d46cbf73520e04eca96ad88928227a pristine_git_object: 8a71f55ab6d80e2d80efaae4f1ae44bc96a9bcf2 src/cribl_control_plane/models/inputeventhub_input.py: id: 2a7a44074d87 - last_write_checksum: sha1:070fb80c5cfbfe59ebbd8bb68c78f00e3384c104 - pristine_git_object: 7206a456a77e7b229ea9492e3427fa81ef9217a6 + last_write_checksum: sha1:da805e2840ce3ffb3cd7da28e3898d7c6f25c3cf + pristine_git_object: b1132bcbfd40292a606cd6de0f387d327f8283d3 src/cribl_control_plane/models/inputeventhubamqp_input.py: id: c9d97d144e1d - last_write_checksum: sha1:3a1a76553bd43eb95fe5ac2509e77574ef36d69f - pristine_git_object: 0429e97e1f94e803ea1ff61fb29022ffec82cb90 + last_write_checksum: sha1:8e793c235690f79ba32055329809229606a3087f + pristine_git_object: 4bd9e238c0f13b406f4d83edf43069ac6c77e9e7 src/cribl_control_plane/models/inputexec_input.py: id: 83de10786a42 last_write_checksum: sha1:527591cec39a032ea057dadede85194685b0c612 @@ -18360,12 +18528,12 @@ trackedFiles: pristine_git_object: 287c9bf9e098d60c76b04c5707856bfbdcaedd4a src/cribl_control_plane/models/inputjournalfiles_input.py: id: 7653532158ec - last_write_checksum: sha1:b89c216e26f04f575d074a1d3afc78ec1df35115 - pristine_git_object: 3cadc1942cd5e34a84ae76990f0d1db28d106d08 + last_write_checksum: sha1:819bc7ebbda98fb3aca467ca8866232d34d8d72b + pristine_git_object: 3367a2e5038431c5b7382450a2312d39c60e1096 src/cribl_control_plane/models/inputkafka_input.py: id: f845de6defe7 - last_write_checksum: sha1:eaf1e1435819db53bdd78df67357b9b09103f109 - pristine_git_object: 007ddbb91cce55beccc29c0ba2dabd5c9257f7e7 + last_write_checksum: sha1:52d4a2a5239c254a6fae9bc0ec7bd5ffd60a83f7 + pristine_git_object: 5f3b9242174abfb681fe251386f372e2bf285eca src/cribl_control_plane/models/inputkinesis_input.py: id: 0d81fe4d8717 last_write_checksum: sha1:10e517453e42abba98982e965ca08f68ed78b76e @@ -18376,8 +18544,8 @@ trackedFiles: pristine_git_object: 3126a8f57f9e2d263700feea2c92362e0e325889 src/cribl_control_plane/models/inputkubelogs_input.py: id: f76b8190c904 - last_write_checksum: sha1:da429617e5fe98623407d0d70f0cada12f5f0821 - pristine_git_object: 59dcce432b7ce60e9f54886343ce32f1aa9e695f + last_write_checksum: sha1:f465985709c59d41c112be1588bea10eb68e9cc3 + pristine_git_object: 18e37e9f21fc9e09f09019145d26f01014531c4f src/cribl_control_plane/models/inputkubemetrics_input.py: id: bc9d6b7e92ab last_write_checksum: sha1:6da01aad356ec64205d0ba91c89c918ccbc022b7 @@ -18400,8 +18568,8 @@ trackedFiles: pristine_git_object: e08178318d65541b9a30c2552147a340fe04024f src/cribl_control_plane/models/inputmsk_input.py: id: 13f3a5c8a003 - last_write_checksum: sha1:b11b6749e6a831802f221e7581fcb33200eb80d2 - pristine_git_object: 3925cfc5139e730c3215457a6d5940e84b322124 + last_write_checksum: sha1:8b03a3aead8abc4673ffa7c84c46de5f7c1ca1a6 + pristine_git_object: 29d6a947c02f32d1889c01ca12b713c7cb8b190b src/cribl_control_plane/models/inputnetflow_input.py: id: 5e4cb9ff9920 last_write_checksum: sha1:804e3d2a2422e53166363f5dbff0d2e9f3a07ab7 @@ -18424,8 +18592,8 @@ trackedFiles: pristine_git_object: 63f4fcb58a0ed6670b41a9f6a25a6278a3adc763 src/cribl_control_plane/models/inputopenai_input.py: id: 37fc53912818 - last_write_checksum: sha1:8088058f024ba8cc5b175b42fa6185b7c15ec02e - pristine_git_object: 46653f569edf17b3424353d0da79abe5529793ec + last_write_checksum: sha1:7a83fd1dbdcd7faaedcfa6fd3407446e9c3afffc + pristine_git_object: d2619dce64c76d7b638740abdba3f7b066359c1e src/cribl_control_plane/models/inputopenaicompliancelogs_input.py: id: 523c96ec8fb0 last_write_checksum: sha1:ed1f6b514f15e8b277d1a73bd202d21cc52d449e @@ -18436,8 +18604,8 @@ trackedFiles: pristine_git_object: eaa31682dfc57c321d9058fcef8f6cfc46050b42 src/cribl_control_plane/models/inputprometheus_input.py: id: 6b2c7b2165a7 - last_write_checksum: sha1:2f4a8e7fe08da8cb0a188a370889ea150747c869 - pristine_git_object: 3db7b70062faa8f8d1ef7ce40109cc244cf5b49d + last_write_checksum: sha1:674dc9cd94a0ee89f6733c0a125867235e42171c + pristine_git_object: b5df2dcffaf41af4579f416edd716b7f048ccf3a src/cribl_control_plane/models/inputprometheusrw_input.py: id: d908fea575c0 last_write_checksum: sha1:49b62e4c66b53c058b554588b211da7ab9e2450e @@ -18448,12 +18616,12 @@ trackedFiles: pristine_git_object: 4b55ba9050f070da726494b2a5b631773b9f7980 src/cribl_control_plane/models/inputresponse.py: id: 767730d04919 - last_write_checksum: sha1:ea8e7bf2dd0e755ea7e73d4ce68a6d196c63a65b - pristine_git_object: 2fdc1acdac856d044077165b7e558aa304bf9ef8 + last_write_checksum: sha1:db8a9b1195c63152841b0e1d155c5d9599ca312e + pristine_git_object: 5b8317b9142f751166d027c156ae1427e865a5aa src/cribl_control_plane/models/inputresponse_logged_in_users.py: id: f086c6ede533 - last_write_checksum: sha1:d28058fc4c686e292d8ba9e8fd65133608f274ea - pristine_git_object: b19033e4eac373cee9d4a4ef64f15b1639341e0c + last_write_checksum: sha1:6bb33321cc4a8f9594fa52892205f5ba16e8c138 + pristine_git_object: 44524c002dfd6d7ec1b16e2268daed0041422f4a src/cribl_control_plane/models/inputs3_input.py: id: f30537f12b20 last_write_checksum: sha1:a2575e73af46f9fdf2e58f5c6372ffb9b800918b @@ -18552,12 +18720,12 @@ trackedFiles: pristine_git_object: ddd5c5398ff8485a12c0d9a024f685622f261eaa src/cribl_control_plane/models/kafkaschemaregistryauthenticationtype.py: id: 83c4ddb699c0 - last_write_checksum: sha1:6db24d8e835077855a76586810ce76c65f762f4e - pristine_git_object: fda2c756ebe3c706ad019ecc046c39be4ab6a49c + last_write_checksum: sha1:d0481348360893b6b8a44bd25581682a9ba07969 + pristine_git_object: 92c40a8d5ee5ed71794578005ea4f9f28eb8ac86 src/cribl_control_plane/models/kafkaschemaregistryauthenticationtypetemplateschemaregistryurlauth.py: id: b6d40f8283d4 - last_write_checksum: sha1:4355ffe84237ca3e8acbed253d44e3c1f7e41039 - pristine_git_object: a5a246e09791725ce7ba8dabbb052550f7594405 + last_write_checksum: sha1:dc8921ba8195b4975684421e645a5ce3688044de + pristine_git_object: ebed1a57d6787b821a4687d588a4f95458f20a67 src/cribl_control_plane/models/keyvaluemetadataconfoutputfilesystem.py: id: a00f4aab4986 last_write_checksum: sha1:d28b786ef4950903be858144007bb9cf67ebf8f2 @@ -18568,12 +18736,12 @@ trackedFiles: pristine_git_object: 935b989c6057f15f6e6ce16438df251b63494868 src/cribl_control_plane/models/lakedatasetmetrics.py: id: 12c3717a6be3 - last_write_checksum: sha1:0b07283745956cf2326c1e800d60b6f36c4144e4 - pristine_git_object: 51cbd713ab6d7231272ae48cb9a3d24d4a5eece1 + last_write_checksum: sha1:caaa6d0e1eaf7ed620f9d330908611e49593a952 + pristine_git_object: f1a85ae1a2f4f5b196330616583627c2a6b812d1 src/cribl_control_plane/models/lakedatasetsearchconfig.py: id: 131b11361cf6 - last_write_checksum: sha1:df192d4ebec89ed78ed97a411ad5bfd31f15acfb - pristine_git_object: ea17481adfe7fcf40e5511aae82015858cb61e98 + last_write_checksum: sha1:f85282a3e100c190c70a00a29d135e25a53e81c4 + pristine_git_object: bb3816b66fb9a7fe7ca92a169884ac6e83aef841 src/cribl_control_plane/models/lakehouseconnectiontype.py: id: cf5a974e7e9f last_write_checksum: sha1:3f0dc547ed94674c0a6a7a51311d1ad5dcd96ca3 @@ -18678,6 +18846,10 @@ trackedFiles: id: 863deac83938 last_write_checksum: sha1:fc9bc2045040253c7746d3361a32caadd78a7cfe pristine_git_object: 51dd022e700d856119a71481cb7f8b1db852608a + src/cribl_control_plane/models/noactivehealthoverlaystatus.py: + id: 736345a1256e + last_write_checksum: sha1:74b8a5a8d47ba2985ce97e00ca7182c293e63af8 + pristine_git_object: e5965707493055a4b2dc52d6fbd3a57935bc7b81 src/cribl_control_plane/models/nodeactiveupgradestatus.py: id: f1715e5be927 last_write_checksum: sha1:4c7339de772736c8e8b8ff379306826090d17c63 @@ -18728,8 +18900,8 @@ trackedFiles: pristine_git_object: d9e1913f158f723e4bbfde87a7227db84ca5c14f src/cribl_control_plane/models/objectstoragefilter.py: id: 9b6c303cda50 - last_write_checksum: sha1:bea78814e6f99f10ba75b50536440a714a428d02 - pristine_git_object: b77d3475b40e36e580662d124140ea99edd8a614 + last_write_checksum: sha1:596b8be3e773e8e48ad5032ed16df0a69d9fe6ee + pristine_git_object: cbd502442f00fdd12e2a1ccdcedb5fb8951b58e2 src/cribl_control_plane/models/orphanfilerecoverytype.py: id: 0f0e38e92701 last_write_checksum: sha1:9295bd88505218f547dee2bd90f829ef9dc36728 @@ -18748,8 +18920,8 @@ trackedFiles: pristine_git_object: 4b0fb970d23dafe3793749d3c47e7fbf8f514ef0 src/cribl_control_plane/models/output.py: id: f4d9666b7d9f - last_write_checksum: sha1:b91466daf17d61ea205d2a4b1d659e7464bcdddb - pristine_git_object: ab449124795fb78309578f5e157c85c7e503af67 + last_write_checksum: sha1:32fef865fc45a6bd93332c951c322a68d9461583 + pristine_git_object: 46d17321c60bc796d20bc95663fa6ad5059cf88b src/cribl_control_plane/models/outputalibabaclouds3.py: id: 731fd1ec1a1e last_write_checksum: sha1:ab0f6b480aac6c42f868a7c226a9a32892a613b6 @@ -18764,24 +18936,24 @@ trackedFiles: pristine_git_object: 162ab68a1942f7e215e3342bc9f48f4c40f30434 src/cribl_control_plane/models/outputazuredataexplorer.py: id: 31dcf73b7d97 - last_write_checksum: sha1:127416ffadc9c8d80200fc3ff213697778628fef - pristine_git_object: b2c6a926b238e6cc30d083963cdab3411f8c070d + last_write_checksum: sha1:034fb9f6bbcec8142a21f7ab29ae2fbdf1e24399 + pristine_git_object: 77dd65cabda16414fb47a104f13db3c4599c203b src/cribl_control_plane/models/outputazureeventhub.py: id: 98ee05460527 - last_write_checksum: sha1:77942d0ea3f9fc584ebf8051904b8cc7d1ad6a6b - pristine_git_object: a3b34de892fafc0a9dc7d74296421c5a0aeaf286 + last_write_checksum: sha1:9f0c8a3496952def0caa11e7c8f8551f59a0f561 + pristine_git_object: 83ead14fbd189158c1144dda87727d32bc94c0e9 src/cribl_control_plane/models/outputazurelogs.py: id: e4021e78db06 - last_write_checksum: sha1:7caa38653a06230701fc9dbfe6af4281c1e05a47 - pristine_git_object: 97ccca2c78f625ebe3e644867f2fc366ee69d1f8 + last_write_checksum: sha1:5260a7108620ec2aa943b7da5911500192192552 + pristine_git_object: 657c4c89af5fd03e4db5f887128d5610c88edbed src/cribl_control_plane/models/outputchronicle.py: id: c85d2f94c191 - last_write_checksum: sha1:a410214fee52792a9de56cdeeb25f696c7e1a1a4 - pristine_git_object: 301f48d3f2754afa94c85647953173c20a66074c + last_write_checksum: sha1:945fd083d3e79cce7e0fb06e861c727ba3f9cc34 + pristine_git_object: 8ea4a01117eab20738fcfe1ed01b16fa20cbd331 src/cribl_control_plane/models/outputclickhouse.py: id: e761b8dd45b4 - last_write_checksum: sha1:75ce198a902c4816b628b2d2140c657f9b3c38e0 - pristine_git_object: 9c2c73e814caba670caf6bc403c506b3317c9ff1 + last_write_checksum: sha1:b2a0f57c3acd28b2fe75bff8b91541e49da165ce + pristine_git_object: 84a014018e7f69ba08642571ec9241a458b0a81c src/cribl_control_plane/models/outputcloudflarer2.py: id: 97ff5be2be1a last_write_checksum: sha1:eb535575645dd333cb00b7cb7e5e90760d5219e9 @@ -18792,44 +18964,44 @@ trackedFiles: pristine_git_object: 531cbfa934401cda63c6e5365794bb4d54dca012 src/cribl_control_plane/models/outputcloudwatch.py: id: "325994702096" - last_write_checksum: sha1:791b570f3d58b28ef3922284f216f38f39612e23 - pristine_git_object: 0377ee5625ac5e74e5b0067b2f5b982f255207a1 + last_write_checksum: sha1:859f53b8f887c9b1721f7921f443f597832fbd1d + pristine_git_object: 8cfab700e75aa4cdc616a17d32f0cff4caf6fd46 src/cribl_control_plane/models/outputconfluentcloud.py: id: e633c53adc27 - last_write_checksum: sha1:2fa7e81ff20e0986d6171c88d597c6c4b57f43a9 - pristine_git_object: 041d1cc132d54f7c4681d6b9f8e7d22f1146b688 + last_write_checksum: sha1:ffb6a8add28d3a065b28ba2985209e85f356cf23 + pristine_git_object: bd382956d148fd6df7957559d7f7b0fff7cfc376 src/cribl_control_plane/models/outputcriblhttp.py: id: 64352590a54d - last_write_checksum: sha1:9b68a55866dd23699224aa88c4fbd5d08b8cc2a9 - pristine_git_object: 46932d417ae31b982bb74876c49eb9ab25e7a4e6 + last_write_checksum: sha1:c10c0f3178f3d04db95ec5ff9731de77082b6605 + pristine_git_object: b9693aa50a22f19084bf877a3a2957b963ce3227 src/cribl_control_plane/models/outputcribllake.py: id: 88401324e633 - last_write_checksum: sha1:c618faa9749460edadaa66592b29298158ea5cfc - pristine_git_object: 6b8ccc53394acaa91f641770982a81a52d8d659a + last_write_checksum: sha1:59020b3629c53fc2ff3dd7866ff9d47229c655f2 + pristine_git_object: 931827a19828f31b43a844c6d6db14cd2a4b6c7e src/cribl_control_plane/models/outputcriblsearchengine.py: id: 0f5362f5f409 - last_write_checksum: sha1:90c1ebfa32c76eda59dec58c467f8ef2225c8220 - pristine_git_object: 6894f43275a07e15098d0fb40b66b14fbd356104 + last_write_checksum: sha1:3091907b691ec45179e22666478bbed886d74060 + pristine_git_object: 6567e5ad6acca76e8e640de2f5c93300ac5ea36b src/cribl_control_plane/models/outputcribltcp.py: id: 9a2c64817df7 - last_write_checksum: sha1:e40d4d2cd5f52cca241e578b4bdffeeeec156dcf - pristine_git_object: 227a829a7d3eb3ccf2613fd4ca2f12846011674a + last_write_checksum: sha1:72ab0289a22d5ca5447eec280403b9586ffb26dc + pristine_git_object: fd0126aa368b3d8c79775b4cec9dd7cab5b03310 src/cribl_control_plane/models/outputcrowdstrikenextgensiem.py: id: a2494a240e4a - last_write_checksum: sha1:cb1c3bc0ed7f5edd5e0b2f1d91d5335fd42cf2cb - pristine_git_object: a8e1c536e85932503bbe57d6f31d1a799a96a28c + last_write_checksum: sha1:b867b4592177ef97fba0adfecf049d7d8467c08e + pristine_git_object: bccda8a1c8ee4ce0cd81e4bdae54c85c73ea3943 src/cribl_control_plane/models/outputdatabricks.py: id: 4a8494d5d320 last_write_checksum: sha1:b126629291737513ef2c1954a8a60180e3e26729 pristine_git_object: e931bc3721cf292d5eaa1275c1bf9a56d32689ba src/cribl_control_plane/models/outputdatadog.py: id: abb9afed6881 - last_write_checksum: sha1:938a25e2b4e42be8264b4b5d85459a7908c2c31f - pristine_git_object: 2455b5d6180591ce2e55c11dae58e441f507b4c5 + last_write_checksum: sha1:a0e3cd3cd26735a51cb05db5c26c3b3c69f54d9c + pristine_git_object: 8cd59643892f7f5577766436845437ee5a9893c1 src/cribl_control_plane/models/outputdataset.py: id: 685bd2bcad50 - last_write_checksum: sha1:55a9b2d6f6c2f8f6b2dfc9fe324b437490cc74dc - pristine_git_object: a5cb7815373e6dedc5b2c5bfb53ef2320b66e8b7 + last_write_checksum: sha1:716107039e43745d6a2462a8f7e8bff74fa95df5 + pristine_git_object: 7a4b4f41004758f6cf316808010f0c449646742b src/cribl_control_plane/models/outputdefault.py: id: 9646763573c7 last_write_checksum: sha1:185c6dd0cba546376231910c575858f9b430e226 @@ -18852,20 +19024,20 @@ trackedFiles: pristine_git_object: 56863a3641b5fafe515dc99f24700eb5883ae5ef src/cribl_control_plane/models/outputdynatracehttp.py: id: 9ef0c87a3c8a - last_write_checksum: sha1:522b554b4488b7212cc632cfafe8a6b4697707c9 - pristine_git_object: d3765a40efbb4deda92ddc8c6c4325f1570176f5 + last_write_checksum: sha1:9635f2393da0dc1b9b2183246c19122b5491263f + pristine_git_object: eafc693cf4c4cdfbeb802d1f9b989f399b146235 src/cribl_control_plane/models/outputdynatraceotlp.py: id: 7d91d0663838 - last_write_checksum: sha1:1c61e189750eea7f2d473ecba3e7ad59f4deb906 - pristine_git_object: 94bc774252c89571d8539a1db545a1a75838a66c + last_write_checksum: sha1:0236fcc8a16c17f23257b6ad4d27de2f3b5ea190 + pristine_git_object: aad1d45bdf993efbafd92fe39ad9508472af413f src/cribl_control_plane/models/outputelastic.py: id: d478b50f9198 - last_write_checksum: sha1:cb052cbdd7071a52691ebc8b36e83e8d00933a27 - pristine_git_object: b412ec7e503c285a4a4e12b7fae8e69007413aad + last_write_checksum: sha1:3fa6dea9902b1b7750e4a475fc00d77cbf78b8ea + pristine_git_object: 5217972a3d2466e0ddfda810b93429a03189e241 src/cribl_control_plane/models/outputelasticcloud.py: id: 9401e27437e5 - last_write_checksum: sha1:152f78b73f4aa49341525e4946c426c29a109e2c - pristine_git_object: 35c816a60790d98f39b06aebffa49d08ab23ac97 + last_write_checksum: sha1:e2a9c184d5b0b3b355ddac06f93fe3bbfd17102a + pristine_git_object: e44a22b1e270757601e44c37eaedff39d0e1f07b src/cribl_control_plane/models/outputexabeam.py: id: 9b6db8800eed last_write_checksum: sha1:894274fe4c7131a1ebe3716cebc06415358fb2af @@ -18876,60 +19048,64 @@ trackedFiles: pristine_git_object: d009b4654579ae37f8761bed9bd0ee9461c8ab75 src/cribl_control_plane/models/outputgooglechronicle.py: id: 717f58fbff8f - last_write_checksum: sha1:97d6dd3b90adfdca9f72ea97f03d7a52719107d5 - pristine_git_object: c824adba7c73935e6e47b85df2dfaf7e1db61156 + last_write_checksum: sha1:28d021437599fe5235c966e82b77442f4221832c + pristine_git_object: d41ea6b492f59e4daa9999ebca14781e88943262 src/cribl_control_plane/models/outputgooglecloudlogging.py: id: d3df2bbac13a - last_write_checksum: sha1:8433d1d90a595ed95dedaa55e806d569cc405d5c - pristine_git_object: 73cc151c7bc7f2a3fd027daf130389c45b5e0ba2 + last_write_checksum: sha1:b5d3ee90366e136907d4e19cffabd23a7d20f433 + pristine_git_object: 4af87d060aa9c2df077a197d5563f6e1d49efc5c + src/cribl_control_plane/models/outputgooglecloudobservability.py: + id: f11fd96444ab + last_write_checksum: sha1:66a1092a17235b09a3ef9048626080bd356f0efe + pristine_git_object: 3297c80b062f4f367f27d4eea8cb5480c33b0380 src/cribl_control_plane/models/outputgooglecloudstorage.py: id: 126a516f320f last_write_checksum: sha1:f3183aedb3b735bc12e585a25380f43f3d9f9ee2 pristine_git_object: 2f24308c6203416230ca4f1060ef1bb2138a131c src/cribl_control_plane/models/outputgooglepubsub.py: id: 30d9ea9a5b6a - last_write_checksum: sha1:43532b2336a8536c06f6feaecff2fa2a864cca3c - pristine_git_object: bf6544438c1d14c67614c65a22db5317e56dd26c + last_write_checksum: sha1:692c44f2a6e12ce812cd6389c1f44c266eacc2c8 + pristine_git_object: 70796c9eb1cbf01a40ab1ee3e0a7864b316cf9a4 src/cribl_control_plane/models/outputgrafanacloud_union.py: id: eae7011f596a - last_write_checksum: sha1:f014060789e3e7ef052c741ff50edb4ac1518912 - pristine_git_object: 65f34fce939ac7029c65ff7c9a3ab6186a50c0bc + last_write_checksum: sha1:c799926846c8c9a9ad497ffa002b9214bb82d4f6 + pristine_git_object: 32656b818832d0bfaeb50c65f779ed078cd83e55 src/cribl_control_plane/models/outputgraphite.py: id: 5e58ae16f2df - last_write_checksum: sha1:323f4578115ab7abe6fb1b8f2c6874e2e2892025 - pristine_git_object: e8f2274ed7fe660952466004a2262ea13f16b1e6 + last_write_checksum: sha1:3403299aec81df9ee16fbce9fc1559e4d4d97c61 + pristine_git_object: fb2d38154c6e02efd40a287f54eb7500eb668d00 src/cribl_control_plane/models/outputhoneycomb.py: id: 822387de284b - last_write_checksum: sha1:d5da45fb3967458121b653fab383f4f6421eb1a8 - pristine_git_object: 05ed423cb6dd94a542502cbd9443ee6fa0d8319d + last_write_checksum: sha1:6d363fc8e253528d44e7ecc312f3e63e292144c3 + pristine_git_object: 2a7427c6a6b2ed855233c9e1032b147e73e918ba src/cribl_control_plane/models/outputhumiohec.py: id: 1c01655b0ac2 - last_write_checksum: sha1:b88b6cf73ef12051acde098a926f40fb38f8f9b5 - pristine_git_object: 356de57d82da7da050556f1ebf1044eb84fbb120 + last_write_checksum: sha1:bcdc66f7c04bc8de472fcbe2e3f1c716c254a6e7 + pristine_git_object: d985842664c1f48798379a2c68511e2689965464 src/cribl_control_plane/models/outputinfluxdb.py: id: 8308228928ed - last_write_checksum: sha1:084bc1c48098883a85d0bf234b21f4b353b1378c - pristine_git_object: 93a5a93c3121db2503dbfea7a2719b7765efafbe + last_write_checksum: sha1:d0a831b07c138b13c1d0326b75a9e0d512784d92 + pristine_git_object: 2e829d2668181a7ffef28e2ebe278151ab5e5666 src/cribl_control_plane/models/outputkafka.py: id: 202570254d42 - last_write_checksum: sha1:4bb28421747d2086a457b574db5304571e4620c8 - pristine_git_object: 78f528224783bf737e13a04e523612fb98fd68f0 + last_write_checksum: sha1:ae3b55578767a5419bcb53775d162131a1b3e620 + pristine_git_object: 184d48ccd12df9cafd1b07baf918ca116201294a src/cribl_control_plane/models/outputkinesis.py: id: 6900942bed68 - last_write_checksum: sha1:13a2f6bf2de4f659415decfa86c3a2ef80939fcc - pristine_git_object: 4e4959a3488eaa78e9b3a25d98426c35e962e232 + last_write_checksum: sha1:5b6963caca05d1c00aa374b15bd39844bc96795e + pristine_git_object: c29b41b1e4af9aad8ad07120f4ea13edb8392573 src/cribl_control_plane/models/outputlocalsearchstorage.py: id: 3df06edb3e67 - last_write_checksum: sha1:26d0743bb7fe7d9713f1c4ca2a8fd90ed213116a - pristine_git_object: 009a694be02faaa8ff8809f6386916265ffce072 + last_write_checksum: sha1:5c1f72bbf17f32495f74c347b4a92a5b94328042 + pristine_git_object: 936c32437e8ea9b020d652d792e8c7e99bb27230 src/cribl_control_plane/models/outputloki.py: id: f7d3deb1d817 - last_write_checksum: sha1:22daf44f4e710c57ab36953f690f2b4476426759 - pristine_git_object: eecfd75b60f1c2e5abc641fe6a3aa841b3a810f7 + last_write_checksum: sha1:2f5fddb248e68da1979ea3b8b88e4211b995ae46 + pristine_git_object: 0e5341053722fe9f96efdf219a7928731bfd7a69 src/cribl_control_plane/models/outputmicrosoftfabric.py: id: 326d51d445aa - last_write_checksum: sha1:e58d3be371bd43c557d854a1e99e681fec24b2e7 - pristine_git_object: fb0621dc41ec7c196ef3929b5cf2e86ba9c02de2 + last_write_checksum: sha1:cf460ae9da37cde349609c7dc1140044e77346f0 + pristine_git_object: 2f42dc4a92dd3f4a66f57010285a67e21c064cf1 src/cribl_control_plane/models/outputminio.py: id: e191c9723ed4 last_write_checksum: sha1:35f04c754ffea7ed0f616d23805c597076b6bcab @@ -18940,40 +19116,44 @@ trackedFiles: pristine_git_object: 5c3adc5f060183d6fae6c04596ed0205351bc495 src/cribl_control_plane/models/outputmsk.py: id: e86d01b956e7 - last_write_checksum: sha1:baa922a3725d94fbe35908573837dfc2e7714388 - pristine_git_object: 7f3512a08afa4c39e6beda13780b6ec7f597f84f + last_write_checksum: sha1:a9175dc2b1315dc3a8ab0ee22f1dd5b1f00880b7 + pristine_git_object: a04a6131359f5d6625224afee7d51ae4173f2355 src/cribl_control_plane/models/outputnetflow.py: id: 782b5754668c last_write_checksum: sha1:78be1753d42c505d77a22eacdb04823d776d414f pristine_git_object: eec09453a8f4ec879606043db018fcd1b72ba567 src/cribl_control_plane/models/outputnewrelic.py: id: e2b66e23cfc4 - last_write_checksum: sha1:6b118548bc083da02c589237ececda44f2239d6a - pristine_git_object: 053c07b914d2de56b4b9955455707f94573833dc + last_write_checksum: sha1:36564b67b768a19a5ace0a16001a489086bc7f82 + pristine_git_object: 7182dccff587edacd5896a44b013a3c9d22fd5d2 src/cribl_control_plane/models/outputnewrelicevents.py: id: 22677112b0f4 - last_write_checksum: sha1:ebeb779c88c6217ccd43ca532119d5faef001fbf - pristine_git_object: f7872761a9c0b80e07234704eb6b084a623cb5f9 + last_write_checksum: sha1:f81d2a39075beb4b8d8a5e6f65b679ee253eab76 + pristine_git_object: af51b452dea6047fa411978fc63a5c2c67499046 src/cribl_control_plane/models/outputnutanixobjects.py: id: 06e928e8d424 last_write_checksum: sha1:9118e5febefb7774af8ecc810b8370fcb3a951c2 pristine_git_object: 58f7135cfe053ac08b4034acf52e73d3f5de6263 src/cribl_control_plane/models/outputopentelemetry.py: id: bab5ab95ae20 - last_write_checksum: sha1:64a61c2c001b822a0a77f443a1d075eaf51a2a40 - pristine_git_object: fe62a5bd182495dc27a453a479b7aee376c591b7 + last_write_checksum: sha1:81d09dee73529655894323a183c4b583780fee94 + pristine_git_object: bf7a1eecca4b3ea2b491b281d09f7146bd2e8a52 src/cribl_control_plane/models/outputprometheus.py: id: 72d2d569cf4a - last_write_checksum: sha1:0974d10131b8329d111758c5bc3711f64f676aa2 - pristine_git_object: 139f6d172f85a61e7e51fae4eb64418e50cbaf5f + last_write_checksum: sha1:3583d4d77fa5383352d7fe4a43509d6d7ae7bbbb + pristine_git_object: bd291d03f65efc9e58687877cf1fe61e0e42c006 src/cribl_control_plane/models/outputresponse.py: id: 57d67aee671b - last_write_checksum: sha1:750ee2b530163a530d1038f89d96afb8501106f3 - pristine_git_object: 50a1fef7e09eca8bec4be64e6ea617304671d8ca + last_write_checksum: sha1:3f118e288e993dd8b1afeb3be8d41e0217943d20 + pristine_git_object: 643283dbfbf6dde1bc1dae446f692c3fca0a0690 + src/cribl_control_plane/models/outputresponse_outputwebhook_url_1.py: + id: 8b79b7a5e240 + last_write_checksum: sha1:e63401d08ba017c8d8d6bc33f73daf6c0b67894a + pristine_git_object: 02f05e6cb6bffd7129a504b1b073794986285cbb src/cribl_control_plane/models/outputresponse_type_statsd.py: id: 5ac183c1d0cd - last_write_checksum: sha1:8549496dbb723c37aabb40646b890dd6269410a7 - pristine_git_object: 6761ee08661038ed4f3659ff8e75039813b59725 + last_write_checksum: sha1:a7a93b5c4a441fe56d0e48e67b27631534acd76b + pristine_git_object: 4b6f30995dcbb3eba5000ff18e7816777eb796a4 src/cribl_control_plane/models/outputring.py: id: 38852fbbc850 last_write_checksum: sha1:7a6b9b46456b7afcf38e64fc3d11b004a91eb49b @@ -19000,52 +19180,52 @@ trackedFiles: pristine_git_object: ff859148152c34091166f133e9bcf526b36625b4 src/cribl_control_plane/models/outputsentinel.py: id: 77df0de0dedb - last_write_checksum: sha1:2cdf61d97605049a706428cac12606450c379b94 - pristine_git_object: 942ec539970fca71738de8a48238f89b201cb912 + last_write_checksum: sha1:f2192f474d6fedb9078bc52a96da529f0da40b02 + pristine_git_object: 02b0eb3b0f003d719d74fb777a807e92b1b390d2 src/cribl_control_plane/models/outputsentineloneaisiem.py: id: b7fa883b72d0 - last_write_checksum: sha1:7cf52c63355b2f48665d1be585b9b2f006239c3f - pristine_git_object: c4afeb41a961a2133cb2e24941dbe5749c2a636b + last_write_checksum: sha1:9db41781e42d4ff26b206bfab8c31a7d9fb867a3 + pristine_git_object: 7c5cafcd8c4ba8732c5549f32fddd10da95df61c src/cribl_control_plane/models/outputservicenow.py: id: aec9a128d45c - last_write_checksum: sha1:a9649d14d9a2c166db2d9b6b2d61f9bf60544f12 - pristine_git_object: b462315b6d39d82c458b6b0e4a29745f27dae823 + last_write_checksum: sha1:22f31fd1996230b8d6e2e357a85ae3b4f5f5503f + pristine_git_object: a91271847640bf4979e90006c7dc87377d17ccd0 src/cribl_control_plane/models/outputsignalfx.py: id: dff4acd82968 - last_write_checksum: sha1:c4f978f6e341777b946a33885d8b6b2fbe409815 - pristine_git_object: 7a1a315b7d94d11e8f0f6f1ea993cca50c9c6fc6 + last_write_checksum: sha1:f077050020d35064da95db3329c1a5443b61ab04 + pristine_git_object: b204140c2a3854e212a271781d0b551055ddc4ca src/cribl_control_plane/models/outputsnmp.py: id: 9559bffb693c last_write_checksum: sha1:c22e5342521c31402b6476ed77801ded8792359c pristine_git_object: 433f389ce3724b4ec37e952a6050a031b3a4ebea src/cribl_control_plane/models/outputsns.py: id: 84468bbd28eb - last_write_checksum: sha1:572828bda7aeb873caed8c29c7a09079084d9740 - pristine_git_object: fdfde4d44aaa2248c9105504e645f3348dd71d17 + last_write_checksum: sha1:2af95b196513f5b72c41e3d0a27469fd4c0a447a + pristine_git_object: 86b2623215af62ec4f59a5ff7b066f96ebaa39fc src/cribl_control_plane/models/outputsplunk.py: id: 1a1157ebdbe2 - last_write_checksum: sha1:15f16bfd51be98970f25702fd4dd9d9753b3182e - pristine_git_object: 987f8ad7bf34c87e566c25122acec9ee448b6426 + last_write_checksum: sha1:a15fa99b29831145e1d9fcc0db0c8319173db1e9 + pristine_git_object: 1b8cd72862db0c97a77322c4aaf56229c49d148f src/cribl_control_plane/models/outputsplunkhec.py: id: c90f358b1e4f - last_write_checksum: sha1:fba9c6064f93f7217525b0186a5f9107671a7b2f - pristine_git_object: 35cccba54c4b684998f1d8b056154c84b9f94d96 + last_write_checksum: sha1:83df5762c0338dece325ebb294b9327a9f27b290 + pristine_git_object: a754e18036139af40da2820e3471ecf864ba3b57 src/cribl_control_plane/models/outputsplunklb.py: id: 612f573663e5 - last_write_checksum: sha1:a0b94998657a30c83a2039106342d327d3ae5597 - pristine_git_object: d87d9c05985e0526592bc2d6acd6cddff3d8dd56 + last_write_checksum: sha1:edd7f2589152d8a95a3b91b35fb9230069d6361f + pristine_git_object: 1f53a70369e5f92cde0ed6ae9c9f59b7c74c028c src/cribl_control_plane/models/outputsqs.py: id: c2a5a299ea30 - last_write_checksum: sha1:3100e54f4c3d2b2605ec8d406c2a38637e6dcc9e - pristine_git_object: 5d73e9a497036516f7510bc14c0b601c5bbf641e + last_write_checksum: sha1:f05848a7b96f667930004af496b26858c28b0389 + pristine_git_object: 8de71353252447c23a9e5f7fcd889d02d237ee31 src/cribl_control_plane/models/outputstatsd.py: id: 8ede6538e264 - last_write_checksum: sha1:df15a03e752ad6d7b7121532cdac08677cf9b66a - pristine_git_object: eb2172285a4dd8b0c4e41749b6fd033a478f099d + last_write_checksum: sha1:2ede5b198f8a7e3a91ff081c1539d1c5d9d5fc5b + pristine_git_object: 69391eac6dee9efb1b157c735d31a7418eac03ed src/cribl_control_plane/models/outputstatsdext.py: id: 5251bf08f571 - last_write_checksum: sha1:52842da299ec791f0603502fc40e7a7523cb297a - pristine_git_object: c5f996ef6b9523cbb444ee133960b46b4d4131f0 + last_write_checksum: sha1:c46c0ec3e15c7356111c6c5a49e3284807a08561 + pristine_git_object: 7f5ebf35618c0e4a8aac59cef1e8b847a23d2749 src/cribl_control_plane/models/outputstatus.py: id: "8184519919e1" last_write_checksum: sha1:1a4a965e0fe7940e2e9069259c5c546ebc26f421 @@ -19056,16 +19236,16 @@ trackedFiles: pristine_git_object: 5f8c9ec987ee07e97448e94ec2bb37d0ed0f37c3 src/cribl_control_plane/models/outputsumologic.py: id: 88423b91eec1 - last_write_checksum: sha1:e5c2c6a41b5fe275cc1cdd14a24a0e99fcbd071d - pristine_git_object: 28de0dcb3e6c4cd5baa79660a6f88b83b4406ef4 + last_write_checksum: sha1:8fc54a0ea50cd5f49f84d803b5bd754ffbc03d92 + pristine_git_object: 4e9d22774bf5e53c94e47e08c2e1a48242902cb6 src/cribl_control_plane/models/outputsyslog.py: id: ad0b252b64f8 - last_write_checksum: sha1:9975ac4f70ccc3a8232193cd3f2f57982f0f9c94 - pristine_git_object: 3f8ac1bd517f790bfa819a4651a1a10b6c8a5d8a + last_write_checksum: sha1:0ba6bd045f5ae4067eaad3536c210383b3e9701f + pristine_git_object: 2d028d5c17be464fc8b5b28ed017db6004eb8a9b src/cribl_control_plane/models/outputtcpjson.py: id: d66a4d365e68 - last_write_checksum: sha1:87e5721fa534659eed42c713f1a36a3f3967608c - pristine_git_object: ffbe846f92ad493d6a25ddb310666c49d88757a3 + last_write_checksum: sha1:ab9eff0704ad2cef4a019c02af1dbd02088a7a45 + pristine_git_object: 800565b9dd291356b7fa0b7b2510e1c4e80247d9 src/cribl_control_plane/models/outputtestrequest.py: id: 81e1b2c93c61 last_write_checksum: sha1:c19fbd6e6adfbef769fc89ee3870b58e5a074b61 @@ -19076,32 +19256,32 @@ trackedFiles: pristine_git_object: 5c19dd53957aaaf5f69693e7eeebf327a2baa870 src/cribl_control_plane/models/outputwavefront.py: id: 0898984eb08a - last_write_checksum: sha1:ddb6dcc653abf7709e3149c26c9571e214f390b8 - pristine_git_object: 3085af07c52709903ad660f6b86b02fc35cce5a5 + last_write_checksum: sha1:a3e9d6b436b278e480c317040a95df51b9da2e0a + pristine_git_object: 3170ed38a2908b0bea6021a07a16c5e01edfb516 src/cribl_control_plane/models/outputwebhook_union.py: id: 478b65a93371 - last_write_checksum: sha1:ccb16ead98b4a7877df6a7bb0955192421ca38e3 - pristine_git_object: 23a12af72cb603d8296499e0804363503e90fe46 + last_write_checksum: sha1:d1f5bb7318cce7b4b1d80f98dade390696f0aa0b + pristine_git_object: 0775844dadc51d3cc63f7746c5edc035efb52d55 src/cribl_control_plane/models/outputwizhec.py: id: f0a40a7a4458 - last_write_checksum: sha1:51726418b11cf9875d05614138ab3958d4c02e76 - pristine_git_object: 2f5f44512026ddb0963d398be0a4433acf021f9b + last_write_checksum: sha1:ec8e1da3751937e824be4ade02e11f723a8dbc52 + pristine_git_object: 44813e3bb12a53d3fd92d4435ceb6711a07123e8 src/cribl_control_plane/models/outputxsiam.py: id: 6c1c39431130 - last_write_checksum: sha1:86cbbba5e4fa48cdb3b75ad816cf45360532beb9 - pristine_git_object: c8e97aae5aa2ed1da2af4fce8e2e217312947f94 + last_write_checksum: sha1:1844aec1f465bde0bc9482e01655a6c701bd8ed9 + pristine_git_object: 4efd3adc65926d6d2b255974321f796e37ccf309 src/cribl_control_plane/models/ownertypeheartbeatmetadatakube.py: id: 1a56c5e0e328 last_write_checksum: sha1:2d81b9b549005329e082a62b2417a2025aeecea3 pristine_git_object: 04386ef3d59a704de9644520b0caf824b0f20f0b src/cribl_control_plane/models/packinfo.py: id: 56a9348d2dd1 - last_write_checksum: sha1:5467249d95a1a0560c571b918528b57cc291a0ee - pristine_git_object: b21a77b695e3e32e938c7453c11a70dbe663a8d0 + last_write_checksum: sha1:c55f0501a58c99e64139733d9508a456266c9781 + pristine_git_object: df3f204610315c8b9677b40fb535da5154ed52dd src/cribl_control_plane/models/packinstallinfo.py: id: 55493bee8e50 - last_write_checksum: sha1:8441d0d233e244bc8185a9c9336fff618da1116e - pristine_git_object: 885d775467b971e53486044a57829316908eae35 + last_write_checksum: sha1:2e0d64520ac8b4258401437cac26087e0c59020b + pristine_git_object: 605f8c42cd0e61e0bdda1e10735bcc42c269ff76 src/cribl_control_plane/models/packrequestbody_union.py: id: e5e804cc4a6c last_write_checksum: sha1:a2c3157706a11eb24237a246434ab66cc9d63116 @@ -19120,8 +19300,8 @@ trackedFiles: pristine_git_object: cf7dc48b60b43f7636986182e55f297a93426a91 src/cribl_control_plane/models/paginationtyperestdiscoverydiscovertypehttp.py: id: 7e82d0a4cb14 - last_write_checksum: sha1:bed7f20ad3f5f31225bff4592da7cdafd925f6c4 - pristine_git_object: d5e9f12bdba275645865241a3acb6cd360f40b36 + last_write_checksum: sha1:7d25cdc84c8fcbb4e1348e18e3fb5ae66fd02a23 + pristine_git_object: f422776c5765a9ee2eb698a5a5d0282919e63753 src/cribl_control_plane/models/parquetversionoptions.py: id: 092e2dd104bf last_write_checksum: sha1:dd16f154aca2cdd1eb5f58f231e9268f984efc38 @@ -19336,8 +19516,8 @@ trackedFiles: pristine_git_object: e229c9f8b589e29d88e3d8e630689309755c69b7 src/cribl_control_plane/models/pipelinefunctionredis.py: id: b2958a41d50d - last_write_checksum: sha1:650f3224bc978bc092054bb61c73c893b08d70ff - pristine_git_object: 2ac2dc7ac1e41148094afceec830416b7a39a2cc + last_write_checksum: sha1:365a02197c14140f9b6661187408c4bf13f65d02 + pristine_git_object: 11d36412ee96051ef7bace4d48e09726a918d7c9 src/cribl_control_plane/models/pipelinefunctionregexextract.py: id: 959f758592c0 last_write_checksum: sha1:d1e5adad0c1e26d28f594a1bf66e83bace2d801d @@ -19372,8 +19552,8 @@ trackedFiles: pristine_git_object: 6eadf233644b6f917e7ada077f178f4ea6903154 src/cribl_control_plane/models/pipelinefunctionserde.py: id: dfec9a4e2e48 - last_write_checksum: sha1:826442761bf460a300adf545031d823b28c6103d - pristine_git_object: 8cf39ee6217a1ea3e80f3e5d46e79d08e3600277 + last_write_checksum: sha1:67552d5830eb5af045f884ecc1f626ae555f8b8a + pristine_git_object: 56b2dc7ae9d2106f2288558b49c002996a2c52e2 src/cribl_control_plane/models/pipelinefunctionserialize.py: id: 2a32d73034c2 last_write_checksum: sha1:2c7085c0910c4a38ccfbd6f01eeff93e5ac9a117 @@ -19428,8 +19608,8 @@ trackedFiles: pristine_git_object: 4b23ebce5804216d7ff8d45f1fbe8a395165a29a src/cribl_control_plane/models/pqtype.py: id: 20c891c56168 - last_write_checksum: sha1:366e03cfbfda0788f94d5f15efc9b01841530581 - pristine_git_object: c48e730355d4b0ca21b96ff1020d18baa7077222 + last_write_checksum: sha1:891d20d7fa81a9934b134514216df02f3532bd05 + pristine_git_object: c06acaf8fa812f9b7c2da19795908305418c4670 src/cribl_control_plane/models/preprocesstype.py: id: 81b715137f24 last_write_checksum: sha1:017c57fff5b89f4b8f9bf9bed772ac84abb0fdaa @@ -19472,8 +19652,8 @@ trackedFiles: pristine_git_object: 6426eac96215e21b216abf900506b5d3f8731268 src/cribl_control_plane/models/rbacresource.py: id: 2b1c2998a8e5 - last_write_checksum: sha1:5a2911a6372ae2caca52fcb4b493c5d29987f9e8 - pristine_git_object: 1b2e72ae713e919bd6a7b183674e881997f352a4 + last_write_checksum: sha1:1fdb1c4f853bea1ed8de2b24a56d28e7f2f283b7 + pristine_git_object: 1f1efe17cfcafcb65ecfc7cb8a79eb87cd8f16d5 src/cribl_control_plane/models/recorddataformatoptions.py: id: 5ee42db3bd04 last_write_checksum: sha1:a3b8b7f2a50069d2210161cf9e70bf0c6a2d1198 @@ -19498,10 +19678,6 @@ trackedFiles: id: beb4243a4439 last_write_checksum: sha1:fa548c293a08c8637a41cf9430ef85feaa13de23 pristine_git_object: a9060b97b587d3ef58794207af13ea33e88c9c54 - src/cribl_control_plane/models/requestparamconfinputopenai.py: - id: e313e3fe1fd5 - last_write_checksum: sha1:d62fe42762d0959b04dd713918f79966ccba71f0 - pristine_git_object: deab3a1f6ea519131afcf19c1a5c506fd0c630f0 src/cribl_control_plane/models/resourcepolicy.py: id: 8938dd0ef803 last_write_checksum: sha1:5432d9854b89196c635bd5c40918af81663a71d7 @@ -19520,20 +19696,20 @@ trackedFiles: pristine_git_object: 44b7263b662197b876528fe8e27e58afb7aa9fda src/cribl_control_plane/models/restauthenticationbasic_restpaginationtyperequestoffset.py: id: 6547fbaef4e4 - last_write_checksum: sha1:44a4d6f30aaef0403ab8238e26bb5ad272e7ecc3 - pristine_git_object: d1f17beae938486c90aaae432337fdb28bf3f5e0 + last_write_checksum: sha1:c45aa6c5b8a7ef18b407df35fa59040afc5d49a5 + pristine_git_object: e448d6d41b2e12774b00fab262f96f58f7393747 src/cribl_control_plane/models/restauthenticationoauth_restdiscoverydiscovertypehttpdiscovermethodpostwithbody_discover_type.py: id: c36ede766867 - last_write_checksum: sha1:ed132ab89b11dc3e0ad555ff97493dc03a620a29 - pristine_git_object: da2feec8b1a4a5c3662d7e02f1c101b7129e573a + last_write_checksum: sha1:9b0758064e752a3b971ce35d034b8738040a8a67 + pristine_git_object: 752778b4d125c20035b43bdcb157d4278b06498b src/cribl_control_plane/models/restcollectmethodpost_restretryrulestypenone.py: id: e30db047228a - last_write_checksum: sha1:918f30c4cc80a13a8c6b88c58a73e4f113a70306 - pristine_git_object: 8f5c15b31023746677cfd6b94dcc2de682328959 + last_write_checksum: sha1:59232b259b82cdbdd9371b7c50c2f371f211057e + pristine_git_object: ccf8d54969d71035782fcb2600536a83c1e62a82 src/cribl_control_plane/models/restcollectorconf.py: id: 2fc48d1a6f95 - last_write_checksum: sha1:d8352a42dcd8986bc874308dda54756a11591ec5 - pristine_git_object: 88c3b7ebfd3bd8ebaecd14b8089ee7fa8b016342 + last_write_checksum: sha1:3561bb5d3299936801b2d4797978cfc2ef2ecbd9 + pristine_git_object: 4f3b98f0d46da878ff06afc87ef7653a94a7c715 src/cribl_control_plane/models/retryrulestype.py: id: 8be2ca6f94f8 last_write_checksum: sha1:a14ff75ebdd47bd3422e46266c83efc5c96cc3d7 @@ -19554,6 +19730,10 @@ trackedFiles: id: 1c80d4325db7 last_write_checksum: sha1:9631b4336767534c69f52cf928623a469b197c8f pristine_git_object: 2598c7d16e1d17b2b00fc16f334f8e4115548b88 + src/cribl_control_plane/models/rootnodeconfredisdeploymenttypecluster.py: + id: 790229faf139 + last_write_checksum: sha1:f156e5dc14d384fc272e5698f7c9d57c5b7f714a + pristine_git_object: a2b88ef9e1e933c7425859abf4a41408bfe73e8d src/cribl_control_plane/models/routecomment.py: id: 03153004d44f last_write_checksum: sha1:166cea2634373b21a9dd5ec4d1838ef05638cd66 @@ -19584,8 +19764,8 @@ trackedFiles: pristine_git_object: d8fe401a75c1bee9d57fdae67013063bc3933c24 src/cribl_control_plane/models/runnablejobcollection.py: id: e13f247d077d - last_write_checksum: sha1:5a6b52ac21536fd3ae7aa4a0a705810aa125800a - pristine_git_object: 956947222f4c1afc3dfd92abc230a8a511821f64 + last_write_checksum: sha1:6211c86f12231f463f00baa27ecdff75726f982f + pristine_git_object: 0ea88c86404a7c93a493443e999c50306750376b src/cribl_control_plane/models/runnablejobcollectiontypecollectionwithbreakerrulesetsconstraint.py: id: 1a2551a89ab2 last_write_checksum: sha1:360542d2aa5b9f635b6b5af2cc537c9410e5454c @@ -19600,12 +19780,12 @@ trackedFiles: pristine_git_object: 326a735c153841b9f44916c0541bbf1eb6909916 src/cribl_control_plane/models/runsettingstyperunnablejobcollectionschedule.py: id: d69e51fa951c - last_write_checksum: sha1:673dd0cc66b732edcea3e8ddbe959b1f022b4ce3 - pristine_git_object: 4166eaa9a2ae87e83a50f8a70aed1318ae15435f + last_write_checksum: sha1:d2b15238c0a0e21e80c24c6497dbd3a3b66e0f51 + pristine_git_object: 6be6a91f30648c89e9dfe783722e80498c49017c src/cribl_control_plane/models/runsettingstypesavedjobresponsecollectionschedule.py: id: cb93de9580c1 - last_write_checksum: sha1:dc6c8190ff3794a4c5fbabf1f1783638df91b40a - pristine_git_object: 23b78b5dbfd1d5ef3af9694b7dfc65e2d5509a99 + last_write_checksum: sha1:cbb3a49ccf94b2d15c18777726c7e38cf9a1284e + pristine_git_object: 861cc8bf72a4c3cbf015536d36066eb795f23244 src/cribl_control_plane/models/s3collectorconf.py: id: d28817a2832b last_write_checksum: sha1:c962eb570543d496d776d545adf31ba448ba4ab3 @@ -19704,8 +19884,8 @@ trackedFiles: pristine_git_object: 03094d1fa06d5c978e9514913083db17248b6095 src/cribl_control_plane/models/splunkcollectorconf.py: id: 7525a4c741b5 - last_write_checksum: sha1:5ee868753a973a31976625711d7d6b93e59b5602 - pristine_git_object: 1e15bc388d6d18e47cad01561252751682d248a5 + last_write_checksum: sha1:ab3094e42076e9a7983fb4bb4163096e2d0e6b83 + pristine_git_object: 18a3cce91933f4eb265613914518af7e37987a28 src/cribl_control_plane/models/ssltypesystemsettingsconfapi.py: id: 7cb4b7040f29 last_write_checksum: sha1:5ce82deb786087f0d55fdfcff8115e6a136ae9b6 @@ -19884,8 +20064,8 @@ trackedFiles: pristine_git_object: 1f479860baa01dfed0cbf4649a9ea79b865de4a7 src/cribl_control_plane/models/updatepacksop.py: id: 4249b1bcad31 - last_write_checksum: sha1:5c33ffe28769be8f962ee725e31868d2b304054e - pristine_git_object: 966b1e0fea856b823886a93cfd1d6c63adcdd9ce + last_write_checksum: sha1:70cf2e68176508e4b29b14105d5a2a195fb01158 + pristine_git_object: e4a2ca5293150d2ea74088b0e83fc98ff298baee src/cribl_control_plane/models/updatepipelinesbyidop.py: id: 9f10e2cff08f last_write_checksum: sha1:ba8f074e3bc8f142a158fde32c7e20a62a8fc5ec @@ -19948,12 +20128,12 @@ trackedFiles: pristine_git_object: 490bada76cbc3b6992f5b213795ababa0133b3ed src/cribl_control_plane/nodes.py: id: 75dce3f48fe0 - last_write_checksum: sha1:78c301c5c809bc051928f816ad6fa9d25c159a10 - pristine_git_object: a67ee01c69288553725397ddf4009935b1279980 + last_write_checksum: sha1:f165c7f5bf9a274f625e69522897a5e1f9855982 + pristine_git_object: aa9f9d5e4e322e341dba03f2614f4f01eeaa0720 src/cribl_control_plane/packs.py: id: c77b21eb4262 - last_write_checksum: sha1:d670c850d8ca692442de3b965e9a98079b2ff099 - pristine_git_object: c781f9f1dafff2e0536c70a14d81dbd6112a2385 + last_write_checksum: sha1:b8e736cf75f49ed0a69af5bd87b1fcc3335ac723 + pristine_git_object: 8706f37ff67d54c618ba1bd5f06368b38728ac1f src/cribl_control_plane/packs_destinations.py: id: c450853c5ba6 last_write_checksum: sha1:58c081ed0bc3123ecc902f4969ccb8cb4c74cbb8 @@ -19964,80 +20144,80 @@ trackedFiles: pristine_git_object: 92d7f2ad4fc6d2bd050c53cfbf9ab1b03944dfbb src/cribl_control_plane/packs_destinations_statuses.py: id: cd43b6b72fd5 - last_write_checksum: sha1:96e708ebf5d4834ef652883e00118677291ae184 - pristine_git_object: 45abc50148643d96d3f02a387453439415ae775c + last_write_checksum: sha1:6fdc2d6bd5b947edeca5c66fd23aa75850483338 + pristine_git_object: b25f4e0ac94e245a857476dea84ebf9be780fb1c src/cribl_control_plane/packs_hectokens.py: id: 9cf63557bac9 - last_write_checksum: sha1:aa8040a8e29b62318f995b18ae8d722775462ecc - pristine_git_object: cf126021492f47b9067efac0c64b94d23b8a720c + last_write_checksum: sha1:c15b17a4dc7fb17d98f530f72f0181db146f16a6 + pristine_git_object: 4ac4ddf7601e26f4f71a90d821818271e98658e3 src/cribl_control_plane/packs_pipelines.py: id: 674c9511ec91 - last_write_checksum: sha1:41832a0b821f2e14b08e63844b51bcde20693ade - pristine_git_object: 54edf96aa802f3fe50a848c66da896aae54f33f2 + last_write_checksum: sha1:0aeaa54bee976db8e99d42efe61eb470cbab11de + pristine_git_object: a6b1ba721828c23fe8e6b046081535e23d3065a1 src/cribl_control_plane/packs_routes.py: id: 6f322a6e1e21 - last_write_checksum: sha1:d0a3f6ea6aa3297a294a18fda3f9fc390c138cb3 - pristine_git_object: 47fc48268fd131c79e7bb225e1c95eb7cbf272bb + last_write_checksum: sha1:d38624de2e8e79a9d987f53d928c7f08d6a422db + pristine_git_object: 0aac6bb88f3be5df9987b39b9ff311a47dab7896 src/cribl_control_plane/packs_samples.py: id: 5d0ef82251bf - last_write_checksum: sha1:1eff3645dc50985da7d926059fd1c6cb832291d4 - pristine_git_object: 7240d15801b9149266ddba797f9fbbeec7768033 + last_write_checksum: sha1:57a2e8f8b360e64bf6c1cac20dc0df8a82da07f2 + pristine_git_object: 5cdb46d061cf17e78feaf36c1a23baeaca3b4e9a src/cribl_control_plane/packs_sources.py: id: 501249caef46 - last_write_checksum: sha1:308b819ced79c4ec79092e3b1cb8de35f4c091e9 - pristine_git_object: cf65ea8edb82032dcc303302c35a49133e1df402 + last_write_checksum: sha1:94fbd6de0597b96bdbbab972d8b6de5cced2f761 + pristine_git_object: b6cbf95981b5e95b21181e721980befdcca36a86 src/cribl_control_plane/packs_sources_pq.py: id: 4bee3b051119 last_write_checksum: sha1:f4690b0846d6639e2a33a8799aea056f7a8badb3 pristine_git_object: 97afc6a9860e90f54e1d25499f3cc4d75cb8b7f0 src/cribl_control_plane/packs_sources_statuses.py: id: 8af1e98f4cb6 - last_write_checksum: sha1:c20eb9f1a0d110cf6c20db729bb8355d451b9004 - pristine_git_object: 62281faa0579eede8e3c50d7309f04db99caf0ee + last_write_checksum: sha1:2f490d1d86c8b70c0a546d5323c88242e193237f + pristine_git_object: c254147be373ebef019f00b70d47b851e4c5f3b9 src/cribl_control_plane/pipelines.py: id: dc1a703eab78 - last_write_checksum: sha1:5b87d3e5998678feee252edff24c18a624419de4 - pristine_git_object: be963924c52491f53c9bf42bea48630db3dbf8eb + last_write_checksum: sha1:a810977c2bc7a2c28b15dfef88d6238ef8f20320 + pristine_git_object: 4dced206457320946114e91d40340be98ebff7c5 src/cribl_control_plane/py.typed: id: d1e7cfa63a0b last_write_checksum: sha1:8efc425ffe830805ffcc0f3055871bdcdc542c60 pristine_git_object: 3e38f1a929f7d6b1d6de74604aa87e3d8f010544 src/cribl_control_plane/routes_sdk.py: id: d47e5614f00e - last_write_checksum: sha1:b5a2650606fc7ccf34a7fcf6b19d018091230708 - pristine_git_object: c5ee7bee9538e6b75fbacd63bde358f7a963362c + last_write_checksum: sha1:ead44ad21354e26fed23705ed05e5d4022801220 + pristine_git_object: b248bfa3ea18fde95877a08c055e9845ab029f95 src/cribl_control_plane/samples.py: id: 18147abe7c06 - last_write_checksum: sha1:19376e821796f2d21912dcdbac70fda903bb766e - pristine_git_object: 147b8d8a6236e309497b178cf3e74d59fe1b4981 + last_write_checksum: sha1:60b15e8f38e4ddf0336a6b8d84fff69299663207 + pristine_git_object: 4996acb6f692090d17583a8779b34b5e63b568bd src/cribl_control_plane/sdk.py: id: ee02d2b5889e - last_write_checksum: sha1:ef4f5f9ff1a489b414cf73afd851b442610741a9 - pristine_git_object: 765b05b94270e0e08ff4cb32b19387af0cb14d7a + last_write_checksum: sha1:bbe94831d3f126bd8ff257742e9eddf042f9a5ab + pristine_git_object: 7cd8f6fed944cb3e72c0afdf14a8290dfd1cabc8 src/cribl_control_plane/sdkconfiguration.py: id: bfdcc08a1a6c last_write_checksum: sha1:f87d743f3634a7876872f45919e6f48538fa72c4 pristine_git_object: 2ac8c7744309f06fbb3faefa3cd708346f3dc406 src/cribl_control_plane/settings.py: id: 346a076742dd - last_write_checksum: sha1:d7ac6e99567484473179a39034105b3412e31cc4 - pristine_git_object: 7011e534eb80de6cb0c6c6a45ad95e57cc2189ed + last_write_checksum: sha1:2acb0959cf9288aa4467ec004846863d65516c4b + pristine_git_object: ebc2e5f28649cafee03a22b39a8af2b7c2de1f93 src/cribl_control_plane/sources.py: id: 51c4b88fc5fb - last_write_checksum: sha1:296b6b7ed8e48bd46cb4c97d0e0e6809070a60ea - pristine_git_object: 9e0cc6e7990f178248e0a688ab9e23fa8a2f2c88 + last_write_checksum: sha1:6b0690f509cc3f79c133aef96ea4bbac05ff7ebc + pristine_git_object: ca250dd172699c39be0abef055e42b3f84a34d90 src/cribl_control_plane/sources_pq.py: id: f83af0610b37 - last_write_checksum: sha1:5b1a0cb61a28c5019eefa44e73083346623248d6 - pristine_git_object: 74e452ecd00f2cf0ca58205f63ad71fd8db3fb36 + last_write_checksum: sha1:45d9dbd14463918fc6a7e4552bfc33d709f67d81 + pristine_git_object: acecc6b70cdbae0a5d1181d3abd019e526569a86 src/cribl_control_plane/sources_statuses.py: id: b33d5c30a8f7 - last_write_checksum: sha1:67b15b94e75f5e0bdc0b69e0fe654aedda27b0a4 - pristine_git_object: dec13f9255ff1f7c40158c7f9153864984674532 + last_write_checksum: sha1:cd1906a31a45622b66e19cb45fb52c9b14f5956e + pristine_git_object: 3e5c86476a1e5f2e0217eaf28bd4e0de7d5c3666 src/cribl_control_plane/summaries.py: id: 7a0e86f2b16e - last_write_checksum: sha1:8f4a1416b85b85f5cf17d50834443e6175d1f0dc - pristine_git_object: 8f14c2c259b6b80448595dcb721e106b07a2ed84 + last_write_checksum: sha1:e812ccb6f704f197b64ff5ac52aec31aa681a48f + pristine_git_object: 9f2c5dd894d310e3bd8de3b8ca50d99e6da2c992 src/cribl_control_plane/system_sdk.py: id: 8bb841f702c6 last_write_checksum: sha1:f89e447ea59d7fd83c4a6c77eed7f2aaf8a5fcc4 @@ -20048,12 +20228,16 @@ trackedFiles: pristine_git_object: 4b59c72e08dfa79ddcca758bf46befdafd828203 src/cribl_control_plane/tokens.py: id: "286841425817" - last_write_checksum: sha1:3bb787fcc36d717251b09e180f8481fccf92fc4d - pristine_git_object: fcc499163cb1334a4053c5490da663f13dc9d6f3 + last_write_checksum: sha1:225e8d58c41ca5172b0b52369a9eb5ff1b793eed + pristine_git_object: 268fe919bd6579ba21e867d2c549d9f20d97d848 src/cribl_control_plane/types/__init__.py: id: 4b9154594b49 - last_write_checksum: sha1:140ebdd01a46f92ffc710c52c958c4eba3cf68ed - pristine_git_object: fc76fe0c5505e29859b5d2bb707d48fd27661b8c + last_write_checksum: sha1:f9ad14217f832e74f594285960125add50324be9 + pristine_git_object: faa268137bc01c9d08cfadc4797017db48747a96 + src/cribl_control_plane/types/base64fileinput.py: + id: 870bde8c30da + last_write_checksum: sha1:1522687ae3398374c35710cad993a6e82b5ab99d + pristine_git_object: 862566fe2b1db830276b390e136e65090e5963d2 src/cribl_control_plane/types/basemodel.py: id: 77c4cfb7e722 last_write_checksum: sha1:10d84aedeb9d35edfdadf2c3020caa1d24d8b584 @@ -20080,12 +20264,12 @@ trackedFiles: pristine_git_object: 3324e1bc2668c54c4d5f5a1a845675319757a828 src/cribl_control_plane/utils/eventstreaming.py: id: 321b65452a6c - last_write_checksum: sha1:620d78a8b4e3b854e08d136e02e40a01a786bd70 - pristine_git_object: 3bdcd6d3d4fc772cb7f5fca8685dcdc8c85e13e8 + last_write_checksum: sha1:7d1dc68f8b48486ab646653aa05cc38752e1f912 + pristine_git_object: a8d4fe5cc88d3c7337339e1b36a61bbf7ca8c4eb src/cribl_control_plane/utils/forms.py: id: fc51b8eb462b - last_write_checksum: sha1:15fa7e9ab1611e062a9984cf06cb20969713d295 - pristine_git_object: f961e76beaf0a8b1fe0dda44754a74eebd3608e7 + last_write_checksum: sha1:a971cdb120ad3d416d296d5d0ad89e4808350a7f + pristine_git_object: fdf0dc9b2a67bca773eefe6b471498cccaa83424 src/cribl_control_plane/utils/headers.py: id: ee5b772f3aec last_write_checksum: sha1:7c6df233ee006332b566a8afa9ce9a245941d935 @@ -20108,24 +20292,24 @@ trackedFiles: pristine_git_object: c04e0db82b68eca041f2cb2614d748fbac80fd41 src/cribl_control_plane/utils/requestbodies.py: id: c09e0af336b5 - last_write_checksum: sha1:41e2d2d2d3ecc394c8122ca4d4b85e1c3e03f054 - pristine_git_object: 1de32b6d26f46590232f398fdba6ce0072f1659c + last_write_checksum: sha1:e1fef575283b7fe7fe2ad392dbbb3fb105309124 + pristine_git_object: 591415af8e64baa410627b507d2740afb5387d13 src/cribl_control_plane/utils/retries.py: id: 33a7d7545e57 - last_write_checksum: sha1:471372f5c5d1dd5583239c9cf3c75f1b636e5d87 - pristine_git_object: af07d4e941007af4213c5ec9047ef8a2fca04e5e + last_write_checksum: sha1:3585b891142f30a597fbf7a2f0340700babef8e4 + pristine_git_object: ca7b59efebbbd9545744d0207ef42725c4cc5143 src/cribl_control_plane/utils/security.py: id: e07fa3288aac last_write_checksum: sha1:cb4aa1d8a8315558b97f7bb409ff0f48ffd6514b pristine_git_object: 8c49f72f4c3ec30286f1dd2a15506b9d72ffe610 src/cribl_control_plane/utils/serializers.py: id: 1fd5c84e2b79 - last_write_checksum: sha1:61009f2e4ef6613a1a5af813fe020373dae5a492 - pristine_git_object: d2149f8b909cb96628db140ac3cddb1b1e981367 + last_write_checksum: sha1:7485f1425b0661fd84836186570df90207eec6af + pristine_git_object: 1031ed930bad5ece220cf7416a56c29f40f0588b src/cribl_control_plane/utils/unions.py: id: 24d13b85b9c8 - last_write_checksum: sha1:6e38049f323e0b5fb4bd0e88ab51ec447197ccb0 - pristine_git_object: a227f4e87be22fce682fcae5813b71835199ec5e + last_write_checksum: sha1:cd6201e6f43c51545a32f5bd4ac9f508e1ba0c29 + pristine_git_object: 2434640235f9607bd894361dcba872ceb5b26533 src/cribl_control_plane/utils/unmarshal_json_response.py: id: cb2f8bf22326 last_write_checksum: sha1:4febf7bb9e45b52fbdb13726f3bdcfa18cf5360f @@ -20140,8 +20324,8 @@ trackedFiles: pristine_git_object: dae01a44384ac3bc13ae07453a053bf6c898ebe3 src/cribl_control_plane/versions.py: id: 5130c5ac7d58 - last_write_checksum: sha1:37d11dcec7347cf2b44d1cd71f41b4f4dd26479f - pristine_git_object: 876be9a93603d8fa53a9c98f0fa05387d3ae388f + last_write_checksum: sha1:d58d56b93d40cd30afe03b165edcfa336c109b87 + pristine_git_object: 030038d11c357c6fa0aecf920c7476f4d5d825b1 src/cribl_control_plane/versions_configs.py: id: de8dfbc9fdbe last_write_checksum: sha1:489450f3e6e5327f0cff0e4722f1e3e23e733a3e @@ -21481,858 +21665,932 @@ examples: application/json: {} "500": application/json: {} - deleteInputById: - speakeasy-default-delete-input-by-id: + UpdateInputExamplesAnthropicCompliance: parameters: path: id: "" + requestBody: + application/json: {"id": "anthropic-compliance-source", "type": "anthropic_compliance", "sendToRoutes": true, "pqEnabled": false, "textSecret": "anthropic-api-key-secret", "contentConfig": [{"contentType": "activities", "contentDescription": "Compliance Activities", "enabled": true, "stateTracking": true, "stateUpdateExpression": "__timestampExtracted !== false && {latestTime: (state.latestTime || 0) > _time ? state.latestTime : _time}", "stateMergeExpression": "prevState.latestTime > newState.latestTime ? prevState : newState", "cronSchedule": "*/5 * * * *", "earliest": "-7d@d", "latest": "now", "jobTimeout": "300"}]} responses: "200": application/json: {} "500": application/json: {} - createInputHecTokenById: - speakeasy-default-create-input-hec-token-by-id: + UpdateInputExamplesAppleUnifiedLogs: parameters: path: id: "" requestBody: - application/json: {"token": ""} + application/json: {"id": "apple-unified-logs-source", "type": "apple_unified_logs", "sendToRoutes": true, "pqEnabled": false, "predicate": "subsystem == \"com.apple.security\""} responses: "200": application/json: {} "500": application/json: {} - HecTokenExamplesHecToken: + UpdateInputExamplesAppscope: parameters: path: id: "" requestBody: - application/json: {"enabled": true, "metadata": [{"name": "fieldX", "value": "valueX"}], "token": "12345678901"} + application/json: {"id": "appscope-source", "type": "appscope", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 9109} responses: "200": application/json: {} "500": application/json: {} - HecTokenExamplesHecTokenWithIndexAccess: + UpdateInputExamplesAzureBlob: parameters: path: id: "" requestBody: - application/json: {"allowedIndexesAtToken": ["myIndex6"], "enabled": true, "token": "12345678901"} + application/json: {"id": "azure-blob-source", "type": "azure_blob", "sendToRoutes": true, "pqEnabled": false, "queueName": "azure-blob-queue"} responses: "200": application/json: {} "500": application/json: {} - updateInputHecTokenByIdAndToken: - speakeasy-default-update-input-hec-token-by-id-and-token: + UpdateInputExamplesCloudflareHec: parameters: path: id: "" - token: "" requestBody: - application/json: {} + application/json: {"id": "cloudflare-hec-source", "type": "cloudflare_hec", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8088, "hecAPI": "/services/collector"} responses: "200": application/json: {} "500": application/json: {} - HecTokenExamplesHecToken: + UpdateInputExamplesConfluentCloud: parameters: path: id: "" - token: "" requestBody: - application/json: {"enabled": true, "metadata": [{"name": "fieldX", "value": "valueX"}]} + application/json: {"id": "confluent-cloud-source", "type": "confluent_cloud", "sendToRoutes": true, "pqEnabled": false, "brokers": ["pkc-xxxxx.us-east-1.aws.confluent.cloud:9092"], "topics": ["logs"]} responses: "200": application/json: {} "500": application/json: {} - HecTokenExamplesHecTokenWithIndexAccess: + UpdateInputExamplesCollection: parameters: path: id: "" - token: "" requestBody: - application/json: {"allowedIndexesAtToken": ["myIndex6"], "enabled": true} + application/json: {"id": "collection-source", "type": "collection", "sendToRoutes": true, "pqEnabled": false} responses: "200": application/json: {} "500": application/json: {} - listOutput: - speakeasy-default-list-output: + UpdateInputExamplesCribl: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "cribl-source", "type": "cribl", "sendToRoutes": true, "pqEnabled": false} responses: "200": application/json: {} "500": application/json: {} - createOutput: - speakeasy-default-create-output: + UpdateInputExamplesCriblHttp: + parameters: + path: + id: "" requestBody: - application/json: {"id": "", "type": "elastic_cloud", "pipeline": "", "systemFields": ["", ""], "environment": "", "streamtags": [""], "url": "https://probable-rationale.com/", "index": "", "concurrency": 5, "maxPayloadSizeKB": 4096, "maxPayloadEvents": 0, "compress": true, "rejectUnauthorized": true, "timeoutSec": 30, "flushPeriodSec": 1, "extraHttpHeaders": [{"name": "", "value": ""}], "failedRequestLoggingMode": "none", "safeHeaders": ["", ""], "extraParams": [{"name": "", "value": ""}], "auth": {"disabled": false, "username": "Imogene1", "password": "tA9DUjJtHSnXqh9", "authType": "manual", "credentialsSecret": "", "manualAPIKey": "", "textSecret": ""}, "elasticPipeline": "", "includeDocId": true, "responseRetrySettings": [{"httpStatus": 7295.73, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 10000}], "timeoutRetrySettings": {"timeoutRetry": false, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 10000}, "responseHonorRetryAfterHeader": false, "onBackpressure": "block", "description": "hourly about into", "pqStrictOrdering": true, "pqRatePerSec": 0, "pqMode": "error", "pqMaxBufferSize": 42, "pqMaxBackpressureSec": 30, "pqMaxFileSize": "1 MB", "pqMaxSize": "5GB", "pqPath": "$CRIBL_HOME/state/queues", "pqCompress": "none", "pqOnBackpressure": "block", "pqControls": {}} + application/json: {"id": "cribl-http-source", "type": "cribl_http", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesTcpjson: + UpdateInputExamplesCriblLakeHttp: + parameters: + path: + id: "" requestBody: - application/json: {"id": "tcpjson-output", "type": "tcpjson", "host": "localhost", "port": 10090} + application/json: {"id": "cribl-lake-http-source", "type": "cribl_lake_http", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSplunk: + UpdateInputExamplesCriblMetrics: + parameters: + path: + id: "" requestBody: - application/json: {"id": "splunk-output", "type": "splunk", "host": "localhost", "port": 9997} + application/json: {"id": "cribl-metrics-source", "type": "criblmetrics", "sendToRoutes": true, "pqEnabled": false} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSplunkLb: + UpdateInputExamplesCriblTcp: + parameters: + path: + id: "" requestBody: - application/json: {"id": "splunk-lb-output", "type": "splunk_lb", "hosts": [{"host": "localhost", "port": 9997}]} + application/json: {"id": "cribl-tcp-source", "type": "cribl_tcp", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10090} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSplunkHec: + UpdateInputExamplesCrowdstrike: + parameters: + path: + id: "" requestBody: - application/json: {"id": "splunk-hec-output", "type": "splunk_hec"} + application/json: {"id": "crowdstrike-source", "type": "crowdstrike", "sendToRoutes": true, "pqEnabled": false, "queueName": "crowdstrike-queue", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSyslog: + UpdateInputExamplesDatadogAgent: + parameters: + path: + id: "" requestBody: - application/json: {"id": "syslog-output", "type": "syslog", "host": "localhost", "port": 514} + application/json: {"id": "datadog-agent-source", "type": "datadog_agent", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8126} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesFilesystem: + UpdateInputExamplesDatagen: + parameters: + path: + id: "" requestBody: - application/json: {"id": "filesystem-output", "type": "filesystem", "destPath": "/var/log/output"} + application/json: {"id": "datagen-source", "type": "datagen", "sendToRoutes": true, "pqEnabled": false, "samples": [{"sample": "sample.json", "eventsPerSec": 10}]} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesS3: + UpdateInputExamplesEdgePrometheus: + parameters: + path: + id: "" requestBody: - application/json: {"id": "s3-output", "type": "s3", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging"} + application/json: {"id": "edge-prometheus-source", "type": "edge_prometheus", "sendToRoutes": true, "pqEnabled": false, "discoveryType": "static", "interval": 60, "targets": [{"host": "localhost"}]} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesAzureBlob: + UpdateInputExamplesElastic: + parameters: + path: + id: "" requestBody: - application/json: {"id": "azure-blob-output", "type": "azure_blob", "containerName": "my-container", "stagePath": "/tmp/staging"} + application/json: {"id": "elastic-source", "type": "elastic", "sendToRoutes": true, "pqEnabled": false, "host": "localhost", "port": 9200, "elasticAPI": "/"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesAzureDataExplorer: + UpdateInputExamplesEventhub: + parameters: + path: + id: "" requestBody: - application/json: {"id": "azure-data-explorer-output", "type": "azure_data_explorer", "clusterUrl": "https://mycluster.kusto.windows.net", "database": "mydatabase", "table": "mytable", "ingestMode": "streaming", "oauthEndpoint": "https://login.microsoftonline.com", "tenantId": "tenant-id", "clientId": "client-id", "scope": "https://mycluster.kusto.windows.net/.default", "oauthType": "clientSecret", "clientSecret": "client-secret", "format": "json", "compress": "gzip"} + application/json: {"id": "eventhub-source", "type": "eventhub", "sendToRoutes": true, "pqEnabled": false, "brokers": ["myeventhub.servicebus.windows.net:9093"], "topics": ["logs"]} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSentinel: + UpdateInputExamplesEventhubAmqp: + parameters: + path: + id: "" requestBody: - application/json: {"id": "sentinel-output", "type": "sentinel", "loginUrl": "https://login.microsoftonline.com", "secret": "client-secret", "client_id": "client-id", "endpointURLConfiguration": "url", "url": "https://your-workspace.ingest.monitor.azure.com"} + application/json: {"id": "eventhub-amqp-source", "type": "eventhub_amqp", "sendToRoutes": true, "pqEnabled": false, "eventHubName": "my-event-hub", "consumerGroup": "$Default", "checkpointing": {"blobStore": {"containerName": "my-container"}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesAzureLogs: + UpdateInputExamplesExec: + parameters: + path: + id: "" requestBody: - application/json: {"id": "azure-logs-output", "type": "azure_logs", "logType": "Cribl", "authType": "manual", "workspaceId": "workspace-id", "workspaceKey": "workspace-key"} + application/json: {"id": "exec-source", "type": "exec", "sendToRoutes": true, "pqEnabled": false, "command": "echo \"Hello World\"", "interval": 60} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesKafka: + UpdateInputExamplesFile: + parameters: + path: + id: "" requestBody: - application/json: {"id": "kafka-output", "type": "kafka", "brokers": ["localhost:9092"], "topic": "logs"} + application/json: {"id": "file-source", "type": "file", "sendToRoutes": true, "pqEnabled": false, "mode": "manual"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesConfluentCloud: + UpdateInputExamplesFirehose: + parameters: + path: + id: "" requestBody: - application/json: {"id": "confluent-cloud-output", "type": "confluent_cloud", "brokers": ["pkc-xxxxx.us-east-1.aws.confluent.cloud:9092"], "topic": "logs"} + application/json: {"id": "firehose-source", "type": "firehose", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesMsk: + UpdateInputExamplesGrafana: + parameters: + path: + id: "" requestBody: - application/json: {"id": "msk-output", "type": "msk", "brokers": ["b-1.example.xxxxx.c2.kafka.us-east-1.amazonaws.com:9092"], "topic": "logs", "awsAuthenticationMethod": "auto", "region": "us-east-1"} + application/json: {"id": "grafana-source", "type": "grafana", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080, "prometheusAPI": "/api/prom/push"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesKinesis: + UpdateInputExamplesGooglePubsub: + parameters: + path: + id: "" requestBody: - application/json: {"id": "kinesis-output", "type": "kinesis", "streamName": "my-stream", "region": "us-east-1"} + application/json: {"id": "google-pubsub-source", "type": "google_pubsub", "sendToRoutes": true, "pqEnabled": false, "topicName": "my-topic", "subscriptionName": "my-subscription"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesElastic: + UpdateInputExamplesHttp: + parameters: + path: + id: "" requestBody: - application/json: {"id": "elastic-output", "type": "elastic", "index": "logs"} + application/json: {"id": "http-source", "type": "http", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesElasticCloud: + UpdateInputExamplesHttpRaw: + parameters: + path: + id: "" requestBody: - application/json: {"id": "elastic-cloud-output", "type": "elastic_cloud", "url": "my-cloud-id", "index": "logs"} + application/json: {"id": "http-raw-source", "type": "http_raw", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesMicrosoftFabric: + UpdateInputExamplesJournalFiles: + parameters: + path: + id: "" requestBody: - application/json: {"id": "microsoft-fabric-output", "type": "microsoft_fabric", "topic": "logs", "bootstrap_server": "myeventstream.servicebus.windows.net:9093"} + application/json: {"id": "journal-files-source", "type": "journal_files", "sendToRoutes": true, "pqEnabled": false, "path": "/var/log/journal", "journals": ["system"]} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesCloudflareR2: + UpdateInputExamplesKafka: + parameters: + path: + id: "" requestBody: - application/json: {"id": "cloudflare-r2-output", "type": "cloudflare_r2", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://account-id.r2.cloudflarestorage.com"} + application/json: {"id": "kafka-source", "type": "kafka", "sendToRoutes": true, "pqEnabled": false, "brokers": ["localhost:9092"], "topics": ["logs"]} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesHoneycomb: + UpdateInputExamplesKinesis: + parameters: + path: + id: "" requestBody: - application/json: {"id": "honeycomb-output", "type": "honeycomb", "dataset": "my-dataset"} + application/json: {"id": "kinesis-source", "type": "kinesis", "sendToRoutes": true, "pqEnabled": false, "streamName": "my-stream", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesNewrelic: + UpdateInputExamplesKubeEvents: + parameters: + path: + id: "" requestBody: - application/json: {"id": "newrelic-output", "type": "newrelic", "apiKey": "your-api-key"} + application/json: {"id": "kube-events-source", "type": "kube_events", "sendToRoutes": true, "pqEnabled": false} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesNewrelicEvents: + UpdateInputExamplesKubeLogs: + parameters: + path: + id: "" requestBody: - application/json: {"id": "newrelic-events-output", "type": "newrelic_events", "accountId": "123456", "eventType": "CriblEvent", "apiKey": "your-api-key"} + application/json: {"id": "kube-logs-source", "type": "kube_logs", "sendToRoutes": true, "pqEnabled": false} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSnmp: + UpdateInputExamplesKubeMetrics: + parameters: + path: + id: "" requestBody: - application/json: {"id": "snmp-output", "type": "snmp", "hosts": [{"host": "192.168.1.1", "port": 161}]} + application/json: {"id": "kube-metrics-source", "type": "kube_metrics", "sendToRoutes": true, "pqEnabled": false} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesInfluxdb: + UpdateInputExamplesLoki: + parameters: + path: + id: "" requestBody: - application/json: {"id": "influxdb-output", "type": "influxdb", "url": "http://localhost:8086", "database": "mydb"} + application/json: {"id": "loki-source", "type": "loki", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080, "lokiAPI": "/loki/api/v1/push"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesMinio: + UpdateInputExamplesMetrics: + parameters: + path: + id: "" requestBody: - application/json: {"id": "minio-output", "type": "minio", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "http://localhost:9000"} + application/json: {"id": "metrics-source", "type": "metrics", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "udpPort": 8125} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesCloudwatch: + UpdateInputExamplesModelDrivenTelemetry: + parameters: + path: + id: "" requestBody: - application/json: {"id": "cloudwatch-output", "type": "cloudwatch", "logGroupName": "my-log-group", "logStreamName": "my-log-stream", "region": "us-east-1"} + application/json: {"id": "mdt-source", "type": "model_driven_telemetry", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 57000} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesAzureEventhub: + UpdateInputExamplesMsk: + parameters: + path: + id: "" requestBody: - application/json: {"id": "azure-eventhub-output", "type": "azure_eventhub", "brokers": ["myeventhub.servicebus.windows.net:9093"], "topic": "logs"} + application/json: {"id": "msk-source", "type": "msk", "sendToRoutes": true, "pqEnabled": false, "brokers": ["b-1.example.xxxxx.c2.kafka.us-east-1.amazonaws.com:9092"], "topics": ["logs"], "awsAuthenticationMethod": "auto", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesStatsd: + UpdateInputExamplesNetflow: + parameters: + path: + id: "" requestBody: - application/json: {"id": "statsd-output", "type": "statsd", "protocol": "udp", "host": "localhost", "port": 8125} + application/json: {"id": "netflow-source", "type": "netflow", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 2055} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesStatsdExt: + UpdateInputExamplesOffice365Mgmt: + parameters: + path: + id: "" requestBody: - application/json: {"id": "statsd-ext-output", "type": "statsd_ext", "protocol": "udp", "host": "localhost", "port": 8125} + application/json: {"id": "office365-mgmt-source", "type": "office365_mgmt", "sendToRoutes": true, "pqEnabled": false, "planType": "enterprise_gcc", "tenantId": "tenant-id", "appId": "app-id"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesGraphite: + UpdateInputExamplesMicrosoftGraph: + parameters: + path: + id: "" requestBody: - application/json: {"id": "graphite-output", "type": "graphite", "protocol": "tcp", "host": "localhost", "port": 2003} + application/json: {"id": "microsoft-graph-source", "type": "microsoft_graph", "sendToRoutes": true, "pqEnabled": false, "url": "https://graph.microsoft.com/v1.0/admin/exchange/tracing/messageTraces", "interval": 15} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesWavefront: + UpdateInputExamplesOffice365MsgTrace: + parameters: + path: + id: "" requestBody: - application/json: {"id": "wavefront-output", "type": "wavefront", "domain": "longboard", "token": "your-token"} + application/json: {"id": "office365-msg-trace-source", "type": "office365_msg_trace", "sendToRoutes": true, "pqEnabled": false, "url": "https://reports.office365.com/ecp/reportingwebservice/reporting.svc/MessageTrace", "interval": 15} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSignalfx: + UpdateInputExamplesOffice365Service: + parameters: + path: + id: "" requestBody: - application/json: {"id": "signalfx-output", "type": "signalfx", "realm": "us0", "token": "your-token"} + application/json: {"id": "office365-service-source", "type": "office365_service", "sendToRoutes": true, "pqEnabled": false, "tenantId": "tenant-id", "appId": "app-id"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSqs: + UpdateInputExamplesOkta: + parameters: + path: + id: "" requestBody: - application/json: {"id": "sqs-output", "type": "sqs", "queueName": "my-queue", "queueType": "standard", "region": "us-east-1"} + application/json: {"id": "okta-source", "type": "okta", "sendToRoutes": true, "pqEnabled": false, "oktaDomain": "your-org", "textSecret": "okta-api-token-secret", "cronSchedule": "*/5 * * * *", "earliest": "-7d@d", "latest": "now"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesGoogleCloudStorage: + UpdateInputExamplesOpenAI: + parameters: + path: + id: "" requestBody: - application/json: {"id": "google-cloud-storage-output", "type": "google_cloud_storage", "bucket": "my-bucket", "region": "us-east1", "endpoint": "https://storage.googleapis.com", "stagePath": "/tmp/staging"} + application/json: {"id": "openai-source", "type": "openai", "sendToRoutes": true, "pqEnabled": false, "contentConfig": [{"disabled": false, "requestParams": [{"name": "effective_at[gt]", "value": "`${Math.round(Date.now()/1000 - 3600)}`"}, {"name": "limit", "value": "100"}], "paginationType": "response_body", "paginationAttribute": ["last_id"], "paginationLastPageExpr": "has_more === false", "cronSchedule": "0 * * * *", "earliest": "-1h", "latest": "now"}], "textSecret": "openai-api-key-secret"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSumoLogic: + UpdateInputExamplesOpenAIComplianceLogs: + parameters: + path: + id: "" requestBody: - application/json: {"id": "sumo-logic-output", "type": "sumo_logic", "url": "https://endpoint1.collection.us2.sumologic.com"} + application/json: {"id": "openai-compliance-logs-source", "type": "openai_compliance_logs", "sendToRoutes": true, "pqEnabled": false, "textSecret": "openai-api-key-secret", "accountType": "workspace", "cronSchedule": "*/15 * * * *", "earliest": "-1h", "latest": "now", "workspaceId": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee", "workspaceEventTypes": ["AUDIT_LOG", "AUTH_LOG"]} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesDatadog: + UpdateInputExamplesOpenTelemetry: + parameters: + path: + id: "" requestBody: - application/json: {"id": "datadog-output", "type": "datadog", "apiKey": "your-api-key"} + application/json: {"id": "otel-source", "type": "open_telemetry", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 4317} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesWebhook: + UpdateInputExamplesPrometheus: + parameters: + path: + id: "" requestBody: - application/json: {"id": "webhook-output", "type": "webhook", "url": "https://example.com/webhook"} + application/json: {"id": "prometheus-source", "type": "prometheus", "sendToRoutes": true, "pqEnabled": false, "discoveryType": "static", "interval": 60, "logLevel": "info", "targetList": ["http://localhost:9090/metrics"]} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesPrometheus: + UpdateInputExamplesPrometheusRw: + parameters: + path: + id: "" requestBody: - application/json: {"id": "prometheus-output", "type": "prometheus", "url": "http://localhost:9091/api/v1/write"} + application/json: {"id": "prometheus-rw-source", "type": "prometheus_rw", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080, "prometheusAPI": "/write"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesGooglePubsub: + UpdateInputExamplesRawUdp: + parameters: + path: + id: "" requestBody: - application/json: {"id": "google-pubsub-output", "type": "google_pubsub", "topicName": "my-topic"} + application/json: {"id": "raw-udp-source", "type": "raw_udp", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 514} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesGoogleChronicle: + UpdateInputExamplesS3: + parameters: + path: + id: "" requestBody: - application/json: {"id": "google-chronicle-output", "type": "google_chronicle", "logFormatType": "unstructured", "region": "us", "customerId": "customer-id"} + application/json: {"id": "s3-source", "type": "s3", "sendToRoutes": true, "pqEnabled": false, "queueName": "s3-notifications-queue", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesChronicle: + UpdateInputExamplesS3Inventory: + parameters: + path: + id: "" requestBody: - application/json: {"id": "chronicle-output", "type": "chronicle", "region": "us", "logType": "UNKNOWN", "gcpProjectId": "my-project", "gcpInstance": "customer-id"} + application/json: {"id": "s3-inventory-source", "type": "s3_inventory", "sendToRoutes": true, "pqEnabled": false, "queueName": "s3-inventory-queue", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesGrafanaCloud: + UpdateInputExamplesSecurityLake: + parameters: + path: + id: "" requestBody: - application/json: {"id": "grafana-cloud-output", "type": "grafana_cloud", "lokiUrl": "https://logs-prod-us-central1.grafana.net"} + application/json: {"id": "security-lake-source", "type": "security_lake", "sendToRoutes": true, "pqEnabled": false, "queueName": "security-lake-queue", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesLoki: + UpdateInputExamplesServiceNowTable: + parameters: + path: + id: "" requestBody: - application/json: {"id": "loki-output", "type": "loki", "url": "http://localhost:3100/loki/api/v1/push"} + application/json: {"id": "servicenow-table-source", "type": "servicenow_table", "sendToRoutes": true, "pqEnabled": false, "instance": "https://example.service-now.com", "tableName": "incident", "fields": ["sys_id", "number", "short_description"], "pageSize": 10000, "cronSchedule": "0 * * * *", "earliest": "-1d", "latest": "now"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesOpenTelemetry: + UpdateInputExamplesSnmp: + parameters: + path: + id: "" requestBody: - application/json: {"id": "opentelemetry-output", "type": "open_telemetry", "endpoint": "http://localhost:4317"} + application/json: {"id": "snmp-source", "type": "snmp", "sendToRoutes": true, "pqEnabled": false, "host": "192.168.1.1", "port": 161} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesServiceNow: + UpdateInputExamplesSplunk: + parameters: + path: + id: "" requestBody: - application/json: {"id": "servicenow-output", "type": "service_now", "endpoint": "ingest.lightstep.com:443", "tokenSecret": "your-token-secret", "otlpVersion": "1.3.1", "protocol": "http"} + application/json: {"id": "splunk-source", "type": "splunk", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 9997} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesDynatraceOtlp: + UpdateInputExamplesSplunkHec: + parameters: + path: + id: "" requestBody: - application/json: {"id": "dynatrace-otlp-output", "type": "dynatrace_otlp", "protocol": "http", "endpoint": "https://your-environment.live.dynatrace.com/api/v2/otlp", "otlpVersion": "1.3.1", "endpointType": "saas", "tokenSecret": "your-token-secret"} + application/json: {"id": "splunk-hec-source", "type": "splunk_hec", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8088, "splunkHecAPI": "/services/collector"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSentinelOneAiSiem: + UpdateInputExamplesSplunkSearch: + parameters: + path: + id: "" requestBody: - application/json: {"id": "sentinel-one-ai-siem-output", "type": "sentinel_one_ai_siem", "region": "US", "endpoint": "/services/collector/event"} + application/json: {"id": "splunk-search-source", "type": "splunk_search", "sendToRoutes": true, "pqEnabled": false, "searchHead": "https://localhost:8089", "search": "index=main", "cronSchedule": "*/15 * * * *", "endpoint": "/services/search/v2/jobs/export", "outputMode": "json", "authType": "basic"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesDataset: + UpdateInputExamplesSqs: + parameters: + path: + id: "" requestBody: - application/json: {"id": "dataset-output", "type": "dataset"} + application/json: {"id": "sqs-source", "type": "sqs", "sendToRoutes": true, "pqEnabled": false, "queueName": "my-queue", "queueType": "standard", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesRing: + UpdateInputExamplesSyslog: + parameters: + path: + id: "" requestBody: - application/json: {"id": "ring-output", "type": "ring"} + application/json: {"id": "syslog-source", "type": "syslog", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "udpPort": 514} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesRouter: + UpdateInputExamplesSystemMetrics: + parameters: + path: + id: "" requestBody: - application/json: {"id": "router-output", "type": "router", "rules": [{"filter": "true", "output": "my-output"}]} + application/json: {"id": "system-metrics-source", "type": "system_metrics", "sendToRoutes": true, "pqEnabled": false} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesWizHec: + UpdateInputExamplesSystemState: + parameters: + path: + id: "" requestBody: - application/json: {"id": "wiz-hec-output", "type": "wiz_hec", "authType": "manual", "wiz_connector_id": "00000000-0000-0000-0000-000000000000", "wiz_environment": "test", "data_center": "us1", "wiz_sourcetype": "placeholder"} + application/json: {"id": "system-state-source", "type": "system_state", "sendToRoutes": true, "pqEnabled": false} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesHumioHec: + UpdateInputExamplesTcp: + parameters: + path: + id: "" requestBody: - application/json: {"id": "humio-hec-output", "type": "humio_hec", "url": "https://cloud.us.humio.com/api/v1/ingest/hec", "format": "JSON", "authType": "manual", "token": "your-token"} + application/json: {"id": "tcp-source", "type": "tcp", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10090} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesCrowdstrikeNextGenSiem: + UpdateInputExamplesTcpjson: + parameters: + path: + id: "" requestBody: - application/json: {"id": "crowdstrike-next-gen-siem-output", "type": "crowdstrike_next_gen_siem", "url": "https://ingest.us.crowdstrike.com/api/ingest/hec/connection-id/v1/services/collector", "format": "JSON", "authType": "manual", "token": "your-token"} + application/json: {"id": "tcpjson-source", "type": "tcpjson", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10090} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesCriblHttp: + UpdateInputExamplesWef: + parameters: + path: + id: "" requestBody: - application/json: {"id": "cribl-http-output", "type": "cribl_http"} + application/json: {"id": "wef-source", "type": "wef", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 5985, "subscriptions": [{"subscriptionName": "subscription-1", "contentFormat": "RenderedText", "heartbeatInterval": 60, "batchTimeout": 5, "targets": []}]} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesCriblTcp: + UpdateInputExamplesWinEventLogs: + parameters: + path: + id: "" requestBody: - application/json: {"id": "cribl-tcp-output", "type": "cribl_tcp", "host": "localhost", "port": 10090} + application/json: {"id": "win-event-logs-source", "type": "win_event_logs", "sendToRoutes": true, "pqEnabled": false, "logNames": ["Application", "System"]} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesCriblSearchEngine: + UpdateInputExamplesWindowsMetrics: + parameters: + path: + id: "" requestBody: - application/json: {"id": "cribl-search-engine-output", "type": "cribl_search_engine", "systemFields": ["cribl_pipe"], "streamtags": [], "loadBalanced": false, "tls": {"disabled": true}, "tokenTTLMinutes": 60, "excludeFields": ["__kube_*", "__metadata", "__winEvent"], "compression": "gzip", "concurrency": 5, "maxPayloadSizeKB": 4096, "maxPayloadEvents": 0, "rejectUnauthorized": true, "timeoutSec": 30, "flushPeriodSec": 1, "failedRequestLoggingMode": "none", "safeHeaders": [], "throttleRatePerSec": "0", "responseRetrySettings": [{"httpStatus": 401, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 20000}, {"httpStatus": 403, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 20000}, {"httpStatus": 408, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 429, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 500, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 502, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 503, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 504, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 509, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}], "timeoutRetrySettings": {"timeoutRetry": false}, "responseHonorRetryAfterHeader": true, "onBackpressure": "block", "useRoundRobinDns": true, "url": "https://0.0.0.0:10200"} + application/json: {"id": "windows-metrics-source", "type": "windows_metrics", "sendToRoutes": true, "pqEnabled": false} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesGoogleCloudLogging: + UpdateInputExamplesWiz: + parameters: + path: + id: "" requestBody: - application/json: {"id": "google-cloud-logging-output", "type": "google_cloud_logging", "logLocationType": "project", "logNameExpression": "my-log", "logLocationExpression": "my-project"} + application/json: {"id": "wiz-source", "type": "wiz", "sendToRoutes": true, "pqEnabled": false, "endpoint": "https://api.wiz.io", "authUrl": "https://auth.wiz.io/oauth/token", "clientId": "client-id", "contentConfig": []} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSns: + UpdateInputExamplesWizWebhook: + parameters: + path: + id: "" requestBody: - application/json: {"id": "sns-output", "type": "sns", "topicArn": "arn:aws:sns:us-east-1:123456789012:my-topic", "messageGroupId": "my-message-group", "region": "us-east-1"} + application/json: {"id": "wiz-webhook-source", "type": "wiz_webhook", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesDlS3: + UpdateInputExamplesZscalerHec: + parameters: + path: + id: "" requestBody: - application/json: {"id": "dl-s3-output", "type": "dl_s3", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging"} + application/json: {"id": "zscaler-hec-source", "type": "zscaler_hec", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8088, "hecAPI": "/services/collector"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSecurityLake: - requestBody: - application/json: {"id": "security-lake-output", "type": "security_lake", "assumeRoleArn": "arn:aws:iam::123456789012:role/my-role", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging", "accountId": "123456789012", "customSource": "my-custom-source"} + deleteInputById: + speakeasy-default-delete-input-by-id: + parameters: + path: + id: "" responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesCriblLake: + createInputHecTokenById: + speakeasy-default-create-input-hec-token-by-id: + parameters: + path: + id: "" requestBody: - application/json: {"id": "cribl-lake-output", "type": "cribl_lake"} + application/json: {"token": ""} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesExabeam: + HecTokenExamplesHecToken: + parameters: + path: + id: "" requestBody: - application/json: {"id": "exabeam-output", "type": "exabeam", "bucket": "my-bucket", "region": "us-east1", "stagePath": "/tmp/staging", "endpoint": "https://storage.googleapis.com", "collectorInstanceId": "11112222-3333-4444-5555-666677778888"} + application/json: {"enabled": true, "metadata": [{"name": "fieldX", "value": "valueX"}], "token": "12345678901"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesDiskSpool: + HecTokenExamplesHecTokenWithIndexAccess: + parameters: + path: + id: "" requestBody: - application/json: {"id": "disk-spool-output", "type": "disk_spool"} + application/json: {"allowedIndexesAtToken": ["myIndex6"], "enabled": true, "token": "12345678901"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesClickHouse: + updateInputHecTokenByIdAndToken: + speakeasy-default-update-input-hec-token-by-id-and-token: + parameters: + path: + id: "" + token: "" requestBody: - application/json: {"id": "clickhouse-output", "type": "click_house", "url": "http://localhost:8123/", "database": "mydb", "tableName": "mytable"} + application/json: {} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesXsiam: + HecTokenExamplesHecToken: + parameters: + path: + id: "" + token: "" requestBody: - application/json: {"id": "xsiam-output", "type": "xsiam"} + application/json: {"enabled": true, "metadata": [{"name": "fieldX", "value": "valueX"}]} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesNetflow: + HecTokenExamplesHecTokenWithIndexAccess: + parameters: + path: + id: "" + token: "" requestBody: - application/json: {"id": "netflow-output", "type": "netflow", "hosts": [{"host": "localhost", "port": 2055}]} + application/json: {"allowedIndexesAtToken": ["myIndex6"], "enabled": true} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesDynatraceHttp: - requestBody: - application/json: {"id": "dynatrace-http-output", "type": "dynatrace_http", "authType": "token", "format": "json_array", "endpoint": "cloud", "telemetryType": "logs", "token": "your-api-key"} + listOutput: + speakeasy-default-list-output: responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesDatabricks: + createOutput: + speakeasy-default-create-output: requestBody: - application/json: {"id": "databricks-output", "type": "databricks", "workspaceId": "your-workspace-id", "scope": "all-apis", "clientId": "your-client-id", "catalog": "main", "schema": "external", "eventsVolumeName": "events", "clientTextSecret": "your-client-secret"} + application/json: {"id": "", "type": "elastic_cloud", "pipeline": "", "systemFields": ["", ""], "environment": "", "streamtags": [""], "url": "https://probable-rationale.com/", "index": "", "concurrency": 5, "maxPayloadSizeKB": 4096, "maxPayloadEvents": 0, "compress": true, "rejectUnauthorized": true, "timeoutSec": 30, "flushPeriodSec": 1, "extraHttpHeaders": [{"name": "", "value": ""}], "failedRequestLoggingMode": "none", "safeHeaders": ["", ""], "extraParams": [{"name": "", "value": ""}], "auth": {"disabled": false, "username": "Imogene1", "password": "tA9DUjJtHSnXqh9", "authType": "manual", "credentialsSecret": "", "manualAPIKey": "", "textSecret": ""}, "elasticPipeline": "", "includeDocId": true, "responseRetrySettings": [{"httpStatus": 7295.73, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 10000}], "timeoutRetrySettings": {"timeoutRetry": false, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 10000}, "responseHonorRetryAfterHeader": false, "onBackpressure": "block", "description": "hourly about into", "pqStrictOrdering": true, "pqRatePerSec": 0, "pqMode": "error", "pqMaxBufferSize": 42, "pqMaxBackpressureSec": 30, "pqMaxFileSize": "1 MB", "pqMaxSize": "5GB", "pqPath": "$CRIBL_HOME/state/queues", "pqCompress": "none", "pqOnBackpressure": "block", "pqControls": {}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesLocalSearchStorage: + OutputCreateExamplesTcpjson: requestBody: - application/json: {"id": "local-search-storage-output", "type": "local_search_storage", "url": "http://localhost:8123/", "database": "default", "tableName": "mytable"} + application/json: {"id": "tcpjson-output", "type": "tcpjson", "host": "localhost", "port": 10090} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesNutanixObjects: + OutputCreateExamplesSplunk: requestBody: - application/json: {"id": "nutanix-objects-output", "type": "nutanix_objects", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://nutanix-objects.example.com"} + application/json: {"id": "splunk-output", "type": "splunk", "host": "localhost", "port": 9997} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesStorjS3: + OutputCreateExamplesSplunkLb: requestBody: - application/json: {"id": "storj-s3-output", "type": "storj_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://gateway.storjshare.io"} + application/json: {"id": "splunk-lb-output", "type": "splunk_lb", "hosts": [{"host": "localhost", "port": 9997}]} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesAlphasocS3: + OutputCreateExamplesSplunkHec: requestBody: - application/json: {"id": "alphasoc-s3-output", "type": "alphasoc_s3", "bucket": "events", "stagePath": "/tmp/staging", "endpoint": "https://s3.alphasoc.net"} + application/json: {"id": "splunk-hec-output", "type": "splunk_hec"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesdellS3: + OutputCreateExamplesSyslog: requestBody: - application/json: {"id": "dell-s3-output", "type": "dell_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://powerscale.example.com:9021"} + application/json: {"id": "syslog-output", "type": "syslog", "host": "localhost", "port": 514} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplescloudianS3: + OutputCreateExamplesFilesystem: requestBody: - application/json: {"id": "cloudian-s3-output", "type": "cloudian_s3", "endpoint": "https://s3.hyperstore.example.com", "bucket": "my-bucket", "stagePath": "/tmp/staging"} + application/json: {"id": "filesystem-output", "type": "filesystem", "destPath": "/var/log/output"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesscalityS3: + OutputCreateExamplesS3: requestBody: - application/json: {"id": "scality-s3-output", "type": "scality_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://s3.scality.example.com"} + application/json: {"id": "s3-output", "type": "s3", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesalibabaCloudS3: + OutputCreateExamplesAzureBlob: requestBody: - application/json: {"id": "alibaba-oss-output", "type": "alibaba_cloud_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://s3.oss-cn-hangzhou.aliyuncs.com"} + application/json: {"id": "azure-blob-output", "type": "azure_blob", "containerName": "my-container", "stagePath": "/tmp/staging"} responses: "200": application/json: {} "500": application/json: {} - getOutputById: - speakeasy-default-get-output-by-id: - parameters: - path: - id: "" + OutputCreateExamplesAzureDataExplorer: + requestBody: + application/json: {"id": "azure-data-explorer-output", "type": "azure_data_explorer", "clusterUrl": "https://mycluster.kusto.windows.net", "database": "mydatabase", "table": "mytable", "ingestMode": "streaming", "oauthEndpoint": "https://login.microsoftonline.com", "tenantId": "tenant-id", "clientId": "client-id", "scope": "https://mycluster.kusto.windows.net/.default", "oauthType": "clientSecret", "clientSecret": "client-secret", "format": "json", "compress": "gzip"} responses: "200": application/json: {} "500": application/json: {} - updateOutputById: - speakeasy-default-update-output-by-id: - parameters: - path: - id: "" + OutputCreateExamplesSentinel: requestBody: - application/json: {"id": "", "type": "signalfx", "pipeline": "", "systemFields": [""], "environment": "", "streamtags": ["", ""], "authType": "manual", "realm": "us0", "concurrency": 5, "maxPayloadSizeKB": 4096, "maxPayloadEvents": 0, "compress": true, "rejectUnauthorized": true, "timeoutSec": 30, "flushPeriodSec": 1, "extraHttpHeaders": [{"name": "", "value": ""}], "useRoundRobinDns": false, "failedRequestLoggingMode": "none", "safeHeaders": [""], "responseRetrySettings": [{"httpStatus": 2924.72, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 10000}], "timeoutRetrySettings": {"timeoutRetry": false, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 10000}, "responseHonorRetryAfterHeader": false, "onBackpressure": "block", "description": "phooey positively a consequently meh until", "token": "", "textSecret": "", "pqStrictOrdering": true, "pqRatePerSec": 0, "pqMode": "error", "pqMaxBufferSize": 42, "pqMaxBackpressureSec": 30, "pqMaxFileSize": "1 MB", "pqMaxSize": "5GB", "pqPath": "$CRIBL_HOME/state/queues", "pqCompress": "none", "pqOnBackpressure": "block", "pqControls": {}} - responses: - "200": - application/json: {} - "500": - application/json: {} - OutputExamplesDefault: - parameters: - path: - id: "" - requestBody: - application/json: {"id": "default-output", "type": "default", "defaultId": "my-default-output"} - responses: - "200": - application/json: {} - "500": - application/json: {} - OutputCreateExamplesTcpjson: - parameters: - path: - id: "" - requestBody: - application/json: {"id": "tcpjson-output", "type": "tcpjson", "host": "localhost", "port": 10090} - responses: - "200": - application/json: {} - "500": - application/json: {} - OutputCreateExamplesSplunk: - parameters: - path: - id: "" - requestBody: - application/json: {"id": "splunk-output", "type": "splunk", "host": "localhost", "port": 9997} - responses: - "200": - application/json: {} - "500": - application/json: {} - OutputCreateExamplesSplunkLb: - parameters: - path: - id: "" - requestBody: - application/json: {"id": "splunk-lb-output", "type": "splunk_lb", "hosts": [{"host": "localhost", "port": 9997}]} - responses: - "200": - application/json: {} - "500": - application/json: {} - OutputCreateExamplesSplunkHec: - parameters: - path: - id: "" - requestBody: - application/json: {"id": "splunk-hec-output", "type": "splunk_hec"} - responses: - "200": - application/json: {} - "500": - application/json: {} - OutputCreateExamplesSyslog: - parameters: - path: - id: "" - requestBody: - application/json: {"id": "syslog-output", "type": "syslog", "host": "localhost", "port": 514} - responses: - "200": - application/json: {} - "500": - application/json: {} - OutputCreateExamplesFilesystem: - parameters: - path: - id: "" - requestBody: - application/json: {"id": "filesystem-output", "type": "filesystem", "destPath": "/var/log/output"} - responses: - "200": - application/json: {} - "500": - application/json: {} - OutputCreateExamplesS3: - parameters: - path: - id: "" - requestBody: - application/json: {"id": "s3-output", "type": "s3", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging"} - responses: - "200": - application/json: {} - "500": - application/json: {} - OutputCreateExamplesAzureBlob: - parameters: - path: - id: "" - requestBody: - application/json: {"id": "azure-blob-output", "type": "azure_blob", "containerName": "my-container", "stagePath": "/tmp/staging"} - responses: - "200": - application/json: {} - "500": - application/json: {} - OutputCreateExamplesAzureDataExplorer: - parameters: - path: - id: "" - requestBody: - application/json: {"id": "azure-data-explorer-output", "type": "azure_data_explorer", "clusterUrl": "https://mycluster.kusto.windows.net", "database": "mydatabase", "table": "mytable", "ingestMode": "streaming", "oauthEndpoint": "https://login.microsoftonline.com", "tenantId": "tenant-id", "clientId": "client-id", "scope": "https://mycluster.kusto.windows.net/.default", "oauthType": "clientSecret", "clientSecret": "client-secret", "format": "json", "compress": "gzip"} - responses: - "200": - application/json: {} - "500": - application/json: {} - OutputCreateExamplesSentinel: - parameters: - path: - id: "" - requestBody: - application/json: {"id": "sentinel-output", "type": "sentinel", "loginUrl": "https://login.microsoftonline.com", "secret": "client-secret", "client_id": "client-id", "endpointURLConfiguration": "url", "url": "https://your-workspace.ingest.monitor.azure.com"} + application/json: {"id": "sentinel-output", "type": "sentinel", "loginUrl": "https://login.microsoftonline.com", "secret": "client-secret", "client_id": "client-id", "endpointURLConfiguration": "url", "url": "https://your-workspace.ingest.monitor.azure.com"} responses: "200": application/json: {} "500": application/json: {} OutputCreateExamplesAzureLogs: - parameters: - path: - id: "" requestBody: application/json: {"id": "azure-logs-output", "type": "azure_logs", "logType": "Cribl", "authType": "manual", "workspaceId": "workspace-id", "workspaceKey": "workspace-key"} responses: @@ -22341,9 +22599,6 @@ examples: "500": application/json: {} OutputCreateExamplesKafka: - parameters: - path: - id: "" requestBody: application/json: {"id": "kafka-output", "type": "kafka", "brokers": ["localhost:9092"], "topic": "logs"} responses: @@ -22352,9 +22607,6 @@ examples: "500": application/json: {} OutputCreateExamplesConfluentCloud: - parameters: - path: - id: "" requestBody: application/json: {"id": "confluent-cloud-output", "type": "confluent_cloud", "brokers": ["pkc-xxxxx.us-east-1.aws.confluent.cloud:9092"], "topic": "logs"} responses: @@ -22363,9 +22615,6 @@ examples: "500": application/json: {} OutputCreateExamplesMsk: - parameters: - path: - id: "" requestBody: application/json: {"id": "msk-output", "type": "msk", "brokers": ["b-1.example.xxxxx.c2.kafka.us-east-1.amazonaws.com:9092"], "topic": "logs", "awsAuthenticationMethod": "auto", "region": "us-east-1"} responses: @@ -22374,9 +22623,6 @@ examples: "500": application/json: {} OutputCreateExamplesKinesis: - parameters: - path: - id: "" requestBody: application/json: {"id": "kinesis-output", "type": "kinesis", "streamName": "my-stream", "region": "us-east-1"} responses: @@ -22385,9 +22631,6 @@ examples: "500": application/json: {} OutputCreateExamplesElastic: - parameters: - path: - id: "" requestBody: application/json: {"id": "elastic-output", "type": "elastic", "index": "logs"} responses: @@ -22396,9 +22639,6 @@ examples: "500": application/json: {} OutputCreateExamplesElasticCloud: - parameters: - path: - id: "" requestBody: application/json: {"id": "elastic-cloud-output", "type": "elastic_cloud", "url": "my-cloud-id", "index": "logs"} responses: @@ -22407,9 +22647,6 @@ examples: "500": application/json: {} OutputCreateExamplesMicrosoftFabric: - parameters: - path: - id: "" requestBody: application/json: {"id": "microsoft-fabric-output", "type": "microsoft_fabric", "topic": "logs", "bootstrap_server": "myeventstream.servicebus.windows.net:9093"} responses: @@ -22418,9 +22655,6 @@ examples: "500": application/json: {} OutputCreateExamplesCloudflareR2: - parameters: - path: - id: "" requestBody: application/json: {"id": "cloudflare-r2-output", "type": "cloudflare_r2", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://account-id.r2.cloudflarestorage.com"} responses: @@ -22429,9 +22663,6 @@ examples: "500": application/json: {} OutputCreateExamplesHoneycomb: - parameters: - path: - id: "" requestBody: application/json: {"id": "honeycomb-output", "type": "honeycomb", "dataset": "my-dataset"} responses: @@ -22440,9 +22671,6 @@ examples: "500": application/json: {} OutputCreateExamplesNewrelic: - parameters: - path: - id: "" requestBody: application/json: {"id": "newrelic-output", "type": "newrelic", "apiKey": "your-api-key"} responses: @@ -22451,9 +22679,6 @@ examples: "500": application/json: {} OutputCreateExamplesNewrelicEvents: - parameters: - path: - id: "" requestBody: application/json: {"id": "newrelic-events-output", "type": "newrelic_events", "accountId": "123456", "eventType": "CriblEvent", "apiKey": "your-api-key"} responses: @@ -22462,9 +22687,6 @@ examples: "500": application/json: {} OutputCreateExamplesSnmp: - parameters: - path: - id: "" requestBody: application/json: {"id": "snmp-output", "type": "snmp", "hosts": [{"host": "192.168.1.1", "port": 161}]} responses: @@ -22473,9 +22695,6 @@ examples: "500": application/json: {} OutputCreateExamplesInfluxdb: - parameters: - path: - id: "" requestBody: application/json: {"id": "influxdb-output", "type": "influxdb", "url": "http://localhost:8086", "database": "mydb"} responses: @@ -22484,9 +22703,6 @@ examples: "500": application/json: {} OutputCreateExamplesMinio: - parameters: - path: - id: "" requestBody: application/json: {"id": "minio-output", "type": "minio", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "http://localhost:9000"} responses: @@ -22495,9 +22711,6 @@ examples: "500": application/json: {} OutputCreateExamplesCloudwatch: - parameters: - path: - id: "" requestBody: application/json: {"id": "cloudwatch-output", "type": "cloudwatch", "logGroupName": "my-log-group", "logStreamName": "my-log-stream", "region": "us-east-1"} responses: @@ -22506,9 +22719,6 @@ examples: "500": application/json: {} OutputCreateExamplesAzureEventhub: - parameters: - path: - id: "" requestBody: application/json: {"id": "azure-eventhub-output", "type": "azure_eventhub", "brokers": ["myeventhub.servicebus.windows.net:9093"], "topic": "logs"} responses: @@ -22517,9 +22727,6 @@ examples: "500": application/json: {} OutputCreateExamplesStatsd: - parameters: - path: - id: "" requestBody: application/json: {"id": "statsd-output", "type": "statsd", "protocol": "udp", "host": "localhost", "port": 8125} responses: @@ -22528,9 +22735,6 @@ examples: "500": application/json: {} OutputCreateExamplesStatsdExt: - parameters: - path: - id: "" requestBody: application/json: {"id": "statsd-ext-output", "type": "statsd_ext", "protocol": "udp", "host": "localhost", "port": 8125} responses: @@ -22539,9 +22743,6 @@ examples: "500": application/json: {} OutputCreateExamplesGraphite: - parameters: - path: - id: "" requestBody: application/json: {"id": "graphite-output", "type": "graphite", "protocol": "tcp", "host": "localhost", "port": 2003} responses: @@ -22550,9 +22751,6 @@ examples: "500": application/json: {} OutputCreateExamplesWavefront: - parameters: - path: - id: "" requestBody: application/json: {"id": "wavefront-output", "type": "wavefront", "domain": "longboard", "token": "your-token"} responses: @@ -22561,9 +22759,6 @@ examples: "500": application/json: {} OutputCreateExamplesSignalfx: - parameters: - path: - id: "" requestBody: application/json: {"id": "signalfx-output", "type": "signalfx", "realm": "us0", "token": "your-token"} responses: @@ -22572,9 +22767,6 @@ examples: "500": application/json: {} OutputCreateExamplesSqs: - parameters: - path: - id: "" requestBody: application/json: {"id": "sqs-output", "type": "sqs", "queueName": "my-queue", "queueType": "standard", "region": "us-east-1"} responses: @@ -22583,9 +22775,6 @@ examples: "500": application/json: {} OutputCreateExamplesGoogleCloudStorage: - parameters: - path: - id: "" requestBody: application/json: {"id": "google-cloud-storage-output", "type": "google_cloud_storage", "bucket": "my-bucket", "region": "us-east1", "endpoint": "https://storage.googleapis.com", "stagePath": "/tmp/staging"} responses: @@ -22594,9 +22783,6 @@ examples: "500": application/json: {} OutputCreateExamplesSumoLogic: - parameters: - path: - id: "" requestBody: application/json: {"id": "sumo-logic-output", "type": "sumo_logic", "url": "https://endpoint1.collection.us2.sumologic.com"} responses: @@ -22605,9 +22791,6 @@ examples: "500": application/json: {} OutputCreateExamplesDatadog: - parameters: - path: - id: "" requestBody: application/json: {"id": "datadog-output", "type": "datadog", "apiKey": "your-api-key"} responses: @@ -22616,9 +22799,6 @@ examples: "500": application/json: {} OutputCreateExamplesWebhook: - parameters: - path: - id: "" requestBody: application/json: {"id": "webhook-output", "type": "webhook", "url": "https://example.com/webhook"} responses: @@ -22627,9 +22807,6 @@ examples: "500": application/json: {} OutputCreateExamplesPrometheus: - parameters: - path: - id: "" requestBody: application/json: {"id": "prometheus-output", "type": "prometheus", "url": "http://localhost:9091/api/v1/write"} responses: @@ -22638,9 +22815,6 @@ examples: "500": application/json: {} OutputCreateExamplesGooglePubsub: - parameters: - path: - id: "" requestBody: application/json: {"id": "google-pubsub-output", "type": "google_pubsub", "topicName": "my-topic"} responses: @@ -22649,9 +22823,6 @@ examples: "500": application/json: {} OutputCreateExamplesGoogleChronicle: - parameters: - path: - id: "" requestBody: application/json: {"id": "google-chronicle-output", "type": "google_chronicle", "logFormatType": "unstructured", "region": "us", "customerId": "customer-id"} responses: @@ -22660,9 +22831,6 @@ examples: "500": application/json: {} OutputCreateExamplesChronicle: - parameters: - path: - id: "" requestBody: application/json: {"id": "chronicle-output", "type": "chronicle", "region": "us", "logType": "UNKNOWN", "gcpProjectId": "my-project", "gcpInstance": "customer-id"} responses: @@ -22671,9 +22839,6 @@ examples: "500": application/json: {} OutputCreateExamplesGrafanaCloud: - parameters: - path: - id: "" requestBody: application/json: {"id": "grafana-cloud-output", "type": "grafana_cloud", "lokiUrl": "https://logs-prod-us-central1.grafana.net"} responses: @@ -22682,9 +22847,6 @@ examples: "500": application/json: {} OutputCreateExamplesLoki: - parameters: - path: - id: "" requestBody: application/json: {"id": "loki-output", "type": "loki", "url": "http://localhost:3100/loki/api/v1/push"} responses: @@ -22693,9 +22855,6 @@ examples: "500": application/json: {} OutputCreateExamplesOpenTelemetry: - parameters: - path: - id: "" requestBody: application/json: {"id": "opentelemetry-output", "type": "open_telemetry", "endpoint": "http://localhost:4317"} responses: @@ -22704,9 +22863,6 @@ examples: "500": application/json: {} OutputCreateExamplesServiceNow: - parameters: - path: - id: "" requestBody: application/json: {"id": "servicenow-output", "type": "service_now", "endpoint": "ingest.lightstep.com:443", "tokenSecret": "your-token-secret", "otlpVersion": "1.3.1", "protocol": "http"} responses: @@ -22715,9 +22871,6 @@ examples: "500": application/json: {} OutputCreateExamplesDynatraceOtlp: - parameters: - path: - id: "" requestBody: application/json: {"id": "dynatrace-otlp-output", "type": "dynatrace_otlp", "protocol": "http", "endpoint": "https://your-environment.live.dynatrace.com/api/v2/otlp", "otlpVersion": "1.3.1", "endpointType": "saas", "tokenSecret": "your-token-secret"} responses: @@ -22726,9 +22879,6 @@ examples: "500": application/json: {} OutputCreateExamplesSentinelOneAiSiem: - parameters: - path: - id: "" requestBody: application/json: {"id": "sentinel-one-ai-siem-output", "type": "sentinel_one_ai_siem", "region": "US", "endpoint": "/services/collector/event"} responses: @@ -22737,9 +22887,6 @@ examples: "500": application/json: {} OutputCreateExamplesDataset: - parameters: - path: - id: "" requestBody: application/json: {"id": "dataset-output", "type": "dataset"} responses: @@ -22748,9 +22895,6 @@ examples: "500": application/json: {} OutputCreateExamplesRing: - parameters: - path: - id: "" requestBody: application/json: {"id": "ring-output", "type": "ring"} responses: @@ -22759,9 +22903,6 @@ examples: "500": application/json: {} OutputCreateExamplesRouter: - parameters: - path: - id: "" requestBody: application/json: {"id": "router-output", "type": "router", "rules": [{"filter": "true", "output": "my-output"}]} responses: @@ -22770,9 +22911,6 @@ examples: "500": application/json: {} OutputCreateExamplesWizHec: - parameters: - path: - id: "" requestBody: application/json: {"id": "wiz-hec-output", "type": "wiz_hec", "authType": "manual", "wiz_connector_id": "00000000-0000-0000-0000-000000000000", "wiz_environment": "test", "data_center": "us1", "wiz_sourcetype": "placeholder"} responses: @@ -22781,9 +22919,6 @@ examples: "500": application/json: {} OutputCreateExamplesHumioHec: - parameters: - path: - id: "" requestBody: application/json: {"id": "humio-hec-output", "type": "humio_hec", "url": "https://cloud.us.humio.com/api/v1/ingest/hec", "format": "JSON", "authType": "manual", "token": "your-token"} responses: @@ -22792,9 +22927,6 @@ examples: "500": application/json: {} OutputCreateExamplesCrowdstrikeNextGenSiem: - parameters: - path: - id: "" requestBody: application/json: {"id": "crowdstrike-next-gen-siem-output", "type": "crowdstrike_next_gen_siem", "url": "https://ingest.us.crowdstrike.com/api/ingest/hec/connection-id/v1/services/collector", "format": "JSON", "authType": "manual", "token": "your-token"} responses: @@ -22803,9 +22935,6 @@ examples: "500": application/json: {} OutputCreateExamplesCriblHttp: - parameters: - path: - id: "" requestBody: application/json: {"id": "cribl-http-output", "type": "cribl_http"} responses: @@ -22814,9 +22943,6 @@ examples: "500": application/json: {} OutputCreateExamplesCriblTcp: - parameters: - path: - id: "" requestBody: application/json: {"id": "cribl-tcp-output", "type": "cribl_tcp", "host": "localhost", "port": 10090} responses: @@ -22825,9 +22951,6 @@ examples: "500": application/json: {} OutputCreateExamplesCriblSearchEngine: - parameters: - path: - id: "" requestBody: application/json: {"id": "cribl-search-engine-output", "type": "cribl_search_engine", "systemFields": ["cribl_pipe"], "streamtags": [], "loadBalanced": false, "tls": {"disabled": true}, "tokenTTLMinutes": 60, "excludeFields": ["__kube_*", "__metadata", "__winEvent"], "compression": "gzip", "concurrency": 5, "maxPayloadSizeKB": 4096, "maxPayloadEvents": 0, "rejectUnauthorized": true, "timeoutSec": 30, "flushPeriodSec": 1, "failedRequestLoggingMode": "none", "safeHeaders": [], "throttleRatePerSec": "0", "responseRetrySettings": [{"httpStatus": 401, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 20000}, {"httpStatus": 403, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 20000}, {"httpStatus": 408, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 429, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 500, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 502, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 503, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 504, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 509, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}], "timeoutRetrySettings": {"timeoutRetry": false}, "responseHonorRetryAfterHeader": true, "onBackpressure": "block", "useRoundRobinDns": true, "url": "https://0.0.0.0:10200"} responses: @@ -22836,9 +22959,6 @@ examples: "500": application/json: {} OutputCreateExamplesGoogleCloudLogging: - parameters: - path: - id: "" requestBody: application/json: {"id": "google-cloud-logging-output", "type": "google_cloud_logging", "logLocationType": "project", "logNameExpression": "my-log", "logLocationExpression": "my-project"} responses: @@ -22847,9 +22967,6 @@ examples: "500": application/json: {} OutputCreateExamplesSns: - parameters: - path: - id: "" requestBody: application/json: {"id": "sns-output", "type": "sns", "topicArn": "arn:aws:sns:us-east-1:123456789012:my-topic", "messageGroupId": "my-message-group", "region": "us-east-1"} responses: @@ -22858,9 +22975,6 @@ examples: "500": application/json: {} OutputCreateExamplesDlS3: - parameters: - path: - id: "" requestBody: application/json: {"id": "dl-s3-output", "type": "dl_s3", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging"} responses: @@ -22869,9 +22983,6 @@ examples: "500": application/json: {} OutputCreateExamplesSecurityLake: - parameters: - path: - id: "" requestBody: application/json: {"id": "security-lake-output", "type": "security_lake", "assumeRoleArn": "arn:aws:iam::123456789012:role/my-role", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging", "accountId": "123456789012", "customSource": "my-custom-source"} responses: @@ -22880,9 +22991,6 @@ examples: "500": application/json: {} OutputCreateExamplesCriblLake: - parameters: - path: - id: "" requestBody: application/json: {"id": "cribl-lake-output", "type": "cribl_lake"} responses: @@ -22891,9 +22999,6 @@ examples: "500": application/json: {} OutputCreateExamplesExabeam: - parameters: - path: - id: "" requestBody: application/json: {"id": "exabeam-output", "type": "exabeam", "bucket": "my-bucket", "region": "us-east1", "stagePath": "/tmp/staging", "endpoint": "https://storage.googleapis.com", "collectorInstanceId": "11112222-3333-4444-5555-666677778888"} responses: @@ -22902,9 +23007,6 @@ examples: "500": application/json: {} OutputCreateExamplesDiskSpool: - parameters: - path: - id: "" requestBody: application/json: {"id": "disk-spool-output", "type": "disk_spool"} responses: @@ -22913,9 +23015,6 @@ examples: "500": application/json: {} OutputCreateExamplesClickHouse: - parameters: - path: - id: "" requestBody: application/json: {"id": "clickhouse-output", "type": "click_house", "url": "http://localhost:8123/", "database": "mydb", "tableName": "mytable"} responses: @@ -22924,9 +23023,6 @@ examples: "500": application/json: {} OutputCreateExamplesXsiam: - parameters: - path: - id: "" requestBody: application/json: {"id": "xsiam-output", "type": "xsiam"} responses: @@ -22935,9 +23031,6 @@ examples: "500": application/json: {} OutputCreateExamplesNetflow: - parameters: - path: - id: "" requestBody: application/json: {"id": "netflow-output", "type": "netflow", "hosts": [{"host": "localhost", "port": 2055}]} responses: @@ -22946,9 +23039,6 @@ examples: "500": application/json: {} OutputCreateExamplesDynatraceHttp: - parameters: - path: - id: "" requestBody: application/json: {"id": "dynatrace-http-output", "type": "dynatrace_http", "authType": "token", "format": "json_array", "endpoint": "cloud", "telemetryType": "logs", "token": "your-api-key"} responses: @@ -22957,9 +23047,6 @@ examples: "500": application/json: {} OutputCreateExamplesDatabricks: - parameters: - path: - id: "" requestBody: application/json: {"id": "databricks-output", "type": "databricks", "workspaceId": "your-workspace-id", "scope": "all-apis", "clientId": "your-client-id", "catalog": "main", "schema": "external", "eventsVolumeName": "events", "clientTextSecret": "your-client-secret"} responses: @@ -22968,9 +23055,6 @@ examples: "500": application/json: {} OutputCreateExamplesLocalSearchStorage: - parameters: - path: - id: "" requestBody: application/json: {"id": "local-search-storage-output", "type": "local_search_storage", "url": "http://localhost:8123/", "database": "default", "tableName": "mytable"} responses: @@ -22979,9 +23063,6 @@ examples: "500": application/json: {} OutputCreateExamplesNutanixObjects: - parameters: - path: - id: "" requestBody: application/json: {"id": "nutanix-objects-output", "type": "nutanix_objects", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://nutanix-objects.example.com"} responses: @@ -22990,9 +23071,6 @@ examples: "500": application/json: {} OutputCreateExamplesStorjS3: - parameters: - path: - id: "" requestBody: application/json: {"id": "storj-s3-output", "type": "storj_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://gateway.storjshare.io"} responses: @@ -23001,9 +23079,6 @@ examples: "500": application/json: {} OutputCreateExamplesAlphasocS3: - parameters: - path: - id: "" requestBody: application/json: {"id": "alphasoc-s3-output", "type": "alphasoc_s3", "bucket": "events", "stagePath": "/tmp/staging", "endpoint": "https://s3.alphasoc.net"} responses: @@ -23012,9 +23087,6 @@ examples: "500": application/json: {} OutputCreateExamplesdellS3: - parameters: - path: - id: "" requestBody: application/json: {"id": "dell-s3-output", "type": "dell_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://powerscale.example.com:9021"} responses: @@ -23023,9 +23095,6 @@ examples: "500": application/json: {} OutputCreateExamplescloudianS3: - parameters: - path: - id: "" requestBody: application/json: {"id": "cloudian-s3-output", "type": "cloudian_s3", "endpoint": "https://s3.hyperstore.example.com", "bucket": "my-bucket", "stagePath": "/tmp/staging"} responses: @@ -23034,9 +23103,6 @@ examples: "500": application/json: {} OutputCreateExamplesscalityS3: - parameters: - path: - id: "" requestBody: application/json: {"id": "scality-s3-output", "type": "scality_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://s3.scality.example.com"} responses: @@ -23045,9 +23111,6 @@ examples: "500": application/json: {} OutputCreateExamplesalibabaCloudS3: - parameters: - path: - id: "" requestBody: application/json: {"id": "alibaba-oss-output", "type": "alibaba_cloud_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://s3.oss-cn-hangzhou.aliyuncs.com"} responses: @@ -23055,4239 +23118,8810 @@ examples: application/json: {} "500": application/json: {} - deleteOutputById: - speakeasy-default-delete-output-by-id: - parameters: - path: - id: "" + OutputCreateExamplesGoogleCloudObservability: + requestBody: + application/json: {"id": "google-cloud-observability-output", "type": "google_cloud_observability", "googleAuthMethod": "auto"} responses: "200": application/json: {} "500": application/json: {} - deleteOutputPqById: - speakeasy-default-delete-output-pq-by-id: + getOutputById: + speakeasy-default-get-output-by-id: parameters: path: id: "" responses: "200": - application/json: {"count": 37997, "items": [{"key": ""}, {"key": "", "key1": ""}]} - "500": application/json: {} - "201": + "500": application/json: {} - getOutputPqById: - speakeasy-default-get-output-pq-by-id: + updateOutputById: + speakeasy-default-update-output-by-id: parameters: path: id: "" + requestBody: + application/json: {"id": "", "type": "signalfx", "pipeline": "", "systemFields": [""], "environment": "", "streamtags": ["", ""], "authType": "manual", "realm": "us0", "concurrency": 5, "maxPayloadSizeKB": 4096, "maxPayloadEvents": 0, "compress": true, "rejectUnauthorized": true, "timeoutSec": 30, "flushPeriodSec": 1, "extraHttpHeaders": [{"name": "", "value": ""}], "useRoundRobinDns": false, "failedRequestLoggingMode": "none", "safeHeaders": [""], "responseRetrySettings": [{"httpStatus": 2924.72, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 10000}], "timeoutRetrySettings": {"timeoutRetry": false, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 10000}, "responseHonorRetryAfterHeader": false, "onBackpressure": "block", "description": "phooey positively a consequently meh until", "token": "", "textSecret": "", "pqStrictOrdering": true, "pqRatePerSec": 0, "pqMode": "error", "pqMaxBufferSize": 42, "pqMaxBackpressureSec": 30, "pqMaxFileSize": "1 MB", "pqMaxSize": "5GB", "pqPath": "$CRIBL_HOME/state/queues", "pqCompress": "none", "pqOnBackpressure": "block", "pqControls": {}} responses: "200": application/json: {} "500": application/json: {} - getOutputSamplesById: - speakeasy-default-get-output-samples-by-id: + OutputExamplesDefault: parameters: path: id: "" + requestBody: + application/json: {"id": "default-output", "type": "default", "defaultId": "my-default-output"} responses: "200": application/json: {} "500": application/json: {} - createOutputTestById: - speakeasy-default-create-output-test-by-id: + OutputCreateExamplesTcpjson: parameters: path: id: "" requestBody: - application/json: {"events": [{"_raw": ""}]} + application/json: {"id": "tcpjson-output", "type": "tcpjson", "host": "localhost", "port": 10090} responses: "200": application/json: {} "500": application/json: {} - OutputTestExamplesSingleEvent: + OutputCreateExamplesSplunk: parameters: path: id: "" requestBody: - application/json: {"events": [{"_raw": "This is a test event", "source": "test", "sourcetype": "manual"}]} + application/json: {"id": "splunk-output", "type": "splunk", "host": "localhost", "port": 9997} responses: "200": application/json: {} "500": application/json: {} - OutputTestExamplesMultipleEvents: + OutputCreateExamplesSplunkLb: parameters: path: id: "" requestBody: - application/json: {"events": [{"_raw": "Test event 1", "source": "test", "sourcetype": "manual"}, {"_raw": "Test event 2", "source": "test", "sourcetype": "manual"}]} + application/json: {"id": "splunk-lb-output", "type": "splunk_lb", "hosts": [{"host": "localhost", "port": 9997}]} responses: "200": application/json: {} "500": application/json: {} - listRoutes: - speakeasy-default-list-routes: + OutputCreateExamplesSplunkHec: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "splunk-hec-output", "type": "splunk_hec"} responses: "200": - application/json: {"count": 397064, "items": [{"id": "", "routes": [], "groups": {"key": {"name": "", "description": "proceed provided off nor why pasta wry youthfully amongst which", "disabled": true}}, "comments": [{"comment": "Andy shoes are designed to keeping in mind durability as well as trends, the most stylish range of shoes & sandals"}]}]} + application/json: {} "500": - application/json: {"message": ""} - getRoutesById: - speakeasy-default-get-routes-by-id: + application/json: {} + OutputCreateExamplesSyslog: parameters: path: id: "" + requestBody: + application/json: {"id": "syslog-output", "type": "syslog", "host": "localhost", "port": 514} responses: "200": application/json: {} "500": application/json: {} - updateRoutesById: - speakeasy-default-update-routes-by-id: + OutputCreateExamplesFilesystem: parameters: path: - id: "" + id: "" requestBody: - application/json: {"id": "", "routes": []} + application/json: {"id": "filesystem-output", "type": "filesystem", "destPath": "/var/log/output"} responses: "200": application/json: {} "500": application/json: {} - RoutesUpdateExamplesBasicRoute: + OutputCreateExamplesS3: parameters: path: - id: "" + id: "" requestBody: - application/json: {"id": "default", "routes": [{"description": "Route access logs to main Pipeline", "filter": "source == \"access.log\"", "name": "my-route", "pipeline": "main", "final": true, "id": "default"}]} + application/json: {"id": "s3-output", "type": "s3", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging"} responses: "200": application/json: {} "500": application/json: {} - RoutesUpdateExamplesMultipleRoutes: + OutputCreateExamplesAzureBlob: parameters: path: - id: "" + id: "" requestBody: - application/json: {"id": "default", "routes": [{"description": "Route speedtest logs", "filter": "source == \"speedtest.log\"", "name": "speedtest", "output": "default", "pipeline": "main", "final": false, "id": "route-speedtest"}, {"description": "Route mtr logs", "filter": "source == \"mtr.log\"", "name": "mtr", "output": "default", "pipeline": "passthru", "final": false, "id": "route-mtr"}, {"description": "Route statsd metrics", "filter": "source == \"statsd.log\"", "name": "statsd", "output": "devnull", "pipeline": "prometheus_metrics", "final": false, "id": "route-statsd"}, {"description": "Catch-all Route for all other events", "filter": "true", "name": "default", "output": "default", "pipeline": "main", "final": true, "id": "route-default"}]} + application/json: {"id": "azure-blob-output", "type": "azure_blob", "containerName": "my-container", "stagePath": "/tmp/staging"} responses: "200": application/json: {} "500": application/json: {} - RoutesUpdateExamplesRouteWithOutputExpression: + OutputCreateExamplesAzureDataExplorer: parameters: path: - id: "" + id: "" requestBody: - application/json: {"id": "default", "routes": [{"description": "Route with dynamic Destination based on environment", "enableOutputExpression": true, "filter": "source == \"dynamic.log\"", "name": "dynamic-output", "outputExpression": "`myDest_${C.logStreamEnv}`", "pipeline": "main", "final": true, "id": "route-dynamic"}]} + application/json: {"id": "azure-data-explorer-output", "type": "azure_data_explorer", "clusterUrl": "https://mycluster.kusto.windows.net", "database": "mydatabase", "table": "mytable", "ingestMode": "streaming", "oauthEndpoint": "https://login.microsoftonline.com", "tenantId": "tenant-id", "clientId": "client-id", "scope": "https://mycluster.kusto.windows.net/.default", "oauthType": "clientSecret", "clientSecret": "client-secret", "format": "json", "compress": "gzip"} responses: "200": application/json: {} "500": application/json: {} - RoutesUpdateExamplesRouteWithDefaults: + OutputCreateExamplesSentinel: parameters: path: - id: "" + id: "" requestBody: - application/json: {"id": "default", "routes": [{"description": "Route access logs to main Pipeline", "filter": "source == \"access.log\"", "name": "my-route", "pipeline": "main"}]} + application/json: {"id": "sentinel-output", "type": "sentinel", "loginUrl": "https://login.microsoftonline.com", "secret": "client-secret", "client_id": "client-id", "endpointURLConfiguration": "url", "url": "https://your-workspace.ingest.monitor.azure.com"} responses: "200": application/json: {} "500": application/json: {} - createRoutesAppendById: - speakeasy-default-create-routes-append-by-id: + OutputCreateExamplesAzureLogs: parameters: path: id: "" requestBody: - application/json: [] + application/json: {"id": "azure-logs-output", "type": "azure_logs", "logType": "Cribl", "authType": "manual", "workspaceId": "workspace-id", "workspaceKey": "workspace-key"} responses: "200": application/json: {} "500": application/json: {} - RoutesAppendExamplesSingleRoute: + OutputCreateExamplesKafka: parameters: path: id: "" requestBody: - application/json: [{"description": "Route new logs to main pipeline", "filter": "source == \"new.log\"", "name": "new-route", "pipeline": "main", "final": true, "id": "route-new"}] + application/json: {"id": "kafka-output", "type": "kafka", "brokers": ["localhost:9092"], "topic": "logs"} responses: "200": application/json: {} "500": application/json: {} - RoutesAppendExamplesMultipleRoutes: + OutputCreateExamplesConfluentCloud: parameters: path: id: "" requestBody: - application/json: [{"description": "Route audit logs", "filter": "source == \"audit.log\"", "name": "audit", "output": "default", "pipeline": "main", "final": false, "id": "route-audit"}, {"description": "Route security logs", "filter": "source == \"security.log\"", "name": "security", "output": "devnull", "pipeline": "passthru", "final": false, "id": "route-security"}] + application/json: {"id": "confluent-cloud-output", "type": "confluent_cloud", "brokers": ["pkc-xxxxx.us-east-1.aws.confluent.cloud:9092"], "topic": "logs"} responses: "200": application/json: {} "500": application/json: {} - RoutesAppendExamplesRouteWithOutputExpression: + OutputCreateExamplesMsk: parameters: path: id: "" requestBody: - application/json: [{"description": "Route with dynamic Destination based on environment", "enableOutputExpression": true, "filter": "source == \"dynamic.log\"", "name": "dynamic-append", "outputExpression": "`myDest_${C.logStreamEnv}`", "pipeline": "main", "final": true, "id": "route-dynamic-append"}] + application/json: {"id": "msk-output", "type": "msk", "brokers": ["b-1.example.xxxxx.c2.kafka.us-east-1.amazonaws.com:9092"], "topic": "logs", "awsAuthenticationMethod": "auto", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - RoutesAppendExamplesRouteWithDefaults: + OutputCreateExamplesKinesis: parameters: path: id: "" requestBody: - application/json: [{"description": "Route with server-generated id and default final value", "filter": "source == \"new.log\"", "name": "new-route", "pipeline": "main"}] + application/json: {"id": "kinesis-output", "type": "kinesis", "streamName": "my-stream", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - listPipeline: - speakeasy-default-list-pipeline: + OutputCreateExamplesElastic: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "elastic-output", "type": "elastic", "index": "logs"} responses: "200": - application/json: {"count": 575048, "items": [{"id": "", "conf": {"asyncFuncTimeout": 138375, "output": "default", "description": "perfectly gosh whup whoa boohoo twin as", "streamtags": ["", ""], "functions": [{"filter": "", "id": "otlp_logs", "description": "aching huge alliance incidentally", "disabled": true, "final": true, "conf": {"dropNonLogEvents": false, "batchOTLPLogs": true}, "groupId": ""}], "groups": {"key": {"name": "", "description": "phew rigidly when", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - createPipeline: - speakeasy-default-create-pipeline: + application/json: {} + OutputCreateExamplesElasticCloud: + parameters: + path: + id: "" requestBody: - application/json: {"id": "", "conf": {"asyncFuncTimeout": 905091, "output": "default", "description": "next tightly positively", "streamtags": [""], "functions": [{"filter": "", "id": "clone", "description": "hmph famously redesign", "disabled": true, "final": false, "conf": {"clones": [{"key": ""}, {"key": "", "key1": ""}]}, "groupId": ""}], "groups": {"key": {"name": "", "description": "yuck terribly ostrich enhance sentimental strictly whereas before reboot sleet", "disabled": true}}}} + application/json: {"id": "elastic-cloud-output", "type": "elastic_cloud", "url": "my-cloud-id", "index": "logs"} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesEmpty: + application/json: {} + OutputCreateExamplesMicrosoftFabric: + parameters: + path: + id: "" requestBody: - application/json: {"id": "empty-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "", "streamtags": [], "functions": [], "groups": {}}} + application/json: {"id": "microsoft-fabric-output", "type": "microsoft_fabric", "topic": "logs", "bootstrap_server": "myeventstream.servicebus.windows.net:9093"} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesAggregations: + application/json: {} + OutputCreateExamplesCloudflareR2: + parameters: + path: + id: "" requestBody: - application/json: {"id": "aggregation-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that aggregates rejected bytes grouped by source address every 10 seconds", "streamtags": [], "functions": [{"filter": "true", "id": "aggregation", "description": "at mad back within towards who save before redraw tooth", "disabled": false, "final": false, "conf": {"passthrough": false, "preserveGroupBys": false, "sufficientStatsOnly": false, "metricsMode": false, "prefix": "", "timeWindow": "10s", "aggregations": ["sum(bytes).where(action==\"REJECT\").as(TotalBytes)"], "groupbys": ["srcaddr"], "flushEventLimit": 5847.83, "flushMemLimit": "", "cumulative": false, "searchAggMode": "", "add": [{"name": "", "value": ""}], "shouldTreatDotsAsLiterals": false, "flushOnInputClose": true}, "groupId": ""}], "groups": {}}} + application/json: {"id": "cloudflare-r2-output", "type": "cloudflare_r2", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://account-id.r2.cloudflarestorage.com"} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesAggregateMetrics: + application/json: {} + OutputCreateExamplesHoneycomb: + parameters: + path: + id: "" requestBody: - application/json: {"id": "aggregate-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that aggregates process metrics: CPU, memory, and bytes over time windows", "streamtags": [], "functions": [{"filter": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) || (_metric == 'proc.mem_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.mem_perc'\")) || (_metric == 'proc.bytes_in' || __criblMetrics[0].nameExpr.includes(\"'proc.bytes_in'\"))", "id": "aggregate_metrics", "description": "modulo tall usefully jump platter scrape whoever till shy miskey", "disabled": true, "final": false, "conf": {"passthrough": false, "preserveGroupBys": false, "sufficientStatsOnly": false, "prefix": "", "timeWindow": "10s", "aggregations": [{"metricType": "gauge", "agg": "avg(_value || proc.cpu_perc).as(proc.cpu_perc_avg)"}, {"metricType": "gauge", "agg": "sum(_value || proc.mem_perc).as(proc.mem_perc_sum)"}, {"metricType": "counter", "agg": "count(_value || proc.bytes_in).as(proc.bytes_in_count)"}], "groupbys": ["proc"], "flushEventLimit": 9795.75, "flushMemLimit": "", "cumulative": false, "shouldTreatDotsAsLiterals": true, "add": [{"name": "", "value": ""}], "flushOnInputClose": true}, "groupId": ""}], "groups": {}}} + application/json: {"id": "honeycomb-output", "type": "honeycomb", "dataset": "my-dataset"} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesAutoTimestamp: + application/json: {} + OutputCreateExamplesNewrelic: + parameters: + path: + id: "" requestBody: - application/json: {"id": "auto-timestamp-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts timestamps from event data using auto timestamp function", "streamtags": [], "functions": [{"filter": "true", "id": "auto_timestamp", "description": "drive pro shore pfft", "disabled": true, "final": false, "conf": {"srcField": "_raw", "dstField": "_time", "defaultTimezone": "local", "timeExpression": "time.getTime() / 1000", "offset": 0, "maxLen": 150, "defaultTime": "now", "latestDateAllowed": "+1week", "spacer": "", "earliestDateAllowed": "-420weeks", "timestamps": [{"regex": "/(\\d{1,2}\\/\\d{2}\\/\\d{4}\\s\\d{1,2}:\\d{2}:\\d{2}\\s\\w{2})/", "strptime": "%Y-%m-%d %H:%M:%S"}]}, "groupId": ""}], "groups": {}}} + application/json: {"id": "newrelic-output", "type": "newrelic", "apiKey": "your-api-key"} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesCEFSerializer: + application/json: {} + OutputCreateExamplesNewrelicEvents: + parameters: + path: + id: "" requestBody: - application/json: {"id": "cef-serializer-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that formats events in CEF format with custom header and extension fields", "streamtags": [], "functions": [{"filter": "true", "id": "cef", "description": "upright founder when yet", "disabled": false, "final": true, "conf": {"outputField": "_raw", "header": [{"value": "'CEF:0'"}, {"value": "'Cribl'"}, {"value": "'Cribl'"}, {"value": "C.version"}, {"value": "420"}, {"value": "'Cribl Event'"}, {"value": "6"}], "extension": [{"name": "c6a1Label", "value": "'Colorado_Ext_Bldg7'"}]}, "groupId": ""}], "groups": {}}} + application/json: {"id": "newrelic-events-output", "type": "newrelic_events", "accountId": "123456", "eventType": "CriblEvent", "apiKey": "your-api-key"} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesChain: + application/json: {} + OutputCreateExamplesSnmp: + parameters: + path: + id: "" requestBody: - application/json: {"id": "chain-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that chains to another pipeline for sequential data processing", "streamtags": [], "functions": [{"filter": "true", "id": "chain", "description": "hm loyally whenever selfish whoever", "disabled": false, "final": false, "conf": {"processor": "prometheus_metrics"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "snmp-output", "type": "snmp", "hosts": [{"host": "192.168.1.1", "port": 161}]} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesClone: + application/json: {} + OutputCreateExamplesInfluxdb: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "influxdb-output", "type": "influxdb", "url": "http://localhost:8086", "database": "mydb"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesMinio: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "minio-output", "type": "minio", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "http://localhost:9000"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesCloudwatch: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "cloudwatch-output", "type": "cloudwatch", "logGroupName": "my-log-group", "logStreamName": "my-log-stream", "region": "us-east-1"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesAzureEventhub: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "azure-eventhub-output", "type": "azure_eventhub", "brokers": ["myeventhub.servicebus.windows.net:9093"], "topic": "logs"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesStatsd: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "statsd-output", "type": "statsd", "protocol": "udp", "host": "localhost", "port": 8125} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesStatsdExt: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "statsd-ext-output", "type": "statsd_ext", "protocol": "udp", "host": "localhost", "port": 8125} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesGraphite: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "graphite-output", "type": "graphite", "protocol": "tcp", "host": "localhost", "port": 2003} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesWavefront: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "wavefront-output", "type": "wavefront", "domain": "longboard", "token": "your-token"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesSignalfx: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "signalfx-output", "type": "signalfx", "realm": "us0", "token": "your-token"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesSqs: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "sqs-output", "type": "sqs", "queueName": "my-queue", "queueType": "standard", "region": "us-east-1"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesGoogleCloudStorage: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "google-cloud-storage-output", "type": "google_cloud_storage", "bucket": "my-bucket", "region": "us-east1", "endpoint": "https://storage.googleapis.com", "stagePath": "/tmp/staging"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesSumoLogic: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "sumo-logic-output", "type": "sumo_logic", "url": "https://endpoint1.collection.us2.sumologic.com"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesDatadog: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "datadog-output", "type": "datadog", "apiKey": "your-api-key"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesWebhook: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "webhook-output", "type": "webhook", "url": "https://example.com/webhook"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesPrometheus: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "prometheus-output", "type": "prometheus", "url": "http://localhost:9091/api/v1/write"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesGooglePubsub: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "google-pubsub-output", "type": "google_pubsub", "topicName": "my-topic"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesGoogleChronicle: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "google-chronicle-output", "type": "google_chronicle", "logFormatType": "unstructured", "region": "us", "customerId": "customer-id"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesChronicle: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "chronicle-output", "type": "chronicle", "region": "us", "logType": "UNKNOWN", "gcpProjectId": "my-project", "gcpInstance": "customer-id"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesGrafanaCloud: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "grafana-cloud-output", "type": "grafana_cloud", "lokiUrl": "https://logs-prod-us-central1.grafana.net"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesLoki: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "loki-output", "type": "loki", "url": "http://localhost:3100/loki/api/v1/push"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesOpenTelemetry: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "opentelemetry-output", "type": "open_telemetry", "endpoint": "http://localhost:4317"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesServiceNow: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "servicenow-output", "type": "service_now", "endpoint": "ingest.lightstep.com:443", "tokenSecret": "your-token-secret", "otlpVersion": "1.3.1", "protocol": "http"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesDynatraceOtlp: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "dynatrace-otlp-output", "type": "dynatrace_otlp", "protocol": "http", "endpoint": "https://your-environment.live.dynatrace.com/api/v2/otlp", "otlpVersion": "1.3.1", "endpointType": "saas", "tokenSecret": "your-token-secret"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesSentinelOneAiSiem: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "sentinel-one-ai-siem-output", "type": "sentinel_one_ai_siem", "region": "US", "endpoint": "/services/collector/event"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesDataset: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "dataset-output", "type": "dataset"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesRing: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "ring-output", "type": "ring"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesRouter: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "router-output", "type": "router", "rules": [{"filter": "true", "output": "my-output"}]} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesWizHec: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "wiz-hec-output", "type": "wiz_hec", "authType": "manual", "wiz_connector_id": "00000000-0000-0000-0000-000000000000", "wiz_environment": "test", "data_center": "us1", "wiz_sourcetype": "placeholder"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesHumioHec: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "humio-hec-output", "type": "humio_hec", "url": "https://cloud.us.humio.com/api/v1/ingest/hec", "format": "JSON", "authType": "manual", "token": "your-token"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesCrowdstrikeNextGenSiem: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "crowdstrike-next-gen-siem-output", "type": "crowdstrike_next_gen_siem", "url": "https://ingest.us.crowdstrike.com/api/ingest/hec/connection-id/v1/services/collector", "format": "JSON", "authType": "manual", "token": "your-token"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesCriblHttp: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "cribl-http-output", "type": "cribl_http"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesCriblTcp: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "cribl-tcp-output", "type": "cribl_tcp", "host": "localhost", "port": 10090} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesCriblSearchEngine: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "cribl-search-engine-output", "type": "cribl_search_engine", "systemFields": ["cribl_pipe"], "streamtags": [], "loadBalanced": false, "tls": {"disabled": true}, "tokenTTLMinutes": 60, "excludeFields": ["__kube_*", "__metadata", "__winEvent"], "compression": "gzip", "concurrency": 5, "maxPayloadSizeKB": 4096, "maxPayloadEvents": 0, "rejectUnauthorized": true, "timeoutSec": 30, "flushPeriodSec": 1, "failedRequestLoggingMode": "none", "safeHeaders": [], "throttleRatePerSec": "0", "responseRetrySettings": [{"httpStatus": 401, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 20000}, {"httpStatus": 403, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 20000}, {"httpStatus": 408, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 429, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 500, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 502, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 503, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 504, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 509, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}], "timeoutRetrySettings": {"timeoutRetry": false}, "responseHonorRetryAfterHeader": true, "onBackpressure": "block", "useRoundRobinDns": true, "url": "https://0.0.0.0:10200"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesGoogleCloudLogging: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "google-cloud-logging-output", "type": "google_cloud_logging", "logLocationType": "project", "logNameExpression": "my-log", "logLocationExpression": "my-project"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesSns: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "sns-output", "type": "sns", "topicArn": "arn:aws:sns:us-east-1:123456789012:my-topic", "messageGroupId": "my-message-group", "region": "us-east-1"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesDlS3: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "dl-s3-output", "type": "dl_s3", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesSecurityLake: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "security-lake-output", "type": "security_lake", "assumeRoleArn": "arn:aws:iam::123456789012:role/my-role", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging", "accountId": "123456789012", "customSource": "my-custom-source"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesCriblLake: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "cribl-lake-output", "type": "cribl_lake"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesExabeam: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "exabeam-output", "type": "exabeam", "bucket": "my-bucket", "region": "us-east1", "stagePath": "/tmp/staging", "endpoint": "https://storage.googleapis.com", "collectorInstanceId": "11112222-3333-4444-5555-666677778888"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesDiskSpool: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "disk-spool-output", "type": "disk_spool"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesClickHouse: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "clickhouse-output", "type": "click_house", "url": "http://localhost:8123/", "database": "mydb", "tableName": "mytable"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesXsiam: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "xsiam-output", "type": "xsiam"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesNetflow: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "netflow-output", "type": "netflow", "hosts": [{"host": "localhost", "port": 2055}]} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesDynatraceHttp: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "dynatrace-http-output", "type": "dynatrace_http", "authType": "token", "format": "json_array", "endpoint": "cloud", "telemetryType": "logs", "token": "your-api-key"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesDatabricks: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "databricks-output", "type": "databricks", "workspaceId": "your-workspace-id", "scope": "all-apis", "clientId": "your-client-id", "catalog": "main", "schema": "external", "eventsVolumeName": "events", "clientTextSecret": "your-client-secret"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesLocalSearchStorage: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "local-search-storage-output", "type": "local_search_storage", "url": "http://localhost:8123/", "database": "default", "tableName": "mytable"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesNutanixObjects: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "nutanix-objects-output", "type": "nutanix_objects", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://nutanix-objects.example.com"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesStorjS3: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "storj-s3-output", "type": "storj_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://gateway.storjshare.io"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesAlphasocS3: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "alphasoc-s3-output", "type": "alphasoc_s3", "bucket": "events", "stagePath": "/tmp/staging", "endpoint": "https://s3.alphasoc.net"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesdellS3: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "dell-s3-output", "type": "dell_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://powerscale.example.com:9021"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplescloudianS3: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "cloudian-s3-output", "type": "cloudian_s3", "endpoint": "https://s3.hyperstore.example.com", "bucket": "my-bucket", "stagePath": "/tmp/staging"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesscalityS3: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "scality-s3-output", "type": "scality_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://s3.scality.example.com"} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputCreateExamplesalibabaCloudS3: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "alibaba-oss-output", "type": "alibaba_cloud_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://s3.oss-cn-hangzhou.aliyuncs.com"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesDefault: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "default-output", "type": "default", "defaultId": "my-default-output"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesTcpjson: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "tcpjson-output", "type": "tcpjson", "host": "localhost", "port": 10090} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesSplunk: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "splunk-output", "type": "splunk", "host": "localhost", "port": 9997} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesSplunkLb: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "splunk-lb-output", "type": "splunk_lb", "hosts": [{"host": "localhost", "port": 9997}]} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesSplunkHec: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "splunk-hec-output", "type": "splunk_hec"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesSyslog: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "syslog-output", "type": "syslog", "host": "localhost", "port": 514} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesFilesystem: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "filesystem-output", "type": "filesystem", "destPath": "/var/log/output"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesS3: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "s3-output", "type": "s3", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesNutanixObjects: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "nutanix-objects-output", "type": "nutanix_objects", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://nutanix-objects.example.com"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesStorjS3: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "storj-s3-output", "type": "storj_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://gateway.storjshare.io"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesAlphasocS3: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "alphasoc-s3-output", "type": "alphasoc_s3", "bucket": "events", "stagePath": "/tmp/staging", "endpoint": "https://s3.alphasoc.net"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesdellS3: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "dell-s3-output", "type": "dell_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://powerscale.example.com:9021"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplescloudianS3: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "cloudian-s3-output", "type": "cloudian_s3", "endpoint": "https://s3.hyperstore.example.com", "bucket": "my-bucket", "stagePath": "/tmp/staging"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesscalityS3: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "scality-s3-output", "type": "scality_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://s3.scality.example.com"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesalibabaCloudS3: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "alibaba-oss-output", "type": "alibaba_cloud_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://s3.oss-cn-hangzhou.aliyuncs.com"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesAzureBlob: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "azure-blob-output", "type": "azure_blob", "containerName": "my-container", "stagePath": "/tmp/staging"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesAzureDataExplorer: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "azure-data-explorer-output", "type": "azure_data_explorer", "clusterUrl": "https://mycluster.kusto.windows.net", "database": "mydatabase", "table": "mytable", "ingestMode": "streaming", "oauthEndpoint": "https://login.microsoftonline.com", "tenantId": "tenant-id", "clientId": "client-id", "scope": "https://mycluster.kusto.windows.net/.default", "oauthType": "clientSecret", "clientSecret": "client-secret", "format": "json", "compress": "gzip"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesSentinel: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "sentinel-output", "type": "sentinel", "loginUrl": "https://login.microsoftonline.com", "secret": "client-secret", "client_id": "client-id", "endpointURLConfiguration": "url", "url": "https://your-workspace.ingest.monitor.azure.com"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesAzureLogs: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "azure-logs-output", "type": "azure_logs", "logType": "Cribl", "authType": "manual", "workspaceId": "workspace-id", "workspaceKey": "workspace-key"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesKafka: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "kafka-output", "type": "kafka", "brokers": ["localhost:9092"], "topic": "logs"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesConfluentCloud: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "confluent-cloud-output", "type": "confluent_cloud", "brokers": ["pkc-xxxxx.us-east-1.aws.confluent.cloud:9092"], "topic": "logs"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesMsk: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "msk-output", "type": "msk", "brokers": ["b-1.example.xxxxx.c2.kafka.us-east-1.amazonaws.com:9092"], "topic": "logs", "awsAuthenticationMethod": "auto", "region": "us-east-1"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesKinesis: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "kinesis-output", "type": "kinesis", "streamName": "my-stream", "region": "us-east-1"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesElastic: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "elastic-output", "type": "elastic", "index": "logs"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesElasticCloud: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "elastic-cloud-output", "type": "elastic_cloud", "url": "my-cloud-id", "index": "logs"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesMicrosoftFabric: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "microsoft-fabric-output", "type": "microsoft_fabric", "topic": "logs", "bootstrap_server": "myeventstream.servicebus.windows.net:9093"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesCloudflareR2: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "cloudflare-r2-output", "type": "cloudflare_r2", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://account-id.r2.cloudflarestorage.com"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesHoneycomb: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "honeycomb-output", "type": "honeycomb", "dataset": "my-dataset"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesNewrelic: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "newrelic-output", "type": "newrelic", "apiKey": "your-api-key"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesNewrelicEvents: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "newrelic-events-output", "type": "newrelic_events", "accountId": "123456", "eventType": "CriblEvent", "apiKey": "your-api-key"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesSnmp: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "snmp-output", "type": "snmp", "hosts": [{"host": "192.168.1.1", "port": 161}]} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesInfluxdb: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "influxdb-output", "type": "influxdb", "url": "http://localhost:8086", "database": "mydb"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesMinio: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "minio-output", "type": "minio", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "http://localhost:9000"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesCloudwatch: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "cloudwatch-output", "type": "cloudwatch", "logGroupName": "my-log-group", "logStreamName": "my-log-stream", "region": "us-east-1"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesAzureEventhub: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "azure-eventhub-output", "type": "azure_eventhub", "brokers": ["myeventhub.servicebus.windows.net:9093"], "topic": "logs"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesStatsd: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "statsd-output", "type": "statsd", "protocol": "udp", "host": "localhost", "port": 8125} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesStatsdExt: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "statsd-ext-output", "type": "statsd_ext", "protocol": "udp", "host": "localhost", "port": 8125} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesGraphite: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "graphite-output", "type": "graphite", "protocol": "tcp", "host": "localhost", "port": 2003} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesWavefront: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "wavefront-output", "type": "wavefront", "domain": "longboard", "token": "your-token"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesSignalfx: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "signalfx-output", "type": "signalfx", "realm": "us0", "token": "your-token"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesSqs: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "sqs-output", "type": "sqs", "queueName": "my-queue", "queueType": "standard", "region": "us-east-1"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesGoogleCloudStorage: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "google-cloud-storage-output", "type": "google_cloud_storage", "bucket": "my-bucket", "region": "us-east1", "endpoint": "https://storage.googleapis.com", "stagePath": "/tmp/staging"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesSumoLogic: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "sumo-logic-output", "type": "sumo_logic", "url": "https://endpoint1.collection.us2.sumologic.com"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesDatadog: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "datadog-output", "type": "datadog", "apiKey": "your-api-key"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesWebhook: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "webhook-output", "type": "webhook", "url": "https://example.com/webhook"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesPrometheus: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "prometheus-output", "type": "prometheus", "url": "http://localhost:9091/api/v1/write"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesGooglePubsub: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "google-pubsub-output", "type": "google_pubsub", "topicName": "my-topic"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesGoogleChronicle: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "google-chronicle-output", "type": "google_chronicle", "logFormatType": "unstructured", "region": "us", "customerId": "customer-id"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesChronicle: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "chronicle-output", "type": "chronicle", "region": "us", "logType": "UNKNOWN", "gcpProjectId": "my-project", "gcpInstance": "customer-id"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesGrafanaCloud: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "grafana-cloud-output", "type": "grafana_cloud", "lokiUrl": "https://logs-prod-us-central1.grafana.net"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesLoki: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "loki-output", "type": "loki", "url": "http://localhost:3100/loki/api/v1/push"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesOpenTelemetry: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "opentelemetry-output", "type": "open_telemetry", "endpoint": "http://localhost:4317"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesServiceNow: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "servicenow-output", "type": "service_now", "endpoint": "ingest.lightstep.com:443", "tokenSecret": "your-token-secret", "otlpVersion": "1.3.1", "protocol": "http"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesDynatraceOtlp: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "dynatrace-otlp-output", "type": "dynatrace_otlp", "protocol": "http", "endpoint": "https://your-environment.live.dynatrace.com/api/v2/otlp", "otlpVersion": "1.3.1", "endpointType": "saas", "tokenSecret": "your-token-secret"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesGoogleCloudObservability: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "google-cloud-observability-output", "type": "google_cloud_observability", "googleAuthMethod": "auto"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesSentinelOneAiSiem: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "sentinel-one-ai-siem-output", "type": "sentinel_one_ai_siem", "region": "US", "endpoint": "/services/collector/event"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesDataset: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "dataset-output", "type": "dataset"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesRing: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "ring-output", "type": "ring"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesRouter: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "router-output", "type": "router", "rules": [{"filter": "true", "output": "my-output"}]} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesWizHec: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "wiz-hec-output", "type": "wiz_hec", "authType": "manual", "wiz_connector_id": "00000000-0000-0000-0000-000000000000", "wiz_environment": "test", "data_center": "us1", "wiz_sourcetype": "placeholder"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesHumioHec: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "humio-hec-output", "type": "humio_hec", "url": "https://cloud.us.humio.com/api/v1/ingest/hec", "format": "JSON", "authType": "manual", "token": "your-token"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesCrowdstrikeNextGenSiem: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "crowdstrike-next-gen-siem-output", "type": "crowdstrike_next_gen_siem", "url": "https://ingest.us.crowdstrike.com/api/ingest/hec/connection-id/v1/services/collector", "format": "JSON", "authType": "manual", "token": "your-token"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesCriblHttp: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "cribl-http-output", "type": "cribl_http"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesCriblTcp: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "cribl-tcp-output", "type": "cribl_tcp", "host": "localhost", "port": 10090} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesCriblSearchEngine: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "cribl-search-engine-output", "type": "cribl_search_engine", "systemFields": ["cribl_pipe"], "streamtags": [], "loadBalanced": false, "tls": {"disabled": true}, "tokenTTLMinutes": 60, "excludeFields": ["__kube_*", "__metadata", "__winEvent"], "compression": "gzip", "concurrency": 5, "maxPayloadSizeKB": 4096, "maxPayloadEvents": 0, "rejectUnauthorized": true, "timeoutSec": 30, "flushPeriodSec": 1, "failedRequestLoggingMode": "none", "safeHeaders": [], "throttleRatePerSec": "0", "responseRetrySettings": [{"httpStatus": 401, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 20000}, {"httpStatus": 403, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 20000}, {"httpStatus": 408, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 429, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 500, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 502, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 503, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 504, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 509, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}], "timeoutRetrySettings": {"timeoutRetry": false}, "responseHonorRetryAfterHeader": true, "onBackpressure": "block", "useRoundRobinDns": true, "url": "https://0.0.0.0:10200"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesGoogleCloudLogging: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "google-cloud-logging-output", "type": "google_cloud_logging", "logLocationType": "project", "logNameExpression": "my-log", "logLocationExpression": "my-project"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesSns: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "sns-output", "type": "sns", "topicArn": "arn:aws:sns:us-east-1:123456789012:my-topic", "messageGroupId": "my-message-group", "region": "us-east-1"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesDlS3: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "dl-s3-output", "type": "dl_s3", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesSecurityLake: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "security-lake-output", "type": "security_lake", "assumeRoleArn": "arn:aws:iam::123456789012:role/my-role", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging", "accountId": "123456789012", "customSource": "my-custom-source"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesCriblLake: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "cribl-lake-output", "type": "cribl_lake"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesExabeam: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "exabeam-output", "type": "exabeam", "bucket": "my-bucket", "region": "us-east1", "stagePath": "/tmp/staging", "endpoint": "https://storage.googleapis.com", "collectorInstanceId": "11112222-3333-4444-5555-666677778888"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesDiskSpool: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "disk-spool-output", "type": "disk_spool"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesClickHouse: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "clickhouse-output", "type": "click_house", "url": "http://localhost:8123/", "database": "mydb", "tableName": "mytable"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesLocalSearchStorage: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "local-search-storage-output", "type": "local_search_storage", "url": "http://localhost:8123/", "database": "default", "tableName": "mytable"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesXsiam: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "xsiam-output", "type": "xsiam"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesNetflow: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "netflow-output", "type": "netflow", "hosts": [{"host": "localhost", "port": 2055}]} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesDynatraceHttp: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "dynatrace-http-output", "type": "dynatrace_http", "authType": "token", "format": "json_array", "endpoint": "cloud", "telemetryType": "logs", "token": "your-api-key"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesDatabricks: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "databricks-output", "type": "databricks", "workspaceId": "your-workspace-id", "scope": "all-apis", "clientId": "your-client-id", "catalog": "main", "schema": "external", "eventsVolumeName": "events", "clientTextSecret": "your-client-secret"} + responses: + "200": + application/json: {} + "500": + application/json: {} + deleteOutputById: + speakeasy-default-delete-output-by-id: + parameters: + path: + id: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + deleteOutputPqById: + speakeasy-default-delete-output-pq-by-id: + parameters: + path: + id: "" + responses: + "200": + application/json: {"count": 37997, "items": [{"key": ""}, {"key": "", "key1": ""}]} + "500": + application/json: {} + "201": + application/json: {} + getOutputPqById: + speakeasy-default-get-output-pq-by-id: + parameters: + path: + id: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + getOutputSamplesById: + speakeasy-default-get-output-samples-by-id: + parameters: + path: + id: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + createOutputTestById: + speakeasy-default-create-output-test-by-id: + parameters: + path: + id: "" + requestBody: + application/json: {"events": [{"_raw": ""}]} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputTestExamplesSingleEvent: + parameters: + path: + id: "" + requestBody: + application/json: {"events": [{"_raw": "This is a test event", "source": "test", "sourcetype": "manual"}]} + responses: + "200": + application/json: {} + "500": + application/json: {} + OutputTestExamplesMultipleEvents: + parameters: + path: + id: "" + requestBody: + application/json: {"events": [{"_raw": "Test event 1", "source": "test", "sourcetype": "manual"}, {"_raw": "Test event 2", "source": "test", "sourcetype": "manual"}]} + responses: + "200": + application/json: {} + "500": + application/json: {} + listRoutes: + speakeasy-default-list-routes: + responses: + "200": + application/json: {"count": 397064, "items": [{"id": "", "routes": [], "groups": {"key": {"name": "", "description": "proceed provided off nor why pasta wry youthfully amongst which", "disabled": true}}, "comments": [{"comment": "Andy shoes are designed to keeping in mind durability as well as trends, the most stylish range of shoes & sandals"}]}]} + "500": + application/json: {"message": ""} + getRoutesById: + speakeasy-default-get-routes-by-id: + parameters: + path: + id: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + updateRoutesById: + speakeasy-default-update-routes-by-id: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "", "routes": []} + responses: + "200": + application/json: {} + "500": + application/json: {} + RoutesUpdateExamplesBasicRoute: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "default", "routes": [{"description": "Route access logs to main Pipeline", "filter": "source == \"access.log\"", "name": "my-route", "pipeline": "main", "final": true, "id": "default"}]} + responses: + "200": + application/json: {} + "500": + application/json: {} + RoutesUpdateExamplesMultipleRoutes: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "default", "routes": [{"description": "Route speedtest logs", "filter": "source == \"speedtest.log\"", "name": "speedtest", "output": "default", "pipeline": "main", "final": false, "id": "route-speedtest"}, {"description": "Route mtr logs", "filter": "source == \"mtr.log\"", "name": "mtr", "output": "default", "pipeline": "passthru", "final": false, "id": "route-mtr"}, {"description": "Route statsd metrics", "filter": "source == \"statsd.log\"", "name": "statsd", "output": "devnull", "pipeline": "prometheus_metrics", "final": false, "id": "route-statsd"}, {"description": "Catch-all Route for all other events", "filter": "true", "name": "default", "output": "default", "pipeline": "main", "final": true, "id": "route-default"}]} + responses: + "200": + application/json: {} + "500": + application/json: {} + RoutesUpdateExamplesRouteWithOutputExpression: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "default", "routes": [{"description": "Route with dynamic Destination based on environment", "enableOutputExpression": true, "filter": "source == \"dynamic.log\"", "name": "dynamic-output", "outputExpression": "`myDest_${C.logStreamEnv}`", "pipeline": "main", "final": true, "id": "route-dynamic"}]} + responses: + "200": + application/json: {} + "500": + application/json: {} + RoutesUpdateExamplesRouteWithDefaults: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "default", "routes": [{"description": "Route access logs to main Pipeline", "filter": "source == \"access.log\"", "name": "my-route", "pipeline": "main"}]} + responses: + "200": + application/json: {} + "500": + application/json: {} + createRoutesAppendById: + speakeasy-default-create-routes-append-by-id: + parameters: + path: + id: "" + requestBody: + application/json: [] + responses: + "200": + application/json: {} + "500": + application/json: {} + RoutesAppendExamplesSingleRoute: + parameters: + path: + id: "" + requestBody: + application/json: [{"description": "Route new logs to main pipeline", "filter": "source == \"new.log\"", "name": "new-route", "pipeline": "main", "final": true, "id": "route-new"}] + responses: + "200": + application/json: {} + "500": + application/json: {} + RoutesAppendExamplesMultipleRoutes: + parameters: + path: + id: "" + requestBody: + application/json: [{"description": "Route audit logs", "filter": "source == \"audit.log\"", "name": "audit", "output": "default", "pipeline": "main", "final": false, "id": "route-audit"}, {"description": "Route security logs", "filter": "source == \"security.log\"", "name": "security", "output": "devnull", "pipeline": "passthru", "final": false, "id": "route-security"}] + responses: + "200": + application/json: {} + "500": + application/json: {} + RoutesAppendExamplesRouteWithOutputExpression: + parameters: + path: + id: "" + requestBody: + application/json: [{"description": "Route with dynamic Destination based on environment", "enableOutputExpression": true, "filter": "source == \"dynamic.log\"", "name": "dynamic-append", "outputExpression": "`myDest_${C.logStreamEnv}`", "pipeline": "main", "final": true, "id": "route-dynamic-append"}] + responses: + "200": + application/json: {} + "500": + application/json: {} + RoutesAppendExamplesRouteWithDefaults: + parameters: + path: + id: "" + requestBody: + application/json: [{"description": "Route with server-generated id and default final value", "filter": "source == \"new.log\"", "name": "new-route", "pipeline": "main"}] + responses: + "200": + application/json: {} + "500": + application/json: {} + listPipeline: + speakeasy-default-list-pipeline: + responses: + "200": + application/json: {"count": 575048, "items": [{"id": "", "conf": {"asyncFuncTimeout": 138375, "output": "default", "description": "perfectly gosh whup whoa boohoo twin as", "streamtags": ["", ""], "functions": [{"filter": "", "id": "otlp_logs", "description": "aching huge alliance incidentally", "disabled": true, "final": true, "conf": {"dropNonLogEvents": false, "batchOTLPLogs": true}, "groupId": ""}], "groups": {"key": {"name": "", "description": "phew rigidly when", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + createPipeline: + speakeasy-default-create-pipeline: + requestBody: + application/json: {"id": "", "conf": {"asyncFuncTimeout": 905091, "output": "default", "description": "next tightly positively", "streamtags": [""], "functions": [{"filter": "", "id": "clone", "description": "hmph famously redesign", "disabled": true, "final": false, "conf": {"clones": [{"key": ""}, {"key": "", "key1": ""}]}, "groupId": ""}], "groups": {"key": {"name": "", "description": "yuck terribly ostrich enhance sentimental strictly whereas before reboot sleet", "disabled": true}}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesEmpty: + requestBody: + application/json: {"id": "empty-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "", "streamtags": [], "functions": [], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesAggregations: + requestBody: + application/json: {"id": "aggregation-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that aggregates rejected bytes grouped by source address every 10 seconds", "streamtags": [], "functions": [{"filter": "true", "id": "aggregation", "description": "at mad back within towards who save before redraw tooth", "disabled": false, "final": false, "conf": {"passthrough": false, "preserveGroupBys": false, "sufficientStatsOnly": false, "metricsMode": false, "prefix": "", "timeWindow": "10s", "aggregations": ["sum(bytes).where(action==\"REJECT\").as(TotalBytes)"], "groupbys": ["srcaddr"], "flushEventLimit": 5847.83, "flushMemLimit": "", "cumulative": false, "searchAggMode": "", "add": [{"name": "", "value": ""}], "shouldTreatDotsAsLiterals": false, "flushOnInputClose": true}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesAggregateMetrics: + requestBody: + application/json: {"id": "aggregate-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that aggregates process metrics: CPU, memory, and bytes over time windows", "streamtags": [], "functions": [{"filter": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) || (_metric == 'proc.mem_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.mem_perc'\")) || (_metric == 'proc.bytes_in' || __criblMetrics[0].nameExpr.includes(\"'proc.bytes_in'\"))", "id": "aggregate_metrics", "description": "modulo tall usefully jump platter scrape whoever till shy miskey", "disabled": true, "final": false, "conf": {"passthrough": false, "preserveGroupBys": false, "sufficientStatsOnly": false, "prefix": "", "timeWindow": "10s", "aggregations": [{"metricType": "gauge", "agg": "avg(_value || proc.cpu_perc).as(proc.cpu_perc_avg)"}, {"metricType": "gauge", "agg": "sum(_value || proc.mem_perc).as(proc.mem_perc_sum)"}, {"metricType": "counter", "agg": "count(_value || proc.bytes_in).as(proc.bytes_in_count)"}], "groupbys": ["proc"], "flushEventLimit": 9795.75, "flushMemLimit": "", "cumulative": false, "shouldTreatDotsAsLiterals": true, "add": [{"name": "", "value": ""}], "flushOnInputClose": true}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesAutoTimestamp: + requestBody: + application/json: {"id": "auto-timestamp-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts timestamps from event data using auto timestamp function", "streamtags": [], "functions": [{"filter": "true", "id": "auto_timestamp", "description": "drive pro shore pfft", "disabled": true, "final": false, "conf": {"srcField": "_raw", "dstField": "_time", "defaultTimezone": "local", "timeExpression": "time.getTime() / 1000", "offset": 0, "maxLen": 150, "defaultTime": "now", "latestDateAllowed": "+1week", "spacer": "", "earliestDateAllowed": "-420weeks", "timestamps": [{"regex": "/(\\d{1,2}\\/\\d{2}\\/\\d{4}\\s\\d{1,2}:\\d{2}:\\d{2}\\s\\w{2})/", "strptime": "%Y-%m-%d %H:%M:%S"}]}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesCEFSerializer: + requestBody: + application/json: {"id": "cef-serializer-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that formats events in CEF format with custom header and extension fields", "streamtags": [], "functions": [{"filter": "true", "id": "cef", "description": "upright founder when yet", "disabled": false, "final": true, "conf": {"outputField": "_raw", "header": [{"value": "'CEF:0'"}, {"value": "'Cribl'"}, {"value": "'Cribl'"}, {"value": "C.version"}, {"value": "420"}, {"value": "'Cribl Event'"}, {"value": "6"}], "extension": [{"name": "c6a1Label", "value": "'Colorado_Ext_Bldg7'"}]}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesChain: + requestBody: + application/json: {"id": "chain-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that chains to another pipeline for sequential data processing", "streamtags": [], "functions": [{"filter": "true", "id": "chain", "description": "hm loyally whenever selfish whoever", "disabled": false, "final": false, "conf": {"processor": "prometheus_metrics"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesClone: + requestBody: + application/json: {"id": "clone-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that creates cloned events with additional fields for comparison or routing", "streamtags": [], "functions": [{"filter": "true", "id": "clone", "description": "confiscate positively until plus bar wherever", "disabled": false, "final": false, "conf": {"clones": [{"env": "staging"}, {"index": "clones"}]}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesComment: + requestBody: + application/json: {"id": "comment-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline with comment function for documentation", "streamtags": [], "functions": [{"filter": "true", "id": "comment", "description": "magnificent ew scram tight", "disabled": true, "final": false, "conf": {"comment": "This function processes security events and enriches them with DNS lookups"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesDNSLookup: + requestBody: + application/json: {"id": "dns-lookup-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that performs DNS lookups to resolve hostnames and IP addresses", "streamtags": [], "functions": [{"filter": "true", "id": "dns_lookup", "description": "aha entice artistic meh oof", "disabled": false, "final": false, "conf": {"dnsLookupFields": [{"inFieldName": "hostname", "resourceRecordType": "A", "outFieldName": "hostname_ip"}], "reverseLookupFields": [{"inFieldName": "src_ip", "outFieldName": "src_hostname"}], "dnsServers": ["", "", ""], "cacheTTL": 30, "maxCacheSize": 5000, "useResolvConf": false, "lookupFallback": false, "domainOverrides": [""], "lookupFailLogLevel": "error"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesDrop: + requestBody: + application/json: {"id": "drop-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that drops events containing success messages", "streamtags": [], "functions": [{"filter": "_raw.search(/success/i)>=0", "id": "drop", "description": "mid mockingly gah electronics sate", "disabled": false, "final": true, "conf": {}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesDropDimensions: + requestBody: + application/json: {"id": "drop-dimensions-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that drops specified dimensions from metrics to reduce cardinality", "streamtags": [], "functions": [{"filter": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) && (__criblMetrics[0].dims.includes(\"proc\"))", "id": "drop_dimensions", "description": "sympathetically perfectly quarrelsomely excluding", "disabled": true, "final": false, "conf": {"timeWindow": "10s", "dropDimensions": ["proc", "pie", "unit"], "flushOnInputClose": true}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesDynamicSampling: + requestBody: + application/json: {"id": "dynamic-sampling-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that dynamically samples events based on volume using square root mode", "streamtags": [], "functions": [{"filter": "true", "id": "dynamic_sampling", "description": "likewise apropos by whoever unkempt ugh wherever", "disabled": false, "final": true, "conf": {"mode": "sqrt", "keyExpr": "`${domain}:${httpCode}`", "samplePeriod": 20, "minEvents": 3, "maxSampleRate": 3}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesEval: + requestBody: + application/json: {"id": "eval-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that evaluates JavaScript expressions to add, modify, and remove fields", "streamtags": [], "functions": [{"filter": "true", "id": "eval", "description": "thread circa gah beside attest misappropriate humiliating", "disabled": false, "final": true, "conf": {"add": [{"name": "action", "value": "login == 'error' ? 'blocked' : action", "disabled": false}, {"name": "myTags", "value": "login == 'error' ? [...myTags, 'error'] : myTags", "disabled": false}], "keep": ["host", "source", "action", "myTags"], "remove": ["identification"]}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesEventBreaker: + requestBody: + application/json: {"id": "event-breaker-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that breaks large event streams into discrete events using regex", "streamtags": [], "functions": [{"filter": "true", "id": "event_breaker", "description": "upbeat powerfully camouflage upbeat spirit violently premier tricky bowler", "disabled": true, "final": true, "conf": {"existingOrNew": "new", "shouldMarkCriblBreaker": true}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesFlatten: + requestBody: + application/json: {"id": "flatten-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that flattens nested JSON structures into top-level fields", "streamtags": [], "functions": [{"filter": "true", "id": "flatten", "description": "zebra busily woot alongside fess", "disabled": false, "final": false, "conf": {"fields": [], "prefix": "", "depth": 5, "delimiter": "_"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesFoldKeys: + requestBody: + application/json: {"id": "fold-keys-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that transforms flat field names with separators into nested structures", "streamtags": [], "functions": [{"filter": "true", "id": "foldkeys", "description": "rudely worthwhile cross everlasting ghost freezing majority duffel loftily abaft", "disabled": false, "final": true, "conf": {"deleteOriginal": true, "separator": "_", "selectionRegExp": "^data"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesGeoIP: + requestBody: + application/json: {"id": "geoip-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that enriches events with geolocation data from IP addresses", "streamtags": [], "functions": [{"filter": "true", "id": "geoip", "description": "decongestant substantiate soon er finally pfft override knottily", "disabled": true, "final": true, "conf": {"file": "GeoLite2-City.mmdb", "inField": "ip", "outField": "geoip", "additionalFields": [{"extraInField": "src_ip", "extraOutField": "src_geoip"}], "outFieldMappings": {}}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesGrok: + requestBody: + application/json: {"id": "grok-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts structured fields from log data using Grok patterns", "streamtags": [], "functions": [{"filter": "true", "id": "grok", "description": "hopelessly viability morning monthly decisive onto strange", "disabled": true, "final": false, "conf": {"pattern": "%{TIMESTAMP_ISO8601:event_time} %{LOGLEVEL:log_level} %{GREEDYDATA:log_message}", "patternList": [], "source": "_raw"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesGuard: + requestBody: + application/json: {"id": "guard-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that scans for sensitive data and applies mitigation expressions", "streamtags": [], "functions": [{"filter": "true", "id": "sensitive_data_scanner", "description": "judgementally while why", "disabled": true, "final": false, "conf": {"rules": [{"rulesetId": "Finance_Global", "replaceExpr": "'REDACTED'", "disabled": false}], "fields": ["_raw"], "excludeFields": [], "flags": [{"name": "_sensitive", "value": "true"}], "includeDetectedRules": true, "backgroundDetection": true}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesJSONUnroll: + requestBody: + application/json: {"id": "json-unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls JSON arrays into individual events while retaining parent fields", "streamtags": [], "functions": [{"filter": "true", "id": "json_unroll", "description": "unbearably boo regarding", "disabled": false, "final": false, "conf": {"path": "allCars", "name": "cars"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesLookup: + requestBody: + application/json: {"id": "lookup-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that enriches events with location data from IP address lookups", "streamtags": [], "functions": [{"filter": "true", "id": "lookup", "description": "ouch who phooey bookcase elegantly why now alive", "disabled": true, "final": false, "conf": {"file": "ip_locations.csv", "dbLookup": false, "matchMode": "exact", "matchType": "", "reloadPeriodSec": -1, "inFields": [{"eventField": "destination_ip", "lookupField": "ip"}], "outFields": [{"lookupField": "location", "eventField": "location", "defaultValue": "Unknown"}], "addToEvent": false, "ignoreCase": false}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesMask: + requestBody: + application/json: {"id": "mask-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that masks Social Security numbers and other sensitive data", "streamtags": [], "functions": [{"filter": "true", "id": "mask", "description": "from handle for", "disabled": true, "final": false, "conf": {"rules": [{"matchRegex": "/(social=)(\\d+)/", "replaceExpr": "`${g1}${C.Mask.md5(g2)}`", "disabled": false}], "fields": ["_raw"], "depth": 5, "flags": [{"name": "", "value": ""}]}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesNumerify: + requestBody: + application/json: {"id": "numerify-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that converts string numbers to numeric type for mathematical operations", "streamtags": [], "functions": [{"filter": "true", "id": "numerify", "description": "relieve whose fixed provided mechanically pfft powerfully embarrassment", "disabled": false, "final": true, "conf": {"depth": 5, "ignoreFields": [], "filterExpr": "", "format": "none"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesOTLPLogs: + requestBody: + application/json: {"id": "otlp-logs-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that normalizes and batches OTLP log events from OpenTelemetry sources", "streamtags": [], "functions": [{"filter": "__inputId=='open_telemetry:open_telemetry'", "id": "otlp_logs", "description": "stuff catalyst close mortally down", "disabled": true, "final": false, "conf": {"dropNonLogEvents": false, "batchOTLPLogs": true}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesOTLPMetrics: + requestBody: + application/json: {"id": "otlp-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that converts dimensional metrics to OTLP format and batches them by resource attributes", "streamtags": [], "functions": [{"filter": "__inputId=='prometheus_rw:prom_rw_in'", "id": "otlp_metrics", "description": "interestingly towards bowler now keenly", "disabled": false, "final": false, "conf": {"resourceAttributePrefixes": ["service", "system", "telemetry", "k8s", "cloud", "host", "process"], "dropNonMetricEvents": false, "otlpVersion": "0.10.0", "batchOTLPMetrics": true}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesOTLPTraces: + requestBody: + application/json: {"id": "otlp-traces-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that normalizes and batches OTLP trace events from OpenTelemetry sources", "streamtags": [], "functions": [{"filter": "__inputId=='open_telemetry:open_telemetry'", "id": "otlp_traces", "description": "rectangular lest great hollow", "disabled": false, "final": true, "conf": {"dropNonTraceEvents": false, "otlpVersion": "0.10.0", "batchOTLPTraces": true}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesParser: + requestBody: + application/json: {"id": "parser-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts fields from key-value pair formatted data", "streamtags": [], "functions": [{"filter": "true", "id": "serde", "description": "pish rudely colorfully around overdue ouch uh-huh gadzooks motor if", "disabled": true, "final": false, "conf": {"mode": "extract", "type": "kvp", "delimChar": "", "quoteChar": "", "escapeChar": "", "nullValue": "", "srcField": "_raw", "dstField": "", "cleanFields": false}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesPublishMetrics: + requestBody: + application/json: {"id": "publish-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts metrics from events and formats them for metrics aggregation platforms", "streamtags": [], "functions": [{"filter": "true", "id": "publish_metrics", "description": "transcend yahoo creative till thoughtfully upside-down cap amongst", "disabled": true, "final": true, "conf": {"fields": [{"inFieldName": "bytes", "outFieldExpr": "'metric_name.bytes'", "metricType": "gauge"}, {"inFieldName": "packets", "outFieldExpr": "'metric_name.packets'", "metricType": "gauge"}], "overwrite": false, "dimensions": ["action", "interface_id", "dstaddr"], "removeMetrics": [], "removeDimensions": []}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesRedis: + requestBody: + application/json: {"id": "redis-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that retrieves values from Redis using GET command", "streamtags": [], "functions": [{"filter": "true", "id": "redis", "description": "gut valiantly step-mother political outrun likewise", "disabled": false, "final": false, "conf": {"commands": [{"outField": "cached_value", "command": "get", "keyExpr": "'user_session'", "argsExpr": ""}], "deploymentType": "standalone", "authType": "none", "maxBlockSecs": 60, "enableClientSideCaching": false}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesRegexExtract: + requestBody: + application/json: {"id": "regex-extract-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts structured fields from log data using regex patterns with named capture groups", "streamtags": [], "functions": [{"filter": "true", "id": "regex_extract", "description": "against next mmm", "disabled": false, "final": true, "conf": {"regex": "/metric1=(?\\d+)/", "regexList": [{"regex": ""}], "source": "_raw", "iterations": 100, "fieldNameExpression": "", "overwrite": false}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesRegexFilter: + requestBody: + application/json: {"id": "regex-filter-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that filters out events matching specific regex patterns", "streamtags": [], "functions": [{"filter": "true", "id": "regex_filter", "description": "extroverted certify fatally flawless", "disabled": false, "final": true, "conf": {"regex": "/Opera/", "regexList": [{"regex": ""}], "field": "_raw"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesRename: + requestBody: + application/json: {"id": "rename-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that renames fields using key-value pairs and expressions", "streamtags": [], "functions": [{"filter": "true", "id": "rename", "description": "pish poorly but ham", "disabled": true, "final": true, "conf": {"baseFields": [], "rename": [{"currentName": "level", "newName": "LEVEL"}], "renameExpr": "name.startsWith('out') ? name.toUpperCase() : name", "wildcardDepth": 5}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesRollupMetrics: + requestBody: + application/json: {"id": "rollup-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that consolidates high-frequency metrics into manageable time windows", "streamtags": [], "functions": [{"filter": "true", "id": "rollup_metrics", "description": "neatly how apostrophize", "disabled": true, "final": true, "conf": {"dimensions": ["*"], "timeWindow": "30s", "gaugeRollup": "last"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesSampling: + requestBody: + application/json: {"id": "sampling-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that samples events at specified rates based on filter criteria", "streamtags": [], "functions": [{"filter": "true", "id": "sampling", "description": "amongst rewrite into damp late", "disabled": false, "final": true, "conf": {"rules": [{"filter": "__status == 200", "rate": 5}]}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesSerialize: + requestBody: + application/json: {"id": "serialize-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that serializes event fields into JSON format", "streamtags": [], "functions": [{"filter": "true", "id": "serialize", "description": "peony masterpiece gee rigidly muted now entwine shrilly ouch", "disabled": true, "final": true, "conf": {"type": "json", "delimChar": "", "quoteChar": "", "escapeChar": "", "nullValue": "", "fields": ["city", "state"], "srcField": "", "dstField": "_raw"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesSNMPTrapSerialize: + requestBody: + application/json: {"id": "snmp-trap-serialize-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that serializes events into SNMP trap format for SNMP trap destinations", "streamtags": [], "functions": [{"filter": "true", "id": "snmp_trap_serialize", "description": "steel ack colorfully vivid chilly cook suspiciously rich equal", "disabled": true, "final": true, "conf": {"strict": true, "dropFailedEvents": true, "v3User": {"name": "", "authProtocol": "sha256", "authKey": "", "privProtocol": ""}}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesSuppress: + requestBody: + application/json: {"id": "suppress-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that suppresses duplicate events based on a key expression", "streamtags": [], "functions": [{"filter": "true", "id": "suppress", "description": "clean nucleotidase spectacles plus whenever blah whereas reiterate optimistically", "disabled": false, "final": false, "conf": {"keyExpr": "`${ip}:${port}`", "allow": 1, "suppressPeriodSec": 30, "dropEventsMode": true, "maxCacheSize": 50000, "cacheIdleTimeoutPeriods": 2, "numEventsIdleTimeoutTrigger": 10000}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesTee: + requestBody: + application/json: {"id": "tee-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that sends events to a command via stdin for debugging purposes", "streamtags": [], "functions": [{"filter": "true", "id": "tee", "description": "aw mid taxicab dandelion ah mundane hmph whispered", "disabled": false, "final": true, "conf": {"command": "tee", "args": ["/opt/cribl/foo.log"], "restartOnExit": true, "env": {}}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesUnroll: + requestBody: + application/json: {"id": "unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls array fields into separate events", "streamtags": [], "functions": [{"filter": "true", "id": "unroll", "description": "second possible above tag what", "disabled": true, "final": true, "conf": {"srcExpr": "_raw.split(/\\n/)", "dstField": "_raw"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesXMLUnroll: + requestBody: + application/json: {"id": "xml-unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls XML elements into separate events", "streamtags": [], "functions": [{"filter": "true", "id": "xml_unroll", "description": "within limply describe eek questioningly anesthetize who wear", "disabled": false, "final": false, "conf": {"unroll": "^Parent\\.Child$", "inherit": "^Parent\\.(myID|branchLocation)$", "unrollIdxField": "unroll_idx", "pretty": false}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + getPipelineById: + speakeasy-default-get-pipeline-by-id: + parameters: + path: + id: "" + responses: + "200": + application/json: {"count": 558482, "items": [{"id": "", "conf": {"asyncFuncTimeout": 375182, "output": "default", "description": "except within well-documented finding which deeply", "streamtags": ["", "", ""], "functions": [{"filter": "", "id": "numerify", "description": "digit daughter scaly overconfidently brr from", "disabled": true, "final": false, "conf": {"depth": 15792, "ignoreFields": ["", "", ""], "filterExpr": "", "format": "fix"}, "groupId": ""}], "groups": {"key": {"name": "", "description": "know now hairy about than", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + updatePipelineById: + speakeasy-default-update-pipeline-by-id: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "", "conf": {"asyncFuncTimeout": 430119, "output": "default", "description": "reflecting for productive extroverted instead upwardly", "streamtags": [""], "functions": [{"filter": "", "id": "snmp_trap_serialize", "description": "woefully phew during dress grandson reckon", "disabled": true, "final": false, "conf": {"strict": true, "dropFailedEvents": false, "v3User": {"name": "", "authProtocol": "md5", "authKey": "", "privProtocol": ""}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "definitive ew but busily freely scaly indeed", "disabled": true}}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesEmpty: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "empty-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "", "streamtags": [], "functions": [], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesAggregations: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "aggregation-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that aggregates rejected bytes grouped by source address every 10 seconds", "streamtags": [], "functions": [{"filter": "true", "id": "aggregation", "description": "ick whenever pinstripe indeed scope into wide-eyed", "disabled": false, "final": false, "conf": {"passthrough": false, "preserveGroupBys": false, "sufficientStatsOnly": false, "metricsMode": false, "prefix": "", "timeWindow": "10s", "aggregations": ["sum(bytes).where(action==\"REJECT\").as(TotalBytes)"], "groupbys": ["srcaddr"], "flushEventLimit": 6263.18, "flushMemLimit": "", "cumulative": false, "searchAggMode": "", "add": [{"name": "", "value": ""}], "shouldTreatDotsAsLiterals": false, "flushOnInputClose": true}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesAggregateMetrics: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "aggregate-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that aggregates process metrics: CPU, memory, and bytes over time windows", "streamtags": [], "functions": [{"filter": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) || (_metric == 'proc.mem_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.mem_perc'\")) || (_metric == 'proc.bytes_in' || __criblMetrics[0].nameExpr.includes(\"'proc.bytes_in'\"))", "id": "aggregate_metrics", "description": "however unless tangible pine", "disabled": true, "final": false, "conf": {"passthrough": false, "preserveGroupBys": false, "sufficientStatsOnly": false, "prefix": "", "timeWindow": "10s", "aggregations": [{"metricType": "gauge", "agg": "avg(_value || proc.cpu_perc).as(proc.cpu_perc_avg)"}, {"metricType": "gauge", "agg": "sum(_value || proc.mem_perc).as(proc.mem_perc_sum)"}, {"metricType": "counter", "agg": "count(_value || proc.bytes_in).as(proc.bytes_in_count)"}], "groupbys": ["proc"], "flushEventLimit": 6008.27, "flushMemLimit": "", "cumulative": false, "shouldTreatDotsAsLiterals": true, "add": [{"name": "", "value": ""}], "flushOnInputClose": true}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesAutoTimestamp: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "auto-timestamp-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts timestamps from event data using auto timestamp function", "streamtags": [], "functions": [{"filter": "true", "id": "auto_timestamp", "description": "what defiantly switch aha where slake but lighthearted", "disabled": false, "final": false, "conf": {"srcField": "_raw", "dstField": "_time", "defaultTimezone": "local", "timeExpression": "time.getTime() / 1000", "offset": 0, "maxLen": 150, "defaultTime": "now", "latestDateAllowed": "+1week", "spacer": "", "earliestDateAllowed": "-420weeks", "timestamps": [{"regex": "/(\\d{1,2}\\/\\d{2}\\/\\d{4}\\s\\d{1,2}:\\d{2}:\\d{2}\\s\\w{2})/", "strptime": "%Y-%m-%d %H:%M:%S"}]}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesCEFSerializer: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "cef-serializer-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that formats events in CEF format with custom header and extension fields", "streamtags": [], "functions": [{"filter": "true", "id": "cef", "description": "ah endow whoever notwithstanding now mmm homely scorn", "disabled": false, "final": false, "conf": {"outputField": "_raw", "header": [{"value": "'CEF:0'"}, {"value": "'Cribl'"}, {"value": "'Cribl'"}, {"value": "C.version"}, {"value": "420"}, {"value": "'Cribl Event'"}, {"value": "6"}], "extension": [{"name": "c6a1Label", "value": "'Colorado_Ext_Bldg7'"}]}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesChain: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "chain-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that chains to another pipeline for sequential data processing", "streamtags": [], "functions": [{"filter": "true", "id": "chain", "description": "into jaggedly truly", "disabled": true, "final": false, "conf": {"processor": "prometheus_metrics"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesClone: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "clone-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that creates cloned events with additional fields for comparison or routing", "streamtags": [], "functions": [{"filter": "true", "id": "clone", "description": "self-assured meaningfully phooey consequently offset woot abnormally", "disabled": true, "final": false, "conf": {"clones": [{"env": "staging"}, {"index": "clones"}]}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesComment: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "comment-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline with comment function for documentation", "streamtags": [], "functions": [{"filter": "true", "id": "comment", "description": "lend however blindly sugary into except selfishly", "disabled": false, "final": false, "conf": {"comment": "This function processes security events and enriches them with DNS lookups"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesDNSLookup: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "dns-lookup-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that performs DNS lookups to resolve hostnames and IP addresses", "streamtags": [], "functions": [{"filter": "true", "id": "dns_lookup", "description": "psst penalise couch lest mid yowza versus chime until near", "disabled": false, "final": true, "conf": {"dnsLookupFields": [{"inFieldName": "hostname", "resourceRecordType": "A", "outFieldName": "hostname_ip"}], "reverseLookupFields": [{"inFieldName": "src_ip", "outFieldName": "src_hostname"}], "dnsServers": ["", ""], "cacheTTL": 30, "maxCacheSize": 5000, "useResolvConf": false, "lookupFallback": false, "domainOverrides": [""], "lookupFailLogLevel": "error"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesDrop: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "drop-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that drops events containing success messages", "streamtags": [], "functions": [{"filter": "_raw.search(/success/i)>=0", "id": "drop", "description": "briefly equatorial ha", "disabled": false, "final": true, "conf": {}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesDropDimensions: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "drop-dimensions-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that drops specified dimensions from metrics to reduce cardinality", "streamtags": [], "functions": [{"filter": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) && (__criblMetrics[0].dims.includes(\"proc\"))", "id": "drop_dimensions", "description": "overplay zowie so fat utilized bulky hence bashfully", "disabled": true, "final": false, "conf": {"timeWindow": "10s", "dropDimensions": ["proc", "pie", "unit"], "flushOnInputClose": true}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesDynamicSampling: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "dynamic-sampling-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that dynamically samples events based on volume using square root mode", "streamtags": [], "functions": [{"filter": "true", "id": "dynamic_sampling", "description": "fooey although circa oof veg nor till likewise", "disabled": true, "final": true, "conf": {"mode": "sqrt", "keyExpr": "`${domain}:${httpCode}`", "samplePeriod": 20, "minEvents": 3, "maxSampleRate": 3}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesEval: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "eval-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that evaluates JavaScript expressions to add, modify, and remove fields", "streamtags": [], "functions": [{"filter": "true", "id": "eval", "description": "yahoo gah athwart inasmuch circa overcook cricket seriously yippee now", "disabled": false, "final": true, "conf": {"add": [{"name": "action", "value": "login == 'error' ? 'blocked' : action", "disabled": true}, {"name": "myTags", "value": "login == 'error' ? [...myTags, 'error'] : myTags", "disabled": false}], "keep": ["host", "source", "action", "myTags"], "remove": ["identification"]}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesEventBreaker: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "event-breaker-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that breaks large event streams into discrete events using regex", "streamtags": [], "functions": [{"filter": "true", "id": "event_breaker", "description": "refer coaxingly dental", "disabled": true, "final": false, "conf": {"existingOrNew": "new", "shouldMarkCriblBreaker": true}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesFlatten: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "flatten-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that flattens nested JSON structures into top-level fields", "streamtags": [], "functions": [{"filter": "true", "id": "flatten", "description": "privilege among how round freezing untidy", "disabled": true, "final": true, "conf": {"fields": [], "prefix": "", "depth": 5, "delimiter": "_"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesFoldKeys: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "fold-keys-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that transforms flat field names with separators into nested structures", "streamtags": [], "functions": [{"filter": "true", "id": "foldkeys", "description": "wherever atop modulo whenever incidentally wherever char upside-down numeracy gosh", "disabled": false, "final": false, "conf": {"deleteOriginal": true, "separator": "_", "selectionRegExp": "^data"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesGeoIP: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "geoip-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that enriches events with geolocation data from IP addresses", "streamtags": [], "functions": [{"filter": "true", "id": "geoip", "description": "hasty oh bah officially", "disabled": false, "final": false, "conf": {"file": "GeoLite2-City.mmdb", "inField": "ip", "outField": "geoip", "additionalFields": [{"extraInField": "src_ip", "extraOutField": "src_geoip"}], "outFieldMappings": {}}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesGrok: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "grok-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts structured fields from log data using Grok patterns", "streamtags": [], "functions": [{"filter": "true", "id": "grok", "description": "disposer gosh but chairperson foodstuffs excepting vanish as unlike planula", "disabled": true, "final": true, "conf": {"pattern": "%{TIMESTAMP_ISO8601:event_time} %{LOGLEVEL:log_level} %{GREEDYDATA:log_message}", "patternList": [], "source": "_raw"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesGuard: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "guard-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that scans for sensitive data and applies mitigation expressions", "streamtags": [], "functions": [{"filter": "true", "id": "sensitive_data_scanner", "description": "outnumber lazily gah fondly crocodile off", "disabled": true, "final": false, "conf": {"rules": [{"rulesetId": "Finance_Global", "replaceExpr": "'REDACTED'", "disabled": false}], "fields": ["_raw"], "excludeFields": [], "flags": [{"name": "_sensitive", "value": "true"}], "includeDetectedRules": true, "backgroundDetection": true}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesJSONUnroll: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "json-unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls JSON arrays into individual events while retaining parent fields", "streamtags": [], "functions": [{"filter": "true", "id": "json_unroll", "description": "sushi ack legitimize through transparency loftily", "disabled": true, "final": true, "conf": {"path": "allCars", "name": "cars"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesLookup: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "lookup-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that enriches events with location data from IP address lookups", "streamtags": [], "functions": [{"filter": "true", "id": "lookup", "description": "since communicate now whenever warped whose spice", "disabled": false, "final": true, "conf": {"file": "ip_locations.csv", "dbLookup": false, "matchMode": "exact", "matchType": "", "reloadPeriodSec": -1, "inFields": [{"eventField": "destination_ip", "lookupField": "ip"}], "outFields": [{"lookupField": "location", "eventField": "location", "defaultValue": "Unknown"}], "addToEvent": false, "ignoreCase": false}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesMask: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "mask-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that masks Social Security numbers and other sensitive data", "streamtags": [], "functions": [{"filter": "true", "id": "mask", "description": "woot malfunction gnash whether athwart inasmuch", "disabled": false, "final": true, "conf": {"rules": [{"matchRegex": "/(social=)(\\d+)/", "replaceExpr": "`${g1}${C.Mask.md5(g2)}`", "disabled": false}], "fields": ["_raw"], "depth": 5, "flags": [{"name": "", "value": ""}]}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesNumerify: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "numerify-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that converts string numbers to numeric type for mathematical operations", "streamtags": [], "functions": [{"filter": "true", "id": "numerify", "description": "indeed greedy supposing", "disabled": false, "final": false, "conf": {"depth": 5, "ignoreFields": [], "filterExpr": "", "format": "none"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesOTLPLogs: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "otlp-logs-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that normalizes and batches OTLP log events from OpenTelemetry sources", "streamtags": [], "functions": [{"filter": "__inputId=='open_telemetry:open_telemetry'", "id": "otlp_logs", "description": "skyscraper er thankfully uh-huh rotating lest shoulder", "disabled": true, "final": true, "conf": {"dropNonLogEvents": false, "batchOTLPLogs": true}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesOTLPMetrics: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "otlp-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that converts dimensional metrics to OTLP format and batches them by resource attributes", "streamtags": [], "functions": [{"filter": "__inputId=='prometheus_rw:prom_rw_in'", "id": "otlp_metrics", "description": "modulo mismatch enchanted", "disabled": false, "final": true, "conf": {"resourceAttributePrefixes": ["service", "system", "telemetry", "k8s", "cloud", "host", "process"], "dropNonMetricEvents": false, "otlpVersion": "0.10.0", "batchOTLPMetrics": true}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesOTLPTraces: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "otlp-traces-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that normalizes and batches OTLP trace events from OpenTelemetry sources", "streamtags": [], "functions": [{"filter": "__inputId=='open_telemetry:open_telemetry'", "id": "otlp_traces", "description": "obstruct beyond suddenly", "disabled": false, "final": false, "conf": {"dropNonTraceEvents": false, "otlpVersion": "0.10.0", "batchOTLPTraces": true}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesParser: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "parser-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts fields from key-value pair formatted data", "streamtags": [], "functions": [{"filter": "true", "id": "serde", "description": "acidly sympathetically accept calmly sophisticated provided through oily perspire", "disabled": true, "final": false, "conf": {"mode": "extract", "type": "kvp", "delimChar": "", "quoteChar": "", "escapeChar": "", "nullValue": "", "srcField": "_raw", "dstField": "", "cleanFields": false}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesPublishMetrics: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "publish-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts metrics from events and formats them for metrics aggregation platforms", "streamtags": [], "functions": [{"filter": "true", "id": "publish_metrics", "description": "instead after mediocre tabulate cultivated", "disabled": true, "final": false, "conf": {"fields": [{"inFieldName": "bytes", "outFieldExpr": "'metric_name.bytes'", "metricType": "gauge"}, {"inFieldName": "packets", "outFieldExpr": "'metric_name.packets'", "metricType": "gauge"}], "overwrite": false, "dimensions": ["action", "interface_id", "dstaddr"], "removeMetrics": [], "removeDimensions": []}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesRedis: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "redis-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that retrieves values from Redis using GET command", "streamtags": [], "functions": [{"filter": "true", "id": "redis", "description": "mummify yum whose before however er unfit intermesh reasoning", "disabled": false, "final": true, "conf": {"commands": [{"outField": "cached_value", "command": "get", "keyExpr": "'user_session'", "argsExpr": ""}], "deploymentType": "standalone", "authType": "none", "maxBlockSecs": 60, "enableClientSideCaching": false}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesRegexExtract: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "regex-extract-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts structured fields from log data using regex patterns with named capture groups", "streamtags": [], "functions": [{"filter": "true", "id": "regex_extract", "description": "dependency huzzah gurn invite", "disabled": true, "final": true, "conf": {"regex": "/metric1=(?\\d+)/", "regexList": [{"regex": ""}], "source": "_raw", "iterations": 100, "fieldNameExpression": "", "overwrite": false}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesRegexFilter: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "regex-filter-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that filters out events matching specific regex patterns", "streamtags": [], "functions": [{"filter": "true", "id": "regex_filter", "description": "mmm once duh respray", "disabled": true, "final": false, "conf": {"regex": "/Opera/", "regexList": [{"regex": ""}], "field": "_raw"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesRename: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "rename-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that renames fields using key-value pairs and expressions", "streamtags": [], "functions": [{"filter": "true", "id": "rename", "description": "per chase suspiciously vary shimmering through unlearn gallery waft yet", "disabled": true, "final": true, "conf": {"baseFields": [], "rename": [{"currentName": "level", "newName": "LEVEL"}], "renameExpr": "name.startsWith('out') ? name.toUpperCase() : name", "wildcardDepth": 5}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesRollupMetrics: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "rollup-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that consolidates high-frequency metrics into manageable time windows", "streamtags": [], "functions": [{"filter": "true", "id": "rollup_metrics", "description": "bashfully whispered cheerfully stupendous dandelion hmph lest alongside perfection homely", "disabled": true, "final": true, "conf": {"dimensions": ["*"], "timeWindow": "30s", "gaugeRollup": "last"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesSampling: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "sampling-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that samples events at specified rates based on filter criteria", "streamtags": [], "functions": [{"filter": "true", "id": "sampling", "description": "even dock modulo dreary whoever ew", "disabled": false, "final": false, "conf": {"rules": [{"filter": "__status == 200", "rate": 5}]}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesSerialize: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "serialize-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that serializes event fields into JSON format", "streamtags": [], "functions": [{"filter": "true", "id": "serialize", "description": "whoa ew grandiose meal that", "disabled": true, "final": false, "conf": {"type": "json", "delimChar": "", "quoteChar": "", "escapeChar": "", "nullValue": "", "fields": ["city", "state"], "srcField": "", "dstField": "_raw"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesSNMPTrapSerialize: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "snmp-trap-serialize-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that serializes events into SNMP trap format for SNMP trap destinations", "streamtags": [], "functions": [{"filter": "true", "id": "snmp_trap_serialize", "description": "aha ew lender mosh", "disabled": false, "final": true, "conf": {"strict": true, "dropFailedEvents": true, "v3User": {"name": "", "authProtocol": "md5", "authKey": "", "privProtocol": ""}}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesSuppress: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "suppress-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that suppresses duplicate events based on a key expression", "streamtags": [], "functions": [{"filter": "true", "id": "suppress", "description": "ack alongside famously brr after punctuation crowded supposing swath", "disabled": true, "final": true, "conf": {"keyExpr": "`${ip}:${port}`", "allow": 1, "suppressPeriodSec": 30, "dropEventsMode": true, "maxCacheSize": 50000, "cacheIdleTimeoutPeriods": 2, "numEventsIdleTimeoutTrigger": 10000}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesTee: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "tee-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that sends events to a command via stdin for debugging purposes", "streamtags": [], "functions": [{"filter": "true", "id": "tee", "description": "delirious athletic remark chairperson order", "disabled": false, "final": false, "conf": {"command": "tee", "args": ["/opt/cribl/foo.log"], "restartOnExit": true, "env": {}}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesUnroll: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls array fields into separate events", "streamtags": [], "functions": [{"filter": "true", "id": "unroll", "description": "eminent safely sonar verve sedately like yippee swing which rudely", "disabled": false, "final": false, "conf": {"srcExpr": "_raw.split(/\\n/)", "dstField": "_raw"}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + PipelineExamplesXMLUnroll: + parameters: + path: + id: "" + requestBody: + application/json: {"id": "xml-unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls XML elements into separate events", "streamtags": [], "functions": [{"filter": "true", "id": "xml_unroll", "description": "tousle jell preclude rationalize into", "disabled": false, "final": true, "conf": {"unroll": "^Parent\\.Child$", "inherit": "^Parent\\.(myID|branchLocation)$", "unrollIdxField": "unroll_idx", "pretty": false}, "groupId": ""}], "groups": {}}} + responses: + "200": + application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + "500": + application/json: {"message": ""} + deletePipelineById: + speakeasy-default-delete-pipeline-by-id: + parameters: + path: + id: "" + responses: + "200": + application/json: {"count": 62963, "items": [{"id": "", "conf": {"asyncFuncTimeout": 117, "output": "default", "description": "resort phew silent whenever gust", "streamtags": [""], "functions": [{"filter": "", "id": "chain", "description": "propound meanwhile wholly", "disabled": false, "final": true, "conf": {"processor": ""}, "groupId": ""}], "groups": {"key": {"name": "", "description": "until obsess unto kielbasa", "disabled": true}}}}]} + "500": + application/json: {"message": ""} + getVersionBranch: + speakeasy-default-get-version-branch: + responses: + "200": + application/json: {} + "500": + application/json: {} + createVersionCommit: + speakeasy-default-create-version-commit: + parameters: + query: + groupId: "" + requestBody: + application/json: {"message": ""} + responses: + "200": + application/json: {} + "500": + application/json: {} + VersionCommitExamplesCommitAll: + requestBody: + application/json: {"message": "Updated pipeline configuration for syslog parsing"} + responses: + "200": + application/json: {} + "500": + application/json: {} + VersionCommitExamplesCommitSpecificFiles: + requestBody: + application/json: {"effective": true, "files": ["groups/default/local/cribl/pipelines/http_input/conf.yml", "groups/default/local/cribl/routes.yml"], "message": "Update Route and Pipeline for HTTP Sources"} + responses: + "200": + application/json: {} + "500": + application/json: {} + getVersionCount: + speakeasy-default-get-version-count: + parameters: + query: + group: "" + ID: "" + groupId: "" + commit: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + getVersionCurrentBranch: + speakeasy-default-get-version-current-branch: + responses: + "200": + application/json: {"branch": ""} + "500": + application/json: {} + getVersionDiff: + speakeasy-default-get-version-diff: + parameters: + query: + commit: "" + group: "" + filename: "example.file" + diffLineLimit: 6362 + groupId: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + getVersionFiles: + speakeasy-default-get-version-files: + parameters: + query: + group: "" + ID: "" + groupId: "" + commit: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + getVersionInfo: + speakeasy-default-get-version-info: + responses: + "200": + application/json: {} + "500": + application/json: {} + createVersionPush: + speakeasy-default-create-version-push: + responses: + "200": + application/json: {} + "500": + application/json: {} + createVersionRevert: + speakeasy-default-create-version-revert: + parameters: + query: + group: "" + groupId: "" + requestBody: + application/json: {"commit": ""} + responses: + "200": + application/json: {} + "500": + application/json: {} + VersionRevertExamplesRevertCommit: + requestBody: + application/json: {"commit": "a1b2c3d4e5f6"} + responses: + "200": + application/json: {} + "500": + application/json: {} + VersionRevertExamplesForceRevertWithMessage: + requestBody: + application/json: {"commit": "a1b2c3d4e5f6", "force": true, "message": "Revert commit due to misconfiguration in Pipeline settings"} + responses: + "200": + application/json: {} + "500": + application/json: {} + getVersionShow: + speakeasy-default-get-version-show: + parameters: + query: + commit: "" + group: "" + filename: "example.file" + diffLineLimit: 7771.94 + groupId: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + getVersionStatus: + speakeasy-default-get-version-status: + parameters: + query: + group: "" + groupId: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + createVersionSync: + speakeasy-default-create-version-sync: + responses: + "200": + application/json: {"count": 90716, "items": [{"key": "", "key1": ""}, {"key": "", "key1": "", "key2": ""}]} + "500": + application/json: {"message": ""} + createVersionUndo: + speakeasy-default-create-version-undo: + parameters: + query: + group: "" + groupId: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + createCriblLakeDatasetByLakeId: + speakeasy-default-create-cribl-lake-dataset-by-lake-id: + parameters: + path: + lakeId: "" + requestBody: + application/json: {"id": "", "searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": false, "fieldList": ["", ""], "scanMode": "detailed"}}} + responses: + "200": + application/json: {"items": [{"id": "", "searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": false, "fieldList": ["", ""], "scanMode": "detailed"}}}]} + "500": + application/json: {} + LakeDatasetCreateExamplesJsonDataset: + parameters: + path: + lakeId: "" + requestBody: + application/json: {"acceleratedFields": ["host", "status"], "description": "Web server access logs", "format": "json", "id": "web_access_logs", "retentionPeriodInDays": 90, "storageLocationId": "my-storage-location"} + responses: + "200": + application/json: {"items": [{"id": "", "searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": false, "fieldList": ["", ""], "scanMode": "detailed"}}}]} + "500": + application/json: {} + LakeDatasetCreateExamplesParquetDataset: + parameters: + path: + lakeId: "" + requestBody: + application/json: {"description": "Security event data in Parquet format", "format": "parquet", "id": "security_events", "retentionPeriodInDays": 365, "searchConfig": {"datatypes": ["palo_alto_firewall", "crowdstrike_fdr"]}, "storageLocationId": "my-storage-location"} + responses: + "200": + application/json: {"items": [{"id": "", "searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": false, "fieldList": ["", ""], "scanMode": "detailed"}}}]} + "500": + application/json: {} + LakeDatasetCreateExamplesMinimalDataset: + parameters: + path: + lakeId: "" + requestBody: + application/json: {"id": "app_logs"} + responses: + "200": + application/json: {"items": [{"id": "", "searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": false, "fieldList": ["", ""], "scanMode": "detailed"}}}]} + "500": + application/json: {} + getCriblLakeDatasetByLakeId: + speakeasy-default-get-cribl-lake-dataset-by-lake-id: + parameters: + path: + lakeId: "" + query: + storageLocationId: "" + format: "" + excludeDDSS: true + excludeDeleted: true + excludeInternal: false + excludeBYOS: false + responses: + "200": + application/json: {"items": [{"id": "", "searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": true, "fieldList": [""], "scanMode": "quick"}}}]} + "500": + application/json: {} + getSummaryWorkers: + speakeasy-default-get-summary-workers: + parameters: + query: + filterExp: "" + responses: + "200": + application/json: {"count": 401126, "items": [1291.74, 7812.7]} + "500": + application/json: {"message": ""} + getWorkers: + speakeasy-default-get-workers: + parameters: + query: + filterExp: "" + sort: "" + sortExp: "" + limit: 402753 + offset: 848752 + filter: "" + responses: + "200": + application/json: {"count": 388772, "items": [{"deployable": true, "disconnected": true, "firstMsgTime": 5556.4, "group": "", "id": "", "info": {"architecture": "", "aws": {"enabled": false, "region": "", "tags": {}, "type": "", "zone": ""}, "conn_ip": "", "cpus": 5841.82, "cribl": {"config": {"featuresRev": "", "hbPeriodSeconds": 3635.4, "logStreamEnv": "", "policyRev": "", "version": ""}, "deploymentId": "", "distMode": "single", "edgeNodes": 7424.46, "group": "", "guid": "", "installType": "", "lookupVersions": {}, "master": {"host": "crafty-requirement.biz", "port": 4586.68, "servername": "", "tls": true}, "pid": 7553.65, "startTime": 1443.43, "tags": ["", ""], "version": ""}, "freeDiskSpace": 6770.82, "hostOs": {"addresses": ["", "", ""], "enabled": false, "id": "", "version": ""}, "hostname": "wordy-vibraphone.biz", "isSaasWorker": true, "kube": {"enabled": false, "namespace": "", "node": "", "owner": {"kind": "", "name": ""}, "pod": "", "source": ""}, "localTime": 6602.88, "metadata": {"aws": {"enabled": false, "region": "", "tags": {}, "type": "", "zone": ""}, "hostOs": {"addresses": [""], "enabled": false, "id": "", "version": ""}, "kube": {"enabled": true, "namespace": "", "node": "", "owner": {"kind": "", "name": ""}, "pod": "", "source": ""}, "os": {"addresses": ["", "", ""], "enabled": false, "id": "", "version": ""}}, "node": "", "os": {"addresses": ["", "", ""], "enabled": false, "id": "", "version": ""}, "platform": "", "release": "", "totalDiskSpace": 4189.94, "totalmem": 5989.26}, "lastMetrics": {}, "lastMsgTime": 1603.19, "metadata": {"aws": {"enabled": false, "region": "", "tags": {}, "type": "", "zone": ""}, "hostOs": {"addresses": [""], "enabled": false, "id": "", "version": ""}, "kube": {"enabled": true, "namespace": "", "node": "", "owner": {"kind": "", "name": ""}, "pod": "", "source": ""}, "os": {"addresses": ["", "", ""], "enabled": false, "id": "", "version": ""}}, "nodeUpgradeStatus": {"active": 0, "failed": 1, "skipped": 1, "state": 0, "timestamp": 6840.86}, "status": "", "type": "resp", "workerProcesses": 8195.32, "workers": {"count": 3234.04}}]} + "500": + application/json: {"message": ""} + updateWorkersRestart: + speakeasy-default-update-workers-restart: + responses: + "200": + application/json: {"count": 469043, "items": [{"id": "", "message": "", "status": "Error"}]} + "500": + application/json: {"message": ""} + getSummary: + speakeasy-default-get-summary: + parameters: + query: + mode: "worker" + responses: + "200": + application/json: {"count": 364904, "items": [{"groups": {"count": 8128.38, "destinations": 4945.73, "packs": 798.01, "pipelines": 6352.87, "quickConnects": 3649.04, "routes": 7792.08, "sources": 6593.6}, "workers": {"alive": 2322.36, "confVersions": 8794.87, "count": 2533.57, "disconnectedCount": 4548.69, "groups": 9336.99, "softwareVersions": 2351.1, "unhealthy": 8264.2}}]} + "500": + application/json: {"message": ""} + createPacks: + speakeasy-default-create-packs: + requestBody: + application/json: {"id": "", "spec": "", "version": "", "minLogStreamVersion": "", "displayName": "Myah14", "author": "", "description": "premeditation coincide although", "source": "", "tags": {"dataType": [], "domain": [], "streamtags": ["", ""], "technology": [""]}, "allowCustomFunctions": false, "force": false} + responses: + "200": + application/json: {} + "500": + application/json: {} + PackInstallExamplesPackDispensary: + requestBody: + application/json: {"source": "https://packs.cribl.io/dl/cribl-duo-rest-io/latest/cribl-duo-rest-io-latest.crbl", "allowCustomFunctions": true, "force": true} + responses: + "200": + application/json: {} + "500": + application/json: {} + PackInstallExamplesEmptyPack: + requestBody: + application/json: {"id": "", "spec": "", "version": "", "minLogStreamVersion": "", "displayName": "Amely_Gusikowski", "author": "", "description": "crowded that truly sideboard ample yahoo gracious enraged", "source": "", "tags": {"dataType": ["double", "boolean"], "domain": ["delectable-transom.com", "radiant-sightseeing.info"], "streamtags": ["", "", ""], "technology": [""]}, "allowCustomFunctions": false, "force": true} + responses: + "200": + application/json: {} + "500": + application/json: {} + PackInstallExamplesUploadedFile: + requestBody: + application/json: {"id": "cribl-search-missing-logs", "source": "cribl-search-missing-logs-1.0.1.Do7DH5I.crbl", "allowCustomFunctions": false} + responses: + "200": + application/json: {} + "500": + application/json: {} + PackInstallExamplesURL: + requestBody: + application/json: {"source": "https://github.com/criblpacks/cribl-palo-alto-networks/releases/download/1.1.4/cribl-palo-alto-networks-a3e5a19d-1.1.4.crbl", "allowCustomFunctions": false} + responses: + "200": + application/json: {} + "500": + application/json: {} + PackInstallExamplesGitRepository: + requestBody: + application/json: {"source": "git+https://github.com/criblio/cribl_ocsf_postprocessing", "allowCustomFunctions": false} + responses: + "200": + application/json: {} + "500": + application/json: {} + getPacks: + speakeasy-default-get-packs: + parameters: + query: + with: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + updatePacks: + speakeasy-default-update-packs: + parameters: + query: + filename: "example.file" + requestBody: + application/octet-stream: "x-file: example.file" + responses: + "200": + application/json: {"source": ""} + "500": + application/json: {} + getGroupsConfigVersionById: + speakeasy-default-get-groups-config-version-by-id: + parameters: + path: + id: "" + responses: + "200": + application/json: {"count": 936160, "items": [""]} + "500": + application/json: {"message": ""} + createProductsGroupsByProduct: + speakeasy-default-create-products-groups-by-product: + parameters: + path: + product: "stream" + requestBody: + application/json: {"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 1848.32, "description": "director um why forgery apud once er though off", "estimatedIngestRate": 6663.53, "git": {"commit": "", "localChanges": 2079.21, "log": [{"author_email": "", "author_name": "", "date": "2024-08-24", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 5487.26, "inherits": "", "isFleet": false, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": true, "streamtags": ["", "", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 851.73, "workerRemoteAccess": false} + responses: + "200": + application/json: {"count": 339650, "items": [{"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 5282.89, "description": "seriously mountain gadzooks illiterate from better whose", "estimatedIngestRate": 8520.18, "git": {"commit": "", "localChanges": 2079.21, "log": [{"author_email": "", "author_name": "", "date": "2024-08-24", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 4907.06, "inherits": "", "isFleet": false, "isSearch": true, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": false, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 2620.95, "workerRemoteAccess": true}]} + "500": + application/json: {"message": ""} + getProductsGroupsByProduct: + speakeasy-default-get-products-groups-by-product: + parameters: + path: + product: "stream" + query: + fields: "" + responses: + "200": + application/json: {"count": 139413, "items": [{"cloud": {"provider": null, "region": ""}, "configVersion": "", "deployingWorkerCount": 2422.36, "description": "finally huff within whereas per indeed among sarong almighty swordfish", "estimatedIngestRate": 9946.32, "git": {"commit": "", "localChanges": 7149.9, "log": [{"author_email": "", "author_name": "", "date": "2024-09-01", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 3041.33, "inherits": "", "isFleet": true, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": false, "streamtags": [""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 7295.87, "workerRemoteAccess": false}]} + "500": + application/json: {"message": ""} + updateGroupsDeployById: + speakeasy-default-update-groups-deploy-by-id: + parameters: + path: + id: "" + requestBody: + application/json: {"lookups": [{"context": "", "lookups": [{"file": "", "version": ""}]}], "version": ""} + responses: + "200": + application/json: {"count": 675901, "items": [{"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 3478.73, "description": "unscramble below metabolise unconscious alienated at ugh forenenst gosh even", "estimatedIngestRate": 2484.75, "git": {"commit": "", "localChanges": 819.2, "log": [{"author_email": "", "author_name": "", "date": "2024-08-21", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 2615.26, "inherits": "", "isFleet": true, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": []}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": false, "streamtags": ["", "", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 6222.63, "workerRemoteAccess": true}]} + "500": + application/json: {"message": ""} + getGroupsById: + speakeasy-default-get-groups-by-id: + parameters: + path: + id: "" + query: + fields: "" + responses: + "200": + application/json: {"count": 983944, "items": [{"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 5773.46, "description": "bah vision transparency", "estimatedIngestRate": 7728.21, "git": {"commit": "", "localChanges": 8473.28, "log": [{"author_email": "", "author_name": "", "date": "2024-01-11", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 4739.28, "inherits": "", "isFleet": true, "isSearch": true, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": false, "provisioned": true, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 1817.13, "workerRemoteAccess": false}]} + "500": + application/json: {"message": ""} + getGroupsAclById: + speakeasy-default-get-groups-acl-by-id: + parameters: + path: + id: "" + query: + type: "insights" + responses: + "200": + application/json: {"count": 833704, "items": [{"perms": [], "user": "Randall_Walter25"}]} + "500": + application/json: {"message": ""} + getProductsGroupsAclTeamsByProductAndId: + speakeasy-default-get-products-groups-acl-teams-by-product-and-id: + parameters: + path: + product: "stream" + id: "" + query: + type: "datasets" + responses: + "200": + application/json: {"count": 751174, "items": [{"perms": [{"gid": "", "id": "", "policy": "", "type": "dashboards"}], "team": ""}]} + "500": + application/json: {"message": ""} + deleteCriblLakeDatasetByLakeIdAndId: + speakeasy-default-delete-cribl-lake-dataset-by-lake-id-and-id: + parameters: + path: + lakeId: "" + id: "" + responses: + "200": + application/json: {"items": [{"id": "", "searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": false, "fieldList": [""], "scanMode": "quick"}}}]} + "500": + application/json: {} + getCriblLakeDatasetByLakeIdAndId: + speakeasy-default-get-cribl-lake-dataset-by-lake-id-and-id: + parameters: + path: + lakeId: "" + id: "" + responses: + "200": + application/json: {"items": [{"id": "", "searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": true, "fieldList": ["", "", ""], "scanMode": "detailed"}}}]} + "500": + application/json: {} + updateCriblLakeDatasetByLakeIdAndId: + speakeasy-default-update-cribl-lake-dataset-by-lake-id-and-id: + parameters: + path: + lakeId: "" + id: "" + requestBody: + application/json: {"searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": false, "fieldList": ["", ""], "scanMode": "quick"}}} + responses: + "200": + application/json: {"items": [{"id": "", "searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": false, "fieldList": ["", ""], "scanMode": "quick"}}}]} + "500": + application/json: {} + LakeDatasetUpdateExamplesUpdateRetention: + parameters: + path: + lakeId: "" + id: "" + requestBody: + application/json: {"retentionPeriodInDays": 180} + responses: + "200": + application/json: {"items": [{"id": "", "searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": false, "fieldList": ["", ""], "scanMode": "quick"}}}]} + "500": + application/json: {} + LakeDatasetUpdateExamplesUpdateDescription: + parameters: + path: + lakeId: "" + id: "" + requestBody: + application/json: {"acceleratedFields": ["host", "status", "source"], "description": "Web server access logs with accelerated fields."} + responses: + "200": + application/json: {"items": [{"id": "", "searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": false, "fieldList": ["", ""], "scanMode": "quick"}}}]} + "500": + application/json: {} + deletePacksById: + speakeasy-default-delete-packs-by-id: + parameters: + path: + id: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + updatePacksById: + speakeasy-default-update-packs-by-id: + parameters: + path: + id: "" + query: + source: "" + minor: "" + spec: "" + requestBody: + application/json: {"source": ""} + responses: + "200": + application/json: {} + "500": + application/json: {} + PackUpgradeExamplesUpgradeFromURL: + parameters: + path: + id: "" + requestBody: + application/json: {"source": "https://github.com/criblpacks/cribl-palo-alto-networks/releases/download/1.1.4/cribl-palo-alto-networks-a3e5a19d-1.1.4.crbl"} + responses: + "200": + application/json: {} + "500": + application/json: {} + deleteGroupsById: + speakeasy-default-delete-groups-by-id: + parameters: + path: + id: "" + responses: + "200": + application/json: {"count": 357616, "items": [{"cloud": {"provider": null, "region": ""}, "configVersion": "", "deployingWorkerCount": 480.6, "description": "minion lost questionable purple zowie meh acquire bah", "estimatedIngestRate": 2472.44, "git": {"commit": "", "localChanges": 4115.49, "log": [{"author_email": "", "author_name": "", "date": "2024-10-11", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 5290.66, "inherits": "", "isFleet": false, "isSearch": true, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": true, "streamtags": [""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 6094.96, "workerRemoteAccess": false}]} + "500": + application/json: {"message": ""} + updateGroupsById: + speakeasy-default-update-groups-by-id: + parameters: + path: + id: "" + requestBody: + application/json: {"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 19.89, "description": "jaywalk wrathful truly indeed definitive reflecting almost massive", "estimatedIngestRate": 7133.74, "git": {"commit": "", "localChanges": 370.43, "log": [{"author_email": "", "author_name": "", "date": "2024-08-29", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 7081.95, "inherits": "", "isFleet": true, "isSearch": true, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": true, "streamtags": [""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 9020.63, "workerRemoteAccess": true} + responses: + "200": + application/json: {"count": 899492, "items": [{"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 5369.68, "description": "zowie hastily guzzle grimy mask engage", "estimatedIngestRate": 5316.34, "git": {"commit": "", "localChanges": 370.43, "log": [{"author_email": "", "author_name": "", "date": "2024-08-29", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 4056.89, "inherits": "", "isFleet": false, "isSearch": true, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": false, "streamtags": [""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 5413.87, "workerRemoteAccess": false}]} + "500": + application/json: {"message": ""} + listMasterWorkerEntry: + speakeasy-default-list-master-worker-entry: + parameters: + query: + filterExp: "" + sort: "" + sortExp: "" + limit: 554169 + offset: 426660 + filter: "" + responses: + "200": + application/json: {"count": 522765, "items": [{"deployable": true, "disconnected": true, "firstMsgTime": 5145.29, "group": "", "id": "", "info": {"architecture": "", "aws": {"enabled": true, "instanceId": "", "region": "", "tags": {}, "type": "", "zone": ""}, "azure": {"enabled": false, "hostname": "intelligent-license.info", "instanceId": "", "name": "", "region": "", "resourceGroup": "", "subscriptionId": "", "tags": {"key": "", "key1": ""}, "type": "", "vmId": "", "zone": ""}, "conn_ip": "", "cpus": 587.99, "cribl": {"config": {"featuresRev": "", "hbPeriodSeconds": 7254.06, "logStreamEnv": "", "policyRev": "", "version": ""}, "deploymentId": "", "disableSNIRouting": false, "distMode": "worker", "edgeNodes": 5669.89, "group": "", "guid": "", "installType": "", "lookupVersions": {}, "master": {"host": "clear-cut-armoire.com", "port": 8378.36, "servername": "", "tls": true}, "pid": 5481.66, "socksEnabled": false, "startTime": 2054.83, "tags": [""], "version": ""}, "env": {"key": "", "key1": ""}, "freeDiskSpace": 5289.31, "hostOs": {"addresses": ["", "", ""], "enabled": false, "id": "", "version": ""}, "hostname": "huge-mathematics.org", "isSaasWorker": true, "kube": {"enabled": true, "namespace": "", "node": "", "owner": {"kind": "", "name": ""}, "pod": "", "source": ""}, "localTime": 396.28, "metadata": {"aws": {"enabled": true, "instanceId": "", "region": "", "tags": {}, "type": "", "zone": ""}, "azure": {"enabled": false, "hostname": "intelligent-license.info", "instanceId": "", "name": "", "region": "", "resourceGroup": "", "subscriptionId": "", "tags": {"key": "", "key1": ""}, "type": "", "vmId": "", "zone": ""}, "hostOs": {"addresses": [], "enabled": true, "id": "", "version": ""}, "kube": {"enabled": true, "namespace": "", "node": "", "owner": {"kind": "", "name": ""}, "pod": "", "source": ""}, "os": {"addresses": [], "enabled": true, "id": "", "version": ""}}, "node": "", "os": {"addresses": [""], "enabled": true, "id": "", "version": ""}, "outpost": {"guid": "", "host": "intelligent-license.info"}, "platform": "", "release": "", "totalDiskSpace": 3554.6, "totalmem": 2822.63}, "lastMetrics": {}, "lastMsgTime": 1368.76, "metadata": {"aws": {"enabled": true, "instanceId": "", "region": "", "tags": {}, "type": "", "zone": ""}, "azure": {"enabled": false, "hostname": "intelligent-license.info", "instanceId": "", "name": "", "region": "", "resourceGroup": "", "subscriptionId": "", "tags": {"key": "", "key1": ""}, "type": "", "vmId": "", "zone": ""}, "hostOs": {"addresses": [], "enabled": true, "id": "", "version": ""}, "kube": {"enabled": true, "namespace": "", "node": "", "owner": {"kind": "", "name": ""}, "pod": "", "source": ""}, "os": {"addresses": [], "enabled": true, "id": "", "version": ""}}, "nodeUpgradeStatus": {"active": 0, "failed": 1, "skipped": 3, "state": 2, "timestamp": 962.97}, "status": "", "type": "resp", "workerProcesses": 571.25, "workers": {"count": 4154.46}}]} + "500": + application/json: {"message": ""} + getMasterWorkerEntry: + speakeasy-default-get-master-worker-entry: + parameters: + query: + filterExp: "" + responses: + "200": + application/json: {"count": 732189, "items": [3187.39]} + "500": + application/json: {"message": ""} + listConfigGroupByProduct: + speakeasy-default-list-config-group-by-product: + parameters: + path: + product: "edge" + query: + fields: "" + responses: + "200": + application/json: {"items": [{"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 7819.54, "description": "finally exaggerate coolly grade", "estimatedIngestRate": 10240, "git": {"commit": "", "localChanges": 7873.79, "log": [{"author_email": "", "author_name": "", "date": "2024-04-08", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 2891.32, "inherits": "", "isFleet": false, "isSearch": true, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": false, "provisioned": false, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 2257.24, "workerRemoteAccess": false}]} + "500": + application/json: {} + createConfigGroupByProduct: + speakeasy-default-create-config-group-by-product: + parameters: + path: + product: "edge" + requestBody: + application/json: {"estimatedIngestRate": 7168, "id": ""} + responses: + "200": + application/json: {"items": [{"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 8255.61, "description": "till boastfully before qua meanwhile suddenly", "estimatedIngestRate": 3072, "git": {"commit": "", "localChanges": 7008.23, "log": [{"author_email": "", "author_name": "", "date": "2024-04-03", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 7965.37, "inherits": "", "isFleet": true, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": false, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 4937.96, "workerRemoteAccess": true}]} + "500": + application/json: {} + CreateGroupExamplesCloudWg: + parameters: + path: + product: "stream" + requestBody: + application/json: {"cloud": {"provider": "aws", "region": "us-west-2"}, "estimatedIngestRate": 2048, "id": "goatCloudIanWg", "name": "goatcloudianwg", "onPrem": false, "provisioned": true, "type": "stream", "workerRemoteAccess": true} + responses: + "200": + application/json: {"items": [{"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 8255.61, "description": "till boastfully before qua meanwhile suddenly", "estimatedIngestRate": 3072, "git": {"commit": "", "localChanges": 7008.23, "log": [{"author_email": "", "author_name": "", "date": "2024-04-03", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 7965.37, "inherits": "", "isFleet": true, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": false, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 4937.96, "workerRemoteAccess": true}]} + "500": + application/json: {} + CreateGroupExamplesOnPremWg: + parameters: + path: + product: "edge" + requestBody: + application/json: {"description": "Worker group in customer-managed deployment", "id": "goatOnPremIanWg", "name": "goatonpremianwg", "onPrem": true, "type": "stream", "workerRemoteAccess": true} + responses: + "200": + application/json: {"items": [{"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 8255.61, "description": "till boastfully before qua meanwhile suddenly", "estimatedIngestRate": 3072, "git": {"commit": "", "localChanges": 7008.23, "log": [{"author_email": "", "author_name": "", "date": "2024-04-03", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 7965.37, "inherits": "", "isFleet": true, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": false, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 4937.96, "workerRemoteAccess": true}]} + "500": + application/json: {} + CreateGroupExamplesCloneWg: + parameters: + path: + product: "edge" + requestBody: + application/json: {"description": "Worker Group cloned from goatOnPremIanWg with identical configuration", "id": "goatOnPremDollyWg", "name": "goatonpremdollywg", "onPrem": true, "sourceGroupId": "goatOnPremIanWg", "type": "stream", "workerRemoteAccess": true} + responses: + "200": + application/json: {"items": [{"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 8255.61, "description": "till boastfully before qua meanwhile suddenly", "estimatedIngestRate": 3072, "git": {"commit": "", "localChanges": 7008.23, "log": [{"author_email": "", "author_name": "", "date": "2024-04-03", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 7965.37, "inherits": "", "isFleet": true, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": false, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 4937.96, "workerRemoteAccess": true}]} + "500": + application/json: {} + CreateGroupExamplesEdgeFleet: + parameters: + path: + product: "edge" + requestBody: + application/json: {"description": "Create a new Edge Fleet", "id": "goatIanEdgeFleet", "name": "goatianedgefleet", "onPrem": true, "type": "edge", "workerRemoteAccess": true} + responses: + "200": + application/json: {"items": [{"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 8255.61, "description": "till boastfully before qua meanwhile suddenly", "estimatedIngestRate": 3072, "git": {"commit": "", "localChanges": 7008.23, "log": [{"author_email": "", "author_name": "", "date": "2024-04-03", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 7965.37, "inherits": "", "isFleet": true, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": false, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 4937.96, "workerRemoteAccess": true}]} + "500": + application/json: {} + getConfigGroupByProductAndId: + speakeasy-default-get-config-group-by-product-and-id: + parameters: + path: + product: "edge" + id: "" + query: + fields: "" + responses: + "200": + application/json: {"items": [{"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 9897.69, "description": "inure hope kissingly why", "estimatedIngestRate": 13312, "git": {"commit": "", "localChanges": 3058.15, "log": [{"author_email": "", "author_name": "", "date": "2024-02-16", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 9309.45, "inherits": "", "isFleet": false, "isSearch": true, "lookupDeployments": [{"context": "", "lookups": []}], "maxWorkerAge": "", "name": "", "onPrem": false, "provisioned": true, "streamtags": [""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 7512.21, "workerRemoteAccess": true}]} + "500": + application/json: {} + updateConfigGroupByProductAndId: + speakeasy-default-update-config-group-by-product-and-id: + parameters: + path: + product: "stream" + id: "" + requestBody: + application/json: {"estimatedIngestRate": 13312, "id": ""} + responses: + "200": + application/json: {"items": [{"cloud": {"provider": "azure", "region": ""}, "configVersion": "", "deployingWorkerCount": 6038.43, "description": "pants sugary tricky drat", "estimatedIngestRate": 1024, "git": {"commit": "", "localChanges": 776.15, "log": [{"author_email": "", "author_name": "", "date": "2024-09-29", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 2043.29, "inherits": "", "isFleet": false, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": []}], "maxWorkerAge": "", "name": "", "onPrem": false, "provisioned": false, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 5750.42, "workerRemoteAccess": true}]} + "500": + application/json: {} + UpdateGroupExamplesScaleCloudWorkerGroup: + parameters: + path: + product: "edge" + id: "" + requestBody: + application/json: {"cloud": {"provider": "aws", "region": "us-west-2"}, "configVersion": "abc1234", "deployingWorkerCount": 0, "description": "Scaled Worker Group with estimated ingest rate of 4096 (48 MB/s, 21 Worker Processes) for increased capacity", "estimatedIngestRate": 4096, "id": "goatCloudIanWg", "incompatibleWorkerCount": 0, "lookupDeployments": [], "name": "goatcloudianwg", "onPrem": false, "provisioned": true, "type": "stream", "workerCount": 3, "workerRemoteAccess": true} + responses: + "200": + application/json: {"items": [{"cloud": {"provider": "azure", "region": ""}, "configVersion": "", "deployingWorkerCount": 6038.43, "description": "pants sugary tricky drat", "estimatedIngestRate": 1024, "git": {"commit": "", "localChanges": 776.15, "log": [{"author_email": "", "author_name": "", "date": "2024-09-29", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 2043.29, "inherits": "", "isFleet": false, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": []}], "maxWorkerAge": "", "name": "", "onPrem": false, "provisioned": false, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 5750.42, "workerRemoteAccess": true}]} + "500": + application/json: {} + UpdateGroupExamplesUpdateOnPremWorkerGroup: + parameters: + path: + product: "outpost" + id: "" + requestBody: + application/json: {"configVersion": "abc1234", "deployingWorkerCount": 0, "description": "Updated customer-managed Worker Group with remote access enabled", "id": "goatOnPremIanWg", "incompatibleWorkerCount": 0, "lookupDeployments": [], "name": "goatonpremianwg", "onPrem": true, "type": "stream", "workerCount": 5, "workerRemoteAccess": true} + responses: + "200": + application/json: {"items": [{"cloud": {"provider": "azure", "region": ""}, "configVersion": "", "deployingWorkerCount": 6038.43, "description": "pants sugary tricky drat", "estimatedIngestRate": 1024, "git": {"commit": "", "localChanges": 776.15, "log": [{"author_email": "", "author_name": "", "date": "2024-09-29", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 2043.29, "inherits": "", "isFleet": false, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": []}], "maxWorkerAge": "", "name": "", "onPrem": false, "provisioned": false, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 5750.42, "workerRemoteAccess": true}]} + "500": + application/json: {} + deleteConfigGroupByProductAndId: + speakeasy-default-delete-config-group-by-product-and-id: + parameters: + path: + product: "edge" + id: "" + responses: + "200": + application/json: {"items": [{"cloud": {"provider": "azure", "region": ""}, "configVersion": "", "deployingWorkerCount": 8537.63, "description": "after jealous revitalise noxious whenever intervention over now upwardly sailor", "estimatedIngestRate": 15360, "git": {"commit": "", "localChanges": 3514.19, "log": [{"author_email": "", "author_name": "", "date": "2024-09-16", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 409.64, "inherits": "", "isFleet": false, "isSearch": true, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": false, "provisioned": false, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 298.57, "workerRemoteAccess": false}]} + "500": + application/json: {} + updateConfigGroupDeployByProductAndId: + speakeasy-default-update-config-group-deploy-by-product-and-id: + parameters: + path: + product: "stream" + id: "" + requestBody: + application/json: {"version": ""} + responses: + "200": + application/json: {"items": [{"cloud": {"provider": "azure", "region": ""}, "configVersion": "", "deployingWorkerCount": 3445.97, "description": "while ad tune", "estimatedIngestRate": 1024, "git": {"commit": "", "localChanges": 8464.16, "log": [{"author_email": "", "author_name": "", "date": "2024-07-23", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 4511.88, "inherits": "", "isFleet": true, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": false, "provisioned": false, "streamtags": ["", "", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 7143.25, "workerRemoteAccess": false}]} + "500": + application/json: {} + getConfigGroupConfigVersionByProductAndId: + speakeasy-default-get-config-group-config-version-by-product-and-id: + parameters: + path: + product: "stream" + id: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + getConfigGroupAclByProductAndId: + speakeasy-default-get-config-group-acl-by-product-and-id: + parameters: + path: + product: "edge" + id: "" + query: + type: "macros" + responses: + "200": + application/json: {} + "500": + application/json: {} + getConfigGroupAclTeamsByProductAndId: + speakeasy-default-get-config-group-acl-teams-by-product-and-id: + parameters: + path: + product: "edge" + id: "" + query: + type: "macros" + responses: + "200": + application/json: {} + "500": + application/json: {} + getVersion: + speakeasy-default-get-version: + parameters: + query: + group: "" + count: 893.58 + groupId: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + getSystemSettingsAuth: + speakeasy-default-get-system-settings-auth: + responses: + "200": + application/json: {"count": 563315, "items": [{"fallback": true, "fallbackBadLogin": false, "filter_type": "", "host": "mysterious-schedule.biz", "port": 423.74, "ssl": false, "type": "saml"}]} + "500": + application/json: {"message": ""} + updateSystemSettingsAuth: + speakeasy-default-update-system-settings-auth: + responses: + "200": + application/json: {"count": 400711, "items": [{"fallback": false, "fallbackBadLogin": true, "filter_type": "", "host": "twin-designation.biz", "port": 7657.58, "ssl": false, "type": "ldap"}]} + "500": + application/json: {"message": ""} + getSystemSettingsConf: + speakeasy-default-get-system-settings-conf: + responses: + "200": + application/json: {} + "500": + application/json: {} + updateSystemSettingsConf: + speakeasy-default-update-system-settings-conf: + requestBody: + application/json: {"api": {"disabled": false, "host": "meaty-spring.biz", "port": 2424.38}, "backups": {"backupPersistence": "", "backupsDirectory": ""}, "pii": {"enablePiiDetection": false}, "proxy": {"useEnvVars": true}, "rollback": {"rollbackEnabled": false, "rollbackRetries": 3174.73, "rollbackTimeout": 1506.54}, "shutdown": {"drainTimeout": 3723.75}, "sni": {"disableSNIRouting": false}, "system": {"intercom": false, "upgrade": "api"}, "tls": {"defaultCipherList": "", "defaultEcdhCurve": "", "maxVersion": "", "minVersion": "", "rejectUnauthorized": true}, "upgradeGroupSettings": {}, "upgradeSettings": {}, "workers": {"count": 2124.14, "memory": 20.53, "minimum": 6157.83}} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateSystemSettingsExamplesUpdateApiSettings: + requestBody: + application/json: {"api": {"disabled": false, "host": "0.0.0.0", "port": 9000, "ssl": {"certPath": "/opt/cribl/local/cribl/auth/cribl.crt", "disabled": false, "passphrase": "", "privKeyPath": "/opt/cribl/local/cribl/auth/cribl.key"}}, "backups": {"backupPersistence": "24h", "backupsDirectory": "$CRIBL_STATE_DIR/backups"}, "pii": {"enablePiiDetection": false}, "proxy": {"useEnvVars": false}, "rollback": {"rollbackEnabled": true}, "shutdown": {"drainTimeout": 10000}, "sni": {"disableSNIRouting": false}, "system": {"intercom": true, "upgrade": "api"}, "tls": {"defaultCipherList": "DEFAULT", "defaultEcdhCurve": "auto", "maxVersion": "TLSv1.3", "minVersion": "TLSv1.2", "rejectUnauthorized": true}, "upgradeGroupSettings": {"isRolling": true, "quantity": 100, "retryCount": 5, "retryDelay": 1000}, "upgradeSettings": {}, "workers": {"count": 0, "memory": 0, "minimum": 1}} + responses: + "200": + application/json: {} + "500": + application/json: {} + getSystemSettingsGitSettings: + speakeasy-default-get-system-settings-git-settings: + responses: + "200": + application/json: {"count": 768920, "items": [{"authType": "", "autoAction": "", "autoActionMessage": "", "autoActionSchedule": "", "branch": "", "commitDeploySingleAction": true, "copilotAutoGitCommitMessages": true, "defaultCommitMessage": "", "gitOps": "push", "password": "dMi03kRzdqMeY7Q", "remote": "", "sshKey": "", "strictHostKeyChecking": true, "timeout": 3119.66, "user": "Mona_Ebert98"}]} + "500": + application/json: {"message": ""} + updateSystemSettingsGitSettings: + speakeasy-default-update-system-settings-git-settings: + responses: + "200": + application/json: {"count": 6619, "items": [{"authType": "", "autoAction": "", "autoActionMessage": "", "autoActionSchedule": "", "branch": "", "commitDeploySingleAction": true, "copilotAutoGitCommitMessages": false, "defaultCommitMessage": "", "gitOps": "none", "password": "qUY4EQ7xkkuLNCo", "remote": "", "sshKey": "", "strictHostKeyChecking": true, "timeout": 7121.45, "user": "Wyman11"}]} + "500": + application/json: {"message": ""} + getPacksById: + speakeasy-default-get-packs-by-id: + parameters: + path: + id: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + createAuthLogin: + speakeasy-default-create-auth-login: + requestBody: + application/json: {"password": "6j50J9421x29IhO", "username": "Lilly_Weissnat"} + responses: + "200": + application/json: {"forcePasswordChange": true, "token": ""} + "500": + application/json: {} + getHealth: + speakeasy-default-get-health: + responses: + "200": + application/json: {"startTime": 1037.51, "status": "healthy"} + "420": + application/json: {"startTime": 7966.74, "status": "healthy"} + "500": + application/json: {} + HealthExamplesHealthyPrimary: + responses: + "200": + application/json: {"overlay": {"state": "inactive"}, "role": "primary", "startTime": 1700000000000, "status": "healthy"} + "420": + application/json: {"overlay": {"state": "inactive"}, "role": "primary", "startTime": 1700000000000, "status": "healthy"} + createSavedJob: + CollectorExamplesRest: + parameters: + query: + criblPack: "" + requestBody: + application/json: {"id": "", "description": "pomelo outside offensively ew", "type": "executor", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": ["", ""], "resumeOnBoot": true, "environment": "", "schedule": {"enabled": true, "skippable": true, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 3006.78, "run": {"type": "collection", "rescheduleDroppedTasks": true, "maxTaskReschedule": 1211.14, "logLevel": "debug", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 4847.66, "latest": 3337.75, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "workerAffinity": true, "collector": {"type": "database", "conf": {"connectionId": "", "query": "", "queryValidationEnabled": true, "defaultBreakers": "Cribl", "__scheduling": {"stateTracking": {"enabled": false}}}, "destructive": false, "encoding": ""}, "input": {"type": "collection", "breakerRulesets": ["", "", ""], "staleChannelFlushMs": 3845.21, "sendToRoutes": true, "preprocess": {"disabled": true, "command": "", "args": ["", "", ""]}, "throttleRatePerSec": "", "metadata": [{"name": "", "value": ""}], "pipeline": "", "output": ""}} + responses: + "200": + application/json: {} + "500": + application/json: {} + CollectorExamplesS3: + parameters: + query: + criblPack: "" + requestBody: + application/json: {"id": "", "description": "pomelo outside offensively ew", "type": "executor", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": ["", ""], "resumeOnBoot": true, "environment": "", "schedule": {"enabled": true, "skippable": true, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 3006.78, "run": {"type": "collection", "rescheduleDroppedTasks": true, "maxTaskReschedule": 1211.14, "logLevel": "debug", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 4847.66, "latest": 3337.75, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "workerAffinity": true, "collector": {"type": "database", "conf": {"connectionId": "", "query": "", "queryValidationEnabled": true, "defaultBreakers": "Cribl", "__scheduling": {"stateTracking": {"enabled": false}}}, "destructive": false, "encoding": ""}, "input": {"type": "collection", "breakerRulesets": ["", "", ""], "staleChannelFlushMs": 3845.21, "sendToRoutes": true, "preprocess": {"disabled": true, "command": "", "args": ["", "", ""]}, "throttleRatePerSec": "", "metadata": [{"name": "", "value": ""}], "pipeline": "", "output": ""}} + responses: + "200": + application/json: {} + "500": + application/json: {} + CollectorExamplesFilesystem: + parameters: + query: + criblPack: "" + requestBody: + application/json: {"id": "", "description": "against between cop-out wretched", "type": "executor", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": [""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": true, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 3006.78, "run": {"type": "collection", "rescheduleDroppedTasks": true, "maxTaskReschedule": 1211.14, "logLevel": "debug", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 4847.66, "latest": 3337.75, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", "", ""], "executor": {"type": "", "storeTaskResults": true, "conf": {}}} + responses: + "200": + application/json: {} + "500": + application/json: {} + CollectorExamplesAzureBlob: + parameters: + query: + criblPack: "" + requestBody: + application/json: {"id": "", "description": "pomelo outside offensively ew", "type": "executor", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": ["", ""], "resumeOnBoot": true, "environment": "", "schedule": {"enabled": true, "skippable": true, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 3006.78, "run": {"type": "collection", "rescheduleDroppedTasks": true, "maxTaskReschedule": 1211.14, "logLevel": "debug", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 4847.66, "latest": 3337.75, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "workerAffinity": true, "collector": {"type": "database", "conf": {"connectionId": "", "query": "", "queryValidationEnabled": true, "defaultBreakers": "Cribl", "__scheduling": {"stateTracking": {"enabled": false}}}, "destructive": false, "encoding": ""}, "input": {"type": "collection", "breakerRulesets": ["", "", ""], "staleChannelFlushMs": 3845.21, "sendToRoutes": true, "preprocess": {"disabled": true, "command": "", "args": ["", "", ""]}, "throttleRatePerSec": "", "metadata": [{"name": "", "value": ""}], "pipeline": "", "output": ""}} + responses: + "200": + application/json: {} + "500": + application/json: {} + CollectorExamplesGoogleCloudStorage: + parameters: + query: + criblPack: "" + requestBody: + application/json: {"id": "", "description": "pomelo outside offensively ew", "type": "executor", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": ["", ""], "resumeOnBoot": true, "environment": "", "schedule": {"enabled": true, "skippable": true, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 3006.78, "run": {"type": "collection", "rescheduleDroppedTasks": true, "maxTaskReschedule": 1211.14, "logLevel": "debug", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 4847.66, "latest": 3337.75, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "workerAffinity": true, "collector": {"type": "database", "conf": {"connectionId": "", "query": "", "queryValidationEnabled": true, "defaultBreakers": "Cribl", "__scheduling": {"stateTracking": {"enabled": false}}}, "destructive": false, "encoding": ""}, "input": {"type": "collection", "breakerRulesets": ["", "", ""], "staleChannelFlushMs": 3845.21, "sendToRoutes": true, "preprocess": {"disabled": true, "command": "", "args": ["", "", ""]}, "throttleRatePerSec": "", "metadata": [{"name": "", "value": ""}], "pipeline": "", "output": ""}} + responses: + "200": + application/json: {} + "500": + application/json: {} + CollectorExamplesDatabase: + parameters: + query: + criblPack: "" + requestBody: + application/json: {"id": "", "description": "however loyally as likely silent", "type": "executor", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": ["", "", ""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": true, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 3006.78, "run": {"type": "collection", "rescheduleDroppedTasks": true, "maxTaskReschedule": 1211.14, "logLevel": "debug", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 4847.66, "latest": 3337.75, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": [""], "savedQueryId": ""} + responses: + "200": + application/json: {} + "500": + application/json: {} + CollectorExamplesSplunk: + parameters: + query: + criblPack: "" + requestBody: + application/json: {"id": "", "description": "pomelo outside offensively ew", "type": "executor", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": ["", ""], "resumeOnBoot": true, "environment": "", "schedule": {"enabled": true, "skippable": true, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 3006.78, "run": {"type": "collection", "rescheduleDroppedTasks": true, "maxTaskReschedule": 1211.14, "logLevel": "debug", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 4847.66, "latest": 3337.75, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "workerAffinity": true, "collector": {"type": "database", "conf": {"connectionId": "", "query": "", "queryValidationEnabled": true, "defaultBreakers": "Cribl", "__scheduling": {"stateTracking": {"enabled": false}}}, "destructive": false, "encoding": ""}, "input": {"type": "collection", "breakerRulesets": ["", "", ""], "staleChannelFlushMs": 3845.21, "sendToRoutes": true, "preprocess": {"disabled": true, "command": "", "args": ["", "", ""]}, "throttleRatePerSec": "", "metadata": [{"name": "", "value": ""}], "pipeline": "", "output": ""}} + responses: + "200": + application/json: {} + "500": + application/json: {} + CollectorExamplesScript: + parameters: + query: + criblPack: "" + requestBody: + application/json: {"id": "", "description": "pomelo outside offensively ew", "type": "executor", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": ["", ""], "resumeOnBoot": true, "environment": "", "schedule": {"enabled": true, "skippable": true, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 3006.78, "run": {"type": "collection", "rescheduleDroppedTasks": true, "maxTaskReschedule": 1211.14, "logLevel": "debug", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 4847.66, "latest": 3337.75, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "workerAffinity": true, "collector": {"type": "database", "conf": {"connectionId": "", "query": "", "queryValidationEnabled": true, "defaultBreakers": "Cribl", "__scheduling": {"stateTracking": {"enabled": false}}}, "destructive": false, "encoding": ""}, "input": {"type": "collection", "breakerRulesets": ["", "", ""], "staleChannelFlushMs": 3845.21, "sendToRoutes": true, "preprocess": {"disabled": true, "command": "", "args": ["", "", ""]}, "throttleRatePerSec": "", "metadata": [{"name": "", "value": ""}], "pipeline": "", "output": ""}} + responses: + "200": + application/json: {} + "500": + application/json: {} + CollectorExamplesCriblLake: + parameters: + query: + criblPack: "" + requestBody: + application/json: {"id": "", "description": "however loyally as likely silent", "type": "executor", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": ["", "", ""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": true, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 3006.78, "run": {"type": "collection", "rescheduleDroppedTasks": true, "maxTaskReschedule": 1211.14, "logLevel": "debug", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 4847.66, "latest": 3337.75, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": [""], "savedQueryId": ""} + responses: + "200": + application/json: {} + "500": + application/json: {} + speakeasy-default-create-saved-job: + parameters: + query: + criblPack: "" + requestBody: + application/json: {"id": "", "description": "against between cop-out wretched", "type": "executor", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": [""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": true, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 3006.78, "run": {"type": "collection", "rescheduleDroppedTasks": true, "maxTaskReschedule": 1211.14, "logLevel": "debug", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 4847.66, "latest": 3337.75, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", "", ""], "executor": {"type": "", "storeTaskResults": true, "conf": {}}} + responses: + "200": + application/json: {} + "500": + application/json: {} + getSavedJob: + speakeasy-default-get-saved-job: + parameters: + query: + collectorType: "" + criblPack: "" + groupId: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + deleteSavedJobById: + speakeasy-default-delete-saved-job-by-id: + parameters: + path: + id: "" + query: + criblPack: "" + groupId: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + getSavedJobById: + speakeasy-default-get-saved-job-by-id: + parameters: + path: + id: "" + query: + criblPack: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + updateSavedJobById: + CollectorExamplesRest: + parameters: + path: + id: "" + query: + criblPack: "" + requestBody: + application/json: {"id": "", "description": "unabashedly notwithstanding ugh digestive", "type": "scheduledSearch", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": [""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": false, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 1498.35, "run": {"type": "collection", "rescheduleDroppedTasks": false, "maxTaskReschedule": 9677.47, "logLevel": "error", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 8882.78, "latest": 6778.74, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "workerAffinity": false, "collector": {"type": "s3", "conf": {"awsAuthenticationMethod": "auto", "outputName": "", "bucket": "", "parquetChunkSizeMB": 2532.22, "parquetChunkDownloadTimeout": 6271.26, "region": "", "path": "/selinux", "partitioningScheme": "none", "extractors": [{"key": "", "expression": ""}], "endpoint": "", "enableAssumeRole": true, "assumeRoleArn": "", "assumeRoleExternalId": "", "durationSeconds": 2075.63, "maxBatchSize": 968.91, "reuseConnections": true, "rejectUnauthorized": false, "verifyPermissions": true, "disableTimeFilter": true}, "destructive": true, "encoding": ""}, "input": {"type": "collection", "breakerRulesets": [""], "staleChannelFlushMs": 6331.52, "sendToRoutes": false, "preprocess": {"disabled": true, "command": "", "args": ["", "", ""]}, "throttleRatePerSec": "", "metadata": [{"name": "", "value": ""}], "pipeline": "", "output": ""}} + responses: + "200": + application/json: {} + "500": + application/json: {} + CollectorExamplesS3: + parameters: + path: + id: "" + query: + criblPack: "" + requestBody: + application/json: {"id": "", "description": "sparse obnoxiously editor sticker finally into down", "type": "scheduledSearch", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": [""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": false, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 1498.35, "run": {"type": "collection", "rescheduleDroppedTasks": false, "maxTaskReschedule": 9677.47, "logLevel": "error", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 8882.78, "latest": 6778.74, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "executor": {"type": "", "storeTaskResults": true, "conf": {}}} + responses: + "200": + application/json: {} + "500": + application/json: {} + CollectorExamplesFilesystem: + parameters: + path: + id: "" + query: + criblPack: "" + requestBody: + application/json: {"id": "", "description": "gee pomelo coincide animated yesterday fatally adolescent till inside rule", "type": "scheduledSearch", "ttl": "", "ignoreGroupJobsLimit": true, "removeFields": ["", "", ""], "resumeOnBoot": true, "environment": "", "schedule": {"enabled": true, "skippable": false, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 1498.35, "run": {"type": "collection", "rescheduleDroppedTasks": false, "maxTaskReschedule": 9677.47, "logLevel": "error", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 8882.78, "latest": 6778.74, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": [""], "savedQueryId": ""} + responses: + "200": + application/json: {} + "500": + application/json: {} + CollectorExamplesAzureBlob: + parameters: + path: + id: "" + query: + criblPack: "" + requestBody: + application/json: {"id": "", "description": "sparse obnoxiously editor sticker finally into down", "type": "scheduledSearch", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": [""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": false, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 1498.35, "run": {"type": "collection", "rescheduleDroppedTasks": false, "maxTaskReschedule": 9677.47, "logLevel": "error", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 8882.78, "latest": 6778.74, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "executor": {"type": "", "storeTaskResults": true, "conf": {}}} + responses: + "200": + application/json: {} + "500": + application/json: {} + CollectorExamplesGoogleCloudStorage: + parameters: + path: + id: "" + query: + criblPack: "" + requestBody: + application/json: {"id": "", "description": "sparse obnoxiously editor sticker finally into down", "type": "scheduledSearch", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": [""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": false, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 1498.35, "run": {"type": "collection", "rescheduleDroppedTasks": false, "maxTaskReschedule": 9677.47, "logLevel": "error", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 8882.78, "latest": 6778.74, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "executor": {"type": "", "storeTaskResults": true, "conf": {}}} + responses: + "200": + application/json: {} + "500": + application/json: {} + CollectorExamplesDatabase: + parameters: + path: + id: "" + query: + criblPack: "" + requestBody: + application/json: {"id": "", "description": "unabashedly notwithstanding ugh digestive", "type": "scheduledSearch", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": [""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": false, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 1498.35, "run": {"type": "collection", "rescheduleDroppedTasks": false, "maxTaskReschedule": 9677.47, "logLevel": "error", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 8882.78, "latest": 6778.74, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "workerAffinity": false, "collector": {"type": "s3", "conf": {"awsAuthenticationMethod": "auto", "outputName": "", "bucket": "", "parquetChunkSizeMB": 2532.22, "parquetChunkDownloadTimeout": 6271.26, "region": "", "path": "/selinux", "partitioningScheme": "none", "extractors": [{"key": "", "expression": ""}], "endpoint": "", "enableAssumeRole": true, "assumeRoleArn": "", "assumeRoleExternalId": "", "durationSeconds": 2075.63, "maxBatchSize": 968.91, "reuseConnections": true, "rejectUnauthorized": false, "verifyPermissions": true, "disableTimeFilter": true}, "destructive": true, "encoding": ""}, "input": {"type": "collection", "breakerRulesets": [""], "staleChannelFlushMs": 6331.52, "sendToRoutes": false, "preprocess": {"disabled": true, "command": "", "args": ["", "", ""]}, "throttleRatePerSec": "", "metadata": [{"name": "", "value": ""}], "pipeline": "", "output": ""}} + responses: + "200": + application/json: {} + "500": + application/json: {} + CollectorExamplesSplunk: + parameters: + path: + id: "" + query: + criblPack: "" + requestBody: + application/json: {"id": "", "description": "unabashedly notwithstanding ugh digestive", "type": "scheduledSearch", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": [""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": false, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 1498.35, "run": {"type": "collection", "rescheduleDroppedTasks": false, "maxTaskReschedule": 9677.47, "logLevel": "error", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 8882.78, "latest": 6778.74, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "workerAffinity": false, "collector": {"type": "s3", "conf": {"awsAuthenticationMethod": "auto", "outputName": "", "bucket": "", "parquetChunkSizeMB": 2532.22, "parquetChunkDownloadTimeout": 6271.26, "region": "", "path": "/selinux", "partitioningScheme": "none", "extractors": [{"key": "", "expression": ""}], "endpoint": "", "enableAssumeRole": true, "assumeRoleArn": "", "assumeRoleExternalId": "", "durationSeconds": 2075.63, "maxBatchSize": 968.91, "reuseConnections": true, "rejectUnauthorized": false, "verifyPermissions": true, "disableTimeFilter": true}, "destructive": true, "encoding": ""}, "input": {"type": "collection", "breakerRulesets": [""], "staleChannelFlushMs": 6331.52, "sendToRoutes": false, "preprocess": {"disabled": true, "command": "", "args": ["", "", ""]}, "throttleRatePerSec": "", "metadata": [{"name": "", "value": ""}], "pipeline": "", "output": ""}} + responses: + "200": + application/json: {} + "500": + application/json: {} + CollectorExamplesScript: + parameters: + path: + id: "" + query: + criblPack: "" + requestBody: + application/json: {"id": "", "description": "unabashedly notwithstanding ugh digestive", "type": "scheduledSearch", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": [""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": false, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 1498.35, "run": {"type": "collection", "rescheduleDroppedTasks": false, "maxTaskReschedule": 9677.47, "logLevel": "error", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 8882.78, "latest": 6778.74, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "workerAffinity": false, "collector": {"type": "s3", "conf": {"awsAuthenticationMethod": "auto", "outputName": "", "bucket": "", "parquetChunkSizeMB": 2532.22, "parquetChunkDownloadTimeout": 6271.26, "region": "", "path": "/selinux", "partitioningScheme": "none", "extractors": [{"key": "", "expression": ""}], "endpoint": "", "enableAssumeRole": true, "assumeRoleArn": "", "assumeRoleExternalId": "", "durationSeconds": 2075.63, "maxBatchSize": 968.91, "reuseConnections": true, "rejectUnauthorized": false, "verifyPermissions": true, "disableTimeFilter": true}, "destructive": true, "encoding": ""}, "input": {"type": "collection", "breakerRulesets": [""], "staleChannelFlushMs": 6331.52, "sendToRoutes": false, "preprocess": {"disabled": true, "command": "", "args": ["", "", ""]}, "throttleRatePerSec": "", "metadata": [{"name": "", "value": ""}], "pipeline": "", "output": ""}} + responses: + "200": + application/json: {} + "500": + application/json: {} + CollectorExamplesCriblLake: + parameters: + path: + id: "" + query: + criblPack: "" + requestBody: + application/json: {"id": "", "description": "unabashedly notwithstanding ugh digestive", "type": "scheduledSearch", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": [""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": false, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 1498.35, "run": {"type": "collection", "rescheduleDroppedTasks": false, "maxTaskReschedule": 9677.47, "logLevel": "error", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 8882.78, "latest": 6778.74, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "workerAffinity": false, "collector": {"type": "s3", "conf": {"awsAuthenticationMethod": "auto", "outputName": "", "bucket": "", "parquetChunkSizeMB": 2532.22, "parquetChunkDownloadTimeout": 6271.26, "region": "", "path": "/selinux", "partitioningScheme": "none", "extractors": [{"key": "", "expression": ""}], "endpoint": "", "enableAssumeRole": true, "assumeRoleArn": "", "assumeRoleExternalId": "", "durationSeconds": 2075.63, "maxBatchSize": 968.91, "reuseConnections": true, "rejectUnauthorized": false, "verifyPermissions": true, "disableTimeFilter": true}, "destructive": true, "encoding": ""}, "input": {"type": "collection", "breakerRulesets": [""], "staleChannelFlushMs": 6331.52, "sendToRoutes": false, "preprocess": {"disabled": true, "command": "", "args": ["", "", ""]}, "throttleRatePerSec": "", "metadata": [{"name": "", "value": ""}], "pipeline": "", "output": ""}} + responses: + "200": + application/json: {} + "500": + application/json: {} + speakeasy-default-update-saved-job-by-id: + parameters: + path: + id: "" + query: + criblPack: "" + requestBody: + application/json: {"id": "", "description": "gee pomelo coincide animated yesterday fatally adolescent till inside rule", "type": "scheduledSearch", "ttl": "", "ignoreGroupJobsLimit": true, "removeFields": ["", "", ""], "resumeOnBoot": true, "environment": "", "schedule": {"enabled": true, "skippable": false, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 1498.35, "run": {"type": "collection", "rescheduleDroppedTasks": false, "maxTaskReschedule": 9677.47, "logLevel": "error", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 8882.78, "latest": 6778.74, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": [""], "savedQueryId": ""} + responses: + "200": + application/json: {} + "500": + application/json: {} + getFunctionsById: + speakeasy-default-get-functions-by-id: + parameters: + path: + id: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + getFunctions: + speakeasy-default-get-functions: + responses: + "200": + application/json: {} + "500": + application/json: {} + createDatabaseConnectionConfig: + DatabaseConnectionExamplesMySQLWithConnectionString: + requestBody: + application/json: {"authType": "connectionString", "connectionString": "mysql://admin:password123@mysql.example.com:3306/production?ssl=true", "connectionTimeout": 10000, "databaseType": "mysql", "description": "Production MySQL database for customer data", "id": "mysql-prod-db", "tags": "production,mysql,customer-data"} + responses: + "200": + application/json: {} + "500": + application/json: {} + DatabaseConnectionExamplesMySQLWithSecret: + requestBody: + application/json: {"authType": "secret", "connectionTimeout": 15000, "databaseType": "mysql", "description": "Analytics MySQL database", "id": "mysql-analytics-db", "tags": "analytics,mysql", "textSecret": "mysql-analytics-connection"} + responses: + "200": + application/json: {} + "500": + application/json: {} + DatabaseConnectionExamplesPostgreSQLWithConnectionString: + requestBody: + application/json: {"authType": "connectionString", "connectionString": "postgresql://warehouse_user:SecurePass456@postgres.example.com:5432/warehouse?sslmode=require", "connectionTimeout": 15000, "databaseType": "postgres", "description": "Data warehouse PostgreSQL database", "id": "postgres-warehouse", "tags": "warehouse,postgres,reporting"} + responses: + "200": + application/json: {} + "500": + application/json: {} + DatabaseConnectionExamplesPostgreSQLWithSecret: + requestBody: + application/json: {"authType": "secret", "connectionTimeout": 10000, "databaseType": "postgres", "description": "Logs PostgreSQL database", "id": "postgres-logs", "tags": "logs,postgres", "textSecret": "postgres-logs-connection"} + responses: + "200": + application/json: {} + "500": + application/json: {} + DatabaseConnectionExamplesSQLServerWithConnectionString: + requestBody: + application/json: {"authType": "connectionString", "connectionString": "Server=sqlserver.example.com;Database=ERP;User Id=erp_admin;Password=ERP_Pass789!;Encrypt=true", "connectionTimeout": 15000, "databaseType": "sqlserver", "description": "ERP SQL Server database", "id": "sqlserver-erp", "requestTimeout": 30000, "tags": "erp,sqlserver,finance"} + responses: + "200": + application/json: {} + "500": + application/json: {} + DatabaseConnectionExamplesSQLServerWithSecret: + requestBody: + application/json: {"authType": "secret", "connectionTimeout": 15000, "databaseType": "sqlserver", "description": "CRM SQL Server database", "id": "sqlserver-crm", "requestTimeout": 15000, "tags": "crm,sqlserver,sales", "textSecret": "sqlserver-crm-connection"} + responses: + "200": + application/json: {} + "500": + application/json: {} + DatabaseConnectionExamplesSQLServerWithConfigObject: + requestBody: + application/json: {"authType": "configObj", "configObj": "{\"server\":\"sqlserver.example.com\",\"database\":\"Reporting\",\"user\":\"report_user\",\"password\":\"Report_Pass123!\",\"options\":{\"encrypt\":true,\"trustServerCertificate\":false,\"connectTimeout\":20000}}", "databaseType": "sqlserver", "description": "Reporting SQL Server database with custom config", "id": "sqlserver-reporting", "requestTimeout": 60000, "tags": "reporting,sqlserver,analytics"} + responses: + "200": + application/json: {} + "500": + application/json: {} + DatabaseConnectionExamplesOracleWithConnectionString: + requestBody: + application/json: {"authType": "connectionString", "connectionString": "oracle.example.com:1521/ORCL", "connectionTimeout": 15000, "databaseType": "oracle", "description": "Oracle ERP database", "id": "oracle-erp", "password": "Oracle_Pass456!", "tags": "erp,oracle,finance", "user": "erp_user"} + responses: + "200": + application/json: {} + "500": + application/json: {} + DatabaseConnectionExamplesOracleWithSecret: + requestBody: + application/json: {"authType": "secret", "connectionTimeout": 20000, "databaseType": "oracle", "description": "Oracle data warehouse", "id": "oracle-warehouse", "password": "Warehouse_Pass789!", "tags": "warehouse,oracle,reporting", "textSecret": "oracle-warehouse-connection", "user": "warehouse_user"} + responses: + "200": + application/json: {} + "500": + application/json: {} + DatabaseConnectionExamplesOracleWithCredentialsSecrets: + requestBody: + application/json: {"authType": "secrets", "connectionTimeout": 15000, "credsSecrets": "oracle-secure-credentials", "databaseType": "oracle", "description": "High-security Oracle database with credential secrets", "id": "oracle-secure-db", "tags": "secure,oracle,sensitive-data", "textSecret": "oracle-secure-connection"} + responses: + "200": + application/json: {} + "500": + application/json: {} + speakeasy-default-create-database-connection-config: + requestBody: + application/json: {"authType": "", "databaseType": "postgres", "description": "besides investigate yowza skyline promptly daintily afore contravene meanwhile", "id": ""} + responses: + "200": + application/json: {} + "500": + application/json: {} + deleteDatabaseConnectionConfigById: + speakeasy-default-delete-database-connection-config-by-id: + parameters: + path: + id: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + getDatabaseConnectionConfigById: + speakeasy-default-get-database-connection-config-by-id: + parameters: + path: + id: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + updateDatabaseConnectionConfigById: + DatabaseConnectionExamplesMySQLWithConnectionString: + parameters: + path: + id: "" + requestBody: + application/json: {"authType": "connectionString", "connectionString": "mysql://admin:password123@mysql.example.com:3306/production?ssl=true", "connectionTimeout": 10000, "databaseType": "mysql", "description": "Production MySQL database for customer data", "id": "mysql-prod-db", "tags": "production,mysql,customer-data"} + responses: + "200": + application/json: {} + "500": + application/json: {} + DatabaseConnectionExamplesMySQLWithSecret: + parameters: + path: + id: "" + requestBody: + application/json: {"authType": "secret", "connectionTimeout": 15000, "databaseType": "mysql", "description": "Analytics MySQL database", "id": "mysql-analytics-db", "tags": "analytics,mysql", "textSecret": "mysql-analytics-connection"} + responses: + "200": + application/json: {} + "500": + application/json: {} + DatabaseConnectionExamplesPostgreSQLWithConnectionString: + parameters: + path: + id: "" + requestBody: + application/json: {"authType": "connectionString", "connectionString": "postgresql://warehouse_user:SecurePass456@postgres.example.com:5432/warehouse?sslmode=require", "connectionTimeout": 15000, "databaseType": "postgres", "description": "Data warehouse PostgreSQL database", "id": "postgres-warehouse", "tags": "warehouse,postgres,reporting"} + responses: + "200": + application/json: {} + "500": + application/json: {} + DatabaseConnectionExamplesPostgreSQLWithSecret: + parameters: + path: + id: "" + requestBody: + application/json: {"authType": "secret", "connectionTimeout": 10000, "databaseType": "postgres", "description": "Logs PostgreSQL database", "id": "postgres-logs", "tags": "logs,postgres", "textSecret": "postgres-logs-connection"} + responses: + "200": + application/json: {} + "500": + application/json: {} + DatabaseConnectionExamplesSQLServerWithConnectionString: + parameters: + path: + id: "" + requestBody: + application/json: {"authType": "connectionString", "connectionString": "Server=sqlserver.example.com;Database=ERP;User Id=erp_admin;Password=ERP_Pass789!;Encrypt=true", "connectionTimeout": 15000, "databaseType": "sqlserver", "description": "ERP SQL Server database", "id": "sqlserver-erp", "requestTimeout": 30000, "tags": "erp,sqlserver,finance"} + responses: + "200": + application/json: {} + "500": + application/json: {} + DatabaseConnectionExamplesSQLServerWithSecret: + parameters: + path: + id: "" + requestBody: + application/json: {"authType": "secret", "connectionTimeout": 15000, "databaseType": "sqlserver", "description": "CRM SQL Server database", "id": "sqlserver-crm", "requestTimeout": 15000, "tags": "crm,sqlserver,sales", "textSecret": "sqlserver-crm-connection"} + responses: + "200": + application/json: {} + "500": + application/json: {} + DatabaseConnectionExamplesSQLServerWithConfigObject: + parameters: + path: + id: "" + requestBody: + application/json: {"authType": "configObj", "configObj": "{\"server\":\"sqlserver.example.com\",\"database\":\"Reporting\",\"user\":\"report_user\",\"password\":\"Report_Pass123!\",\"options\":{\"encrypt\":true,\"trustServerCertificate\":false,\"connectTimeout\":20000}}", "databaseType": "sqlserver", "description": "Reporting SQL Server database with custom config", "id": "sqlserver-reporting", "requestTimeout": 60000, "tags": "reporting,sqlserver,analytics"} + responses: + "200": + application/json: {} + "500": + application/json: {} + DatabaseConnectionExamplesOracleWithConnectionString: + parameters: + path: + id: "" + requestBody: + application/json: {"authType": "connectionString", "connectionString": "oracle.example.com:1521/ORCL", "connectionTimeout": 15000, "databaseType": "oracle", "description": "Oracle ERP database", "id": "oracle-erp", "password": "Oracle_Pass456!", "tags": "erp,oracle,finance", "user": "erp_user"} + responses: + "200": + application/json: {} + "500": + application/json: {} + DatabaseConnectionExamplesOracleWithSecret: + parameters: + path: + id: "" + requestBody: + application/json: {"authType": "secret", "connectionTimeout": 20000, "databaseType": "oracle", "description": "Oracle data warehouse", "id": "oracle-warehouse", "password": "Warehouse_Pass789!", "tags": "warehouse,oracle,reporting", "textSecret": "oracle-warehouse-connection", "user": "warehouse_user"} + responses: + "200": + application/json: {} + "500": + application/json: {} + DatabaseConnectionExamplesOracleWithCredentialsSecrets: + parameters: + path: + id: "" + requestBody: + application/json: {"authType": "secrets", "connectionTimeout": 15000, "credsSecrets": "oracle-secure-credentials", "databaseType": "oracle", "description": "High-security Oracle database with credential secrets", "id": "oracle-secure-db", "tags": "secure,oracle,sensitive-data", "textSecret": "oracle-secure-connection"} + responses: + "200": + application/json: {} + "500": + application/json: {} + speakeasy-default-update-database-connection-config-by-id: + parameters: + path: + id: "" + requestBody: + application/json: {"authType": "", "databaseType": "oracle", "description": "developmental oof hourly", "id": ""} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateDatabaseConnectionExamplesMySQLWithConnectionString: + parameters: + path: + id: "" + requestBody: + application/json: {"authType": "connectionString", "connectionString": "mysql://admin:password123@mysql.example.com:3306/production?ssl=true", "connectionTimeout": 10000, "databaseType": "mysql", "description": "Production MySQL database for customer data", "id": "mysql-prod-db", "tags": "production,mysql,customer-data"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateDatabaseConnectionExamplesMySQLWithSecret: + parameters: + path: + id: "" + requestBody: + application/json: {"authType": "secret", "connectionTimeout": 15000, "databaseType": "mysql", "description": "Analytics MySQL database", "id": "mysql-analytics-db", "tags": "analytics,mysql", "textSecret": "mysql-analytics-connection"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateDatabaseConnectionExamplesPostgreSQLWithConnectionString: + parameters: + path: + id: "" + requestBody: + application/json: {"authType": "connectionString", "connectionString": "postgresql://warehouse_user:SecurePass456@postgres.example.com:5432/warehouse?sslmode=require", "connectionTimeout": 15000, "databaseType": "postgres", "description": "Data warehouse PostgreSQL database", "id": "postgres-warehouse", "tags": "warehouse,postgres,reporting"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateDatabaseConnectionExamplesPostgreSQLWithSecret: + parameters: + path: + id: "" + requestBody: + application/json: {"authType": "secret", "connectionTimeout": 10000, "databaseType": "postgres", "description": "Logs PostgreSQL database", "id": "postgres-logs", "tags": "logs,postgres", "textSecret": "postgres-logs-connection"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateDatabaseConnectionExamplesSQLServerWithConnectionString: + parameters: + path: + id: "" + requestBody: + application/json: {"authType": "connectionString", "connectionString": "Server=sqlserver.example.com;Database=ERP;User Id=erp_admin;Password=ERP_Pass789!;Encrypt=true", "connectionTimeout": 15000, "databaseType": "sqlserver", "description": "ERP SQL Server database", "id": "sqlserver-erp", "requestTimeout": 30000, "tags": "erp,sqlserver,finance"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateDatabaseConnectionExamplesSQLServerWithSecret: + parameters: + path: + id: "" + requestBody: + application/json: {"authType": "secret", "connectionTimeout": 15000, "databaseType": "sqlserver", "description": "CRM SQL Server database", "id": "sqlserver-crm", "requestTimeout": 15000, "tags": "crm,sqlserver,sales", "textSecret": "sqlserver-crm-connection"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateDatabaseConnectionExamplesSQLServerWithConfigObject: + parameters: + path: + id: "" + requestBody: + application/json: {"authType": "configObj", "configObj": "{\"server\":\"sqlserver.example.com\",\"database\":\"Reporting\",\"user\":\"report_user\",\"password\":\"Report_Pass123!\",\"options\":{\"encrypt\":true,\"trustServerCertificate\":false,\"connectTimeout\":20000}}", "databaseType": "sqlserver", "description": "Reporting SQL Server database with custom config", "id": "sqlserver-reporting", "requestTimeout": 60000, "tags": "reporting,sqlserver,analytics"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateDatabaseConnectionExamplesOracleWithConnectionString: + parameters: + path: + id: "" + requestBody: + application/json: {"authType": "connectionString", "connectionString": "oracle.example.com:1521/ORCL", "connectionTimeout": 15000, "databaseType": "oracle", "description": "Oracle ERP database", "id": "oracle-erp", "password": "Oracle_Pass456!", "tags": "erp,oracle,finance", "user": "erp_user"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateDatabaseConnectionExamplesOracleWithSecret: + parameters: + path: + id: "" + requestBody: + application/json: {"authType": "secret", "connectionTimeout": 20000, "databaseType": "oracle", "description": "Oracle data warehouse", "id": "oracle-warehouse", "password": "Warehouse_Pass789!", "tags": "warehouse,oracle,reporting", "textSecret": "oracle-warehouse-connection", "user": "warehouse_user"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateDatabaseConnectionExamplesOracleWithCredentialsSecrets: + parameters: + path: + id: "" + requestBody: + application/json: {"authType": "secrets", "connectionTimeout": 15000, "credsSecrets": "oracle-secure-credentials", "databaseType": "oracle", "description": "High-security Oracle database with credential secrets", "id": "oracle-secure-db", "tags": "secure,oracle,sensitive-data", "textSecret": "oracle-secure-connection"} + responses: + "200": + application/json: {} + "500": + application/json: {} + deleteInputPqById: + speakeasy-default-delete-input-pq-by-id: + parameters: + path: + id: "" + responses: + "201": + application/json: {} + "500": + application/json: {} + getInputPqById: + speakeasy-default-get-input-pq-by-id: + parameters: + path: + id: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + getInputStatusById: + speakeasy-default-get-input-status-by-id: + parameters: + path: + id: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + getInputStatus: + speakeasy-default-get-input-status: + responses: + "200": + application/json: {} + "500": + application/json: {} + getInputSystemByPack: + speakeasy-default-get-input-system-by-pack: + parameters: + path: + pack: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + createInputSystemByPack: + InputCreateExamplesAppscope: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "appscope-source", "type": "appscope", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 9109} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesAzureBlob: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "azure-blob-source", "type": "azure_blob", "sendToRoutes": true, "pqEnabled": false, "queueName": "azure-blob-queue"} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesCloudflareHec: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "clone-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that creates cloned events with additional fields for comparison or routing", "streamtags": [], "functions": [{"filter": "true", "id": "clone", "description": "confiscate positively until plus bar wherever", "disabled": false, "final": false, "conf": {"clones": [{"env": "staging"}, {"index": "clones"}]}, "groupId": ""}], "groups": {}}} + application/json: {"id": "cloudflare-hec-source", "type": "cloudflare_hec", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8088, "hecAPI": "/services/collector"} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesComment: + application/json: {} + InputCreateExamplesConfluentCloud: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "confluent-cloud-source", "type": "confluent_cloud", "sendToRoutes": true, "pqEnabled": false, "brokers": ["pkc-xxxxx.us-east-1.aws.confluent.cloud:9092"], "topics": ["logs"]} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesCollection: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "collection-source", "type": "collection", "sendToRoutes": true, "pqEnabled": false} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesCriblHttp: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "cribl-http-source", "type": "cribl_http", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesCriblLakeHttp: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "cribl-lake-http-source", "type": "cribl_lake_http", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesCriblTcp: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "cribl-tcp-source", "type": "cribl_tcp", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10090} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesCrowdstrike: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "crowdstrike-source", "type": "crowdstrike", "sendToRoutes": true, "pqEnabled": false, "queueName": "crowdstrike-queue", "region": "us-east-1"} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesDatadogAgent: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "datadog-agent-source", "type": "datadog_agent", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8126} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesDatagen: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "datagen-source", "type": "datagen", "sendToRoutes": true, "pqEnabled": false, "samples": [{"sample": "sample.json", "eventsPerSec": 10}]} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesEdgePrometheus: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "edge-prometheus-source", "type": "edge_prometheus", "sendToRoutes": true, "pqEnabled": false, "discoveryType": "static", "interval": 60, "targets": [{"host": "localhost"}]} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesElastic: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "elastic-source", "type": "elastic", "sendToRoutes": true, "pqEnabled": false, "host": "localhost", "port": 9200, "elasticAPI": "/"} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesEventhub: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "eventhub-source", "type": "eventhub", "sendToRoutes": true, "pqEnabled": false, "brokers": ["myeventhub.servicebus.windows.net:9093"], "topics": ["logs"]} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesExec: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "exec-source", "type": "exec", "sendToRoutes": true, "pqEnabled": false, "command": "echo \"Hello World\"", "interval": 60} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesFile: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "file-source", "type": "file", "sendToRoutes": true, "pqEnabled": false, "mode": "manual"} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesFirehose: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "firehose-source", "type": "firehose", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesGrafana: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "grafana-source", "type": "grafana", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080, "prometheusAPI": "/api/prom/push"} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesGooglePubsub: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "google-pubsub-source", "type": "google_pubsub", "sendToRoutes": true, "pqEnabled": false, "topicName": "my-topic", "subscriptionName": "my-subscription"} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesHttp: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "http-source", "type": "http", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesHttpRaw: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "http-raw-source", "type": "http_raw", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesJournalFiles: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "journal-files-source", "type": "journal_files", "sendToRoutes": true, "pqEnabled": false, "path": "/var/log/journal", "journals": ["system"]} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesKafka: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "kafka-source", "type": "kafka", "sendToRoutes": true, "pqEnabled": false, "brokers": ["localhost:9092"], "topics": ["logs"]} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesKinesis: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "kinesis-source", "type": "kinesis", "sendToRoutes": true, "pqEnabled": false, "streamName": "my-stream", "region": "us-east-1"} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesKubeEvents: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "kube-events-source", "type": "kube_events", "sendToRoutes": true, "pqEnabled": false} + responses: + "200": + application/json: {} + "500": + application/json: {} + InputCreateExamplesKubeLogs: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "comment-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline with comment function for documentation", "streamtags": [], "functions": [{"filter": "true", "id": "comment", "description": "magnificent ew scram tight", "disabled": true, "final": false, "conf": {"comment": "This function processes security events and enriches them with DNS lookups"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "kube-logs-source", "type": "kube_logs", "sendToRoutes": true, "pqEnabled": false} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesDNSLookup: + application/json: {} + InputCreateExamplesKubeMetrics: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "dns-lookup-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that performs DNS lookups to resolve hostnames and IP addresses", "streamtags": [], "functions": [{"filter": "true", "id": "dns_lookup", "description": "aha entice artistic meh oof", "disabled": false, "final": false, "conf": {"dnsLookupFields": [{"inFieldName": "hostname", "resourceRecordType": "A", "outFieldName": "hostname_ip"}], "reverseLookupFields": [{"inFieldName": "src_ip", "outFieldName": "src_hostname"}], "dnsServers": ["", "", ""], "cacheTTL": 30, "maxCacheSize": 5000, "useResolvConf": false, "lookupFallback": false, "domainOverrides": [""], "lookupFailLogLevel": "error"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "kube-metrics-source", "type": "kube_metrics", "sendToRoutes": true, "pqEnabled": false} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesDrop: + application/json: {} + InputCreateExamplesLoki: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "drop-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that drops events containing success messages", "streamtags": [], "functions": [{"filter": "_raw.search(/success/i)>=0", "id": "drop", "description": "mid mockingly gah electronics sate", "disabled": false, "final": true, "conf": {}, "groupId": ""}], "groups": {}}} + application/json: {"id": "loki-source", "type": "loki", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080, "lokiAPI": "/loki/api/v1/push"} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesDropDimensions: + application/json: {} + InputCreateExamplesMetrics: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "drop-dimensions-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that drops specified dimensions from metrics to reduce cardinality", "streamtags": [], "functions": [{"filter": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) && (__criblMetrics[0].dims.includes(\"proc\"))", "id": "drop_dimensions", "description": "sympathetically perfectly quarrelsomely excluding", "disabled": true, "final": false, "conf": {"timeWindow": "10s", "dropDimensions": ["proc", "pie", "unit"], "flushOnInputClose": true}, "groupId": ""}], "groups": {}}} + application/json: {"id": "metrics-source", "type": "metrics", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "udpPort": 8125} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesDynamicSampling: + application/json: {} + InputCreateExamplesModelDrivenTelemetry: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "dynamic-sampling-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that dynamically samples events based on volume using square root mode", "streamtags": [], "functions": [{"filter": "true", "id": "dynamic_sampling", "description": "likewise apropos by whoever unkempt ugh wherever", "disabled": false, "final": true, "conf": {"mode": "sqrt", "keyExpr": "`${domain}:${httpCode}`", "samplePeriod": 20, "minEvents": 3, "maxSampleRate": 3}, "groupId": ""}], "groups": {}}} + application/json: {"id": "mdt-source", "type": "model_driven_telemetry", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 57000} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesEval: + application/json: {} + InputCreateExamplesMsk: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "eval-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that evaluates JavaScript expressions to add, modify, and remove fields", "streamtags": [], "functions": [{"filter": "true", "id": "eval", "description": "thread circa gah beside attest misappropriate humiliating", "disabled": false, "final": true, "conf": {"add": [{"name": "action", "value": "login == 'error' ? 'blocked' : action", "disabled": false}, {"name": "myTags", "value": "login == 'error' ? [...myTags, 'error'] : myTags", "disabled": false}], "keep": ["host", "source", "action", "myTags"], "remove": ["identification"]}, "groupId": ""}], "groups": {}}} + application/json: {"id": "msk-source", "type": "msk", "sendToRoutes": true, "pqEnabled": false, "brokers": ["b-1.example.xxxxx.c2.kafka.us-east-1.amazonaws.com:9092"], "topics": ["logs"], "awsAuthenticationMethod": "auto", "region": "us-east-1"} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesEventBreaker: + application/json: {} + InputCreateExamplesNetflow: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "event-breaker-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that breaks large event streams into discrete events using regex", "streamtags": [], "functions": [{"filter": "true", "id": "event_breaker", "description": "upbeat powerfully camouflage upbeat spirit violently premier tricky bowler", "disabled": true, "final": true, "conf": {"existingOrNew": "new", "shouldMarkCriblBreaker": true}, "groupId": ""}], "groups": {}}} + application/json: {"id": "netflow-source", "type": "netflow", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 2055} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesFlatten: + application/json: {} + InputCreateExamplesOffice365Mgmt: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "flatten-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that flattens nested JSON structures into top-level fields", "streamtags": [], "functions": [{"filter": "true", "id": "flatten", "description": "zebra busily woot alongside fess", "disabled": false, "final": false, "conf": {"fields": [], "prefix": "", "depth": 5, "delimiter": "_"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "office365-mgmt-source", "type": "office365_mgmt", "sendToRoutes": true, "pqEnabled": false, "planType": "enterprise_gcc", "tenantId": "tenant-id", "appId": "app-id"} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesFoldKeys: + application/json: {} + InputCreateExamplesMicrosoftGraph: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "fold-keys-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that transforms flat field names with separators into nested structures", "streamtags": [], "functions": [{"filter": "true", "id": "foldkeys", "description": "rudely worthwhile cross everlasting ghost freezing majority duffel loftily abaft", "disabled": false, "final": true, "conf": {"deleteOriginal": true, "separator": "_", "selectionRegExp": "^data"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "microsoft-graph-source", "type": "microsoft_graph", "sendToRoutes": true, "pqEnabled": false, "url": "https://graph.microsoft.com/v1.0/admin/exchange/tracing/messageTraces", "interval": 15} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesGeoIP: + application/json: {} + InputCreateExamplesOffice365MsgTrace: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "geoip-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that enriches events with geolocation data from IP addresses", "streamtags": [], "functions": [{"filter": "true", "id": "geoip", "description": "decongestant substantiate soon er finally pfft override knottily", "disabled": true, "final": true, "conf": {"file": "GeoLite2-City.mmdb", "inField": "ip", "outField": "geoip", "additionalFields": [{"extraInField": "src_ip", "extraOutField": "src_geoip"}], "outFieldMappings": {}}, "groupId": ""}], "groups": {}}} + application/json: {"id": "office365-msg-trace-source", "type": "office365_msg_trace", "sendToRoutes": true, "pqEnabled": false, "url": "https://reports.office365.com/ecp/reportingwebservice/reporting.svc/MessageTrace", "interval": 15} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesGrok: + application/json: {} + InputCreateExamplesOffice365Service: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "grok-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts structured fields from log data using Grok patterns", "streamtags": [], "functions": [{"filter": "true", "id": "grok", "description": "hopelessly viability morning monthly decisive onto strange", "disabled": true, "final": false, "conf": {"pattern": "%{TIMESTAMP_ISO8601:event_time} %{LOGLEVEL:log_level} %{GREEDYDATA:log_message}", "patternList": [], "source": "_raw"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "office365-service-source", "type": "office365_service", "sendToRoutes": true, "pqEnabled": false, "tenantId": "tenant-id", "appId": "app-id"} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesGuard: + application/json: {} + InputCreateExamplesOpenAI: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "guard-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that scans for sensitive data and applies mitigation expressions", "streamtags": [], "functions": [{"filter": "true", "id": "sensitive_data_scanner", "description": "judgementally while why", "disabled": true, "final": false, "conf": {"rules": [{"rulesetId": "Finance_Global", "replaceExpr": "'REDACTED'", "disabled": false}], "fields": ["_raw"], "excludeFields": [], "flags": [{"name": "_sensitive", "value": "true"}], "includeDetectedRules": true, "backgroundDetection": true}, "groupId": ""}], "groups": {}}} + application/json: {"id": "openai-source", "type": "openai", "sendToRoutes": true, "pqEnabled": false, "contentConfig": [{"disabled": false, "requestParams": [{"name": "effective_at[gt]", "value": "`${Math.round(Date.now()/1000 - 3600)}`"}, {"name": "limit", "value": "100"}], "paginationType": "response_body", "paginationAttribute": ["last_id"], "paginationLastPageExpr": "has_more === false", "cronSchedule": "0 * * * *", "earliest": "-1h", "latest": "now"}], "textSecret": "openai-api-key-secret"} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesJSONUnroll: + application/json: {} + InputCreateExamplesOpenTelemetry: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "json-unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls JSON arrays into individual events while retaining parent fields", "streamtags": [], "functions": [{"filter": "true", "id": "json_unroll", "description": "unbearably boo regarding", "disabled": false, "final": false, "conf": {"path": "allCars", "name": "cars"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "otel-source", "type": "open_telemetry", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 4317} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesLookup: + application/json: {} + InputCreateExamplesPrometheus: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "lookup-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that enriches events with location data from IP address lookups", "streamtags": [], "functions": [{"filter": "true", "id": "lookup", "description": "ouch who phooey bookcase elegantly why now alive", "disabled": true, "final": false, "conf": {"file": "ip_locations.csv", "dbLookup": false, "matchMode": "exact", "matchType": "", "reloadPeriodSec": -1, "inFields": [{"eventField": "destination_ip", "lookupField": "ip"}], "outFields": [{"lookupField": "location", "eventField": "location", "defaultValue": "Unknown"}], "addToEvent": false, "ignoreCase": false}, "groupId": ""}], "groups": {}}} + application/json: {"id": "prometheus-source", "type": "prometheus", "sendToRoutes": true, "pqEnabled": false, "discoveryType": "static", "interval": 60, "logLevel": "info", "targetList": ["http://localhost:9090/metrics"]} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesMask: + application/json: {} + InputCreateExamplesPrometheusRw: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "mask-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that masks Social Security numbers and other sensitive data", "streamtags": [], "functions": [{"filter": "true", "id": "mask", "description": "from handle for", "disabled": true, "final": false, "conf": {"rules": [{"matchRegex": "/(social=)(\\d+)/", "replaceExpr": "`${g1}${C.Mask.md5(g2)}`", "disabled": false}], "fields": ["_raw"], "depth": 5, "flags": [{"name": "", "value": ""}]}, "groupId": ""}], "groups": {}}} + application/json: {"id": "prometheus-rw-source", "type": "prometheus_rw", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080, "prometheusAPI": "/write"} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesNumerify: + application/json: {} + InputCreateExamplesRawUdp: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "numerify-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that converts string numbers to numeric type for mathematical operations", "streamtags": [], "functions": [{"filter": "true", "id": "numerify", "description": "relieve whose fixed provided mechanically pfft powerfully embarrassment", "disabled": false, "final": true, "conf": {"depth": 5, "ignoreFields": [], "filterExpr": "", "format": "none"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "raw-udp-source", "type": "raw_udp", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 514} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesOTLPLogs: + application/json: {} + InputCreateExamplesS3: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "otlp-logs-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that normalizes and batches OTLP log events from OpenTelemetry sources", "streamtags": [], "functions": [{"filter": "__inputId=='open_telemetry:open_telemetry'", "id": "otlp_logs", "description": "stuff catalyst close mortally down", "disabled": true, "final": false, "conf": {"dropNonLogEvents": false, "batchOTLPLogs": true}, "groupId": ""}], "groups": {}}} + application/json: {"id": "s3-source", "type": "s3", "sendToRoutes": true, "pqEnabled": false, "queueName": "s3-notifications-queue", "region": "us-east-1"} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesOTLPMetrics: + application/json: {} + InputCreateExamplesS3Inventory: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "otlp-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that converts dimensional metrics to OTLP format and batches them by resource attributes", "streamtags": [], "functions": [{"filter": "__inputId=='prometheus_rw:prom_rw_in'", "id": "otlp_metrics", "description": "interestingly towards bowler now keenly", "disabled": false, "final": false, "conf": {"resourceAttributePrefixes": ["service", "system", "telemetry", "k8s", "cloud", "host", "process"], "dropNonMetricEvents": false, "otlpVersion": "0.10.0", "batchOTLPMetrics": true}, "groupId": ""}], "groups": {}}} + application/json: {"id": "s3-inventory-source", "type": "s3_inventory", "sendToRoutes": true, "pqEnabled": false, "queueName": "s3-inventory-queue", "region": "us-east-1"} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesOTLPTraces: + application/json: {} + InputCreateExamplesSecurityLake: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "otlp-traces-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that normalizes and batches OTLP trace events from OpenTelemetry sources", "streamtags": [], "functions": [{"filter": "__inputId=='open_telemetry:open_telemetry'", "id": "otlp_traces", "description": "rectangular lest great hollow", "disabled": false, "final": true, "conf": {"dropNonTraceEvents": false, "otlpVersion": "0.10.0", "batchOTLPTraces": true}, "groupId": ""}], "groups": {}}} + application/json: {"id": "security-lake-source", "type": "security_lake", "sendToRoutes": true, "pqEnabled": false, "queueName": "security-lake-queue", "region": "us-east-1"} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesParser: + application/json: {} + InputCreateExamplesSnmp: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "parser-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts fields from key-value pair formatted data", "streamtags": [], "functions": [{"filter": "true", "id": "serde", "description": "pish rudely colorfully around overdue ouch uh-huh gadzooks motor if", "disabled": true, "final": false, "conf": {"mode": "extract", "type": "kvp", "delimChar": "", "quoteChar": "", "escapeChar": "", "nullValue": "", "srcField": "_raw", "dstField": "", "cleanFields": false}, "groupId": ""}], "groups": {}}} + application/json: {"id": "snmp-source", "type": "snmp", "sendToRoutes": true, "pqEnabled": false, "host": "192.168.1.1", "port": 161} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesPublishMetrics: + application/json: {} + InputCreateExamplesSplunk: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "publish-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts metrics from events and formats them for metrics aggregation platforms", "streamtags": [], "functions": [{"filter": "true", "id": "publish_metrics", "description": "transcend yahoo creative till thoughtfully upside-down cap amongst", "disabled": true, "final": true, "conf": {"fields": [{"inFieldName": "bytes", "outFieldExpr": "'metric_name.bytes'", "metricType": "gauge"}, {"inFieldName": "packets", "outFieldExpr": "'metric_name.packets'", "metricType": "gauge"}], "overwrite": false, "dimensions": ["action", "interface_id", "dstaddr"], "removeMetrics": [], "removeDimensions": []}, "groupId": ""}], "groups": {}}} + application/json: {"id": "splunk-source", "type": "splunk", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 9997} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesRedis: + application/json: {} + InputCreateExamplesSplunkHec: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "redis-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that retrieves values from Redis using GET command", "streamtags": [], "functions": [{"filter": "true", "id": "redis", "description": "gut valiantly step-mother political outrun likewise", "disabled": false, "final": false, "conf": {"commands": [{"outField": "cached_value", "command": "get", "keyExpr": "'user_session'", "argsExpr": ""}], "deploymentType": "standalone", "authType": "none", "maxBlockSecs": 60, "enableClientSideCaching": false}, "groupId": ""}], "groups": {}}} + application/json: {"id": "splunk-hec-source", "type": "splunk_hec", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8088, "splunkHecAPI": "/services/collector"} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesRegexExtract: + application/json: {} + InputCreateExamplesSplunkSearch: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "regex-extract-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts structured fields from log data using regex patterns with named capture groups", "streamtags": [], "functions": [{"filter": "true", "id": "regex_extract", "description": "against next mmm", "disabled": false, "final": true, "conf": {"regex": "/metric1=(?\\d+)/", "regexList": [{"regex": ""}], "source": "_raw", "iterations": 100, "fieldNameExpression": "", "overwrite": false}, "groupId": ""}], "groups": {}}} + application/json: {"id": "splunk-search-source", "type": "splunk_search", "sendToRoutes": true, "pqEnabled": false, "searchHead": "https://localhost:8089", "search": "index=main", "cronSchedule": "*/15 * * * *", "endpoint": "/services/search/v2/jobs/export", "outputMode": "json", "authType": "basic"} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesRegexFilter: + application/json: {} + InputCreateExamplesSqs: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "regex-filter-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that filters out events matching specific regex patterns", "streamtags": [], "functions": [{"filter": "true", "id": "regex_filter", "description": "extroverted certify fatally flawless", "disabled": false, "final": true, "conf": {"regex": "/Opera/", "regexList": [{"regex": ""}], "field": "_raw"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "sqs-source", "type": "sqs", "sendToRoutes": true, "pqEnabled": false, "queueName": "my-queue", "queueType": "standard", "region": "us-east-1"} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesRename: + application/json: {} + InputCreateExamplesSyslog: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "rename-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that renames fields using key-value pairs and expressions", "streamtags": [], "functions": [{"filter": "true", "id": "rename", "description": "pish poorly but ham", "disabled": true, "final": true, "conf": {"baseFields": [], "rename": [{"currentName": "level", "newName": "LEVEL"}], "renameExpr": "name.startsWith('out') ? name.toUpperCase() : name", "wildcardDepth": 5}, "groupId": ""}], "groups": {}}} + application/json: {"id": "syslog-source", "type": "syslog", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "udpPort": 514} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesRollupMetrics: + application/json: {} + InputCreateExamplesSystemMetrics: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "rollup-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that consolidates high-frequency metrics into manageable time windows", "streamtags": [], "functions": [{"filter": "true", "id": "rollup_metrics", "description": "neatly how apostrophize", "disabled": true, "final": true, "conf": {"dimensions": ["*"], "timeWindow": "30s", "gaugeRollup": "last"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "system-metrics-source", "type": "system_metrics", "sendToRoutes": true, "pqEnabled": false} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesSampling: + application/json: {} + InputCreateExamplesSystemState: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "sampling-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that samples events at specified rates based on filter criteria", "streamtags": [], "functions": [{"filter": "true", "id": "sampling", "description": "amongst rewrite into damp late", "disabled": false, "final": true, "conf": {"rules": [{"filter": "__status == 200", "rate": 5}]}, "groupId": ""}], "groups": {}}} + application/json: {"id": "system-state-source", "type": "system_state", "sendToRoutes": true, "pqEnabled": false} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesSerialize: + application/json: {} + InputCreateExamplesTcp: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "serialize-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that serializes event fields into JSON format", "streamtags": [], "functions": [{"filter": "true", "id": "serialize", "description": "peony masterpiece gee rigidly muted now entwine shrilly ouch", "disabled": true, "final": true, "conf": {"type": "json", "delimChar": "", "quoteChar": "", "escapeChar": "", "nullValue": "", "fields": ["city", "state"], "srcField": "", "dstField": "_raw"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "tcp-source", "type": "tcp", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10090} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesSNMPTrapSerialize: + application/json: {} + InputCreateExamplesTcpjson: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "snmp-trap-serialize-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that serializes events into SNMP trap format for SNMP trap destinations", "streamtags": [], "functions": [{"filter": "true", "id": "snmp_trap_serialize", "description": "steel ack colorfully vivid chilly cook suspiciously rich equal", "disabled": true, "final": true, "conf": {"strict": true, "dropFailedEvents": true, "v3User": {"name": "", "authProtocol": "sha256", "authKey": "", "privProtocol": ""}}, "groupId": ""}], "groups": {}}} + application/json: {"id": "tcpjson-source", "type": "tcpjson", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10090} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesSuppress: + application/json: {} + InputCreateExamplesWef: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "suppress-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that suppresses duplicate events based on a key expression", "streamtags": [], "functions": [{"filter": "true", "id": "suppress", "description": "clean nucleotidase spectacles plus whenever blah whereas reiterate optimistically", "disabled": false, "final": false, "conf": {"keyExpr": "`${ip}:${port}`", "allow": 1, "suppressPeriodSec": 30, "dropEventsMode": true, "maxCacheSize": 50000, "cacheIdleTimeoutPeriods": 2, "numEventsIdleTimeoutTrigger": 10000}, "groupId": ""}], "groups": {}}} + application/json: {"id": "wef-source", "type": "wef", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 5985, "subscriptions": [{"subscriptionName": "subscription-1", "contentFormat": "RenderedText", "heartbeatInterval": 60, "batchTimeout": 5, "targets": []}]} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesTee: + application/json: {} + InputCreateExamplesWinEventLogs: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "tee-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that sends events to a command via stdin for debugging purposes", "streamtags": [], "functions": [{"filter": "true", "id": "tee", "description": "aw mid taxicab dandelion ah mundane hmph whispered", "disabled": false, "final": true, "conf": {"command": "tee", "args": ["/opt/cribl/foo.log"], "restartOnExit": true, "env": {}}, "groupId": ""}], "groups": {}}} + application/json: {"id": "win-event-logs-source", "type": "win_event_logs", "sendToRoutes": true, "pqEnabled": false, "logNames": ["Application", "System"]} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesUnroll: + application/json: {} + InputCreateExamplesWindowsMetrics: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls array fields into separate events", "streamtags": [], "functions": [{"filter": "true", "id": "unroll", "description": "second possible above tag what", "disabled": true, "final": true, "conf": {"srcExpr": "_raw.split(/\\n/)", "dstField": "_raw"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "windows-metrics-source", "type": "windows_metrics", "sendToRoutes": true, "pqEnabled": false} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesXMLUnroll: + application/json: {} + InputCreateExamplesWiz: + parameters: + path: + pack: "" requestBody: - application/json: {"id": "xml-unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls XML elements into separate events", "streamtags": [], "functions": [{"filter": "true", "id": "xml_unroll", "description": "within limply describe eek questioningly anesthetize who wear", "disabled": false, "final": false, "conf": {"unroll": "^Parent\\.Child$", "inherit": "^Parent\\.(myID|branchLocation)$", "unrollIdxField": "unroll_idx", "pretty": false}, "groupId": ""}], "groups": {}}} + application/json: {"id": "wiz-source", "type": "wiz", "sendToRoutes": true, "pqEnabled": false, "endpoint": "https://api.wiz.io", "authUrl": "https://auth.wiz.io/oauth/token", "clientId": "client-id", "contentConfig": []} responses: "200": - application/json: {"count": 905091, "items": [{"id": "", "conf": {"asyncFuncTimeout": 95850, "output": "", "description": "whoever that how thunderbolt apropos ah if react", "streamtags": ["", ""], "functions": [{"filter": "", "id": "dynamic_sampling", "description": "longboat nor cautiously phew hypothesise times meanwhile though fly", "disabled": true, "final": false, "conf": {"mode": "log", "keyExpr": "", "samplePeriod": 4293.07, "minEvents": 1510.96, "maxSampleRate": 1355.87}, "groupId": ""}], "groups": {"key": {"name": "", "description": "as order tidy but before heroine woot", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - getPipelineById: - speakeasy-default-get-pipeline-by-id: + application/json: {} + InputCreateExamplesWizWebhook: parameters: path: - id: "" + pack: "" + requestBody: + application/json: {"id": "wiz-webhook-source", "type": "wiz_webhook", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} responses: "200": - application/json: {"count": 558482, "items": [{"id": "", "conf": {"asyncFuncTimeout": 375182, "output": "default", "description": "except within well-documented finding which deeply", "streamtags": ["", "", ""], "functions": [{"filter": "", "id": "numerify", "description": "digit daughter scaly overconfidently brr from", "disabled": true, "final": false, "conf": {"depth": 15792, "ignoreFields": ["", "", ""], "filterExpr": "", "format": "fix"}, "groupId": ""}], "groups": {"key": {"name": "", "description": "know now hairy about than", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - updatePipelineById: - speakeasy-default-update-pipeline-by-id: + application/json: {} + InputCreateExamplesZscalerHec: parameters: path: - id: "" + pack: "" requestBody: - application/json: {"id": "", "conf": {"asyncFuncTimeout": 430119, "output": "default", "description": "reflecting for productive extroverted instead upwardly", "streamtags": [""], "functions": [{"filter": "", "id": "snmp_trap_serialize", "description": "woefully phew during dress grandson reckon", "disabled": true, "final": false, "conf": {"strict": true, "dropFailedEvents": false, "v3User": {"name": "", "authProtocol": "md5", "authKey": "", "privProtocol": ""}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "definitive ew but busily freely scaly indeed", "disabled": true}}}} + application/json: {"id": "zscaler-hec-source", "type": "zscaler_hec", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8088, "hecAPI": "/services/collector"} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesEmpty: + application/json: {} + speakeasy-default-create-input-system-by-pack: parameters: path: - id: "" + pack: "" requestBody: - application/json: {"id": "empty-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "", "streamtags": [], "functions": [], "groups": {}}} + application/json: {"id": "", "type": "sqs", "queueName": "", "queueType": "fifo"} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesAggregations: + application/json: {} + InputCreateExamplesAnthropicCompliance: parameters: path: - id: "" + pack: "" requestBody: - application/json: {"id": "aggregation-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that aggregates rejected bytes grouped by source address every 10 seconds", "streamtags": [], "functions": [{"filter": "true", "id": "aggregation", "description": "ick whenever pinstripe indeed scope into wide-eyed", "disabled": false, "final": false, "conf": {"passthrough": false, "preserveGroupBys": false, "sufficientStatsOnly": false, "metricsMode": false, "prefix": "", "timeWindow": "10s", "aggregations": ["sum(bytes).where(action==\"REJECT\").as(TotalBytes)"], "groupbys": ["srcaddr"], "flushEventLimit": 6263.18, "flushMemLimit": "", "cumulative": false, "searchAggMode": "", "add": [{"name": "", "value": ""}], "shouldTreatDotsAsLiterals": false, "flushOnInputClose": true}, "groupId": ""}], "groups": {}}} + application/json: {"id": "anthropic-compliance-source", "type": "anthropic_compliance", "sendToRoutes": true, "pqEnabled": false, "textSecret": "anthropic-api-key-secret", "contentConfig": [{"contentType": "activities", "contentDescription": "Compliance Activities", "enabled": true, "stateTracking": true, "stateUpdateExpression": "__timestampExtracted !== false && {latestTime: (state.latestTime || 0) > _time ? state.latestTime : _time}", "stateMergeExpression": "prevState.latestTime > newState.latestTime ? prevState : newState", "cronSchedule": "*/5 * * * *", "earliest": "-7d@d", "latest": "now", "jobTimeout": "300"}]} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesAggregateMetrics: + application/json: {} + InputCreateExamplesAppleUnifiedLogs: parameters: path: - id: "" + pack: "" requestBody: - application/json: {"id": "aggregate-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that aggregates process metrics: CPU, memory, and bytes over time windows", "streamtags": [], "functions": [{"filter": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) || (_metric == 'proc.mem_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.mem_perc'\")) || (_metric == 'proc.bytes_in' || __criblMetrics[0].nameExpr.includes(\"'proc.bytes_in'\"))", "id": "aggregate_metrics", "description": "however unless tangible pine", "disabled": true, "final": false, "conf": {"passthrough": false, "preserveGroupBys": false, "sufficientStatsOnly": false, "prefix": "", "timeWindow": "10s", "aggregations": [{"metricType": "gauge", "agg": "avg(_value || proc.cpu_perc).as(proc.cpu_perc_avg)"}, {"metricType": "gauge", "agg": "sum(_value || proc.mem_perc).as(proc.mem_perc_sum)"}, {"metricType": "counter", "agg": "count(_value || proc.bytes_in).as(proc.bytes_in_count)"}], "groupbys": ["proc"], "flushEventLimit": 6008.27, "flushMemLimit": "", "cumulative": false, "shouldTreatDotsAsLiterals": true, "add": [{"name": "", "value": ""}], "flushOnInputClose": true}, "groupId": ""}], "groups": {}}} + application/json: {"id": "apple-unified-logs-source", "type": "apple_unified_logs", "sendToRoutes": true, "pqEnabled": false, "predicate": "subsystem == \"com.apple.security\""} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesAutoTimestamp: + application/json: {} + InputCreateExamplesEventhubAmqp: parameters: path: - id: "" + pack: "" requestBody: - application/json: {"id": "auto-timestamp-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts timestamps from event data using auto timestamp function", "streamtags": [], "functions": [{"filter": "true", "id": "auto_timestamp", "description": "what defiantly switch aha where slake but lighthearted", "disabled": false, "final": false, "conf": {"srcField": "_raw", "dstField": "_time", "defaultTimezone": "local", "timeExpression": "time.getTime() / 1000", "offset": 0, "maxLen": 150, "defaultTime": "now", "latestDateAllowed": "+1week", "spacer": "", "earliestDateAllowed": "-420weeks", "timestamps": [{"regex": "/(\\d{1,2}\\/\\d{2}\\/\\d{4}\\s\\d{1,2}:\\d{2}:\\d{2}\\s\\w{2})/", "strptime": "%Y-%m-%d %H:%M:%S"}]}, "groupId": ""}], "groups": {}}} + application/json: {"id": "eventhub-amqp-source", "type": "eventhub_amqp", "sendToRoutes": true, "pqEnabled": false, "eventHubName": "my-event-hub", "consumerGroup": "$Default", "checkpointing": {"blobStore": {"containerName": "my-container"}}} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesCEFSerializer: + application/json: {} + InputCreateExamplesOkta: parameters: path: - id: "" + pack: "" requestBody: - application/json: {"id": "cef-serializer-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that formats events in CEF format with custom header and extension fields", "streamtags": [], "functions": [{"filter": "true", "id": "cef", "description": "ah endow whoever notwithstanding now mmm homely scorn", "disabled": false, "final": false, "conf": {"outputField": "_raw", "header": [{"value": "'CEF:0'"}, {"value": "'Cribl'"}, {"value": "'Cribl'"}, {"value": "C.version"}, {"value": "420"}, {"value": "'Cribl Event'"}, {"value": "6"}], "extension": [{"name": "c6a1Label", "value": "'Colorado_Ext_Bldg7'"}]}, "groupId": ""}], "groups": {}}} + application/json: {"id": "okta-source", "type": "okta", "sendToRoutes": true, "pqEnabled": false, "oktaDomain": "your-org", "textSecret": "okta-api-token-secret", "cronSchedule": "*/5 * * * *", "earliest": "-7d@d", "latest": "now"} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesChain: + application/json: {} + InputCreateExamplesOpenAIComplianceLogs: parameters: path: - id: "" + pack: "" requestBody: - application/json: {"id": "chain-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that chains to another pipeline for sequential data processing", "streamtags": [], "functions": [{"filter": "true", "id": "chain", "description": "into jaggedly truly", "disabled": true, "final": false, "conf": {"processor": "prometheus_metrics"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "openai-compliance-logs-source", "type": "openai_compliance_logs", "sendToRoutes": true, "pqEnabled": false, "textSecret": "openai-api-key-secret", "accountType": "workspace", "cronSchedule": "*/15 * * * *", "earliest": "-1h", "latest": "now", "workspaceId": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee", "workspaceEventTypes": ["AUDIT_LOG", "AUTH_LOG"]} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesClone: + application/json: {} + InputCreateExamplesServiceNowTable: parameters: path: - id: "" + pack: "" requestBody: - application/json: {"id": "clone-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that creates cloned events with additional fields for comparison or routing", "streamtags": [], "functions": [{"filter": "true", "id": "clone", "description": "self-assured meaningfully phooey consequently offset woot abnormally", "disabled": true, "final": false, "conf": {"clones": [{"env": "staging"}, {"index": "clones"}]}, "groupId": ""}], "groups": {}}} + application/json: {"id": "servicenow-table-source", "type": "servicenow_table", "sendToRoutes": true, "pqEnabled": false, "instance": "https://example.service-now.com", "tableName": "incident", "fields": ["sys_id", "number", "short_description"], "pageSize": 10000, "cronSchedule": "0 * * * *", "earliest": "-1d", "latest": "now"} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesComment: + application/json: {} + getInputSystemByPackAndId: + speakeasy-default-get-input-system-by-pack-and-id: parameters: path: - id: "" - requestBody: - application/json: {"id": "comment-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline with comment function for documentation", "streamtags": [], "functions": [{"filter": "true", "id": "comment", "description": "lend however blindly sugary into except selfishly", "disabled": false, "final": false, "conf": {"comment": "This function processes security events and enriches them with DNS lookups"}, "groupId": ""}], "groups": {}}} + id: "" + pack: "" responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesDNSLookup: + application/json: {} + updateInputSystemByPackAndId: + InputCreateExamplesAppscope: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "dns-lookup-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that performs DNS lookups to resolve hostnames and IP addresses", "streamtags": [], "functions": [{"filter": "true", "id": "dns_lookup", "description": "psst penalise couch lest mid yowza versus chime until near", "disabled": false, "final": true, "conf": {"dnsLookupFields": [{"inFieldName": "hostname", "resourceRecordType": "A", "outFieldName": "hostname_ip"}], "reverseLookupFields": [{"inFieldName": "src_ip", "outFieldName": "src_hostname"}], "dnsServers": ["", ""], "cacheTTL": 30, "maxCacheSize": 5000, "useResolvConf": false, "lookupFallback": false, "domainOverrides": [""], "lookupFailLogLevel": "error"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "appscope-source", "type": "appscope", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 9109} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesDrop: + application/json: {} + InputCreateExamplesAzureBlob: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "drop-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that drops events containing success messages", "streamtags": [], "functions": [{"filter": "_raw.search(/success/i)>=0", "id": "drop", "description": "briefly equatorial ha", "disabled": false, "final": true, "conf": {}, "groupId": ""}], "groups": {}}} + application/json: {"id": "azure-blob-source", "type": "azure_blob", "sendToRoutes": true, "pqEnabled": false, "queueName": "azure-blob-queue"} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesDropDimensions: + application/json: {} + InputCreateExamplesCloudflareHec: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "drop-dimensions-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that drops specified dimensions from metrics to reduce cardinality", "streamtags": [], "functions": [{"filter": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) && (__criblMetrics[0].dims.includes(\"proc\"))", "id": "drop_dimensions", "description": "overplay zowie so fat utilized bulky hence bashfully", "disabled": true, "final": false, "conf": {"timeWindow": "10s", "dropDimensions": ["proc", "pie", "unit"], "flushOnInputClose": true}, "groupId": ""}], "groups": {}}} + application/json: {"id": "cloudflare-hec-source", "type": "cloudflare_hec", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8088, "hecAPI": "/services/collector"} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesDynamicSampling: + application/json: {} + InputCreateExamplesConfluentCloud: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "dynamic-sampling-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that dynamically samples events based on volume using square root mode", "streamtags": [], "functions": [{"filter": "true", "id": "dynamic_sampling", "description": "fooey although circa oof veg nor till likewise", "disabled": true, "final": true, "conf": {"mode": "sqrt", "keyExpr": "`${domain}:${httpCode}`", "samplePeriod": 20, "minEvents": 3, "maxSampleRate": 3}, "groupId": ""}], "groups": {}}} + application/json: {"id": "confluent-cloud-source", "type": "confluent_cloud", "sendToRoutes": true, "pqEnabled": false, "brokers": ["pkc-xxxxx.us-east-1.aws.confluent.cloud:9092"], "topics": ["logs"]} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} - "500": - application/json: {"message": ""} - PipelineExamplesEval: + application/json: {} + "500": + application/json: {} + InputCreateExamplesCollection: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "eval-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that evaluates JavaScript expressions to add, modify, and remove fields", "streamtags": [], "functions": [{"filter": "true", "id": "eval", "description": "yahoo gah athwart inasmuch circa overcook cricket seriously yippee now", "disabled": false, "final": true, "conf": {"add": [{"name": "action", "value": "login == 'error' ? 'blocked' : action", "disabled": true}, {"name": "myTags", "value": "login == 'error' ? [...myTags, 'error'] : myTags", "disabled": false}], "keep": ["host", "source", "action", "myTags"], "remove": ["identification"]}, "groupId": ""}], "groups": {}}} + application/json: {"id": "collection-source", "type": "collection", "sendToRoutes": true, "pqEnabled": false} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesEventBreaker: + application/json: {} + InputExamplesCribl: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "event-breaker-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that breaks large event streams into discrete events using regex", "streamtags": [], "functions": [{"filter": "true", "id": "event_breaker", "description": "refer coaxingly dental", "disabled": true, "final": false, "conf": {"existingOrNew": "new", "shouldMarkCriblBreaker": true}, "groupId": ""}], "groups": {}}} + application/json: {"id": "cribl-source", "type": "cribl", "sendToRoutes": true, "pqEnabled": false} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesFlatten: + application/json: {} + InputCreateExamplesCriblHttp: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "flatten-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that flattens nested JSON structures into top-level fields", "streamtags": [], "functions": [{"filter": "true", "id": "flatten", "description": "privilege among how round freezing untidy", "disabled": true, "final": true, "conf": {"fields": [], "prefix": "", "depth": 5, "delimiter": "_"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "cribl-http-source", "type": "cribl_http", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesFoldKeys: + application/json: {} + InputCreateExamplesCriblLakeHttp: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "fold-keys-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that transforms flat field names with separators into nested structures", "streamtags": [], "functions": [{"filter": "true", "id": "foldkeys", "description": "wherever atop modulo whenever incidentally wherever char upside-down numeracy gosh", "disabled": false, "final": false, "conf": {"deleteOriginal": true, "separator": "_", "selectionRegExp": "^data"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "cribl-lake-http-source", "type": "cribl_lake_http", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesGeoIP: + application/json: {} + InputExamplesCriblMetrics: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "geoip-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that enriches events with geolocation data from IP addresses", "streamtags": [], "functions": [{"filter": "true", "id": "geoip", "description": "hasty oh bah officially", "disabled": false, "final": false, "conf": {"file": "GeoLite2-City.mmdb", "inField": "ip", "outField": "geoip", "additionalFields": [{"extraInField": "src_ip", "extraOutField": "src_geoip"}], "outFieldMappings": {}}, "groupId": ""}], "groups": {}}} + application/json: {"id": "cribl-metrics-source", "type": "criblmetrics", "sendToRoutes": true, "pqEnabled": false} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesGrok: + application/json: {} + InputCreateExamplesCriblTcp: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "grok-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts structured fields from log data using Grok patterns", "streamtags": [], "functions": [{"filter": "true", "id": "grok", "description": "disposer gosh but chairperson foodstuffs excepting vanish as unlike planula", "disabled": true, "final": true, "conf": {"pattern": "%{TIMESTAMP_ISO8601:event_time} %{LOGLEVEL:log_level} %{GREEDYDATA:log_message}", "patternList": [], "source": "_raw"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "cribl-tcp-source", "type": "cribl_tcp", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10090} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesGuard: + application/json: {} + InputCreateExamplesCrowdstrike: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "guard-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that scans for sensitive data and applies mitigation expressions", "streamtags": [], "functions": [{"filter": "true", "id": "sensitive_data_scanner", "description": "outnumber lazily gah fondly crocodile off", "disabled": true, "final": false, "conf": {"rules": [{"rulesetId": "Finance_Global", "replaceExpr": "'REDACTED'", "disabled": false}], "fields": ["_raw"], "excludeFields": [], "flags": [{"name": "_sensitive", "value": "true"}], "includeDetectedRules": true, "backgroundDetection": true}, "groupId": ""}], "groups": {}}} + application/json: {"id": "crowdstrike-source", "type": "crowdstrike", "sendToRoutes": true, "pqEnabled": false, "queueName": "crowdstrike-queue", "region": "us-east-1"} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesJSONUnroll: + application/json: {} + InputCreateExamplesDatadogAgent: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "json-unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls JSON arrays into individual events while retaining parent fields", "streamtags": [], "functions": [{"filter": "true", "id": "json_unroll", "description": "sushi ack legitimize through transparency loftily", "disabled": true, "final": true, "conf": {"path": "allCars", "name": "cars"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "datadog-agent-source", "type": "datadog_agent", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8126} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesLookup: + application/json: {} + InputCreateExamplesDatagen: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "lookup-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that enriches events with location data from IP address lookups", "streamtags": [], "functions": [{"filter": "true", "id": "lookup", "description": "since communicate now whenever warped whose spice", "disabled": false, "final": true, "conf": {"file": "ip_locations.csv", "dbLookup": false, "matchMode": "exact", "matchType": "", "reloadPeriodSec": -1, "inFields": [{"eventField": "destination_ip", "lookupField": "ip"}], "outFields": [{"lookupField": "location", "eventField": "location", "defaultValue": "Unknown"}], "addToEvent": false, "ignoreCase": false}, "groupId": ""}], "groups": {}}} + application/json: {"id": "datagen-source", "type": "datagen", "sendToRoutes": true, "pqEnabled": false, "samples": [{"sample": "sample.json", "eventsPerSec": 10}]} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesMask: + application/json: {} + InputCreateExamplesEdgePrometheus: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "mask-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that masks Social Security numbers and other sensitive data", "streamtags": [], "functions": [{"filter": "true", "id": "mask", "description": "woot malfunction gnash whether athwart inasmuch", "disabled": false, "final": true, "conf": {"rules": [{"matchRegex": "/(social=)(\\d+)/", "replaceExpr": "`${g1}${C.Mask.md5(g2)}`", "disabled": false}], "fields": ["_raw"], "depth": 5, "flags": [{"name": "", "value": ""}]}, "groupId": ""}], "groups": {}}} + application/json: {"id": "edge-prometheus-source", "type": "edge_prometheus", "sendToRoutes": true, "pqEnabled": false, "discoveryType": "static", "interval": 60, "targets": [{"host": "localhost"}]} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesNumerify: + application/json: {} + InputCreateExamplesElastic: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "numerify-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that converts string numbers to numeric type for mathematical operations", "streamtags": [], "functions": [{"filter": "true", "id": "numerify", "description": "indeed greedy supposing", "disabled": false, "final": false, "conf": {"depth": 5, "ignoreFields": [], "filterExpr": "", "format": "none"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "elastic-source", "type": "elastic", "sendToRoutes": true, "pqEnabled": false, "host": "localhost", "port": 9200, "elasticAPI": "/"} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesOTLPLogs: + application/json: {} + InputCreateExamplesEventhub: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "otlp-logs-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that normalizes and batches OTLP log events from OpenTelemetry sources", "streamtags": [], "functions": [{"filter": "__inputId=='open_telemetry:open_telemetry'", "id": "otlp_logs", "description": "skyscraper er thankfully uh-huh rotating lest shoulder", "disabled": true, "final": true, "conf": {"dropNonLogEvents": false, "batchOTLPLogs": true}, "groupId": ""}], "groups": {}}} + application/json: {"id": "eventhub-source", "type": "eventhub", "sendToRoutes": true, "pqEnabled": false, "brokers": ["myeventhub.servicebus.windows.net:9093"], "topics": ["logs"]} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesOTLPMetrics: + application/json: {} + InputCreateExamplesExec: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "otlp-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that converts dimensional metrics to OTLP format and batches them by resource attributes", "streamtags": [], "functions": [{"filter": "__inputId=='prometheus_rw:prom_rw_in'", "id": "otlp_metrics", "description": "modulo mismatch enchanted", "disabled": false, "final": true, "conf": {"resourceAttributePrefixes": ["service", "system", "telemetry", "k8s", "cloud", "host", "process"], "dropNonMetricEvents": false, "otlpVersion": "0.10.0", "batchOTLPMetrics": true}, "groupId": ""}], "groups": {}}} + application/json: {"id": "exec-source", "type": "exec", "sendToRoutes": true, "pqEnabled": false, "command": "echo \"Hello World\"", "interval": 60} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesOTLPTraces: + application/json: {} + InputCreateExamplesFile: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "otlp-traces-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that normalizes and batches OTLP trace events from OpenTelemetry sources", "streamtags": [], "functions": [{"filter": "__inputId=='open_telemetry:open_telemetry'", "id": "otlp_traces", "description": "obstruct beyond suddenly", "disabled": false, "final": false, "conf": {"dropNonTraceEvents": false, "otlpVersion": "0.10.0", "batchOTLPTraces": true}, "groupId": ""}], "groups": {}}} + application/json: {"id": "file-source", "type": "file", "sendToRoutes": true, "pqEnabled": false, "mode": "manual"} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesParser: + application/json: {} + InputCreateExamplesFirehose: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "parser-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts fields from key-value pair formatted data", "streamtags": [], "functions": [{"filter": "true", "id": "serde", "description": "acidly sympathetically accept calmly sophisticated provided through oily perspire", "disabled": true, "final": false, "conf": {"mode": "extract", "type": "kvp", "delimChar": "", "quoteChar": "", "escapeChar": "", "nullValue": "", "srcField": "_raw", "dstField": "", "cleanFields": false}, "groupId": ""}], "groups": {}}} + application/json: {"id": "firehose-source", "type": "firehose", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesPublishMetrics: + application/json: {} + InputCreateExamplesGrafana: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "publish-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts metrics from events and formats them for metrics aggregation platforms", "streamtags": [], "functions": [{"filter": "true", "id": "publish_metrics", "description": "instead after mediocre tabulate cultivated", "disabled": true, "final": false, "conf": {"fields": [{"inFieldName": "bytes", "outFieldExpr": "'metric_name.bytes'", "metricType": "gauge"}, {"inFieldName": "packets", "outFieldExpr": "'metric_name.packets'", "metricType": "gauge"}], "overwrite": false, "dimensions": ["action", "interface_id", "dstaddr"], "removeMetrics": [], "removeDimensions": []}, "groupId": ""}], "groups": {}}} + application/json: {"id": "grafana-source", "type": "grafana", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080, "prometheusAPI": "/api/prom/push"} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesRedis: + application/json: {} + InputCreateExamplesGooglePubsub: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "redis-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that retrieves values from Redis using GET command", "streamtags": [], "functions": [{"filter": "true", "id": "redis", "description": "mummify yum whose before however er unfit intermesh reasoning", "disabled": false, "final": true, "conf": {"commands": [{"outField": "cached_value", "command": "get", "keyExpr": "'user_session'", "argsExpr": ""}], "deploymentType": "standalone", "authType": "none", "maxBlockSecs": 60, "enableClientSideCaching": false}, "groupId": ""}], "groups": {}}} + application/json: {"id": "google-pubsub-source", "type": "google_pubsub", "sendToRoutes": true, "pqEnabled": false, "topicName": "my-topic", "subscriptionName": "my-subscription"} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesRegexExtract: + application/json: {} + InputCreateExamplesHttp: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "regex-extract-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts structured fields from log data using regex patterns with named capture groups", "streamtags": [], "functions": [{"filter": "true", "id": "regex_extract", "description": "dependency huzzah gurn invite", "disabled": true, "final": true, "conf": {"regex": "/metric1=(?\\d+)/", "regexList": [{"regex": ""}], "source": "_raw", "iterations": 100, "fieldNameExpression": "", "overwrite": false}, "groupId": ""}], "groups": {}}} + application/json: {"id": "http-source", "type": "http", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesRegexFilter: + application/json: {} + InputCreateExamplesHttpRaw: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "regex-filter-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that filters out events matching specific regex patterns", "streamtags": [], "functions": [{"filter": "true", "id": "regex_filter", "description": "mmm once duh respray", "disabled": true, "final": false, "conf": {"regex": "/Opera/", "regexList": [{"regex": ""}], "field": "_raw"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "http-raw-source", "type": "http_raw", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesRename: + application/json: {} + InputCreateExamplesJournalFiles: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "rename-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that renames fields using key-value pairs and expressions", "streamtags": [], "functions": [{"filter": "true", "id": "rename", "description": "per chase suspiciously vary shimmering through unlearn gallery waft yet", "disabled": true, "final": true, "conf": {"baseFields": [], "rename": [{"currentName": "level", "newName": "LEVEL"}], "renameExpr": "name.startsWith('out') ? name.toUpperCase() : name", "wildcardDepth": 5}, "groupId": ""}], "groups": {}}} + application/json: {"id": "journal-files-source", "type": "journal_files", "sendToRoutes": true, "pqEnabled": false, "path": "/var/log/journal", "journals": ["system"]} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesRollupMetrics: + application/json: {} + InputCreateExamplesKafka: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "rollup-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that consolidates high-frequency metrics into manageable time windows", "streamtags": [], "functions": [{"filter": "true", "id": "rollup_metrics", "description": "bashfully whispered cheerfully stupendous dandelion hmph lest alongside perfection homely", "disabled": true, "final": true, "conf": {"dimensions": ["*"], "timeWindow": "30s", "gaugeRollup": "last"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "kafka-source", "type": "kafka", "sendToRoutes": true, "pqEnabled": false, "brokers": ["localhost:9092"], "topics": ["logs"]} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesSampling: + application/json: {} + InputCreateExamplesKinesis: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "sampling-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that samples events at specified rates based on filter criteria", "streamtags": [], "functions": [{"filter": "true", "id": "sampling", "description": "even dock modulo dreary whoever ew", "disabled": false, "final": false, "conf": {"rules": [{"filter": "__status == 200", "rate": 5}]}, "groupId": ""}], "groups": {}}} + application/json: {"id": "kinesis-source", "type": "kinesis", "sendToRoutes": true, "pqEnabled": false, "streamName": "my-stream", "region": "us-east-1"} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesSerialize: + application/json: {} + InputCreateExamplesKubeEvents: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "serialize-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that serializes event fields into JSON format", "streamtags": [], "functions": [{"filter": "true", "id": "serialize", "description": "whoa ew grandiose meal that", "disabled": true, "final": false, "conf": {"type": "json", "delimChar": "", "quoteChar": "", "escapeChar": "", "nullValue": "", "fields": ["city", "state"], "srcField": "", "dstField": "_raw"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "kube-events-source", "type": "kube_events", "sendToRoutes": true, "pqEnabled": false} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesSNMPTrapSerialize: + application/json: {} + InputCreateExamplesKubeLogs: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "snmp-trap-serialize-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that serializes events into SNMP trap format for SNMP trap destinations", "streamtags": [], "functions": [{"filter": "true", "id": "snmp_trap_serialize", "description": "aha ew lender mosh", "disabled": false, "final": true, "conf": {"strict": true, "dropFailedEvents": true, "v3User": {"name": "", "authProtocol": "md5", "authKey": "", "privProtocol": ""}}, "groupId": ""}], "groups": {}}} + application/json: {"id": "kube-logs-source", "type": "kube_logs", "sendToRoutes": true, "pqEnabled": false} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesSuppress: + application/json: {} + InputCreateExamplesKubeMetrics: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "suppress-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that suppresses duplicate events based on a key expression", "streamtags": [], "functions": [{"filter": "true", "id": "suppress", "description": "ack alongside famously brr after punctuation crowded supposing swath", "disabled": true, "final": true, "conf": {"keyExpr": "`${ip}:${port}`", "allow": 1, "suppressPeriodSec": 30, "dropEventsMode": true, "maxCacheSize": 50000, "cacheIdleTimeoutPeriods": 2, "numEventsIdleTimeoutTrigger": 10000}, "groupId": ""}], "groups": {}}} + application/json: {"id": "kube-metrics-source", "type": "kube_metrics", "sendToRoutes": true, "pqEnabled": false} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesTee: + application/json: {} + InputCreateExamplesLoki: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "tee-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that sends events to a command via stdin for debugging purposes", "streamtags": [], "functions": [{"filter": "true", "id": "tee", "description": "delirious athletic remark chairperson order", "disabled": false, "final": false, "conf": {"command": "tee", "args": ["/opt/cribl/foo.log"], "restartOnExit": true, "env": {}}, "groupId": ""}], "groups": {}}} + application/json: {"id": "loki-source", "type": "loki", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080, "lokiAPI": "/loki/api/v1/push"} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesUnroll: + application/json: {} + InputCreateExamplesMetrics: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls array fields into separate events", "streamtags": [], "functions": [{"filter": "true", "id": "unroll", "description": "eminent safely sonar verve sedately like yippee swing which rudely", "disabled": false, "final": false, "conf": {"srcExpr": "_raw.split(/\\n/)", "dstField": "_raw"}, "groupId": ""}], "groups": {}}} + application/json: {"id": "metrics-source", "type": "metrics", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "udpPort": 8125} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - PipelineExamplesXMLUnroll: + application/json: {} + InputCreateExamplesModelDrivenTelemetry: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"id": "xml-unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls XML elements into separate events", "streamtags": [], "functions": [{"filter": "true", "id": "xml_unroll", "description": "tousle jell preclude rationalize into", "disabled": false, "final": true, "conf": {"unroll": "^Parent\\.Child$", "inherit": "^Parent\\.(myID|branchLocation)$", "unrollIdxField": "unroll_idx", "pretty": false}, "groupId": ""}], "groups": {}}} + application/json: {"id": "mdt-source", "type": "model_driven_telemetry", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 57000} responses: "200": - application/json: {"count": 430119, "items": [{"id": "", "conf": {"asyncFuncTimeout": 381921, "output": "", "description": "fantastic smuggle monthly crossly", "streamtags": [""], "functions": [{"filter": "", "id": "geoip", "description": "scared mysteriously why beside yuppify yuck", "disabled": false, "final": true, "conf": {"file": "", "inField": "", "outField": "", "additionalFields": [{"extraInField": "", "extraOutField": ""}], "outFieldMappings": {}}, "groupId": ""}], "groups": {"key": {"name": "", "description": "store testify cruelly", "disabled": false}}}}]} + application/json: {} "500": - application/json: {"message": ""} - deletePipelineById: - speakeasy-default-delete-pipeline-by-id: + application/json: {} + InputCreateExamplesMsk: parameters: path: id: "" - responses: - "200": - application/json: {"count": 62963, "items": [{"id": "", "conf": {"asyncFuncTimeout": 117, "output": "default", "description": "resort phew silent whenever gust", "streamtags": [""], "functions": [{"filter": "", "id": "chain", "description": "propound meanwhile wholly", "disabled": false, "final": true, "conf": {"processor": ""}, "groupId": ""}], "groups": {"key": {"name": "", "description": "until obsess unto kielbasa", "disabled": true}}}}]} - "500": - application/json: {"message": ""} - getVersionBranch: - speakeasy-default-get-version-branch: + pack: "" + requestBody: + application/json: {"id": "msk-source", "type": "msk", "sendToRoutes": true, "pqEnabled": false, "brokers": ["b-1.example.xxxxx.c2.kafka.us-east-1.amazonaws.com:9092"], "topics": ["logs"], "awsAuthenticationMethod": "auto", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - createVersionCommit: - speakeasy-default-create-version-commit: + InputCreateExamplesNetflow: parameters: - query: - groupId: "" + path: + id: "" + pack: "" requestBody: - application/json: {"message": ""} + application/json: {"id": "netflow-source", "type": "netflow", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 2055} responses: "200": application/json: {} "500": application/json: {} - VersionCommitExamplesCommitAll: + InputCreateExamplesOffice365Mgmt: + parameters: + path: + id: "" + pack: "" requestBody: - application/json: {"message": "Updated pipeline configuration for syslog parsing"} + application/json: {"id": "office365-mgmt-source", "type": "office365_mgmt", "sendToRoutes": true, "pqEnabled": false, "planType": "enterprise_gcc", "tenantId": "tenant-id", "appId": "app-id"} responses: "200": application/json: {} "500": application/json: {} - VersionCommitExamplesCommitSpecificFiles: + InputCreateExamplesMicrosoftGraph: + parameters: + path: + id: "" + pack: "" requestBody: - application/json: {"effective": true, "files": ["groups/default/local/cribl/pipelines/http_input/conf.yml", "groups/default/local/cribl/routes.yml"], "message": "Update Route and Pipeline for HTTP Sources"} + application/json: {"id": "microsoft-graph-source", "type": "microsoft_graph", "sendToRoutes": true, "pqEnabled": false, "url": "https://graph.microsoft.com/v1.0/admin/exchange/tracing/messageTraces", "interval": 15} responses: "200": application/json: {} "500": application/json: {} - getVersionCount: - speakeasy-default-get-version-count: + InputCreateExamplesOffice365MsgTrace: parameters: - query: - group: "" - ID: "" - groupId: "" - commit: "" + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "office365-msg-trace-source", "type": "office365_msg_trace", "sendToRoutes": true, "pqEnabled": false, "url": "https://reports.office365.com/ecp/reportingwebservice/reporting.svc/MessageTrace", "interval": 15} responses: "200": application/json: {} "500": application/json: {} - getVersionCurrentBranch: - speakeasy-default-get-version-current-branch: + InputCreateExamplesOffice365Service: + parameters: + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "office365-service-source", "type": "office365_service", "sendToRoutes": true, "pqEnabled": false, "tenantId": "tenant-id", "appId": "app-id"} responses: "200": - application/json: {"branch": ""} + application/json: {} "500": application/json: {} - getVersionDiff: - speakeasy-default-get-version-diff: + InputCreateExamplesOpenAI: parameters: - query: - commit: "" - group: "" - filename: "example.file" - diffLineLimit: 6362 - groupId: "" + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "openai-source", "type": "openai", "sendToRoutes": true, "pqEnabled": false, "contentConfig": [{"disabled": false, "requestParams": [{"name": "effective_at[gt]", "value": "`${Math.round(Date.now()/1000 - 3600)}`"}, {"name": "limit", "value": "100"}], "paginationType": "response_body", "paginationAttribute": ["last_id"], "paginationLastPageExpr": "has_more === false", "cronSchedule": "0 * * * *", "earliest": "-1h", "latest": "now"}], "textSecret": "openai-api-key-secret"} responses: "200": application/json: {} "500": application/json: {} - getVersionFiles: - speakeasy-default-get-version-files: + InputCreateExamplesOpenTelemetry: parameters: - query: - group: "" - ID: "" - groupId: "" - commit: "" + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "otel-source", "type": "open_telemetry", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 4317} responses: "200": application/json: {} "500": application/json: {} - getVersionInfo: - speakeasy-default-get-version-info: + InputCreateExamplesPrometheus: + parameters: + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "prometheus-source", "type": "prometheus", "sendToRoutes": true, "pqEnabled": false, "discoveryType": "static", "interval": 60, "logLevel": "info", "targetList": ["http://localhost:9090/metrics"]} responses: "200": application/json: {} "500": application/json: {} - createVersionPush: - speakeasy-default-create-version-push: + InputCreateExamplesPrometheusRw: + parameters: + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "prometheus-rw-source", "type": "prometheus_rw", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080, "prometheusAPI": "/write"} responses: "200": application/json: {} "500": application/json: {} - createVersionRevert: - speakeasy-default-create-version-revert: + InputCreateExamplesRawUdp: parameters: - query: - group: "" - groupId: "" + path: + id: "" + pack: "" requestBody: - application/json: {"commit": ""} + application/json: {"id": "raw-udp-source", "type": "raw_udp", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 514} responses: "200": application/json: {} "500": application/json: {} - VersionRevertExamplesRevertCommit: + InputCreateExamplesS3: + parameters: + path: + id: "" + pack: "" requestBody: - application/json: {"commit": "a1b2c3d4e5f6"} + application/json: {"id": "s3-source", "type": "s3", "sendToRoutes": true, "pqEnabled": false, "queueName": "s3-notifications-queue", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - VersionRevertExamplesForceRevertWithMessage: + InputCreateExamplesS3Inventory: + parameters: + path: + id: "" + pack: "" requestBody: - application/json: {"commit": "a1b2c3d4e5f6", "force": true, "message": "Revert commit due to misconfiguration in Pipeline settings"} + application/json: {"id": "s3-inventory-source", "type": "s3_inventory", "sendToRoutes": true, "pqEnabled": false, "queueName": "s3-inventory-queue", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - getVersionShow: - speakeasy-default-get-version-show: + InputCreateExamplesSecurityLake: parameters: - query: - commit: "" - group: "" - filename: "example.file" - diffLineLimit: 7771.94 - groupId: "" + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "security-lake-source", "type": "security_lake", "sendToRoutes": true, "pqEnabled": false, "queueName": "security-lake-queue", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - getVersionStatus: - speakeasy-default-get-version-status: + InputCreateExamplesSnmp: parameters: - query: - group: "" - groupId: "" + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "snmp-source", "type": "snmp", "sendToRoutes": true, "pqEnabled": false, "host": "192.168.1.1", "port": 161} responses: "200": application/json: {} "500": application/json: {} - createVersionSync: - speakeasy-default-create-version-sync: + InputCreateExamplesSplunk: + parameters: + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "splunk-source", "type": "splunk", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 9997} responses: "200": - application/json: {"count": 90716, "items": [{"key": "", "key1": ""}, {"key": "", "key1": "", "key2": ""}]} + application/json: {} "500": - application/json: {"message": ""} - createVersionUndo: - speakeasy-default-create-version-undo: + application/json: {} + InputCreateExamplesSplunkHec: parameters: - query: - group: "" - groupId: "" + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "splunk-hec-source", "type": "splunk_hec", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8088, "splunkHecAPI": "/services/collector"} responses: "200": application/json: {} "500": application/json: {} - createCriblLakeDatasetByLakeId: - speakeasy-default-create-cribl-lake-dataset-by-lake-id: + InputCreateExamplesSplunkSearch: parameters: path: - lakeId: "" + id: "" + pack: "" requestBody: - application/json: {"id": "", "searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": false, "fieldList": ["", ""], "scanMode": "detailed"}}} + application/json: {"id": "splunk-search-source", "type": "splunk_search", "sendToRoutes": true, "pqEnabled": false, "searchHead": "https://localhost:8089", "search": "index=main", "cronSchedule": "*/15 * * * *", "endpoint": "/services/search/v2/jobs/export", "outputMode": "json", "authType": "basic"} responses: "200": - application/json: {"items": [{"id": "", "searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": false, "fieldList": ["", ""], "scanMode": "detailed"}}}]} + application/json: {} "500": application/json: {} - LakeDatasetCreateExamplesJsonDataset: + InputCreateExamplesSqs: parameters: path: - lakeId: "" + id: "" + pack: "" requestBody: - application/json: {"acceleratedFields": ["host", "status"], "description": "Web server access logs", "format": "json", "id": "web_access_logs", "retentionPeriodInDays": 90, "storageLocationId": "my-storage-location"} + application/json: {"id": "sqs-source", "type": "sqs", "sendToRoutes": true, "pqEnabled": false, "queueName": "my-queue", "queueType": "standard", "region": "us-east-1"} responses: "200": - application/json: {"items": [{"id": "", "searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": false, "fieldList": ["", ""], "scanMode": "detailed"}}}]} + application/json: {} "500": application/json: {} - LakeDatasetCreateExamplesParquetDataset: + InputCreateExamplesSyslog: parameters: path: - lakeId: "" + id: "" + pack: "" requestBody: - application/json: {"description": "Security event data in Parquet format", "format": "parquet", "id": "security_events", "retentionPeriodInDays": 365, "searchConfig": {"datatypes": ["palo_alto_firewall", "crowdstrike_fdr"]}, "storageLocationId": "my-storage-location"} + application/json: {"id": "syslog-source", "type": "syslog", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "udpPort": 514} responses: "200": - application/json: {"items": [{"id": "", "searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": false, "fieldList": ["", ""], "scanMode": "detailed"}}}]} + application/json: {} "500": application/json: {} - LakeDatasetCreateExamplesMinimalDataset: + InputCreateExamplesSystemMetrics: parameters: path: - lakeId: "" + id: "" + pack: "" requestBody: - application/json: {"id": "app_logs"} + application/json: {"id": "system-metrics-source", "type": "system_metrics", "sendToRoutes": true, "pqEnabled": false} responses: "200": - application/json: {"items": [{"id": "", "searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": false, "fieldList": ["", ""], "scanMode": "detailed"}}}]} + application/json: {} "500": application/json: {} - getCriblLakeDatasetByLakeId: - speakeasy-default-get-cribl-lake-dataset-by-lake-id: + InputCreateExamplesSystemState: parameters: path: - lakeId: "" - query: - storageLocationId: "" - format: "" - excludeDDSS: true - excludeDeleted: true - excludeInternal: false - excludeBYOS: false + id: "" + pack: "" + requestBody: + application/json: {"id": "system-state-source", "type": "system_state", "sendToRoutes": true, "pqEnabled": false} responses: "200": - application/json: {"items": [{"id": "", "searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": true, "fieldList": [""], "scanMode": "quick"}}}]} + application/json: {} "500": application/json: {} - getSummaryWorkers: - speakeasy-default-get-summary-workers: + InputCreateExamplesTcp: parameters: - query: - filterExp: "" + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "tcp-source", "type": "tcp", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10090} responses: "200": - application/json: {"count": 401126, "items": [1291.74, 7812.7]} + application/json: {} "500": - application/json: {"message": ""} - getWorkers: - speakeasy-default-get-workers: + application/json: {} + InputCreateExamplesTcpjson: parameters: - query: - filterExp: "" - sort: "" - sortExp: "" - limit: 402753 - offset: 848752 - filter: "" - responses: - "200": - application/json: {"count": 388772, "items": [{"deployable": true, "disconnected": true, "firstMsgTime": 5556.4, "group": "", "id": "", "info": {"architecture": "", "aws": {"enabled": false, "region": "", "tags": {}, "type": "", "zone": ""}, "conn_ip": "", "cpus": 5841.82, "cribl": {"config": {"featuresRev": "", "hbPeriodSeconds": 3635.4, "logStreamEnv": "", "policyRev": "", "version": ""}, "deploymentId": "", "distMode": "single", "edgeNodes": 7424.46, "group": "", "guid": "", "installType": "", "lookupVersions": {}, "master": {"host": "crafty-requirement.biz", "port": 4586.68, "servername": "", "tls": true}, "pid": 7553.65, "startTime": 1443.43, "tags": ["", ""], "version": ""}, "freeDiskSpace": 6770.82, "hostOs": {"addresses": ["", "", ""], "enabled": false, "id": "", "version": ""}, "hostname": "wordy-vibraphone.biz", "isSaasWorker": true, "kube": {"enabled": false, "namespace": "", "node": "", "owner": {"kind": "", "name": ""}, "pod": "", "source": ""}, "localTime": 6602.88, "metadata": {"aws": {"enabled": false, "region": "", "tags": {}, "type": "", "zone": ""}, "hostOs": {"addresses": [""], "enabled": false, "id": "", "version": ""}, "kube": {"enabled": true, "namespace": "", "node": "", "owner": {"kind": "", "name": ""}, "pod": "", "source": ""}, "os": {"addresses": ["", "", ""], "enabled": false, "id": "", "version": ""}}, "node": "", "os": {"addresses": ["", "", ""], "enabled": false, "id": "", "version": ""}, "platform": "", "release": "", "totalDiskSpace": 4189.94, "totalmem": 5989.26}, "lastMetrics": {}, "lastMsgTime": 1603.19, "metadata": {"aws": {"enabled": false, "region": "", "tags": {}, "type": "", "zone": ""}, "hostOs": {"addresses": [""], "enabled": false, "id": "", "version": ""}, "kube": {"enabled": true, "namespace": "", "node": "", "owner": {"kind": "", "name": ""}, "pod": "", "source": ""}, "os": {"addresses": ["", "", ""], "enabled": false, "id": "", "version": ""}}, "nodeUpgradeStatus": {"active": 0, "failed": 1, "skipped": 1, "state": 0, "timestamp": 6840.86}, "status": "", "type": "resp", "workerProcesses": 8195.32, "workers": {"count": 3234.04}}]} - "500": - application/json: {"message": ""} - updateWorkersRestart: - speakeasy-default-update-workers-restart: + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "tcpjson-source", "type": "tcpjson", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10090} responses: "200": - application/json: {"count": 469043, "items": [{"id": "", "message": "", "status": "Error"}]} + application/json: {} "500": - application/json: {"message": ""} - getSummary: - speakeasy-default-get-summary: + application/json: {} + InputCreateExamplesWef: parameters: - query: - mode: "worker" + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "wef-source", "type": "wef", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 5985, "subscriptions": [{"subscriptionName": "subscription-1", "contentFormat": "RenderedText", "heartbeatInterval": 60, "batchTimeout": 5, "targets": []}]} responses: "200": - application/json: {"count": 364904, "items": [{"groups": {"count": 8128.38, "destinations": 4945.73, "packs": 798.01, "pipelines": 6352.87, "quickConnects": 3649.04, "routes": 7792.08, "sources": 6593.6}, "workers": {"alive": 2322.36, "confVersions": 8794.87, "count": 2533.57, "disconnectedCount": 4548.69, "groups": 9336.99, "softwareVersions": 2351.1, "unhealthy": 8264.2}}]} + application/json: {} "500": - application/json: {"message": ""} - createPacks: - speakeasy-default-create-packs: + application/json: {} + InputCreateExamplesWinEventLogs: + parameters: + path: + id: "" + pack: "" requestBody: - application/json: {"id": "", "spec": "", "version": "", "minLogStreamVersion": "", "displayName": "Myah14", "author": "", "description": "premeditation coincide although", "source": "", "tags": {"dataType": [], "domain": [], "streamtags": ["", ""], "technology": [""]}, "allowCustomFunctions": false, "force": false} + application/json: {"id": "win-event-logs-source", "type": "win_event_logs", "sendToRoutes": true, "pqEnabled": false, "logNames": ["Application", "System"]} responses: "200": application/json: {} "500": application/json: {} - PackInstallExamplesPackDispensary: + InputCreateExamplesWindowsMetrics: + parameters: + path: + id: "" + pack: "" requestBody: - application/json: {"source": "https://packs.cribl.io/dl/cribl-duo-rest-io/latest/cribl-duo-rest-io-latest.crbl", "allowCustomFunctions": true, "force": true} + application/json: {"id": "windows-metrics-source", "type": "windows_metrics", "sendToRoutes": true, "pqEnabled": false} responses: "200": application/json: {} "500": application/json: {} - PackInstallExamplesEmptyPack: + InputCreateExamplesWiz: + parameters: + path: + id: "" + pack: "" requestBody: - application/json: {"id": "", "spec": "", "version": "", "minLogStreamVersion": "", "displayName": "Amely_Gusikowski", "author": "", "description": "crowded that truly sideboard ample yahoo gracious enraged", "source": "", "tags": {"dataType": ["double", "boolean"], "domain": ["delectable-transom.com", "radiant-sightseeing.info"], "streamtags": ["", "", ""], "technology": [""]}, "allowCustomFunctions": false, "force": true} + application/json: {"id": "wiz-source", "type": "wiz", "sendToRoutes": true, "pqEnabled": false, "endpoint": "https://api.wiz.io", "authUrl": "https://auth.wiz.io/oauth/token", "clientId": "client-id", "contentConfig": []} responses: "200": application/json: {} "500": application/json: {} - PackInstallExamplesUploadedFile: + InputCreateExamplesWizWebhook: + parameters: + path: + id: "" + pack: "" requestBody: - application/json: {"id": "cribl-search-missing-logs", "source": "cribl-search-missing-logs-1.0.1.Do7DH5I.crbl", "allowCustomFunctions": false} + application/json: {"id": "wiz-webhook-source", "type": "wiz_webhook", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} responses: "200": application/json: {} "500": application/json: {} - PackInstallExamplesURL: + InputCreateExamplesZscalerHec: + parameters: + path: + id: "" + pack: "" requestBody: - application/json: {"source": "https://github.com/criblpacks/cribl-palo-alto-networks/releases/download/1.1.4/cribl-palo-alto-networks-a3e5a19d-1.1.4.crbl", "allowCustomFunctions": false} + application/json: {"id": "zscaler-hec-source", "type": "zscaler_hec", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8088, "hecAPI": "/services/collector"} responses: "200": application/json: {} "500": application/json: {} - PackInstallExamplesGitRepository: + speakeasy-default-update-input-system-by-pack-and-id: + parameters: + path: + id: "" + pack: "" requestBody: - application/json: {"source": "git+https://github.com/criblio/cribl_ocsf_postprocessing", "allowCustomFunctions": false} + application/json: {"type": "edge_prometheus", "discoveryType": "k8s-pods", "interval": 2688.55} responses: "200": application/json: {} "500": application/json: {} - getPacks: - speakeasy-default-get-packs: + InputCreateExamplesAnthropicCompliance: parameters: - query: - with: "" + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "anthropic-compliance-source", "type": "anthropic_compliance", "sendToRoutes": true, "pqEnabled": false, "textSecret": "anthropic-api-key-secret", "contentConfig": [{"contentType": "activities", "contentDescription": "Compliance Activities", "enabled": true, "stateTracking": true, "stateUpdateExpression": "__timestampExtracted !== false && {latestTime: (state.latestTime || 0) > _time ? state.latestTime : _time}", "stateMergeExpression": "prevState.latestTime > newState.latestTime ? prevState : newState", "cronSchedule": "*/5 * * * *", "earliest": "-7d@d", "latest": "now", "jobTimeout": "300"}]} responses: "200": application/json: {} "500": application/json: {} - updatePacks: - speakeasy-default-update-packs: + InputCreateExamplesAppleUnifiedLogs: parameters: - query: - filename: "example.file" + path: + id: "" + pack: "" requestBody: - application/octet-stream: "x-file: example.file" + application/json: {"id": "apple-unified-logs-source", "type": "apple_unified_logs", "sendToRoutes": true, "pqEnabled": false, "predicate": "subsystem == \"com.apple.security\""} responses: "200": - application/json: {"source": ""} + application/json: {} "500": application/json: {} - getGroupsConfigVersionById: - speakeasy-default-get-groups-config-version-by-id: + InputCreateExamplesEventhubAmqp: parameters: path: id: "" + pack: "" + requestBody: + application/json: {"id": "eventhub-amqp-source", "type": "eventhub_amqp", "sendToRoutes": true, "pqEnabled": false, "eventHubName": "my-event-hub", "consumerGroup": "$Default", "checkpointing": {"blobStore": {"containerName": "my-container"}}} responses: "200": - application/json: {"count": 936160, "items": [""]} + application/json: {} "500": - application/json: {"message": ""} - createProductsGroupsByProduct: - speakeasy-default-create-products-groups-by-product: + application/json: {} + InputCreateExamplesOkta: parameters: path: - product: "stream" + id: "" + pack: "" requestBody: - application/json: {"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 1848.32, "description": "director um why forgery apud once er though off", "estimatedIngestRate": 6663.53, "git": {"commit": "", "localChanges": 2079.21, "log": [{"author_email": "", "author_name": "", "date": "2024-08-24", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 5487.26, "inherits": "", "isFleet": false, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": true, "streamtags": ["", "", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 851.73, "workerRemoteAccess": false} + application/json: {"id": "okta-source", "type": "okta", "sendToRoutes": true, "pqEnabled": false, "oktaDomain": "your-org", "textSecret": "okta-api-token-secret", "cronSchedule": "*/5 * * * *", "earliest": "-7d@d", "latest": "now"} responses: "200": - application/json: {"count": 339650, "items": [{"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 5282.89, "description": "seriously mountain gadzooks illiterate from better whose", "estimatedIngestRate": 8520.18, "git": {"commit": "", "localChanges": 2079.21, "log": [{"author_email": "", "author_name": "", "date": "2024-08-24", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 4907.06, "inherits": "", "isFleet": false, "isSearch": true, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": false, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 2620.95, "workerRemoteAccess": true}]} + application/json: {} "500": - application/json: {"message": ""} - getProductsGroupsByProduct: - speakeasy-default-get-products-groups-by-product: + application/json: {} + InputCreateExamplesOpenAIComplianceLogs: parameters: path: - product: "stream" - query: - fields: "" + id: "" + pack: "" + requestBody: + application/json: {"id": "openai-compliance-logs-source", "type": "openai_compliance_logs", "sendToRoutes": true, "pqEnabled": false, "textSecret": "openai-api-key-secret", "accountType": "workspace", "cronSchedule": "*/15 * * * *", "earliest": "-1h", "latest": "now", "workspaceId": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee", "workspaceEventTypes": ["AUDIT_LOG", "AUTH_LOG"]} responses: "200": - application/json: {"count": 139413, "items": [{"cloud": {"provider": null, "region": ""}, "configVersion": "", "deployingWorkerCount": 2422.36, "description": "finally huff within whereas per indeed among sarong almighty swordfish", "estimatedIngestRate": 9946.32, "git": {"commit": "", "localChanges": 7149.9, "log": [{"author_email": "", "author_name": "", "date": "2024-09-01", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 3041.33, "inherits": "", "isFleet": true, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": false, "streamtags": [""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 7295.87, "workerRemoteAccess": false}]} + application/json: {} "500": - application/json: {"message": ""} - updateGroupsDeployById: - speakeasy-default-update-groups-deploy-by-id: + application/json: {} + InputCreateExamplesServiceNowTable: parameters: path: id: "" + pack: "" requestBody: - application/json: {"lookups": [{"context": "", "lookups": [{"file": "", "version": ""}]}], "version": ""} + application/json: {"id": "servicenow-table-source", "type": "servicenow_table", "sendToRoutes": true, "pqEnabled": false, "instance": "https://example.service-now.com", "tableName": "incident", "fields": ["sys_id", "number", "short_description"], "pageSize": 10000, "cronSchedule": "0 * * * *", "earliest": "-1d", "latest": "now"} responses: "200": - application/json: {"count": 675901, "items": [{"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 3478.73, "description": "unscramble below metabolise unconscious alienated at ugh forenenst gosh even", "estimatedIngestRate": 2484.75, "git": {"commit": "", "localChanges": 819.2, "log": [{"author_email": "", "author_name": "", "date": "2024-08-21", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 2615.26, "inherits": "", "isFleet": true, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": []}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": false, "streamtags": ["", "", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 6222.63, "workerRemoteAccess": true}]} + application/json: {} "500": - application/json: {"message": ""} - getGroupsById: - speakeasy-default-get-groups-by-id: + application/json: {} + UpdateInputExamplesAnthropicCompliance: parameters: path: id: "" - query: - fields: "" + pack: "" + requestBody: + application/json: {"id": "anthropic-compliance-source", "type": "anthropic_compliance", "sendToRoutes": true, "pqEnabled": false, "textSecret": "anthropic-api-key-secret", "contentConfig": [{"contentType": "activities", "contentDescription": "Compliance Activities", "enabled": true, "stateTracking": true, "stateUpdateExpression": "__timestampExtracted !== false && {latestTime: (state.latestTime || 0) > _time ? state.latestTime : _time}", "stateMergeExpression": "prevState.latestTime > newState.latestTime ? prevState : newState", "cronSchedule": "*/5 * * * *", "earliest": "-7d@d", "latest": "now", "jobTimeout": "300"}]} responses: "200": - application/json: {"count": 983944, "items": [{"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 5773.46, "description": "bah vision transparency", "estimatedIngestRate": 7728.21, "git": {"commit": "", "localChanges": 8473.28, "log": [{"author_email": "", "author_name": "", "date": "2024-01-11", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 4739.28, "inherits": "", "isFleet": true, "isSearch": true, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": false, "provisioned": true, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 1817.13, "workerRemoteAccess": false}]} + application/json: {} "500": - application/json: {"message": ""} - getGroupsAclById: - speakeasy-default-get-groups-acl-by-id: + application/json: {} + UpdateInputExamplesAppleUnifiedLogs: parameters: path: id: "" - query: - type: "insights" + pack: "" + requestBody: + application/json: {"id": "apple-unified-logs-source", "type": "apple_unified_logs", "sendToRoutes": true, "pqEnabled": false, "predicate": "subsystem == \"com.apple.security\""} responses: "200": - application/json: {"count": 833704, "items": [{"perms": [], "user": "Randall_Walter25"}]} + application/json: {} "500": - application/json: {"message": ""} - getProductsGroupsAclTeamsByProductAndId: - speakeasy-default-get-products-groups-acl-teams-by-product-and-id: + application/json: {} + UpdateInputExamplesAppscope: parameters: path: - product: "stream" id: "" - query: - type: "datasets" + pack: "" + requestBody: + application/json: {"id": "appscope-source", "type": "appscope", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 9109} responses: "200": - application/json: {"count": 751174, "items": [{"perms": [{"gid": "", "id": "", "policy": "", "type": "dashboards"}], "team": ""}]} + application/json: {} "500": - application/json: {"message": ""} - deleteCriblLakeDatasetByLakeIdAndId: - speakeasy-default-delete-cribl-lake-dataset-by-lake-id-and-id: + application/json: {} + UpdateInputExamplesAzureBlob: parameters: path: - lakeId: "" id: "" + pack: "" + requestBody: + application/json: {"id": "azure-blob-source", "type": "azure_blob", "sendToRoutes": true, "pqEnabled": false, "queueName": "azure-blob-queue"} responses: "200": - application/json: {"items": [{"id": "", "searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": false, "fieldList": [""], "scanMode": "quick"}}}]} + application/json: {} "500": application/json: {} - getCriblLakeDatasetByLakeIdAndId: - speakeasy-default-get-cribl-lake-dataset-by-lake-id-and-id: + UpdateInputExamplesCloudflareHec: parameters: path: - lakeId: "" id: "" + pack: "" + requestBody: + application/json: {"id": "cloudflare-hec-source", "type": "cloudflare_hec", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8088, "hecAPI": "/services/collector"} responses: "200": - application/json: {"items": [{"id": "", "searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": true, "fieldList": ["", "", ""], "scanMode": "detailed"}}}]} + application/json: {} "500": application/json: {} - updateCriblLakeDatasetByLakeIdAndId: - speakeasy-default-update-cribl-lake-dataset-by-lake-id-and-id: + UpdateInputExamplesConfluentCloud: parameters: path: - lakeId: "" - id: "" + id: "" + pack: "" requestBody: - application/json: {"searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": false, "fieldList": ["", ""], "scanMode": "quick"}}} + application/json: {"id": "confluent-cloud-source", "type": "confluent_cloud", "sendToRoutes": true, "pqEnabled": false, "brokers": ["pkc-xxxxx.us-east-1.aws.confluent.cloud:9092"], "topics": ["logs"]} responses: "200": - application/json: {"items": [{"id": "", "searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": false, "fieldList": ["", ""], "scanMode": "quick"}}}]} + application/json: {} "500": application/json: {} - LakeDatasetUpdateExamplesUpdateRetention: + UpdateInputExamplesCollection: parameters: path: - lakeId: "" - id: "" + id: "" + pack: "" requestBody: - application/json: {"retentionPeriodInDays": 180} + application/json: {"id": "collection-source", "type": "collection", "sendToRoutes": true, "pqEnabled": false} responses: "200": - application/json: {"items": [{"id": "", "searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": false, "fieldList": ["", ""], "scanMode": "quick"}}}]} + application/json: {} "500": application/json: {} - LakeDatasetUpdateExamplesUpdateDescription: + UpdateInputExamplesCribl: parameters: path: - lakeId: "" - id: "" + id: "" + pack: "" requestBody: - application/json: {"acceleratedFields": ["host", "status", "source"], "description": "Web server access logs with accelerated fields."} + application/json: {"id": "cribl-source", "type": "cribl", "sendToRoutes": true, "pqEnabled": false} responses: "200": - application/json: {"items": [{"id": "", "searchConfig": {"metadata": {"earliest": "-30d", "enableAcceleration": false, "fieldList": ["", ""], "scanMode": "quick"}}}]} + application/json: {} "500": application/json: {} - deletePacksById: - speakeasy-default-delete-packs-by-id: + UpdateInputExamplesCriblHttp: parameters: path: id: "" + pack: "" + requestBody: + application/json: {"id": "cribl-http-source", "type": "cribl_http", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} responses: "200": application/json: {} "500": application/json: {} - updatePacksById: - speakeasy-default-update-packs-by-id: + UpdateInputExamplesCriblLakeHttp: parameters: path: id: "" - query: - source: "" - minor: "" - spec: "" + pack: "" requestBody: - application/json: {"source": ""} + application/json: {"id": "cribl-lake-http-source", "type": "cribl_lake_http", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} responses: "200": application/json: {} "500": application/json: {} - PackUpgradeExamplesUpgradeFromURL: + UpdateInputExamplesCriblMetrics: parameters: path: id: "" + pack: "" requestBody: - application/json: {"source": "https://github.com/criblpacks/cribl-palo-alto-networks/releases/download/1.1.4/cribl-palo-alto-networks-a3e5a19d-1.1.4.crbl"} + application/json: {"id": "cribl-metrics-source", "type": "criblmetrics", "sendToRoutes": true, "pqEnabled": false} responses: "200": application/json: {} "500": application/json: {} - deleteGroupsById: - speakeasy-default-delete-groups-by-id: + UpdateInputExamplesCriblTcp: parameters: path: id: "" + pack: "" + requestBody: + application/json: {"id": "cribl-tcp-source", "type": "cribl_tcp", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10090} responses: "200": - application/json: {"count": 357616, "items": [{"cloud": {"provider": null, "region": ""}, "configVersion": "", "deployingWorkerCount": 480.6, "description": "minion lost questionable purple zowie meh acquire bah", "estimatedIngestRate": 2472.44, "git": {"commit": "", "localChanges": 4115.49, "log": [{"author_email": "", "author_name": "", "date": "2024-10-11", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 5290.66, "inherits": "", "isFleet": false, "isSearch": true, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": true, "streamtags": [""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 6094.96, "workerRemoteAccess": false}]} + application/json: {} "500": - application/json: {"message": ""} - updateGroupsById: - speakeasy-default-update-groups-by-id: + application/json: {} + UpdateInputExamplesCrowdstrike: parameters: path: - id: "" + id: "" + pack: "" requestBody: - application/json: {"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 19.89, "description": "jaywalk wrathful truly indeed definitive reflecting almost massive", "estimatedIngestRate": 7133.74, "git": {"commit": "", "localChanges": 370.43, "log": [{"author_email": "", "author_name": "", "date": "2024-08-29", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 7081.95, "inherits": "", "isFleet": true, "isSearch": true, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": true, "streamtags": [""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 9020.63, "workerRemoteAccess": true} + application/json: {"id": "crowdstrike-source", "type": "crowdstrike", "sendToRoutes": true, "pqEnabled": false, "queueName": "crowdstrike-queue", "region": "us-east-1"} responses: "200": - application/json: {"count": 899492, "items": [{"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 5369.68, "description": "zowie hastily guzzle grimy mask engage", "estimatedIngestRate": 5316.34, "git": {"commit": "", "localChanges": 370.43, "log": [{"author_email": "", "author_name": "", "date": "2024-08-29", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 4056.89, "inherits": "", "isFleet": false, "isSearch": true, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": false, "streamtags": [""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 5413.87, "workerRemoteAccess": false}]} + application/json: {} "500": - application/json: {"message": ""} - listMasterWorkerEntry: - speakeasy-default-list-master-worker-entry: + application/json: {} + UpdateInputExamplesDatadogAgent: parameters: - query: - filterExp: "" - sort: "" - sortExp: "" - limit: 554169 - offset: 426660 - filter: "" + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "datadog-agent-source", "type": "datadog_agent", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8126} responses: "200": - application/json: {"count": 522765, "items": [{"deployable": true, "disconnected": true, "firstMsgTime": 5145.29, "group": "", "id": "", "info": {"architecture": "", "aws": {"enabled": true, "instanceId": "", "region": "", "tags": {}, "type": "", "zone": ""}, "azure": {"enabled": false, "hostname": "intelligent-license.info", "instanceId": "", "name": "", "region": "", "resourceGroup": "", "subscriptionId": "", "tags": {"key": "", "key1": ""}, "type": "", "vmId": "", "zone": ""}, "conn_ip": "", "cpus": 587.99, "cribl": {"config": {"featuresRev": "", "hbPeriodSeconds": 7254.06, "logStreamEnv": "", "policyRev": "", "version": ""}, "deploymentId": "", "disableSNIRouting": false, "distMode": "worker", "edgeNodes": 5669.89, "group": "", "guid": "", "installType": "", "lookupVersions": {}, "master": {"host": "clear-cut-armoire.com", "port": 8378.36, "servername": "", "tls": true}, "pid": 5481.66, "socksEnabled": false, "startTime": 2054.83, "tags": [""], "version": ""}, "env": {"key": "", "key1": ""}, "freeDiskSpace": 5289.31, "hostOs": {"addresses": ["", "", ""], "enabled": false, "id": "", "version": ""}, "hostname": "huge-mathematics.org", "isSaasWorker": true, "kube": {"enabled": true, "namespace": "", "node": "", "owner": {"kind": "", "name": ""}, "pod": "", "source": ""}, "localTime": 396.28, "metadata": {"aws": {"enabled": true, "instanceId": "", "region": "", "tags": {}, "type": "", "zone": ""}, "azure": {"enabled": false, "hostname": "intelligent-license.info", "instanceId": "", "name": "", "region": "", "resourceGroup": "", "subscriptionId": "", "tags": {"key": "", "key1": ""}, "type": "", "vmId": "", "zone": ""}, "hostOs": {"addresses": [], "enabled": true, "id": "", "version": ""}, "kube": {"enabled": true, "namespace": "", "node": "", "owner": {"kind": "", "name": ""}, "pod": "", "source": ""}, "os": {"addresses": [], "enabled": true, "id": "", "version": ""}}, "node": "", "os": {"addresses": [""], "enabled": true, "id": "", "version": ""}, "outpost": {"guid": "", "host": "intelligent-license.info"}, "platform": "", "release": "", "totalDiskSpace": 3554.6, "totalmem": 2822.63}, "lastMetrics": {}, "lastMsgTime": 1368.76, "metadata": {"aws": {"enabled": true, "instanceId": "", "region": "", "tags": {}, "type": "", "zone": ""}, "azure": {"enabled": false, "hostname": "intelligent-license.info", "instanceId": "", "name": "", "region": "", "resourceGroup": "", "subscriptionId": "", "tags": {"key": "", "key1": ""}, "type": "", "vmId": "", "zone": ""}, "hostOs": {"addresses": [], "enabled": true, "id": "", "version": ""}, "kube": {"enabled": true, "namespace": "", "node": "", "owner": {"kind": "", "name": ""}, "pod": "", "source": ""}, "os": {"addresses": [], "enabled": true, "id": "", "version": ""}}, "nodeUpgradeStatus": {"active": 0, "failed": 1, "skipped": 3, "state": 2, "timestamp": 962.97}, "status": "", "type": "resp", "workerProcesses": 571.25, "workers": {"count": 4154.46}}]} + application/json: {} "500": - application/json: {"message": ""} - getMasterWorkerEntry: - speakeasy-default-get-master-worker-entry: + application/json: {} + UpdateInputExamplesDatagen: parameters: - query: - filterExp: "" + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "datagen-source", "type": "datagen", "sendToRoutes": true, "pqEnabled": false, "samples": [{"sample": "sample.json", "eventsPerSec": 10}]} responses: "200": - application/json: {"count": 732189, "items": [3187.39]} + application/json: {} "500": - application/json: {"message": ""} - listConfigGroupByProduct: - speakeasy-default-list-config-group-by-product: + application/json: {} + UpdateInputExamplesEdgePrometheus: parameters: path: - product: "edge" - query: - fields: "" + id: "" + pack: "" + requestBody: + application/json: {"id": "edge-prometheus-source", "type": "edge_prometheus", "sendToRoutes": true, "pqEnabled": false, "discoveryType": "static", "interval": 60, "targets": [{"host": "localhost"}]} responses: "200": - application/json: {"items": [{"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 7819.54, "description": "finally exaggerate coolly grade", "estimatedIngestRate": 10240, "git": {"commit": "", "localChanges": 7873.79, "log": [{"author_email": "", "author_name": "", "date": "2024-04-08", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 2891.32, "inherits": "", "isFleet": false, "isSearch": true, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": false, "provisioned": false, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 2257.24, "workerRemoteAccess": false}]} + application/json: {} "500": application/json: {} - createConfigGroupByProduct: - speakeasy-default-create-config-group-by-product: + UpdateInputExamplesElastic: parameters: path: - product: "edge" + id: "" + pack: "" requestBody: - application/json: {"estimatedIngestRate": 7168, "id": ""} + application/json: {"id": "elastic-source", "type": "elastic", "sendToRoutes": true, "pqEnabled": false, "host": "localhost", "port": 9200, "elasticAPI": "/"} responses: "200": - application/json: {"items": [{"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 8255.61, "description": "till boastfully before qua meanwhile suddenly", "estimatedIngestRate": 3072, "git": {"commit": "", "localChanges": 7008.23, "log": [{"author_email": "", "author_name": "", "date": "2024-04-03", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 7965.37, "inherits": "", "isFleet": true, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": false, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 4937.96, "workerRemoteAccess": true}]} + application/json: {} "500": application/json: {} - CreateGroupExamplesCloudWg: + UpdateInputExamplesEventhub: parameters: path: - product: "stream" + id: "" + pack: "" requestBody: - application/json: {"cloud": {"provider": "aws", "region": "us-west-2"}, "estimatedIngestRate": 2048, "id": "goatCloudIanWg", "name": "goatcloudianwg", "onPrem": false, "provisioned": true, "type": "stream", "workerRemoteAccess": true} + application/json: {"id": "eventhub-source", "type": "eventhub", "sendToRoutes": true, "pqEnabled": false, "brokers": ["myeventhub.servicebus.windows.net:9093"], "topics": ["logs"]} responses: "200": - application/json: {"items": [{"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 8255.61, "description": "till boastfully before qua meanwhile suddenly", "estimatedIngestRate": 3072, "git": {"commit": "", "localChanges": 7008.23, "log": [{"author_email": "", "author_name": "", "date": "2024-04-03", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 7965.37, "inherits": "", "isFleet": true, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": false, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 4937.96, "workerRemoteAccess": true}]} + application/json: {} "500": application/json: {} - CreateGroupExamplesOnPremWg: + UpdateInputExamplesEventhubAmqp: parameters: path: - product: "edge" + id: "" + pack: "" requestBody: - application/json: {"description": "Worker group in customer-managed deployment", "id": "goatOnPremIanWg", "name": "goatonpremianwg", "onPrem": true, "type": "stream", "workerRemoteAccess": true} + application/json: {"id": "eventhub-amqp-source", "type": "eventhub_amqp", "sendToRoutes": true, "pqEnabled": false, "eventHubName": "my-event-hub", "consumerGroup": "$Default", "checkpointing": {"blobStore": {"containerName": "my-container"}}} responses: "200": - application/json: {"items": [{"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 8255.61, "description": "till boastfully before qua meanwhile suddenly", "estimatedIngestRate": 3072, "git": {"commit": "", "localChanges": 7008.23, "log": [{"author_email": "", "author_name": "", "date": "2024-04-03", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 7965.37, "inherits": "", "isFleet": true, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": false, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 4937.96, "workerRemoteAccess": true}]} + application/json: {} "500": application/json: {} - CreateGroupExamplesCloneWg: + UpdateInputExamplesExec: parameters: path: - product: "edge" + id: "" + pack: "" requestBody: - application/json: {"description": "Worker Group cloned from goatOnPremIanWg with identical configuration", "id": "goatOnPremDollyWg", "name": "goatonpremdollywg", "onPrem": true, "sourceGroupId": "goatOnPremIanWg", "type": "stream", "workerRemoteAccess": true} + application/json: {"id": "exec-source", "type": "exec", "sendToRoutes": true, "pqEnabled": false, "command": "echo \"Hello World\"", "interval": 60} responses: "200": - application/json: {"items": [{"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 8255.61, "description": "till boastfully before qua meanwhile suddenly", "estimatedIngestRate": 3072, "git": {"commit": "", "localChanges": 7008.23, "log": [{"author_email": "", "author_name": "", "date": "2024-04-03", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 7965.37, "inherits": "", "isFleet": true, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": false, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 4937.96, "workerRemoteAccess": true}]} + application/json: {} "500": application/json: {} - CreateGroupExamplesEdgeFleet: + UpdateInputExamplesFile: parameters: path: - product: "edge" + id: "" + pack: "" requestBody: - application/json: {"description": "Create a new Edge Fleet", "id": "goatIanEdgeFleet", "name": "goatianedgefleet", "onPrem": true, "type": "edge", "workerRemoteAccess": true} + application/json: {"id": "file-source", "type": "file", "sendToRoutes": true, "pqEnabled": false, "mode": "manual"} responses: "200": - application/json: {"items": [{"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 8255.61, "description": "till boastfully before qua meanwhile suddenly", "estimatedIngestRate": 3072, "git": {"commit": "", "localChanges": 7008.23, "log": [{"author_email": "", "author_name": "", "date": "2024-04-03", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 7965.37, "inherits": "", "isFleet": true, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": true, "provisioned": false, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 4937.96, "workerRemoteAccess": true}]} + application/json: {} "500": application/json: {} - getConfigGroupByProductAndId: - speakeasy-default-get-config-group-by-product-and-id: + UpdateInputExamplesFirehose: parameters: path: - product: "edge" id: "" - query: - fields: "" + pack: "" + requestBody: + application/json: {"id": "firehose-source", "type": "firehose", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} responses: "200": - application/json: {"items": [{"cloud": {"provider": "aws", "region": ""}, "configVersion": "", "deployingWorkerCount": 9897.69, "description": "inure hope kissingly why", "estimatedIngestRate": 13312, "git": {"commit": "", "localChanges": 3058.15, "log": [{"author_email": "", "author_name": "", "date": "2024-02-16", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 9309.45, "inherits": "", "isFleet": false, "isSearch": true, "lookupDeployments": [{"context": "", "lookups": []}], "maxWorkerAge": "", "name": "", "onPrem": false, "provisioned": true, "streamtags": [""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 7512.21, "workerRemoteAccess": true}]} + application/json: {} "500": application/json: {} - updateConfigGroupByProductAndId: - speakeasy-default-update-config-group-by-product-and-id: + UpdateInputExamplesGrafana: parameters: path: - product: "stream" - id: "" + id: "" + pack: "" requestBody: - application/json: {"estimatedIngestRate": 13312, "id": ""} + application/json: {"id": "grafana-source", "type": "grafana", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080, "prometheusAPI": "/api/prom/push"} responses: "200": - application/json: {"items": [{"cloud": {"provider": "azure", "region": ""}, "configVersion": "", "deployingWorkerCount": 6038.43, "description": "pants sugary tricky drat", "estimatedIngestRate": 1024, "git": {"commit": "", "localChanges": 776.15, "log": [{"author_email": "", "author_name": "", "date": "2024-09-29", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 2043.29, "inherits": "", "isFleet": false, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": []}], "maxWorkerAge": "", "name": "", "onPrem": false, "provisioned": false, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 5750.42, "workerRemoteAccess": true}]} + application/json: {} "500": application/json: {} - UpdateGroupExamplesScaleCloudWorkerGroup: + UpdateInputExamplesGooglePubsub: parameters: path: - product: "edge" - id: "" + id: "" + pack: "" requestBody: - application/json: {"cloud": {"provider": "aws", "region": "us-west-2"}, "configVersion": "abc1234", "deployingWorkerCount": 0, "description": "Scaled Worker Group with estimated ingest rate of 4096 (48 MB/s, 21 Worker Processes) for increased capacity", "estimatedIngestRate": 4096, "id": "goatCloudIanWg", "incompatibleWorkerCount": 0, "lookupDeployments": [], "name": "goatcloudianwg", "onPrem": false, "provisioned": true, "type": "stream", "workerCount": 3, "workerRemoteAccess": true} + application/json: {"id": "google-pubsub-source", "type": "google_pubsub", "sendToRoutes": true, "pqEnabled": false, "topicName": "my-topic", "subscriptionName": "my-subscription"} responses: "200": - application/json: {"items": [{"cloud": {"provider": "azure", "region": ""}, "configVersion": "", "deployingWorkerCount": 6038.43, "description": "pants sugary tricky drat", "estimatedIngestRate": 1024, "git": {"commit": "", "localChanges": 776.15, "log": [{"author_email": "", "author_name": "", "date": "2024-09-29", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 2043.29, "inherits": "", "isFleet": false, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": []}], "maxWorkerAge": "", "name": "", "onPrem": false, "provisioned": false, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 5750.42, "workerRemoteAccess": true}]} + application/json: {} "500": application/json: {} - UpdateGroupExamplesUpdateOnPremWorkerGroup: + UpdateInputExamplesHttp: parameters: path: - product: "outpost" - id: "" + id: "" + pack: "" requestBody: - application/json: {"configVersion": "abc1234", "deployingWorkerCount": 0, "description": "Updated customer-managed Worker Group with remote access enabled", "id": "goatOnPremIanWg", "incompatibleWorkerCount": 0, "lookupDeployments": [], "name": "goatonpremianwg", "onPrem": true, "type": "stream", "workerCount": 5, "workerRemoteAccess": true} + application/json: {"id": "http-source", "type": "http", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} responses: "200": - application/json: {"items": [{"cloud": {"provider": "azure", "region": ""}, "configVersion": "", "deployingWorkerCount": 6038.43, "description": "pants sugary tricky drat", "estimatedIngestRate": 1024, "git": {"commit": "", "localChanges": 776.15, "log": [{"author_email": "", "author_name": "", "date": "2024-09-29", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 2043.29, "inherits": "", "isFleet": false, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": []}], "maxWorkerAge": "", "name": "", "onPrem": false, "provisioned": false, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 5750.42, "workerRemoteAccess": true}]} + application/json: {} "500": application/json: {} - deleteConfigGroupByProductAndId: - speakeasy-default-delete-config-group-by-product-and-id: + UpdateInputExamplesHttpRaw: parameters: path: - product: "edge" id: "" + pack: "" + requestBody: + application/json: {"id": "http-raw-source", "type": "http_raw", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} responses: "200": - application/json: {"items": [{"cloud": {"provider": "azure", "region": ""}, "configVersion": "", "deployingWorkerCount": 8537.63, "description": "after jealous revitalise noxious whenever intervention over now upwardly sailor", "estimatedIngestRate": 15360, "git": {"commit": "", "localChanges": 3514.19, "log": [{"author_email": "", "author_name": "", "date": "2024-09-16", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 409.64, "inherits": "", "isFleet": false, "isSearch": true, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": false, "provisioned": false, "streamtags": ["", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 298.57, "workerRemoteAccess": false}]} + application/json: {} "500": application/json: {} - updateConfigGroupDeployByProductAndId: - speakeasy-default-update-config-group-deploy-by-product-and-id: + UpdateInputExamplesJournalFiles: parameters: path: - product: "stream" id: "" + pack: "" requestBody: - application/json: {"version": ""} + application/json: {"id": "journal-files-source", "type": "journal_files", "sendToRoutes": true, "pqEnabled": false, "path": "/var/log/journal", "journals": ["system"]} responses: "200": - application/json: {"items": [{"cloud": {"provider": "azure", "region": ""}, "configVersion": "", "deployingWorkerCount": 3445.97, "description": "while ad tune", "estimatedIngestRate": 1024, "git": {"commit": "", "localChanges": 8464.16, "log": [{"author_email": "", "author_name": "", "date": "2024-07-23", "hash": "", "message": "", "short": ""}]}, "id": "", "incompatibleWorkerCount": 4511.88, "inherits": "", "isFleet": true, "isSearch": false, "lookupDeployments": [{"context": "", "lookups": [{"deployedVersion": "", "file": "", "version": ""}]}], "maxWorkerAge": "", "name": "", "onPrem": false, "provisioned": false, "streamtags": ["", "", ""], "tags": "", "type": "lake_access", "upgradeVersion": "", "workerCount": 7143.25, "workerRemoteAccess": false}]} + application/json: {} "500": application/json: {} - getConfigGroupConfigVersionByProductAndId: - speakeasy-default-get-config-group-config-version-by-product-and-id: + UpdateInputExamplesKafka: parameters: path: - product: "stream" id: "" + pack: "" + requestBody: + application/json: {"id": "kafka-source", "type": "kafka", "sendToRoutes": true, "pqEnabled": false, "brokers": ["localhost:9092"], "topics": ["logs"]} responses: "200": application/json: {} "500": application/json: {} - getConfigGroupAclByProductAndId: - speakeasy-default-get-config-group-acl-by-product-and-id: + UpdateInputExamplesKinesis: parameters: path: - product: "edge" id: "" - query: - type: "macros" + pack: "" + requestBody: + application/json: {"id": "kinesis-source", "type": "kinesis", "sendToRoutes": true, "pqEnabled": false, "streamName": "my-stream", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - getConfigGroupAclTeamsByProductAndId: - speakeasy-default-get-config-group-acl-teams-by-product-and-id: + UpdateInputExamplesKubeEvents: parameters: path: - product: "edge" id: "" - query: - type: "macros" + pack: "" + requestBody: + application/json: {"id": "kube-events-source", "type": "kube_events", "sendToRoutes": true, "pqEnabled": false} responses: "200": application/json: {} "500": application/json: {} - getVersion: - speakeasy-default-get-version: + UpdateInputExamplesKubeLogs: parameters: - query: - group: "" - count: 893.58 - groupId: "" + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "kube-logs-source", "type": "kube_logs", "sendToRoutes": true, "pqEnabled": false} responses: "200": application/json: {} "500": application/json: {} - getSystemSettingsAuth: - speakeasy-default-get-system-settings-auth: + UpdateInputExamplesKubeMetrics: + parameters: + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "kube-metrics-source", "type": "kube_metrics", "sendToRoutes": true, "pqEnabled": false} responses: "200": - application/json: {"count": 563315, "items": [{"fallback": true, "fallbackBadLogin": false, "filter_type": "", "host": "mysterious-schedule.biz", "port": 423.74, "ssl": false, "type": "saml"}]} + application/json: {} "500": - application/json: {"message": ""} - updateSystemSettingsAuth: - speakeasy-default-update-system-settings-auth: + application/json: {} + UpdateInputExamplesLoki: + parameters: + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "loki-source", "type": "loki", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080, "lokiAPI": "/loki/api/v1/push"} responses: "200": - application/json: {"count": 400711, "items": [{"fallback": false, "fallbackBadLogin": true, "filter_type": "", "host": "twin-designation.biz", "port": 7657.58, "ssl": false, "type": "ldap"}]} + application/json: {} "500": - application/json: {"message": ""} - getSystemSettingsConf: - speakeasy-default-get-system-settings-conf: + application/json: {} + UpdateInputExamplesMetrics: + parameters: + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "metrics-source", "type": "metrics", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "udpPort": 8125} responses: "200": application/json: {} "500": application/json: {} - updateSystemSettingsConf: - speakeasy-default-update-system-settings-conf: + UpdateInputExamplesModelDrivenTelemetry: + parameters: + path: + id: "" + pack: "" requestBody: - application/json: {"api": {"disabled": false, "host": "meaty-spring.biz", "port": 2424.38}, "backups": {"backupPersistence": "", "backupsDirectory": ""}, "pii": {"enablePiiDetection": false}, "proxy": {"useEnvVars": true}, "rollback": {"rollbackEnabled": false, "rollbackRetries": 3174.73, "rollbackTimeout": 1506.54}, "shutdown": {"drainTimeout": 3723.75}, "sni": {"disableSNIRouting": false}, "system": {"intercom": false, "upgrade": "api"}, "tls": {"defaultCipherList": "", "defaultEcdhCurve": "", "maxVersion": "", "minVersion": "", "rejectUnauthorized": true}, "upgradeGroupSettings": {}, "upgradeSettings": {}, "workers": {"count": 2124.14, "memory": 20.53, "minimum": 6157.83}} + application/json: {"id": "mdt-source", "type": "model_driven_telemetry", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 57000} responses: "200": application/json: {} "500": application/json: {} - UpdateSystemSettingsExamplesUpdateApiSettings: + UpdateInputExamplesMsk: + parameters: + path: + id: "" + pack: "" requestBody: - application/json: {"api": {"disabled": false, "host": "0.0.0.0", "port": 9000, "ssl": {"certPath": "/opt/cribl/local/cribl/auth/cribl.crt", "disabled": false, "passphrase": "", "privKeyPath": "/opt/cribl/local/cribl/auth/cribl.key"}}, "backups": {"backupPersistence": "24h", "backupsDirectory": "$CRIBL_STATE_DIR/backups"}, "pii": {"enablePiiDetection": false}, "proxy": {"useEnvVars": false}, "rollback": {"rollbackEnabled": true}, "shutdown": {"drainTimeout": 10000}, "sni": {"disableSNIRouting": false}, "system": {"intercom": true, "upgrade": "api"}, "tls": {"defaultCipherList": "DEFAULT", "defaultEcdhCurve": "auto", "maxVersion": "TLSv1.3", "minVersion": "TLSv1.2", "rejectUnauthorized": true}, "upgradeGroupSettings": {"isRolling": true, "quantity": 100, "retryCount": 5, "retryDelay": 1000}, "upgradeSettings": {}, "workers": {"count": 0, "memory": 0, "minimum": 1}} + application/json: {"id": "msk-source", "type": "msk", "sendToRoutes": true, "pqEnabled": false, "brokers": ["b-1.example.xxxxx.c2.kafka.us-east-1.amazonaws.com:9092"], "topics": ["logs"], "awsAuthenticationMethod": "auto", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - getSystemSettingsGitSettings: - speakeasy-default-get-system-settings-git-settings: + UpdateInputExamplesNetflow: + parameters: + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "netflow-source", "type": "netflow", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 2055} responses: "200": - application/json: {"count": 768920, "items": [{"authType": "", "autoAction": "", "autoActionMessage": "", "autoActionSchedule": "", "branch": "", "commitDeploySingleAction": true, "copilotAutoGitCommitMessages": true, "defaultCommitMessage": "", "gitOps": "push", "password": "dMi03kRzdqMeY7Q", "remote": "", "sshKey": "", "strictHostKeyChecking": true, "timeout": 3119.66, "user": "Mona_Ebert98"}]} + application/json: {} "500": - application/json: {"message": ""} - updateSystemSettingsGitSettings: - speakeasy-default-update-system-settings-git-settings: + application/json: {} + UpdateInputExamplesOffice365Mgmt: + parameters: + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "office365-mgmt-source", "type": "office365_mgmt", "sendToRoutes": true, "pqEnabled": false, "planType": "enterprise_gcc", "tenantId": "tenant-id", "appId": "app-id"} responses: "200": - application/json: {"count": 6619, "items": [{"authType": "", "autoAction": "", "autoActionMessage": "", "autoActionSchedule": "", "branch": "", "commitDeploySingleAction": true, "copilotAutoGitCommitMessages": false, "defaultCommitMessage": "", "gitOps": "none", "password": "qUY4EQ7xkkuLNCo", "remote": "", "sshKey": "", "strictHostKeyChecking": true, "timeout": 7121.45, "user": "Wyman11"}]} + application/json: {} "500": - application/json: {"message": ""} - getPacksById: - speakeasy-default-get-packs-by-id: + application/json: {} + UpdateInputExamplesMicrosoftGraph: parameters: path: id: "" + pack: "" + requestBody: + application/json: {"id": "microsoft-graph-source", "type": "microsoft_graph", "sendToRoutes": true, "pqEnabled": false, "url": "https://graph.microsoft.com/v1.0/admin/exchange/tracing/messageTraces", "interval": 15} responses: "200": application/json: {} "500": application/json: {} - createAuthLogin: - speakeasy-default-create-auth-login: + UpdateInputExamplesOffice365MsgTrace: + parameters: + path: + id: "" + pack: "" requestBody: - application/json: {"password": "6j50J9421x29IhO", "username": "Lilly_Weissnat"} + application/json: {"id": "office365-msg-trace-source", "type": "office365_msg_trace", "sendToRoutes": true, "pqEnabled": false, "url": "https://reports.office365.com/ecp/reportingwebservice/reporting.svc/MessageTrace", "interval": 15} responses: "200": - application/json: {"forcePasswordChange": true, "token": ""} + application/json: {} "500": application/json: {} - getHealth: - speakeasy-default-get-health: + UpdateInputExamplesOffice365Service: + parameters: + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "office365-service-source", "type": "office365_service", "sendToRoutes": true, "pqEnabled": false, "tenantId": "tenant-id", "appId": "app-id"} responses: "200": - application/json: {"startTime": 1037.51, "status": "healthy"} - "420": - application/json: {"startTime": 7966.74, "status": "healthy"} + application/json: {} "500": application/json: {} - HealthExamplesHealthyPrimary: + UpdateInputExamplesOkta: + parameters: + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "okta-source", "type": "okta", "sendToRoutes": true, "pqEnabled": false, "oktaDomain": "your-org", "textSecret": "okta-api-token-secret", "cronSchedule": "*/5 * * * *", "earliest": "-7d@d", "latest": "now"} responses: "200": - application/json: {"role": "primary", "startTime": 1700000000000, "status": "healthy"} - "420": - application/json: {"role": "primary", "startTime": 1700000000000, "status": "healthy"} - createSavedJob: - CollectorExamplesRest: + application/json: {} + "500": + application/json: {} + UpdateInputExamplesOpenAI: parameters: - query: - criblPack: "" + path: + id: "" + pack: "" requestBody: - application/json: {"id": "", "description": "pomelo outside offensively ew", "type": "executor", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": ["", ""], "resumeOnBoot": true, "environment": "", "schedule": {"enabled": true, "skippable": true, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 3006.78, "run": {"type": "collection", "rescheduleDroppedTasks": true, "maxTaskReschedule": 1211.14, "logLevel": "debug", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 4847.66, "latest": 3337.75, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "workerAffinity": true, "collector": {"type": "database", "conf": {"connectionId": "", "query": "", "queryValidationEnabled": true, "defaultBreakers": "Cribl", "__scheduling": {"stateTracking": {"enabled": false}}}, "destructive": false, "encoding": ""}, "input": {"type": "collection", "breakerRulesets": ["", "", ""], "staleChannelFlushMs": 3845.21, "sendToRoutes": true, "preprocess": {"disabled": true, "command": "", "args": ["", "", ""]}, "throttleRatePerSec": "", "metadata": [{"name": "", "value": ""}], "pipeline": "", "output": ""}} + application/json: {"id": "openai-source", "type": "openai", "sendToRoutes": true, "pqEnabled": false, "contentConfig": [{"disabled": false, "requestParams": [{"name": "effective_at[gt]", "value": "`${Math.round(Date.now()/1000 - 3600)}`"}, {"name": "limit", "value": "100"}], "paginationType": "response_body", "paginationAttribute": ["last_id"], "paginationLastPageExpr": "has_more === false", "cronSchedule": "0 * * * *", "earliest": "-1h", "latest": "now"}], "textSecret": "openai-api-key-secret"} responses: "200": application/json: {} "500": application/json: {} - CollectorExamplesS3: + UpdateInputExamplesOpenAIComplianceLogs: parameters: - query: - criblPack: "" + path: + id: "" + pack: "" requestBody: - application/json: {"id": "", "description": "pomelo outside offensively ew", "type": "executor", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": ["", ""], "resumeOnBoot": true, "environment": "", "schedule": {"enabled": true, "skippable": true, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 3006.78, "run": {"type": "collection", "rescheduleDroppedTasks": true, "maxTaskReschedule": 1211.14, "logLevel": "debug", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 4847.66, "latest": 3337.75, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "workerAffinity": true, "collector": {"type": "database", "conf": {"connectionId": "", "query": "", "queryValidationEnabled": true, "defaultBreakers": "Cribl", "__scheduling": {"stateTracking": {"enabled": false}}}, "destructive": false, "encoding": ""}, "input": {"type": "collection", "breakerRulesets": ["", "", ""], "staleChannelFlushMs": 3845.21, "sendToRoutes": true, "preprocess": {"disabled": true, "command": "", "args": ["", "", ""]}, "throttleRatePerSec": "", "metadata": [{"name": "", "value": ""}], "pipeline": "", "output": ""}} + application/json: {"id": "openai-compliance-logs-source", "type": "openai_compliance_logs", "sendToRoutes": true, "pqEnabled": false, "textSecret": "openai-api-key-secret", "accountType": "workspace", "cronSchedule": "*/15 * * * *", "earliest": "-1h", "latest": "now", "workspaceId": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee", "workspaceEventTypes": ["AUDIT_LOG", "AUTH_LOG"]} responses: "200": application/json: {} "500": application/json: {} - CollectorExamplesFilesystem: + UpdateInputExamplesOpenTelemetry: parameters: - query: - criblPack: "" + path: + id: "" + pack: "" requestBody: - application/json: {"id": "", "description": "against between cop-out wretched", "type": "executor", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": [""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": true, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 3006.78, "run": {"type": "collection", "rescheduleDroppedTasks": true, "maxTaskReschedule": 1211.14, "logLevel": "debug", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 4847.66, "latest": 3337.75, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", "", ""], "executor": {"type": "", "storeTaskResults": true, "conf": {}}} + application/json: {"id": "otel-source", "type": "open_telemetry", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 4317} responses: "200": application/json: {} "500": application/json: {} - CollectorExamplesAzureBlob: + UpdateInputExamplesPrometheus: parameters: - query: - criblPack: "" + path: + id: "" + pack: "" requestBody: - application/json: {"id": "", "description": "pomelo outside offensively ew", "type": "executor", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": ["", ""], "resumeOnBoot": true, "environment": "", "schedule": {"enabled": true, "skippable": true, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 3006.78, "run": {"type": "collection", "rescheduleDroppedTasks": true, "maxTaskReschedule": 1211.14, "logLevel": "debug", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 4847.66, "latest": 3337.75, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "workerAffinity": true, "collector": {"type": "database", "conf": {"connectionId": "", "query": "", "queryValidationEnabled": true, "defaultBreakers": "Cribl", "__scheduling": {"stateTracking": {"enabled": false}}}, "destructive": false, "encoding": ""}, "input": {"type": "collection", "breakerRulesets": ["", "", ""], "staleChannelFlushMs": 3845.21, "sendToRoutes": true, "preprocess": {"disabled": true, "command": "", "args": ["", "", ""]}, "throttleRatePerSec": "", "metadata": [{"name": "", "value": ""}], "pipeline": "", "output": ""}} + application/json: {"id": "prometheus-source", "type": "prometheus", "sendToRoutes": true, "pqEnabled": false, "discoveryType": "static", "interval": 60, "logLevel": "info", "targetList": ["http://localhost:9090/metrics"]} responses: "200": application/json: {} "500": application/json: {} - CollectorExamplesGoogleCloudStorage: + UpdateInputExamplesPrometheusRw: parameters: - query: - criblPack: "" + path: + id: "" + pack: "" requestBody: - application/json: {"id": "", "description": "pomelo outside offensively ew", "type": "executor", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": ["", ""], "resumeOnBoot": true, "environment": "", "schedule": {"enabled": true, "skippable": true, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 3006.78, "run": {"type": "collection", "rescheduleDroppedTasks": true, "maxTaskReschedule": 1211.14, "logLevel": "debug", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 4847.66, "latest": 3337.75, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "workerAffinity": true, "collector": {"type": "database", "conf": {"connectionId": "", "query": "", "queryValidationEnabled": true, "defaultBreakers": "Cribl", "__scheduling": {"stateTracking": {"enabled": false}}}, "destructive": false, "encoding": ""}, "input": {"type": "collection", "breakerRulesets": ["", "", ""], "staleChannelFlushMs": 3845.21, "sendToRoutes": true, "preprocess": {"disabled": true, "command": "", "args": ["", "", ""]}, "throttleRatePerSec": "", "metadata": [{"name": "", "value": ""}], "pipeline": "", "output": ""}} + application/json: {"id": "prometheus-rw-source", "type": "prometheus_rw", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080, "prometheusAPI": "/write"} responses: "200": application/json: {} "500": application/json: {} - CollectorExamplesDatabase: + UpdateInputExamplesRawUdp: parameters: - query: - criblPack: "" + path: + id: "" + pack: "" requestBody: - application/json: {"id": "", "description": "however loyally as likely silent", "type": "executor", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": ["", "", ""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": true, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 3006.78, "run": {"type": "collection", "rescheduleDroppedTasks": true, "maxTaskReschedule": 1211.14, "logLevel": "debug", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 4847.66, "latest": 3337.75, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": [""], "savedQueryId": ""} + application/json: {"id": "raw-udp-source", "type": "raw_udp", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 514} responses: "200": application/json: {} "500": application/json: {} - CollectorExamplesSplunk: + UpdateInputExamplesS3: parameters: - query: - criblPack: "" + path: + id: "" + pack: "" requestBody: - application/json: {"id": "", "description": "pomelo outside offensively ew", "type": "executor", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": ["", ""], "resumeOnBoot": true, "environment": "", "schedule": {"enabled": true, "skippable": true, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 3006.78, "run": {"type": "collection", "rescheduleDroppedTasks": true, "maxTaskReschedule": 1211.14, "logLevel": "debug", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 4847.66, "latest": 3337.75, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "workerAffinity": true, "collector": {"type": "database", "conf": {"connectionId": "", "query": "", "queryValidationEnabled": true, "defaultBreakers": "Cribl", "__scheduling": {"stateTracking": {"enabled": false}}}, "destructive": false, "encoding": ""}, "input": {"type": "collection", "breakerRulesets": ["", "", ""], "staleChannelFlushMs": 3845.21, "sendToRoutes": true, "preprocess": {"disabled": true, "command": "", "args": ["", "", ""]}, "throttleRatePerSec": "", "metadata": [{"name": "", "value": ""}], "pipeline": "", "output": ""}} + application/json: {"id": "s3-source", "type": "s3", "sendToRoutes": true, "pqEnabled": false, "queueName": "s3-notifications-queue", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - CollectorExamplesScript: + UpdateInputExamplesS3Inventory: parameters: - query: - criblPack: "" + path: + id: "" + pack: "" requestBody: - application/json: {"id": "", "description": "pomelo outside offensively ew", "type": "executor", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": ["", ""], "resumeOnBoot": true, "environment": "", "schedule": {"enabled": true, "skippable": true, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 3006.78, "run": {"type": "collection", "rescheduleDroppedTasks": true, "maxTaskReschedule": 1211.14, "logLevel": "debug", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 4847.66, "latest": 3337.75, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "workerAffinity": true, "collector": {"type": "database", "conf": {"connectionId": "", "query": "", "queryValidationEnabled": true, "defaultBreakers": "Cribl", "__scheduling": {"stateTracking": {"enabled": false}}}, "destructive": false, "encoding": ""}, "input": {"type": "collection", "breakerRulesets": ["", "", ""], "staleChannelFlushMs": 3845.21, "sendToRoutes": true, "preprocess": {"disabled": true, "command": "", "args": ["", "", ""]}, "throttleRatePerSec": "", "metadata": [{"name": "", "value": ""}], "pipeline": "", "output": ""}} + application/json: {"id": "s3-inventory-source", "type": "s3_inventory", "sendToRoutes": true, "pqEnabled": false, "queueName": "s3-inventory-queue", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - CollectorExamplesCriblLake: + UpdateInputExamplesSecurityLake: parameters: - query: - criblPack: "" + path: + id: "" + pack: "" requestBody: - application/json: {"id": "", "description": "however loyally as likely silent", "type": "executor", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": ["", "", ""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": true, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 3006.78, "run": {"type": "collection", "rescheduleDroppedTasks": true, "maxTaskReschedule": 1211.14, "logLevel": "debug", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 4847.66, "latest": 3337.75, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": [""], "savedQueryId": ""} + application/json: {"id": "security-lake-source", "type": "security_lake", "sendToRoutes": true, "pqEnabled": false, "queueName": "security-lake-queue", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - speakeasy-default-create-saved-job: + UpdateInputExamplesServiceNowTable: parameters: - query: - criblPack: "" + path: + id: "" + pack: "" requestBody: - application/json: {"id": "", "description": "against between cop-out wretched", "type": "executor", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": [""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": true, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 3006.78, "run": {"type": "collection", "rescheduleDroppedTasks": true, "maxTaskReschedule": 1211.14, "logLevel": "debug", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 4847.66, "latest": 3337.75, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", "", ""], "executor": {"type": "", "storeTaskResults": true, "conf": {}}} + application/json: {"id": "servicenow-table-source", "type": "servicenow_table", "sendToRoutes": true, "pqEnabled": false, "instance": "https://example.service-now.com", "tableName": "incident", "fields": ["sys_id", "number", "short_description"], "pageSize": 10000, "cronSchedule": "0 * * * *", "earliest": "-1d", "latest": "now"} responses: "200": application/json: {} "500": application/json: {} - getSavedJob: - speakeasy-default-get-saved-job: + UpdateInputExamplesSnmp: parameters: - query: - collectorType: "" - criblPack: "" - groupId: "" + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "snmp-source", "type": "snmp", "sendToRoutes": true, "pqEnabled": false, "host": "192.168.1.1", "port": 161} responses: "200": application/json: {} "500": application/json: {} - deleteSavedJobById: - speakeasy-default-delete-saved-job-by-id: + UpdateInputExamplesSplunk: parameters: path: id: "" - query: - criblPack: "" - groupId: "" + pack: "" + requestBody: + application/json: {"id": "splunk-source", "type": "splunk", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 9997} responses: "200": application/json: {} "500": application/json: {} - getSavedJobById: - speakeasy-default-get-saved-job-by-id: + UpdateInputExamplesSplunkHec: parameters: path: id: "" - query: - criblPack: "" + pack: "" + requestBody: + application/json: {"id": "splunk-hec-source", "type": "splunk_hec", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8088, "splunkHecAPI": "/services/collector"} responses: "200": application/json: {} "500": application/json: {} - updateSavedJobById: - CollectorExamplesRest: + UpdateInputExamplesSplunkSearch: parameters: path: id: "" - query: - criblPack: "" + pack: "" requestBody: - application/json: {"id": "", "description": "unabashedly notwithstanding ugh digestive", "type": "scheduledSearch", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": [""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": false, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 1498.35, "run": {"type": "collection", "rescheduleDroppedTasks": false, "maxTaskReschedule": 9677.47, "logLevel": "error", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 8882.78, "latest": 6778.74, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "workerAffinity": false, "collector": {"type": "s3", "conf": {"awsAuthenticationMethod": "auto", "outputName": "", "bucket": "", "parquetChunkSizeMB": 2532.22, "parquetChunkDownloadTimeout": 6271.26, "region": "", "path": "/selinux", "partitioningScheme": "none", "extractors": [{"key": "", "expression": ""}], "endpoint": "", "enableAssumeRole": true, "assumeRoleArn": "", "assumeRoleExternalId": "", "durationSeconds": 2075.63, "maxBatchSize": 968.91, "reuseConnections": true, "rejectUnauthorized": false, "verifyPermissions": true, "disableTimeFilter": true}, "destructive": true, "encoding": ""}, "input": {"type": "collection", "breakerRulesets": [""], "staleChannelFlushMs": 6331.52, "sendToRoutes": false, "preprocess": {"disabled": true, "command": "", "args": ["", "", ""]}, "throttleRatePerSec": "", "metadata": [{"name": "", "value": ""}], "pipeline": "", "output": ""}} + application/json: {"id": "splunk-search-source", "type": "splunk_search", "sendToRoutes": true, "pqEnabled": false, "searchHead": "https://localhost:8089", "search": "index=main", "cronSchedule": "*/15 * * * *", "endpoint": "/services/search/v2/jobs/export", "outputMode": "json", "authType": "basic"} responses: "200": application/json: {} "500": application/json: {} - CollectorExamplesS3: + UpdateInputExamplesSqs: parameters: path: id: "" - query: - criblPack: "" + pack: "" requestBody: - application/json: {"id": "", "description": "sparse obnoxiously editor sticker finally into down", "type": "scheduledSearch", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": [""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": false, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 1498.35, "run": {"type": "collection", "rescheduleDroppedTasks": false, "maxTaskReschedule": 9677.47, "logLevel": "error", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 8882.78, "latest": 6778.74, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "executor": {"type": "", "storeTaskResults": true, "conf": {}}} + application/json: {"id": "sqs-source", "type": "sqs", "sendToRoutes": true, "pqEnabled": false, "queueName": "my-queue", "queueType": "standard", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - CollectorExamplesFilesystem: + UpdateInputExamplesSyslog: parameters: path: id: "" - query: - criblPack: "" + pack: "" requestBody: - application/json: {"id": "", "description": "gee pomelo coincide animated yesterday fatally adolescent till inside rule", "type": "scheduledSearch", "ttl": "", "ignoreGroupJobsLimit": true, "removeFields": ["", "", ""], "resumeOnBoot": true, "environment": "", "schedule": {"enabled": true, "skippable": false, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 1498.35, "run": {"type": "collection", "rescheduleDroppedTasks": false, "maxTaskReschedule": 9677.47, "logLevel": "error", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 8882.78, "latest": 6778.74, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": [""], "savedQueryId": ""} + application/json: {"id": "syslog-source", "type": "syslog", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "udpPort": 514} responses: "200": application/json: {} "500": application/json: {} - CollectorExamplesAzureBlob: + UpdateInputExamplesSystemMetrics: parameters: path: id: "" - query: - criblPack: "" + pack: "" requestBody: - application/json: {"id": "", "description": "sparse obnoxiously editor sticker finally into down", "type": "scheduledSearch", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": [""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": false, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 1498.35, "run": {"type": "collection", "rescheduleDroppedTasks": false, "maxTaskReschedule": 9677.47, "logLevel": "error", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 8882.78, "latest": 6778.74, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "executor": {"type": "", "storeTaskResults": true, "conf": {}}} + application/json: {"id": "system-metrics-source", "type": "system_metrics", "sendToRoutes": true, "pqEnabled": false} responses: "200": application/json: {} "500": application/json: {} - CollectorExamplesGoogleCloudStorage: + UpdateInputExamplesSystemState: parameters: path: id: "" - query: - criblPack: "" + pack: "" requestBody: - application/json: {"id": "", "description": "sparse obnoxiously editor sticker finally into down", "type": "scheduledSearch", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": [""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": false, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 1498.35, "run": {"type": "collection", "rescheduleDroppedTasks": false, "maxTaskReschedule": 9677.47, "logLevel": "error", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 8882.78, "latest": 6778.74, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "executor": {"type": "", "storeTaskResults": true, "conf": {}}} + application/json: {"id": "system-state-source", "type": "system_state", "sendToRoutes": true, "pqEnabled": false} responses: "200": application/json: {} "500": application/json: {} - CollectorExamplesDatabase: + UpdateInputExamplesTcp: parameters: path: id: "" - query: - criblPack: "" + pack: "" requestBody: - application/json: {"id": "", "description": "unabashedly notwithstanding ugh digestive", "type": "scheduledSearch", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": [""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": false, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 1498.35, "run": {"type": "collection", "rescheduleDroppedTasks": false, "maxTaskReschedule": 9677.47, "logLevel": "error", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 8882.78, "latest": 6778.74, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "workerAffinity": false, "collector": {"type": "s3", "conf": {"awsAuthenticationMethod": "auto", "outputName": "", "bucket": "", "parquetChunkSizeMB": 2532.22, "parquetChunkDownloadTimeout": 6271.26, "region": "", "path": "/selinux", "partitioningScheme": "none", "extractors": [{"key": "", "expression": ""}], "endpoint": "", "enableAssumeRole": true, "assumeRoleArn": "", "assumeRoleExternalId": "", "durationSeconds": 2075.63, "maxBatchSize": 968.91, "reuseConnections": true, "rejectUnauthorized": false, "verifyPermissions": true, "disableTimeFilter": true}, "destructive": true, "encoding": ""}, "input": {"type": "collection", "breakerRulesets": [""], "staleChannelFlushMs": 6331.52, "sendToRoutes": false, "preprocess": {"disabled": true, "command": "", "args": ["", "", ""]}, "throttleRatePerSec": "", "metadata": [{"name": "", "value": ""}], "pipeline": "", "output": ""}} + application/json: {"id": "tcp-source", "type": "tcp", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10090} responses: "200": application/json: {} "500": application/json: {} - CollectorExamplesSplunk: + UpdateInputExamplesTcpjson: parameters: path: id: "" - query: - criblPack: "" + pack: "" requestBody: - application/json: {"id": "", "description": "unabashedly notwithstanding ugh digestive", "type": "scheduledSearch", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": [""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": false, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 1498.35, "run": {"type": "collection", "rescheduleDroppedTasks": false, "maxTaskReschedule": 9677.47, "logLevel": "error", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 8882.78, "latest": 6778.74, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "workerAffinity": false, "collector": {"type": "s3", "conf": {"awsAuthenticationMethod": "auto", "outputName": "", "bucket": "", "parquetChunkSizeMB": 2532.22, "parquetChunkDownloadTimeout": 6271.26, "region": "", "path": "/selinux", "partitioningScheme": "none", "extractors": [{"key": "", "expression": ""}], "endpoint": "", "enableAssumeRole": true, "assumeRoleArn": "", "assumeRoleExternalId": "", "durationSeconds": 2075.63, "maxBatchSize": 968.91, "reuseConnections": true, "rejectUnauthorized": false, "verifyPermissions": true, "disableTimeFilter": true}, "destructive": true, "encoding": ""}, "input": {"type": "collection", "breakerRulesets": [""], "staleChannelFlushMs": 6331.52, "sendToRoutes": false, "preprocess": {"disabled": true, "command": "", "args": ["", "", ""]}, "throttleRatePerSec": "", "metadata": [{"name": "", "value": ""}], "pipeline": "", "output": ""}} + application/json: {"id": "tcpjson-source", "type": "tcpjson", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10090} responses: "200": application/json: {} "500": application/json: {} - CollectorExamplesScript: + UpdateInputExamplesWef: parameters: path: id: "" - query: - criblPack: "" + pack: "" requestBody: - application/json: {"id": "", "description": "unabashedly notwithstanding ugh digestive", "type": "scheduledSearch", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": [""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": false, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 1498.35, "run": {"type": "collection", "rescheduleDroppedTasks": false, "maxTaskReschedule": 9677.47, "logLevel": "error", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 8882.78, "latest": 6778.74, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "workerAffinity": false, "collector": {"type": "s3", "conf": {"awsAuthenticationMethod": "auto", "outputName": "", "bucket": "", "parquetChunkSizeMB": 2532.22, "parquetChunkDownloadTimeout": 6271.26, "region": "", "path": "/selinux", "partitioningScheme": "none", "extractors": [{"key": "", "expression": ""}], "endpoint": "", "enableAssumeRole": true, "assumeRoleArn": "", "assumeRoleExternalId": "", "durationSeconds": 2075.63, "maxBatchSize": 968.91, "reuseConnections": true, "rejectUnauthorized": false, "verifyPermissions": true, "disableTimeFilter": true}, "destructive": true, "encoding": ""}, "input": {"type": "collection", "breakerRulesets": [""], "staleChannelFlushMs": 6331.52, "sendToRoutes": false, "preprocess": {"disabled": true, "command": "", "args": ["", "", ""]}, "throttleRatePerSec": "", "metadata": [{"name": "", "value": ""}], "pipeline": "", "output": ""}} + application/json: {"id": "wef-source", "type": "wef", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 5985, "subscriptions": [{"subscriptionName": "subscription-1", "contentFormat": "RenderedText", "heartbeatInterval": 60, "batchTimeout": 5, "targets": []}]} responses: "200": application/json: {} "500": application/json: {} - CollectorExamplesCriblLake: + UpdateInputExamplesWinEventLogs: parameters: path: id: "" - query: - criblPack: "" + pack: "" requestBody: - application/json: {"id": "", "description": "unabashedly notwithstanding ugh digestive", "type": "scheduledSearch", "ttl": "", "ignoreGroupJobsLimit": false, "removeFields": [""], "resumeOnBoot": false, "environment": "", "schedule": {"enabled": true, "skippable": false, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 1498.35, "run": {"type": "collection", "rescheduleDroppedTasks": false, "maxTaskReschedule": 9677.47, "logLevel": "error", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 8882.78, "latest": 6778.74, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": ["", ""], "workerAffinity": false, "collector": {"type": "s3", "conf": {"awsAuthenticationMethod": "auto", "outputName": "", "bucket": "", "parquetChunkSizeMB": 2532.22, "parquetChunkDownloadTimeout": 6271.26, "region": "", "path": "/selinux", "partitioningScheme": "none", "extractors": [{"key": "", "expression": ""}], "endpoint": "", "enableAssumeRole": true, "assumeRoleArn": "", "assumeRoleExternalId": "", "durationSeconds": 2075.63, "maxBatchSize": 968.91, "reuseConnections": true, "rejectUnauthorized": false, "verifyPermissions": true, "disableTimeFilter": true}, "destructive": true, "encoding": ""}, "input": {"type": "collection", "breakerRulesets": [""], "staleChannelFlushMs": 6331.52, "sendToRoutes": false, "preprocess": {"disabled": true, "command": "", "args": ["", "", ""]}, "throttleRatePerSec": "", "metadata": [{"name": "", "value": ""}], "pipeline": "", "output": ""}} + application/json: {"id": "win-event-logs-source", "type": "win_event_logs", "sendToRoutes": true, "pqEnabled": false, "logNames": ["Application", "System"]} responses: "200": application/json: {} "500": application/json: {} - speakeasy-default-update-saved-job-by-id: + UpdateInputExamplesWindowsMetrics: parameters: path: id: "" - query: - criblPack: "" + pack: "" requestBody: - application/json: {"id": "", "description": "gee pomelo coincide animated yesterday fatally adolescent till inside rule", "type": "scheduledSearch", "ttl": "", "ignoreGroupJobsLimit": true, "removeFields": ["", "", ""], "resumeOnBoot": true, "environment": "", "schedule": {"enabled": true, "skippable": false, "resumeMissed": false, "cronSchedule": "", "maxConcurrentRuns": 1498.35, "run": {"type": "collection", "rescheduleDroppedTasks": false, "maxTaskReschedule": 9677.47, "logLevel": "error", "jobTimeout": "", "mode": "", "timeRangeType": "", "earliest": 8882.78, "latest": 6778.74, "timestampTimezone": "", "timeWarning": {}, "expression": "", "minTaskSize": "", "maxTaskSize": ""}}, "streamtags": [""], "savedQueryId": ""} + application/json: {"id": "windows-metrics-source", "type": "windows_metrics", "sendToRoutes": true, "pqEnabled": false} responses: "200": application/json: {} "500": application/json: {} - getFunctionsById: - speakeasy-default-get-functions-by-id: + UpdateInputExamplesWiz: parameters: path: id: "" + pack: "" + requestBody: + application/json: {"id": "wiz-source", "type": "wiz", "sendToRoutes": true, "pqEnabled": false, "endpoint": "https://api.wiz.io", "authUrl": "https://auth.wiz.io/oauth/token", "clientId": "client-id", "contentConfig": []} responses: "200": application/json: {} "500": application/json: {} - getFunctions: - speakeasy-default-get-functions: + UpdateInputExamplesWizWebhook: + parameters: + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "wiz-webhook-source", "type": "wiz_webhook", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} responses: "200": application/json: {} "500": application/json: {} - createDatabaseConnectionConfig: - DatabaseConnectionExamplesMySQLWithConnectionString: + UpdateInputExamplesZscalerHec: + parameters: + path: + id: "" + pack: "" requestBody: - application/json: {"authType": "connectionString", "connectionString": "mysql://admin:password123@mysql.example.com:3306/production?ssl=true", "connectionTimeout": 10000, "databaseType": "mysql", "description": "Production MySQL database for customer data", "id": "mysql-prod-db", "tags": "production,mysql,customer-data"} + application/json: {"id": "zscaler-hec-source", "type": "zscaler_hec", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8088, "hecAPI": "/services/collector"} responses: "200": application/json: {} "500": application/json: {} - DatabaseConnectionExamplesMySQLWithSecret: - requestBody: - application/json: {"authType": "secret", "connectionTimeout": 15000, "databaseType": "mysql", "description": "Analytics MySQL database", "id": "mysql-analytics-db", "tags": "analytics,mysql", "textSecret": "mysql-analytics-connection"} + deleteInputSystemByPackAndId: + speakeasy-default-delete-input-system-by-pack-and-id: + parameters: + path: + id: "" + pack: "" responses: "200": application/json: {} "500": application/json: {} - DatabaseConnectionExamplesPostgreSQLWithConnectionString: + createInputSystemHecTokenByPackAndId: + HecTokenExamplesHecToken: + parameters: + path: + id: "" + pack: "" requestBody: - application/json: {"authType": "connectionString", "connectionString": "postgresql://warehouse_user:SecurePass456@postgres.example.com:5432/warehouse?sslmode=require", "connectionTimeout": 15000, "databaseType": "postgres", "description": "Data warehouse PostgreSQL database", "id": "postgres-warehouse", "tags": "warehouse,postgres,reporting"} + application/json: {"enabled": true, "metadata": [{"name": "fieldX", "value": "valueX"}], "token": "12345678901"} responses: "200": application/json: {} "500": application/json: {} - DatabaseConnectionExamplesPostgreSQLWithSecret: + HecTokenExamplesHecTokenWithIndexAccess: + parameters: + path: + id: "" + pack: "" requestBody: - application/json: {"authType": "secret", "connectionTimeout": 10000, "databaseType": "postgres", "description": "Logs PostgreSQL database", "id": "postgres-logs", "tags": "logs,postgres", "textSecret": "postgres-logs-connection"} + application/json: {"allowedIndexesAtToken": ["myIndex6"], "enabled": true, "token": "12345678901"} responses: "200": application/json: {} "500": application/json: {} - DatabaseConnectionExamplesSQLServerWithConnectionString: + speakeasy-default-create-input-system-hec-token-by-pack-and-id: + parameters: + path: + id: "" + pack: "" requestBody: - application/json: {"authType": "connectionString", "connectionString": "Server=sqlserver.example.com;Database=ERP;User Id=erp_admin;Password=ERP_Pass789!;Encrypt=true", "connectionTimeout": 15000, "databaseType": "sqlserver", "description": "ERP SQL Server database", "id": "sqlserver-erp", "requestTimeout": 30000, "tags": "erp,sqlserver,finance"} + application/json: {"token": ""} responses: "200": application/json: {} "500": application/json: {} - DatabaseConnectionExamplesSQLServerWithSecret: + updateInputSystemHecTokenByPackAndIdAndToken: + HecTokenExamplesHecToken: + parameters: + path: + id: "" + token: "" + pack: "" requestBody: - application/json: {"authType": "secret", "connectionTimeout": 15000, "databaseType": "sqlserver", "description": "CRM SQL Server database", "id": "sqlserver-crm", "requestTimeout": 15000, "tags": "crm,sqlserver,sales", "textSecret": "sqlserver-crm-connection"} + application/json: {"enabled": true, "metadata": [{"name": "fieldX", "value": "valueX"}]} responses: "200": application/json: {} "500": application/json: {} - DatabaseConnectionExamplesSQLServerWithConfigObject: + HecTokenExamplesHecTokenWithIndexAccess: + parameters: + path: + id: "" + token: "" + pack: "" requestBody: - application/json: {"authType": "configObj", "configObj": "{\"server\":\"sqlserver.example.com\",\"database\":\"Reporting\",\"user\":\"report_user\",\"password\":\"Report_Pass123!\",\"options\":{\"encrypt\":true,\"trustServerCertificate\":false,\"connectTimeout\":20000}}", "databaseType": "sqlserver", "description": "Reporting SQL Server database with custom config", "id": "sqlserver-reporting", "requestTimeout": 60000, "tags": "reporting,sqlserver,analytics"} + application/json: {"allowedIndexesAtToken": ["myIndex6"], "enabled": true} responses: "200": application/json: {} "500": application/json: {} - DatabaseConnectionExamplesOracleWithConnectionString: + speakeasy-default-update-input-system-hec-token-by-pack-and-id-and-token: + parameters: + path: + id: "" + token: "" + pack: "" requestBody: - application/json: {"authType": "connectionString", "connectionString": "oracle.example.com:1521/ORCL", "connectionTimeout": 15000, "databaseType": "oracle", "description": "Oracle ERP database", "id": "oracle-erp", "password": "Oracle_Pass456!", "tags": "erp,oracle,finance", "user": "erp_user"} + application/json: {} responses: "200": application/json: {} "500": application/json: {} - DatabaseConnectionExamplesOracleWithSecret: - requestBody: - application/json: {"authType": "secret", "connectionTimeout": 20000, "databaseType": "oracle", "description": "Oracle data warehouse", "id": "oracle-warehouse", "password": "Warehouse_Pass789!", "tags": "warehouse,oracle,reporting", "textSecret": "oracle-warehouse-connection", "user": "warehouse_user"} + deleteInputSystemPqByPackAndId: + speakeasy-default-delete-input-system-pq-by-pack-and-id: + parameters: + path: + id: "" + pack: "" responses: - "200": + "201": application/json: {} "500": application/json: {} - DatabaseConnectionExamplesOracleWithCredentialsSecrets: - requestBody: - application/json: {"authType": "secrets", "connectionTimeout": 15000, "credsSecrets": "oracle-secure-credentials", "databaseType": "oracle", "description": "High-security Oracle database with credential secrets", "id": "oracle-secure-db", "tags": "secure,oracle,sensitive-data", "textSecret": "oracle-secure-connection"} + getInputSystemPqByPackAndId: + speakeasy-default-get-input-system-pq-by-pack-and-id: + parameters: + path: + id: "" + pack: "" responses: "200": application/json: {} "500": application/json: {} - speakeasy-default-create-database-connection-config: - requestBody: - application/json: {"authType": "", "databaseType": "postgres", "description": "besides investigate yowza skyline promptly daintily afore contravene meanwhile", "id": ""} + getInputStatusSystemInputsByPackAndId: + speakeasy-default-get-input-status-system-inputs-by-pack-and-id: + parameters: + path: + id: "" + pack: "" responses: "200": application/json: {} "500": application/json: {} - deleteDatabaseConnectionConfigById: - speakeasy-default-delete-database-connection-config-by-id: + getInputStatusSystemInputsByPack: + speakeasy-default-get-input-status-system-inputs-by-pack: parameters: path: - id: "" + pack: "" responses: "200": application/json: {} "500": application/json: {} - getDatabaseConnectionConfigById: - speakeasy-default-get-database-connection-config-by-id: + getOutputSystemByPack: + speakeasy-default-get-output-system-by-pack: parameters: path: - id: "" + pack: "" responses: "200": application/json: {} "500": application/json: {} - updateDatabaseConnectionConfigById: - DatabaseConnectionExamplesMySQLWithConnectionString: + createOutputSystemByPack: + OutputCreateExamplesTcpjson: parameters: path: - id: "" + pack: "" requestBody: - application/json: {"authType": "connectionString", "connectionString": "mysql://admin:password123@mysql.example.com:3306/production?ssl=true", "connectionTimeout": 10000, "databaseType": "mysql", "description": "Production MySQL database for customer data", "id": "mysql-prod-db", "tags": "production,mysql,customer-data"} + application/json: {"id": "tcpjson-output", "type": "tcpjson", "host": "localhost", "port": 10090} responses: "200": application/json: {} "500": application/json: {} - DatabaseConnectionExamplesMySQLWithSecret: + OutputCreateExamplesSplunk: parameters: path: - id: "" + pack: "" requestBody: - application/json: {"authType": "secret", "connectionTimeout": 15000, "databaseType": "mysql", "description": "Analytics MySQL database", "id": "mysql-analytics-db", "tags": "analytics,mysql", "textSecret": "mysql-analytics-connection"} + application/json: {"id": "splunk-output", "type": "splunk", "host": "localhost", "port": 9997} responses: "200": application/json: {} "500": application/json: {} - DatabaseConnectionExamplesPostgreSQLWithConnectionString: + OutputCreateExamplesSplunkLb: parameters: path: - id: "" + pack: "" requestBody: - application/json: {"authType": "connectionString", "connectionString": "postgresql://warehouse_user:SecurePass456@postgres.example.com:5432/warehouse?sslmode=require", "connectionTimeout": 15000, "databaseType": "postgres", "description": "Data warehouse PostgreSQL database", "id": "postgres-warehouse", "tags": "warehouse,postgres,reporting"} + application/json: {"id": "splunk-lb-output", "type": "splunk_lb", "hosts": [{"host": "localhost", "port": 9997}]} responses: "200": application/json: {} "500": application/json: {} - DatabaseConnectionExamplesPostgreSQLWithSecret: + OutputCreateExamplesSplunkHec: parameters: path: - id: "" + pack: "" requestBody: - application/json: {"authType": "secret", "connectionTimeout": 10000, "databaseType": "postgres", "description": "Logs PostgreSQL database", "id": "postgres-logs", "tags": "logs,postgres", "textSecret": "postgres-logs-connection"} + application/json: {"id": "splunk-hec-output", "type": "splunk_hec"} responses: "200": application/json: {} "500": application/json: {} - DatabaseConnectionExamplesSQLServerWithConnectionString: + OutputCreateExamplesSyslog: parameters: path: - id: "" + pack: "" requestBody: - application/json: {"authType": "connectionString", "connectionString": "Server=sqlserver.example.com;Database=ERP;User Id=erp_admin;Password=ERP_Pass789!;Encrypt=true", "connectionTimeout": 15000, "databaseType": "sqlserver", "description": "ERP SQL Server database", "id": "sqlserver-erp", "requestTimeout": 30000, "tags": "erp,sqlserver,finance"} + application/json: {"id": "syslog-output", "type": "syslog", "host": "localhost", "port": 514} responses: "200": application/json: {} "500": application/json: {} - DatabaseConnectionExamplesSQLServerWithSecret: + OutputCreateExamplesFilesystem: parameters: path: - id: "" + pack: "" requestBody: - application/json: {"authType": "secret", "connectionTimeout": 15000, "databaseType": "sqlserver", "description": "CRM SQL Server database", "id": "sqlserver-crm", "requestTimeout": 15000, "tags": "crm,sqlserver,sales", "textSecret": "sqlserver-crm-connection"} + application/json: {"id": "filesystem-output", "type": "filesystem", "destPath": "/var/log/output"} responses: "200": application/json: {} "500": application/json: {} - DatabaseConnectionExamplesSQLServerWithConfigObject: + OutputCreateExamplesS3: parameters: path: - id: "" + pack: "" requestBody: - application/json: {"authType": "configObj", "configObj": "{\"server\":\"sqlserver.example.com\",\"database\":\"Reporting\",\"user\":\"report_user\",\"password\":\"Report_Pass123!\",\"options\":{\"encrypt\":true,\"trustServerCertificate\":false,\"connectTimeout\":20000}}", "databaseType": "sqlserver", "description": "Reporting SQL Server database with custom config", "id": "sqlserver-reporting", "requestTimeout": 60000, "tags": "reporting,sqlserver,analytics"} + application/json: {"id": "s3-output", "type": "s3", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging"} responses: "200": application/json: {} "500": application/json: {} - DatabaseConnectionExamplesOracleWithConnectionString: + OutputCreateExamplesAzureBlob: parameters: path: - id: "" + pack: "" requestBody: - application/json: {"authType": "connectionString", "connectionString": "oracle.example.com:1521/ORCL", "connectionTimeout": 15000, "databaseType": "oracle", "description": "Oracle ERP database", "id": "oracle-erp", "password": "Oracle_Pass456!", "tags": "erp,oracle,finance", "user": "erp_user"} + application/json: {"id": "azure-blob-output", "type": "azure_blob", "containerName": "my-container", "stagePath": "/tmp/staging"} responses: "200": application/json: {} "500": application/json: {} - DatabaseConnectionExamplesOracleWithSecret: + OutputCreateExamplesAzureDataExplorer: parameters: path: - id: "" + pack: "" requestBody: - application/json: {"authType": "secret", "connectionTimeout": 20000, "databaseType": "oracle", "description": "Oracle data warehouse", "id": "oracle-warehouse", "password": "Warehouse_Pass789!", "tags": "warehouse,oracle,reporting", "textSecret": "oracle-warehouse-connection", "user": "warehouse_user"} + application/json: {"id": "azure-data-explorer-output", "type": "azure_data_explorer", "clusterUrl": "https://mycluster.kusto.windows.net", "database": "mydatabase", "table": "mytable", "ingestMode": "streaming", "oauthEndpoint": "https://login.microsoftonline.com", "tenantId": "tenant-id", "clientId": "client-id", "scope": "https://mycluster.kusto.windows.net/.default", "oauthType": "clientSecret", "clientSecret": "client-secret", "format": "json", "compress": "gzip"} responses: "200": application/json: {} "500": application/json: {} - DatabaseConnectionExamplesOracleWithCredentialsSecrets: + OutputCreateExamplesSentinel: parameters: path: - id: "" + pack: "" requestBody: - application/json: {"authType": "secrets", "connectionTimeout": 15000, "credsSecrets": "oracle-secure-credentials", "databaseType": "oracle", "description": "High-security Oracle database with credential secrets", "id": "oracle-secure-db", "tags": "secure,oracle,sensitive-data", "textSecret": "oracle-secure-connection"} + application/json: {"id": "sentinel-output", "type": "sentinel", "loginUrl": "https://login.microsoftonline.com", "secret": "client-secret", "client_id": "client-id", "endpointURLConfiguration": "url", "url": "https://your-workspace.ingest.monitor.azure.com"} responses: "200": application/json: {} "500": application/json: {} - speakeasy-default-update-database-connection-config-by-id: + OutputCreateExamplesAzureLogs: parameters: path: - id: "" + pack: "" requestBody: - application/json: {"authType": "", "databaseType": "oracle", "description": "developmental oof hourly", "id": ""} + application/json: {"id": "azure-logs-output", "type": "azure_logs", "logType": "Cribl", "authType": "manual", "workspaceId": "workspace-id", "workspaceKey": "workspace-key"} responses: "200": application/json: {} "500": application/json: {} - deleteInputPqById: - speakeasy-default-delete-input-pq-by-id: + OutputCreateExamplesKafka: parameters: path: - id: "" + pack: "" + requestBody: + application/json: {"id": "kafka-output", "type": "kafka", "brokers": ["localhost:9092"], "topic": "logs"} responses: - "201": + "200": application/json: {} "500": application/json: {} - getInputPqById: - speakeasy-default-get-input-pq-by-id: + OutputCreateExamplesConfluentCloud: parameters: path: - id: "" + pack: "" + requestBody: + application/json: {"id": "confluent-cloud-output", "type": "confluent_cloud", "brokers": ["pkc-xxxxx.us-east-1.aws.confluent.cloud:9092"], "topic": "logs"} responses: "200": application/json: {} "500": application/json: {} - getInputStatusById: - speakeasy-default-get-input-status-by-id: + OutputCreateExamplesMsk: parameters: path: - id: "" + pack: "" + requestBody: + application/json: {"id": "msk-output", "type": "msk", "brokers": ["b-1.example.xxxxx.c2.kafka.us-east-1.amazonaws.com:9092"], "topic": "logs", "awsAuthenticationMethod": "auto", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - getInputStatus: - speakeasy-default-get-input-status: + OutputCreateExamplesKinesis: + parameters: + path: + pack: "" + requestBody: + application/json: {"id": "kinesis-output", "type": "kinesis", "streamName": "my-stream", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - getInputSystemByPack: - speakeasy-default-get-input-system-by-pack: + OutputCreateExamplesElastic: parameters: path: pack: "" + requestBody: + application/json: {"id": "elastic-output", "type": "elastic", "index": "logs"} responses: "200": application/json: {} "500": application/json: {} - createInputSystemByPack: - InputCreateExamplesAppscope: + OutputCreateExamplesElasticCloud: parameters: path: pack: "" requestBody: - application/json: {"id": "appscope-source", "type": "appscope", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 9109} + application/json: {"id": "elastic-cloud-output", "type": "elastic_cloud", "url": "my-cloud-id", "index": "logs"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesAzureBlob: + OutputCreateExamplesMicrosoftFabric: parameters: path: pack: "" requestBody: - application/json: {"id": "azure-blob-source", "type": "azure_blob", "sendToRoutes": true, "pqEnabled": false, "queueName": "azure-blob-queue"} + application/json: {"id": "microsoft-fabric-output", "type": "microsoft_fabric", "topic": "logs", "bootstrap_server": "myeventstream.servicebus.windows.net:9093"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesCloudflareHec: + OutputCreateExamplesCloudflareR2: parameters: path: pack: "" requestBody: - application/json: {"id": "cloudflare-hec-source", "type": "cloudflare_hec", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8088, "hecAPI": "/services/collector"} + application/json: {"id": "cloudflare-r2-output", "type": "cloudflare_r2", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://account-id.r2.cloudflarestorage.com"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesConfluentCloud: + OutputCreateExamplesHoneycomb: parameters: path: pack: "" requestBody: - application/json: {"id": "confluent-cloud-source", "type": "confluent_cloud", "sendToRoutes": true, "pqEnabled": false, "brokers": ["pkc-xxxxx.us-east-1.aws.confluent.cloud:9092"], "topics": ["logs"]} + application/json: {"id": "honeycomb-output", "type": "honeycomb", "dataset": "my-dataset"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesCollection: + OutputCreateExamplesNewrelic: parameters: path: pack: "" requestBody: - application/json: {"id": "collection-source", "type": "collection", "sendToRoutes": true, "pqEnabled": false} + application/json: {"id": "newrelic-output", "type": "newrelic", "apiKey": "your-api-key"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesCriblHttp: + OutputCreateExamplesNewrelicEvents: parameters: path: pack: "" requestBody: - application/json: {"id": "cribl-http-source", "type": "cribl_http", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} + application/json: {"id": "newrelic-events-output", "type": "newrelic_events", "accountId": "123456", "eventType": "CriblEvent", "apiKey": "your-api-key"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesCriblLakeHttp: + OutputCreateExamplesSnmp: parameters: path: pack: "" requestBody: - application/json: {"id": "cribl-lake-http-source", "type": "cribl_lake_http", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} + application/json: {"id": "snmp-output", "type": "snmp", "hosts": [{"host": "192.168.1.1", "port": 161}]} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesCriblTcp: + OutputCreateExamplesInfluxdb: parameters: path: pack: "" requestBody: - application/json: {"id": "cribl-tcp-source", "type": "cribl_tcp", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10090} + application/json: {"id": "influxdb-output", "type": "influxdb", "url": "http://localhost:8086", "database": "mydb"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesCrowdstrike: + OutputCreateExamplesMinio: parameters: path: pack: "" requestBody: - application/json: {"id": "crowdstrike-source", "type": "crowdstrike", "sendToRoutes": true, "pqEnabled": false, "queueName": "crowdstrike-queue", "region": "us-east-1"} + application/json: {"id": "minio-output", "type": "minio", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "http://localhost:9000"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesDatadogAgent: + OutputCreateExamplesCloudwatch: parameters: path: pack: "" requestBody: - application/json: {"id": "datadog-agent-source", "type": "datadog_agent", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8126} + application/json: {"id": "cloudwatch-output", "type": "cloudwatch", "logGroupName": "my-log-group", "logStreamName": "my-log-stream", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesDatagen: + OutputCreateExamplesAzureEventhub: parameters: path: pack: "" requestBody: - application/json: {"id": "datagen-source", "type": "datagen", "sendToRoutes": true, "pqEnabled": false, "samples": [{"sample": "sample.json", "eventsPerSec": 10}]} + application/json: {"id": "azure-eventhub-output", "type": "azure_eventhub", "brokers": ["myeventhub.servicebus.windows.net:9093"], "topic": "logs"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesEdgePrometheus: + OutputCreateExamplesStatsd: parameters: path: pack: "" requestBody: - application/json: {"id": "edge-prometheus-source", "type": "edge_prometheus", "sendToRoutes": true, "pqEnabled": false, "discoveryType": "static", "interval": 60, "targets": [{"host": "localhost"}]} + application/json: {"id": "statsd-output", "type": "statsd", "protocol": "udp", "host": "localhost", "port": 8125} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesElastic: + OutputCreateExamplesStatsdExt: parameters: path: pack: "" requestBody: - application/json: {"id": "elastic-source", "type": "elastic", "sendToRoutes": true, "pqEnabled": false, "host": "localhost", "port": 9200, "elasticAPI": "/"} + application/json: {"id": "statsd-ext-output", "type": "statsd_ext", "protocol": "udp", "host": "localhost", "port": 8125} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesEventhub: + OutputCreateExamplesGraphite: parameters: path: pack: "" requestBody: - application/json: {"id": "eventhub-source", "type": "eventhub", "sendToRoutes": true, "pqEnabled": false, "brokers": ["myeventhub.servicebus.windows.net:9093"], "topics": ["logs"]} + application/json: {"id": "graphite-output", "type": "graphite", "protocol": "tcp", "host": "localhost", "port": 2003} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesExec: + OutputCreateExamplesWavefront: parameters: path: pack: "" requestBody: - application/json: {"id": "exec-source", "type": "exec", "sendToRoutes": true, "pqEnabled": false, "command": "echo \"Hello World\"", "interval": 60} + application/json: {"id": "wavefront-output", "type": "wavefront", "domain": "longboard", "token": "your-token"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesFile: + OutputCreateExamplesSignalfx: parameters: path: pack: "" requestBody: - application/json: {"id": "file-source", "type": "file", "sendToRoutes": true, "pqEnabled": false, "mode": "manual"} + application/json: {"id": "signalfx-output", "type": "signalfx", "realm": "us0", "token": "your-token"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesFirehose: + OutputCreateExamplesSqs: parameters: path: pack: "" requestBody: - application/json: {"id": "firehose-source", "type": "firehose", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} + application/json: {"id": "sqs-output", "type": "sqs", "queueName": "my-queue", "queueType": "standard", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesGrafana: + OutputCreateExamplesGoogleCloudStorage: parameters: path: pack: "" requestBody: - application/json: {"id": "grafana-source", "type": "grafana", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080, "prometheusAPI": "/api/prom/push"} + application/json: {"id": "google-cloud-storage-output", "type": "google_cloud_storage", "bucket": "my-bucket", "region": "us-east1", "endpoint": "https://storage.googleapis.com", "stagePath": "/tmp/staging"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesGooglePubsub: + OutputCreateExamplesSumoLogic: parameters: path: pack: "" requestBody: - application/json: {"id": "google-pubsub-source", "type": "google_pubsub", "sendToRoutes": true, "pqEnabled": false, "topicName": "my-topic", "subscriptionName": "my-subscription"} + application/json: {"id": "sumo-logic-output", "type": "sumo_logic", "url": "https://endpoint1.collection.us2.sumologic.com"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesHttp: + OutputCreateExamplesDatadog: parameters: path: pack: "" requestBody: - application/json: {"id": "http-source", "type": "http", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} + application/json: {"id": "datadog-output", "type": "datadog", "apiKey": "your-api-key"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesHttpRaw: + OutputCreateExamplesWebhook: parameters: path: pack: "" requestBody: - application/json: {"id": "http-raw-source", "type": "http_raw", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} + application/json: {"id": "webhook-output", "type": "webhook", "url": "https://example.com/webhook"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesJournalFiles: + OutputCreateExamplesPrometheus: parameters: path: pack: "" requestBody: - application/json: {"id": "journal-files-source", "type": "journal_files", "sendToRoutes": true, "pqEnabled": false, "path": "/var/log/journal", "journals": ["system"]} + application/json: {"id": "prometheus-output", "type": "prometheus", "url": "http://localhost:9091/api/v1/write"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesKafka: + OutputCreateExamplesGooglePubsub: parameters: path: pack: "" requestBody: - application/json: {"id": "kafka-source", "type": "kafka", "sendToRoutes": true, "pqEnabled": false, "brokers": ["localhost:9092"], "topics": ["logs"]} + application/json: {"id": "google-pubsub-output", "type": "google_pubsub", "topicName": "my-topic"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesKinesis: + OutputCreateExamplesGoogleChronicle: parameters: path: pack: "" requestBody: - application/json: {"id": "kinesis-source", "type": "kinesis", "sendToRoutes": true, "pqEnabled": false, "streamName": "my-stream", "region": "us-east-1"} + application/json: {"id": "google-chronicle-output", "type": "google_chronicle", "logFormatType": "unstructured", "region": "us", "customerId": "customer-id"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesKubeEvents: + OutputCreateExamplesChronicle: parameters: path: pack: "" requestBody: - application/json: {"id": "kube-events-source", "type": "kube_events", "sendToRoutes": true, "pqEnabled": false} + application/json: {"id": "chronicle-output", "type": "chronicle", "region": "us", "logType": "UNKNOWN", "gcpProjectId": "my-project", "gcpInstance": "customer-id"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesKubeLogs: + OutputCreateExamplesGrafanaCloud: parameters: path: pack: "" requestBody: - application/json: {"id": "kube-logs-source", "type": "kube_logs", "sendToRoutes": true, "pqEnabled": false} + application/json: {"id": "grafana-cloud-output", "type": "grafana_cloud", "lokiUrl": "https://logs-prod-us-central1.grafana.net"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesKubeMetrics: + OutputCreateExamplesLoki: parameters: path: pack: "" requestBody: - application/json: {"id": "kube-metrics-source", "type": "kube_metrics", "sendToRoutes": true, "pqEnabled": false} + application/json: {"id": "loki-output", "type": "loki", "url": "http://localhost:3100/loki/api/v1/push"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesLoki: + OutputCreateExamplesOpenTelemetry: parameters: path: pack: "" requestBody: - application/json: {"id": "loki-source", "type": "loki", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080, "lokiAPI": "/loki/api/v1/push"} + application/json: {"id": "opentelemetry-output", "type": "open_telemetry", "endpoint": "http://localhost:4317"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesMetrics: + OutputCreateExamplesServiceNow: parameters: path: pack: "" requestBody: - application/json: {"id": "metrics-source", "type": "metrics", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "udpPort": 8125} + application/json: {"id": "servicenow-output", "type": "service_now", "endpoint": "ingest.lightstep.com:443", "tokenSecret": "your-token-secret", "otlpVersion": "1.3.1", "protocol": "http"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesModelDrivenTelemetry: + OutputCreateExamplesDynatraceOtlp: parameters: path: pack: "" requestBody: - application/json: {"id": "mdt-source", "type": "model_driven_telemetry", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 57000} + application/json: {"id": "dynatrace-otlp-output", "type": "dynatrace_otlp", "protocol": "http", "endpoint": "https://your-environment.live.dynatrace.com/api/v2/otlp", "otlpVersion": "1.3.1", "endpointType": "saas", "tokenSecret": "your-token-secret"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesMsk: + OutputCreateExamplesSentinelOneAiSiem: parameters: path: pack: "" requestBody: - application/json: {"id": "msk-source", "type": "msk", "sendToRoutes": true, "pqEnabled": false, "brokers": ["b-1.example.xxxxx.c2.kafka.us-east-1.amazonaws.com:9092"], "topics": ["logs"], "awsAuthenticationMethod": "auto", "region": "us-east-1"} + application/json: {"id": "sentinel-one-ai-siem-output", "type": "sentinel_one_ai_siem", "region": "US", "endpoint": "/services/collector/event"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesNetflow: + OutputCreateExamplesDataset: parameters: path: pack: "" requestBody: - application/json: {"id": "netflow-source", "type": "netflow", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 2055} + application/json: {"id": "dataset-output", "type": "dataset"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesOffice365Mgmt: + OutputCreateExamplesRing: parameters: path: pack: "" requestBody: - application/json: {"id": "office365-mgmt-source", "type": "office365_mgmt", "sendToRoutes": true, "pqEnabled": false, "planType": "enterprise_gcc", "tenantId": "tenant-id", "appId": "app-id"} + application/json: {"id": "ring-output", "type": "ring"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesMicrosoftGraph: + OutputCreateExamplesRouter: parameters: path: pack: "" requestBody: - application/json: {"id": "microsoft-graph-source", "type": "microsoft_graph", "sendToRoutes": true, "pqEnabled": false, "url": "https://graph.microsoft.com/v1.0/admin/exchange/tracing/messageTraces", "interval": 15} + application/json: {"id": "router-output", "type": "router", "rules": [{"filter": "true", "output": "my-output"}]} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesOffice365MsgTrace: + OutputCreateExamplesWizHec: parameters: path: pack: "" requestBody: - application/json: {"id": "office365-msg-trace-source", "type": "office365_msg_trace", "sendToRoutes": true, "pqEnabled": false, "url": "https://reports.office365.com/ecp/reportingwebservice/reporting.svc/MessageTrace", "interval": 15} + application/json: {"id": "wiz-hec-output", "type": "wiz_hec", "authType": "manual", "wiz_connector_id": "00000000-0000-0000-0000-000000000000", "wiz_environment": "test", "data_center": "us1", "wiz_sourcetype": "placeholder"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesOffice365Service: + OutputCreateExamplesHumioHec: parameters: path: pack: "" requestBody: - application/json: {"id": "office365-service-source", "type": "office365_service", "sendToRoutes": true, "pqEnabled": false, "tenantId": "tenant-id", "appId": "app-id"} + application/json: {"id": "humio-hec-output", "type": "humio_hec", "url": "https://cloud.us.humio.com/api/v1/ingest/hec", "format": "JSON", "authType": "manual", "token": "your-token"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesOpenAI: + OutputCreateExamplesCrowdstrikeNextGenSiem: parameters: path: pack: "" requestBody: - application/json: {"id": "openai-source", "type": "openai", "sendToRoutes": true, "pqEnabled": false, "contentConfig": [{"disabled": false, "requestParams": [{"name": "effective_at[gt]", "value": "`${Math.round(Date.now()/1000 - 3600)}`"}, {"name": "limit", "value": "100"}], "paginationType": "response_body", "paginationAttribute": ["last_id"], "paginationLastPageExpr": "has_more === false", "cronSchedule": "0 * * * *", "earliest": "-1h", "latest": "now"}], "textSecret": "openai-api-key-secret"} + application/json: {"id": "crowdstrike-next-gen-siem-output", "type": "crowdstrike_next_gen_siem", "url": "https://ingest.us.crowdstrike.com/api/ingest/hec/connection-id/v1/services/collector", "format": "JSON", "authType": "manual", "token": "your-token"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesOpenTelemetry: + OutputCreateExamplesCriblHttp: parameters: path: pack: "" requestBody: - application/json: {"id": "otel-source", "type": "open_telemetry", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 4317} + application/json: {"id": "cribl-http-output", "type": "cribl_http"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesPrometheus: + OutputCreateExamplesCriblTcp: parameters: path: pack: "" requestBody: - application/json: {"id": "prometheus-source", "type": "prometheus", "sendToRoutes": true, "pqEnabled": false, "discoveryType": "static", "interval": 60, "logLevel": "info", "targetList": ["http://localhost:9090/metrics"]} + application/json: {"id": "cribl-tcp-output", "type": "cribl_tcp", "host": "localhost", "port": 10090} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesPrometheusRw: + OutputCreateExamplesCriblSearchEngine: parameters: path: pack: "" requestBody: - application/json: {"id": "prometheus-rw-source", "type": "prometheus_rw", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080, "prometheusAPI": "/write"} + application/json: {"id": "cribl-search-engine-output", "type": "cribl_search_engine", "systemFields": ["cribl_pipe"], "streamtags": [], "loadBalanced": false, "tls": {"disabled": true}, "tokenTTLMinutes": 60, "excludeFields": ["__kube_*", "__metadata", "__winEvent"], "compression": "gzip", "concurrency": 5, "maxPayloadSizeKB": 4096, "maxPayloadEvents": 0, "rejectUnauthorized": true, "timeoutSec": 30, "flushPeriodSec": 1, "failedRequestLoggingMode": "none", "safeHeaders": [], "throttleRatePerSec": "0", "responseRetrySettings": [{"httpStatus": 401, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 20000}, {"httpStatus": 403, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 20000}, {"httpStatus": 408, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 429, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 500, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 502, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 503, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 504, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 509, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}], "timeoutRetrySettings": {"timeoutRetry": false}, "responseHonorRetryAfterHeader": true, "onBackpressure": "block", "useRoundRobinDns": true, "url": "https://0.0.0.0:10200"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesRawUdp: + OutputCreateExamplesGoogleCloudLogging: parameters: path: pack: "" requestBody: - application/json: {"id": "raw-udp-source", "type": "raw_udp", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 514} + application/json: {"id": "google-cloud-logging-output", "type": "google_cloud_logging", "logLocationType": "project", "logNameExpression": "my-log", "logLocationExpression": "my-project"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesS3: + OutputCreateExamplesSns: parameters: path: pack: "" requestBody: - application/json: {"id": "s3-source", "type": "s3", "sendToRoutes": true, "pqEnabled": false, "queueName": "s3-notifications-queue", "region": "us-east-1"} + application/json: {"id": "sns-output", "type": "sns", "topicArn": "arn:aws:sns:us-east-1:123456789012:my-topic", "messageGroupId": "my-message-group", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesS3Inventory: + OutputCreateExamplesDlS3: parameters: path: pack: "" requestBody: - application/json: {"id": "s3-inventory-source", "type": "s3_inventory", "sendToRoutes": true, "pqEnabled": false, "queueName": "s3-inventory-queue", "region": "us-east-1"} + application/json: {"id": "dl-s3-output", "type": "dl_s3", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesSecurityLake: + OutputCreateExamplesSecurityLake: parameters: path: pack: "" requestBody: - application/json: {"id": "security-lake-source", "type": "security_lake", "sendToRoutes": true, "pqEnabled": false, "queueName": "security-lake-queue", "region": "us-east-1"} + application/json: {"id": "security-lake-output", "type": "security_lake", "assumeRoleArn": "arn:aws:iam::123456789012:role/my-role", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging", "accountId": "123456789012", "customSource": "my-custom-source"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesSnmp: + OutputCreateExamplesCriblLake: parameters: path: pack: "" requestBody: - application/json: {"id": "snmp-source", "type": "snmp", "sendToRoutes": true, "pqEnabled": false, "host": "192.168.1.1", "port": 161} + application/json: {"id": "cribl-lake-output", "type": "cribl_lake"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesSplunk: + OutputCreateExamplesExabeam: parameters: path: pack: "" requestBody: - application/json: {"id": "splunk-source", "type": "splunk", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 9997} + application/json: {"id": "exabeam-output", "type": "exabeam", "bucket": "my-bucket", "region": "us-east1", "stagePath": "/tmp/staging", "endpoint": "https://storage.googleapis.com", "collectorInstanceId": "11112222-3333-4444-5555-666677778888"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesSplunkHec: + OutputCreateExamplesDiskSpool: parameters: path: pack: "" requestBody: - application/json: {"id": "splunk-hec-source", "type": "splunk_hec", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8088, "splunkHecAPI": "/services/collector"} + application/json: {"id": "disk-spool-output", "type": "disk_spool"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesSplunkSearch: + OutputCreateExamplesClickHouse: parameters: path: pack: "" requestBody: - application/json: {"id": "splunk-search-source", "type": "splunk_search", "sendToRoutes": true, "pqEnabled": false, "searchHead": "https://localhost:8089", "search": "index=main", "cronSchedule": "*/15 * * * *", "endpoint": "/services/search/v2/jobs/export", "outputMode": "json", "authType": "basic"} + application/json: {"id": "clickhouse-output", "type": "click_house", "url": "http://localhost:8123/", "database": "mydb", "tableName": "mytable"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesSqs: + OutputCreateExamplesLocalSearchStorage: parameters: path: pack: "" requestBody: - application/json: {"id": "sqs-source", "type": "sqs", "sendToRoutes": true, "pqEnabled": false, "queueName": "my-queue", "queueType": "standard", "region": "us-east-1"} + application/json: {"id": "local-search-storage-output", "type": "local_search_storage", "url": "http://localhost:8123/", "database": "default", "tableName": "mytable"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesSyslog: + OutputCreateExamplesXsiam: parameters: path: pack: "" requestBody: - application/json: {"id": "syslog-source", "type": "syslog", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "udpPort": 514} + application/json: {"id": "xsiam-output", "type": "xsiam"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesSystemMetrics: + OutputCreateExamplesNetflow: parameters: path: pack: "" requestBody: - application/json: {"id": "system-metrics-source", "type": "system_metrics", "sendToRoutes": true, "pqEnabled": false} + application/json: {"id": "netflow-output", "type": "netflow", "hosts": [{"host": "localhost", "port": 2055}]} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesSystemState: + OutputCreateExamplesDynatraceHttp: parameters: path: pack: "" requestBody: - application/json: {"id": "system-state-source", "type": "system_state", "sendToRoutes": true, "pqEnabled": false} + application/json: {"id": "dynatrace-http-output", "type": "dynatrace_http", "authType": "token", "format": "json_array", "endpoint": "cloud", "telemetryType": "logs", "token": "your-api-key"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesTcp: + OutputCreateExamplesDatabricks: parameters: path: pack: "" requestBody: - application/json: {"id": "tcp-source", "type": "tcp", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10090} + application/json: {"id": "databricks-output", "type": "databricks", "workspaceId": "your-workspace-id", "scope": "all-apis", "clientId": "your-client-id", "catalog": "main", "schema": "external", "eventsVolumeName": "events", "clientTextSecret": "your-client-secret"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesTcpjson: + speakeasy-default-create-output-system-by-pack: parameters: path: pack: "" requestBody: - application/json: {"id": "tcpjson-source", "type": "tcpjson", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10090} + application/json: {"id": "", "type": "minio", "bucket": "", "stagePath": "", "endpoint": ""} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesWef: + OutputCreateExamplesNutanixObjects: parameters: path: pack: "" requestBody: - application/json: {"id": "wef-source", "type": "wef", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 5985, "subscriptions": [{"subscriptionName": "subscription-1", "contentFormat": "RenderedText", "heartbeatInterval": 60, "batchTimeout": 5, "targets": []}]} + application/json: {"id": "nutanix-objects-output", "type": "nutanix_objects", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://nutanix-objects.example.com"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesWinEventLogs: + OutputCreateExamplesStorjS3: parameters: path: pack: "" requestBody: - application/json: {"id": "win-event-logs-source", "type": "win_event_logs", "sendToRoutes": true, "pqEnabled": false, "logNames": ["Application", "System"]} + application/json: {"id": "storj-s3-output", "type": "storj_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://gateway.storjshare.io"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesWindowsMetrics: + OutputCreateExamplesAlphasocS3: parameters: path: pack: "" requestBody: - application/json: {"id": "windows-metrics-source", "type": "windows_metrics", "sendToRoutes": true, "pqEnabled": false} + application/json: {"id": "alphasoc-s3-output", "type": "alphasoc_s3", "bucket": "events", "stagePath": "/tmp/staging", "endpoint": "https://s3.alphasoc.net"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesWiz: + OutputCreateExamplesdellS3: parameters: path: pack: "" requestBody: - application/json: {"id": "wiz-source", "type": "wiz", "sendToRoutes": true, "pqEnabled": false, "endpoint": "https://api.wiz.io", "authUrl": "https://auth.wiz.io/oauth/token", "clientId": "client-id", "contentConfig": []} + application/json: {"id": "dell-s3-output", "type": "dell_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://powerscale.example.com:9021"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesWizWebhook: + OutputCreateExamplescloudianS3: parameters: path: pack: "" requestBody: - application/json: {"id": "wiz-webhook-source", "type": "wiz_webhook", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} + application/json: {"id": "cloudian-s3-output", "type": "cloudian_s3", "endpoint": "https://s3.hyperstore.example.com", "bucket": "my-bucket", "stagePath": "/tmp/staging"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesZscalerHec: + OutputCreateExamplesscalityS3: parameters: path: pack: "" requestBody: - application/json: {"id": "zscaler-hec-source", "type": "zscaler_hec", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8088, "hecAPI": "/services/collector"} + application/json: {"id": "scality-s3-output", "type": "scality_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://s3.scality.example.com"} responses: "200": application/json: {} "500": application/json: {} - speakeasy-default-create-input-system-by-pack: + OutputCreateExamplesalibabaCloudS3: parameters: path: pack: "" requestBody: - application/json: {"id": "", "type": "sqs", "queueName": "", "queueType": "fifo"} + application/json: {"id": "alibaba-oss-output", "type": "alibaba_cloud_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://s3.oss-cn-hangzhou.aliyuncs.com"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesAnthropicCompliance: + OutputCreateExamplesGoogleCloudObservability: parameters: path: pack: "" requestBody: - application/json: {"id": "anthropic-compliance-source", "type": "anthropic_compliance", "sendToRoutes": true, "pqEnabled": false, "textSecret": "anthropic-api-key-secret", "contentConfig": [{"contentType": "activities", "contentDescription": "Compliance Activities", "enabled": true, "stateTracking": true, "stateUpdateExpression": "__timestampExtracted !== false && {latestTime: (state.latestTime || 0) > _time ? state.latestTime : _time}", "stateMergeExpression": "prevState.latestTime > newState.latestTime ? prevState : newState", "cronSchedule": "*/5 * * * *", "earliest": "-7d@d", "latest": "now", "jobTimeout": "300"}]} + application/json: {"id": "google-cloud-observability-output", "type": "google_cloud_observability", "googleAuthMethod": "auto"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesAppleUnifiedLogs: + getOutputSystemByPackAndId: + speakeasy-default-get-output-system-by-pack-and-id: parameters: path: + id: "" pack: "" - requestBody: - application/json: {"id": "apple-unified-logs-source", "type": "apple_unified_logs", "sendToRoutes": true, "pqEnabled": false, "predicate": "subsystem == \"com.apple.security\""} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesEventhubAmqp: + updateOutputSystemByPackAndId: + OutputExamplesDefault: parameters: path: + id: "" pack: "" requestBody: - application/json: {"id": "eventhub-amqp-source", "type": "eventhub_amqp", "sendToRoutes": true, "pqEnabled": false, "eventHubName": "my-event-hub", "consumerGroup": "$Default", "checkpointing": {"blobStore": {"containerName": "my-container"}}} + application/json: {"id": "default-output", "type": "default", "defaultId": "my-default-output"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesOkta: + OutputCreateExamplesTcpjson: parameters: path: + id: "" pack: "" requestBody: - application/json: {"id": "okta-source", "type": "okta", "sendToRoutes": true, "pqEnabled": false, "oktaDomain": "your-org", "textSecret": "okta-api-token-secret", "cronSchedule": "*/5 * * * *", "earliest": "-7d@d", "latest": "now"} + application/json: {"id": "tcpjson-output", "type": "tcpjson", "host": "localhost", "port": 10090} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesOpenAIComplianceLogs: + OutputCreateExamplesSplunk: parameters: path: + id: "" pack: "" requestBody: - application/json: {"id": "openai-compliance-logs-source", "type": "openai_compliance_logs", "sendToRoutes": true, "pqEnabled": false, "textSecret": "openai-api-key-secret", "accountType": "workspace", "cronSchedule": "*/15 * * * *", "earliest": "-1h", "latest": "now", "workspaceId": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee", "workspaceEventTypes": ["AUDIT_LOG", "AUTH_LOG"]} + application/json: {"id": "splunk-output", "type": "splunk", "host": "localhost", "port": 9997} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesServiceNowTable: + OutputCreateExamplesSplunkLb: parameters: path: + id: "" pack: "" requestBody: - application/json: {"id": "servicenow-table-source", "type": "servicenow_table", "sendToRoutes": true, "pqEnabled": false, "instance": "https://example.service-now.com", "tableName": "incident", "fields": ["sys_id", "number", "short_description"], "pageSize": 10000, "cronSchedule": "0 * * * *", "earliest": "-1d", "latest": "now"} + application/json: {"id": "splunk-lb-output", "type": "splunk_lb", "hosts": [{"host": "localhost", "port": 9997}]} responses: "200": application/json: {} "500": application/json: {} - getInputSystemByPackAndId: - speakeasy-default-get-input-system-by-pack-and-id: + OutputCreateExamplesSplunkHec: parameters: path: id: "" pack: "" + requestBody: + application/json: {"id": "splunk-hec-output", "type": "splunk_hec"} responses: "200": application/json: {} "500": application/json: {} - updateInputSystemByPackAndId: - InputCreateExamplesAppscope: + OutputCreateExamplesSyslog: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "appscope-source", "type": "appscope", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 9109} + application/json: {"id": "syslog-output", "type": "syslog", "host": "localhost", "port": 514} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesAzureBlob: + OutputCreateExamplesFilesystem: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "azure-blob-source", "type": "azure_blob", "sendToRoutes": true, "pqEnabled": false, "queueName": "azure-blob-queue"} + application/json: {"id": "filesystem-output", "type": "filesystem", "destPath": "/var/log/output"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesCloudflareHec: + OutputCreateExamplesS3: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "cloudflare-hec-source", "type": "cloudflare_hec", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8088, "hecAPI": "/services/collector"} + application/json: {"id": "s3-output", "type": "s3", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesConfluentCloud: + OutputCreateExamplesAzureBlob: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "confluent-cloud-source", "type": "confluent_cloud", "sendToRoutes": true, "pqEnabled": false, "brokers": ["pkc-xxxxx.us-east-1.aws.confluent.cloud:9092"], "topics": ["logs"]} + application/json: {"id": "azure-blob-output", "type": "azure_blob", "containerName": "my-container", "stagePath": "/tmp/staging"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesCollection: + OutputCreateExamplesAzureDataExplorer: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "collection-source", "type": "collection", "sendToRoutes": true, "pqEnabled": false} + application/json: {"id": "azure-data-explorer-output", "type": "azure_data_explorer", "clusterUrl": "https://mycluster.kusto.windows.net", "database": "mydatabase", "table": "mytable", "ingestMode": "streaming", "oauthEndpoint": "https://login.microsoftonline.com", "tenantId": "tenant-id", "clientId": "client-id", "scope": "https://mycluster.kusto.windows.net/.default", "oauthType": "clientSecret", "clientSecret": "client-secret", "format": "json", "compress": "gzip"} responses: "200": application/json: {} "500": application/json: {} - InputExamplesCribl: + OutputCreateExamplesSentinel: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "cribl-source", "type": "cribl", "sendToRoutes": true, "pqEnabled": false} + application/json: {"id": "sentinel-output", "type": "sentinel", "loginUrl": "https://login.microsoftonline.com", "secret": "client-secret", "client_id": "client-id", "endpointURLConfiguration": "url", "url": "https://your-workspace.ingest.monitor.azure.com"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesCriblHttp: + OutputCreateExamplesAzureLogs: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "cribl-http-source", "type": "cribl_http", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} + application/json: {"id": "azure-logs-output", "type": "azure_logs", "logType": "Cribl", "authType": "manual", "workspaceId": "workspace-id", "workspaceKey": "workspace-key"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesCriblLakeHttp: + OutputCreateExamplesKafka: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "cribl-lake-http-source", "type": "cribl_lake_http", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} + application/json: {"id": "kafka-output", "type": "kafka", "brokers": ["localhost:9092"], "topic": "logs"} responses: "200": application/json: {} "500": application/json: {} - InputExamplesCriblMetrics: + OutputCreateExamplesConfluentCloud: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "cribl-metrics-source", "type": "criblmetrics", "sendToRoutes": true, "pqEnabled": false} + application/json: {"id": "confluent-cloud-output", "type": "confluent_cloud", "brokers": ["pkc-xxxxx.us-east-1.aws.confluent.cloud:9092"], "topic": "logs"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesCriblTcp: + OutputCreateExamplesMsk: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "cribl-tcp-source", "type": "cribl_tcp", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10090} + application/json: {"id": "msk-output", "type": "msk", "brokers": ["b-1.example.xxxxx.c2.kafka.us-east-1.amazonaws.com:9092"], "topic": "logs", "awsAuthenticationMethod": "auto", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesCrowdstrike: + OutputCreateExamplesKinesis: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "crowdstrike-source", "type": "crowdstrike", "sendToRoutes": true, "pqEnabled": false, "queueName": "crowdstrike-queue", "region": "us-east-1"} + application/json: {"id": "kinesis-output", "type": "kinesis", "streamName": "my-stream", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesDatadogAgent: + OutputCreateExamplesElastic: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "datadog-agent-source", "type": "datadog_agent", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8126} + application/json: {"id": "elastic-output", "type": "elastic", "index": "logs"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesDatagen: + OutputCreateExamplesElasticCloud: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "datagen-source", "type": "datagen", "sendToRoutes": true, "pqEnabled": false, "samples": [{"sample": "sample.json", "eventsPerSec": 10}]} + application/json: {"id": "elastic-cloud-output", "type": "elastic_cloud", "url": "my-cloud-id", "index": "logs"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesEdgePrometheus: + OutputCreateExamplesMicrosoftFabric: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "edge-prometheus-source", "type": "edge_prometheus", "sendToRoutes": true, "pqEnabled": false, "discoveryType": "static", "interval": 60, "targets": [{"host": "localhost"}]} + application/json: {"id": "microsoft-fabric-output", "type": "microsoft_fabric", "topic": "logs", "bootstrap_server": "myeventstream.servicebus.windows.net:9093"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesElastic: + OutputCreateExamplesCloudflareR2: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "elastic-source", "type": "elastic", "sendToRoutes": true, "pqEnabled": false, "host": "localhost", "port": 9200, "elasticAPI": "/"} + application/json: {"id": "cloudflare-r2-output", "type": "cloudflare_r2", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://account-id.r2.cloudflarestorage.com"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesEventhub: + OutputCreateExamplesHoneycomb: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "eventhub-source", "type": "eventhub", "sendToRoutes": true, "pqEnabled": false, "brokers": ["myeventhub.servicebus.windows.net:9093"], "topics": ["logs"]} + application/json: {"id": "honeycomb-output", "type": "honeycomb", "dataset": "my-dataset"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesExec: + OutputCreateExamplesNewrelic: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "exec-source", "type": "exec", "sendToRoutes": true, "pqEnabled": false, "command": "echo \"Hello World\"", "interval": 60} + application/json: {"id": "newrelic-output", "type": "newrelic", "apiKey": "your-api-key"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesFile: + OutputCreateExamplesNewrelicEvents: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "file-source", "type": "file", "sendToRoutes": true, "pqEnabled": false, "mode": "manual"} + application/json: {"id": "newrelic-events-output", "type": "newrelic_events", "accountId": "123456", "eventType": "CriblEvent", "apiKey": "your-api-key"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesFirehose: + OutputCreateExamplesSnmp: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "firehose-source", "type": "firehose", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} + application/json: {"id": "snmp-output", "type": "snmp", "hosts": [{"host": "192.168.1.1", "port": 161}]} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesGrafana: + OutputCreateExamplesInfluxdb: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "grafana-source", "type": "grafana", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080, "prometheusAPI": "/api/prom/push"} + application/json: {"id": "influxdb-output", "type": "influxdb", "url": "http://localhost:8086", "database": "mydb"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesGooglePubsub: + OutputCreateExamplesMinio: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "google-pubsub-source", "type": "google_pubsub", "sendToRoutes": true, "pqEnabled": false, "topicName": "my-topic", "subscriptionName": "my-subscription"} + application/json: {"id": "minio-output", "type": "minio", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "http://localhost:9000"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesHttp: + OutputCreateExamplesCloudwatch: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "http-source", "type": "http", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} + application/json: {"id": "cloudwatch-output", "type": "cloudwatch", "logGroupName": "my-log-group", "logStreamName": "my-log-stream", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesHttpRaw: + OutputCreateExamplesAzureEventhub: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "http-raw-source", "type": "http_raw", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} + application/json: {"id": "azure-eventhub-output", "type": "azure_eventhub", "brokers": ["myeventhub.servicebus.windows.net:9093"], "topic": "logs"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesJournalFiles: + OutputCreateExamplesStatsd: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "journal-files-source", "type": "journal_files", "sendToRoutes": true, "pqEnabled": false, "path": "/var/log/journal", "journals": ["system"]} + application/json: {"id": "statsd-output", "type": "statsd", "protocol": "udp", "host": "localhost", "port": 8125} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesKafka: + OutputCreateExamplesStatsdExt: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "kafka-source", "type": "kafka", "sendToRoutes": true, "pqEnabled": false, "brokers": ["localhost:9092"], "topics": ["logs"]} + application/json: {"id": "statsd-ext-output", "type": "statsd_ext", "protocol": "udp", "host": "localhost", "port": 8125} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesKinesis: + OutputCreateExamplesGraphite: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "kinesis-source", "type": "kinesis", "sendToRoutes": true, "pqEnabled": false, "streamName": "my-stream", "region": "us-east-1"} + application/json: {"id": "graphite-output", "type": "graphite", "protocol": "tcp", "host": "localhost", "port": 2003} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesKubeEvents: + OutputCreateExamplesWavefront: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "kube-events-source", "type": "kube_events", "sendToRoutes": true, "pqEnabled": false} + application/json: {"id": "wavefront-output", "type": "wavefront", "domain": "longboard", "token": "your-token"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesKubeLogs: + OutputCreateExamplesSignalfx: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "kube-logs-source", "type": "kube_logs", "sendToRoutes": true, "pqEnabled": false} + application/json: {"id": "signalfx-output", "type": "signalfx", "realm": "us0", "token": "your-token"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesKubeMetrics: + OutputCreateExamplesSqs: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "kube-metrics-source", "type": "kube_metrics", "sendToRoutes": true, "pqEnabled": false} + application/json: {"id": "sqs-output", "type": "sqs", "queueName": "my-queue", "queueType": "standard", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesLoki: + OutputCreateExamplesGoogleCloudStorage: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "loki-source", "type": "loki", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080, "lokiAPI": "/loki/api/v1/push"} + application/json: {"id": "google-cloud-storage-output", "type": "google_cloud_storage", "bucket": "my-bucket", "region": "us-east1", "endpoint": "https://storage.googleapis.com", "stagePath": "/tmp/staging"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesMetrics: + OutputCreateExamplesSumoLogic: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "metrics-source", "type": "metrics", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "udpPort": 8125} + application/json: {"id": "sumo-logic-output", "type": "sumo_logic", "url": "https://endpoint1.collection.us2.sumologic.com"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesModelDrivenTelemetry: + OutputCreateExamplesDatadog: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "mdt-source", "type": "model_driven_telemetry", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 57000} + application/json: {"id": "datadog-output", "type": "datadog", "apiKey": "your-api-key"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesMsk: + OutputCreateExamplesWebhook: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "msk-source", "type": "msk", "sendToRoutes": true, "pqEnabled": false, "brokers": ["b-1.example.xxxxx.c2.kafka.us-east-1.amazonaws.com:9092"], "topics": ["logs"], "awsAuthenticationMethod": "auto", "region": "us-east-1"} + application/json: {"id": "webhook-output", "type": "webhook", "url": "https://example.com/webhook"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesNetflow: + OutputCreateExamplesPrometheus: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "netflow-source", "type": "netflow", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 2055} + application/json: {"id": "prometheus-output", "type": "prometheus", "url": "http://localhost:9091/api/v1/write"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesOffice365Mgmt: + OutputCreateExamplesGooglePubsub: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "office365-mgmt-source", "type": "office365_mgmt", "sendToRoutes": true, "pqEnabled": false, "planType": "enterprise_gcc", "tenantId": "tenant-id", "appId": "app-id"} + application/json: {"id": "google-pubsub-output", "type": "google_pubsub", "topicName": "my-topic"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesMicrosoftGraph: + OutputCreateExamplesGoogleChronicle: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "microsoft-graph-source", "type": "microsoft_graph", "sendToRoutes": true, "pqEnabled": false, "url": "https://graph.microsoft.com/v1.0/admin/exchange/tracing/messageTraces", "interval": 15} + application/json: {"id": "google-chronicle-output", "type": "google_chronicle", "logFormatType": "unstructured", "region": "us", "customerId": "customer-id"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesOffice365MsgTrace: + OutputCreateExamplesChronicle: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "office365-msg-trace-source", "type": "office365_msg_trace", "sendToRoutes": true, "pqEnabled": false, "url": "https://reports.office365.com/ecp/reportingwebservice/reporting.svc/MessageTrace", "interval": 15} + application/json: {"id": "chronicle-output", "type": "chronicle", "region": "us", "logType": "UNKNOWN", "gcpProjectId": "my-project", "gcpInstance": "customer-id"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesOffice365Service: + OutputCreateExamplesGrafanaCloud: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "office365-service-source", "type": "office365_service", "sendToRoutes": true, "pqEnabled": false, "tenantId": "tenant-id", "appId": "app-id"} + application/json: {"id": "grafana-cloud-output", "type": "grafana_cloud", "lokiUrl": "https://logs-prod-us-central1.grafana.net"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesOpenAI: + OutputCreateExamplesLoki: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "openai-source", "type": "openai", "sendToRoutes": true, "pqEnabled": false, "contentConfig": [{"disabled": false, "requestParams": [{"name": "effective_at[gt]", "value": "`${Math.round(Date.now()/1000 - 3600)}`"}, {"name": "limit", "value": "100"}], "paginationType": "response_body", "paginationAttribute": ["last_id"], "paginationLastPageExpr": "has_more === false", "cronSchedule": "0 * * * *", "earliest": "-1h", "latest": "now"}], "textSecret": "openai-api-key-secret"} + application/json: {"id": "loki-output", "type": "loki", "url": "http://localhost:3100/loki/api/v1/push"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesOpenTelemetry: + OutputCreateExamplesOpenTelemetry: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "otel-source", "type": "open_telemetry", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 4317} + application/json: {"id": "opentelemetry-output", "type": "open_telemetry", "endpoint": "http://localhost:4317"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesPrometheus: + OutputCreateExamplesServiceNow: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "prometheus-source", "type": "prometheus", "sendToRoutes": true, "pqEnabled": false, "discoveryType": "static", "interval": 60, "logLevel": "info", "targetList": ["http://localhost:9090/metrics"]} + application/json: {"id": "servicenow-output", "type": "service_now", "endpoint": "ingest.lightstep.com:443", "tokenSecret": "your-token-secret", "otlpVersion": "1.3.1", "protocol": "http"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesPrometheusRw: + OutputCreateExamplesDynatraceOtlp: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "prometheus-rw-source", "type": "prometheus_rw", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080, "prometheusAPI": "/write"} + application/json: {"id": "dynatrace-otlp-output", "type": "dynatrace_otlp", "protocol": "http", "endpoint": "https://your-environment.live.dynatrace.com/api/v2/otlp", "otlpVersion": "1.3.1", "endpointType": "saas", "tokenSecret": "your-token-secret"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesRawUdp: + OutputCreateExamplesSentinelOneAiSiem: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "raw-udp-source", "type": "raw_udp", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 514} + application/json: {"id": "sentinel-one-ai-siem-output", "type": "sentinel_one_ai_siem", "region": "US", "endpoint": "/services/collector/event"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesS3: + OutputCreateExamplesDataset: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "s3-source", "type": "s3", "sendToRoutes": true, "pqEnabled": false, "queueName": "s3-notifications-queue", "region": "us-east-1"} + application/json: {"id": "dataset-output", "type": "dataset"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesS3Inventory: + OutputCreateExamplesRing: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "s3-inventory-source", "type": "s3_inventory", "sendToRoutes": true, "pqEnabled": false, "queueName": "s3-inventory-queue", "region": "us-east-1"} + application/json: {"id": "ring-output", "type": "ring"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesSecurityLake: + OutputCreateExamplesRouter: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "security-lake-source", "type": "security_lake", "sendToRoutes": true, "pqEnabled": false, "queueName": "security-lake-queue", "region": "us-east-1"} + application/json: {"id": "router-output", "type": "router", "rules": [{"filter": "true", "output": "my-output"}]} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesSnmp: + OutputCreateExamplesWizHec: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "snmp-source", "type": "snmp", "sendToRoutes": true, "pqEnabled": false, "host": "192.168.1.1", "port": 161} + application/json: {"id": "wiz-hec-output", "type": "wiz_hec", "authType": "manual", "wiz_connector_id": "00000000-0000-0000-0000-000000000000", "wiz_environment": "test", "data_center": "us1", "wiz_sourcetype": "placeholder"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesSplunk: + OutputCreateExamplesHumioHec: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "splunk-source", "type": "splunk", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 9997} + application/json: {"id": "humio-hec-output", "type": "humio_hec", "url": "https://cloud.us.humio.com/api/v1/ingest/hec", "format": "JSON", "authType": "manual", "token": "your-token"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesSplunkHec: + OutputCreateExamplesCrowdstrikeNextGenSiem: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "splunk-hec-source", "type": "splunk_hec", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8088, "splunkHecAPI": "/services/collector"} + application/json: {"id": "crowdstrike-next-gen-siem-output", "type": "crowdstrike_next_gen_siem", "url": "https://ingest.us.crowdstrike.com/api/ingest/hec/connection-id/v1/services/collector", "format": "JSON", "authType": "manual", "token": "your-token"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesSplunkSearch: + OutputCreateExamplesCriblHttp: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "splunk-search-source", "type": "splunk_search", "sendToRoutes": true, "pqEnabled": false, "searchHead": "https://localhost:8089", "search": "index=main", "cronSchedule": "*/15 * * * *", "endpoint": "/services/search/v2/jobs/export", "outputMode": "json", "authType": "basic"} + application/json: {"id": "cribl-http-output", "type": "cribl_http"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesSqs: + OutputCreateExamplesCriblTcp: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "sqs-source", "type": "sqs", "sendToRoutes": true, "pqEnabled": false, "queueName": "my-queue", "queueType": "standard", "region": "us-east-1"} + application/json: {"id": "cribl-tcp-output", "type": "cribl_tcp", "host": "localhost", "port": 10090} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesSyslog: + OutputCreateExamplesCriblSearchEngine: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "syslog-source", "type": "syslog", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "udpPort": 514} + application/json: {"id": "cribl-search-engine-output", "type": "cribl_search_engine", "systemFields": ["cribl_pipe"], "streamtags": [], "loadBalanced": false, "tls": {"disabled": true}, "tokenTTLMinutes": 60, "excludeFields": ["__kube_*", "__metadata", "__winEvent"], "compression": "gzip", "concurrency": 5, "maxPayloadSizeKB": 4096, "maxPayloadEvents": 0, "rejectUnauthorized": true, "timeoutSec": 30, "flushPeriodSec": 1, "failedRequestLoggingMode": "none", "safeHeaders": [], "throttleRatePerSec": "0", "responseRetrySettings": [{"httpStatus": 401, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 20000}, {"httpStatus": 403, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 20000}, {"httpStatus": 408, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 429, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 500, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 502, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 503, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 504, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 509, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}], "timeoutRetrySettings": {"timeoutRetry": false}, "responseHonorRetryAfterHeader": true, "onBackpressure": "block", "useRoundRobinDns": true, "url": "https://0.0.0.0:10200"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesSystemMetrics: + OutputCreateExamplesGoogleCloudLogging: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "system-metrics-source", "type": "system_metrics", "sendToRoutes": true, "pqEnabled": false} + application/json: {"id": "google-cloud-logging-output", "type": "google_cloud_logging", "logLocationType": "project", "logNameExpression": "my-log", "logLocationExpression": "my-project"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesSystemState: + OutputCreateExamplesSns: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "system-state-source", "type": "system_state", "sendToRoutes": true, "pqEnabled": false} + application/json: {"id": "sns-output", "type": "sns", "topicArn": "arn:aws:sns:us-east-1:123456789012:my-topic", "messageGroupId": "my-message-group", "region": "us-east-1"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesTcp: + OutputCreateExamplesDlS3: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "tcp-source", "type": "tcp", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10090} + application/json: {"id": "dl-s3-output", "type": "dl_s3", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesTcpjson: + OutputCreateExamplesSecurityLake: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "tcpjson-source", "type": "tcpjson", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10090} + application/json: {"id": "security-lake-output", "type": "security_lake", "assumeRoleArn": "arn:aws:iam::123456789012:role/my-role", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging", "accountId": "123456789012", "customSource": "my-custom-source"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesWef: + OutputCreateExamplesCriblLake: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "wef-source", "type": "wef", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 5985, "subscriptions": [{"subscriptionName": "subscription-1", "contentFormat": "RenderedText", "heartbeatInterval": 60, "batchTimeout": 5, "targets": []}]} + application/json: {"id": "cribl-lake-output", "type": "cribl_lake"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesWinEventLogs: + OutputCreateExamplesExabeam: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "win-event-logs-source", "type": "win_event_logs", "sendToRoutes": true, "pqEnabled": false, "logNames": ["Application", "System"]} + application/json: {"id": "exabeam-output", "type": "exabeam", "bucket": "my-bucket", "region": "us-east1", "stagePath": "/tmp/staging", "endpoint": "https://storage.googleapis.com", "collectorInstanceId": "11112222-3333-4444-5555-666677778888"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesWindowsMetrics: + OutputCreateExamplesDiskSpool: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "windows-metrics-source", "type": "windows_metrics", "sendToRoutes": true, "pqEnabled": false} + application/json: {"id": "disk-spool-output", "type": "disk_spool"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesWiz: + OutputCreateExamplesClickHouse: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "wiz-source", "type": "wiz", "sendToRoutes": true, "pqEnabled": false, "endpoint": "https://api.wiz.io", "authUrl": "https://auth.wiz.io/oauth/token", "clientId": "client-id", "contentConfig": []} + application/json: {"id": "clickhouse-output", "type": "click_house", "url": "http://localhost:8123/", "database": "mydb", "tableName": "mytable"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesWizWebhook: + OutputCreateExamplesLocalSearchStorage: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "wiz-webhook-source", "type": "wiz_webhook", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 10080} + application/json: {"id": "local-search-storage-output", "type": "local_search_storage", "url": "http://localhost:8123/", "database": "default", "tableName": "mytable"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesZscalerHec: + OutputCreateExamplesXsiam: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "zscaler-hec-source", "type": "zscaler_hec", "sendToRoutes": true, "pqEnabled": false, "host": "0.0.0.0", "port": 8088, "hecAPI": "/services/collector"} + application/json: {"id": "xsiam-output", "type": "xsiam"} responses: "200": application/json: {} "500": application/json: {} - speakeasy-default-update-input-system-by-pack-and-id: + OutputCreateExamplesNetflow: parameters: path: id: "" pack: "" requestBody: - application/json: {"type": "edge_prometheus", "discoveryType": "k8s-pods", "interval": 2688.55} + application/json: {"id": "netflow-output", "type": "netflow", "hosts": [{"host": "localhost", "port": 2055}]} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesAnthropicCompliance: + OutputCreateExamplesDynatraceHttp: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "anthropic-compliance-source", "type": "anthropic_compliance", "sendToRoutes": true, "pqEnabled": false, "textSecret": "anthropic-api-key-secret", "contentConfig": [{"contentType": "activities", "contentDescription": "Compliance Activities", "enabled": true, "stateTracking": true, "stateUpdateExpression": "__timestampExtracted !== false && {latestTime: (state.latestTime || 0) > _time ? state.latestTime : _time}", "stateMergeExpression": "prevState.latestTime > newState.latestTime ? prevState : newState", "cronSchedule": "*/5 * * * *", "earliest": "-7d@d", "latest": "now", "jobTimeout": "300"}]} + application/json: {"id": "dynatrace-http-output", "type": "dynatrace_http", "authType": "token", "format": "json_array", "endpoint": "cloud", "telemetryType": "logs", "token": "your-api-key"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesAppleUnifiedLogs: + OutputCreateExamplesDatabricks: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "apple-unified-logs-source", "type": "apple_unified_logs", "sendToRoutes": true, "pqEnabled": false, "predicate": "subsystem == \"com.apple.security\""} + application/json: {"id": "databricks-output", "type": "databricks", "workspaceId": "your-workspace-id", "scope": "all-apis", "clientId": "your-client-id", "catalog": "main", "schema": "external", "eventsVolumeName": "events", "clientTextSecret": "your-client-secret"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesEventhubAmqp: + speakeasy-default-update-output-system-by-pack-and-id: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "eventhub-amqp-source", "type": "eventhub_amqp", "sendToRoutes": true, "pqEnabled": false, "eventHubName": "my-event-hub", "consumerGroup": "$Default", "checkpointing": {"blobStore": {"containerName": "my-container"}}} + application/json: {"type": "azure_data_explorer", "clusterUrl": "https://rewarding-skeleton.name", "database": "", "table": "", "oauthEndpoint": "https://login.partner.microsoftonline.cn", "tenantId": "", "clientId": "", "scope": "", "oauthType": "certificate", "compress": "none"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesOkta: + OutputCreateExamplesNutanixObjects: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "okta-source", "type": "okta", "sendToRoutes": true, "pqEnabled": false, "oktaDomain": "your-org", "textSecret": "okta-api-token-secret", "cronSchedule": "*/5 * * * *", "earliest": "-7d@d", "latest": "now"} + application/json: {"id": "nutanix-objects-output", "type": "nutanix_objects", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://nutanix-objects.example.com"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesOpenAIComplianceLogs: + OutputCreateExamplesStorjS3: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "openai-compliance-logs-source", "type": "openai_compliance_logs", "sendToRoutes": true, "pqEnabled": false, "textSecret": "openai-api-key-secret", "accountType": "workspace", "cronSchedule": "*/15 * * * *", "earliest": "-1h", "latest": "now", "workspaceId": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee", "workspaceEventTypes": ["AUDIT_LOG", "AUTH_LOG"]} + application/json: {"id": "storj-s3-output", "type": "storj_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://gateway.storjshare.io"} responses: "200": application/json: {} "500": application/json: {} - InputCreateExamplesServiceNowTable: + OutputCreateExamplesAlphasocS3: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "servicenow-table-source", "type": "servicenow_table", "sendToRoutes": true, "pqEnabled": false, "instance": "https://example.service-now.com", "tableName": "incident", "fields": ["sys_id", "number", "short_description"], "pageSize": 10000, "cronSchedule": "0 * * * *", "earliest": "-1d", "latest": "now"} + application/json: {"id": "alphasoc-s3-output", "type": "alphasoc_s3", "bucket": "events", "stagePath": "/tmp/staging", "endpoint": "https://s3.alphasoc.net"} responses: "200": application/json: {} "500": application/json: {} - deleteInputSystemByPackAndId: - speakeasy-default-delete-input-system-by-pack-and-id: + OutputCreateExamplesdellS3: parameters: path: id: "" pack: "" + requestBody: + application/json: {"id": "dell-s3-output", "type": "dell_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://powerscale.example.com:9021"} responses: "200": application/json: {} "500": application/json: {} - createInputSystemHecTokenByPackAndId: - HecTokenExamplesHecToken: + OutputCreateExamplescloudianS3: parameters: path: id: "" pack: "" requestBody: - application/json: {"enabled": true, "metadata": [{"name": "fieldX", "value": "valueX"}], "token": "12345678901"} + application/json: {"id": "cloudian-s3-output", "type": "cloudian_s3", "endpoint": "https://s3.hyperstore.example.com", "bucket": "my-bucket", "stagePath": "/tmp/staging"} responses: "200": application/json: {} "500": application/json: {} - HecTokenExamplesHecTokenWithIndexAccess: + OutputCreateExamplesscalityS3: parameters: path: id: "" pack: "" requestBody: - application/json: {"allowedIndexesAtToken": ["myIndex6"], "enabled": true, "token": "12345678901"} + application/json: {"id": "scality-s3-output", "type": "scality_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://s3.scality.example.com"} responses: "200": application/json: {} "500": application/json: {} - speakeasy-default-create-input-system-hec-token-by-pack-and-id: + OutputCreateExamplesalibabaCloudS3: parameters: path: id: "" pack: "" requestBody: - application/json: {"token": ""} + application/json: {"id": "alibaba-oss-output", "type": "alibaba_cloud_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://s3.oss-cn-hangzhou.aliyuncs.com"} responses: "200": application/json: {} "500": application/json: {} - updateInputSystemHecTokenByPackAndIdAndToken: - HecTokenExamplesHecToken: + UpdateOutputExamplesDefault: parameters: path: id: "" - token: "" pack: "" requestBody: - application/json: {"enabled": true, "metadata": [{"name": "fieldX", "value": "valueX"}]} + application/json: {"id": "default-output", "type": "default", "defaultId": "my-default-output"} responses: "200": application/json: {} "500": application/json: {} - HecTokenExamplesHecTokenWithIndexAccess: + UpdateOutputExamplesTcpjson: parameters: path: id: "" - token: "" pack: "" requestBody: - application/json: {"allowedIndexesAtToken": ["myIndex6"], "enabled": true} + application/json: {"id": "tcpjson-output", "type": "tcpjson", "host": "localhost", "port": 10090} responses: "200": application/json: {} "500": application/json: {} - speakeasy-default-update-input-system-hec-token-by-pack-and-id-and-token: + UpdateOutputExamplesSplunk: parameters: path: id: "" - token: "" pack: "" requestBody: - application/json: {} + application/json: {"id": "splunk-output", "type": "splunk", "host": "localhost", "port": 9997} responses: "200": application/json: {} "500": application/json: {} - deleteInputSystemPqByPackAndId: - speakeasy-default-delete-input-system-pq-by-pack-and-id: + UpdateOutputExamplesSplunkLb: parameters: path: id: "" pack: "" + requestBody: + application/json: {"id": "splunk-lb-output", "type": "splunk_lb", "hosts": [{"host": "localhost", "port": 9997}]} responses: - "201": + "200": application/json: {} "500": application/json: {} - getInputSystemPqByPackAndId: - speakeasy-default-get-input-system-pq-by-pack-and-id: + UpdateOutputExamplesSplunkHec: parameters: path: id: "" pack: "" + requestBody: + application/json: {"id": "splunk-hec-output", "type": "splunk_hec"} responses: "200": application/json: {} "500": application/json: {} - getInputStatusSystemInputsByPackAndId: - speakeasy-default-get-input-status-system-inputs-by-pack-and-id: + UpdateOutputExamplesSyslog: parameters: path: id: "" pack: "" + requestBody: + application/json: {"id": "syslog-output", "type": "syslog", "host": "localhost", "port": 514} responses: "200": application/json: {} "500": application/json: {} - getInputStatusSystemInputsByPack: - speakeasy-default-get-input-status-system-inputs-by-pack: + UpdateOutputExamplesFilesystem: parameters: path: + id: "" pack: "" + requestBody: + application/json: {"id": "filesystem-output", "type": "filesystem", "destPath": "/var/log/output"} responses: "200": application/json: {} "500": application/json: {} - getOutputSystemByPack: - speakeasy-default-get-output-system-by-pack: + UpdateOutputExamplesS3: parameters: path: + id: "" pack: "" + requestBody: + application/json: {"id": "s3-output", "type": "s3", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging"} responses: "200": application/json: {} "500": application/json: {} - createOutputSystemByPack: - OutputCreateExamplesTcpjson: + UpdateOutputExamplesNutanixObjects: parameters: path: + id: "" pack: "" requestBody: - application/json: {"id": "tcpjson-output", "type": "tcpjson", "host": "localhost", "port": 10090} + application/json: {"id": "nutanix-objects-output", "type": "nutanix_objects", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://nutanix-objects.example.com"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSplunk: + UpdateOutputExamplesStorjS3: parameters: path: + id: "" pack: "" requestBody: - application/json: {"id": "splunk-output", "type": "splunk", "host": "localhost", "port": 9997} + application/json: {"id": "storj-s3-output", "type": "storj_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://gateway.storjshare.io"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSplunkLb: + UpdateOutputExamplesAlphasocS3: parameters: path: + id: "" pack: "" requestBody: - application/json: {"id": "splunk-lb-output", "type": "splunk_lb", "hosts": [{"host": "localhost", "port": 9997}]} + application/json: {"id": "alphasoc-s3-output", "type": "alphasoc_s3", "bucket": "events", "stagePath": "/tmp/staging", "endpoint": "https://s3.alphasoc.net"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSplunkHec: + UpdateOutputExamplesdellS3: parameters: path: + id: "" pack: "" requestBody: - application/json: {"id": "splunk-hec-output", "type": "splunk_hec"} + application/json: {"id": "dell-s3-output", "type": "dell_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://powerscale.example.com:9021"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSyslog: + UpdateOutputExamplescloudianS3: parameters: path: + id: "" pack: "" requestBody: - application/json: {"id": "syslog-output", "type": "syslog", "host": "localhost", "port": 514} + application/json: {"id": "cloudian-s3-output", "type": "cloudian_s3", "endpoint": "https://s3.hyperstore.example.com", "bucket": "my-bucket", "stagePath": "/tmp/staging"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesFilesystem: + UpdateOutputExamplesscalityS3: parameters: path: + id: "" pack: "" requestBody: - application/json: {"id": "filesystem-output", "type": "filesystem", "destPath": "/var/log/output"} + application/json: {"id": "scality-s3-output", "type": "scality_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://s3.scality.example.com"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesS3: + UpdateOutputExamplesalibabaCloudS3: parameters: path: + id: "" pack: "" requestBody: - application/json: {"id": "s3-output", "type": "s3", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging"} + application/json: {"id": "alibaba-oss-output", "type": "alibaba_cloud_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://s3.oss-cn-hangzhou.aliyuncs.com"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesAzureBlob: + UpdateOutputExamplesAzureBlob: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "azure-blob-output", "type": "azure_blob", "containerName": "my-container", "stagePath": "/tmp/staging"} @@ -27296,9 +31930,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesAzureDataExplorer: + UpdateOutputExamplesAzureDataExplorer: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "azure-data-explorer-output", "type": "azure_data_explorer", "clusterUrl": "https://mycluster.kusto.windows.net", "database": "mydatabase", "table": "mytable", "ingestMode": "streaming", "oauthEndpoint": "https://login.microsoftonline.com", "tenantId": "tenant-id", "clientId": "client-id", "scope": "https://mycluster.kusto.windows.net/.default", "oauthType": "clientSecret", "clientSecret": "client-secret", "format": "json", "compress": "gzip"} @@ -27307,9 +31942,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesSentinel: + UpdateOutputExamplesSentinel: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "sentinel-output", "type": "sentinel", "loginUrl": "https://login.microsoftonline.com", "secret": "client-secret", "client_id": "client-id", "endpointURLConfiguration": "url", "url": "https://your-workspace.ingest.monitor.azure.com"} @@ -27318,9 +31954,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesAzureLogs: + UpdateOutputExamplesAzureLogs: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "azure-logs-output", "type": "azure_logs", "logType": "Cribl", "authType": "manual", "workspaceId": "workspace-id", "workspaceKey": "workspace-key"} @@ -27329,9 +31966,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesKafka: + UpdateOutputExamplesKafka: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "kafka-output", "type": "kafka", "brokers": ["localhost:9092"], "topic": "logs"} @@ -27340,9 +31978,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesConfluentCloud: + UpdateOutputExamplesConfluentCloud: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "confluent-cloud-output", "type": "confluent_cloud", "brokers": ["pkc-xxxxx.us-east-1.aws.confluent.cloud:9092"], "topic": "logs"} @@ -27351,9 +31990,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesMsk: + UpdateOutputExamplesMsk: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "msk-output", "type": "msk", "brokers": ["b-1.example.xxxxx.c2.kafka.us-east-1.amazonaws.com:9092"], "topic": "logs", "awsAuthenticationMethod": "auto", "region": "us-east-1"} @@ -27362,9 +32002,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesKinesis: + UpdateOutputExamplesKinesis: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "kinesis-output", "type": "kinesis", "streamName": "my-stream", "region": "us-east-1"} @@ -27373,9 +32014,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesElastic: + UpdateOutputExamplesElastic: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "elastic-output", "type": "elastic", "index": "logs"} @@ -27384,9 +32026,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesElasticCloud: + UpdateOutputExamplesElasticCloud: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "elastic-cloud-output", "type": "elastic_cloud", "url": "my-cloud-id", "index": "logs"} @@ -27395,9 +32038,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesMicrosoftFabric: + UpdateOutputExamplesMicrosoftFabric: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "microsoft-fabric-output", "type": "microsoft_fabric", "topic": "logs", "bootstrap_server": "myeventstream.servicebus.windows.net:9093"} @@ -27406,9 +32050,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesCloudflareR2: + UpdateOutputExamplesCloudflareR2: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "cloudflare-r2-output", "type": "cloudflare_r2", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://account-id.r2.cloudflarestorage.com"} @@ -27417,9 +32062,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesHoneycomb: + UpdateOutputExamplesHoneycomb: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "honeycomb-output", "type": "honeycomb", "dataset": "my-dataset"} @@ -27428,9 +32074,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesNewrelic: + UpdateOutputExamplesNewrelic: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "newrelic-output", "type": "newrelic", "apiKey": "your-api-key"} @@ -27439,9 +32086,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesNewrelicEvents: + UpdateOutputExamplesNewrelicEvents: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "newrelic-events-output", "type": "newrelic_events", "accountId": "123456", "eventType": "CriblEvent", "apiKey": "your-api-key"} @@ -27450,9 +32098,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesSnmp: + UpdateOutputExamplesSnmp: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "snmp-output", "type": "snmp", "hosts": [{"host": "192.168.1.1", "port": 161}]} @@ -27461,9 +32110,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesInfluxdb: + UpdateOutputExamplesInfluxdb: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "influxdb-output", "type": "influxdb", "url": "http://localhost:8086", "database": "mydb"} @@ -27472,9 +32122,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesMinio: + UpdateOutputExamplesMinio: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "minio-output", "type": "minio", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "http://localhost:9000"} @@ -27483,9 +32134,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesCloudwatch: + UpdateOutputExamplesCloudwatch: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "cloudwatch-output", "type": "cloudwatch", "logGroupName": "my-log-group", "logStreamName": "my-log-stream", "region": "us-east-1"} @@ -27494,9 +32146,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesAzureEventhub: + UpdateOutputExamplesAzureEventhub: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "azure-eventhub-output", "type": "azure_eventhub", "brokers": ["myeventhub.servicebus.windows.net:9093"], "topic": "logs"} @@ -27505,9 +32158,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesStatsd: + UpdateOutputExamplesStatsd: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "statsd-output", "type": "statsd", "protocol": "udp", "host": "localhost", "port": 8125} @@ -27516,9 +32170,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesStatsdExt: + UpdateOutputExamplesStatsdExt: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "statsd-ext-output", "type": "statsd_ext", "protocol": "udp", "host": "localhost", "port": 8125} @@ -27527,9 +32182,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesGraphite: + UpdateOutputExamplesGraphite: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "graphite-output", "type": "graphite", "protocol": "tcp", "host": "localhost", "port": 2003} @@ -27538,9 +32194,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesWavefront: + UpdateOutputExamplesWavefront: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "wavefront-output", "type": "wavefront", "domain": "longboard", "token": "your-token"} @@ -27549,9 +32206,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesSignalfx: + UpdateOutputExamplesSignalfx: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "signalfx-output", "type": "signalfx", "realm": "us0", "token": "your-token"} @@ -27560,9 +32218,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesSqs: + UpdateOutputExamplesSqs: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "sqs-output", "type": "sqs", "queueName": "my-queue", "queueType": "standard", "region": "us-east-1"} @@ -27571,9 +32230,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesGoogleCloudStorage: + UpdateOutputExamplesGoogleCloudStorage: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "google-cloud-storage-output", "type": "google_cloud_storage", "bucket": "my-bucket", "region": "us-east1", "endpoint": "https://storage.googleapis.com", "stagePath": "/tmp/staging"} @@ -27582,9 +32242,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesSumoLogic: + UpdateOutputExamplesSumoLogic: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "sumo-logic-output", "type": "sumo_logic", "url": "https://endpoint1.collection.us2.sumologic.com"} @@ -27593,9 +32254,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesDatadog: + UpdateOutputExamplesDatadog: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "datadog-output", "type": "datadog", "apiKey": "your-api-key"} @@ -27604,9 +32266,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesWebhook: + UpdateOutputExamplesWebhook: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "webhook-output", "type": "webhook", "url": "https://example.com/webhook"} @@ -27615,9 +32278,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesPrometheus: + UpdateOutputExamplesPrometheus: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "prometheus-output", "type": "prometheus", "url": "http://localhost:9091/api/v1/write"} @@ -27626,9 +32290,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesGooglePubsub: + UpdateOutputExamplesGooglePubsub: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "google-pubsub-output", "type": "google_pubsub", "topicName": "my-topic"} @@ -27637,9 +32302,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesGoogleChronicle: + UpdateOutputExamplesGoogleChronicle: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "google-chronicle-output", "type": "google_chronicle", "logFormatType": "unstructured", "region": "us", "customerId": "customer-id"} @@ -27648,9 +32314,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesChronicle: + UpdateOutputExamplesChronicle: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "chronicle-output", "type": "chronicle", "region": "us", "logType": "UNKNOWN", "gcpProjectId": "my-project", "gcpInstance": "customer-id"} @@ -27659,9 +32326,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesGrafanaCloud: + UpdateOutputExamplesGrafanaCloud: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "grafana-cloud-output", "type": "grafana_cloud", "lokiUrl": "https://logs-prod-us-central1.grafana.net"} @@ -27670,9 +32338,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesLoki: + UpdateOutputExamplesLoki: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "loki-output", "type": "loki", "url": "http://localhost:3100/loki/api/v1/push"} @@ -27681,9 +32350,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesOpenTelemetry: + UpdateOutputExamplesOpenTelemetry: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "opentelemetry-output", "type": "open_telemetry", "endpoint": "http://localhost:4317"} @@ -27692,9 +32362,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesServiceNow: + UpdateOutputExamplesServiceNow: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "servicenow-output", "type": "service_now", "endpoint": "ingest.lightstep.com:443", "tokenSecret": "your-token-secret", "otlpVersion": "1.3.1", "protocol": "http"} @@ -27703,9 +32374,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesDynatraceOtlp: + UpdateOutputExamplesDynatraceOtlp: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "dynatrace-otlp-output", "type": "dynatrace_otlp", "protocol": "http", "endpoint": "https://your-environment.live.dynatrace.com/api/v2/otlp", "otlpVersion": "1.3.1", "endpointType": "saas", "tokenSecret": "your-token-secret"} @@ -27714,9 +32386,22 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesSentinelOneAiSiem: + UpdateOutputExamplesGoogleCloudObservability: + parameters: + path: + id: "" + pack: "" + requestBody: + application/json: {"id": "google-cloud-observability-output", "type": "google_cloud_observability", "googleAuthMethod": "auto"} + responses: + "200": + application/json: {} + "500": + application/json: {} + UpdateOutputExamplesSentinelOneAiSiem: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "sentinel-one-ai-siem-output", "type": "sentinel_one_ai_siem", "region": "US", "endpoint": "/services/collector/event"} @@ -27725,9 +32410,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesDataset: + UpdateOutputExamplesDataset: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "dataset-output", "type": "dataset"} @@ -27736,9 +32422,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesRing: + UpdateOutputExamplesRing: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "ring-output", "type": "ring"} @@ -27747,9 +32434,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesRouter: + UpdateOutputExamplesRouter: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "router-output", "type": "router", "rules": [{"filter": "true", "output": "my-output"}]} @@ -27758,9 +32446,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesWizHec: + UpdateOutputExamplesWizHec: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "wiz-hec-output", "type": "wiz_hec", "authType": "manual", "wiz_connector_id": "00000000-0000-0000-0000-000000000000", "wiz_environment": "test", "data_center": "us1", "wiz_sourcetype": "placeholder"} @@ -27769,9 +32458,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesHumioHec: + UpdateOutputExamplesHumioHec: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "humio-hec-output", "type": "humio_hec", "url": "https://cloud.us.humio.com/api/v1/ingest/hec", "format": "JSON", "authType": "manual", "token": "your-token"} @@ -27780,9 +32470,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesCrowdstrikeNextGenSiem: + UpdateOutputExamplesCrowdstrikeNextGenSiem: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "crowdstrike-next-gen-siem-output", "type": "crowdstrike_next_gen_siem", "url": "https://ingest.us.crowdstrike.com/api/ingest/hec/connection-id/v1/services/collector", "format": "JSON", "authType": "manual", "token": "your-token"} @@ -27791,9 +32482,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesCriblHttp: + UpdateOutputExamplesCriblHttp: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "cribl-http-output", "type": "cribl_http"} @@ -27802,9 +32494,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesCriblTcp: + UpdateOutputExamplesCriblTcp: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "cribl-tcp-output", "type": "cribl_tcp", "host": "localhost", "port": 10090} @@ -27813,9 +32506,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesCriblSearchEngine: + UpdateOutputExamplesCriblSearchEngine: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "cribl-search-engine-output", "type": "cribl_search_engine", "systemFields": ["cribl_pipe"], "streamtags": [], "loadBalanced": false, "tls": {"disabled": true}, "tokenTTLMinutes": 60, "excludeFields": ["__kube_*", "__metadata", "__winEvent"], "compression": "gzip", "concurrency": 5, "maxPayloadSizeKB": 4096, "maxPayloadEvents": 0, "rejectUnauthorized": true, "timeoutSec": 30, "flushPeriodSec": 1, "failedRequestLoggingMode": "none", "safeHeaders": [], "throttleRatePerSec": "0", "responseRetrySettings": [{"httpStatus": 401, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 20000}, {"httpStatus": 403, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 20000}, {"httpStatus": 408, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 429, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 500, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 502, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 503, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 504, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 509, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}], "timeoutRetrySettings": {"timeoutRetry": false}, "responseHonorRetryAfterHeader": true, "onBackpressure": "block", "useRoundRobinDns": true, "url": "https://0.0.0.0:10200"} @@ -27824,9 +32518,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesGoogleCloudLogging: + UpdateOutputExamplesGoogleCloudLogging: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "google-cloud-logging-output", "type": "google_cloud_logging", "logLocationType": "project", "logNameExpression": "my-log", "logLocationExpression": "my-project"} @@ -27835,9 +32530,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesSns: + UpdateOutputExamplesSns: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "sns-output", "type": "sns", "topicArn": "arn:aws:sns:us-east-1:123456789012:my-topic", "messageGroupId": "my-message-group", "region": "us-east-1"} @@ -27846,9 +32542,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesDlS3: + UpdateOutputExamplesDlS3: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "dl-s3-output", "type": "dl_s3", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging"} @@ -27857,9 +32554,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesSecurityLake: + UpdateOutputExamplesSecurityLake: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "security-lake-output", "type": "security_lake", "assumeRoleArn": "arn:aws:iam::123456789012:role/my-role", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging", "accountId": "123456789012", "customSource": "my-custom-source"} @@ -27868,9 +32566,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesCriblLake: + UpdateOutputExamplesCriblLake: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "cribl-lake-output", "type": "cribl_lake"} @@ -27879,9 +32578,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesExabeam: + UpdateOutputExamplesExabeam: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "exabeam-output", "type": "exabeam", "bucket": "my-bucket", "region": "us-east1", "stagePath": "/tmp/staging", "endpoint": "https://storage.googleapis.com", "collectorInstanceId": "11112222-3333-4444-5555-666677778888"} @@ -27890,9 +32590,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesDiskSpool: + UpdateOutputExamplesDiskSpool: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "disk-spool-output", "type": "disk_spool"} @@ -27901,9 +32602,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesClickHouse: + UpdateOutputExamplesClickHouse: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "clickhouse-output", "type": "click_house", "url": "http://localhost:8123/", "database": "mydb", "tableName": "mytable"} @@ -27912,9 +32614,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesLocalSearchStorage: + UpdateOutputExamplesLocalSearchStorage: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "local-search-storage-output", "type": "local_search_storage", "url": "http://localhost:8123/", "database": "default", "tableName": "mytable"} @@ -27923,9 +32626,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesXsiam: + UpdateOutputExamplesXsiam: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "xsiam-output", "type": "xsiam"} @@ -27934,9 +32638,10 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesNetflow: + UpdateOutputExamplesNetflow: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "netflow-output", "type": "netflow", "hosts": [{"host": "localhost", "port": 2055}]} @@ -27945,1170 +32650,1113 @@ examples: application/json: {} "500": application/json: {} - OutputCreateExamplesDynatraceHttp: - parameters: - path: - pack: "" - requestBody: - application/json: {"id": "dynatrace-http-output", "type": "dynatrace_http", "authType": "token", "format": "json_array", "endpoint": "cloud", "telemetryType": "logs", "token": "your-api-key"} - responses: - "200": - application/json: {} - "500": - application/json: {} - OutputCreateExamplesDatabricks: - parameters: - path: - pack: "" - requestBody: - application/json: {"id": "databricks-output", "type": "databricks", "workspaceId": "your-workspace-id", "scope": "all-apis", "clientId": "your-client-id", "catalog": "main", "schema": "external", "eventsVolumeName": "events", "clientTextSecret": "your-client-secret"} - responses: - "200": - application/json: {} - "500": - application/json: {} - speakeasy-default-create-output-system-by-pack: + UpdateOutputExamplesDynatraceHttp: parameters: path: + id: "" pack: "" requestBody: - application/json: {"id": "", "type": "minio", "bucket": "", "stagePath": "", "endpoint": ""} + application/json: {"id": "dynatrace-http-output", "type": "dynatrace_http", "authType": "token", "format": "json_array", "endpoint": "cloud", "telemetryType": "logs", "token": "your-api-key"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesNutanixObjects: + UpdateOutputExamplesDatabricks: parameters: path: + id: "" pack: "" requestBody: - application/json: {"id": "nutanix-objects-output", "type": "nutanix_objects", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://nutanix-objects.example.com"} + application/json: {"id": "databricks-output", "type": "databricks", "workspaceId": "your-workspace-id", "scope": "all-apis", "clientId": "your-client-id", "catalog": "main", "schema": "external", "eventsVolumeName": "events", "clientTextSecret": "your-client-secret"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesStorjS3: + deleteOutputSystemByPackAndId: + speakeasy-default-delete-output-system-by-pack-and-id: parameters: path: + id: "" pack: "" - requestBody: - application/json: {"id": "storj-s3-output", "type": "storj_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://gateway.storjshare.io"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesAlphasocS3: + deleteOutputSystemPqByPackAndId: + speakeasy-default-delete-output-system-pq-by-pack-and-id: parameters: path: + id: "" pack: "" - requestBody: - application/json: {"id": "alphasoc-s3-output", "type": "alphasoc_s3", "bucket": "events", "stagePath": "/tmp/staging", "endpoint": "https://s3.alphasoc.net"} responses: - "200": + "201": application/json: {} "500": application/json: {} - OutputCreateExamplesdellS3: + getOutputSystemPqByPackAndId: + speakeasy-default-get-output-system-pq-by-pack-and-id: parameters: path: + id: "" pack: "" - requestBody: - application/json: {"id": "dell-s3-output", "type": "dell_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://powerscale.example.com:9021"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplescloudianS3: + getOutputSystemSamplesByPackAndId: + speakeasy-default-get-output-system-samples-by-pack-and-id: parameters: path: + id: "" pack: "" - requestBody: - application/json: {"id": "cloudian-s3-output", "type": "cloudian_s3", "endpoint": "https://s3.hyperstore.example.com", "bucket": "my-bucket", "stagePath": "/tmp/staging"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesscalityS3: + createOutputSystemTestByPackAndId: + OutputTestExamplesSingleEvent: parameters: path: + id: "" pack: "" requestBody: - application/json: {"id": "scality-s3-output", "type": "scality_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://s3.scality.example.com"} + application/json: {"events": [{"_raw": "This is a test event", "source": "test", "sourcetype": "manual"}]} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesalibabaCloudS3: + OutputTestExamplesMultipleEvents: parameters: path: + id: "" pack: "" requestBody: - application/json: {"id": "alibaba-oss-output", "type": "alibaba_cloud_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://s3.oss-cn-hangzhou.aliyuncs.com"} + application/json: {"events": [{"_raw": "Test event 1", "source": "test", "sourcetype": "manual"}, {"_raw": "Test event 2", "source": "test", "sourcetype": "manual"}]} responses: "200": application/json: {} "500": application/json: {} - getOutputSystemByPackAndId: - speakeasy-default-get-output-system-by-pack-and-id: + speakeasy-default-create-output-system-test-by-pack-and-id: parameters: path: id: "" pack: "" + requestBody: + application/json: {"events": [{"key": "", "key1": "", "key2": ""}, {}]} responses: "200": application/json: {} "500": application/json: {} - updateOutputSystemByPackAndId: - OutputExamplesDefault: + getOutputStatusSystemOutputsByPackAndId: + speakeasy-default-get-output-status-system-outputs-by-pack-and-id: parameters: path: id: "" pack: "" - requestBody: - application/json: {"id": "default-output", "type": "default", "defaultId": "my-default-output"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesTcpjson: + getOutputStatusSystemOutputsByPack: + speakeasy-default-get-output-status-system-outputs-by-pack: parameters: path: - id: "" pack: "" - requestBody: - application/json: {"id": "tcpjson-output", "type": "tcpjson", "host": "localhost", "port": 10090} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSplunk: + createPipelinesByPack: + PipelineExamplesEmpty: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "splunk-output", "type": "splunk", "host": "localhost", "port": 9997} + application/json: {"id": "empty-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "", "streamtags": [], "functions": [], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSplunkLb: + PipelineExamplesAggregations: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "splunk-lb-output", "type": "splunk_lb", "hosts": [{"host": "localhost", "port": 9997}]} + application/json: {"id": "aggregation-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that aggregates rejected bytes grouped by source address every 10 seconds", "streamtags": [], "functions": [{"filter": "true", "id": "aggregation", "conf": {"passthrough": false, "preserveGroupBys": false, "sufficientStatsOnly": false, "metricsMode": false, "timeWindow": "10s", "aggregations": ["sum(bytes).where(action==\"REJECT\").as(TotalBytes)"], "groupbys": ["srcaddr"], "cumulative": false, "shouldTreatDotsAsLiterals": false, "flushOnInputClose": true}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSplunkHec: + PipelineExamplesAggregateMetrics: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "splunk-hec-output", "type": "splunk_hec"} + application/json: {"id": "aggregate-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that aggregates process metrics: CPU, memory, and bytes over time windows", "streamtags": [], "functions": [{"filter": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) || (_metric == 'proc.mem_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.mem_perc'\")) || (_metric == 'proc.bytes_in' || __criblMetrics[0].nameExpr.includes(\"'proc.bytes_in'\"))", "id": "aggregate_metrics", "conf": {"passthrough": false, "preserveGroupBys": false, "sufficientStatsOnly": false, "timeWindow": "10s", "aggregations": [{"metricType": "gauge", "agg": "avg(_value || proc.cpu_perc).as(proc.cpu_perc_avg)"}, {"metricType": "gauge", "agg": "sum(_value || proc.mem_perc).as(proc.mem_perc_sum)"}, {"metricType": "counter", "agg": "count(_value || proc.bytes_in).as(proc.bytes_in_count)"}], "groupbys": ["proc"], "cumulative": false, "shouldTreatDotsAsLiterals": true, "flushOnInputClose": true}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSyslog: + PipelineExamplesAutoTimestamp: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "syslog-output", "type": "syslog", "host": "localhost", "port": 514} + application/json: {"id": "auto-timestamp-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts timestamps from event data using auto timestamp function", "streamtags": [], "functions": [{"filter": "true", "id": "auto_timestamp", "conf": {"srcField": "_raw", "dstField": "_time", "defaultTimezone": "local", "timeExpression": "time.getTime() / 1000", "offset": 0, "maxLen": 150, "defaultTime": "now", "latestDateAllowed": "+1week", "earliestDateAllowed": "-420weeks", "timestamps": [{"regex": "/(\\d{1,2}\\/\\d{2}\\/\\d{4}\\s\\d{1,2}:\\d{2}:\\d{2}\\s\\w{2})/", "strptime": "%Y-%m-%d %H:%M:%S"}]}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesFilesystem: + PipelineExamplesCEFSerializer: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "filesystem-output", "type": "filesystem", "destPath": "/var/log/output"} + application/json: {"id": "cef-serializer-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that formats events in CEF format with custom header and extension fields", "streamtags": [], "functions": [{"filter": "true", "id": "cef", "conf": {"outputField": "_raw", "header": [{"value": "'CEF:0'"}, {"value": "'Cribl'"}, {"value": "'Cribl'"}, {"value": "C.version"}, {"value": "420"}, {"value": "'Cribl Event'"}, {"value": "6"}], "extension": [{"name": "c6a1Label", "value": "'Colorado_Ext_Bldg7'"}]}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesS3: + PipelineExamplesChain: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "s3-output", "type": "s3", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging"} + application/json: {"id": "chain-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that chains to another pipeline for sequential data processing", "streamtags": [], "functions": [{"filter": "true", "id": "chain", "conf": {"processor": "prometheus_metrics"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesAzureBlob: + PipelineExamplesClone: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "azure-blob-output", "type": "azure_blob", "containerName": "my-container", "stagePath": "/tmp/staging"} + application/json: {"id": "clone-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that creates cloned events with additional fields for comparison or routing", "streamtags": [], "functions": [{"filter": "true", "id": "clone", "conf": {"clones": [{"env": "staging"}, {"index": "clones"}]}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesAzureDataExplorer: + PipelineExamplesComment: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "azure-data-explorer-output", "type": "azure_data_explorer", "clusterUrl": "https://mycluster.kusto.windows.net", "database": "mydatabase", "table": "mytable", "ingestMode": "streaming", "oauthEndpoint": "https://login.microsoftonline.com", "tenantId": "tenant-id", "clientId": "client-id", "scope": "https://mycluster.kusto.windows.net/.default", "oauthType": "clientSecret", "clientSecret": "client-secret", "format": "json", "compress": "gzip"} + application/json: {"id": "comment-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline with comment function for documentation", "streamtags": [], "functions": [{"filter": "true", "id": "comment", "conf": {"comment": "This function processes security events and enriches them with DNS lookups"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSentinel: + PipelineExamplesDNSLookup: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "sentinel-output", "type": "sentinel", "loginUrl": "https://login.microsoftonline.com", "secret": "client-secret", "client_id": "client-id", "endpointURLConfiguration": "url", "url": "https://your-workspace.ingest.monitor.azure.com"} + application/json: {"id": "dns-lookup-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that performs DNS lookups to resolve hostnames and IP addresses", "streamtags": [], "functions": [{"filter": "true", "id": "dns_lookup", "conf": {"dnsLookupFields": [{"inFieldName": "hostname", "resourceRecordType": "A", "outFieldName": "hostname_ip"}], "reverseLookupFields": [{"inFieldName": "src_ip", "outFieldName": "src_hostname"}], "cacheTTL": 30, "maxCacheSize": 5000, "useResolvConf": false, "lookupFallback": false, "lookupFailLogLevel": "error"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesAzureLogs: + PipelineExamplesDrop: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "azure-logs-output", "type": "azure_logs", "logType": "Cribl", "authType": "manual", "workspaceId": "workspace-id", "workspaceKey": "workspace-key"} + application/json: {"id": "drop-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that drops events containing success messages", "streamtags": [], "functions": [{"filter": "_raw.search(/success/i)>=0", "id": "drop", "conf": {}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesKafka: + PipelineExamplesDropDimensions: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "kafka-output", "type": "kafka", "brokers": ["localhost:9092"], "topic": "logs"} + application/json: {"id": "drop-dimensions-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that drops specified dimensions from metrics to reduce cardinality", "streamtags": [], "functions": [{"filter": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) && (__criblMetrics[0].dims.includes(\"proc\"))", "id": "drop_dimensions", "conf": {"timeWindow": "10s", "dropDimensions": ["proc", "pie", "unit"], "flushOnInputClose": true}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesConfluentCloud: + PipelineExamplesDynamicSampling: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "confluent-cloud-output", "type": "confluent_cloud", "brokers": ["pkc-xxxxx.us-east-1.aws.confluent.cloud:9092"], "topic": "logs"} + application/json: {"id": "dynamic-sampling-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that dynamically samples events based on volume using square root mode", "streamtags": [], "functions": [{"filter": "true", "id": "dynamic_sampling", "conf": {"mode": "sqrt", "keyExpr": "`${domain}:${httpCode}`", "samplePeriod": 20, "minEvents": 3, "maxSampleRate": 3}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesMsk: + PipelineExamplesEval: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "msk-output", "type": "msk", "brokers": ["b-1.example.xxxxx.c2.kafka.us-east-1.amazonaws.com:9092"], "topic": "logs", "awsAuthenticationMethod": "auto", "region": "us-east-1"} + application/json: {"id": "eval-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that evaluates JavaScript expressions to add, modify, and remove fields", "streamtags": [], "functions": [{"filter": "true", "id": "eval", "conf": {"add": [{"name": "action", "value": "login == 'error' ? 'blocked' : action"}, {"name": "myTags", "value": "login == 'error' ? [...myTags, 'error'] : myTags"}], "keep": ["host", "source", "action", "myTags"], "remove": ["identification"]}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesKinesis: + PipelineExamplesEventBreaker: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "kinesis-output", "type": "kinesis", "streamName": "my-stream", "region": "us-east-1"} + application/json: {"id": "event-breaker-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that breaks large event streams into discrete events using regex", "streamtags": [], "functions": [{"filter": "true", "id": "event_breaker", "conf": {"ruleType": "regex", "eventBreakerRegex": "/[\\n\\r]+(?!\\s)/", "existingOrNew": "new", "maxEventBytes": 51200, "timestampAnchorRegex": "/^/", "timestamp": {"type": "auto", "length": 150}, "timestampTimezone": "local", "timestampEarliest": "-420weeks", "timestampLatest": "+1week", "shouldMarkCriblBreaker": true}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesElastic: + PipelineExamplesFlatten: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "elastic-output", "type": "elastic", "index": "logs"} + application/json: {"id": "flatten-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that flattens nested JSON structures into top-level fields", "streamtags": [], "functions": [{"filter": "true", "id": "flatten", "conf": {"fields": [], "prefix": "", "depth": 5, "delimiter": "_"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesElasticCloud: + PipelineExamplesFoldKeys: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "elastic-cloud-output", "type": "elastic_cloud", "url": "my-cloud-id", "index": "logs"} + application/json: {"id": "fold-keys-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that transforms flat field names with separators into nested structures", "streamtags": [], "functions": [{"filter": "true", "id": "foldkeys", "conf": {"deleteOriginal": true, "separator": "_", "selectionRegExp": "^data"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesMicrosoftFabric: + PipelineExamplesGeoIP: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "microsoft-fabric-output", "type": "microsoft_fabric", "topic": "logs", "bootstrap_server": "myeventstream.servicebus.windows.net:9093"} + application/json: {"id": "geoip-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that enriches events with geolocation data from IP addresses", "streamtags": [], "functions": [{"filter": "true", "id": "geoip", "conf": {"file": "GeoLite2-City.mmdb", "inField": "ip", "outField": "geoip", "additionalFields": [{"extraInField": "src_ip", "extraOutField": "src_geoip"}]}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesCloudflareR2: + PipelineExamplesGrok: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "cloudflare-r2-output", "type": "cloudflare_r2", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://account-id.r2.cloudflarestorage.com"} + application/json: {"id": "grok-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts structured fields from log data using Grok patterns", "streamtags": [], "functions": [{"filter": "true", "id": "grok", "conf": {"pattern": "%{TIMESTAMP_ISO8601:event_time} %{LOGLEVEL:log_level} %{GREEDYDATA:log_message}", "patternList": [], "source": "_raw"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesHoneycomb: + PipelineExamplesGuard: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "honeycomb-output", "type": "honeycomb", "dataset": "my-dataset"} + application/json: {"id": "guard-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that scans for sensitive data and applies mitigation expressions", "streamtags": [], "functions": [{"filter": "true", "id": "sensitive_data_scanner", "conf": {"rules": [{"rulesetId": "Finance_Global", "replaceExpr": "'REDACTED'", "disabled": false}], "fields": ["_raw"], "excludeFields": [], "flags": [{"name": "_sensitive", "value": "true"}], "includeDetectedRules": true}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesNewrelic: + PipelineExamplesJSONUnroll: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "newrelic-output", "type": "newrelic", "apiKey": "your-api-key"} + application/json: {"id": "json-unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls JSON arrays into individual events while retaining parent fields", "streamtags": [], "functions": [{"filter": "true", "id": "json_unroll", "conf": {"path": "allCars", "name": "cars"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesNewrelicEvents: + PipelineExamplesLookup: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "newrelic-events-output", "type": "newrelic_events", "accountId": "123456", "eventType": "CriblEvent", "apiKey": "your-api-key"} + application/json: {"id": "lookup-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that enriches events with location data from IP address lookups", "streamtags": [], "functions": [{"filter": "true", "id": "lookup", "conf": {"file": "ip_locations.csv", "dbLookup": false, "matchMode": "exact", "reloadPeriodSec": -1, "inFields": [{"eventField": "destination_ip", "lookupField": "ip"}], "outFields": [{"lookupField": "location", "eventField": "location", "defaultValue": "Unknown"}], "addToEvent": false, "ignoreCase": false}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSnmp: + PipelineExamplesMask: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "snmp-output", "type": "snmp", "hosts": [{"host": "192.168.1.1", "port": 161}]} + application/json: {"id": "mask-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that masks Social Security numbers and other sensitive data", "streamtags": [], "functions": [{"filter": "true", "id": "mask", "conf": {"rules": [{"matchRegex": "/(social=)(\\d+)/", "replaceExpr": "`${g1}${C.Mask.md5(g2)}`", "disabled": false}], "fields": ["_raw"], "depth": 5}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesInfluxdb: + PipelineExamplesNumerify: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "influxdb-output", "type": "influxdb", "url": "http://localhost:8086", "database": "mydb"} + application/json: {"id": "numerify-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that converts string numbers to numeric type for mathematical operations", "streamtags": [], "functions": [{"filter": "true", "id": "numerify", "conf": {"format": "none", "depth": 5, "ignoreFields": [], "filterExpr": ""}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesMinio: + PipelineExamplesOTLPLogs: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "minio-output", "type": "minio", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "http://localhost:9000"} + application/json: {"id": "otlp-logs-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that normalizes and batches OTLP log events from OpenTelemetry sources", "streamtags": [], "functions": [{"filter": "__inputId=='open_telemetry:open_telemetry'", "id": "otlp_logs", "conf": {"dropNonLogEvents": false, "batchOTLPLogs": true, "sendBatchSize": 8192, "timeout": 200, "sendBatchMaxSize": 0, "metadataKeys": [], "metadataCardinalityLimit": 1000}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesCloudwatch: + PipelineExamplesOTLPMetrics: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "cloudwatch-output", "type": "cloudwatch", "logGroupName": "my-log-group", "logStreamName": "my-log-stream", "region": "us-east-1"} + application/json: {"id": "otlp-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that converts dimensional metrics to OTLP format and batches them by resource attributes", "streamtags": [], "functions": [{"filter": "__inputId=='prometheus_rw:prom_rw_in'", "id": "otlp_metrics", "conf": {"resourceAttributePrefixes": ["service", "system", "telemetry", "k8s", "cloud", "host", "process"], "dropNonMetricEvents": false, "otlpVersion": "0.10.0", "batchOTLPMetrics": true, "sendBatchSize": 8192, "timeout": 200, "sendBatchMaxSize": 0, "metadataKeys": [], "metadataCardinalityLimit": 1000}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesAzureEventhub: + PipelineExamplesOTLPTraces: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "azure-eventhub-output", "type": "azure_eventhub", "brokers": ["myeventhub.servicebus.windows.net:9093"], "topic": "logs"} + application/json: {"id": "otlp-traces-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that normalizes and batches OTLP trace events from OpenTelemetry sources", "streamtags": [], "functions": [{"filter": "__inputId=='open_telemetry:open_telemetry'", "id": "otlp_traces", "conf": {"dropNonTraceEvents": false, "otlpVersion": "0.10.0", "batchOTLPTraces": true, "sendBatchSize": 8192, "timeout": 200, "sendBatchMaxSize": 0, "metadataKeys": [], "metadataCardinalityLimit": 1000}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesStatsd: + PipelineExamplesParser: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "statsd-output", "type": "statsd", "protocol": "udp", "host": "localhost", "port": 8125} + application/json: {"id": "parser-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts fields from key-value pair formatted data", "streamtags": [], "functions": [{"filter": "true", "id": "serde", "conf": {"type": "kvp", "keep": ["a", "b", "c"], "remove": ["*"], "cleanFields": false, "mode": "extract", "srcField": "_raw"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesStatsdExt: + PipelineExamplesPublishMetrics: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "statsd-ext-output", "type": "statsd_ext", "protocol": "udp", "host": "localhost", "port": 8125} + application/json: {"id": "publish-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts metrics from events and formats them for metrics aggregation platforms", "streamtags": [], "functions": [{"filter": "true", "id": "publish_metrics", "conf": {"fields": [{"inFieldName": "bytes", "outFieldExpr": "'metric_name.bytes'", "metricType": "gauge"}, {"inFieldName": "packets", "outFieldExpr": "'metric_name.packets'", "metricType": "gauge"}], "overwrite": false, "dimensions": ["action", "interface_id", "dstaddr"], "removeMetrics": [], "removeDimensions": []}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesGraphite: + PipelineExamplesRedis: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "graphite-output", "type": "graphite", "protocol": "tcp", "host": "localhost", "port": 2003} + application/json: {"id": "redis-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that retrieves values from Redis using GET command", "streamtags": [], "functions": [{"filter": "true", "id": "redis", "conf": {"authType": "none", "commands": [{"outField": "cached_value", "command": "get", "keyExpr": "'user_session'", "argsExpr": ""}], "deploymentType": "standalone", "maxBlockSecs": 60, "url": "'redis://localhost:6379/0'"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesWavefront: + PipelineExamplesRegexExtract: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "wavefront-output", "type": "wavefront", "domain": "longboard", "token": "your-token"} + application/json: {"id": "regex-extract-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts structured fields from log data using regex patterns with named capture groups", "streamtags": [], "functions": [{"filter": "true", "id": "regex_extract", "conf": {"regex": "/metric1=(?\\d+)/", "source": "_raw", "iterations": 100, "overwrite": false}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSignalfx: + PipelineExamplesRegexFilter: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "signalfx-output", "type": "signalfx", "realm": "us0", "token": "your-token"} + application/json: {"id": "regex-filter-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that filters out events matching specific regex patterns", "streamtags": [], "functions": [{"filter": "true", "id": "regex_filter", "conf": {"regex": "/Opera/", "field": "_raw"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSqs: + PipelineExamplesRename: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "sqs-output", "type": "sqs", "queueName": "my-queue", "queueType": "standard", "region": "us-east-1"} + application/json: {"id": "rename-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that renames fields using key-value pairs and expressions", "streamtags": [], "functions": [{"filter": "true", "id": "rename", "conf": {"baseFields": [], "rename": [{"currentName": "level", "newName": "LEVEL"}], "renameExpr": "name.startsWith('out') ? name.toUpperCase() : name", "wildcardDepth": 5}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesGoogleCloudStorage: + PipelineExamplesRollupMetrics: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "google-cloud-storage-output", "type": "google_cloud_storage", "bucket": "my-bucket", "region": "us-east1", "endpoint": "https://storage.googleapis.com", "stagePath": "/tmp/staging"} + application/json: {"id": "rollup-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that consolidates high-frequency metrics into manageable time windows", "streamtags": [], "functions": [{"filter": "true", "id": "rollup_metrics", "conf": {"dimensions": ["*"], "timeWindow": "30s", "gaugeRollup": "last"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSumoLogic: + PipelineExamplesSampling: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "sumo-logic-output", "type": "sumo_logic", "url": "https://endpoint1.collection.us2.sumologic.com"} + application/json: {"id": "sampling-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that samples events at specified rates based on filter criteria", "streamtags": [], "functions": [{"filter": "true", "id": "sampling", "conf": {"rules": [{"filter": "__status == 200", "rate": 5}]}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesDatadog: + PipelineExamplesSerialize: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "datadog-output", "type": "datadog", "apiKey": "your-api-key"} + application/json: {"id": "serialize-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that serializes event fields into JSON format", "streamtags": [], "functions": [{"filter": "true", "id": "serialize", "conf": {"type": "csv"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesWebhook: + PipelineExamplesSNMPTrapSerialize: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "webhook-output", "type": "webhook", "url": "https://example.com/webhook"} + application/json: {"id": "snmp-trap-serialize-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that serializes events into SNMP trap format for SNMP trap destinations", "streamtags": [], "functions": [{"filter": "true", "id": "snmp_trap_serialize", "conf": {"strict": true, "dropFailedEvents": true}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesPrometheus: + PipelineExamplesSuppress: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "prometheus-output", "type": "prometheus", "url": "http://localhost:9091/api/v1/write"} + application/json: {"id": "suppress-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that suppresses duplicate events based on a key expression", "streamtags": [], "functions": [{"filter": "true", "id": "suppress", "conf": {"keyExpr": "`${ip}:${port}`", "allow": 1, "suppressPeriodSec": 30, "dropEventsMode": true, "maxCacheSize": 50000, "cacheIdleTimeoutPeriods": 2, "numEventsIdleTimeoutTrigger": 10000}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesGooglePubsub: + PipelineExamplesTee: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "google-pubsub-output", "type": "google_pubsub", "topicName": "my-topic"} + application/json: {"id": "tee-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that sends events to a command via stdin for debugging purposes", "streamtags": [], "functions": [{"filter": "true", "id": "tee", "conf": {"command": "tee", "args": ["/opt/cribl/foo.log"], "restartOnExit": true, "env": {}}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesGoogleChronicle: + PipelineExamplesUnroll: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "google-chronicle-output", "type": "google_chronicle", "logFormatType": "unstructured", "region": "us", "customerId": "customer-id"} + application/json: {"id": "unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls array fields into separate events", "streamtags": [], "functions": [{"filter": "true", "id": "unroll", "conf": {"srcExpr": "_raw.split(/\\n/)", "dstField": "_raw"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesChronicle: + PipelineExamplesXMLUnroll: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "chronicle-output", "type": "chronicle", "region": "us", "logType": "UNKNOWN", "gcpProjectId": "my-project", "gcpInstance": "customer-id"} + application/json: {"id": "xml-unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls XML elements into separate events", "streamtags": [], "functions": [{"filter": "true", "id": "xml_unroll", "conf": {"unroll": "^Parent\\.Child$", "inherit": "^Parent\\.(myID|branchLocation)$", "unrollIdxField": "unroll_idx", "pretty": false}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesGrafanaCloud: + speakeasy-default-create-pipelines-by-pack: parameters: path: - id: "" pack: "" requestBody: - application/json: {"id": "grafana-cloud-output", "type": "grafana_cloud", "lokiUrl": "https://logs-prod-us-central1.grafana.net"} + application/json: {"id": "", "conf": {}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesLoki: + getPipelinesByPack: + speakeasy-default-get-pipelines-by-pack: parameters: path: - id: "" pack: "" - requestBody: - application/json: {"id": "loki-output", "type": "loki", "url": "http://localhost:3100/loki/api/v1/push"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesOpenTelemetry: + deletePipelinesByPackAndId: + speakeasy-default-delete-pipelines-by-pack-and-id: parameters: path: id: "" pack: "" - requestBody: - application/json: {"id": "opentelemetry-output", "type": "open_telemetry", "endpoint": "http://localhost:4317"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesServiceNow: + getPipelinesByPackAndId: + speakeasy-default-get-pipelines-by-pack-and-id: parameters: path: id: "" pack: "" - requestBody: - application/json: {"id": "servicenow-output", "type": "service_now", "endpoint": "ingest.lightstep.com:443", "tokenSecret": "your-token-secret", "otlpVersion": "1.3.1", "protocol": "http"} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesDynatraceOtlp: + updatePipelinesByPackAndId: + PipelineExamplesEmpty: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "dynatrace-otlp-output", "type": "dynatrace_otlp", "protocol": "http", "endpoint": "https://your-environment.live.dynatrace.com/api/v2/otlp", "otlpVersion": "1.3.1", "endpointType": "saas", "tokenSecret": "your-token-secret"} + application/json: {"id": "empty-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "", "streamtags": [], "functions": [], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSentinelOneAiSiem: + PipelineExamplesAggregations: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "sentinel-one-ai-siem-output", "type": "sentinel_one_ai_siem", "region": "US", "endpoint": "/services/collector/event"} + application/json: {"id": "aggregation-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that aggregates rejected bytes grouped by source address every 10 seconds", "streamtags": [], "functions": [{"filter": "true", "id": "aggregation", "conf": {"passthrough": false, "preserveGroupBys": false, "sufficientStatsOnly": false, "metricsMode": false, "timeWindow": "10s", "aggregations": ["sum(bytes).where(action==\"REJECT\").as(TotalBytes)"], "groupbys": ["srcaddr"], "cumulative": false, "shouldTreatDotsAsLiterals": false, "flushOnInputClose": true}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesDataset: + PipelineExamplesAggregateMetrics: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "dataset-output", "type": "dataset"} + application/json: {"id": "aggregate-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that aggregates process metrics: CPU, memory, and bytes over time windows", "streamtags": [], "functions": [{"filter": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) || (_metric == 'proc.mem_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.mem_perc'\")) || (_metric == 'proc.bytes_in' || __criblMetrics[0].nameExpr.includes(\"'proc.bytes_in'\"))", "id": "aggregate_metrics", "conf": {"passthrough": false, "preserveGroupBys": false, "sufficientStatsOnly": false, "timeWindow": "10s", "aggregations": [{"metricType": "gauge", "agg": "avg(_value || proc.cpu_perc).as(proc.cpu_perc_avg)"}, {"metricType": "gauge", "agg": "sum(_value || proc.mem_perc).as(proc.mem_perc_sum)"}, {"metricType": "counter", "agg": "count(_value || proc.bytes_in).as(proc.bytes_in_count)"}], "groupbys": ["proc"], "cumulative": false, "shouldTreatDotsAsLiterals": true, "flushOnInputClose": true}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesRing: + PipelineExamplesAutoTimestamp: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "ring-output", "type": "ring"} + application/json: {"id": "auto-timestamp-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts timestamps from event data using auto timestamp function", "streamtags": [], "functions": [{"filter": "true", "id": "auto_timestamp", "conf": {"srcField": "_raw", "dstField": "_time", "defaultTimezone": "local", "timeExpression": "time.getTime() / 1000", "offset": 0, "maxLen": 150, "defaultTime": "now", "latestDateAllowed": "+1week", "earliestDateAllowed": "-420weeks", "timestamps": [{"regex": "/(\\d{1,2}\\/\\d{2}\\/\\d{4}\\s\\d{1,2}:\\d{2}:\\d{2}\\s\\w{2})/", "strptime": "%Y-%m-%d %H:%M:%S"}]}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesRouter: + PipelineExamplesCEFSerializer: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "router-output", "type": "router", "rules": [{"filter": "true", "output": "my-output"}]} + application/json: {"id": "cef-serializer-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that formats events in CEF format with custom header and extension fields", "streamtags": [], "functions": [{"filter": "true", "id": "cef", "conf": {"outputField": "_raw", "header": [{"value": "'CEF:0'"}, {"value": "'Cribl'"}, {"value": "'Cribl'"}, {"value": "C.version"}, {"value": "420"}, {"value": "'Cribl Event'"}, {"value": "6"}], "extension": [{"name": "c6a1Label", "value": "'Colorado_Ext_Bldg7'"}]}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesWizHec: + PipelineExamplesChain: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "wiz-hec-output", "type": "wiz_hec", "authType": "manual", "wiz_connector_id": "00000000-0000-0000-0000-000000000000", "wiz_environment": "test", "data_center": "us1", "wiz_sourcetype": "placeholder"} + application/json: {"id": "chain-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that chains to another pipeline for sequential data processing", "streamtags": [], "functions": [{"filter": "true", "id": "chain", "conf": {"processor": "prometheus_metrics"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesHumioHec: + PipelineExamplesClone: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "humio-hec-output", "type": "humio_hec", "url": "https://cloud.us.humio.com/api/v1/ingest/hec", "format": "JSON", "authType": "manual", "token": "your-token"} + application/json: {"id": "clone-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that creates cloned events with additional fields for comparison or routing", "streamtags": [], "functions": [{"filter": "true", "id": "clone", "conf": {"clones": [{"env": "staging"}, {"index": "clones"}]}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesCrowdstrikeNextGenSiem: + PipelineExamplesComment: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "crowdstrike-next-gen-siem-output", "type": "crowdstrike_next_gen_siem", "url": "https://ingest.us.crowdstrike.com/api/ingest/hec/connection-id/v1/services/collector", "format": "JSON", "authType": "manual", "token": "your-token"} + application/json: {"id": "comment-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline with comment function for documentation", "streamtags": [], "functions": [{"filter": "true", "id": "comment", "conf": {"comment": "This function processes security events and enriches them with DNS lookups"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesCriblHttp: + PipelineExamplesDNSLookup: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "cribl-http-output", "type": "cribl_http"} + application/json: {"id": "dns-lookup-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that performs DNS lookups to resolve hostnames and IP addresses", "streamtags": [], "functions": [{"filter": "true", "id": "dns_lookup", "conf": {"dnsLookupFields": [{"inFieldName": "hostname", "resourceRecordType": "A", "outFieldName": "hostname_ip"}], "reverseLookupFields": [{"inFieldName": "src_ip", "outFieldName": "src_hostname"}], "cacheTTL": 30, "maxCacheSize": 5000, "useResolvConf": false, "lookupFallback": false, "lookupFailLogLevel": "error"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesCriblTcp: + PipelineExamplesDrop: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "cribl-tcp-output", "type": "cribl_tcp", "host": "localhost", "port": 10090} + application/json: {"id": "drop-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that drops events containing success messages", "streamtags": [], "functions": [{"filter": "_raw.search(/success/i)>=0", "id": "drop", "conf": {}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesCriblSearchEngine: + PipelineExamplesDropDimensions: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "cribl-search-engine-output", "type": "cribl_search_engine", "systemFields": ["cribl_pipe"], "streamtags": [], "loadBalanced": false, "tls": {"disabled": true}, "tokenTTLMinutes": 60, "excludeFields": ["__kube_*", "__metadata", "__winEvent"], "compression": "gzip", "concurrency": 5, "maxPayloadSizeKB": 4096, "maxPayloadEvents": 0, "rejectUnauthorized": true, "timeoutSec": 30, "flushPeriodSec": 1, "failedRequestLoggingMode": "none", "safeHeaders": [], "throttleRatePerSec": "0", "responseRetrySettings": [{"httpStatus": 401, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 20000}, {"httpStatus": 403, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 20000}, {"httpStatus": 408, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 429, "initialBackoff": 1000, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 500, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 502, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 503, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 504, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}, {"httpStatus": 509, "initialBackoff": 250, "backoffRate": 2, "maxBackoff": 10000}], "timeoutRetrySettings": {"timeoutRetry": false}, "responseHonorRetryAfterHeader": true, "onBackpressure": "block", "useRoundRobinDns": true, "url": "https://0.0.0.0:10200"} + application/json: {"id": "drop-dimensions-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that drops specified dimensions from metrics to reduce cardinality", "streamtags": [], "functions": [{"filter": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) && (__criblMetrics[0].dims.includes(\"proc\"))", "id": "drop_dimensions", "conf": {"timeWindow": "10s", "dropDimensions": ["proc", "pie", "unit"], "flushOnInputClose": true}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesGoogleCloudLogging: + PipelineExamplesDynamicSampling: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "google-cloud-logging-output", "type": "google_cloud_logging", "logLocationType": "project", "logNameExpression": "my-log", "logLocationExpression": "my-project"} + application/json: {"id": "dynamic-sampling-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that dynamically samples events based on volume using square root mode", "streamtags": [], "functions": [{"filter": "true", "id": "dynamic_sampling", "conf": {"mode": "sqrt", "keyExpr": "`${domain}:${httpCode}`", "samplePeriod": 20, "minEvents": 3, "maxSampleRate": 3}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSns: + PipelineExamplesEval: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "sns-output", "type": "sns", "topicArn": "arn:aws:sns:us-east-1:123456789012:my-topic", "messageGroupId": "my-message-group", "region": "us-east-1"} + application/json: {"id": "eval-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that evaluates JavaScript expressions to add, modify, and remove fields", "streamtags": [], "functions": [{"filter": "true", "id": "eval", "conf": {"add": [{"name": "action", "value": "login == 'error' ? 'blocked' : action"}, {"name": "myTags", "value": "login == 'error' ? [...myTags, 'error'] : myTags"}], "keep": ["host", "source", "action", "myTags"], "remove": ["identification"]}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesDlS3: + PipelineExamplesEventBreaker: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "dl-s3-output", "type": "dl_s3", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging"} + application/json: {"id": "event-breaker-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that breaks large event streams into discrete events using regex", "streamtags": [], "functions": [{"filter": "true", "id": "event_breaker", "conf": {"ruleType": "regex", "eventBreakerRegex": "/[\\n\\r]+(?!\\s)/", "existingOrNew": "new", "maxEventBytes": 51200, "timestampAnchorRegex": "/^/", "timestamp": {"type": "auto", "length": 150}, "timestampTimezone": "local", "timestampEarliest": "-420weeks", "timestampLatest": "+1week", "shouldMarkCriblBreaker": true}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesSecurityLake: + PipelineExamplesFlatten: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "security-lake-output", "type": "security_lake", "assumeRoleArn": "arn:aws:iam::123456789012:role/my-role", "bucket": "my-bucket", "region": "us-east-1", "stagePath": "/tmp/staging", "accountId": "123456789012", "customSource": "my-custom-source"} + application/json: {"id": "flatten-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that flattens nested JSON structures into top-level fields", "streamtags": [], "functions": [{"filter": "true", "id": "flatten", "conf": {"fields": [], "prefix": "", "depth": 5, "delimiter": "_"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesCriblLake: + PipelineExamplesFoldKeys: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "cribl-lake-output", "type": "cribl_lake"} + application/json: {"id": "fold-keys-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that transforms flat field names with separators into nested structures", "streamtags": [], "functions": [{"filter": "true", "id": "foldkeys", "conf": {"deleteOriginal": true, "separator": "_", "selectionRegExp": "^data"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesExabeam: + PipelineExamplesGeoIP: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "exabeam-output", "type": "exabeam", "bucket": "my-bucket", "region": "us-east1", "stagePath": "/tmp/staging", "endpoint": "https://storage.googleapis.com", "collectorInstanceId": "11112222-3333-4444-5555-666677778888"} + application/json: {"id": "geoip-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that enriches events with geolocation data from IP addresses", "streamtags": [], "functions": [{"filter": "true", "id": "geoip", "conf": {"file": "GeoLite2-City.mmdb", "inField": "ip", "outField": "geoip", "additionalFields": [{"extraInField": "src_ip", "extraOutField": "src_geoip"}]}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesDiskSpool: + PipelineExamplesGrok: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "disk-spool-output", "type": "disk_spool"} + application/json: {"id": "grok-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts structured fields from log data using Grok patterns", "streamtags": [], "functions": [{"filter": "true", "id": "grok", "conf": {"pattern": "%{TIMESTAMP_ISO8601:event_time} %{LOGLEVEL:log_level} %{GREEDYDATA:log_message}", "patternList": [], "source": "_raw"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesClickHouse: + PipelineExamplesGuard: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "clickhouse-output", "type": "click_house", "url": "http://localhost:8123/", "database": "mydb", "tableName": "mytable"} + application/json: {"id": "guard-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that scans for sensitive data and applies mitigation expressions", "streamtags": [], "functions": [{"filter": "true", "id": "sensitive_data_scanner", "conf": {"rules": [{"rulesetId": "Finance_Global", "replaceExpr": "'REDACTED'", "disabled": false}], "fields": ["_raw"], "excludeFields": [], "flags": [{"name": "_sensitive", "value": "true"}], "includeDetectedRules": true}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesLocalSearchStorage: + PipelineExamplesJSONUnroll: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "local-search-storage-output", "type": "local_search_storage", "url": "http://localhost:8123/", "database": "default", "tableName": "mytable"} + application/json: {"id": "json-unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls JSON arrays into individual events while retaining parent fields", "streamtags": [], "functions": [{"filter": "true", "id": "json_unroll", "conf": {"path": "allCars", "name": "cars"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesXsiam: + PipelineExamplesLookup: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "xsiam-output", "type": "xsiam"} + application/json: {"id": "lookup-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that enriches events with location data from IP address lookups", "streamtags": [], "functions": [{"filter": "true", "id": "lookup", "conf": {"file": "ip_locations.csv", "dbLookup": false, "matchMode": "exact", "reloadPeriodSec": -1, "inFields": [{"eventField": "destination_ip", "lookupField": "ip"}], "outFields": [{"lookupField": "location", "eventField": "location", "defaultValue": "Unknown"}], "addToEvent": false, "ignoreCase": false}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesNetflow: + PipelineExamplesMask: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "netflow-output", "type": "netflow", "hosts": [{"host": "localhost", "port": 2055}]} + application/json: {"id": "mask-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that masks Social Security numbers and other sensitive data", "streamtags": [], "functions": [{"filter": "true", "id": "mask", "conf": {"rules": [{"matchRegex": "/(social=)(\\d+)/", "replaceExpr": "`${g1}${C.Mask.md5(g2)}`", "disabled": false}], "fields": ["_raw"], "depth": 5}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesDynatraceHttp: + PipelineExamplesNumerify: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "dynatrace-http-output", "type": "dynatrace_http", "authType": "token", "format": "json_array", "endpoint": "cloud", "telemetryType": "logs", "token": "your-api-key"} + application/json: {"id": "numerify-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that converts string numbers to numeric type for mathematical operations", "streamtags": [], "functions": [{"filter": "true", "id": "numerify", "conf": {"format": "none", "depth": 5, "ignoreFields": [], "filterExpr": ""}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesDatabricks: + PipelineExamplesOTLPLogs: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "databricks-output", "type": "databricks", "workspaceId": "your-workspace-id", "scope": "all-apis", "clientId": "your-client-id", "catalog": "main", "schema": "external", "eventsVolumeName": "events", "clientTextSecret": "your-client-secret"} + application/json: {"id": "otlp-logs-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that normalizes and batches OTLP log events from OpenTelemetry sources", "streamtags": [], "functions": [{"filter": "__inputId=='open_telemetry:open_telemetry'", "id": "otlp_logs", "conf": {"dropNonLogEvents": false, "batchOTLPLogs": true, "sendBatchSize": 8192, "timeout": 200, "sendBatchMaxSize": 0, "metadataKeys": [], "metadataCardinalityLimit": 1000}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - speakeasy-default-update-output-system-by-pack-and-id: + PipelineExamplesOTLPMetrics: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"type": "azure_data_explorer", "clusterUrl": "https://rewarding-skeleton.name", "database": "", "table": "", "oauthEndpoint": "https://login.partner.microsoftonline.cn", "tenantId": "", "clientId": "", "scope": "", "oauthType": "certificate", "compress": "none"} + application/json: {"id": "otlp-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that converts dimensional metrics to OTLP format and batches them by resource attributes", "streamtags": [], "functions": [{"filter": "__inputId=='prometheus_rw:prom_rw_in'", "id": "otlp_metrics", "conf": {"resourceAttributePrefixes": ["service", "system", "telemetry", "k8s", "cloud", "host", "process"], "dropNonMetricEvents": false, "otlpVersion": "0.10.0", "batchOTLPMetrics": true, "sendBatchSize": 8192, "timeout": 200, "sendBatchMaxSize": 0, "metadataKeys": [], "metadataCardinalityLimit": 1000}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesNutanixObjects: + PipelineExamplesOTLPTraces: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "nutanix-objects-output", "type": "nutanix_objects", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://nutanix-objects.example.com"} + application/json: {"id": "otlp-traces-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that normalizes and batches OTLP trace events from OpenTelemetry sources", "streamtags": [], "functions": [{"filter": "__inputId=='open_telemetry:open_telemetry'", "id": "otlp_traces", "conf": {"dropNonTraceEvents": false, "otlpVersion": "0.10.0", "batchOTLPTraces": true, "sendBatchSize": 8192, "timeout": 200, "sendBatchMaxSize": 0, "metadataKeys": [], "metadataCardinalityLimit": 1000}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesStorjS3: + PipelineExamplesParser: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "storj-s3-output", "type": "storj_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://gateway.storjshare.io"} + application/json: {"id": "parser-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts fields from key-value pair formatted data", "streamtags": [], "functions": [{"filter": "true", "id": "serde", "conf": {"type": "kvp", "keep": ["a", "b", "c"], "remove": ["*"], "cleanFields": false, "mode": "extract", "srcField": "_raw"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesAlphasocS3: + PipelineExamplesPublishMetrics: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "alphasoc-s3-output", "type": "alphasoc_s3", "bucket": "events", "stagePath": "/tmp/staging", "endpoint": "https://s3.alphasoc.net"} + application/json: {"id": "publish-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts metrics from events and formats them for metrics aggregation platforms", "streamtags": [], "functions": [{"filter": "true", "id": "publish_metrics", "conf": {"fields": [{"inFieldName": "bytes", "outFieldExpr": "'metric_name.bytes'", "metricType": "gauge"}, {"inFieldName": "packets", "outFieldExpr": "'metric_name.packets'", "metricType": "gauge"}], "overwrite": false, "dimensions": ["action", "interface_id", "dstaddr"], "removeMetrics": [], "removeDimensions": []}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesdellS3: + PipelineExamplesRedis: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "dell-s3-output", "type": "dell_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://powerscale.example.com:9021"} + application/json: {"id": "redis-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that retrieves values from Redis using GET command", "streamtags": [], "functions": [{"filter": "true", "id": "redis", "conf": {"authType": "none", "commands": [{"outField": "cached_value", "command": "get", "keyExpr": "'user_session'", "argsExpr": ""}], "deploymentType": "standalone", "maxBlockSecs": 60, "url": "'redis://localhost:6379/0'"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplescloudianS3: + PipelineExamplesRegexExtract: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "cloudian-s3-output", "type": "cloudian_s3", "endpoint": "https://s3.hyperstore.example.com", "bucket": "my-bucket", "stagePath": "/tmp/staging"} + application/json: {"id": "regex-extract-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts structured fields from log data using regex patterns with named capture groups", "streamtags": [], "functions": [{"filter": "true", "id": "regex_extract", "conf": {"regex": "/metric1=(?\\d+)/", "source": "_raw", "iterations": 100, "overwrite": false}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesscalityS3: + PipelineExamplesRegexFilter: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "scality-s3-output", "type": "scality_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://s3.scality.example.com"} + application/json: {"id": "regex-filter-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that filters out events matching specific regex patterns", "streamtags": [], "functions": [{"filter": "true", "id": "regex_filter", "conf": {"regex": "/Opera/", "field": "_raw"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputCreateExamplesalibabaCloudS3: + PipelineExamplesRename: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "alibaba-oss-output", "type": "alibaba_cloud_s3", "bucket": "my-bucket", "stagePath": "/tmp/staging", "endpoint": "https://s3.oss-cn-hangzhou.aliyuncs.com"} + application/json: {"id": "rename-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that renames fields using key-value pairs and expressions", "streamtags": [], "functions": [{"filter": "true", "id": "rename", "conf": {"baseFields": [], "rename": [{"currentName": "level", "newName": "LEVEL"}], "renameExpr": "name.startsWith('out') ? name.toUpperCase() : name", "wildcardDepth": 5}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - deleteOutputSystemByPackAndId: - speakeasy-default-delete-output-system-by-pack-and-id: + PipelineExamplesRollupMetrics: parameters: path: - id: "" + id: "" pack: "" + requestBody: + application/json: {"id": "rollup-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that consolidates high-frequency metrics into manageable time windows", "streamtags": [], "functions": [{"filter": "true", "id": "rollup_metrics", "conf": {"dimensions": ["*"], "timeWindow": "30s", "gaugeRollup": "last"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - deleteOutputSystemPqByPackAndId: - speakeasy-default-delete-output-system-pq-by-pack-and-id: + PipelineExamplesSampling: parameters: path: - id: "" + id: "" pack: "" + requestBody: + application/json: {"id": "sampling-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that samples events at specified rates based on filter criteria", "streamtags": [], "functions": [{"filter": "true", "id": "sampling", "conf": {"rules": [{"filter": "__status == 200", "rate": 5}]}}], "groups": {}}} responses: - "201": + "200": application/json: {} "500": application/json: {} - getOutputSystemPqByPackAndId: - speakeasy-default-get-output-system-pq-by-pack-and-id: + PipelineExamplesSerialize: parameters: path: - id: "" + id: "" pack: "" + requestBody: + application/json: {"id": "serialize-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that serializes event fields into JSON format", "streamtags": [], "functions": [{"filter": "true", "id": "serialize", "conf": {"type": "csv"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - getOutputSystemSamplesByPackAndId: - speakeasy-default-get-output-system-samples-by-pack-and-id: + PipelineExamplesSNMPTrapSerialize: parameters: path: - id: "" + id: "" pack: "" + requestBody: + application/json: {"id": "snmp-trap-serialize-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that serializes events into SNMP trap format for SNMP trap destinations", "streamtags": [], "functions": [{"filter": "true", "id": "snmp_trap_serialize", "conf": {"strict": true, "dropFailedEvents": true}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - createOutputSystemTestByPackAndId: - OutputTestExamplesSingleEvent: + PipelineExamplesSuppress: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"events": [{"_raw": "This is a test event", "source": "test", "sourcetype": "manual"}]} + application/json: {"id": "suppress-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that suppresses duplicate events based on a key expression", "streamtags": [], "functions": [{"filter": "true", "id": "suppress", "conf": {"keyExpr": "`${ip}:${port}`", "allow": 1, "suppressPeriodSec": 30, "dropEventsMode": true, "maxCacheSize": 50000, "cacheIdleTimeoutPeriods": 2, "numEventsIdleTimeoutTrigger": 10000}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - OutputTestExamplesMultipleEvents: + PipelineExamplesTee: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"events": [{"_raw": "Test event 1", "source": "test", "sourcetype": "manual"}, {"_raw": "Test event 2", "source": "test", "sourcetype": "manual"}]} + application/json: {"id": "tee-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that sends events to a command via stdin for debugging purposes", "streamtags": [], "functions": [{"filter": "true", "id": "tee", "conf": {"command": "tee", "args": ["/opt/cribl/foo.log"], "restartOnExit": true, "env": {}}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - speakeasy-default-create-output-system-test-by-pack-and-id: + PipelineExamplesUnroll: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"events": [{"key": "", "key1": "", "key2": ""}, {}]} + application/json: {"id": "unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls array fields into separate events", "streamtags": [], "functions": [{"filter": "true", "id": "unroll", "conf": {"srcExpr": "_raw.split(/\\n/)", "dstField": "_raw"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - getOutputStatusSystemOutputsByPackAndId: - speakeasy-default-get-output-status-system-outputs-by-pack-and-id: + PipelineExamplesXMLUnroll: parameters: path: - id: "" + id: "" pack: "" + requestBody: + application/json: {"id": "xml-unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls XML elements into separate events", "streamtags": [], "functions": [{"filter": "true", "id": "xml_unroll", "conf": {"unroll": "^Parent\\.Child$", "inherit": "^Parent\\.(myID|branchLocation)$", "unrollIdxField": "unroll_idx", "pretty": false}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - getOutputStatusSystemOutputsByPack: - speakeasy-default-get-output-status-system-outputs-by-pack: + speakeasy-default-update-pipelines-by-pack-and-id: parameters: path: + id: "" pack: "" + requestBody: + application/json: {"id": "", "conf": {}} responses: "200": application/json: {} "500": application/json: {} - createPipelinesByPack: - PipelineExamplesEmpty: + UpdatePipelineExamplesEmpty: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "empty-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "", "streamtags": [], "functions": [], "groups": {}}} @@ -29117,9 +33765,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesAggregations: + UpdatePipelineExamplesAggregations: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "aggregation-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that aggregates rejected bytes grouped by source address every 10 seconds", "streamtags": [], "functions": [{"filter": "true", "id": "aggregation", "conf": {"passthrough": false, "preserveGroupBys": false, "sufficientStatsOnly": false, "metricsMode": false, "timeWindow": "10s", "aggregations": ["sum(bytes).where(action==\"REJECT\").as(TotalBytes)"], "groupbys": ["srcaddr"], "cumulative": false, "shouldTreatDotsAsLiterals": false, "flushOnInputClose": true}}], "groups": {}}} @@ -29128,9 +33777,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesAggregateMetrics: + UpdatePipelineExamplesAggregateMetrics: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "aggregate-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that aggregates process metrics: CPU, memory, and bytes over time windows", "streamtags": [], "functions": [{"filter": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) || (_metric == 'proc.mem_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.mem_perc'\")) || (_metric == 'proc.bytes_in' || __criblMetrics[0].nameExpr.includes(\"'proc.bytes_in'\"))", "id": "aggregate_metrics", "conf": {"passthrough": false, "preserveGroupBys": false, "sufficientStatsOnly": false, "timeWindow": "10s", "aggregations": [{"metricType": "gauge", "agg": "avg(_value || proc.cpu_perc).as(proc.cpu_perc_avg)"}, {"metricType": "gauge", "agg": "sum(_value || proc.mem_perc).as(proc.mem_perc_sum)"}, {"metricType": "counter", "agg": "count(_value || proc.bytes_in).as(proc.bytes_in_count)"}], "groupbys": ["proc"], "cumulative": false, "shouldTreatDotsAsLiterals": true, "flushOnInputClose": true}}], "groups": {}}} @@ -29139,9 +33789,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesAutoTimestamp: + UpdatePipelineExamplesAutoTimestamp: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "auto-timestamp-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts timestamps from event data using auto timestamp function", "streamtags": [], "functions": [{"filter": "true", "id": "auto_timestamp", "conf": {"srcField": "_raw", "dstField": "_time", "defaultTimezone": "local", "timeExpression": "time.getTime() / 1000", "offset": 0, "maxLen": 150, "defaultTime": "now", "latestDateAllowed": "+1week", "earliestDateAllowed": "-420weeks", "timestamps": [{"regex": "/(\\d{1,2}\\/\\d{2}\\/\\d{4}\\s\\d{1,2}:\\d{2}:\\d{2}\\s\\w{2})/", "strptime": "%Y-%m-%d %H:%M:%S"}]}}], "groups": {}}} @@ -29150,9 +33801,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesCEFSerializer: + UpdatePipelineExamplesCEFSerializer: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "cef-serializer-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that formats events in CEF format with custom header and extension fields", "streamtags": [], "functions": [{"filter": "true", "id": "cef", "conf": {"outputField": "_raw", "header": [{"value": "'CEF:0'"}, {"value": "'Cribl'"}, {"value": "'Cribl'"}, {"value": "C.version"}, {"value": "420"}, {"value": "'Cribl Event'"}, {"value": "6"}], "extension": [{"name": "c6a1Label", "value": "'Colorado_Ext_Bldg7'"}]}}], "groups": {}}} @@ -29161,9 +33813,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesChain: + UpdatePipelineExamplesChain: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "chain-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that chains to another pipeline for sequential data processing", "streamtags": [], "functions": [{"filter": "true", "id": "chain", "conf": {"processor": "prometheus_metrics"}}], "groups": {}}} @@ -29172,9 +33825,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesClone: + UpdatePipelineExamplesClone: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "clone-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that creates cloned events with additional fields for comparison or routing", "streamtags": [], "functions": [{"filter": "true", "id": "clone", "conf": {"clones": [{"env": "staging"}, {"index": "clones"}]}}], "groups": {}}} @@ -29183,9 +33837,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesComment: + UpdatePipelineExamplesComment: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "comment-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline with comment function for documentation", "streamtags": [], "functions": [{"filter": "true", "id": "comment", "conf": {"comment": "This function processes security events and enriches them with DNS lookups"}}], "groups": {}}} @@ -29194,9 +33849,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesDNSLookup: + UpdatePipelineExamplesDNSLookup: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "dns-lookup-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that performs DNS lookups to resolve hostnames and IP addresses", "streamtags": [], "functions": [{"filter": "true", "id": "dns_lookup", "conf": {"dnsLookupFields": [{"inFieldName": "hostname", "resourceRecordType": "A", "outFieldName": "hostname_ip"}], "reverseLookupFields": [{"inFieldName": "src_ip", "outFieldName": "src_hostname"}], "cacheTTL": 30, "maxCacheSize": 5000, "useResolvConf": false, "lookupFallback": false, "lookupFailLogLevel": "error"}}], "groups": {}}} @@ -29205,9 +33861,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesDrop: + UpdatePipelineExamplesDrop: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "drop-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that drops events containing success messages", "streamtags": [], "functions": [{"filter": "_raw.search(/success/i)>=0", "id": "drop", "conf": {}}], "groups": {}}} @@ -29216,9 +33873,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesDropDimensions: + UpdatePipelineExamplesDropDimensions: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "drop-dimensions-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that drops specified dimensions from metrics to reduce cardinality", "streamtags": [], "functions": [{"filter": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) && (__criblMetrics[0].dims.includes(\"proc\"))", "id": "drop_dimensions", "conf": {"timeWindow": "10s", "dropDimensions": ["proc", "pie", "unit"], "flushOnInputClose": true}}], "groups": {}}} @@ -29227,9 +33885,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesDynamicSampling: + UpdatePipelineExamplesDynamicSampling: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "dynamic-sampling-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that dynamically samples events based on volume using square root mode", "streamtags": [], "functions": [{"filter": "true", "id": "dynamic_sampling", "conf": {"mode": "sqrt", "keyExpr": "`${domain}:${httpCode}`", "samplePeriod": 20, "minEvents": 3, "maxSampleRate": 3}}], "groups": {}}} @@ -29238,9 +33897,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesEval: + UpdatePipelineExamplesEval: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "eval-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that evaluates JavaScript expressions to add, modify, and remove fields", "streamtags": [], "functions": [{"filter": "true", "id": "eval", "conf": {"add": [{"name": "action", "value": "login == 'error' ? 'blocked' : action"}, {"name": "myTags", "value": "login == 'error' ? [...myTags, 'error'] : myTags"}], "keep": ["host", "source", "action", "myTags"], "remove": ["identification"]}}], "groups": {}}} @@ -29249,9 +33909,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesEventBreaker: + UpdatePipelineExamplesEventBreaker: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "event-breaker-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that breaks large event streams into discrete events using regex", "streamtags": [], "functions": [{"filter": "true", "id": "event_breaker", "conf": {"ruleType": "regex", "eventBreakerRegex": "/[\\n\\r]+(?!\\s)/", "existingOrNew": "new", "maxEventBytes": 51200, "timestampAnchorRegex": "/^/", "timestamp": {"type": "auto", "length": 150}, "timestampTimezone": "local", "timestampEarliest": "-420weeks", "timestampLatest": "+1week", "shouldMarkCriblBreaker": true}}], "groups": {}}} @@ -29260,9 +33921,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesFlatten: + UpdatePipelineExamplesFlatten: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "flatten-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that flattens nested JSON structures into top-level fields", "streamtags": [], "functions": [{"filter": "true", "id": "flatten", "conf": {"fields": [], "prefix": "", "depth": 5, "delimiter": "_"}}], "groups": {}}} @@ -29271,9 +33933,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesFoldKeys: + UpdatePipelineExamplesFoldKeys: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "fold-keys-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that transforms flat field names with separators into nested structures", "streamtags": [], "functions": [{"filter": "true", "id": "foldkeys", "conf": {"deleteOriginal": true, "separator": "_", "selectionRegExp": "^data"}}], "groups": {}}} @@ -29282,9 +33945,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesGeoIP: + UpdatePipelineExamplesGeoIP: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "geoip-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that enriches events with geolocation data from IP addresses", "streamtags": [], "functions": [{"filter": "true", "id": "geoip", "conf": {"file": "GeoLite2-City.mmdb", "inField": "ip", "outField": "geoip", "additionalFields": [{"extraInField": "src_ip", "extraOutField": "src_geoip"}]}}], "groups": {}}} @@ -29293,9 +33957,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesGrok: + UpdatePipelineExamplesGrok: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "grok-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts structured fields from log data using Grok patterns", "streamtags": [], "functions": [{"filter": "true", "id": "grok", "conf": {"pattern": "%{TIMESTAMP_ISO8601:event_time} %{LOGLEVEL:log_level} %{GREEDYDATA:log_message}", "patternList": [], "source": "_raw"}}], "groups": {}}} @@ -29304,9 +33969,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesGuard: + UpdatePipelineExamplesGuard: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "guard-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that scans for sensitive data and applies mitigation expressions", "streamtags": [], "functions": [{"filter": "true", "id": "sensitive_data_scanner", "conf": {"rules": [{"rulesetId": "Finance_Global", "replaceExpr": "'REDACTED'", "disabled": false}], "fields": ["_raw"], "excludeFields": [], "flags": [{"name": "_sensitive", "value": "true"}], "includeDetectedRules": true}}], "groups": {}}} @@ -29315,9 +33981,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesJSONUnroll: + UpdatePipelineExamplesJSONUnroll: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "json-unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls JSON arrays into individual events while retaining parent fields", "streamtags": [], "functions": [{"filter": "true", "id": "json_unroll", "conf": {"path": "allCars", "name": "cars"}}], "groups": {}}} @@ -29326,9 +33993,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesLookup: + UpdatePipelineExamplesLookup: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "lookup-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that enriches events with location data from IP address lookups", "streamtags": [], "functions": [{"filter": "true", "id": "lookup", "conf": {"file": "ip_locations.csv", "dbLookup": false, "matchMode": "exact", "reloadPeriodSec": -1, "inFields": [{"eventField": "destination_ip", "lookupField": "ip"}], "outFields": [{"lookupField": "location", "eventField": "location", "defaultValue": "Unknown"}], "addToEvent": false, "ignoreCase": false}}], "groups": {}}} @@ -29337,9 +34005,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesMask: + UpdatePipelineExamplesMask: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "mask-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that masks Social Security numbers and other sensitive data", "streamtags": [], "functions": [{"filter": "true", "id": "mask", "conf": {"rules": [{"matchRegex": "/(social=)(\\d+)/", "replaceExpr": "`${g1}${C.Mask.md5(g2)}`", "disabled": false}], "fields": ["_raw"], "depth": 5}}], "groups": {}}} @@ -29348,9 +34017,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesNumerify: + UpdatePipelineExamplesNumerify: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "numerify-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that converts string numbers to numeric type for mathematical operations", "streamtags": [], "functions": [{"filter": "true", "id": "numerify", "conf": {"format": "none", "depth": 5, "ignoreFields": [], "filterExpr": ""}}], "groups": {}}} @@ -29359,9 +34029,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesOTLPLogs: + UpdatePipelineExamplesOTLPLogs: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "otlp-logs-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that normalizes and batches OTLP log events from OpenTelemetry sources", "streamtags": [], "functions": [{"filter": "__inputId=='open_telemetry:open_telemetry'", "id": "otlp_logs", "conf": {"dropNonLogEvents": false, "batchOTLPLogs": true, "sendBatchSize": 8192, "timeout": 200, "sendBatchMaxSize": 0, "metadataKeys": [], "metadataCardinalityLimit": 1000}}], "groups": {}}} @@ -29370,9 +34041,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesOTLPMetrics: + UpdatePipelineExamplesOTLPMetrics: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "otlp-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that converts dimensional metrics to OTLP format and batches them by resource attributes", "streamtags": [], "functions": [{"filter": "__inputId=='prometheus_rw:prom_rw_in'", "id": "otlp_metrics", "conf": {"resourceAttributePrefixes": ["service", "system", "telemetry", "k8s", "cloud", "host", "process"], "dropNonMetricEvents": false, "otlpVersion": "0.10.0", "batchOTLPMetrics": true, "sendBatchSize": 8192, "timeout": 200, "sendBatchMaxSize": 0, "metadataKeys": [], "metadataCardinalityLimit": 1000}}], "groups": {}}} @@ -29381,9 +34053,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesOTLPTraces: + UpdatePipelineExamplesOTLPTraces: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "otlp-traces-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that normalizes and batches OTLP trace events from OpenTelemetry sources", "streamtags": [], "functions": [{"filter": "__inputId=='open_telemetry:open_telemetry'", "id": "otlp_traces", "conf": {"dropNonTraceEvents": false, "otlpVersion": "0.10.0", "batchOTLPTraces": true, "sendBatchSize": 8192, "timeout": 200, "sendBatchMaxSize": 0, "metadataKeys": [], "metadataCardinalityLimit": 1000}}], "groups": {}}} @@ -29392,9 +34065,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesParser: + UpdatePipelineExamplesParser: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "parser-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts fields from key-value pair formatted data", "streamtags": [], "functions": [{"filter": "true", "id": "serde", "conf": {"type": "kvp", "keep": ["a", "b", "c"], "remove": ["*"], "cleanFields": false, "mode": "extract", "srcField": "_raw"}}], "groups": {}}} @@ -29403,9 +34077,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesPublishMetrics: + UpdatePipelineExamplesPublishMetrics: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "publish-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts metrics from events and formats them for metrics aggregation platforms", "streamtags": [], "functions": [{"filter": "true", "id": "publish_metrics", "conf": {"fields": [{"inFieldName": "bytes", "outFieldExpr": "'metric_name.bytes'", "metricType": "gauge"}, {"inFieldName": "packets", "outFieldExpr": "'metric_name.packets'", "metricType": "gauge"}], "overwrite": false, "dimensions": ["action", "interface_id", "dstaddr"], "removeMetrics": [], "removeDimensions": []}}], "groups": {}}} @@ -29414,9 +34089,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesRedis: + UpdatePipelineExamplesRedis: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "redis-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that retrieves values from Redis using GET command", "streamtags": [], "functions": [{"filter": "true", "id": "redis", "conf": {"authType": "none", "commands": [{"outField": "cached_value", "command": "get", "keyExpr": "'user_session'", "argsExpr": ""}], "deploymentType": "standalone", "maxBlockSecs": 60, "url": "'redis://localhost:6379/0'"}}], "groups": {}}} @@ -29425,9 +34101,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesRegexExtract: + UpdatePipelineExamplesRegexExtract: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "regex-extract-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts structured fields from log data using regex patterns with named capture groups", "streamtags": [], "functions": [{"filter": "true", "id": "regex_extract", "conf": {"regex": "/metric1=(?\\d+)/", "source": "_raw", "iterations": 100, "overwrite": false}}], "groups": {}}} @@ -29436,9 +34113,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesRegexFilter: + UpdatePipelineExamplesRegexFilter: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "regex-filter-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that filters out events matching specific regex patterns", "streamtags": [], "functions": [{"filter": "true", "id": "regex_filter", "conf": {"regex": "/Opera/", "field": "_raw"}}], "groups": {}}} @@ -29447,9 +34125,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesRename: + UpdatePipelineExamplesRename: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "rename-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that renames fields using key-value pairs and expressions", "streamtags": [], "functions": [{"filter": "true", "id": "rename", "conf": {"baseFields": [], "rename": [{"currentName": "level", "newName": "LEVEL"}], "renameExpr": "name.startsWith('out') ? name.toUpperCase() : name", "wildcardDepth": 5}}], "groups": {}}} @@ -29458,9 +34137,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesRollupMetrics: + UpdatePipelineExamplesRollupMetrics: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "rollup-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that consolidates high-frequency metrics into manageable time windows", "streamtags": [], "functions": [{"filter": "true", "id": "rollup_metrics", "conf": {"dimensions": ["*"], "timeWindow": "30s", "gaugeRollup": "last"}}], "groups": {}}} @@ -29469,9 +34149,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesSampling: + UpdatePipelineExamplesSampling: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "sampling-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that samples events at specified rates based on filter criteria", "streamtags": [], "functions": [{"filter": "true", "id": "sampling", "conf": {"rules": [{"filter": "__status == 200", "rate": 5}]}}], "groups": {}}} @@ -29480,9 +34161,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesSerialize: + UpdatePipelineExamplesSerialize: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "serialize-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that serializes event fields into JSON format", "streamtags": [], "functions": [{"filter": "true", "id": "serialize", "conf": {"type": "csv"}}], "groups": {}}} @@ -29491,9 +34173,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesSNMPTrapSerialize: + UpdatePipelineExamplesSNMPTrapSerialize: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "snmp-trap-serialize-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that serializes events into SNMP trap format for SNMP trap destinations", "streamtags": [], "functions": [{"filter": "true", "id": "snmp_trap_serialize", "conf": {"strict": true, "dropFailedEvents": true}}], "groups": {}}} @@ -29502,9 +34185,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesSuppress: + UpdatePipelineExamplesSuppress: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "suppress-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that suppresses duplicate events based on a key expression", "streamtags": [], "functions": [{"filter": "true", "id": "suppress", "conf": {"keyExpr": "`${ip}:${port}`", "allow": 1, "suppressPeriodSec": 30, "dropEventsMode": true, "maxCacheSize": 50000, "cacheIdleTimeoutPeriods": 2, "numEventsIdleTimeoutTrigger": 10000}}], "groups": {}}} @@ -29513,9 +34197,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesTee: + UpdatePipelineExamplesTee: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "tee-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that sends events to a command via stdin for debugging purposes", "streamtags": [], "functions": [{"filter": "true", "id": "tee", "conf": {"command": "tee", "args": ["/opt/cribl/foo.log"], "restartOnExit": true, "env": {}}}], "groups": {}}} @@ -29524,9 +34209,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesUnroll: + UpdatePipelineExamplesUnroll: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls array fields into separate events", "streamtags": [], "functions": [{"filter": "true", "id": "unroll", "conf": {"srcExpr": "_raw.split(/\\n/)", "dstField": "_raw"}}], "groups": {}}} @@ -29535,9 +34221,10 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesXMLUnroll: + UpdatePipelineExamplesXMLUnroll: parameters: path: + id: "" pack: "" requestBody: application/json: {"id": "xml-unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls XML elements into separate events", "streamtags": [], "functions": [{"filter": "true", "id": "xml_unroll", "conf": {"unroll": "^Parent\\.Child$", "inherit": "^Parent\\.(myID|branchLocation)$", "unrollIdxField": "unroll_idx", "pretty": false}}], "groups": {}}} @@ -29546,139 +34233,224 @@ examples: application/json: {} "500": application/json: {} - speakeasy-default-create-pipelines-by-pack: + getRoutesByPackAndId: + speakeasy-default-get-routes-by-pack-and-id: parameters: path: + id: "" pack: "" - requestBody: - application/json: {"id": "", "conf": {}} responses: "200": application/json: {} "500": application/json: {} - getPipelinesByPack: - speakeasy-default-get-pipelines-by-pack: + updateRoutesByPackAndId: + RoutesUpdateExamplesBasicRoute: parameters: path: + id: "" pack: "" + requestBody: + application/json: {"id": "default", "routes": [{"description": "Route access logs to main Pipeline", "filter": "source == \"access.log\"", "name": "my-route", "pipeline": "main", "final": true, "id": "default"}]} responses: "200": application/json: {} "500": application/json: {} - deletePipelinesByPackAndId: - speakeasy-default-delete-pipelines-by-pack-and-id: + RoutesUpdateExamplesMultipleRoutes: parameters: path: - id: "" + id: "" pack: "" + requestBody: + application/json: {"id": "default", "routes": [{"description": "Route speedtest logs", "filter": "source == \"speedtest.log\"", "name": "speedtest", "output": "default", "pipeline": "main", "final": false, "id": "route-speedtest"}, {"description": "Route mtr logs", "filter": "source == \"mtr.log\"", "name": "mtr", "output": "default", "pipeline": "passthru", "final": false, "id": "route-mtr"}, {"description": "Route statsd metrics", "filter": "source == \"statsd.log\"", "name": "statsd", "output": "devnull", "pipeline": "prometheus_metrics", "final": false, "id": "route-statsd"}, {"description": "Catch-all Route for all other events", "filter": "true", "name": "default", "output": "default", "pipeline": "main", "final": true, "id": "route-default"}]} responses: "200": application/json: {} "500": application/json: {} - getPipelinesByPackAndId: - speakeasy-default-get-pipelines-by-pack-and-id: + RoutesUpdateExamplesRouteWithOutputExpression: parameters: path: - id: "" + id: "" pack: "" + requestBody: + application/json: {"id": "default", "routes": [{"description": "Route with dynamic Destination based on environment", "enableOutputExpression": true, "filter": "source == \"dynamic.log\"", "name": "dynamic-output", "outputExpression": "`myDest_${C.logStreamEnv}`", "pipeline": "main", "final": true, "id": "route-dynamic"}]} responses: "200": application/json: {} "500": application/json: {} - updatePipelinesByPackAndId: - PipelineExamplesEmpty: + speakeasy-default-update-routes-by-pack-and-id: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "empty-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "", "streamtags": [], "functions": [], "groups": {}}} + application/json: {"id": "", "routes": []} responses: "200": application/json: {} "500": application/json: {} - PipelineExamplesAggregations: + RoutesUpdateExamplesRouteWithDefaults: parameters: path: id: "" pack: "" requestBody: - application/json: {"id": "aggregation-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that aggregates rejected bytes grouped by source address every 10 seconds", "streamtags": [], "functions": [{"filter": "true", "id": "aggregation", "conf": {"passthrough": false, "preserveGroupBys": false, "sufficientStatsOnly": false, "metricsMode": false, "timeWindow": "10s", "aggregations": ["sum(bytes).where(action==\"REJECT\").as(TotalBytes)"], "groupbys": ["srcaddr"], "cumulative": false, "shouldTreatDotsAsLiterals": false, "flushOnInputClose": true}}], "groups": {}}} + application/json: {"id": "default", "routes": [{"description": "Route access logs to main Pipeline", "filter": "source == \"access.log\"", "name": "my-route", "pipeline": "main"}]} responses: "200": application/json: {} "500": application/json: {} - PipelineExamplesAggregateMetrics: + getRoutesByPack: + speakeasy-default-get-routes-by-pack: parameters: path: - id: "" pack: "" - requestBody: - application/json: {"id": "aggregate-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that aggregates process metrics: CPU, memory, and bytes over time windows", "streamtags": [], "functions": [{"filter": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) || (_metric == 'proc.mem_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.mem_perc'\")) || (_metric == 'proc.bytes_in' || __criblMetrics[0].nameExpr.includes(\"'proc.bytes_in'\"))", "id": "aggregate_metrics", "conf": {"passthrough": false, "preserveGroupBys": false, "sufficientStatsOnly": false, "timeWindow": "10s", "aggregations": [{"metricType": "gauge", "agg": "avg(_value || proc.cpu_perc).as(proc.cpu_perc_avg)"}, {"metricType": "gauge", "agg": "sum(_value || proc.mem_perc).as(proc.mem_perc_sum)"}, {"metricType": "counter", "agg": "count(_value || proc.bytes_in).as(proc.bytes_in_count)"}], "groupbys": ["proc"], "cumulative": false, "shouldTreatDotsAsLiterals": true, "flushOnInputClose": true}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - PipelineExamplesAutoTimestamp: + createRoutesAppendByPackAndId: + RoutesAppendExamplesSingleRoute: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "auto-timestamp-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts timestamps from event data using auto timestamp function", "streamtags": [], "functions": [{"filter": "true", "id": "auto_timestamp", "conf": {"srcField": "_raw", "dstField": "_time", "defaultTimezone": "local", "timeExpression": "time.getTime() / 1000", "offset": 0, "maxLen": 150, "defaultTime": "now", "latestDateAllowed": "+1week", "earliestDateAllowed": "-420weeks", "timestamps": [{"regex": "/(\\d{1,2}\\/\\d{2}\\/\\d{4}\\s\\d{1,2}:\\d{2}:\\d{2}\\s\\w{2})/", "strptime": "%Y-%m-%d %H:%M:%S"}]}}], "groups": {}}} + application/json: [{"description": "Route new logs to main pipeline", "filter": "source == \"new.log\"", "name": "new-route", "pipeline": "main", "final": true, "id": "route-new"}] responses: "200": application/json: {} "500": application/json: {} - PipelineExamplesCEFSerializer: + RoutesAppendExamplesMultipleRoutes: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "cef-serializer-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that formats events in CEF format with custom header and extension fields", "streamtags": [], "functions": [{"filter": "true", "id": "cef", "conf": {"outputField": "_raw", "header": [{"value": "'CEF:0'"}, {"value": "'Cribl'"}, {"value": "'Cribl'"}, {"value": "C.version"}, {"value": "420"}, {"value": "'Cribl Event'"}, {"value": "6"}], "extension": [{"name": "c6a1Label", "value": "'Colorado_Ext_Bldg7'"}]}}], "groups": {}}} + application/json: [{"description": "Route audit logs", "filter": "source == \"audit.log\"", "name": "audit", "output": "default", "pipeline": "main", "final": false, "id": "route-audit"}, {"description": "Route security logs", "filter": "source == \"security.log\"", "name": "security", "output": "devnull", "pipeline": "passthru", "final": false, "id": "route-security"}] responses: "200": application/json: {} "500": application/json: {} - PipelineExamplesChain: + RoutesAppendExamplesRouteWithOutputExpression: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "chain-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that chains to another pipeline for sequential data processing", "streamtags": [], "functions": [{"filter": "true", "id": "chain", "conf": {"processor": "prometheus_metrics"}}], "groups": {}}} + application/json: [{"description": "Route with dynamic Destination based on environment", "enableOutputExpression": true, "filter": "source == \"dynamic.log\"", "name": "dynamic-append", "outputExpression": "`myDest_${C.logStreamEnv}`", "pipeline": "main", "final": true, "id": "route-dynamic-append"}] responses: "200": application/json: {} "500": application/json: {} - PipelineExamplesClone: + speakeasy-default-create-routes-append-by-pack-and-id: parameters: path: - id: "" + id: "" pack: "" requestBody: - application/json: {"id": "clone-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that creates cloned events with additional fields for comparison or routing", "streamtags": [], "functions": [{"filter": "true", "id": "clone", "conf": {"clones": [{"env": "staging"}, {"index": "clones"}]}}], "groups": {}}} + application/json: [{"name": "", "pipeline": "", "final": true, "id": ""}] responses: "200": application/json: {} "500": application/json: {} - PipelineExamplesComment: + RoutesAppendExamplesRouteWithDefaults: parameters: path: - id: "" + id: "" pack: "" + requestBody: + application/json: [{"description": "Route with server-generated id and default final value", "filter": "source == \"new.log\"", "name": "new-route", "pipeline": "main"}] + responses: + "200": + application/json: {} + "500": + application/json: {} + getOutputStatusById: + speakeasy-default-get-output-status-by-id: + parameters: + path: + id: "" + responses: + "200": + application/json: {} + "500": + application/json: {} + getOutputStatus: + speakeasy-default-get-output-status: + responses: + "200": + application/json: {} + "500": + application/json: {} + createPipelines: + PipelineExamplesEmpty: + requestBody: + application/json: {"id": "empty-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "", "streamtags": [], "functions": [], "groups": {}}} + responses: + "200": + application/json: {} + "500": + application/json: {} + PipelineExamplesAggregations: + requestBody: + application/json: {"id": "aggregation-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that aggregates rejected bytes grouped by source address every 10 seconds", "streamtags": [], "functions": [{"filter": "true", "id": "aggregation", "conf": {"passthrough": false, "preserveGroupBys": false, "sufficientStatsOnly": false, "metricsMode": false, "timeWindow": "10s", "aggregations": ["sum(bytes).where(action==\"REJECT\").as(TotalBytes)"], "groupbys": ["srcaddr"], "cumulative": false, "shouldTreatDotsAsLiterals": false, "flushOnInputClose": true}}], "groups": {}}} + responses: + "200": + application/json: {} + "500": + application/json: {} + PipelineExamplesAggregateMetrics: + requestBody: + application/json: {"id": "aggregate-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that aggregates process metrics: CPU, memory, and bytes over time windows", "streamtags": [], "functions": [{"filter": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) || (_metric == 'proc.mem_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.mem_perc'\")) || (_metric == 'proc.bytes_in' || __criblMetrics[0].nameExpr.includes(\"'proc.bytes_in'\"))", "id": "aggregate_metrics", "conf": {"passthrough": false, "preserveGroupBys": false, "sufficientStatsOnly": false, "timeWindow": "10s", "aggregations": [{"metricType": "gauge", "agg": "avg(_value || proc.cpu_perc).as(proc.cpu_perc_avg)"}, {"metricType": "gauge", "agg": "sum(_value || proc.mem_perc).as(proc.mem_perc_sum)"}, {"metricType": "counter", "agg": "count(_value || proc.bytes_in).as(proc.bytes_in_count)"}], "groupbys": ["proc"], "cumulative": false, "shouldTreatDotsAsLiterals": true, "flushOnInputClose": true}}], "groups": {}}} + responses: + "200": + application/json: {} + "500": + application/json: {} + PipelineExamplesAutoTimestamp: + requestBody: + application/json: {"id": "auto-timestamp-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts timestamps from event data using auto timestamp function", "streamtags": [], "functions": [{"filter": "true", "id": "auto_timestamp", "conf": {"srcField": "_raw", "dstField": "_time", "defaultTimezone": "local", "timeExpression": "time.getTime() / 1000", "offset": 0, "maxLen": 150, "defaultTime": "now", "latestDateAllowed": "+1week", "earliestDateAllowed": "-420weeks", "timestamps": [{"regex": "/(\\d{1,2}\\/\\d{2}\\/\\d{4}\\s\\d{1,2}:\\d{2}:\\d{2}\\s\\w{2})/", "strptime": "%Y-%m-%d %H:%M:%S"}]}}], "groups": {}}} + responses: + "200": + application/json: {} + "500": + application/json: {} + PipelineExamplesCEFSerializer: + requestBody: + application/json: {"id": "cef-serializer-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that formats events in CEF format with custom header and extension fields", "streamtags": [], "functions": [{"filter": "true", "id": "cef", "conf": {"outputField": "_raw", "header": [{"value": "'CEF:0'"}, {"value": "'Cribl'"}, {"value": "'Cribl'"}, {"value": "C.version"}, {"value": "420"}, {"value": "'Cribl Event'"}, {"value": "6"}], "extension": [{"name": "c6a1Label", "value": "'Colorado_Ext_Bldg7'"}]}}], "groups": {}}} + responses: + "200": + application/json: {} + "500": + application/json: {} + PipelineExamplesChain: + requestBody: + application/json: {"id": "chain-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that chains to another pipeline for sequential data processing", "streamtags": [], "functions": [{"filter": "true", "id": "chain", "conf": {"processor": "prometheus_metrics"}}], "groups": {}}} + responses: + "200": + application/json: {} + "500": + application/json: {} + PipelineExamplesClone: + requestBody: + application/json: {"id": "clone-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that creates cloned events with additional fields for comparison or routing", "streamtags": [], "functions": [{"filter": "true", "id": "clone", "conf": {"clones": [{"env": "staging"}, {"index": "clones"}]}}], "groups": {}}} + responses: + "200": + application/json: {} + "500": + application/json: {} + PipelineExamplesComment: requestBody: application/json: {"id": "comment-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline with comment function for documentation", "streamtags": [], "functions": [{"filter": "true", "id": "comment", "conf": {"comment": "This function processes security events and enriches them with DNS lookups"}}], "groups": {}}} responses: @@ -29687,10 +34459,6 @@ examples: "500": application/json: {} PipelineExamplesDNSLookup: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "dns-lookup-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that performs DNS lookups to resolve hostnames and IP addresses", "streamtags": [], "functions": [{"filter": "true", "id": "dns_lookup", "conf": {"dnsLookupFields": [{"inFieldName": "hostname", "resourceRecordType": "A", "outFieldName": "hostname_ip"}], "reverseLookupFields": [{"inFieldName": "src_ip", "outFieldName": "src_hostname"}], "cacheTTL": 30, "maxCacheSize": 5000, "useResolvConf": false, "lookupFallback": false, "lookupFailLogLevel": "error"}}], "groups": {}}} responses: @@ -29699,10 +34467,6 @@ examples: "500": application/json: {} PipelineExamplesDrop: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "drop-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that drops events containing success messages", "streamtags": [], "functions": [{"filter": "_raw.search(/success/i)>=0", "id": "drop", "conf": {}}], "groups": {}}} responses: @@ -29711,10 +34475,6 @@ examples: "500": application/json: {} PipelineExamplesDropDimensions: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "drop-dimensions-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that drops specified dimensions from metrics to reduce cardinality", "streamtags": [], "functions": [{"filter": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) && (__criblMetrics[0].dims.includes(\"proc\"))", "id": "drop_dimensions", "conf": {"timeWindow": "10s", "dropDimensions": ["proc", "pie", "unit"], "flushOnInputClose": true}}], "groups": {}}} responses: @@ -29723,10 +34483,6 @@ examples: "500": application/json: {} PipelineExamplesDynamicSampling: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "dynamic-sampling-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that dynamically samples events based on volume using square root mode", "streamtags": [], "functions": [{"filter": "true", "id": "dynamic_sampling", "conf": {"mode": "sqrt", "keyExpr": "`${domain}:${httpCode}`", "samplePeriod": 20, "minEvents": 3, "maxSampleRate": 3}}], "groups": {}}} responses: @@ -29735,10 +34491,6 @@ examples: "500": application/json: {} PipelineExamplesEval: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "eval-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that evaluates JavaScript expressions to add, modify, and remove fields", "streamtags": [], "functions": [{"filter": "true", "id": "eval", "conf": {"add": [{"name": "action", "value": "login == 'error' ? 'blocked' : action"}, {"name": "myTags", "value": "login == 'error' ? [...myTags, 'error'] : myTags"}], "keep": ["host", "source", "action", "myTags"], "remove": ["identification"]}}], "groups": {}}} responses: @@ -29747,10 +34499,6 @@ examples: "500": application/json: {} PipelineExamplesEventBreaker: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "event-breaker-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that breaks large event streams into discrete events using regex", "streamtags": [], "functions": [{"filter": "true", "id": "event_breaker", "conf": {"ruleType": "regex", "eventBreakerRegex": "/[\\n\\r]+(?!\\s)/", "existingOrNew": "new", "maxEventBytes": 51200, "timestampAnchorRegex": "/^/", "timestamp": {"type": "auto", "length": 150}, "timestampTimezone": "local", "timestampEarliest": "-420weeks", "timestampLatest": "+1week", "shouldMarkCriblBreaker": true}}], "groups": {}}} responses: @@ -29759,10 +34507,6 @@ examples: "500": application/json: {} PipelineExamplesFlatten: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "flatten-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that flattens nested JSON structures into top-level fields", "streamtags": [], "functions": [{"filter": "true", "id": "flatten", "conf": {"fields": [], "prefix": "", "depth": 5, "delimiter": "_"}}], "groups": {}}} responses: @@ -29771,10 +34515,6 @@ examples: "500": application/json: {} PipelineExamplesFoldKeys: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "fold-keys-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that transforms flat field names with separators into nested structures", "streamtags": [], "functions": [{"filter": "true", "id": "foldkeys", "conf": {"deleteOriginal": true, "separator": "_", "selectionRegExp": "^data"}}], "groups": {}}} responses: @@ -29783,10 +34523,6 @@ examples: "500": application/json: {} PipelineExamplesGeoIP: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "geoip-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that enriches events with geolocation data from IP addresses", "streamtags": [], "functions": [{"filter": "true", "id": "geoip", "conf": {"file": "GeoLite2-City.mmdb", "inField": "ip", "outField": "geoip", "additionalFields": [{"extraInField": "src_ip", "extraOutField": "src_geoip"}]}}], "groups": {}}} responses: @@ -29795,10 +34531,6 @@ examples: "500": application/json: {} PipelineExamplesGrok: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "grok-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts structured fields from log data using Grok patterns", "streamtags": [], "functions": [{"filter": "true", "id": "grok", "conf": {"pattern": "%{TIMESTAMP_ISO8601:event_time} %{LOGLEVEL:log_level} %{GREEDYDATA:log_message}", "patternList": [], "source": "_raw"}}], "groups": {}}} responses: @@ -29807,10 +34539,6 @@ examples: "500": application/json: {} PipelineExamplesGuard: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "guard-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that scans for sensitive data and applies mitigation expressions", "streamtags": [], "functions": [{"filter": "true", "id": "sensitive_data_scanner", "conf": {"rules": [{"rulesetId": "Finance_Global", "replaceExpr": "'REDACTED'", "disabled": false}], "fields": ["_raw"], "excludeFields": [], "flags": [{"name": "_sensitive", "value": "true"}], "includeDetectedRules": true}}], "groups": {}}} responses: @@ -29819,10 +34547,6 @@ examples: "500": application/json: {} PipelineExamplesJSONUnroll: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "json-unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls JSON arrays into individual events while retaining parent fields", "streamtags": [], "functions": [{"filter": "true", "id": "json_unroll", "conf": {"path": "allCars", "name": "cars"}}], "groups": {}}} responses: @@ -29831,10 +34555,6 @@ examples: "500": application/json: {} PipelineExamplesLookup: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "lookup-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that enriches events with location data from IP address lookups", "streamtags": [], "functions": [{"filter": "true", "id": "lookup", "conf": {"file": "ip_locations.csv", "dbLookup": false, "matchMode": "exact", "reloadPeriodSec": -1, "inFields": [{"eventField": "destination_ip", "lookupField": "ip"}], "outFields": [{"lookupField": "location", "eventField": "location", "defaultValue": "Unknown"}], "addToEvent": false, "ignoreCase": false}}], "groups": {}}} responses: @@ -29843,10 +34563,6 @@ examples: "500": application/json: {} PipelineExamplesMask: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "mask-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that masks Social Security numbers and other sensitive data", "streamtags": [], "functions": [{"filter": "true", "id": "mask", "conf": {"rules": [{"matchRegex": "/(social=)(\\d+)/", "replaceExpr": "`${g1}${C.Mask.md5(g2)}`", "disabled": false}], "fields": ["_raw"], "depth": 5}}], "groups": {}}} responses: @@ -29855,10 +34571,6 @@ examples: "500": application/json: {} PipelineExamplesNumerify: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "numerify-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that converts string numbers to numeric type for mathematical operations", "streamtags": [], "functions": [{"filter": "true", "id": "numerify", "conf": {"format": "none", "depth": 5, "ignoreFields": [], "filterExpr": ""}}], "groups": {}}} responses: @@ -29867,10 +34579,6 @@ examples: "500": application/json: {} PipelineExamplesOTLPLogs: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "otlp-logs-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that normalizes and batches OTLP log events from OpenTelemetry sources", "streamtags": [], "functions": [{"filter": "__inputId=='open_telemetry:open_telemetry'", "id": "otlp_logs", "conf": {"dropNonLogEvents": false, "batchOTLPLogs": true, "sendBatchSize": 8192, "timeout": 200, "sendBatchMaxSize": 0, "metadataKeys": [], "metadataCardinalityLimit": 1000}}], "groups": {}}} responses: @@ -29879,10 +34587,6 @@ examples: "500": application/json: {} PipelineExamplesOTLPMetrics: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "otlp-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that converts dimensional metrics to OTLP format and batches them by resource attributes", "streamtags": [], "functions": [{"filter": "__inputId=='prometheus_rw:prom_rw_in'", "id": "otlp_metrics", "conf": {"resourceAttributePrefixes": ["service", "system", "telemetry", "k8s", "cloud", "host", "process"], "dropNonMetricEvents": false, "otlpVersion": "0.10.0", "batchOTLPMetrics": true, "sendBatchSize": 8192, "timeout": 200, "sendBatchMaxSize": 0, "metadataKeys": [], "metadataCardinalityLimit": 1000}}], "groups": {}}} responses: @@ -29891,10 +34595,6 @@ examples: "500": application/json: {} PipelineExamplesOTLPTraces: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "otlp-traces-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that normalizes and batches OTLP trace events from OpenTelemetry sources", "streamtags": [], "functions": [{"filter": "__inputId=='open_telemetry:open_telemetry'", "id": "otlp_traces", "conf": {"dropNonTraceEvents": false, "otlpVersion": "0.10.0", "batchOTLPTraces": true, "sendBatchSize": 8192, "timeout": 200, "sendBatchMaxSize": 0, "metadataKeys": [], "metadataCardinalityLimit": 1000}}], "groups": {}}} responses: @@ -29903,10 +34603,6 @@ examples: "500": application/json: {} PipelineExamplesParser: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "parser-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts fields from key-value pair formatted data", "streamtags": [], "functions": [{"filter": "true", "id": "serde", "conf": {"type": "kvp", "keep": ["a", "b", "c"], "remove": ["*"], "cleanFields": false, "mode": "extract", "srcField": "_raw"}}], "groups": {}}} responses: @@ -29915,10 +34611,6 @@ examples: "500": application/json: {} PipelineExamplesPublishMetrics: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "publish-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts metrics from events and formats them for metrics aggregation platforms", "streamtags": [], "functions": [{"filter": "true", "id": "publish_metrics", "conf": {"fields": [{"inFieldName": "bytes", "outFieldExpr": "'metric_name.bytes'", "metricType": "gauge"}, {"inFieldName": "packets", "outFieldExpr": "'metric_name.packets'", "metricType": "gauge"}], "overwrite": false, "dimensions": ["action", "interface_id", "dstaddr"], "removeMetrics": [], "removeDimensions": []}}], "groups": {}}} responses: @@ -29927,10 +34619,6 @@ examples: "500": application/json: {} PipelineExamplesRedis: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "redis-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that retrieves values from Redis using GET command", "streamtags": [], "functions": [{"filter": "true", "id": "redis", "conf": {"authType": "none", "commands": [{"outField": "cached_value", "command": "get", "keyExpr": "'user_session'", "argsExpr": ""}], "deploymentType": "standalone", "maxBlockSecs": 60, "url": "'redis://localhost:6379/0'"}}], "groups": {}}} responses: @@ -29939,10 +34627,6 @@ examples: "500": application/json: {} PipelineExamplesRegexExtract: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "regex-extract-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts structured fields from log data using regex patterns with named capture groups", "streamtags": [], "functions": [{"filter": "true", "id": "regex_extract", "conf": {"regex": "/metric1=(?\\d+)/", "source": "_raw", "iterations": 100, "overwrite": false}}], "groups": {}}} responses: @@ -29951,10 +34635,6 @@ examples: "500": application/json: {} PipelineExamplesRegexFilter: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "regex-filter-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that filters out events matching specific regex patterns", "streamtags": [], "functions": [{"filter": "true", "id": "regex_filter", "conf": {"regex": "/Opera/", "field": "_raw"}}], "groups": {}}} responses: @@ -29963,10 +34643,6 @@ examples: "500": application/json: {} PipelineExamplesRename: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "rename-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that renames fields using key-value pairs and expressions", "streamtags": [], "functions": [{"filter": "true", "id": "rename", "conf": {"baseFields": [], "rename": [{"currentName": "level", "newName": "LEVEL"}], "renameExpr": "name.startsWith('out') ? name.toUpperCase() : name", "wildcardDepth": 5}}], "groups": {}}} responses: @@ -29975,10 +34651,6 @@ examples: "500": application/json: {} PipelineExamplesRollupMetrics: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "rollup-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that consolidates high-frequency metrics into manageable time windows", "streamtags": [], "functions": [{"filter": "true", "id": "rollup_metrics", "conf": {"dimensions": ["*"], "timeWindow": "30s", "gaugeRollup": "last"}}], "groups": {}}} responses: @@ -29987,10 +34659,6 @@ examples: "500": application/json: {} PipelineExamplesSampling: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "sampling-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that samples events at specified rates based on filter criteria", "streamtags": [], "functions": [{"filter": "true", "id": "sampling", "conf": {"rules": [{"filter": "__status == 200", "rate": 5}]}}], "groups": {}}} responses: @@ -29999,22 +34667,14 @@ examples: "500": application/json: {} PipelineExamplesSerialize: - parameters: - path: - id: "" - pack: "" requestBody: - application/json: {"id": "serialize-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that serializes event fields into JSON format", "streamtags": [], "functions": [{"filter": "true", "id": "serialize", "conf": {"type": "csv"}}], "groups": {}}} + application/json: {"id": "serialize-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that serializes event fields into JSON format", "streamtags": [], "functions": [{"filter": "true", "id": "serialize", "conf": {"type": "kvp"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} PipelineExamplesSNMPTrapSerialize: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "snmp-trap-serialize-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that serializes events into SNMP trap format for SNMP trap destinations", "streamtags": [], "functions": [{"filter": "true", "id": "snmp_trap_serialize", "conf": {"strict": true, "dropFailedEvents": true}}], "groups": {}}} responses: @@ -30023,10 +34683,6 @@ examples: "500": application/json: {} PipelineExamplesSuppress: - parameters: - path: - id: "" - pack: "" requestBody: application/json: {"id": "suppress-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that suppresses duplicate events based on a key expression", "streamtags": [], "functions": [{"filter": "true", "id": "suppress", "conf": {"keyExpr": "`${ip}:${port}`", "allow": 1, "suppressPeriodSec": 30, "dropEventsMode": true, "maxCacheSize": 50000, "cacheIdleTimeoutPeriods": 2, "numEventsIdleTimeoutTrigger": 10000}}], "groups": {}}} responses: @@ -30035,198 +34691,46 @@ examples: "500": application/json: {} PipelineExamplesTee: - parameters: - path: - id: "" - pack: "" - requestBody: - application/json: {"id": "tee-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that sends events to a command via stdin for debugging purposes", "streamtags": [], "functions": [{"filter": "true", "id": "tee", "conf": {"command": "tee", "args": ["/opt/cribl/foo.log"], "restartOnExit": true, "env": {}}}], "groups": {}}} - responses: - "200": - application/json: {} - "500": - application/json: {} - PipelineExamplesUnroll: - parameters: - path: - id: "" - pack: "" - requestBody: - application/json: {"id": "unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls array fields into separate events", "streamtags": [], "functions": [{"filter": "true", "id": "unroll", "conf": {"srcExpr": "_raw.split(/\\n/)", "dstField": "_raw"}}], "groups": {}}} - responses: - "200": - application/json: {} - "500": - application/json: {} - PipelineExamplesXMLUnroll: - parameters: - path: - id: "" - pack: "" - requestBody: - application/json: {"id": "xml-unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls XML elements into separate events", "streamtags": [], "functions": [{"filter": "true", "id": "xml_unroll", "conf": {"unroll": "^Parent\\.Child$", "inherit": "^Parent\\.(myID|branchLocation)$", "unrollIdxField": "unroll_idx", "pretty": false}}], "groups": {}}} - responses: - "200": - application/json: {} - "500": - application/json: {} - speakeasy-default-update-pipelines-by-pack-and-id: - parameters: - path: - id: "" - pack: "" - requestBody: - application/json: {"id": "", "conf": {}} - responses: - "200": - application/json: {} - "500": - application/json: {} - getRoutesByPackAndId: - speakeasy-default-get-routes-by-pack-and-id: - parameters: - path: - id: "" - pack: "" - responses: - "200": - application/json: {} - "500": - application/json: {} - updateRoutesByPackAndId: - RoutesUpdateExamplesBasicRoute: - parameters: - path: - id: "" - pack: "" - requestBody: - application/json: {"id": "default", "routes": [{"description": "Route access logs to main Pipeline", "filter": "source == \"access.log\"", "name": "my-route", "pipeline": "main", "final": true, "id": "default"}]} - responses: - "200": - application/json: {} - "500": - application/json: {} - RoutesUpdateExamplesMultipleRoutes: - parameters: - path: - id: "" - pack: "" - requestBody: - application/json: {"id": "default", "routes": [{"description": "Route speedtest logs", "filter": "source == \"speedtest.log\"", "name": "speedtest", "output": "default", "pipeline": "main", "final": false, "id": "route-speedtest"}, {"description": "Route mtr logs", "filter": "source == \"mtr.log\"", "name": "mtr", "output": "default", "pipeline": "passthru", "final": false, "id": "route-mtr"}, {"description": "Route statsd metrics", "filter": "source == \"statsd.log\"", "name": "statsd", "output": "devnull", "pipeline": "prometheus_metrics", "final": false, "id": "route-statsd"}, {"description": "Catch-all Route for all other events", "filter": "true", "name": "default", "output": "default", "pipeline": "main", "final": true, "id": "route-default"}]} - responses: - "200": - application/json: {} - "500": - application/json: {} - RoutesUpdateExamplesRouteWithOutputExpression: - parameters: - path: - id: "" - pack: "" - requestBody: - application/json: {"id": "default", "routes": [{"description": "Route with dynamic Destination based on environment", "enableOutputExpression": true, "filter": "source == \"dynamic.log\"", "name": "dynamic-output", "outputExpression": "`myDest_${C.logStreamEnv}`", "pipeline": "main", "final": true, "id": "route-dynamic"}]} - responses: - "200": - application/json: {} - "500": - application/json: {} - speakeasy-default-update-routes-by-pack-and-id: - parameters: - path: - id: "" - pack: "" - requestBody: - application/json: {"id": "", "routes": []} - responses: - "200": - application/json: {} - "500": - application/json: {} - RoutesUpdateExamplesRouteWithDefaults: - parameters: - path: - id: "" - pack: "" - requestBody: - application/json: {"id": "default", "routes": [{"description": "Route access logs to main Pipeline", "filter": "source == \"access.log\"", "name": "my-route", "pipeline": "main"}]} - responses: - "200": - application/json: {} - "500": - application/json: {} - getRoutesByPack: - speakeasy-default-get-routes-by-pack: - parameters: - path: - pack: "" - responses: - "200": - application/json: {} - "500": - application/json: {} - createRoutesAppendByPackAndId: - RoutesAppendExamplesSingleRoute: - parameters: - path: - id: "" - pack: "" requestBody: - application/json: [{"description": "Route new logs to main pipeline", "filter": "source == \"new.log\"", "name": "new-route", "pipeline": "main", "final": true, "id": "route-new"}] + application/json: {"id": "tee-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that sends events to a command via stdin for debugging purposes", "streamtags": [], "functions": [{"filter": "true", "id": "tee", "conf": {"command": "tee", "args": ["/opt/cribl/foo.log"], "restartOnExit": true, "env": {}}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - RoutesAppendExamplesMultipleRoutes: - parameters: - path: - id: "" - pack: "" + PipelineExamplesUnroll: requestBody: - application/json: [{"description": "Route audit logs", "filter": "source == \"audit.log\"", "name": "audit", "output": "default", "pipeline": "main", "final": false, "id": "route-audit"}, {"description": "Route security logs", "filter": "source == \"security.log\"", "name": "security", "output": "devnull", "pipeline": "passthru", "final": false, "id": "route-security"}] + application/json: {"id": "unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls array fields into separate events", "streamtags": [], "functions": [{"filter": "true", "id": "unroll", "conf": {"srcExpr": "_raw.split(/\\n/)", "dstField": "_raw"}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - RoutesAppendExamplesRouteWithOutputExpression: - parameters: - path: - id: "" - pack: "" + PipelineExamplesXMLUnroll: requestBody: - application/json: [{"description": "Route with dynamic Destination based on environment", "enableOutputExpression": true, "filter": "source == \"dynamic.log\"", "name": "dynamic-append", "outputExpression": "`myDest_${C.logStreamEnv}`", "pipeline": "main", "final": true, "id": "route-dynamic-append"}] + application/json: {"id": "xml-unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls XML elements into separate events", "streamtags": [], "functions": [{"filter": "true", "id": "xml_unroll", "conf": {"unroll": "^Parent\\.Child$", "inherit": "^Parent\\.(myID|branchLocation)$", "unrollIdxField": "unroll_idx", "pretty": false}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - speakeasy-default-create-routes-append-by-pack-and-id: - parameters: - path: - id: "" - pack: "" + speakeasy-default-create-pipelines: requestBody: - application/json: [{"name": "", "pipeline": "", "final": true, "id": ""}] + application/json: {"id": "", "conf": {}} responses: "200": application/json: {} "500": application/json: {} - RoutesAppendExamplesRouteWithDefaults: - parameters: - path: - id: "" - pack: "" - requestBody: - application/json: [{"description": "Route with server-generated id and default final value", "filter": "source == \"new.log\"", "name": "new-route", "pipeline": "main"}] + getPipelines: + speakeasy-default-get-pipelines: responses: "200": application/json: {} "500": application/json: {} - getOutputStatusById: - speakeasy-default-get-output-status-by-id: + deletePipelinesById: + speakeasy-default-delete-pipelines-by-id: parameters: path: id: "" @@ -30235,15 +34739,21 @@ examples: application/json: {} "500": application/json: {} - getOutputStatus: - speakeasy-default-get-output-status: + getPipelinesById: + speakeasy-default-get-pipelines-by-id: + parameters: + path: + id: "" responses: "200": application/json: {} "500": application/json: {} - createPipelines: + updatePipelinesById: PipelineExamplesEmpty: + parameters: + path: + id: "" requestBody: application/json: {"id": "empty-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "", "streamtags": [], "functions": [], "groups": {}}} responses: @@ -30252,6 +34762,9 @@ examples: "500": application/json: {} PipelineExamplesAggregations: + parameters: + path: + id: "" requestBody: application/json: {"id": "aggregation-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that aggregates rejected bytes grouped by source address every 10 seconds", "streamtags": [], "functions": [{"filter": "true", "id": "aggregation", "conf": {"passthrough": false, "preserveGroupBys": false, "sufficientStatsOnly": false, "metricsMode": false, "timeWindow": "10s", "aggregations": ["sum(bytes).where(action==\"REJECT\").as(TotalBytes)"], "groupbys": ["srcaddr"], "cumulative": false, "shouldTreatDotsAsLiterals": false, "flushOnInputClose": true}}], "groups": {}}} responses: @@ -30260,6 +34773,9 @@ examples: "500": application/json: {} PipelineExamplesAggregateMetrics: + parameters: + path: + id: "" requestBody: application/json: {"id": "aggregate-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that aggregates process metrics: CPU, memory, and bytes over time windows", "streamtags": [], "functions": [{"filter": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) || (_metric == 'proc.mem_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.mem_perc'\")) || (_metric == 'proc.bytes_in' || __criblMetrics[0].nameExpr.includes(\"'proc.bytes_in'\"))", "id": "aggregate_metrics", "conf": {"passthrough": false, "preserveGroupBys": false, "sufficientStatsOnly": false, "timeWindow": "10s", "aggregations": [{"metricType": "gauge", "agg": "avg(_value || proc.cpu_perc).as(proc.cpu_perc_avg)"}, {"metricType": "gauge", "agg": "sum(_value || proc.mem_perc).as(proc.mem_perc_sum)"}, {"metricType": "counter", "agg": "count(_value || proc.bytes_in).as(proc.bytes_in_count)"}], "groupbys": ["proc"], "cumulative": false, "shouldTreatDotsAsLiterals": true, "flushOnInputClose": true}}], "groups": {}}} responses: @@ -30268,6 +34784,9 @@ examples: "500": application/json: {} PipelineExamplesAutoTimestamp: + parameters: + path: + id: "" requestBody: application/json: {"id": "auto-timestamp-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts timestamps from event data using auto timestamp function", "streamtags": [], "functions": [{"filter": "true", "id": "auto_timestamp", "conf": {"srcField": "_raw", "dstField": "_time", "defaultTimezone": "local", "timeExpression": "time.getTime() / 1000", "offset": 0, "maxLen": 150, "defaultTime": "now", "latestDateAllowed": "+1week", "earliestDateAllowed": "-420weeks", "timestamps": [{"regex": "/(\\d{1,2}\\/\\d{2}\\/\\d{4}\\s\\d{1,2}:\\d{2}:\\d{2}\\s\\w{2})/", "strptime": "%Y-%m-%d %H:%M:%S"}]}}], "groups": {}}} responses: @@ -30276,6 +34795,9 @@ examples: "500": application/json: {} PipelineExamplesCEFSerializer: + parameters: + path: + id: "" requestBody: application/json: {"id": "cef-serializer-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that formats events in CEF format with custom header and extension fields", "streamtags": [], "functions": [{"filter": "true", "id": "cef", "conf": {"outputField": "_raw", "header": [{"value": "'CEF:0'"}, {"value": "'Cribl'"}, {"value": "'Cribl'"}, {"value": "C.version"}, {"value": "420"}, {"value": "'Cribl Event'"}, {"value": "6"}], "extension": [{"name": "c6a1Label", "value": "'Colorado_Ext_Bldg7'"}]}}], "groups": {}}} responses: @@ -30284,6 +34806,9 @@ examples: "500": application/json: {} PipelineExamplesChain: + parameters: + path: + id: "" requestBody: application/json: {"id": "chain-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that chains to another pipeline for sequential data processing", "streamtags": [], "functions": [{"filter": "true", "id": "chain", "conf": {"processor": "prometheus_metrics"}}], "groups": {}}} responses: @@ -30292,6 +34817,9 @@ examples: "500": application/json: {} PipelineExamplesClone: + parameters: + path: + id: "" requestBody: application/json: {"id": "clone-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that creates cloned events with additional fields for comparison or routing", "streamtags": [], "functions": [{"filter": "true", "id": "clone", "conf": {"clones": [{"env": "staging"}, {"index": "clones"}]}}], "groups": {}}} responses: @@ -30300,6 +34828,9 @@ examples: "500": application/json: {} PipelineExamplesComment: + parameters: + path: + id: "" requestBody: application/json: {"id": "comment-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline with comment function for documentation", "streamtags": [], "functions": [{"filter": "true", "id": "comment", "conf": {"comment": "This function processes security events and enriches them with DNS lookups"}}], "groups": {}}} responses: @@ -30308,6 +34839,9 @@ examples: "500": application/json: {} PipelineExamplesDNSLookup: + parameters: + path: + id: "" requestBody: application/json: {"id": "dns-lookup-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that performs DNS lookups to resolve hostnames and IP addresses", "streamtags": [], "functions": [{"filter": "true", "id": "dns_lookup", "conf": {"dnsLookupFields": [{"inFieldName": "hostname", "resourceRecordType": "A", "outFieldName": "hostname_ip"}], "reverseLookupFields": [{"inFieldName": "src_ip", "outFieldName": "src_hostname"}], "cacheTTL": 30, "maxCacheSize": 5000, "useResolvConf": false, "lookupFallback": false, "lookupFailLogLevel": "error"}}], "groups": {}}} responses: @@ -30316,6 +34850,9 @@ examples: "500": application/json: {} PipelineExamplesDrop: + parameters: + path: + id: "" requestBody: application/json: {"id": "drop-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that drops events containing success messages", "streamtags": [], "functions": [{"filter": "_raw.search(/success/i)>=0", "id": "drop", "conf": {}}], "groups": {}}} responses: @@ -30324,6 +34861,9 @@ examples: "500": application/json: {} PipelineExamplesDropDimensions: + parameters: + path: + id: "" requestBody: application/json: {"id": "drop-dimensions-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that drops specified dimensions from metrics to reduce cardinality", "streamtags": [], "functions": [{"filter": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) && (__criblMetrics[0].dims.includes(\"proc\"))", "id": "drop_dimensions", "conf": {"timeWindow": "10s", "dropDimensions": ["proc", "pie", "unit"], "flushOnInputClose": true}}], "groups": {}}} responses: @@ -30332,6 +34872,9 @@ examples: "500": application/json: {} PipelineExamplesDynamicSampling: + parameters: + path: + id: "" requestBody: application/json: {"id": "dynamic-sampling-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that dynamically samples events based on volume using square root mode", "streamtags": [], "functions": [{"filter": "true", "id": "dynamic_sampling", "conf": {"mode": "sqrt", "keyExpr": "`${domain}:${httpCode}`", "samplePeriod": 20, "minEvents": 3, "maxSampleRate": 3}}], "groups": {}}} responses: @@ -30340,6 +34883,9 @@ examples: "500": application/json: {} PipelineExamplesEval: + parameters: + path: + id: "" requestBody: application/json: {"id": "eval-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that evaluates JavaScript expressions to add, modify, and remove fields", "streamtags": [], "functions": [{"filter": "true", "id": "eval", "conf": {"add": [{"name": "action", "value": "login == 'error' ? 'blocked' : action"}, {"name": "myTags", "value": "login == 'error' ? [...myTags, 'error'] : myTags"}], "keep": ["host", "source", "action", "myTags"], "remove": ["identification"]}}], "groups": {}}} responses: @@ -30348,6 +34894,9 @@ examples: "500": application/json: {} PipelineExamplesEventBreaker: + parameters: + path: + id: "" requestBody: application/json: {"id": "event-breaker-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that breaks large event streams into discrete events using regex", "streamtags": [], "functions": [{"filter": "true", "id": "event_breaker", "conf": {"ruleType": "regex", "eventBreakerRegex": "/[\\n\\r]+(?!\\s)/", "existingOrNew": "new", "maxEventBytes": 51200, "timestampAnchorRegex": "/^/", "timestamp": {"type": "auto", "length": 150}, "timestampTimezone": "local", "timestampEarliest": "-420weeks", "timestampLatest": "+1week", "shouldMarkCriblBreaker": true}}], "groups": {}}} responses: @@ -30356,6 +34905,9 @@ examples: "500": application/json: {} PipelineExamplesFlatten: + parameters: + path: + id: "" requestBody: application/json: {"id": "flatten-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that flattens nested JSON structures into top-level fields", "streamtags": [], "functions": [{"filter": "true", "id": "flatten", "conf": {"fields": [], "prefix": "", "depth": 5, "delimiter": "_"}}], "groups": {}}} responses: @@ -30364,6 +34916,9 @@ examples: "500": application/json: {} PipelineExamplesFoldKeys: + parameters: + path: + id: "" requestBody: application/json: {"id": "fold-keys-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that transforms flat field names with separators into nested structures", "streamtags": [], "functions": [{"filter": "true", "id": "foldkeys", "conf": {"deleteOriginal": true, "separator": "_", "selectionRegExp": "^data"}}], "groups": {}}} responses: @@ -30372,6 +34927,9 @@ examples: "500": application/json: {} PipelineExamplesGeoIP: + parameters: + path: + id: "" requestBody: application/json: {"id": "geoip-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that enriches events with geolocation data from IP addresses", "streamtags": [], "functions": [{"filter": "true", "id": "geoip", "conf": {"file": "GeoLite2-City.mmdb", "inField": "ip", "outField": "geoip", "additionalFields": [{"extraInField": "src_ip", "extraOutField": "src_geoip"}]}}], "groups": {}}} responses: @@ -30380,6 +34938,9 @@ examples: "500": application/json: {} PipelineExamplesGrok: + parameters: + path: + id: "" requestBody: application/json: {"id": "grok-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts structured fields from log data using Grok patterns", "streamtags": [], "functions": [{"filter": "true", "id": "grok", "conf": {"pattern": "%{TIMESTAMP_ISO8601:event_time} %{LOGLEVEL:log_level} %{GREEDYDATA:log_message}", "patternList": [], "source": "_raw"}}], "groups": {}}} responses: @@ -30388,6 +34949,9 @@ examples: "500": application/json: {} PipelineExamplesGuard: + parameters: + path: + id: "" requestBody: application/json: {"id": "guard-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that scans for sensitive data and applies mitigation expressions", "streamtags": [], "functions": [{"filter": "true", "id": "sensitive_data_scanner", "conf": {"rules": [{"rulesetId": "Finance_Global", "replaceExpr": "'REDACTED'", "disabled": false}], "fields": ["_raw"], "excludeFields": [], "flags": [{"name": "_sensitive", "value": "true"}], "includeDetectedRules": true}}], "groups": {}}} responses: @@ -30396,6 +34960,9 @@ examples: "500": application/json: {} PipelineExamplesJSONUnroll: + parameters: + path: + id: "" requestBody: application/json: {"id": "json-unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls JSON arrays into individual events while retaining parent fields", "streamtags": [], "functions": [{"filter": "true", "id": "json_unroll", "conf": {"path": "allCars", "name": "cars"}}], "groups": {}}} responses: @@ -30404,6 +34971,9 @@ examples: "500": application/json: {} PipelineExamplesLookup: + parameters: + path: + id: "" requestBody: application/json: {"id": "lookup-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that enriches events with location data from IP address lookups", "streamtags": [], "functions": [{"filter": "true", "id": "lookup", "conf": {"file": "ip_locations.csv", "dbLookup": false, "matchMode": "exact", "reloadPeriodSec": -1, "inFields": [{"eventField": "destination_ip", "lookupField": "ip"}], "outFields": [{"lookupField": "location", "eventField": "location", "defaultValue": "Unknown"}], "addToEvent": false, "ignoreCase": false}}], "groups": {}}} responses: @@ -30412,6 +34982,9 @@ examples: "500": application/json: {} PipelineExamplesMask: + parameters: + path: + id: "" requestBody: application/json: {"id": "mask-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that masks Social Security numbers and other sensitive data", "streamtags": [], "functions": [{"filter": "true", "id": "mask", "conf": {"rules": [{"matchRegex": "/(social=)(\\d+)/", "replaceExpr": "`${g1}${C.Mask.md5(g2)}`", "disabled": false}], "fields": ["_raw"], "depth": 5}}], "groups": {}}} responses: @@ -30420,6 +34993,9 @@ examples: "500": application/json: {} PipelineExamplesNumerify: + parameters: + path: + id: "" requestBody: application/json: {"id": "numerify-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that converts string numbers to numeric type for mathematical operations", "streamtags": [], "functions": [{"filter": "true", "id": "numerify", "conf": {"format": "none", "depth": 5, "ignoreFields": [], "filterExpr": ""}}], "groups": {}}} responses: @@ -30428,6 +35004,9 @@ examples: "500": application/json: {} PipelineExamplesOTLPLogs: + parameters: + path: + id: "" requestBody: application/json: {"id": "otlp-logs-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that normalizes and batches OTLP log events from OpenTelemetry sources", "streamtags": [], "functions": [{"filter": "__inputId=='open_telemetry:open_telemetry'", "id": "otlp_logs", "conf": {"dropNonLogEvents": false, "batchOTLPLogs": true, "sendBatchSize": 8192, "timeout": 200, "sendBatchMaxSize": 0, "metadataKeys": [], "metadataCardinalityLimit": 1000}}], "groups": {}}} responses: @@ -30436,6 +35015,9 @@ examples: "500": application/json: {} PipelineExamplesOTLPMetrics: + parameters: + path: + id: "" requestBody: application/json: {"id": "otlp-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that converts dimensional metrics to OTLP format and batches them by resource attributes", "streamtags": [], "functions": [{"filter": "__inputId=='prometheus_rw:prom_rw_in'", "id": "otlp_metrics", "conf": {"resourceAttributePrefixes": ["service", "system", "telemetry", "k8s", "cloud", "host", "process"], "dropNonMetricEvents": false, "otlpVersion": "0.10.0", "batchOTLPMetrics": true, "sendBatchSize": 8192, "timeout": 200, "sendBatchMaxSize": 0, "metadataKeys": [], "metadataCardinalityLimit": 1000}}], "groups": {}}} responses: @@ -30444,6 +35026,9 @@ examples: "500": application/json: {} PipelineExamplesOTLPTraces: + parameters: + path: + id: "" requestBody: application/json: {"id": "otlp-traces-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that normalizes and batches OTLP trace events from OpenTelemetry sources", "streamtags": [], "functions": [{"filter": "__inputId=='open_telemetry:open_telemetry'", "id": "otlp_traces", "conf": {"dropNonTraceEvents": false, "otlpVersion": "0.10.0", "batchOTLPTraces": true, "sendBatchSize": 8192, "timeout": 200, "sendBatchMaxSize": 0, "metadataKeys": [], "metadataCardinalityLimit": 1000}}], "groups": {}}} responses: @@ -30452,6 +35037,9 @@ examples: "500": application/json: {} PipelineExamplesParser: + parameters: + path: + id: "" requestBody: application/json: {"id": "parser-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts fields from key-value pair formatted data", "streamtags": [], "functions": [{"filter": "true", "id": "serde", "conf": {"type": "kvp", "keep": ["a", "b", "c"], "remove": ["*"], "cleanFields": false, "mode": "extract", "srcField": "_raw"}}], "groups": {}}} responses: @@ -30460,6 +35048,9 @@ examples: "500": application/json: {} PipelineExamplesPublishMetrics: + parameters: + path: + id: "" requestBody: application/json: {"id": "publish-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts metrics from events and formats them for metrics aggregation platforms", "streamtags": [], "functions": [{"filter": "true", "id": "publish_metrics", "conf": {"fields": [{"inFieldName": "bytes", "outFieldExpr": "'metric_name.bytes'", "metricType": "gauge"}, {"inFieldName": "packets", "outFieldExpr": "'metric_name.packets'", "metricType": "gauge"}], "overwrite": false, "dimensions": ["action", "interface_id", "dstaddr"], "removeMetrics": [], "removeDimensions": []}}], "groups": {}}} responses: @@ -30468,6 +35059,9 @@ examples: "500": application/json: {} PipelineExamplesRedis: + parameters: + path: + id: "" requestBody: application/json: {"id": "redis-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that retrieves values from Redis using GET command", "streamtags": [], "functions": [{"filter": "true", "id": "redis", "conf": {"authType": "none", "commands": [{"outField": "cached_value", "command": "get", "keyExpr": "'user_session'", "argsExpr": ""}], "deploymentType": "standalone", "maxBlockSecs": 60, "url": "'redis://localhost:6379/0'"}}], "groups": {}}} responses: @@ -30476,6 +35070,9 @@ examples: "500": application/json: {} PipelineExamplesRegexExtract: + parameters: + path: + id: "" requestBody: application/json: {"id": "regex-extract-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that extracts structured fields from log data using regex patterns with named capture groups", "streamtags": [], "functions": [{"filter": "true", "id": "regex_extract", "conf": {"regex": "/metric1=(?\\d+)/", "source": "_raw", "iterations": 100, "overwrite": false}}], "groups": {}}} responses: @@ -30484,6 +35081,9 @@ examples: "500": application/json: {} PipelineExamplesRegexFilter: + parameters: + path: + id: "" requestBody: application/json: {"id": "regex-filter-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that filters out events matching specific regex patterns", "streamtags": [], "functions": [{"filter": "true", "id": "regex_filter", "conf": {"regex": "/Opera/", "field": "_raw"}}], "groups": {}}} responses: @@ -30492,6 +35092,9 @@ examples: "500": application/json: {} PipelineExamplesRename: + parameters: + path: + id: "" requestBody: application/json: {"id": "rename-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that renames fields using key-value pairs and expressions", "streamtags": [], "functions": [{"filter": "true", "id": "rename", "conf": {"baseFields": [], "rename": [{"currentName": "level", "newName": "LEVEL"}], "renameExpr": "name.startsWith('out') ? name.toUpperCase() : name", "wildcardDepth": 5}}], "groups": {}}} responses: @@ -30500,6 +35103,9 @@ examples: "500": application/json: {} PipelineExamplesRollupMetrics: + parameters: + path: + id: "" requestBody: application/json: {"id": "rollup-metrics-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that consolidates high-frequency metrics into manageable time windows", "streamtags": [], "functions": [{"filter": "true", "id": "rollup_metrics", "conf": {"dimensions": ["*"], "timeWindow": "30s", "gaugeRollup": "last"}}], "groups": {}}} responses: @@ -30508,6 +35114,9 @@ examples: "500": application/json: {} PipelineExamplesSampling: + parameters: + path: + id: "" requestBody: application/json: {"id": "sampling-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that samples events at specified rates based on filter criteria", "streamtags": [], "functions": [{"filter": "true", "id": "sampling", "conf": {"rules": [{"filter": "__status == 200", "rate": 5}]}}], "groups": {}}} responses: @@ -30516,6 +35125,9 @@ examples: "500": application/json: {} PipelineExamplesSerialize: + parameters: + path: + id: "" requestBody: application/json: {"id": "serialize-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that serializes event fields into JSON format", "streamtags": [], "functions": [{"filter": "true", "id": "serialize", "conf": {"type": "kvp"}}], "groups": {}}} responses: @@ -30524,6 +35136,9 @@ examples: "500": application/json: {} PipelineExamplesSNMPTrapSerialize: + parameters: + path: + id: "" requestBody: application/json: {"id": "snmp-trap-serialize-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that serializes events into SNMP trap format for SNMP trap destinations", "streamtags": [], "functions": [{"filter": "true", "id": "snmp_trap_serialize", "conf": {"strict": true, "dropFailedEvents": true}}], "groups": {}}} responses: @@ -30532,6 +35147,9 @@ examples: "500": application/json: {} PipelineExamplesSuppress: + parameters: + path: + id: "" requestBody: application/json: {"id": "suppress-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that suppresses duplicate events based on a key expression", "streamtags": [], "functions": [{"filter": "true", "id": "suppress", "conf": {"keyExpr": "`${ip}:${port}`", "allow": 1, "suppressPeriodSec": 30, "dropEventsMode": true, "maxCacheSize": 50000, "cacheIdleTimeoutPeriods": 2, "numEventsIdleTimeoutTrigger": 10000}}], "groups": {}}} responses: @@ -30540,6 +35158,9 @@ examples: "500": application/json: {} PipelineExamplesTee: + parameters: + path: + id: "" requestBody: application/json: {"id": "tee-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that sends events to a command via stdin for debugging purposes", "streamtags": [], "functions": [{"filter": "true", "id": "tee", "conf": {"command": "tee", "args": ["/opt/cribl/foo.log"], "restartOnExit": true, "env": {}}}], "groups": {}}} responses: @@ -30548,6 +35169,9 @@ examples: "500": application/json: {} PipelineExamplesUnroll: + parameters: + path: + id: "" requestBody: application/json: {"id": "unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls array fields into separate events", "streamtags": [], "functions": [{"filter": "true", "id": "unroll", "conf": {"srcExpr": "_raw.split(/\\n/)", "dstField": "_raw"}}], "groups": {}}} responses: @@ -30556,50 +35180,28 @@ examples: "500": application/json: {} PipelineExamplesXMLUnroll: - requestBody: - application/json: {"id": "xml-unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls XML elements into separate events", "streamtags": [], "functions": [{"filter": "true", "id": "xml_unroll", "conf": {"unroll": "^Parent\\.Child$", "inherit": "^Parent\\.(myID|branchLocation)$", "unrollIdxField": "unroll_idx", "pretty": false}}], "groups": {}}} - responses: - "200": - application/json: {} - "500": - application/json: {} - speakeasy-default-create-pipelines: - requestBody: - application/json: {"id": "", "conf": {}} - responses: - "200": - application/json: {} - "500": - application/json: {} - getPipelines: - speakeasy-default-get-pipelines: - responses: - "200": - application/json: {} - "500": - application/json: {} - deletePipelinesById: - speakeasy-default-delete-pipelines-by-id: parameters: path: - id: "" + id: "" + requestBody: + application/json: {"id": "xml-unroll-pipeline", "conf": {"asyncFuncTimeout": 1000, "output": "default", "description": "Pipeline that unrolls XML elements into separate events", "streamtags": [], "functions": [{"filter": "true", "id": "xml_unroll", "conf": {"unroll": "^Parent\\.Child$", "inherit": "^Parent\\.(myID|branchLocation)$", "unrollIdxField": "unroll_idx", "pretty": false}}], "groups": {}}} responses: "200": application/json: {} "500": application/json: {} - getPipelinesById: - speakeasy-default-get-pipelines-by-id: + speakeasy-default-update-pipelines-by-id: parameters: path: - id: "" + id: "" + requestBody: + application/json: {"id": "", "conf": {}} responses: "200": application/json: {} "500": application/json: {} - updatePipelinesById: - PipelineExamplesEmpty: + UpdatePipelineExamplesEmpty: parameters: path: id: "" @@ -30610,7 +35212,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesAggregations: + UpdatePipelineExamplesAggregations: parameters: path: id: "" @@ -30621,7 +35223,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesAggregateMetrics: + UpdatePipelineExamplesAggregateMetrics: parameters: path: id: "" @@ -30632,7 +35234,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesAutoTimestamp: + UpdatePipelineExamplesAutoTimestamp: parameters: path: id: "" @@ -30643,7 +35245,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesCEFSerializer: + UpdatePipelineExamplesCEFSerializer: parameters: path: id: "" @@ -30654,7 +35256,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesChain: + UpdatePipelineExamplesChain: parameters: path: id: "" @@ -30665,7 +35267,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesClone: + UpdatePipelineExamplesClone: parameters: path: id: "" @@ -30676,7 +35278,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesComment: + UpdatePipelineExamplesComment: parameters: path: id: "" @@ -30687,7 +35289,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesDNSLookup: + UpdatePipelineExamplesDNSLookup: parameters: path: id: "" @@ -30698,7 +35300,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesDrop: + UpdatePipelineExamplesDrop: parameters: path: id: "" @@ -30709,7 +35311,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesDropDimensions: + UpdatePipelineExamplesDropDimensions: parameters: path: id: "" @@ -30720,7 +35322,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesDynamicSampling: + UpdatePipelineExamplesDynamicSampling: parameters: path: id: "" @@ -30731,7 +35333,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesEval: + UpdatePipelineExamplesEval: parameters: path: id: "" @@ -30742,7 +35344,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesEventBreaker: + UpdatePipelineExamplesEventBreaker: parameters: path: id: "" @@ -30753,7 +35355,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesFlatten: + UpdatePipelineExamplesFlatten: parameters: path: id: "" @@ -30764,7 +35366,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesFoldKeys: + UpdatePipelineExamplesFoldKeys: parameters: path: id: "" @@ -30775,7 +35377,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesGeoIP: + UpdatePipelineExamplesGeoIP: parameters: path: id: "" @@ -30786,7 +35388,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesGrok: + UpdatePipelineExamplesGrok: parameters: path: id: "" @@ -30797,7 +35399,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesGuard: + UpdatePipelineExamplesGuard: parameters: path: id: "" @@ -30808,7 +35410,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesJSONUnroll: + UpdatePipelineExamplesJSONUnroll: parameters: path: id: "" @@ -30819,7 +35421,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesLookup: + UpdatePipelineExamplesLookup: parameters: path: id: "" @@ -30830,7 +35432,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesMask: + UpdatePipelineExamplesMask: parameters: path: id: "" @@ -30841,7 +35443,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesNumerify: + UpdatePipelineExamplesNumerify: parameters: path: id: "" @@ -30852,7 +35454,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesOTLPLogs: + UpdatePipelineExamplesOTLPLogs: parameters: path: id: "" @@ -30863,7 +35465,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesOTLPMetrics: + UpdatePipelineExamplesOTLPMetrics: parameters: path: id: "" @@ -30874,7 +35476,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesOTLPTraces: + UpdatePipelineExamplesOTLPTraces: parameters: path: id: "" @@ -30885,7 +35487,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesParser: + UpdatePipelineExamplesParser: parameters: path: id: "" @@ -30896,7 +35498,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesPublishMetrics: + UpdatePipelineExamplesPublishMetrics: parameters: path: id: "" @@ -30907,7 +35509,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesRedis: + UpdatePipelineExamplesRedis: parameters: path: id: "" @@ -30918,7 +35520,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesRegexExtract: + UpdatePipelineExamplesRegexExtract: parameters: path: id: "" @@ -30929,7 +35531,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesRegexFilter: + UpdatePipelineExamplesRegexFilter: parameters: path: id: "" @@ -30940,7 +35542,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesRename: + UpdatePipelineExamplesRename: parameters: path: id: "" @@ -30951,7 +35553,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesRollupMetrics: + UpdatePipelineExamplesRollupMetrics: parameters: path: id: "" @@ -30962,7 +35564,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesSampling: + UpdatePipelineExamplesSampling: parameters: path: id: "" @@ -30973,7 +35575,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesSerialize: + UpdatePipelineExamplesSerialize: parameters: path: id: "" @@ -30984,7 +35586,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesSNMPTrapSerialize: + UpdatePipelineExamplesSNMPTrapSerialize: parameters: path: id: "" @@ -30995,7 +35597,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesSuppress: + UpdatePipelineExamplesSuppress: parameters: path: id: "" @@ -31006,7 +35608,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesTee: + UpdatePipelineExamplesTee: parameters: path: id: "" @@ -31017,7 +35619,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesUnroll: + UpdatePipelineExamplesUnroll: parameters: path: id: "" @@ -31028,7 +35630,7 @@ examples: application/json: {} "500": application/json: {} - PipelineExamplesXMLUnroll: + UpdatePipelineExamplesXMLUnroll: parameters: path: id: "" @@ -31039,17 +35641,6 @@ examples: application/json: {} "500": application/json: {} - speakeasy-default-update-pipelines-by-id: - parameters: - path: - id: "" - requestBody: - application/json: {"id": "", "conf": {}} - responses: - "200": - application/json: {} - "500": - application/json: {} getRoutes: speakeasy-default-get-routes: responses: @@ -31159,6 +35750,13 @@ examples: application/json: {} "500": application/json: {} + getDatabaseConnectionConfig: + speakeasy-default-get-database-connection-config: + responses: + "200": + application/json: {} + "500": + application/json: {} examplesVersion: 1.0.2 generatedTests: getHealthInfo: "2025-07-02T19:12:56+02:00" @@ -31224,11 +35822,7 @@ generatedTests: updatePacksById: "2025-08-01T02:34:48Z" deleteGroupsById: "2025-08-04T02:32:44Z" updateGroupsById: "2025-08-04T02:32:44Z" -releaseNotes: | - ## Python SDK Changes - - This version of the SDK is generated for Cribl version 4.18.1. - +releaseNotes: "## Python SDK Changes:\n* `cribl_control_plane.packs.sources.create()`: \n * `request_body` **Changed** (Breaking ⚠️)\n * `response.items[]` **Changed**\n* `cribl_control_plane.lakes.datasets.list()`: \n * `request` **Changed** (Breaking ⚠️)\n * `response.items[]` **Changed**\n* `cribl_control_plane.sources.create()`: \n * `request` **Changed** (Breaking ⚠️)\n * `response.items[]` **Changed**\n* `cribl_control_plane.collectors.list()`: \n * `request.collector_type` **Changed** (Breaking ⚠️)\n * `response.items[].union(SavedJobResponseCollection).collector` **Changed**\n* `cribl_control_plane.sources.update()`: \n * `request.input` **Changed** (Breaking ⚠️)\n * `response.items[]` **Changed**\n* `cribl_control_plane.packs.sources.update()`: \n * `request.input` **Changed** (Breaking ⚠️)\n * `response.items[]` **Changed**\n* `cribl_control_plane.destinations.list()`: \n * `request.type` **Changed**\n * `response.items[]` **Changed**\n* `cribl_control_plane.destinations.update()`: \n * `request.output` **Changed**\n * `response.items[]` **Changed**\n* `cribl_control_plane.sources.pq.get()`: `response.items[].args.union(RunnableJobCollection).collector` **Changed**\n* `cribl_control_plane.packs.sources.get()`: `response.items[]` **Changed**\n* `cribl_control_plane.sources.delete()`: `response.items[]` **Changed**\n* `cribl_control_plane.packs.sources.delete()`: `response.items[]` **Changed**\n* `cribl_control_plane.packs.sources.pq.get()`: `response.items[].args.union(RunnableJobCollection).collector` **Changed**\n* `cribl_control_plane.packs.destinations.list()`: \n * `request.type` **Changed**\n * `response.items[]` **Changed**\n* `cribl_control_plane.packs.destinations.create()`: \n * `request_body` **Changed**\n * `response.items[]` **Changed**\n* `cribl_control_plane.packs.destinations.get()`: `response.items[]` **Changed**\n* `cribl_control_plane.packs.destinations.update()`: \n * `request.output` **Changed**\n * `response.items[]` **Changed**\n* `cribl_control_plane.packs.destinations.delete()`: `response.items[]` **Changed**\n* `cribl_control_plane.packs.destinations.pq.get()`: `response.items[].args.union(RunnableJobCollection).collector` **Changed**\n* `cribl_control_plane.packs.pipelines.create()`: \n * `request.conf.functions[]` **Changed**\n * `response.items[].conf.functions[]` **Changed**\n* `cribl_control_plane.packs.pipelines.list()`: `response.items[].conf.functions[]` **Changed**\n* `cribl_control_plane.packs.pipelines.delete()`: `response.items[].conf.functions[]` **Changed**\n* `cribl_control_plane.packs.pipelines.get()`: `response.items[].conf.functions[]` **Changed**\n* `cribl_control_plane.packs.pipelines.update()`: \n * `request.conf.functions[]` **Changed**\n * `response.items[].conf.functions[]` **Changed**\n* `cribl_control_plane.database_connections.list()`: **Added**\n* `cribl_control_plane.destinations.create()`: \n * `request` **Changed**\n * `response.items[]` **Changed**\n* `cribl_control_plane.destinations.get()`: `response.items[]` **Changed**\n* `cribl_control_plane.packs.sources.list()`: `response.items[]` **Changed**\n* `cribl_control_plane.destinations.delete()`: `response.items[]` **Changed**\n* `cribl_control_plane.destinations.pq.get()`: `response.items[].args.union(RunnableJobCollection).collector` **Changed**\n* `cribl_control_plane.pipelines.create()`: \n * `request.conf.functions[]` **Changed**\n * `response.items[].conf.functions[]` **Changed**\n* `cribl_control_plane.pipelines.list()`: `response.items[].conf.functions[]` **Changed**\n* `cribl_control_plane.pipelines.delete()`: `response.items[].conf.functions[]` **Changed**\n* `cribl_control_plane.pipelines.get()`: `response.items[].conf.functions[]` **Changed**\n* `cribl_control_plane.pipelines.update()`: \n * `request.conf.functions[]` **Changed**\n * `response.items[].conf.functions[]` **Changed**\n* `cribl_control_plane.collectors.create()`: \n * `request.union(SavedJobCollection).collector` **Changed**\n * `response.items[].union(SavedJobResponseCollection).collector` **Changed**\n* `cribl_control_plane.sources.get()`: `response.items[]` **Changed**\n* `cribl_control_plane.collectors.delete()`: `response.items[].union(SavedJobResponseCollection).collector` **Changed**\n* `cribl_control_plane.collectors.get()`: `response.items[].union(SavedJobResponseCollection).collector` **Changed**\n* `cribl_control_plane.collectors.update()`: \n * `request.saved_job.union(SavedJobCollection).collector` **Changed**\n * `response.items[].union(SavedJobResponseCollection).collector` **Changed**\n* `cribl_control_plane.groups.acl.get()`: \n * `request.type` **Changed**\n * `response.items[].perms[].type.enum(apps)` **Added**\n* `cribl_control_plane.groups.acl.teams.get()`: \n * `request.type` **Changed**\n * `response.items[].perms[].type.enum(apps)` **Added**\n* `cribl_control_plane.lakes.datasets.create()`: \n * `request` **Changed**\n * `response.items[]` **Changed**\n* `cribl_control_plane.sources.list()`: `response.items[]` **Changed**\n* `cribl_control_plane.lakes.datasets.delete()`: `response.items[]` **Changed**\n* `cribl_control_plane.lakes.datasets.get()`: \n * `request.include_metrics` **Added**\n * `response.items[]` **Changed**\n* `cribl_control_plane.lakes.datasets.update()`: \n * `request` **Changed**\n * `response.items[]` **Changed**\n* `cribl_control_plane.nodes.get()`: `response.items[].info.cribl.overlay_id` **Added**\n* `cribl_control_plane.nodes.list()`: `response.items[].info.cribl.overlay_id` **Added**\n* `cribl_control_plane.health.get()`: \n * `response.overlay` **Added**\n * `error.overlay` **Added**\n" generatedFiles: - .devcontainer/README.md - .devcontainer/devcontainer.json diff --git a/.speakeasy/gen.yaml b/.speakeasy/gen.yaml index 990ac0f48..2f938525f 100644 --- a/.speakeasy/gen.yaml +++ b/.speakeasy/gen.yaml @@ -33,7 +33,7 @@ generation: generateNewTests: false skipResponseBodyAssertions: false python: - version: 0.8.1 + version: 0.9.0 additionalDependencies: dev: {} main: {} @@ -44,6 +44,7 @@ python: authors: - Speakeasy baseErrorName: CriblControlPlaneError + bodyVariantOverloads: false clientServerStatusCodesAsErrors: true constFieldCasing: upper defaultErrorName: APIError @@ -51,6 +52,10 @@ python: enableCustomCodeRegions: false enumFormat: enum envVarPrefix: CRIBLCONTROLPLANE + errorSchemaValidation: true + eventStreamClassNames: + async: EventStreamAsync + sync: EventStream fixFlags: asyncPaginationSep2025: true conflictResistantModelImportsFeb2026: true @@ -70,19 +75,25 @@ python: webhooks: "" inferUnionDiscriminators: true inputModelSuffix: input + inputTypedDictSuffix: TypedDict legacyPyright: true license: "" maxMethodParams: 999 methodArguments: infer-optional-args + methodTimeoutArgument: timeout-ms + methodTimeoutUnits: milliseconds moduleName: "" multipartArrayFormat: legacy + optionalDependencies: {} outputModelSuffix: output packageManager: poetry packageName: cribl-control-plane preApplyUnionDiscriminators: false pytestFilterWarnings: [] pytestTimeout: 0 + rawResponseHelpers: false responseFormat: flat + responseSchemaValidation: true sseFlatResponse: false templateVersion: v2 useAsyncHooks: false diff --git a/.speakeasy/out.openapi.yaml b/.speakeasy/out.openapi.yaml index c91375259..0a54de086 100644 --- a/.speakeasy/out.openapi.yaml +++ b/.speakeasy/out.openapi.yaml @@ -4,7 +4,9 @@ servers: info: title: Cribl API Reference description: >- - This API Reference lists available REST endpoints, along with their supported operations for accessing, creating, updating, or deleting resources. + This API Reference lists available REST endpoints, along with their + supported operations for accessing, creating, updating, or deleting + resources. Base URL contexts for reference: @@ -15,7 +17,7 @@ info: - Host (Worker or Edge Node) context: /api/v1/w/{nodeId} - Search context: /api/v1/m/default_search - version: 4.18.1-37206a7f + version: 4.18.2-fd1f0d2f contact: name: Support url: https://portal.support.cribl.io @@ -40,7 +42,7 @@ components: x-speakeasy-token-endpoint-additional-properties: audience: type: string - example: "https://api.cribl.cloud" + example: https://api.cribl.cloud scopes: {} schemas: Error: @@ -153,7 +155,10 @@ components: eventBreakerRegex: type: string title: Event Breaker - description: The regex used to break the stream into events at the beginning of the match. Matched content will be consumed, unless you use a lookahead regex such as (?=pattern) to keep it. Do NOT use capturing groups in the pattern. + description: The regex used to break the stream into events at the beginning of + the match. Matched content will be consumed, unless you use a + lookahead regex such as (?=pattern) to keep it. Do NOT use capturing + groups in the pattern. required: - eventBreakerRegex EventBreakerExistingOrNewNewRuleTypeJson: @@ -177,27 +182,37 @@ components: jsonArrayField: type: string title: Array field - description: The path to an array in a JSON event with records to extract, such as Records or level1.level2.events. Leave blank if result itself is an array, such as [{...},{...}] + description: The path to an array in a JSON event with records to extract, such + as Records or level1.level2.events. Leave blank if result itself is + an array, such as [{...},{...}] parentFieldsToCopy: title: Parent fields to copy - description: Top-level fields to copy to the output events. Nested fields are not supported. 'Array field' is always excluded. If 'Array field' points to a nested array, the entire top-level object will be excluded. Supports * wildcards. Enclose field names containing special characters in single or double quotes. + description: Top-level fields to copy to the output events. Nested fields are + not supported. 'Array field' is always excluded. If 'Array field' + points to a nested array, the entire top-level object will be + excluded. Supports * wildcards. Enclose field names containing + special characters in single or double quotes. type: array items: type: string jsonExtractAll: type: boolean title: JSON extract fields - description: Automatically extract fields from JSON events. When disabled, only _raw and _time are defined on extracted events. + description: Automatically extract fields from JSON events. When disabled, only + _raw and _time are defined on extracted events. fieldsToRemove: title: Fields to remove - description: List of fields to remove from the output events. Supports * wildcards. Enclose field names containing special characters in single or double quotes. + description: List of fields to remove from the output events. Supports * + wildcards. Enclose field names containing special characters in + single or double quotes. type: array items: type: string jsonTimeField: type: string title: Timestamp field - description: Optional path to timestamp field in extracted events, such as eventTime or level1.level2.eventTime. + description: Optional path to timestamp field in extracted events, such as + eventTime or level1.level2.eventTime. EventBreakerExistingOrNewNewRuleTypeHeader: type: object properties: @@ -212,7 +227,8 @@ components: fieldsLineRegex: type: string title: Fields regex - description: Regex with one capturing group that captures all fields (and delimiters) to be broken by field delimiter + description: Regex with one capturing group that captures all fields (and + delimiters) to be broken by field delimiter headerLineRegex: type: string title: Header line @@ -271,13 +287,15 @@ components: maxEventBytes: type: number title: Event byte limit - description: The maximum number of bytes that an event can be before being flushed to the Pipelines + description: The maximum number of bytes that an event can be before being + flushed to the Pipelines minimum: 1 - maximum: 1.34217728e+08 + maximum: 134217728 timestampAnchorRegex: type: string title: Timestamp anchor - description: Regex to match before attempting timestamp extraction. Use $ (end of string anchor) to not perform extraction. + description: Regex to match before attempting timestamp extraction. Use $ (end + of string anchor) to not perform extraction. timestamp: $ref: "#/components/schemas/TimestampFormatTypeEventBreakerExistingOrNewNew" timestampTimezone: @@ -286,11 +304,14 @@ components: description: Timezone to assign to timestamps without timezone info timestampEarliest: title: Earliest timestamp allowed - description: The earliest timestamp value allowed relative to now, such as -42years. Parsed values prior to this date will be set to current time. + description: The earliest timestamp value allowed relative to now, such as + -42years. Parsed values prior to this date will be set to current + time. type: string timestampLatest: title: Future timestamp allowed - description: The latest timestamp value allowed relative to now, such as +42days. Parsed values after this date will be set to current time. + description: The latest timestamp value allowed relative to now, such as + +42days. Parsed values after this date will be set to current time. type: string allOf: - oneOf: @@ -328,7 +349,8 @@ components: digits: type: number title: Digits - description: Number of digits after the decimal point, between 0 and 20. If left blank, defaults to 2. + description: Number of digits after the decimal point, between 0 and 20. If left + blank, defaults to 2. minimum: 0 maximum: 20 NumerifyFormatNone: @@ -349,10 +371,20 @@ components: type: string url: title: Redis URL - description: "Redis URL to connect to. Format: redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-number[&password=bar[&option=value]]]. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`" + description: "Redis URL to connect to. Format: + redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-num\ + ber[&password=bar[&option=value]]]. Must be a JavaScript expression + (which can evaluate to a constant value), enclosed in quotes or + backticks. Can be evaluated only at init time. Example referencing a + Global Variable: `myBucket-${C.vars.myVar}`" type: string tlsOptions: $ref: "#/components/schemas/TlsOptionsTypeRedisDeploymentTypeStandalone" + __template_url: + type: string + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. required: - url RedisDeploymentTypeCluster: @@ -368,19 +400,7 @@ components: type: array minItems: 1 items: - type: object - required: - - host - - port - properties: - host: - type: string - title: Hostname - description: "Hostname of cluster node. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`." - port: - type: number - title: Port - description: Port of cluster node + $ref: "#/components/schemas/RootNodeConfRedisDeploymentTypeCluster" tls: title: TLS type: boolean @@ -413,7 +433,10 @@ components: host: type: string title: Hostname - description: "Hostname of sentinel node. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`." + description: "Hostname of sentinel node. Must be a JavaScript expression (which + can evaluate to a constant value), enclosed in quotes or + backticks. Can be evaluated only at init time. Example + referencing a Global Variable: `myBucket-${C.vars.myVar}`." port: type: number title: Port @@ -446,6 +469,16 @@ components: password: title: Password type: string + __template_username: + type: string + description: Binds 'username' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'username' at runtime. + __template_password: + type: string + description: Binds 'password' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'password' at runtime. required: - password RedisAuthTypeCredentialsSecret: @@ -483,19 +516,22 @@ components: type: string keep: title: Fields to keep - description: List of fields to keep. Supports wildcards (*). Takes precedence over 'Fields to remove'. + description: List of fields to keep. Supports wildcards (*). Takes precedence + over 'Fields to remove'. type: array items: type: string remove: title: Fields to remove - description: List of fields to remove. Supports wildcards (*). Cannot remove fields that match 'Fields to keep'. + description: List of fields to remove. Supports wildcards (*). Cannot remove + fields that match 'Fields to keep'. type: array items: type: string fieldFilterExpr: title: Fields filter expression - description: Expression evaluated against {index, name, value} context. Return truthy to keep a field, or falsy to remove it. + description: Expression evaluated against {index, name, value} context. Return + truthy to keep a field, or falsy to remove it. type: string cleanFields: type: boolean @@ -506,13 +542,15 @@ components: items: type: string title: Allowed key characters - description: A list of characters that may be present in a key name, even though they are normally separator or control characters + description: A list of characters that may be present in a key name, even though + they are normally separator or control characters allowedValueChars: type: array items: type: string title: Allowed value characters - description: A list of characters that may be present in a value, even though they are normally separator or control characters + description: A list of characters that may be present in a value, even though + they are normally separator or control characters SerdeTypeDelim: type: object properties: @@ -522,25 +560,29 @@ components: type: string fields: title: List of fields - description: The fields to be extracted, listed in order. Will auto-generate if empty. + description: The fields to be extracted, listed in order. Will auto-generate if + empty. type: array items: type: string keep: title: Fields to keep - description: List of fields to keep. Supports wildcards (*). Takes precedence over 'Fields to remove'. + description: List of fields to keep. Supports wildcards (*). Takes precedence + over 'Fields to remove'. type: array items: type: string remove: title: Fields to remove - description: List of fields to remove. Supports wildcards (*). Cannot remove fields that match 'Fields to keep'. + description: List of fields to remove. Supports wildcards (*). Cannot remove + fields that match 'Fields to keep'. type: array items: type: string fieldFilterExpr: title: Fields filter expression - description: Expression evaluated against {index, name, value} context. Return truthy to keep a field, or falsy to remove it. + description: Expression evaluated against {index, name, value} context. Return + truthy to keep a field, or falsy to remove it. type: string delimChar: type: string @@ -572,25 +614,29 @@ components: type: string fields: title: List of fields - description: The fields to be extracted, listed in order. Will auto-generate if empty. + description: The fields to be extracted, listed in order. Will auto-generate if + empty. type: array items: type: string keep: title: Fields to keep - description: List of fields to keep. Supports wildcards (*). Takes precedence over 'Fields to remove'. + description: List of fields to keep. Supports wildcards (*). Takes precedence + over 'Fields to remove'. type: array items: type: string remove: title: Fields to remove - description: List of fields to remove. Supports wildcards (*). Cannot remove fields that match 'Fields to keep'. + description: List of fields to remove. Supports wildcards (*). Cannot remove + fields that match 'Fields to keep'. type: array items: type: string fieldFilterExpr: title: Fields filter expression - description: Expression evaluated against {index, name, value} context. Return truthy to keep a field, or falsy to remove it. + description: Expression evaluated against {index, name, value} context. Return + truthy to keep a field, or falsy to remove it. type: string SerdeTypeJson: type: object @@ -601,19 +647,22 @@ components: type: string keep: title: Fields to keep - description: List of fields to keep. Supports wildcards (*). Takes precedence over 'Fields to remove'. + description: List of fields to keep. Supports wildcards (*). Takes precedence + over 'Fields to remove'. type: array items: type: string remove: title: Fields to remove - description: List of fields to remove. Supports wildcards (*). Cannot remove fields that match 'Fields to keep'. + description: List of fields to remove. Supports wildcards (*). Cannot remove + fields that match 'Fields to keep'. type: array items: type: string fieldFilterExpr: title: Fields filter expression - description: Expression evaluated against {index, name, value} context. Return truthy to keep a field, or falsy to remove it. + description: Expression evaluated against {index, name, value} context. Return + truthy to keep a field, or falsy to remove it. type: string SerdeTypeRegex: type: object @@ -625,7 +674,9 @@ components: regex: type: string title: Regex - description: Regex literal with named capturing groups, such as (?bar), or _NAME_ and _VALUE_ capturing groups, such as(?<_NAME_0>[^ =]+)=(?<_VALUE_0>[^,]+) + description: Regex literal with named capturing groups, such as (?bar), or + _NAME_ and _VALUE_ capturing groups, such as(?<_NAME_0>[^ + =]+)=(?<_VALUE_0>[^,]+) regexList: type: array title: Additional regex @@ -634,16 +685,24 @@ components: iterations: type: number title: Max exec - description: The maximum number of times to apply regex to source field when the global flag is set, or when using _NAME_ and _VALUE_ capturing groups + description: The maximum number of times to apply regex to source field when the + global flag is set, or when using _NAME_ and _VALUE_ capturing + groups minimum: 1 fieldNameExpression: title: Field name format expression - description: "JavaScript expression to format field names when _NAME_n and _VALUE_n capturing groups are used. Original field name is in global variable 'name'. Example: To append XX to all field names, use `${name}_XX` (backticks are literal). If empty, names will be sanitized using this regex: /^[_0-9]+|[^a-zA-Z0-9_]+/g. You can access other fields values via __e.." + description: "JavaScript expression to format field names when _NAME_n and + _VALUE_n capturing groups are used. Original field name is in global + variable 'name'. Example: To append XX to all field names, use + `${name}_XX` (backticks are literal). If empty, names will be + sanitized using this regex: /^[_0-9]+|[^a-zA-Z0-9_]+/g. You can + access other fields values via __e.." type: string overwrite: type: boolean title: Overwrite existing fields - description: Overwrite existing event fields with extracted values. If disabled, existing fields will be converted to an array. + description: Overwrite existing event fields with extracted values. If disabled, + existing fields will be converted to an array. required: - regex SerdeTypeGrok: @@ -656,7 +715,8 @@ components: pattern: type: string title: Pattern - description: "Grok pattern to extract fields. Syntax supported: %{PATTERN_NAME:FIELD_NAME}" + description: "Grok pattern to extract fields. Syntax supported: + %{PATTERN_NAME:FIELD_NAME}" patternList: type: array title: Additional Grok patterns @@ -677,7 +737,8 @@ components: description: Clean field names by replacing non-[a-zA-Z0-9] characters with _ fields: title: Fields to serialize - description: "Required for CSV, ELFF, and CLF. All other formats support wildcard field lists. Examples: host, myField, !source *" + description: "Required for CSV, ELFF, and CLF. All other formats support + wildcard field lists. Examples: host, myField, !source *" type: array items: type: string @@ -685,12 +746,15 @@ components: type: string title: Pair delimiter minLength: 1 - description: Delimiter used to separate key=value pairs. Defaults to a single space character. Should not have common characters with key-value delimiter. + description: Delimiter used to separate key=value pairs. Defaults to a single + space character. Should not have common characters with key-value + delimiter. keyValueDelimiter: type: string title: Key-Value delimiter minLength: 1 - description: Delimiter used to separate key and value in pair. Defaults to a '='. Should not have common characters with pair delimiter. + description: Delimiter used to separate key and value in pair. Defaults to a + '='. Should not have common characters with pair delimiter. SerializeTypeDelim: type: object properties: @@ -702,17 +766,20 @@ components: type: string title: Delimiter minLength: 1 - description: Delimiter character to use to split values. If left blank, will default to ','. + description: Delimiter character to use to split values. If left blank, will + default to ','. quoteChar: type: string title: Quote char minLength: 1 - description: Character used to quote literal values. If left blank, will default to '"'. + description: Character used to quote literal values. If left blank, will default + to '"'. escapeChar: type: string title: Escape char minLength: 1 - description: Escape character used to escape delimiter or quote character. If left blank, will default to the Quote char. + description: Escape character used to escape delimiter or quote character. If + left blank, will default to the Quote char. nullValue: type: string title: Null value @@ -774,7 +841,8 @@ components: type: string title: V3 authentication key privProtocol: - $ref: "#/components/schemas/PrivacyProtocolOptionsSnmpTrapSerializeV3UserAuthProtocolNotNone" + $ref: "#/components/schemas/PrivacyProtocolOptionsSnmpTrapSerializeV3UserAuthPr\ + otocolNotNone" name: title: Username type: string @@ -784,16 +852,23 @@ components: - name allOf: - oneOf: - - $ref: "#/components/schemas/SnmpTrapSerializeV3UserAuthProtocolNotNonePrivProtocolNone" - - $ref: "#/components/schemas/SnmpTrapSerializeV3UserAuthProtocolNotNonePrivProtocolNotNone" + - $ref: "#/components/schemas/SnmpTrapSerializeV3UserAuthProtocolNotNonePrivProto\ + colNone" + - $ref: "#/components/schemas/SnmpTrapSerializeV3UserAuthProtocolNotNonePrivProto\ + colNotNone" discriminator: propertyName: privProtocol mapping: - none: "#/components/schemas/SnmpTrapSerializeV3UserAuthProtocolNotNonePrivProtocolNone" - des: "#/components/schemas/SnmpTrapSerializeV3UserAuthProtocolNotNonePrivProtocolNotNone" - aes: "#/components/schemas/SnmpTrapSerializeV3UserAuthProtocolNotNonePrivProtocolNotNone" - aes256b: "#/components/schemas/SnmpTrapSerializeV3UserAuthProtocolNotNonePrivProtocolNotNone" - aes256r: "#/components/schemas/SnmpTrapSerializeV3UserAuthProtocolNotNonePrivProtocolNotNone" + none: "#/components/schemas/SnmpTrapSerializeV3UserAuthProtocolNotNonePrivProto\ + colNone" + des: "#/components/schemas/SnmpTrapSerializeV3UserAuthProtocolNotNonePrivProtoc\ + olNotNone" + aes: "#/components/schemas/SnmpTrapSerializeV3UserAuthProtocolNotNonePrivProtoc\ + olNotNone" + aes256b: "#/components/schemas/SnmpTrapSerializeV3UserAuthProtocolNotNonePrivPr\ + otocolNotNone" + aes256r: "#/components/schemas/SnmpTrapSerializeV3UserAuthProtocolNotNonePrivPr\ + otocolNotNone" FunctionConfSchemaAggregateMetrics: type: object properties: @@ -804,20 +879,24 @@ components: preserveGroupBys: type: boolean title: Preserve group by fields - description: Preserve the structure of the original aggregation event's groupby fields + description: Preserve the structure of the original aggregation event's groupby + fields sufficientStatsOnly: type: boolean title: Sufficient stats mode - description: Output only statistics that are sufficient for the supplied aggregations + description: Output only statistics that are sufficient for the supplied + aggregations prefix: type: string title: Output prefix - description: A prefix that is prepended to all of the fields output by this Aggregations Function + description: A prefix that is prepended to all of the fields output by this + Aggregations Function timeWindow: pattern: \d+[sm]$ type: string title: Time window - description: The time span of the tumbling window for aggregating events. Must be a valid time string (such as 10s). + description: The time span of the tumbling window for aggregating events. Must + be a valid time string (such as 10s). aggregations: type: array title: Aggregates @@ -846,31 +925,45 @@ components: agg: title: Aggregation type: string - description: "Aggregate function to perform on events. Example: sum(bytes).where(action=='REJECT').as(TotalBytes)" + description: "Aggregate function to perform on events. Example: + sum(bytes).where(action=='REJECT').as(TotalBytes)" groupbys: type: array title: Group by dimensions - description: "Optional: One or more dimensions to group aggregates by. Supports wildcard expressions. Wrap dimension names in quotes if using literal identifiers, such as 'service.name'. Warning: Using wildcard '*' causes all dimensions in the event to be included, which can result in high cardinality and increased memory usage. Exclude dimensions that can result in high cardinality before using wildcards. Example: !_time, !_numericValue, *" + description: "Optional: One or more dimensions to group aggregates by. Supports + wildcard expressions. Wrap dimension names in quotes if using + literal identifiers, such as 'service.name'. Warning: Using wildcard + '*' causes all dimensions in the event to be included, which can + result in high cardinality and increased memory usage. Exclude + dimensions that can result in high cardinality before using + wildcards. Example: !_time, !_numericValue, *" items: type: string flushEventLimit: type: number title: Aggregation event limit - description: The maximum number of events to include in any given aggregation event + description: The maximum number of events to include in any given aggregation + event minimum: 1 flushMemLimit: type: string title: Aggregation memory limit - description: "The memory usage limit to impose upon aggregations. Defaults to 80% of the process memory; value configured above default limit is ignored. Accepts numerals with units like KB and MB (example: 128MB)." + description: "The memory usage limit to impose upon aggregations. Defaults to + 80% of the process memory; value configured above default limit is + ignored. Accepts numerals with units like KB and MB (example: + 128MB)." pattern: ^\d+\s*(?:\w{2})?$ cumulative: type: boolean title: Cumulative aggregations - description: Enable to retain aggregations for cumulative aggregations when flushing out an aggregation table event. When disabled (the default), aggregations are reset to 0 on flush. + description: Enable to retain aggregations for cumulative aggregations when + flushing out an aggregation table event. When disabled (the + default), aggregations are reset to 0 on flush. shouldTreatDotsAsLiterals: type: boolean title: Treat dots as literals - description: Treat dots in dimension names as literals. This is useful for top-level dimensions that contain dots, such as 'service.name'. + description: Treat dots in dimension names as literals. This is useful for + top-level dimensions that contain dots, such as 'service.name'. add: title: Evaluate fields description: Set of key-value pairs to evaluate and add/set @@ -890,16 +983,19 @@ components: flushOnInputClose: type: boolean title: Flush on stream close - description: Flush aggregations when an input stream is closed. If disabled, Time Window Settings control flush behavior. + description: Flush aggregations when an input stream is closed. If disabled, + Time Window Settings control flush behavior. lagTolerance: type: string title: Lag tolerance - description: The tumbling window tolerance to late events. Must be a valid time string (such as 10s). + description: The tumbling window tolerance to late events. Must be a valid time + string (such as 10s). pattern: \d+[sm]$ idleTimeLimit: type: string title: Idle bucket time limit - description: How long to wait before flushing a bucket that has not received events. Must be a valid time string (such as 10s). + description: How long to wait before flushing a bucket that has not received + events. Must be a valid time string (such as 10s). pattern: \d+[sm]$ FunctionAggregateMetrics: type: object @@ -955,51 +1051,68 @@ components: preserveGroupBys: type: boolean title: Preserve group by fields - description: Preserve the structure of the original aggregation event's groupby fields + description: Preserve the structure of the original aggregation event's groupby + fields sufficientStatsOnly: type: boolean title: Sufficient stats mode - description: Output only statistics that are sufficient for the supplied aggregations + description: Output only statistics that are sufficient for the supplied + aggregations metricsMode: type: boolean title: Metrics mode - description: Enable to output the aggregates as metrics. When disabled, aggregates are output as events. + description: Enable to output the aggregates as metrics. When disabled, + aggregates are output as events. prefix: type: string title: Output prefix - description: A prefix that is prepended to all of the fields output by this Aggregations Function + description: A prefix that is prepended to all of the fields output by this + Aggregations Function timeWindow: pattern: \d+[sm]$ type: string title: Time window - description: The time span of the tumbling window for aggregating events. Must be a valid time string (such as 10s). + description: The time span of the tumbling window for aggregating events. Must + be a valid time string (such as 10s). aggregations: type: array title: Aggregates - description: "Aggregate function to perform on events. Example: sum(bytes).where(action=='REJECT').as(TotalBytes)" + description: "Aggregate function to perform on events. Example: + sum(bytes).where(action=='REJECT').as(TotalBytes)" minItems: 1 items: type: string groupbys: type: array title: Group by fields - description: "Optional: One or more fields to group aggregates by. Supports wildcard expressions. Warning: Using wildcard '*' causes all fields in the event to be included, which can result in high cardinality and increased memory usage. Exclude fields that can result in high cardinality before using wildcards. Example: !_time, !_numericValue, *" + description: "Optional: One or more fields to group aggregates by. Supports + wildcard expressions. Warning: Using wildcard '*' causes all fields + in the event to be included, which can result in high cardinality + and increased memory usage. Exclude fields that can result in high + cardinality before using wildcards. Example: !_time, !_numericValue, + *" items: type: string flushEventLimit: type: number title: Aggregation event limit - description: The maximum number of events to include in any given aggregation event + description: The maximum number of events to include in any given aggregation + event minimum: 1 flushMemLimit: type: string title: Aggregation memory limit - description: "The memory usage limit to impose upon aggregations. Defaults to 80% of the process memory; value configured above default limit is ignored. Accepts numerals with units like KB and MB (example: 128MB)." + description: "The memory usage limit to impose upon aggregations. Defaults to + 80% of the process memory; value configured above default limit is + ignored. Accepts numerals with units like KB and MB (example: + 128MB)." pattern: ^\d+\s*(?:\w{2})?$ cumulative: type: boolean title: Cumulative aggregations - description: Enable to retain aggregations for cumulative aggregations when flushing out an aggregation table event. When disabled (the default), aggregations are reset to 0 on flush. + description: Enable to retain aggregations for cumulative aggregations when + flushing out an aggregation table event. When disabled (the + default), aggregations are reset to 0 on flush. searchAggMode: type: string title: Search-specific aggregation mode @@ -1013,24 +1126,30 @@ components: shouldTreatDotsAsLiterals: type: boolean title: Treat dots as literals - description: Treat dots in dimension names as literals. This is useful for top-level dimensions that contain dots, such as 'service.name'. + description: Treat dots in dimension names as literals. This is useful for + top-level dimensions that contain dots, such as 'service.name'. flushOnInputClose: type: boolean title: Flush on stream close - description: Flush aggregations when an input stream is closed. If disabled, Time Window Settings control flush behavior. + description: Flush aggregations when an input stream is closed. If disabled, + Time Window Settings control flush behavior. printUndefineds: type: boolean title: Print undefined as null - description: When enabled (e.g. for Cribl Search), convert undefined expression results to null so requested-but-missing fields appear in JSON output. When disabled (default), undefined is preserved. + description: When enabled (e.g. for Cribl Search), convert undefined expression + results to null so requested-but-missing fields appear in JSON + output. When disabled (default), undefined is preserved. lagTolerance: type: string title: Lag tolerance - description: The tumbling window tolerance to late events. Must be a valid time string (such as 10s). + description: The tumbling window tolerance to late events. Must be a valid time + string (such as 10s). pattern: \d+[sm]$ idleTimeLimit: type: string title: Idle bucket time limit - description: How long to wait before flushing a bucket that has not received events. Must be a valid time string (such as 10s). + description: How long to wait before flushing a bucket that has not received + events. Must be a valid time string (such as 10s). pattern: \d+[sm]$ FunctionAggregation: type: object @@ -1094,7 +1213,9 @@ components: description: Timezone to assign to timestamps without timezone info timeExpression: title: Time expression - description: Expression to use to format time. Current time, as a JavaScript Date object, is in global `time`. You can access other fields' values via __e.. + description: Expression to use to format time. Current time, as a JavaScript + Date object, is in global `time`. You can access other fields' + values via __e.. type: string offset: title: Start scan offset @@ -1121,13 +1242,17 @@ components: x-speakeasy-unknown-values: allow latestDateAllowed: title: Future timestamp allowed - description: The latest timestamp value allowed relative to now, such as +42days. Parsed values after this date will be set to the Default time. + description: The latest timestamp value allowed relative to now, such as + +42days. Parsed values after this date will be set to the Default + time. type: string spacer: type: string earliestDateAllowed: title: Earliest timestamp allowed - description: The earliest timestamp value allowed relative to now, such as -42years. Parsed values prior to this date will be set to the Default time. + description: The earliest timestamp value allowed relative to now, such as + -42years. Parsed values prior to this date will be set to the + Default time. type: string timestamps: title: Additional timestamps @@ -1394,23 +1519,30 @@ components: code: type: string title: Code - description: "Caution: This Function will be evaluated in an unprotected context. This means that you will be able to execute almost any JavaScript code." + description: "Caution: This Function will be evaluated in an unprotected + context. This means that you will be able to execute almost any + JavaScript code." maxNumOfIterations: type: number title: Iteration limit - description: The maximum number of allowed iterations within this Function. Defaults to 5,000. + description: The maximum number of allowed iterations within this Function. + Defaults to 5,000. minimum: 1 maximum: 100000 activeLogSampleRate: type: number title: Error log sample rate - description: Rate at which this Function logs errors. For example, a value of 1 logs every error, a value of 1000 (the default) logs every thousandth error, and so on. + description: Rate at which this Function logs errors. For example, a value of 1 + logs every error, a value of 1000 (the default) logs every + thousandth error, and so on. minimum: 1 maximum: 5000 useUniqueLogChannel: type: boolean title: Use unique log channel - description: Logs from this Function will be sent to a unique channel in the form `func:code:${pipelineName}:${functionIndex}`. Disable to use the generic `func:code` log channel instead. + description: Logs from this Function will be sent to a unique channel in the + form `func:code:${pipelineName}:${functionIndex}`. Disable to use + the generic `func:code` log channel instead. FunctionCode: type: object properties: @@ -1461,7 +1593,8 @@ components: comment: type: string title: Comment - description: Optional, short description of this Function's purpose in the Pipeline + description: Optional, short description of this Function's purpose in the + Pipeline maxLength: 1000 FunctionComment: type: object @@ -1530,7 +1663,8 @@ components: suppressPreviews: type: boolean title: Suppress preview results - description: Toggle this on to suppress generating previews of intermediate results + description: Toggle this on to suppress generating previews of intermediate + results FunctionDistinct: type: object properties: @@ -1621,7 +1755,8 @@ components: outFieldName: type: string title: Output field name - description: Name of field to add lookup results to. Leave blank to overwrite the lookup field. + description: Name of field to add lookup results to. Leave blank to overwrite + the lookup field. reverseLookupFields: title: Reverse DNS lookup fields description: List of field names on which to perform reverse DNS lookup @@ -1632,14 +1767,19 @@ components: inFieldName: type: string title: Lookup field name - description: Name of the field containing the IP to look up. If the field value is not in IPv4 or IPv6 format, the lookup is skipped. + description: Name of the field containing the IP to look up. If the field value + is not in IPv4 or IPv6 format, the lookup is skipped. outFieldName: type: string title: Output field name - description: Name of field to add the resolved domain to. Leave blank to overwrite the lookup field. + description: Name of field to add the resolved domain to. Leave blank to + overwrite the lookup field. dnsServers: title: DNS server overrides - description: "IPs, in RFC 5952 format, of the DNS servers to use for resolution. Examples: IPv4 1.1.1.1, 4.2.2.2:53, or IPv6 [2001:4860:4860::8888], [2001:4860:4860::8888]:1053. If not specified, system's DNS will be used." + description: "IPs, in RFC 5952 format, of the DNS servers to use for resolution. + Examples: IPv4 1.1.1.1, 4.2.2.2:53, or IPv6 [2001:4860:4860::8888], + [2001:4860:4860::8888]:1053. If not specified, system's DNS will be + used." type: array items: type: string @@ -1650,19 +1790,24 @@ components: maxCacheSize: type: number title: Cache size limit - description: The maximum number of DNS resolutions to be cached locally. Leave at default unless you understand the implications of changing. + description: The maximum number of DNS resolutions to be cached locally. Leave + at default unless you understand the implications of changing. maximum: 100000 useResolvConf: title: Use /etc/resolv.conf - description: Attempt to resolve DNS short names using the search or domain directive from /etc/resolv.conf + description: Attempt to resolve DNS short names using the search or domain + directive from /etc/resolv.conf type: boolean lookupFallback: title: Fall back to DNS.lookup() - description: "If unable to resolve a DNS short name, make a DNS.lookup() call to resolve it. Caution: This might degrade performance in unrelated areas of @{product}." + description: "If unable to resolve a DNS short name, make a DNS.lookup() call to + resolve it. Caution: This might degrade performance in unrelated + areas of @{product}." type: boolean domainOverrides: title: Use search or domain fallbacks - description: Specify fallback values for the DNS resolver to use when it cannot resolve a DNS short name + description: Specify fallback values for the DNS resolver to use when it cannot + resolve a DNS short name type: array items: type: string @@ -1780,18 +1925,22 @@ components: pattern: \d+[sm]$ type: string title: Aggregation time window - description: The time span of the tumbling window for aggregating events. Must be a valid time string (such as 10s). + description: The time span of the tumbling window for aggregating events. Must + be a valid time string (such as 10s). dropDimensions: type: array title: Dimensions to drop - description: "One or more dimensions to be dropped. Supports wildcard expressions. Warning: Using wildcard '*' causes all dimensions in the event to be dropped." + description: "One or more dimensions to be dropped. Supports wildcard + expressions. Warning: Using wildcard '*' causes all dimensions in + the event to be dropped." minItems: 1 items: type: string flushOnInputClose: type: boolean title: Flush on stream close - description: Flush aggregations when an input stream is closed. If disabled, aggregations are flushed based on Time Window Settings instead. + description: Flush aggregations when an input stream is closed. If disabled, + aggregations are flushed based on Time Window Settings instead. FunctionDropDimensions: type: object properties: @@ -1843,7 +1992,8 @@ components: mode: title: Sample mode type: string - description: "Defines how sample rate will be derived: log(previousPeriodCount) or sqrt(previousPeriodCount)" + description: "Defines how sample rate will be derived: log(previousPeriodCount) + or sqrt(previousPeriodCount)" enum: - log - sqrt @@ -1853,7 +2003,9 @@ components: x-speakeasy-unknown-values: allow keyExpr: title: Sample group key - description: Expression used to derive sample group key. Example:`${domain}:${status}`. Each sample group will have its own derived sampling rate based on volume. Defaults to `${host}`. + description: Expression used to derive sample group key. + Example:`${domain}:${status}`. Each sample group will have its own + derived sampling rate based on volume. Defaults to `${host}`. type: string samplePeriod: title: Sample period @@ -1861,11 +2013,15 @@ components: type: number minEvents: title: Minimum events - description: Minimum number of events that must be received in previous sample period for sampling mode to be applied to current period. If the number of events received for a sample group is less than this minimum, a sample rate of 1:1 is used. + description: Minimum number of events that must be received in previous sample + period for sampling mode to be applied to current period. If the + number of events received for a sample group is less than this + minimum, a sample rate of 1:1 is used. type: number maxSampleRate: title: Sampling rate limit - description: Maximum sampling rate. If computed sampling rate is above this value, it will be limited to this value. + description: Maximum sampling rate. If computed sampling rate is above this + value, it will be limited to this value. type: number minimum: 1 FunctionDynamicSampling: @@ -1937,20 +2093,25 @@ components: description: Set to No to disable the evaluation of an individual expression keep: title: Keep fields - description: List of fields to keep. Supports * wildcards. Takes precedence over 'Remove fields'. + description: List of fields to keep. Supports * wildcards. Takes precedence over + 'Remove fields'. type: array items: type: string remove: title: Remove fields - description: List of fields to remove. Supports * wildcards. Fields that match 'Keep fields' will not be removed. Enclose field names containing special characters in single or double quotes. + description: List of fields to remove. Supports * wildcards. Fields that match + 'Keep fields' will not be removed. Enclose field names containing + special characters in single or double quotes. type: array items: type: string printUndefineds: type: boolean title: Print undefined as null - description: When enabled (e.g. for Cribl Search), convert undefined expression results to null so requested-but-missing fields appear in JSON output. When disabled (default), undefined is preserved. + description: When enabled (e.g. for Cribl Search), convert undefined expression + results to null so requested-but-missing fields appear in JSON + output. When disabled (default), undefined is preserved. FunctionEval: type: object properties: @@ -2017,13 +2178,15 @@ components: maxEventBytes: type: number title: Event byte limit - description: The maximum number of bytes that an event can be before being flushed to the Pipelines + description: The maximum number of bytes that an event can be before being + flushed to the Pipelines minimum: 1 - maximum: 1.34217728e+08 + maximum: 134217728 timestampAnchorRegex: type: string title: Timestamp anchor - description: Regex to match before attempting timestamp extraction. Use $ (end of string anchor) to not perform extraction. + description: Regex to match before attempting timestamp extraction. Use $ (end + of string anchor) to not perform extraction. timestamp: $ref: "#/components/schemas/TimestampFormatTypeEventBreakerExistingOrNewNew" timestampTimezone: @@ -2032,11 +2195,14 @@ components: description: Timezone to assign to timestamps without timezone info timestampEarliest: title: Earliest timestamp allowed - description: The earliest timestamp value allowed relative to now, such as -42years. Parsed values prior to this date will be set to current time. + description: The earliest timestamp value allowed relative to now, such as + -42years. Parsed values prior to this date will be set to current + time. type: string timestampLatest: title: Future timestamp allowed - description: The latest timestamp value allowed relative to now, such as +42days. Parsed values after this date will be set to current time. + description: The latest timestamp value allowed relative to now, such as + +42days. Parsed values after this date will be set to current time. type: string existingRule: type: string @@ -2102,7 +2268,8 @@ components: aggregations: type: array title: Aggregates - description: Aggregate function(s) to perform on events. E.g., sum(bytes).where(action=='REJECT').as(TotalBytes) + description: Aggregate function(s) to perform on events. E.g., + sum(bytes).where(action=='REJECT').as(TotalBytes) minItems: 1 items: type: string @@ -2115,11 +2282,14 @@ components: maxEvents: type: number title: Maximum number of events - description: Specifies how many events are at max kept in memory to be enriched with aggregations + description: Specifies how many events are at max kept in memory to be enriched + with aggregations flushOnInputClose: type: boolean title: Flush on stream close - description: Determines if aggregations should flush when an input stream is closed. If disabled, time window settings will control flush behavior. + description: Determines if aggregations should flush when an input stream is + closed. If disabled, time window settings will control flush + behavior. FunctionEventstats: type: object properties: @@ -2216,7 +2386,9 @@ components: fields: type: array title: Fields - description: List of top-level fields to include for flattening. Supports * wildcards, except when used on internal fields. Defaults to empty array, which means all fields. + description: List of top-level fields to include for flattening. Supports * + wildcards, except when used on internal fields. Defaults to empty + array, which means all fields. items: type: string pattern: ^(?!__.*\*).*$ @@ -2227,7 +2399,8 @@ components: depth: type: number title: Depth - description: Number representing the nested levels to consider for flattening. Defaults to 5. Minimum should be 1. + description: Number representing the nested levels to consider for flattening. + Defaults to 5. Minimum should be 1. minimum: 1 delimiter: type: string @@ -2282,11 +2455,14 @@ components: properties: deleteOriginal: title: Delete original - description: When enabled (default), only the folded keys are kept. When disabled, the original entries are retained alongside the folded keys. + description: When enabled (default), only the folded keys are kept. When + disabled, the original entries are retained alongside the folded + keys. type: boolean separator: title: Separator string - description: Character or string used to separate key levels to be folded. Defaults to the dot (.) character. + description: Character or string used to separate key levels to be folded. + Defaults to the dot (.) character. type: string selectionRegExp: title: Selection regular expression @@ -2294,7 +2470,8 @@ components: type: string maxDepth: title: Maximum depth - description: Maximum recursion depth when traversing nested objects. Prevents infinite loops caused by cyclic references. Defaults to 20. + description: Maximum recursion depth when traversing nested objects. Prevents + infinite loops caused by cyclic references. Defaults to 20. type: integer minimum: 1 FunctionFoldkeys: @@ -2401,7 +2578,8 @@ components: file: type: string title: GeoIP file (.mmdb) - description: Select an uploaded Maxmind database, or specify path to a Maxmind database with .mmdb extension + description: Select an uploaded Maxmind database, or specify path to a Maxmind + database with .mmdb extension minLength: 1 inField: type: string @@ -2482,7 +2660,8 @@ components: pattern: type: string title: Pattern - description: "Grok pattern to extract fields. Syntax supported: %{PATTERN_NAME:FIELD_NAME}" + description: "Grok pattern to extract fields. Syntax supported: + %{PATTERN_NAME:FIELD_NAME}" patternList: type: array title: Additional Grok patterns @@ -2542,7 +2721,8 @@ components: templates: type: array title: Templates - description: Array of template definitions. Uses event.__template_id to select template at runtime. + description: Array of template definitions. Uses event.__template_id to select + template at runtime. items: type: object title: Template definition @@ -2569,7 +2749,8 @@ components: type: type: string title: Template type - description: Type categorization for the template (e.g., Universal, Email, Slack) + description: Type categorization for the template (e.g., Universal, Email, + Slack) targetField: type: string title: Target field @@ -2577,7 +2758,8 @@ components: parseJson: type: boolean title: Parse as JSON - description: Parse the rendered template as JSON and store as an object instead of a string. Useful for building structured data like Slack blocks. + description: Parse the rendered template as JSON and store as an object instead + of a string. Useful for building structured data like Slack blocks. removeOnNull: type: boolean title: Remove field if empty @@ -2658,7 +2840,8 @@ components: type: string rightFieldName: title: Right Field Name - description: The field name on the right side of the data, i.e. the stage results, that we are joining with + description: The field name on the right side of the data, i.e. the stage + results, that we are joining with type: string searchJobId: title: Search Job Id @@ -2722,7 +2905,8 @@ components: name: type: string title: New name - description: Name of each exploded array element in each new event. Leave empty to expand the array element with its original name. + description: Name of each exploded array element in each new event. Leave empty + to expand the array element with its original name. FunctionJsonUnroll: type: object properties: @@ -2786,7 +2970,8 @@ components: type: string tee: title: Tee - description: Tee results to search. When set to true results will be shipped instead of stats + description: Tee results to search. When set to true results will be shipped + instead of stats type: boolean flushMs: title: Flush period @@ -2795,7 +2980,8 @@ components: suppressPreviews: type: boolean title: Suppress periodic stats - description: Disables generation of intermediate stats. When true stats will be emitted only on end + description: Disables generation of intermediate stats. When true stats will be + emitted only on end FunctionLakeExport: type: object properties: @@ -2955,11 +3141,13 @@ components: title: Ruleset ID ruleset: type: object - title: Full ruleset, i.e. for use with live data capture, which uses draft/unsaved rulesets + title: Full ruleset, i.e. for use with live data capture, which uses + draft/unsaved rulesets markAndIncludeDroppedEvents: type: boolean title: Mark and include dropped events - description: Only for use with live data capture. Mark events that were dropped by dataset rules and still include them for capture + description: Only for use with live data capture. Mark events that were dropped + by dataset rules and still include them for capture FunctionLocalSearchRulesetRunner: type: object properties: @@ -3148,16 +3336,20 @@ components: file: type: string title: Lookup file path (.csv, .csv.gz) - description: "Path to the lookup file. Reference environment variables via $. Example: $HOME/file.csv" + description: "Path to the lookup file. Reference environment variables via $. + Example: $HOME/file.csv" minLength: 1 dbLookup: type: boolean title: Use Disk-Based Lookup - description: Enable to use a disk-based lookup. This option displays only the settings relevant to disk-based mode and hides those for in-memory lookups. + description: Enable to use a disk-based lookup. This option displays only the + settings relevant to disk-based mode and hides those for in-memory + lookups. matchMode: title: Match mode type: string - description: Specifies the matching method based on the format and logic used in the lookup file + description: Specifies the matching method based on the format and logic used in + the lookup file enum: - exact - cidr @@ -3170,7 +3362,8 @@ components: matchType: title: Match type type: string - description: "Further defines how to handle multiple matches: return the first match, the most specific match, or all matches" + description: "Further defines how to handle multiple matches: return the first + match, the most specific match, or all matches" enum: - first - specific @@ -3179,7 +3372,11 @@ components: reloadPeriodSec: type: number title: Reload period (sec) - description: Checks the lookup file periodically for changes and reloads it if modified. Set to -1 to disable reloading (default). Useful for lookups not managed by Stream or not updated by an external process. [Learn more](https://docs.cribl.io/stream/lookup-function/#advanced-settings) + description: Checks the lookup file periodically for changes and reloads it if + modified. Set to -1 to disable reloading (default). Useful for + lookups not managed by Stream or not updated by an external process. + [Learn + more](https://docs.cribl.io/stream/lookup-function/#advanced-settings) inFields: type: array title: Lookup fields @@ -3198,11 +3395,13 @@ components: lookupField: type: string title: Corresponding Field Name in Lookup - description: "Optional: The field name as it appears in the lookup file. Defaults to event field name" + description: "Optional: The field name as it appears in the lookup file. + Defaults to event field name" outFields: type: array title: Output fields - description: Fields to add to events after matching lookup. Defaults to all if not specified. + description: Fields to add to events after matching lookup. Defaults to all if + not specified. items: type: object required: @@ -3215,7 +3414,8 @@ components: eventField: type: string title: Lookup Field Name in Event - description: "Optional: Field name to add to event. Defaults to lookup field name." + description: "Optional: Field name to add to event. Defaults to lookup field + name." pattern: ^[a-zA-Z$_][a-zA-Z0-9$_\[\]\.'"]*$ defaultValue: type: string @@ -3228,7 +3428,8 @@ components: ignoreCase: type: boolean title: Ignore case - description: "Whether to ignore case when performing lookups using Match Mode: Regex." + description: "Whether to ignore case when performing lookups using Match Mode: + Regex." FunctionLookup: type: object properties: @@ -3294,14 +3495,17 @@ components: replaceExpr: type: string title: Replace Expression - description: A JavaScript expression or literal to replace the matching content. Capturing groups can be referenced as g1, g2, and so on, and event fields as event.. + description: A JavaScript expression or literal to replace the matching content. + Capturing groups can be referenced as g1, g2, and so on, and + event fields as event.. disabled: type: boolean description: Set to No to disable the evaluation of an individual rule fields: type: array title: Apply to fields - description: Fields on which to apply the masking rules. Supports * wildcards, except when used on internal fields. + description: Fields on which to apply the masking rules. Supports * wildcards, + except when used on internal fields. items: type: string pattern: ^(?!__.*\*).*$ @@ -3447,23 +3651,28 @@ components: properties: arrayPath: title: Field name of source array - description: Field name of the array within events that contains the data objects of interest. Can be a path. + description: Field name of the array within events that contains the data + objects of interest. Can be a path. type: string relativeKeyPath: title: Field name of key - description: Extract the K-V pair's key from this field, relative to the data object. + description: Extract the K-V pair's key from this field, relative to the data + object. type: string relativeValuePath: title: Field name of value - description: Extract the K-V pair's value from this field, relative to the data object. + description: Extract the K-V pair's value from this field, relative to the data + object. type: string targetBagPath: title: Field name for pulled fields - description: Optionally, specify a bag as the target for K-V entries. If not specified, these entries are stored on each top-level event. + description: Optionally, specify a bag as the target for K-V entries. If not + specified, these entries are stored on each top-level event. type: string deleteOriginal: title: Delete source array after processing - description: Toggle this on to remove each original array of data objects after extraction. If toggled off, arrays are retained. + description: Toggle this on to remove each original array of data objects after + extraction. If toggled off, arrays are retained. type: boolean FunctionMvPull: type: object @@ -3547,7 +3756,9 @@ components: conditions: type: array title: OR Conditions - description: List of conditions. If ANY condition matches (OR), the policy applies. Each condition is a list of tags that must ALL match (AND). + description: List of conditions. If ANY condition matches (OR), the policy + applies. Each condition is a list of tags that must ALL match + (AND). items: type: array title: AND Group @@ -3591,7 +3802,8 @@ components: description: List of targets to route to and the templates to use minItems: 1 items: - $ref: "#/components/schemas/TemplateTargetPairConfFunctionConfSchemaNotificationPolicies" + $ref: "#/components/schemas/TemplateTargetPairConfFunctionConfSchemaNotificatio\ + nPolicies" final: type: boolean title: Final @@ -3728,12 +3940,15 @@ components: type: string trigger: title: Trigger condition expression - description: Js expression that filters events, a greater than 'Trigger Count' events will trigger the notification + description: Js expression that filters events, a greater than 'Trigger Count' + events will trigger the notification type: string triggerType: type: string title: Trigger type - description: Type of the trigger condition. custom applies a kusto expression over the results, and results count applies a comparison over results count + description: Type of the trigger condition. custom applies a kusto expression + over the results, and results count applies a comparison over + results count enum: - custom - resultsCount @@ -3774,7 +3989,8 @@ components: type: string message: title: Message content - description: "Message content template, available fields: searchId, resultSet, savedQueryId, notificationId, searchResultsUrl" + description: "Message content template, available fields: searchId, resultSet, + savedQueryId, notificationId, searchResultsUrl" type: string authToken: title: Api Auth Token @@ -3838,19 +4054,29 @@ components: depth: type: integer title: Depth - description: Depth to which the Numerify Function will search within a nested event. Depth greater than 5 (the default) could decrease performance. + description: Depth to which the Numerify Function will search within a nested + event. Depth greater than 5 (the default) could decrease + performance. minimum: 0 maximum: 10 ignoreFields: title: Ignore fields - description: "Fields to NOT numerify. Takes precedence over 'Include expression' when set. Supports wildcards. A '!' before field name(s) means: numerify all fields EXCEPT these. For syntax details, see [Wildcard Lists](https://docs.cribl.io/stream/introduction-reference/#wildcard-lists)." + description: "Fields to NOT numerify. Takes precedence over 'Include expression' + when set. Supports wildcards. A '!' before field name(s) means: + numerify all fields EXCEPT these. For syntax details, see + [Wildcard Lists](https://docs.cribl.io/stream/introduction-referenc\ + e/#wildcard-lists)." type: array items: type: string description: Field to ignore filterExpr: title: Include expression - description: "Optional JavaScript expression to determine whether a field should be numerified. If left blank, all fields will be numerified. Use the 'name' and 'value' global variables to access fields' names/values. Examples: `value != null`, `name=='fieldname'`. You can access other fields' values via `__e.`." + description: "Optional JavaScript expression to determine whether a field should + be numerified. If left blank, all fields will be numerified. Use the + 'name' and 'value' global variables to access fields' names/values. + Examples: `value != null`, `name=='fieldname'`. You can access other + fields' values via `__e.`." type: string format: title: Format @@ -3869,7 +4095,8 @@ components: digits: type: number title: Digits - description: Number of digits after the decimal point, between 0 and 20. If left blank, defaults to 2. + description: Number of digits after the decimal point, between 0 and 20. If left + blank, defaults to 2. minimum: 0 maximum: 20 allOf: @@ -3938,7 +4165,8 @@ components: sendBatchSize: type: number title: Batch size - description: Number of log records after which a batch will be sent, regardless of the timeout + description: Number of log records after which a batch will be sent, regardless + of the timeout timeout: type: number title: Batch timeout (ms) @@ -3950,11 +4178,15 @@ components: metadataKeys: type: array title: Batch log metadata keys - description: When set, this processor will create one batcher instance per distinct combination of values in the metadata + description: When set, this processor will create one batcher instance per + distinct combination of values in the metadata metadataCardinalityLimit: type: number title: Metadata cardinality limit - description: "Limit the number of unique combinations of metadata key values that will be processed over the lifetime of the process. After the limit is reached, events with new metadata key value combinations will be dropped. " + description: "Limit the number of unique combinations of metadata key values + that will be processed over the lifetime of the process. After the + limit is reached, events with new metadata key value combinations + will be dropped. " FunctionOtlpLogs: type: object properties: @@ -4005,7 +4237,9 @@ components: resourceAttributePrefixes: type: array title: Resource attribute prefixes - description: The prefixes of top-level attributes to add as resource attributes. Each attribute must match the regex pattern `^[a-zA-Z0-9_\.]+$`. Use Eval to copy nested attributes to the top level for matching. + description: The prefixes of top-level attributes to add as resource attributes. + Each attribute must match the regex pattern `^[a-zA-Z0-9_\.]+$`. Use + Eval to copy nested attributes to the top level for matching. items: type: string pattern: ^[a-zA-Z0-9_\.]+$ @@ -4021,7 +4255,8 @@ components: sendBatchSize: type: number title: Batch size - description: Number of metric data points after which a batch will be sent, regardless of the timeout + description: Number of metric data points after which a batch will be sent, + regardless of the timeout timeout: type: number title: Batch timeout (ms) @@ -4033,11 +4268,15 @@ components: metadataKeys: type: array title: Batch metrics metadata keys - description: When set, this processor will create one batcher instance per distinct combination of values in the metadata + description: When set, this processor will create one batcher instance per + distinct combination of values in the metadata metadataCardinalityLimit: type: number title: Metadata cardinality limit - description: Limit the number of unique combinations of metadata key values that will be processed over the lifetime of the process. After the limit is reached, events with new metadata key value combinations will be dropped. + description: Limit the number of unique combinations of metadata key values that + will be processed over the lifetime of the process. After the limit + is reached, events with new metadata key value combinations will be + dropped. FunctionOtlpMetrics: type: object properties: @@ -4097,7 +4336,8 @@ components: sendBatchSize: type: number title: Batch size - description: Number of spans after which a batch will be sent, regardless of the timeout + description: Number of spans after which a batch will be sent, regardless of the + timeout timeout: type: number title: Batch timeout (ms) @@ -4109,11 +4349,15 @@ components: metadataKeys: type: array title: Batch traces metadata keys - description: When set, this processor will create one batcher instance per distinct combination of values in the metadata + description: When set, this processor will create one batcher instance per + distinct combination of values in the metadata metadataCardinalityLimit: type: number title: Metadata cardinality limit - description: Limit the number of unique combinations of metadata key values that will be processed over the lifetime of the process. After the limit is reached, events with new metadata key value combinations will be dropped. + description: Limit the number of unique combinations of metadata key values that + will be processed over the lifetime of the process. After the limit + is reached, events with new metadata key value combinations will be + dropped. FunctionOtlpTraces: type: object properties: @@ -4288,7 +4532,9 @@ components: properties: fields: title: Add metrics - description: List of metrics from event to extract and format. Formatted metrics can be used by a destination to pass metrics to a metrics aggregation platform. + description: List of metrics from event to extract and format. Formatted metrics + can be used by a destination to pass metrics to a metrics + aggregation platform. type: array minItems: 0 items: @@ -4304,7 +4550,8 @@ components: outFieldExpr: type: string title: Metric Name Expression - description: JavaScript expression to evaluate the metric field name. Defaults to Event Field Name. + description: JavaScript expression to evaluate the metric field name. Defaults + to Event Field Name. metricType: type: string title: Metric Type @@ -4330,19 +4577,25 @@ components: dimensions: type: array title: Add dimensions - description: Optional list of dimensions to include in events. Wildcards supported. If you don't specify metrics, values will be appended to every metric found in the event. When you add a new metric, dimensions will be present only in those new metrics. + description: Optional list of dimensions to include in events. Wildcards + supported. If you don't specify metrics, values will be appended to + every metric found in the event. When you add a new metric, + dimensions will be present only in those new metrics. items: type: string removeMetrics: title: Remove metrics - description: Optional list of metric field names to look for when removing metrics. When a metric's field name matches an element in this list, the metric will be removed from the event. + description: Optional list of metric field names to look for when removing + metrics. When a metric's field name matches an element in this list, + the metric will be removed from the event. type: array items: type: string removeDimensions: type: array title: Remove dimensions - description: Optional list of dimensions to remove from every metric found in the event. Wildcards supported. + description: Optional list of dimensions to remove from every metric found in + the event. Wildcards supported. items: type: string FunctionPublishMetrics: @@ -4404,19 +4657,23 @@ components: properties: outField: title: Result field - description: Name of the field in which to store the returned value. Leave blank to discard returned value. + description: Name of the field in which to store the returned value. Leave blank + to discard returned value. type: string command: title: Command - description: "Redis command to perform. For a complete list visit: https://redis.io/commands" + description: "Redis command to perform. For a complete list visit: + https://redis.io/commands" type: string keyExpr: title: Key - description: A JavaScript expression to compute the value of the key to operate on. Can also be a constant such as 'username'. + description: A JavaScript expression to compute the value of the key to operate + on. Can also be a constant such as 'username'. type: string argsExpr: title: Args - description: A JavaScript expression to compute arguments to the operation. Can return an array. + description: A JavaScript expression to compute arguments to the operation. Can + return an array. type: string deploymentType: title: Deployment type @@ -4448,17 +4705,41 @@ components: maxBlockSecs: type: number title: Blocking time limit - description: Maximum amount of time (seconds) to wait before assuming that Redis is down and passing events through. Use 0 to disable. + description: Maximum amount of time (seconds) to wait before assuming that Redis + is down and passing events through. Use 0 to disable. enableClientSideCaching: type: boolean title: Client-side cache - description: Enable client-side cache. Redundant when using Redis write operations. See more options at Settings > General > Limits > Redis Cache. + description: Enable client-side cache. Redundant when using Redis write + operations. See more options at Settings > General > Limits > Redis + Cache. url: title: Redis URL - description: "Redis URL to connect to. Format: redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-number[&password=bar[&option=value]]]. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`" + description: "Redis URL to connect to. Format: + redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-num\ + ber[&password=bar[&option=value]]]. Must be a JavaScript expression + (which can evaluate to a constant value), enclosed in quotes or + backticks. Can be evaluated only at init time. Example referencing a + Global Variable: `myBucket-${C.vars.myVar}`" type: string + __template_url: + type: string + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. tlsOptions: $ref: "#/components/schemas/TlsOptionsTypeRedisDeploymentTypeStandalone" + rootNodes: + title: Root nodes + description: Root nodes to which the cluster connection should be initiated + type: array + minItems: 1 + items: + $ref: "#/components/schemas/RootNodeConfRedisDeploymentTypeCluster" + tls: + title: TLS + type: boolean + description: Use TLS for connections to this cluster scaleReads: $ref: "#/components/schemas/ScaleReadsOptionsRedisDeploymentTypeCluster" masterName: @@ -4467,9 +4748,19 @@ components: username: title: Username type: string + __template_username: + type: string + description: Binds 'username' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'username' at runtime. password: title: Password type: string + __template_password: + type: string + description: Binds 'password' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'password' at runtime. credentialsSecret: type: string title: User secret @@ -4551,7 +4842,9 @@ components: regex: type: string title: Regex - description: Regex literal with named capturing groups, such as (?bar), or _NAME_ and _VALUE_ capturing groups, such as (?<_NAME_0>[^ =]+)=(?<_VALUE_0>[^,]+) + description: Regex literal with named capturing groups, such as (?bar), or + _NAME_ and _VALUE_ capturing groups, such as (?<_NAME_0>[^ + =]+)=(?<_VALUE_0>[^,]+) regexList: type: array title: Additional regex @@ -4564,16 +4857,24 @@ components: iterations: type: number title: Max exec - description: The maximum number of times to apply regex to source field when the global flag is set, or when using _NAME_ and _VALUE_ capturing groups + description: The maximum number of times to apply regex to source field when the + global flag is set, or when using _NAME_ and _VALUE_ capturing + groups minimum: 1 fieldNameExpression: title: Field name format expression - description: "JavaScript expression to format field names when _NAME_n and _VALUE_n capturing groups are used. Original field name is in global variable 'name'. Example: To append XX to all field names, use `${name}_XX` (backticks are literal). If empty, names will be sanitized using this regex: /^[_0-9]+|[^a-zA-Z0-9_]+/g. You can access other fields values via __e.." + description: "JavaScript expression to format field names when _NAME_n and + _VALUE_n capturing groups are used. Original field name is in global + variable 'name'. Example: To append XX to all field names, use + `${name}_XX` (backticks are literal). If empty, names will be + sanitized using this regex: /^[_0-9]+|[^a-zA-Z0-9_]+/g. You can + access other fields values via __e.." type: string overwrite: type: boolean title: Overwrite existing fields - description: Overwrite existing event fields with extracted values. If disabled, existing fields will be converted to an array. + description: Overwrite existing event fields with extracted values. If disabled, + existing fields will be converted to an array. FunctionRegexExtract: type: object properties: @@ -4691,13 +4992,16 @@ components: properties: baseFields: title: Parent fields - description: Fields whose children will inherit the Rename fields and Rename expression operations. Supports wildcards. If empty, only top-level fields will be renamed. + description: Fields whose children will inherit the Rename fields and Rename + expression operations. Supports wildcards. If empty, only top-level + fields will be renamed. type: array items: type: string rename: title: Rename fields - description: Set of key-value pairs to rename fields, where key is the current name and value is the new name. Does not support internal fields. + description: Set of key-value pairs to rename fields, where key is the current + name and value is the new name. Does not support internal fields. type: array items: type: object @@ -4713,16 +5017,23 @@ components: newName: type: string title: New Name - description: The name the field will be renamed to. Literal identifiers must be quoted. + description: The name the field will be renamed to. Literal identifiers must be + quoted. pattern: ^(?!__).+ renameExpr: title: Rename expression - description: "Optional JavaScript expression whose returned value will be used to rename fields. Use the 'name' and 'value' global variables to access field names/values. Example: `name.startsWith('data') ? name.toUpperCase() : name`. You can access other field values via __e.." + description: "Optional JavaScript expression whose returned value will be used + to rename fields. Use the 'name' and 'value' global variables to + access field names/values. Example: `name.startsWith('data') ? + name.toUpperCase() : name`. You can access other field values via + __e.." type: string wildcardDepth: type: integer title: Parent field wildcard depth - description: For wildcards specified in Parent fields, sets the maximum depth within events to match and rename fields. Enter `0` to match only top-level fields. Defaults to `5` levels down. + description: For wildcards specified in Parent fields, sets the maximum depth + within events to match and rename fields. Enter `0` to match only + top-level fields. Defaults to `5` levels down. minimum: 0 FunctionRename: type: object @@ -4773,7 +5084,8 @@ components: properties: dimensions: title: Dimensions - description: List of dimensions across which to perform rollups. Supports wildcards. Defaults to all original dimensions. + description: List of dimensions across which to perform rollups. Supports + wildcards. Defaults to all original dimensions. type: array items: type: string @@ -4781,7 +5093,8 @@ components: pattern: \d+[sm]$ type: string title: Time window - description: The time span of the rollup window. Must be a valid time string (such as 10s). + description: The time span of the rollup window. Must be a valid time string + (such as 10s). gaugeRollup: title: Gauge update description: The operation to use when rolling up gauge metrics. Defaults to last. @@ -4858,7 +5171,8 @@ components: filter: title: Filter type: string - description: JavaScript filter expression matching events to be sampled. Use true to match all. + description: JavaScript filter expression matching events to be sampled. Use + true to match all. rate: title: Sampling Rate type: integer @@ -4922,7 +5236,8 @@ components: type: string tee: title: Tee - description: Tee results to search. When set to true results will be shipped instead of stats + description: Tee results to search. When set to true results will be shipped + instead of stats type: boolean flushMs: title: Flush period @@ -4931,7 +5246,8 @@ components: suppressPreviews: type: boolean title: Suppress periodic stats - description: Disables generation of intermediate stats. When true stats will be emitted only on end + description: Disables generation of intermediate stats. When true stats will be + emitted only on end FunctionSearchEngineExport: type: object properties: @@ -5003,7 +5319,8 @@ components: type: string tee: title: Tee - description: Tee results to search. When set to true results will be shipped instead of stats + description: Tee results to search. When set to true results will be shipped + instead of stats type: boolean flushMs: title: Flush period @@ -5012,11 +5329,14 @@ components: suppressPreviews: type: boolean title: Suppress periodic stats - description: Disables generation of intermediate stats. When true stats will be emitted only on end + description: Disables generation of intermediate stats. When true stats will be + emitted only on end mode: type: string title: Mode - description: In Sender mode, forwards search results directly to the destination. In Metrics mode, accumulates metrics from federated send operators, and forwards the aggregate metrics. + description: In Sender mode, forwards search results directly to the + destination. In Metrics mode, accumulates metrics from federated + send operators, and forwards the aggregate metrics. enum: - sender - metrics @@ -5085,20 +5405,24 @@ components: replaceExpr: type: string title: Mitigation Expression - description: A JavaScript expression or literal to replace the matching content. Capturing groups can be referenced as g1, g2, and so on, and event fields as event.. + description: A JavaScript expression or literal to replace the matching content. + Capturing groups can be referenced as g1, g2, and so on, and + event fields as event.. disabled: type: boolean fields: type: array title: Apply to fields - description: Rulesets act on the events contained in these fields. Mitigation expressions apply to the scan results. Supports wildcards (*). + description: Rulesets act on the events contained in these fields. Mitigation + expressions apply to the scan results. Supports wildcards (*). items: type: string pattern: ^(?!__.*\*).*$ excludeFields: type: array title: Fields to ignore - description: Fields that the mitigation expression will not be applied to. Supports wildcards (*). + description: Fields that the mitigation expression will not be applied to. + Supports wildcards (*). items: type: string pattern: ^(?!__.*\*).*$ @@ -5174,7 +5498,8 @@ components: mode: title: Operation mode type: string - description: Extract creates new fields. Reserialize extracts and filters fields, and then reserializes. + description: Extract creates new fields. Reserialize extracts and filters + fields, and then reserializes. enum: - extract - reserialize @@ -5192,22 +5517,52 @@ components: title: Destination field description: Name of the field to add fields to. Extract mode only. type: string + keep: + title: Fields to keep + description: List of fields to keep. Supports wildcards (*). Takes precedence + over 'Fields to remove'. + type: array + items: + type: string + remove: + title: Fields to remove + description: List of fields to remove. Supports wildcards (*). Cannot remove + fields that match 'Fields to keep'. + type: array + items: + type: string + fieldFilterExpr: + title: Fields filter expression + description: Expression evaluated against {index, name, value} context. Return + truthy to keep a field, or falsy to remove it. + type: string allowedKeyChars: type: array items: type: string title: Allowed key characters - description: A list of characters that may be present in a key name, even though they are normally separator or control characters + description: A list of characters that may be present in a key name, even though + they are normally separator or control characters allowedValueChars: type: array items: type: string title: Allowed value characters - description: A list of characters that may be present in a value, even though they are normally separator or control characters + description: A list of characters that may be present in a value, even though + they are normally separator or control characters + fields: + title: List of fields + description: The fields to be extracted, listed in order. Will auto-generate if + empty. + type: array + items: + type: string regex: type: string title: Regex - description: Regex literal with named capturing groups, such as (?bar), or _NAME_ and _VALUE_ capturing groups, such as(?<_NAME_0>[^ =]+)=(?<_VALUE_0>[^,]+) + description: Regex literal with named capturing groups, such as (?bar), or + _NAME_ and _VALUE_ capturing groups, such as(?<_NAME_0>[^ + =]+)=(?<_VALUE_0>[^,]+) regexList: type: array title: Additional regex @@ -5216,20 +5571,29 @@ components: iterations: type: number title: Max exec - description: The maximum number of times to apply regex to source field when the global flag is set, or when using _NAME_ and _VALUE_ capturing groups + description: The maximum number of times to apply regex to source field when the + global flag is set, or when using _NAME_ and _VALUE_ capturing + groups minimum: 1 fieldNameExpression: title: Field name format expression - description: "JavaScript expression to format field names when _NAME_n and _VALUE_n capturing groups are used. Original field name is in global variable 'name'. Example: To append XX to all field names, use `${name}_XX` (backticks are literal). If empty, names will be sanitized using this regex: /^[_0-9]+|[^a-zA-Z0-9_]+/g. You can access other fields values via __e.." + description: "JavaScript expression to format field names when _NAME_n and + _VALUE_n capturing groups are used. Original field name is in global + variable 'name'. Example: To append XX to all field names, use + `${name}_XX` (backticks are literal). If empty, names will be + sanitized using this regex: /^[_0-9]+|[^a-zA-Z0-9_]+/g. You can + access other fields values via __e.." type: string overwrite: type: boolean title: Overwrite existing fields - description: Overwrite existing event fields with extracted values. If disabled, existing fields will be converted to an array. + description: Overwrite existing event fields with extracted values. If disabled, + existing fields will be converted to an array. pattern: type: string title: Pattern - description: "Grok pattern to extract fields. Syntax supported: %{PATTERN_NAME:FIELD_NAME}" + description: "Grok pattern to extract fields. Syntax supported: + %{PATTERN_NAME:FIELD_NAME}" patternList: type: array title: Additional Grok patterns @@ -5320,13 +5684,16 @@ components: x-speakeasy-unknown-values: allow fields: title: Fields to serialize - description: "Required for CSV, ELFF, CLF, and Delimited values. All other formats support wildcard field lists. Examples: host, array*, !host *" + description: "Required for CSV, ELFF, CLF, and Delimited values. All other + formats support wildcard field lists. Examples: host, array*, !host + *" type: array items: type: string srcField: title: Source field - description: Field containing object to serialize. Leave blank to serialize top-level event fields. + description: Field containing object to serialize. Leave blank to serialize + top-level event fields. type: string dstField: title: Destination field @@ -5340,12 +5707,15 @@ components: type: string title: Pair delimiter minLength: 1 - description: Delimiter used to separate key=value pairs. Defaults to a single space character. Should not have common characters with key-value delimiter. + description: Delimiter used to separate key=value pairs. Defaults to a single + space character. Should not have common characters with key-value + delimiter. keyValueDelimiter: type: string title: Key-Value delimiter minLength: 1 - description: Delimiter used to separate key and value in pair. Defaults to a '='. Should not have common characters with pair delimiter. + description: Delimiter used to separate key and value in pair. Defaults to a + '='. Should not have common characters with pair delimiter. allOf: - oneOf: - $ref: "#/components/schemas/SerializeTypeKvp" @@ -5528,11 +5898,16 @@ components: strict: type: boolean title: Enforce required fields - description: Prevent event serialization if any required fields are missing. When disabled, @{product} will attempt to serialize the event even if required fields are missing, which could cause unexpected behavior at the downstream receiver. + description: Prevent event serialization if any required fields are missing. + When disabled, @{product} will attempt to serialize the event even + if required fields are missing, which could cause unexpected + behavior at the downstream receiver. dropFailedEvents: type: boolean title: Drop failed events - description: When disabled, `snmpSerializeErrors` will be set on the event, and the `__snmpRaw` field will be removed to prevent @{product} from sending the event from the SNMP Trap Destination + description: When disabled, `snmpSerializeErrors` will be set on the event, and + the `__snmpRaw` field will be removed to prevent @{product} from + sending the event from the SNMP Trap Destination v3User: type: object properties: @@ -5613,7 +5988,8 @@ components: type: string comparisonExpression: title: Expression to compare two events - description: The expression can access the events via the 'left' and 'right' properties. + description: The expression can access the events via the 'left' and 'right' + properties. type: string topN: title: The amount of events to return sorted @@ -5626,7 +6002,8 @@ components: suppressPreviews: type: boolean title: Disable intermediate results - description: Toggle this on to suppress generating previews of intermediate results + description: Toggle this on to suppress generating previews of intermediate + results FunctionSort: type: object properties: @@ -5678,7 +6055,8 @@ components: properties: type: title: Output type - description: The type of knowledge object, generated by the function (i.e., 'lookup') + description: The type of knowledge object, generated by the function (i.e., + 'lookup') type: string destination: title: Configuration for store destination @@ -5698,11 +6076,13 @@ components: type: string overwrite: title: Overwrite destination - description: For existing files, an error is thrown if overwrite is false or the file is replaced if overwrite is true + description: For existing files, an error is thrown if overwrite is false or the + file is replaced if overwrite is true type: boolean compress: title: Compress the output - description: True will compress output, false leaves it as it is and auto decides based on size + description: True will compress output, false leaves it as it is and auto + decides based on size type: string tee: title: Tee Results @@ -5766,7 +6146,9 @@ components: keyExpr: type: string title: Key expression - description: Suppression key expression used to uniquely identify events to suppress. For example, `${ip}:${port}` will use fields ip and port from each event to generate the key. + description: Suppression key expression used to uniquely identify events to + suppress. For example, `${ip}:${port}` will use fields ip and port + from each event to generate the key. allow: type: number title: Number to allow @@ -5776,23 +6158,31 @@ components: type: number title: Suppression period (sec) minimum: 0 - description: The number of seconds to suppress events after 'Number to allow' events are received + description: The number of seconds to suppress events after 'Number to allow' + events are received dropEventsMode: type: boolean title: Drop suppressed events - description: If disabled, suppressed events will be tagged with suppress=1 but not dropped + description: If disabled, suppressed events will be tagged with suppress=1 but + not dropped maxCacheSize: type: number title: Cache size limit - description: The maximum number of keys that can be cached before idle entries are removed. Leave at default unless you understand the implications of changing. + description: The maximum number of keys that can be cached before idle entries + are removed. Leave at default unless you understand the implications + of changing. cacheIdleTimeoutPeriods: type: number title: Suppression period timeout - description: The number of suppression periods 'Suppression Period' of inactivity before a cache entry is considered idle. Leave at default unless you understand the implications of changing. + description: The number of suppression periods 'Suppression Period' of + inactivity before a cache entry is considered idle. Leave at default + unless you understand the implications of changing. numEventsIdleTimeoutTrigger: type: number title: Num events to trigger cache clean-up - description: Check cache for idle sessions every N events when cache size is > 'Maximum Cache Size'. Leave at default unless you understand the implications of changing. + description: Check cache for idle sessions every N events when cache size is > + 'Maximum Cache Size'. Leave at default unless you understand the + implications of changing. FunctionSuppress: type: object properties: @@ -5843,7 +6233,8 @@ components: command: type: string title: Command - description: Command to execute and feed events to, via stdin. One JSON-formatted event per line. + description: Command to execute and feed events to, via stdin. One + JSON-formatted event per line. args: type: array title: Command arguments @@ -5909,7 +6300,8 @@ components: field: type: string title: Field name - description: Name of field in which to save the timestamp. (If empty, timestamp will not be saved to a field.) + description: Name of field in which to save the timestamp. (If empty, timestamp + will not be saved to a field.) FunctionTrimTimestamp: type: object properties: @@ -6020,7 +6412,8 @@ components: srcExpr: type: string title: Source field expression - description: "Field in which to find/calculate the array to unroll. Example: _raw, _raw.split(/\\n/)" + description: "Field in which to find/calculate the array to unroll. Example: + _raw, _raw.split(/\\n/)" dstField: type: string title: Destination field @@ -6146,11 +6539,13 @@ components: inherit: type: string title: Copy elements regex - description: "Regex matching elements to copy into each unrolled event. Example: ^root\\.(childA|childB|childC)$" + description: "Regex matching elements to copy into each unrolled event. Example: + ^root\\.(childA|childB|childC)$" unrollIdxField: type: string title: Unroll index field - description: Add a field with this name, containing the index at which the item was located, starting from 0 + description: Add a field with this name, containing the index at which the item + was located, starting from 0 pretty: type: boolean title: Pretty print @@ -6369,7 +6764,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -6408,7 +6804,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -6447,7 +6844,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaAutoTimestamp" @@ -6482,7 +6880,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaCef" @@ -6517,7 +6916,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -6555,7 +6955,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaClone" @@ -6590,7 +6991,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaCode" @@ -6625,7 +7027,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaComment" @@ -6660,7 +7063,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -6698,7 +7102,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaDnsLookup" @@ -6733,7 +7138,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaDrop" @@ -6768,7 +7174,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -6807,7 +7214,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -6846,7 +7254,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaEval" @@ -6881,7 +7290,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -6919,7 +7329,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -6957,7 +7368,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaExternaldata" @@ -6992,7 +7404,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaFlatten" @@ -7027,7 +7440,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaFoldkeys" @@ -7062,7 +7476,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaGenStats" @@ -7097,7 +7512,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -7135,7 +7551,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -7173,7 +7590,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -7211,7 +7629,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -7249,7 +7668,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -7287,7 +7707,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -7326,7 +7747,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaLimit" @@ -7361,7 +7783,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaLocalSearchDatatypeParser" @@ -7396,7 +7819,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaLocalSearchRulesetRunner" @@ -7431,7 +7855,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaLocalSearchSchemaMapper" @@ -7466,7 +7891,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaLocalSearchTimeRangeNormalizer" @@ -7501,7 +7927,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaLocalSearchTransformer" @@ -7536,7 +7963,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -7574,7 +8002,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -7612,7 +8041,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -7650,7 +8080,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -7690,7 +8121,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaNotificationPolicies" @@ -7725,7 +8157,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -7765,7 +8198,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -7809,7 +8243,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaNumerify" @@ -7844,7 +8279,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaOtlpLogs" @@ -7879,7 +8315,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaOtlpMetrics" @@ -7914,7 +8351,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaOtlpTraces" @@ -7949,7 +8387,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -7987,7 +8426,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -8027,7 +8467,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaPublishMetrics" @@ -8062,7 +8503,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -8100,7 +8542,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -8138,7 +8581,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaRegexFilter" @@ -8173,7 +8617,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaRename" @@ -8208,7 +8653,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaRollupMetrics" @@ -8243,7 +8689,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaSampling" @@ -8278,7 +8725,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -8317,7 +8765,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -8355,7 +8804,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -8393,7 +8843,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -8432,7 +8883,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -8470,7 +8922,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaSidlookup" @@ -8505,7 +8958,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaSignalFilter" @@ -8540,7 +8994,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaSnmpTrapSerialize" @@ -8575,7 +9030,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -8613,7 +9069,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -8651,7 +9108,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -8691,7 +9149,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -8729,7 +9188,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: $ref: "#/components/schemas/FunctionConfSchemaTrimTimestamp" @@ -8764,7 +9224,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -8803,7 +9264,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -8842,7 +9304,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -8881,7 +9344,8 @@ components: type: boolean final: title: Final - description: If enabled, stops the results of this Function from being passed to the downstream Functions + description: If enabled, stops the results of this Function from being passed to + the downstream Functions type: boolean conf: allOf: @@ -9064,7 +9528,14 @@ components: connectionString: type: string title: Connection string - description: Enter your Azure storage account Connection String. If left blank, Cribl Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING. + description: Enter your Azure storage account Connection String. If left blank, + Cribl Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING. + __template_connectionString: + type: string + description: Binds 'connectionString' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'connectionString' at runtime. required: - connectionString AzureBlobAuthTypeSecret: @@ -9106,11 +9577,39 @@ components: endpointSuffix: type: string title: Endpoint suffix - description: The endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net. + description: The endpoint suffix for the service URL. Takes precedence over the + Azure Cloud setting. Defaults to core.windows.net. azureCloud: type: string title: Azure Cloud description: The Azure cloud to use. Defaults to Azure Public Cloud. + __template_storageAccountName: + type: string + description: Binds 'storageAccountName' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'storageAccountName' at runtime. + __template_tenantId: + type: string + description: Binds 'tenantId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'tenantId' at runtime. + __template_clientId: + type: string + description: Binds 'clientId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'clientId' at runtime. + __template_endpointSuffix: + type: string + description: Binds 'endpointSuffix' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpointSuffix' at + runtime. + __template_azureCloud: + type: string + description: Binds 'azureCloud' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'azureCloud' at runtime. required: - storageAccountName - tenantId @@ -9144,7 +9643,8 @@ components: endpointSuffix: type: string title: Endpoint suffix - description: The endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net. + description: The endpoint suffix for the service URL. Takes precedence over the + Azure Cloud setting. Defaults to core.windows.net. required: - storageAccountName - tenantId @@ -9159,7 +9659,8 @@ components: outputName: type: string title: Auto-populate from - description: An optional predefined Destination that will be used to auto-populate Collector settings + description: An optional predefined Destination that will be used to + auto-populate Collector settings authType: title: Authentication method type: string @@ -9168,17 +9669,22 @@ components: - secret - clientSecret - clientCert - description: Enter authentication data directly, or select a secret referencing your auth data + description: Enter authentication data directly, or select a secret referencing + your auth data x-speakeasy-unknown-values: allow containerName: type: string title: Container name minLength: 1 - description: Container to collect from. This value can be a constant, or a JavaScript expression that can only be evaluated at init time. Example referencing a Global Variable: myBucket-${C.vars.myVar} + description: Container to collect from. This value can be a constant, or a + JavaScript expression that can only be evaluated at init time. + Example referencing a Global Variable: myBucket-${C.vars.myVar} path: type: string title: Path - description: The directory from which to collect data. Templating is supported, such as myDir/${datacenter}/${host}/${app}/. Time-based tokens are supported, such as myOtherDir/${_time:%Y}/${_time:%m}/${_time:%d}/. + description: The directory from which to collect data. Templating is supported, + such as myDir/${datacenter}/${host}/${app}/. Time-based tokens are + supported, such as myOtherDir/${_time:%Y}/${_time:%m}/${_time:%d}/. minLength: 1 extractors: type: array @@ -9197,8 +9703,14 @@ components: expression: type: string title: Extractor Expression - description: "A JavaScript expression that accesses a corresponding  through the value variable and evaluates the token to populate event fields. Example: {date: new Date(+value*1000)}" - description: 'Extractors allow use of template tokens as context for expressions that enrich discovery results. For example, given a template /path/${epoch}, an extractor under key "epoch" with an expression {date: new Date(+value*1000)} will enrich discovery results with a human-readable "date" field.' + description: "A JavaScript expression that accesses a corresponding +  through the value variable and evaluates the token to + populate event fields. Example: {date: new Date(+value*1000)}" + description: 'Extractors allow use of template tokens as context for expressions + that enrich discovery results. For example, given a template + /path/${epoch}, an extractor under key "epoch" with an expression + {date: new Date(+value*1000)} will enrich discovery results with a + human-readable "date" field.' recurse: type: boolean title: Recursive @@ -9206,16 +9718,25 @@ components: includeMetadata: type: boolean title: Include metadata - description: "Include Azure Blob metadata in collected events. In each event, metadata will be located at: __collectible.metadata." + description: "Include Azure Blob metadata in collected events. In each event, + metadata will be located at: __collectible.metadata." includeTags: type: boolean title: Include tags - description: "Include Azure Blob tags in collected events. In each event, tags will be located at: __collectible.tags. Disable this feature when using a Shared Access Signature Connection String, to prevent errors." + description: "Include Azure Blob tags in collected events. In each event, tags + will be located at: __collectible.tags. Disable this feature when + using a Shared Access Signature Connection String, to prevent + errors." maxBatchSize: type: number title: Batch size limit - description: Maximum number of metadata objects to batch before recording as results + description: Maximum number of metadata objects to batch before recording as + results minimum: 1 + disableTimeFilter: + type: boolean + title: Disable time filter + description: Disable Collector event time filtering when a date range is specified parquetChunkSizeMB: type: number title: Parquet chunk size limit @@ -9225,29 +9746,90 @@ components: parquetChunkDownloadTimeout: type: number title: Parquet chunk download timeout (seconds) - description: The maximum time allowed for downloading a Parquet chunk. Processing will abort if a chunk cannot be downloaded within the time specified. + description: The maximum time allowed for downloading a Parquet chunk. + Processing will abort if a chunk cannot be downloaded within the + time specified. maximum: 3600 minimum: 1 connectionString: type: string title: Connection string - description: Enter your Azure storage account Connection String. If left blank, Cribl Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING. + description: Enter your Azure storage account Connection String. If left blank, + Cribl Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING. + __template_connectionString: + type: string + description: Binds 'connectionString' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'connectionString' at runtime. textSecret: type: string title: Connection string (text secret) description: Text secret + storageAccountName: + type: string + title: Storage account name + description: The name of your Azure storage account + __template_storageAccountName: + type: string + description: Binds 'storageAccountName' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'storageAccountName' at runtime. + tenantId: + type: string + title: Tenant ID + description: The service principal's tenant ID + __template_tenantId: + type: string + description: Binds 'tenantId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'tenantId' at runtime. + clientId: + type: string + title: Client ID + description: The service principal's client ID + __template_clientId: + type: string + description: Binds 'clientId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'clientId' at runtime. clientTextSecret: type: string title: Client secret (text secret) description: Text secret containing the client secret + endpointSuffix: + type: string + title: Endpoint suffix + description: The endpoint suffix for the service URL. Takes precedence over the + Azure Cloud setting. Defaults to core.windows.net. + __template_endpointSuffix: + type: string + description: Binds 'endpointSuffix' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpointSuffix' at + runtime. + azureCloud: + type: string + title: Azure Cloud + description: The Azure cloud to use. Defaults to Azure Public Cloud. + __template_azureCloud: + type: string + description: Binds 'azureCloud' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'azureCloud' at runtime. certificate: $ref: "#/components/schemas/CertificateTypeAzureBlobAuthTypeClientCert" __template_containerName: type: string - description: Binds 'containerName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'containerName' at runtime. + description: Binds 'containerName' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'containerName' at runtime. __template_path: type: string - description: Binds 'path' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'path' at runtime. + description: Binds 'path' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'path' at runtime. allOf: - oneOf: - $ref: "#/components/schemas/AzureBlobAuthTypeManual" @@ -9290,7 +9872,9 @@ components: description: Lake dataset to collect data from. __template_dataset: type: string - description: Binds 'dataset' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dataset' at runtime. + description: Binds 'dataset' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'dataset' at runtime. CollectorCriblLake: allOf: - $ref: "#/components/schemas/CollectorBase" @@ -9314,16 +9898,24 @@ components: connectionId: type: string title: Connection - description: Select an existing Connection, or go to Knowledge > Database Connections to add one + description: Select an existing Connection, or go to Knowledge > Database + Connections to add one query: type: string title: SQL Query - description: An expression that resolves to the query string for selecting data from the database. Has access to the special ${earliest} and ${latest} variables, which will resolve to the Collector run's start and end time. + description: An expression that resolves to the query string for selecting data + from the database. Has access to the special ${earliest} and + ${latest} variables, which will resolve to the Collector run's start + and end time. minLength: 1 queryValidationEnabled: type: boolean title: Validate Query - description: "Enforces a basic query validation that allows only a single 'select' statement. Disable for more complex queries or when using semicolons. Caution: Disabling query validation allows DDL and DML statements to be executed, which could be destructive to your database." + description: "Enforces a basic query validation that allows only a single + 'select' statement. Disable for more complex queries or when using + semicolons. Caution: Disabling query validation allows DDL and DML + statements to be executed, which could be destructive to your + database." defaultBreakers: $ref: "#/components/schemas/HiddenDefaultBreakersOptionsDatabaseCollectorConf" __scheduling: @@ -9335,10 +9927,13 @@ components: enabled: type: boolean title: Enabled - description: Enable tracking of collection progress between consecutive scheduled executions. + description: Enable tracking of collection progress between consecutive + scheduled executions. __template_query: type: string - description: Binds 'query' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'query' at runtime. + description: Binds 'query' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'query' at runtime. CollectorDatabase: allOf: - $ref: "#/components/schemas/CollectorBase" @@ -9361,11 +9956,15 @@ components: outputName: type: string title: Auto-populate from - description: Select a predefined configuration (a Destination) to auto-populate Collector settings + description: Select a predefined configuration (a Destination) to auto-populate + Collector settings path: type: string title: Directory - description: The directory from which to collect data. Templating is supported, such as /myDir/${datacenter}/${host}/${app}/. Time-based tokens are also supported, such as /myOtherDir/${_time:%Y}/${_time:%m}/${_time:%d}/. + description: The directory from which to collect data. Templating is supported, + such as /myDir/${datacenter}/${host}/${app}/. Time-based tokens are + also supported, such as + /myOtherDir/${_time:%Y}/${_time:%m}/${_time:%d}/. minLength: 1 extractors: type: array @@ -9384,8 +9983,14 @@ components: expression: type: string title: Extractor expression - description: 'JavaScript expression that receives token under "value" variable, and evaluates to populate event fields, such as {date: new Date(+value*1000)}' - description: 'Allows using template tokens as context for expressions that enrich discovery results. For example, given a template /path/${epoch}, an extractor under key "epoch" with an expression {date: new Date(+value*1000)}, will enrich discovery results with a human readable "date" field.' + description: 'JavaScript expression that receives token under "value" variable, + and evaluates to populate event fields, such as {date: new + Date(+value*1000)}' + description: 'Allows using template tokens as context for expressions that + enrich discovery results. For example, given a template + /path/${epoch}, an extractor under key "epoch" with an expression + {date: new Date(+value*1000)}, will enrich discovery results with a + human readable "date" field.' recurse: type: boolean title: Recursive @@ -9397,7 +10002,9 @@ components: minimum: 1 __template_path: type: string - description: Binds 'path' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'path' at runtime. + description: Binds 'path' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'path' at runtime. CollectorFilesystem: allOf: - $ref: "#/components/schemas/CollectorBase" @@ -9428,7 +10035,9 @@ components: serviceAccountCredentials: type: string title: Service account credentials - description: Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload button at this field's upper right. + description: Contents of Google Cloud service account credentials (JSON keys) + file. To upload a file, click the upload button at this field's + upper right. required: - serviceAccountCredentials GoogleCloudStorageAuthTypeSecret: @@ -9441,7 +10050,8 @@ components: textSecret: type: string title: Service account credentials (text secret) - description: Select or create a stored text secret that references your credentials + description: Select or create a stored text secret that references your + credentials required: - textSecret GoogleCloudStorageCollectorConf: @@ -9453,16 +10063,22 @@ components: outputName: type: string title: Auto-populate from - description: Name of the predefined Destination that will be used to auto-populate Collector settings + description: Name of the predefined Destination that will be used to + auto-populate Collector settings bucket: type: string title: Bucket name minLength: 1 - description: "Name of the bucket to collect from. This value can be a constant or a JavaScript expression that can only be evaluated at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`." + description: "Name of the bucket to collect from. This value can be a constant + or a JavaScript expression that can only be evaluated at init time. + Example referencing a Global Variable: `myBucket-${C.vars.myVar}`." path: type: string title: Path - description: The directory from which to collect data. Templating is supported, such as myDir/${datacenter}/${host}/${app}/. Time-based tokens are also supported, such as myOtherDir/${_time:%Y}/${_time:%m}/${_time:%d}/. + description: The directory from which to collect data. Templating is supported, + such as myDir/${datacenter}/${host}/${app}/. Time-based tokens are + also supported, such as + myOtherDir/${_time:%Y}/${_time:%m}/${_time:%d}/. minLength: 1 extractors: type: array @@ -9481,16 +10097,24 @@ components: expression: type: string title: Extractor Expression - description: 'JavaScript expression that receives token under "value" variable, and evaluates to populate event fields, such as {date: new Date(+value*1000)}' - description: 'Allows using template tokens as context for expressions that enrich discovery results. For example, given a template /path/${epoch}, an extractor under key "epoch" with an expression {date: new Date(+value*1000)}, will enrich discovery results with a human readable "date" field.' + description: 'JavaScript expression that receives token under "value" variable, + and evaluates to populate event fields, such as {date: new + Date(+value*1000)}' + description: 'Allows using template tokens as context for expressions that + enrich discovery results. For example, given a template + /path/${epoch}, an extractor under key "epoch" with an expression + {date: new Date(+value*1000)}, will enrich discovery results with a + human readable "date" field.' endpoint: type: string title: Endpoint - description: Google Cloud Storage service endpoint. If empty, the endpoint will default to https://storage.googleapis.com. + description: Google Cloud Storage service endpoint. If empty, the endpoint will + default to https://storage.googleapis.com. disableTimeFilter: type: boolean title: Disable time filter - description: Used to disable Collector event time filtering when a date range is specified + description: Used to disable Collector event time filtering when a date range is + specified recurse: type: boolean title: Recursive @@ -9498,7 +10122,8 @@ components: maxBatchSize: type: number title: Batch size limit (objects) - description: Maximum number of metadata objects to batch before recording as results + description: Maximum number of metadata objects to batch before recording as + results minimum: 1 authType: title: Authentication method @@ -9507,7 +10132,8 @@ components: - auto - manual - secret - description: Enter account credentials manually, select a secret that references your credentials, or use Google Application Default Credentials + description: Enter account credentials manually, select a secret that references + your credentials, or use Google Application Default Credentials x-speakeasy-unknown-values: allow parquetChunkSizeMB: type: number @@ -9518,26 +10144,37 @@ components: parquetChunkDownloadTimeout: type: number title: Parquet chunk download timeout (seconds) - description: The maximum time allowed for downloading a Parquet chunk. Processing will abort if a chunk cannot be downloaded within the time specified. + description: The maximum time allowed for downloading a Parquet chunk. + Processing will abort if a chunk cannot be downloaded within the + time specified. maximum: 3600 minimum: 1 serviceAccountCredentials: type: string title: Service account credentials - description: Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload button at this field's upper right. + description: Contents of Google Cloud service account credentials (JSON keys) + file. To upload a file, click the upload button at this field's + upper right. textSecret: type: string title: Service account credentials (text secret) - description: Select or create a stored text secret that references your credentials + description: Select or create a stored text secret that references your + credentials __template_bucket: type: string - description: Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime. + description: Binds 'bucket' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'bucket' at runtime. __template_path: type: string - description: Binds 'path' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'path' at runtime. + description: Binds 'path' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'path' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. allOf: - oneOf: - $ref: "#/components/schemas/GoogleCloudStorageAuthTypeAuto" @@ -9586,7 +10223,8 @@ components: value: title: Value type: string - description: JavaScript expression to compute the parameter value (can be a constant). + description: JavaScript expression to compute the parameter value (can be a + constant). HealthCheckCollectMethodPost: type: object properties: @@ -9610,7 +10248,9 @@ components: collectBody: type: string title: Health check POST Body - description: "Template for POST body to send with the health check request. You can reference parameters from the Discover response, using template params of the form: ${variable}." + description: "Template for POST body to send with the health check request. You + can reference parameters from the Discover response, using template + params of the form: ${variable}." HealthCheckAuthenticationNone: type: object properties: @@ -9633,6 +10273,16 @@ components: type: string title: Password description: Basic authentication password + __template_username: + type: string + description: Binds 'username' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'username' at runtime. + __template_password: + type: string + description: Binds 'password' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'password' at runtime. required: - username - password @@ -9673,21 +10323,49 @@ components: loginBody: type: string title: POST body - description: Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message + description: Template for POST body to send with login request, ${username} and + ${password} are used to specify location of these attributes in the + message tokenRespAttribute: type: string title: Token attribute - description: Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. + description: Path to token attribute in login response body. Nested attributes + are OK. Leave blank if the response content type is text/plain; the + entire response body will be used to derive the authorization + header. authHeaderExpr: type: string title: Authorize Expression - description: JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. + description: JavaScript expression to compute the Authorization header to pass + in discover and collect calls. The value ${token} is used to + reference the token obtained from login. authRequestHeaders: title: Authentication Headers description: Optional authentication request headers. type: array items: $ref: "#/components/schemas/AuthRequestHeaderConfHealthCheckAuthenticationLogin" + __template_loginUrl: + type: string + description: Binds 'loginUrl' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'loginUrl' at runtime. + __template_username: + type: string + description: Binds 'username' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'username' at runtime. + __template_password: + type: string + description: Binds 'password' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'password' at runtime. + __template_tokenRespAttribute: + type: string + description: Binds 'tokenRespAttribute' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'tokenRespAttribute' at runtime. required: - loginUrl - username @@ -9708,25 +10386,43 @@ components: credentialsSecret: type: string title: Credentials secret - description: Select or create a stored secret that references your login credentials + description: Select or create a stored secret that references your login + credentials loginBody: type: string title: POST body - description: Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message + description: Template for POST body to send with login request, ${username} and + ${password} are used to specify location of these attributes in the + message tokenRespAttribute: type: string title: Token attribute - description: Path to token attribute in login response body. Nested attributes are OK. If left blank, the entire response body will be used to derive the authorization header. + description: Path to token attribute in login response body. Nested attributes + are OK. If left blank, the entire response body will be used to + derive the authorization header. authHeaderExpr: type: string title: Authorize Expression - description: JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. + description: JavaScript expression to compute the Authorization header to pass + in discover and collect calls. The value ${token} is used to + reference the token obtained from login. authRequestHeaders: title: Authentication Headers description: Optional authentication request headers. type: array items: $ref: "#/components/schemas/AuthRequestHeaderConfHealthCheckAuthenticationLogin" + __template_loginUrl: + type: string + description: Binds 'loginUrl' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'loginUrl' at runtime. + __template_tokenRespAttribute: + type: string + description: Binds 'tokenRespAttribute' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'tokenRespAttribute' at runtime. required: - loginUrl - credentialsSecret @@ -9742,26 +10438,37 @@ components: loginUrl: type: string title: Login URL - description: URL to use for the OAuth API call. This call is expected to be a POST. + description: URL to use for the OAuth API call. This call is expected to be a + POST. tokenRespAttribute: type: string title: Token attribute - description: Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. + description: Path to token attribute in login response body. Nested attributes + are OK. Leave blank if the response content type is text/plain; the + entire response body will be used to derive the authorization + header. authHeaderExpr: type: string title: Authorize expression - description: JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. + description: JavaScript expression to compute the Authorization header to pass + in discover and collect calls. The value ${token} is used to + reference the token obtained from login. clientSecretParamName: type: string title: Client secret parameter - description: Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters. + description: Parameter name that contains client secret. Defaults to + 'client_secret', and is automatically added to request parameters. clientSecretParamValue: type: string title: Client secret value - description: Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters + description: Secret value to add to HTTP requests as the 'client secret' + parameter. Stored on disk encrypted, and is automatically added to + request parameters authRequestParams: title: Extra authentication parameters - description: OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. + description: OAuth request parameters added to the POST body. The Content-Type + header will automatically be set to + application/x-www-form-urlencoded. type: array items: $ref: "#/components/schemas/AuthRequestParamConfHealthCheckAuthenticationOauth" @@ -9771,6 +10478,17 @@ components: type: array items: $ref: "#/components/schemas/AuthRequestHeaderConfHealthCheckAuthenticationOauth" + __template_loginUrl: + type: string + description: Binds 'loginUrl' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'loginUrl' at runtime. + __template_tokenRespAttribute: + type: string + description: Binds 'tokenRespAttribute' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'tokenRespAttribute' at runtime. required: - loginUrl - clientSecretParamName @@ -9786,26 +10504,36 @@ components: loginUrl: type: string title: Login URL - description: URL to use for the OAuth API call. This call is expected to be a POST. + description: URL to use for the OAuth API call. This call is expected to be a + POST. tokenRespAttribute: type: string title: Token attribute - description: Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. + description: Path to token attribute in login response body. Nested attributes + are OK. Leave blank if the response content type is text/plain; the + entire response body will be used to derive the authorization + header. authHeaderExpr: type: string title: Authorize expression - description: JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. + description: JavaScript expression to compute the Authorization header to pass + in discover and collect calls. The value ${token} is used to + reference the token obtained from login. clientSecretParamName: type: string title: Client secret parameter - description: Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters. + description: Parameter name that contains client secret. Defaults to + 'client_secret', and is automatically added to request parameters. textSecret: type: string title: Client secret value (text secret) - description: Select or create a text secret that contains the client secret's value. + description: Select or create a text secret that contains the client secret's + value. authRequestParams: title: Extra authentication parameters - description: OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. + description: OAuth request parameters added to the POST body. The Content-Type + header will automatically be set to + application/x-www-form-urlencoded. type: array items: $ref: "#/components/schemas/AuthRequestParamConfHealthCheckAuthenticationOauth" @@ -9815,6 +10543,17 @@ components: type: array items: $ref: "#/components/schemas/AuthRequestHeaderConfHealthCheckAuthenticationOauth" + __template_loginUrl: + type: string + description: Binds 'loginUrl' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'loginUrl' at runtime. + __template_tokenRespAttribute: + type: string + description: Binds 'tokenRespAttribute' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'tokenRespAttribute' at runtime. required: - loginUrl - clientSecretParamName @@ -9867,9 +10606,11 @@ components: discoverUrl: type: string title: Discover URL - description: Expression to derive URL to use for the Discover operation (can be a constant). + description: Expression to derive URL to use for the Discover operation (can be + a constant). discoverMethod: - $ref: "#/components/schemas/DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHttp" + $ref: "#/components/schemas/DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTy\ + peHttp" discoverRequestHeaders: title: Discover Headers description: Optional discover request headers. @@ -9879,21 +10620,39 @@ components: discoverDataField: type: string title: Discover Data Field - description: "Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array." + description: "Path to field in the response object which contains discover + results (e.g.: level1.name), leave blank if the result is an array." + __template_discoverUrl: + type: string + description: Binds 'discoverUrl' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'discoverUrl' at runtime. + __template_discoverDataField: + type: string + description: Binds 'discoverDataField' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'discoverDataField' at runtime. required: - discoverUrl - discoverMethod allOf: - oneOf: - - $ref: "#/components/schemas/HealthCheckDiscoveryDiscoverTypeHttpDiscoverMethodGet" - - $ref: "#/components/schemas/HealthCheckDiscoveryDiscoverTypeHttpDiscoverMethodPost" - - $ref: "#/components/schemas/HealthCheckDiscoveryDiscoverTypeHttpDiscoverMethodPostWithBody" + - $ref: "#/components/schemas/HealthCheckDiscoveryDiscoverTypeHttpDiscoverMethodG\ + et" + - $ref: "#/components/schemas/HealthCheckDiscoveryDiscoverTypeHttpDiscoverMethodP\ + ost" + - $ref: "#/components/schemas/HealthCheckDiscoveryDiscoverTypeHttpDiscoverMethodP\ + ostWithBody" discriminator: propertyName: discoverMethod mapping: - get: "#/components/schemas/HealthCheckDiscoveryDiscoverTypeHttpDiscoverMethodGet" - post: "#/components/schemas/HealthCheckDiscoveryDiscoverTypeHttpDiscoverMethodPost" - post_with_body: "#/components/schemas/HealthCheckDiscoveryDiscoverTypeHttpDiscoverMethodPostWithBody" + get: "#/components/schemas/HealthCheckDiscoveryDiscoverTypeHttpDiscoverMethodGe\ + t" + post: "#/components/schemas/HealthCheckDiscoveryDiscoverTypeHttpDiscoverMethodP\ + ost" + post_with_body: "#/components/schemas/HealthCheckDiscoveryDiscoverTypeHttpDisco\ + verMethodPostWithBody" HealthCheckDiscoveryDiscoverTypeJson: type: object properties: @@ -9904,11 +10663,15 @@ components: manualDiscoverResult: type: string title: Discover result - description: Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. + description: Allows hard-coding the Discover result. Must be a JSON object. + Works with the Discover Data field. discoverDataField: type: string title: Discover data field - description: "Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }" + description: "Within the response JSON, name of the field or array element to + pull results from. Leave blank if the result is an array of values. + Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] + }" required: - manualDiscoverResult HealthCheckDiscoveryDiscoverTypeList: @@ -9921,7 +10684,9 @@ components: itemList: type: array title: Discover items - description: Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. + description: Comma-separated list of items to return from the Discover task. + Each item returned will generate a collect task, and can be + referenced using `${id}` in the collect URL, headers, or parameters. minItems: 1 items: type: string @@ -9953,7 +10718,8 @@ components: interval: type: number title: Wait (ms) - description: Time interval between retries. Maximum allowed value is 20,000 ms (1/3 minute). + description: Time interval between retries. Maximum allowed value is 20,000 ms + (1/3 minute). minimum: 0 maximum: 20000 limit: @@ -9965,7 +10731,8 @@ components: codes: type: array title: Retry HTTP codes - description: List of HTTP codes that trigger a retry. Leave empty to use the default list of 429 and 503. + description: List of HTTP codes that trigger a retry. Leave empty to use the + default list of 429 and 503. minItems: 1 items: type: number @@ -9973,7 +10740,10 @@ components: enableHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) or a timestamp after which to retry the request. The delay is limited to 20 seconds, even if the Retry-After header specifies a longer delay. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) or + a timestamp after which to retry the request. The delay is limited + to 20 seconds, even if the Retry-After header specifies a longer + delay. When disabled, all Retry-After headers are ignored. HealthCheckRetryRulesTypeBackoff: type: object properties: @@ -9984,7 +10754,8 @@ components: interval: type: number title: Initial retry interval (ms) - description: Time interval between failed request and first retry (kickoff). Maximum allowed value is 20,000 ms (1/3 minute). + description: Time interval between failed request and first retry (kickoff). + Maximum allowed value is 20,000 ms (1/3 minute). minimum: 0 maximum: 20000 limit: @@ -9996,13 +10767,15 @@ components: multiplier: type: number title: Backoff multiplier - description: Base for exponential backoff, e.g., base 2 means that retries will occur after 2, then 4, then 8 seconds, and so on + description: Base for exponential backoff, e.g., base 2 means that retries will + occur after 2, then 4, then 8 seconds, and so on minimum: 1 maximum: 20 codes: type: array title: Retry HTTP codes - description: List of HTTP codes that trigger a retry. Leave empty to use the default list of 429 and 503. + description: List of HTTP codes that trigger a retry. Leave empty to use the + default list of 429 and 503. minItems: 1 items: type: number @@ -10010,7 +10783,10 @@ components: enableHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) or a timestamp after which to retry the request. The delay is limited to 20 seconds, even if the Retry-After header specifies a longer delay. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) or + a timestamp after which to retry the request. The delay is limited + to 20 seconds, even if the Retry-After header specifies a longer + delay. When disabled, all Retry-After headers are ignored. HealthCheckCollectorConf: type: object title: "" @@ -10027,7 +10803,12 @@ components: discoverType: type: string title: Discover Type - description: Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. + description: Defines how task discovery will be performed. Use None to skip the + discovery. Use HTTP Request to make a REST call to discover + tasks. Use Item List to enumerate items for collect to retrieve. + Use JSON Response to manually define discover tasks as a JSON + array of objects. Each entry returned by the discover operation + will result in a collect task. enum: - http - json @@ -10042,23 +10823,47 @@ components: discoverUrl: type: string title: Discover URL - description: Expression to derive URL to use for the Discover operation (can be a constant). + description: Expression to derive URL to use for the Discover operation (can be + a constant). + __template_discoverUrl: + type: string + description: Binds 'discoverUrl' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'discoverUrl' at + runtime. discoverMethod: - $ref: "#/components/schemas/DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHttp" + $ref: "#/components/schemas/DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTy\ + peHttp" discoverRequestHeaders: title: Discover Headers description: Optional discover request headers. type: array items: $ref: "#/components/schemas/AuthRequestHeaderConfHealthCheckAuthenticationLogin" + discoverDataField: + type: string + title: Discover Data Field + description: "Path to field in the response object which contains discover + results (e.g.: level1.name), leave blank if the result is an + array." + __template_discoverDataField: + type: string + description: Binds 'discoverDataField' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'discoverDataField' at runtime. manualDiscoverResult: type: string title: Discover result - description: Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. + description: Allows hard-coding the Discover result. Must be a JSON object. + Works with the Discover Data field. itemList: type: array title: Discover items - description: Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. + description: Comma-separated list of items to return from the Discover task. + Each item returned will generate a collect task, and can be + referenced using `${id}` in the collect URL, headers, or + parameters. minItems: 1 items: type: string @@ -10080,7 +10885,8 @@ components: collectUrl: type: string title: Health check URL - description: Expression to derive URL to use for the health check operation (can be a constant). + description: Expression to derive URL to use for the health check operation (can + be a constant). collectMethod: type: string title: Health check method @@ -10111,7 +10917,8 @@ components: value: type: string title: Value - description: JavaScript expression to compute the header value (can be a constant). + description: JavaScript expression to compute the header value (can be a + constant). authenticateCollect: type: boolean title: Authenticate health check @@ -10119,7 +10926,9 @@ components: authentication: type: string title: Authentication - description: Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers. + description: Authentication method for Discover and Collect REST calls. You can + specify API Key–based authentication by adding the appropriate + Collect headers. enum: - none - basic @@ -10138,7 +10947,8 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Whether to reject certificates that cannot be verified against a valid CA (e.g., self-signed certificates). + description: Whether to reject certificates that cannot be verified against a + valid CA (e.g., self-signed certificates). defaultBreakers: $ref: "#/components/schemas/HiddenDefaultBreakersOptionsDatabaseCollectorConf" safeHeaders: @@ -10165,17 +10975,97 @@ components: none: "#/components/schemas/HealthCheckRetryRulesTypeNone" static: "#/components/schemas/HealthCheckRetryRulesTypeStatic" backoff: "#/components/schemas/HealthCheckRetryRulesTypeBackoff" + username: + type: string + title: Username + description: Basic authentication username + __template_username: + type: string + description: Binds 'username' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'username' at runtime. + password: + type: string + title: Password + description: Basic authentication password + __template_password: + type: string + description: Binds 'password' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'password' at runtime. + credentialsSecret: + type: string + title: Credentials secret + description: Select or create a stored secret that references your credentials + loginUrl: + type: string + title: Login URL + description: URL to use for login API call. This call is expected to be a POST. + __template_loginUrl: + type: string + description: Binds 'loginUrl' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'loginUrl' at runtime. + loginBody: + type: string + title: POST body + description: Template for POST body to send with login request, ${username} and + ${password} are used to specify location of these attributes in the + message + tokenRespAttribute: + type: string + title: Token attribute + description: Path to token attribute in login response body. Nested attributes + are OK. Leave blank if the response content type is text/plain; the + entire response body will be used to derive the authorization + header. + __template_tokenRespAttribute: + type: string + description: Binds 'tokenRespAttribute' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'tokenRespAttribute' at runtime. + authHeaderExpr: + type: string + title: Authorize Expression + description: JavaScript expression to compute the Authorization header to pass + in discover and collect calls. The value ${token} is used to + reference the token obtained from login. + authRequestHeaders: + title: Authentication Headers + description: Optional authentication request headers. + type: array + items: + $ref: "#/components/schemas/AuthRequestHeaderConfHealthCheckAuthenticationLogin" + clientSecretParamName: + type: string + title: Client secret parameter + description: Parameter name that contains client secret. Defaults to + 'client_secret', and is automatically added to request parameters. clientSecretParamValue: type: string title: Client secret value - description: Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters + description: Secret value to add to HTTP requests as the 'client secret' + parameter. Stored on disk encrypted, and is automatically added to + request parameters + authRequestParams: + title: Extra authentication parameters + description: OAuth request parameters added to the POST body. The Content-Type + header will automatically be set to + application/x-www-form-urlencoded. + type: array + items: + $ref: "#/components/schemas/AuthRequestParamConfHealthCheckAuthenticationOauth" textSecret: type: string title: Client secret value (text secret) - description: Select or create a text secret that contains the client secret's value. + description: Select or create a text secret that contains the client secret's + value. __template_collectUrl: type: string - description: Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. + description: Binds 'collectUrl' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'collectUrl' at runtime. allOf: - oneOf: - $ref: "#/components/schemas/HealthCheckCollectMethodGet" @@ -10252,7 +11142,10 @@ components: collectBody: type: string title: Collect POST body - description: "Template for POST body to send with the Collect request. Reference global variables, functions, or parameters from the Discover response using template params: `${C.vars.myVar}`, or `${Date.now()}`, `${param}`" + description: "Template for POST body to send with the Collect request. Reference + global variables, functions, or parameters from the Discover + response using template params: `${C.vars.myVar}`, or + `${Date.now()}`, `${param}`" required: - collectBody RestCollectMethodOther: @@ -10269,7 +11162,10 @@ components: collectBody: type: string title: Collect body - description: "Template for body to send with the Collect request. Reference global variables, functions, or parameters from the Discover response using template parameters: `${C.vars.myVar}`, or `${Date.now()}`, `${param}`" + description: "Template for body to send with the Collect request. Reference + global variables, functions, or parameters from the Discover + response using template parameters: `${C.vars.myVar}`, or + `${Date.now()}`, `${param}`" collectRequestParams: title: Collect parameters type: array @@ -10335,19 +11231,27 @@ components: loginBody: type: string title: POST body - description: Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =. + description: Template for POST body to send with login request. ${username} and + ${password} are used to specify location of these attributes in the + message. For x-www-form-urlencoded bodies, wrap values with + ${C.Encode.uri(password)} to preserve special characters like +, &, + and =. getAuthTokenFromHeader: type: boolean title: Get auth token from header - description: Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response + description: Extract the auth token from the HTTP 'Authorization' response + header instead of the standard JSON body of the login response authHeaderKey: type: string title: Authorization header - description: Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'. + description: Authorization header key to pass in Discover and Collect calls. + Defaults to the literal name 'Authorization'. authHeaderExpr: type: string title: Authorize expression - description: JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login. + description: JavaScript expression used to compute the Authorization header to + pass in Discover and Collect calls. The value ${token} is used to + reference the token obtained from login. authRequestHeaders: title: Authentication headers type: array @@ -10356,7 +11260,25 @@ components: tokenRespAttribute: type: string title: Token attribute - description: Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. + description: Path to token attribute in login response body. Nested attributes + are OK. Leave blank if the response content type is text/plain; the + entire response body will be used to derive the authorization + header. + __template_loginUrl: + type: string + description: Binds 'loginUrl' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'loginUrl' at runtime. + __template_username: + type: string + description: Binds 'username' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'username' at runtime. + __template_password: + type: string + description: Binds 'password' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'password' at runtime. required: - loginUrl - username @@ -10377,23 +11299,32 @@ components: credentialsSecret: type: string title: Credentials secret - description: Select or create a stored secret that references your login credentials + description: Select or create a stored secret that references your login + credentials loginBody: type: string title: POST body - description: Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =. + description: Template for POST body to send with login request. ${username} and + ${password} are used to specify location of these attributes in the + message. For x-www-form-urlencoded bodies, wrap values with + ${C.Encode.uri(password)} to preserve special characters like +, &, + and =. getAuthTokenFromHeader: type: boolean title: Get auth token from header - description: Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response + description: Extract the auth token from the HTTP 'Authorization' response + header instead of the standard JSON body of the login response authHeaderKey: type: string title: Authorization header - description: Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'. + description: Authorization header key to pass in Discover and Collect calls. + Defaults to the literal name 'Authorization'. authHeaderExpr: type: string title: Authorize expression - description: JavaScript expression to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login. + description: JavaScript expression to compute the Authorization header to pass + in Discover and Collect calls. The value ${token} is used to + reference the token obtained from login. authRequestHeaders: title: Authentication headers type: array @@ -10402,7 +11333,10 @@ components: tokenRespAttribute: type: string title: Token attribute - description: Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. + description: Path to token attribute in login response body. Nested attributes + are OK. Leave blank if the response content type is text/plain; the + entire response body will be used to derive the authorization + header. required: - loginUrl - credentialsSecret @@ -10418,30 +11352,42 @@ components: loginUrl: type: string title: Login URL - description: URL to use for the OAuth API call. This call is expected to be a POST. + description: URL to use for the OAuth API call. This call is expected to be a + POST. tokenRespAttribute: type: string title: Token attribute - description: Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. + description: Path to token attribute in login response body. Nested attributes + are OK. Leave blank if the response content type is text/plain; the + entire response body will be used to derive the authorization + header. authHeaderKey: type: string title: Authorization header - description: Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'. + description: Authorization header key to pass in Discover and Collect calls. + Defaults to the literal name 'Authorization'. authHeaderExpr: type: string title: Authorize expression - description: JavaScript expression to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login. + description: JavaScript expression to compute the Authorization header to pass + in Discover and Collect calls. The value ${token} is used to + reference the token obtained from login. clientSecretParamName: type: string title: Client secret parameter - description: Defaults to 'client_secret'. Automatically added to request parameters using the value specified. + description: Defaults to 'client_secret'. Automatically added to request + parameters using the value specified. clientSecretParamValue: type: string title: Client secret value - description: Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. + description: Secret value to add to HTTP requests as the 'client secret' + parameter. Value is stored encrypted on disk and automatically added + to request parameters. authRequestParams: title: Extra authentication parameters - description: OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. + description: OAuth request parameters added to the POST body. The Content-Type + header will automatically be set to + application/x-www-form-urlencoded. type: array items: $ref: "#/components/schemas/CollectRequestParamConfRestCollectMethodGet" @@ -10450,6 +11396,17 @@ components: type: array items: $ref: "#/components/schemas/CollectRequestParamConfRestCollectMethodGet" + __template_loginUrl: + type: string + description: Binds 'loginUrl' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'loginUrl' at runtime. + __template_clientSecretParamValue: + type: string + description: Binds 'clientSecretParamValue' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'clientSecretParamValue' at runtime. required: - loginUrl - clientSecretParamName @@ -10465,30 +11422,41 @@ components: loginUrl: type: string title: Login URL - description: URL to use for the OAuth API call. This call is expected to be a POST. + description: URL to use for the OAuth API call. This call is expected to be a + POST. tokenRespAttribute: type: string title: Token attribute - description: Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. + description: Path to token attribute in login response body. Nested attributes + are OK. Leave blank if the response content type is text/plain; the + entire response body will be used to derive the authorization + header. authHeaderKey: type: string title: Authorization header - description: Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'. + description: Authorization header key to pass in Discover and Collect calls. + Defaults to the literal name 'Authorization'. authHeaderExpr: type: string title: Authorize expression - description: JavaScript expression to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login. + description: JavaScript expression to compute the Authorization header to pass + in Discover and Collect calls. The value ${token} is used to + reference the token obtained from login. clientSecretParamName: type: string title: Client secret parameter - description: Defaults to 'client_secret'. Automatically added to request parameters using the value specified. + description: Defaults to 'client_secret'. Automatically added to request + parameters using the value specified. textSecret: type: string title: Client secret value (text secret) - description: Select or create a text secret that contains the client secret's value + description: Select or create a text secret that contains the client secret's + value authRequestParams: title: Extra authentication parameters - description: OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. + description: OAuth request parameters added to the POST body. The Content-Type + header will automatically be set to + application/x-www-form-urlencoded. type: array items: $ref: "#/components/schemas/CollectRequestParamConfRestCollectMethodGet" @@ -10512,7 +11480,9 @@ components: scopes: type: array title: Scopes - description: Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information. + description: Scopes to use during authentication. See [Google's + docs](https://developers.google.com/identity/protocols/oauth2/scopes) + for more information. minItems: 1 items: type: string @@ -10520,12 +11490,26 @@ components: serviceAccountCredentials: type: string title: Service account credentials - description: Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. + description: Contents of Google Cloud service account credentials (JSON keys) + file. To upload a file, click the upload icon in this field's upper + right. minLength: 1 subject: type: string title: Impersonated account's email address - description: Email address of a user account with Super Admin permissions to the resources the collector will retrieve + description: Email address of a user account with Super Admin permissions to the + resources the collector will retrieve + __template_serviceAccountCredentials: + type: string + description: Binds 'serviceAccountCredentials' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'serviceAccountCredentials' at runtime. + __template_subject: + type: string + description: Binds 'subject' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'subject' at runtime. required: - scopes - serviceAccountCredentials @@ -10540,7 +11524,9 @@ components: scopes: type: array title: Scopes - description: Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information. + description: Scopes to use during authentication. See [Google's + docs](https://developers.google.com/identity/protocols/oauth2/scopes) + for more information. minItems: 1 items: type: string @@ -10548,11 +11534,18 @@ components: textSecret: type: string title: Service account credentials (text secret) - description: Select or create a text secret that contains the Google service account credentials value + description: Select or create a text secret that contains the Google service + account credentials value subject: type: string title: Impersonated account's email address - description: Email address of a user account with Super Admin permissions to the resources the collector will retrieve + description: Email address of a user account with Super Admin permissions to the + resources the collector will retrieve + __template_subject: + type: string + description: Binds 'subject' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'subject' at runtime. required: - scopes - textSecret @@ -10589,18 +11582,22 @@ components: - array - string title: Response attributes - description: Names of attributes within the response that contain next-page information + description: Names of attributes within the response that contain next-page + information items: type: string maxPages: type: number title: Page limit - description: Maximum number of pages to retrieve for the discover task. Defaults to 50 pages. Set to 0 to retrieve all pages. + description: Maximum number of pages to retrieve for the discover task. Defaults + to 50 pages. Set to 0 to retrieve all pages. minimum: 0 lastPageExpr: type: string title: Last-page expression - description: JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section. + description: JavaScript expression used to determine when the last page has been + reached. The values tested by this expression must be in the + Response attributes section. required: - attribute - maxPages @@ -10616,13 +11613,15 @@ components: - array - string title: Response attributes - description: Names of attributes within the response that contain next-page information + description: Names of attributes within the response that contain next-page + information items: type: string maxPages: type: number title: Page limit - description: Maximum number of pages to retrieve for the discover task. Defaults to 50 pages. Set to 0 to retrieve all pages. + description: Maximum number of pages to retrieve for the discover task. Defaults + to 50 pages. Set to 0 to retrieve all pages. minimum: 0 required: - attribute @@ -10637,15 +11636,20 @@ components: nextRelationAttribute: type: string title: Next page relation name - description: 'Relation name used in the link header that refers to the next page in the result set. Example: rel="next" refers to the next page of results: ; rel="next"' + description: 'Relation name used in the link header that refers to the next page + in the result set. Example: rel="next" refers to the next page of + results: ; rel="next"' curRelationAttribute: type: string title: Current page relation name - description: 'Relation name used in the link header that refers to the current result set. Example: rel="self" refers to the current page of results: ; rel="self" ' + description: 'Relation name used in the link header that refers to the current + result set. Example: rel="self" refers to the current page of + results: ; rel="self" ' maxPages: type: number title: Page limit - description: Maximum number of pages to retrieve for the discover task. Defaults to 50 pages. Set to 0 to retrieve all pages. + description: Maximum number of pages to retrieve for the discover task. Defaults + to 50 pages. Set to 0 to retrieve all pages. minimum: 0 required: - nextRelationAttribute @@ -10660,15 +11664,19 @@ components: offsetField: type: string title: Offset field name - description: "Query string parameter that sets the index from which to begin returning records. Example: /api/v1/query?term=cribl&limit=100&offset=0" + description: "Query string parameter that sets the index from which to begin + returning records. Example: + /api/v1/query?term=cribl&limit=100&offset=0" offset: type: number title: Starting offset - description: Offset index from which to start request. Defaults to undefined, which will start discovery from the first record. + description: Offset index from which to start request. Defaults to undefined, + which will start discovery from the first record. limitField: type: string title: Limit field name - description: "Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0" + description: "Query string parameter that sets the number of records retrieved + per request. Example: /api/v1/query?term=cribl&limit=100&offset=0" limit: type: number title: Record limit @@ -10677,16 +11685,19 @@ components: totalRecordField: type: string title: Total record count field name - description: Name of the attribute in the response that contains the total number of records for the query + description: Name of the attribute in the response that contains the total + number of records for the query maxPages: type: number title: Page limit - description: Maximum number of pages to retrieve for the discover task. Defaults to 50 pages. Set to 0 to retrieve all pages. + description: Maximum number of pages to retrieve for the discover task. Defaults + to 50 pages. Set to 0 to retrieve all pages. minimum: 0 zeroIndexed: type: boolean title: Zero-based index - description: Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. + description: Enable to indicate that the first page in the requested data is at + index 0. Disabled by default, which indicates index 1. required: - maxPages - zeroIndexed @@ -10703,15 +11714,19 @@ components: pageField: type: string title: Page number field name - description: "Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0" + description: "Query string parameter that sets the page index to be returned. + Example: /api/v1/query?term=cribl&page_size=100&page_number=0" page: type: number title: Starting page number - description: Page number from which to start request. Defaults to undefined, which will start discovery from the first page. + description: Page number from which to start request. Defaults to undefined, + which will start discovery from the first page. sizeField: type: string title: Page size field name - description: "Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0" + description: "Query string parameter that sets the number of records retrieved + per request. Example: + /api/v1/query?term=cribl&page_size=100&page_number=0" size: type: number title: Record limit @@ -10720,20 +11735,24 @@ components: totalPageField: type: string title: Total page count field name - description: Name of the attribute in the response that contains the total number of pages for the query + description: Name of the attribute in the response that contains the total + number of pages for the query totalRecordField: type: string title: Total record count field name - description: Name of the attribute in the response that contains the total number of records for the query + description: Name of the attribute in the response that contains the total + number of records for the query maxPages: type: number title: Page limit - description: Maximum number of pages to retrieve for the discover task. Defaults to 50 pages. Set to 0 to retrieve all pages. + description: Maximum number of pages to retrieve for the discover task. Defaults + to 50 pages. Set to 0 to retrieve all pages. minimum: 0 zeroIndexed: type: boolean title: Zero-based index - description: Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. + description: Enable to indicate that the first page in the requested data is at + index 0. Disabled by default, which indicates index 1. required: - maxPages - zeroIndexed @@ -10774,7 +11793,10 @@ components: discoverBody: type: string title: Discover POST body - description: "Template for POST body to send with the discover request. To reference global variables or functions, use template parameters: `{ myVar: ${C.vars.myVar}, secret: ${C.Secret('mySecret','text').value} }`" + description: "Template for POST body to send with the discover request. To + reference global variables or functions, use template parameters: `{ + myVar: ${C.vars.myVar}, secret: ${C.Secret('mySecret','text').value} + }`" required: - discoverBody RestDiscoveryDiscoverTypeHttpDiscoverMethodOther: @@ -10809,7 +11831,8 @@ components: discoverUrl: type: string title: Discover URL - description: URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. + description: URL to use for the Discover operation. Can be a constant URL, or a + JavaScript expression to derive the URL. discoverMethod: $ref: "#/components/schemas/DiscoverMethodOptionsRestDiscoveryDiscoverTypeHttp" discoverRequestHeaders: @@ -10822,22 +11845,37 @@ components: discoverDataField: type: string title: Discover data field - description: "Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array." + description: "Path to field in the response object that contains discovery + results (ex: level1.name). Leave blank if the result is an array." enableStrictDiscoverParsing: type: boolean title: Strict discover response parsing - description: Explicitly set the discover response format. When disabled, best effort parsing is used. + description: Explicitly set the discover response format. When disabled, best + effort parsing is used. discoverResponseFormat: type: string title: Discover response format - description: If 'Strict discover response parsing' parsing is enabled, provide the response format + description: If 'Strict discover response parsing' parsing is enabled, provide + the response format enableDiscoverCode: type: boolean title: Format discover result with custom code formatResultCode: type: string title: Format discover result - description: "Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code." + description: "Custom JavaScript code to format the discover result through the + __e variable which is a JSON object or array containing the original + discover results. The object or array passed should be manipulated + to contain the desired discover results, i.e.: __e['myResult'] = + [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, + zip: 22222}] or ['11111','22222']. Caution: This function is + evaluated in an unprotected context, allowing you to execute almost + any JavaScript code." + __template_discoverUrl: + type: string + description: Binds 'discoverUrl' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'discoverUrl' at runtime. required: - discoverUrl - discoverMethod @@ -10845,14 +11883,16 @@ components: - oneOf: - $ref: "#/components/schemas/RestDiscoveryDiscoverTypeHttpDiscoverMethodGet" - $ref: "#/components/schemas/RestDiscoveryDiscoverTypeHttpDiscoverMethodPost" - - $ref: "#/components/schemas/RestDiscoveryDiscoverTypeHttpDiscoverMethodPostWithBody" + - $ref: "#/components/schemas/RestDiscoveryDiscoverTypeHttpDiscoverMethodPostWith\ + Body" - $ref: "#/components/schemas/RestDiscoveryDiscoverTypeHttpDiscoverMethodOther" discriminator: propertyName: discoverMethod mapping: get: "#/components/schemas/RestDiscoveryDiscoverTypeHttpDiscoverMethodGet" post: "#/components/schemas/RestDiscoveryDiscoverTypeHttpDiscoverMethodPost" - post_with_body: "#/components/schemas/RestDiscoveryDiscoverTypeHttpDiscoverMethodPostWithBody" + post_with_body: "#/components/schemas/RestDiscoveryDiscoverTypeHttpDiscoverMeth\ + odPostWithBody" other: "#/components/schemas/RestDiscoveryDiscoverTypeHttpDiscoverMethodOther" RestDiscoveryDiscoverTypeJson: type: object @@ -10864,11 +11904,15 @@ components: manualDiscoverResult: type: string title: Discover result - description: Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. + description: Allows hard-coding the Discover result. Must be a JSON object or + array. Works with Discover data field. discoverDataField: type: string title: Discover data field - description: "Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }" + description: "Within the response JSON, the name of the field to pull results + from, typically a JSON array. Leave blank if the result itself is an + array of values. Sample entry: items, json: { items: [{id: + 'first'},{id: 'second'}] }" required: - manualDiscoverResult RestDiscoveryDiscoverTypeList: @@ -10881,7 +11925,9 @@ components: itemList: type: array title: Discover items - description: Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. + description: Comma-separated list of items to return from the Discover task. + Each item returned generates a Collect task and can be referenced + using `${id}` in the Collect URL, headers, or parameters. minItems: 1 items: type: string @@ -10915,18 +11961,22 @@ components: - array - string title: Response attributes - description: Names of attributes within the response that contain next-page information + description: Names of attributes within the response that contain next-page + information items: type: string maxPages: type: number title: Page limit - description: Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages. + description: Maximum number of pages to retrieve per collection task. Defaults + to 50 pages. Set to 0 to retrieve all pages. minimum: 0 lastPageExpr: type: string title: Last-page expression - description: JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section. + description: JavaScript expression used to determine when the last page has been + reached. The values tested by this expression must be in the + Response attributes section. required: - attribute - maxPages @@ -10942,13 +11992,15 @@ components: - array - string title: Response attributes - description: Names of attributes within the response that contain next-page information + description: Names of attributes within the response that contain next-page + information items: type: string maxPages: type: number title: Page limit - description: Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages. + description: Maximum number of pages to retrieve per collection task. Defaults + to 50 pages. Set to 0 to retrieve all pages. minimum: 0 required: - attribute @@ -10963,15 +12015,20 @@ components: nextRelationAttribute: type: string title: Next page relation name - description: 'Relation name used in the link header that refers to the next page in the result set. Example: rel="next" refers to the next page of results: ; rel="next"' + description: 'Relation name used in the link header that refers to the next page + in the result set. Example: rel="next" refers to the next page of + results: ; rel="next"' curRelationAttribute: type: string title: Current page relation name - description: 'Relation name used in the link header that refers to the current result set. Example: rel="self" refers to the current page of results: ; rel="self" ' + description: 'Relation name used in the link header that refers to the current + result set. Example: rel="self" refers to the current page of + results: ; rel="self" ' maxPages: type: number title: Page limit - description: Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages. + description: Maximum number of pages to retrieve per collection task. Defaults + to 50 pages. Set to 0 to retrieve all pages. minimum: 0 required: - nextRelationAttribute @@ -10986,15 +12043,19 @@ components: offsetField: type: string title: Offset field name - description: "Query string parameter that sets the index from which to begin returning records. Example: /api/v1/query?term=cribl&limit=100&offset=0" + description: "Query string parameter that sets the index from which to begin + returning records. Example: + /api/v1/query?term=cribl&limit=100&offset=0" offset: type: number title: Starting offset - description: Offset index from which to start request. Defaults to undefined, which will start collection from the first record. + description: Offset index from which to start request. Defaults to undefined, + which will start collection from the first record. limitField: type: string title: Limit field name - description: "Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0" + description: "Query string parameter that sets the number of records retrieved + per request. Example: /api/v1/query?term=cribl&limit=100&offset=0" limit: type: number title: Record limit @@ -11003,16 +12064,19 @@ components: totalRecordField: type: string title: Total record count field name - description: Name of the attribute in the response that contains the total number of records for the query + description: Name of the attribute in the response that contains the total + number of records for the query maxPages: type: number title: Page limit - description: Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages. + description: Maximum number of pages to retrieve per collection task. Defaults + to 50 pages. Set to 0 to retrieve all pages. minimum: 0 zeroIndexed: type: boolean title: Zero-based index - description: Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. + description: Enable to indicate that the first page in the requested data is at + index 0. Disabled by default, which indicates index 1. required: - maxPages - zeroIndexed @@ -11029,15 +12093,19 @@ components: pageField: type: string title: Page number field name - description: "Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0" + description: "Query string parameter that sets the page index to be returned. + Example: /api/v1/query?term=cribl&page_size=100&page_number=0" page: type: number title: Starting page number - description: Page number from which to start request. Defaults to undefined, which will start collection from the first page. + description: Page number from which to start request. Defaults to undefined, + which will start collection from the first page. sizeField: type: string title: Page size field name - description: "Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0" + description: "Query string parameter that sets the number of records retrieved + per request. Example: + /api/v1/query?term=cribl&page_size=100&page_number=0" size: type: number title: Record limit @@ -11046,20 +12114,24 @@ components: totalPageField: type: string title: Total page count field name - description: Name of the attribute in the response that contains the total number of pages for the query + description: Name of the attribute in the response that contains the total + number of pages for the query totalRecordField: type: string title: Total record count field name - description: Name of the attribute in the response that contains the total number of records for the query + description: Name of the attribute in the response that contains the total + number of records for the query maxPages: type: number title: Page limit - description: Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages. + description: Maximum number of pages to retrieve per collection task. Defaults + to 50 pages. Set to 0 to retrieve all pages. minimum: 0 zeroIndexed: type: boolean title: Zero-based index - description: Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. + description: Enable to indicate that the first page in the requested data is at + index 0. Disabled by default, which indicates index 1. required: - maxPages - zeroIndexed @@ -11083,7 +12155,8 @@ components: interval: type: number title: Wait (ms) - description: Time interval between retries. Maximum allowed value is 20,000 ms (1/3 minute). + description: Time interval between retries. Maximum allowed value is 20,000 ms + (1/3 minute). minimum: 0 maximum: 20000 limit: @@ -11095,7 +12168,8 @@ components: codes: type: array title: Retry HTTP codes - description: List of HTTP codes that trigger a retry. Leave empty to use the default list of 429 and 503. + description: List of HTTP codes that trigger a retry. Leave empty to use the + default list of 429 and 503. minItems: 1 items: type: number @@ -11103,11 +12177,16 @@ components: enableHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) or a timestamp after which to retry the request. The delay is limited to the `Longest interval between retries (ms)` value, even if the Retry-After header specifies a longer delay. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) or + a timestamp after which to retry the request. The delay is limited + to the `Longest interval between retries (ms)` value, even if the + Retry-After header specifies a longer delay. When disabled, all + Retry-After headers are ignored. retryConnectTimeout: type: boolean title: Retry connection timeout - description: Make a single retry attempt when a connection timeout (ETIMEDOUT) error occurs + description: Make a single retry attempt when a connection timeout (ETIMEDOUT) + error occurs retryConnectReset: type: boolean title: Retry connection reset @@ -11137,7 +12216,8 @@ components: multiplier: type: number title: Backoff multiplier - description: "Base for exponential backoff. Example: base 2 means that retries will occur after 2, then 4, then 8 seconds, and so on." + description: "Base for exponential backoff. Example: base 2 means that retries + will occur after 2, then 4, then 8 seconds, and so on." minimum: 1 maximum: 20 maxIntervalMs: @@ -11147,7 +12227,8 @@ components: codes: type: array title: Retry HTTP codes - description: List of HTTP codes that trigger a retry. Leave empty to use the default list of 429 and 503. + description: List of HTTP codes that trigger a retry. Leave empty to use the + default list of 429 and 503. minItems: 1 items: type: number @@ -11155,11 +12236,16 @@ components: enableHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) or a timestamp after which to retry the request. The delay is limited to the `Longest interval between retries (ms)` value, even if the Retry-After header specifies a longer delay. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) or + a timestamp after which to retry the request. The delay is limited + to the `Longest interval between retries (ms)` value, even if the + Retry-After header specifies a longer delay. When disabled, all + Retry-After headers are ignored. retryConnectTimeout: type: boolean title: Retry connection timeout - description: Make a single retry attempt when a connection timeout (ETIMEDOUT) error occurs + description: Make a single retry attempt when a connection timeout (ETIMEDOUT) + error occurs retryConnectReset: type: boolean title: Retry connection reset @@ -11183,7 +12269,8 @@ components: discoverType: type: string title: Discover type - description: Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. + description: Defines how task discovery will be performed. Each entry returned + by the Discover operation will result in a Collect task. enum: - http - json @@ -11193,7 +12280,14 @@ components: discoverUrl: type: string title: Discover URL - description: URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. + description: URL to use for the Discover operation. Can be a constant URL, or a + JavaScript expression to derive the URL. + __template_discoverUrl: + type: string + description: Binds 'discoverUrl' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'discoverUrl' at + runtime. discoverMethod: $ref: "#/components/schemas/DiscoverMethodOptionsRestDiscoveryDiscoverTypeHttp" discoverRequestHeaders: @@ -11203,21 +12297,32 @@ components: $ref: "#/components/schemas/CollectRequestParamConfRestCollectMethodGet" pagination: $ref: "#/components/schemas/PaginationTypeRestDiscoveryDiscoverTypeHttp" + discoverDataField: + type: string + title: Discover data field + description: "Path to field in the response object that contains discovery + results (ex: level1.name). Leave blank if the result is an + array." enableStrictDiscoverParsing: type: boolean title: Strict discover response parsing - description: Explicitly set the discover response format. When disabled, best effort parsing is used. + description: Explicitly set the discover response format. When disabled, best + effort parsing is used. enableDiscoverCode: type: boolean title: Format discover result with custom code manualDiscoverResult: type: string title: Discover result - description: Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. + description: Allows hard-coding the Discover result. Must be a JSON object or + array. Works with Discover data field. itemList: type: array title: Discover items - description: Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. + description: Comma-separated list of items to return from the Discover task. + Each item returned generates a Collect task and can be + referenced using `${id}` in the Collect URL, headers, or + parameters. minItems: 1 items: type: string @@ -11239,7 +12344,8 @@ components: collectUrl: type: string title: Collect URL - description: URL (constant or JavaScript expression) to use for the Collect operation + description: URL (constant or JavaScript expression) to use for the Collect + operation collectMethod: type: string title: Collect method @@ -11265,48 +12371,80 @@ components: - type properties: type: - $ref: "#/components/schemas/PaginationOptionsRestDiscoveryDiscoverTypeHttpPagination" + $ref: "#/components/schemas/PaginationOptionsRestDiscoveryDiscoverTypeHttpPagin\ + ation" + maxPages: + type: number + title: Page limit + description: Maximum number of pages to retrieve per collection task. Defaults + to 50 pages. Set to 0 to retrieve all pages. + minimum: 0 lastPageExpr: type: string title: Last-page expression - description: JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section. + description: JavaScript expression used to determine when the last page has been + reached. The values tested by this expression must be in the + Response attributes section. nextRelationAttribute: type: string title: Next page relation name - description: 'Relation name used in the link header that refers to the next page in the result set. Example: rel="next" refers to the next page of results: ; rel="next"' + description: 'Relation name used in the link header that refers to the next page + in the result set. Example: rel="next" refers to the next page + of results: ; rel="next"' curRelationAttribute: type: string title: Current page relation name - description: 'Relation name used in the link header that refers to the current result set. Example: rel="self" refers to the current page of results: ; rel="self" ' + description: 'Relation name used in the link header that refers to the current + result set. Example: rel="self" refers to the current page of + results: ; rel="self" ' offsetField: type: string title: Offset field name - description: "Query string parameter that sets the index from which to begin returning records. Example: /api/v1/query?term=cribl&limit=100&offset=0" + description: "Query string parameter that sets the index from which to begin + returning records. Example: + /api/v1/query?term=cribl&limit=100&offset=0" offset: type: number title: Starting offset - description: Offset index from which to start request. Defaults to undefined, which will start collection from the first record. + description: Offset index from which to start request. Defaults to undefined, + which will start collection from the first record. limitField: type: string title: Limit field name - description: "Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0" + description: "Query string parameter that sets the number of records retrieved + per request. Example: + /api/v1/query?term=cribl&limit=100&offset=0" limit: type: number title: Record limit description: Maximum number of records to collect per request minimum: 1 + totalRecordField: + type: string + title: Total record count field name + description: Name of the attribute in the response that contains the total + number of records for the query + zeroIndexed: + type: boolean + title: Zero-based index + description: Enable to indicate that the first page in the requested data is at + index 0. Disabled by default, which indicates index 1. pageField: type: string title: Page number field name - description: "Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0" + description: "Query string parameter that sets the page index to be returned. + Example: /api/v1/query?term=cribl&page_size=100&page_number=0" page: type: number title: Starting page number - description: Page number from which to start request. Defaults to undefined, which will start collection from the first page. + description: Page number from which to start request. Defaults to undefined, + which will start collection from the first page. sizeField: type: string title: Page size field name - description: "Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0" + description: "Query string parameter that sets the number of records retrieved + per request. Example: + /api/v1/query?term=cribl&page_size=100&page_number=0" size: type: number title: Record limit @@ -11315,7 +12453,8 @@ components: totalPageField: type: string title: Total page count field name - description: Name of the attribute in the response that contains the total number of pages for the query + description: Name of the attribute in the response that contains the total + number of pages for the query allOf: - oneOf: - $ref: "#/components/schemas/RestPaginationTypeNone" @@ -11336,7 +12475,9 @@ components: authentication: type: string title: Authentication - description: Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. + description: Authentication method for Discover and Collect REST calls. You can + specify API key–based authentication by adding the appropriate + Collect headers. enum: - none - basic @@ -11358,11 +12499,14 @@ components: maxResponseBodySize: type: string title: Max response body size - description: Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. + description: Maximum amount of data to buffer from a single response body. + Responses exceeding this limit will be rejected. Maximum allowed + value is 512 MB. Leave unset to rely on default error handling. useRoundRobinDns: type: boolean title: Round-robin DNS - description: Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. + description: Use round-robin DNS lookup. Suitable when DNS server returns + multiple addresses in sort order. disableTimeFilter: type: boolean title: Disable time filter @@ -11370,15 +12514,18 @@ components: decodeUrl: type: boolean title: Decode URL - description: Decode the URL before sending requests (including pagination requests) + description: Decode the URL before sending requests (including pagination + requests) rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) + description: Reject certificates that cannot be verified against a valid CA + (such as self-signed certificates) captureHeaders: type: boolean title: Capture response headers - description: Enable to add response headers to the resHeaders field under the __collectible object + description: Enable to add response headers to the resHeaders field under the + __collectible object stopOnEmptyResults: type: boolean title: Stop on empty results @@ -11409,11 +12556,14 @@ components: backoff: "#/components/schemas/RestRetryRulesTypeBackoff" microsoftGraphDelta: type: object - description: Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. + description: Internal opt-in for the Microsoft Graph deltaLink state-tracking + hook. Set programmatically by the Microsoft Graph source when the + configured URL targets a /delta endpoint; not user-configurable. properties: deltaLinkAttribute: type: string - description: Response-body field name to extract as the delta link (typically '@odata.deltaLink') + description: Response-body field name to extract as the delta link (typically + '@odata.deltaLink') __scheduling: type: object properties: @@ -11424,22 +12574,143 @@ components: type: boolean title: Enabled description: Track collection progress between consecutive scheduled executions + username: + type: string + title: Username + __template_username: + type: string + description: Binds 'username' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'username' at runtime. + password: + type: string + title: Password + __template_password: + type: string + description: Binds 'password' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'password' at runtime. + credentialsSecret: + type: string + title: Credentials secret + description: Select or create a stored secret that references your credentials + loginUrl: + type: string + title: Login URL + description: URL to use for login API call. This call is expected to be a POST. + __template_loginUrl: + type: string + description: Binds 'loginUrl' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'loginUrl' at runtime. + loginBody: + type: string + title: POST body + description: Template for POST body to send with login request. ${username} and + ${password} are used to specify location of these attributes in the + message. For x-www-form-urlencoded bodies, wrap values with + ${C.Encode.uri(password)} to preserve special characters like +, &, + and =. + getAuthTokenFromHeader: + type: boolean + title: Get auth token from header + description: Extract the auth token from the HTTP 'Authorization' response + header instead of the standard JSON body of the login response + authHeaderKey: + type: string + title: Authorization header + description: Authorization header key to pass in Discover and Collect calls. + Defaults to the literal name 'Authorization'. + authHeaderExpr: + type: string + title: Authorize expression + description: JavaScript expression used to compute the Authorization header to + pass in Discover and Collect calls. The value ${token} is used to + reference the token obtained from login. + authRequestHeaders: + title: Authentication headers + type: array + items: + $ref: "#/components/schemas/CollectRequestParamConfRestCollectMethodGet" + tokenRespAttribute: + type: string + title: Token attribute + description: Path to token attribute in login response body. Nested attributes + are OK. Leave blank if the response content type is text/plain; the + entire response body will be used to derive the authorization + header. + clientSecretParamName: + type: string + title: Client secret parameter + description: Defaults to 'client_secret'. Automatically added to request + parameters using the value specified. clientSecretParamValue: type: string title: Client secret value - description: Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. + description: Secret value to add to HTTP requests as the 'client secret' + parameter. Value is stored encrypted on disk and automatically added + to request parameters. + __template_clientSecretParamValue: + type: string + description: Binds 'clientSecretParamValue' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'clientSecretParamValue' at runtime. + authRequestParams: + title: Extra authentication parameters + description: OAuth request parameters added to the POST body. The Content-Type + header will automatically be set to + application/x-www-form-urlencoded. + type: array + items: + $ref: "#/components/schemas/CollectRequestParamConfRestCollectMethodGet" + textSecret: + type: string + title: Client secret value (text secret) + description: Select or create a text secret that contains the client secret's + value + scopes: + type: array + title: Scopes + description: Scopes to use during authentication. See [Google's + docs](https://developers.google.com/identity/protocols/oauth2/scopes) + for more information. + minItems: 1 + items: + type: string + minLength: 1 serviceAccountCredentials: type: string title: Service account credentials - description: Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. + description: Contents of Google Cloud service account credentials (JSON keys) + file. To upload a file, click the upload icon in this field's upper + right. minLength: 1 + __template_serviceAccountCredentials: + type: string + description: Binds 'serviceAccountCredentials' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'serviceAccountCredentials' at runtime. + subject: + type: string + title: Impersonated account's email address + description: Email address of a user account with Super Admin permissions to the + resources the collector will retrieve + __template_subject: + type: string + description: Binds 'subject' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'subject' at runtime. hmacFunctionId: type: string title: HMAC Function description: Select or create an HMAC Function to use with authentication __template_collectUrl: type: string - description: Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. + description: Binds 'collectUrl' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'collectUrl' at runtime. allOf: - oneOf: - $ref: "#/components/schemas/RestCollectMethodGet" @@ -11507,7 +12778,9 @@ components: recurse: type: boolean title: Recursive - description: Traverse and include files from subdirectories. Leave this option enabled to ensure that all nested directories are searched and their contents collected. + description: Traverse and include files from subdirectories. Leave this option + enabled to ensure that all nested directories are searched and their + contents collected. S3AwsAuthenticationMethodAuto: type: object properties: @@ -11525,11 +12798,17 @@ components: awsApiKey: type: string title: Access key - description: Access key. If not present, will fall back to env.AWS_ACCESS_KEY_ID, or to the metadata endpoint for IAM creds. Optional when running on AWS. This value can be a constant or a JavaScript expression. + description: Access key. If not present, will fall back to + env.AWS_ACCESS_KEY_ID, or to the metadata endpoint for IAM creds. + Optional when running on AWS. This value can be a constant or a + JavaScript expression. awsSecretKey: type: string title: Secret key - description: Secret key. If not present, will fall back to env.AWS_SECRET_ACCESS_KEY, or to the metadata endpoint for IAM creds. Optional when running on AWS. This value can be a constant or a JavaScript expression. + description: Secret key. If not present, will fall back to + env.AWS_SECRET_ACCESS_KEY, or to the metadata endpoint for IAM + creds. Optional when running on AWS. This value can be a constant or + a JavaScript expression. S3AwsAuthenticationMethodSecret: type: object properties: @@ -11540,7 +12819,8 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references AWS access key and secret key. + description: Select or create a stored secret that references AWS access key and + secret key. S3CollectorConf: type: object title: "" @@ -11550,7 +12830,8 @@ components: outputName: type: string title: Auto-populate from - description: Name of the predefined Destination that will be used to auto-populate Collector settings + description: Name of the predefined Destination that will be used to + auto-populate Collector settings bucket: type: string title: S3 bucket @@ -11565,7 +12846,8 @@ components: parquetChunkDownloadTimeout: type: number title: Parquet chunk download timeout (seconds) - description: Maximum time allowed for downloading a Parquet chunk. Processing will stop if a chunk cannot be downloaded within the time specified. + description: Maximum time allowed for downloading a Parquet chunk. Processing + will stop if a chunk cannot be downloaded within the time specified. maximum: 3600 minimum: 1 region: @@ -11575,12 +12857,16 @@ components: path: type: string title: Path - description: Directory where data will be collected. Templating (such as 'myDir/${datacenter}/${host}/${app}/') and time-based tokens (such as 'myOtherDir/${_time:%Y}/${_time:%m}/${_time:%d}/') are supported. Can be a constant (enclosed in quotes) or a JavaScript expression. + description: Directory where data will be collected. Templating (such as + 'myDir/${datacenter}/${host}/${app}/') and time-based tokens (such + as 'myOtherDir/${_time:%Y}/${_time:%m}/${_time:%d}/') are supported. + Can be a constant (enclosed in quotes) or a JavaScript expression. minLength: 1 partitioningScheme: type: string title: Partitioning scheme - description: Partitioning scheme used for this dataset. Using a known scheme like DDSS enables more efficient data reading and retrieval. + description: Partitioning scheme used for this dataset. Using a known scheme + like DDSS enables more efficient data reading and retrieval. enum: - none - ddss @@ -11605,14 +12891,21 @@ components: expression: type: string title: Extractor Expression - description: 'JavaScript expression that receives token under "value" variable, and evaluates to populate event fields. Example: {date: new Date(+value*1000)}' - description: 'Allows using template tokens as context for expressions that enrich discovery results. For example, given a template /path/${epoch}, an extractor under key "epoch" with an expression {date: new Date(+value*1000)}, will enrich discovery results with a human readable "date" field.' + description: 'JavaScript expression that receives token under "value" variable, + and evaluates to populate event fields. Example: {date: new + Date(+value*1000)}' + description: 'Allows using template tokens as context for expressions that + enrich discovery results. For example, given a template + /path/${epoch}, an extractor under key "epoch" with an expression + {date: new Date(+value*1000)}, will enrich discovery results with a + human readable "date" field.' awsAuthenticationMethod: $ref: "#/components/schemas/AuthenticationMethodOptionsS3CollectorConf" endpoint: type: string title: Endpoint - description: "Must point to an S3-compatible endpoint. If empty, defaults to an AWS region-specific endpoint. " + description: "Must point to an S3-compatible endpoint. If empty, defaults to an + AWS region-specific endpoint. " enableAssumeRole: type: boolean title: Enable Assume Role @@ -11630,13 +12923,16 @@ components: durationSeconds: type: number title: Duration (seconds) - description: Duration of the Assumed Role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). + description: Duration of the Assumed Role's session, in seconds. Minimum is 900 + (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 + hours). minimum: 900 maximum: 43200 maxBatchSize: type: number title: Batch size limit (objects) - description: Maximum number of metadata objects to batch before recording as results + description: Maximum number of metadata objects to batch before recording as + results minimum: 1 reuseConnections: type: boolean @@ -11645,11 +12941,14 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA (such as a self-signed certificate) + description: Reject certificates that cannot be verified against a valid CA + (such as a self-signed certificate) verifyPermissions: type: boolean title: Verify bucket permissions - description: 'Disable if you can access files within the bucket but not the bucket itself. Resolves errors of the form "discover task initialization failed...error: Forbidden".' + description: 'Disable if you can access files within the bucket but not the + bucket itself. Resolves errors of the form "discover task + initialization failed...error: Forbidden".' disableTimeFilter: type: boolean title: Disable time filter @@ -11657,30 +12956,48 @@ components: awsApiKey: type: string title: Access key - description: Access key. If not present, will fall back to env.AWS_ACCESS_KEY_ID, or to the metadata endpoint for IAM creds. Optional when running on AWS. This value can be a constant or a JavaScript expression. + description: Access key. If not present, will fall back to + env.AWS_ACCESS_KEY_ID, or to the metadata endpoint for IAM creds. + Optional when running on AWS. This value can be a constant or a + JavaScript expression. awsSecretKey: type: string title: Secret key - description: Secret key. If not present, will fall back to env.AWS_SECRET_ACCESS_KEY, or to the metadata endpoint for IAM creds. Optional when running on AWS. This value can be a constant or a JavaScript expression. + description: Secret key. If not present, will fall back to + env.AWS_SECRET_ACCESS_KEY, or to the metadata endpoint for IAM + creds. Optional when running on AWS. This value can be a constant or + a JavaScript expression. awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references AWS access key and secret key. + description: Select or create a stored secret that references AWS access key and + secret key. __template_bucket: type: string - description: Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime. + description: Binds 'bucket' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'bucket' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_assumeRoleArn: type: string - description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. + description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. __template_assumeRoleExternalId: type: string - description: Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime. + description: Binds 'assumeRoleExternalId' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'assumeRoleExternalId' at runtime. allOf: - oneOf: - $ref: "#/components/schemas/S3PartitioningSchemeDdss" @@ -11724,12 +13041,14 @@ components: type: string title: Discover Script minLength: 1 - description: Script to discover what to collect. Should output one task per line in stdout. + description: Script to discover what to collect. Should output one task per line + in stdout. collectScript: type: string title: Collect Script minLength: 1 - description: Script to run to perform data collections. Task passed in as $CRIBL_COLLECT_ARG. Should output results to stdout. + description: Script to run to perform data collections. Task passed in as + $CRIBL_COLLECT_ARG. Should output results to stdout. shell: type: string title: Shell @@ -11753,7 +13072,8 @@ components: value: type: string title: Value - description: JavaScript expression to compute environment variable's value, enclosed in quotes or backticks. (Can evaluate to a constant.) + description: JavaScript expression to compute environment variable's value, + enclosed in quotes or backticks. (Can evaluate to a constant.) CollectorScript: allOf: - $ref: "#/components/schemas/CollectorBase" @@ -11847,7 +13167,8 @@ components: interval: type: number title: Wait (ms) - description: Time interval between retries. Maximum allowed value is 20,000 ms (1/3 minute). + description: Time interval between retries. Maximum allowed value is 20,000 ms + (1/3 minute). minimum: 0 maximum: 20000 limit: @@ -11859,7 +13180,8 @@ components: codes: type: array title: Retry HTTP codes - description: List of HTTP codes that trigger a retry. Leave empty to use the default list of 429 and 503. + description: List of HTTP codes that trigger a retry. Leave empty to use the + default list of 429 and 503. minItems: 1 items: type: number @@ -11867,11 +13189,15 @@ components: enableHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) or a timestamp after which to retry the request. The delay is limited to 20 seconds, even if the Retry-After header specifies a longer delay. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) or + a timestamp after which to retry the request. The delay is limited + to 20 seconds, even if the Retry-After header specifies a longer + delay. When disabled, all Retry-After headers are ignored. retryConnectTimeout: type: boolean title: Retry connection timeout - description: Make a single retry attempt when a connection timeout (ETIMEDOUT) error occurs + description: Make a single retry attempt when a connection timeout (ETIMEDOUT) + error occurs retryConnectReset: type: boolean title: Retry connection reset @@ -11886,7 +13212,8 @@ components: interval: type: number title: Initial retry interval (ms) - description: Time interval between failed request and first retry (kickoff). Maximum allowed value is 20,000 ms (1/3 minute). + description: Time interval between failed request and first retry (kickoff). + Maximum allowed value is 20,000 ms (1/3 minute). minimum: 0 maximum: 20000 limit: @@ -11898,13 +13225,15 @@ components: multiplier: type: number title: Backoff multiplier - description: Base for exponential backoff. For example, base 2 means that retries will occur after 2, then 4, then 8 seconds, and so on. + description: Base for exponential backoff. For example, base 2 means that + retries will occur after 2, then 4, then 8 seconds, and so on. minimum: 1 maximum: 20 codes: type: array title: Retry HTTP codes - description: List of HTTP codes that trigger a retry. Leave empty to use the default list of 429 and 503. + description: List of HTTP codes that trigger a retry. Leave empty to use the + default list of 429 and 503. minItems: 1 items: type: number @@ -11912,11 +13241,15 @@ components: enableHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) or a timestamp after which to retry the request. The delay is limited to 20 seconds, even if the Retry-After header specifies a longer delay. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) or + a timestamp after which to retry the request. The delay is limited + to 20 seconds, even if the Retry-After header specifies a longer + delay. When disabled, all Retry-After headers are ignored. retryConnectTimeout: type: boolean title: Retry connection timeout - description: Make a single retry attempt when a connection timeout (ETIMEDOUT) error occurs + description: Make a single retry attempt when a connection timeout (ETIMEDOUT) + error occurs retryConnectReset: type: boolean title: Retry connection reset @@ -11934,19 +13267,23 @@ components: searchHead: type: string title: Search head - description: Search head base URL. Can be an expression. Default is https://localhost:8089. + description: Search head base URL. Can be an expression. Default is + https://localhost:8089. search: type: string title: Search - description: "Examples: 'index=myAppLogs level=error channel=myApp' OR '| mstats avg(myStat) as myStat WHERE index=myStatsIndex.'" + description: "Examples: 'index=myAppLogs level=error channel=myApp' OR '| mstats + avg(myStat) as myStat WHERE index=myStatsIndex.'" earliest: title: Earliest type: string - description: "The earliest time boundary for the search. Can be an exact or relative time. Examples: '2022-01-14T12:00:00Z' or '-16m@m'" + description: "The earliest time boundary for the search. Can be an exact or + relative time. Examples: '2022-01-14T12:00:00Z' or '-16m@m'" latest: title: Latest type: string - description: "The latest time boundary for the search. Can be an exact or relative time. Examples: '2022-01-14T12:00:00Z' or '-1m@m'" + description: "The latest time boundary for the search. Can be an exact or + relative time. Examples: '2022-01-14T12:00:00Z' or '-1m@m'" endpoint: type: string title: Search endpoint @@ -11969,7 +13306,10 @@ components: value: title: Value type: string - description: JavaScript expression to compute the parameter's value, normally enclosed in backticks (`${earliest}`). If a constant, use single quotes ('earliest'). Values without delimiters (earliest) are evaluated as strings. + description: JavaScript expression to compute the parameter's value, normally + enclosed in backticks (`${earliest}`). If a constant, use + single quotes ('earliest'). Values without delimiters + (earliest) are evaluated as strings. collectRequestHeaders: title: Extra headers description: Optional collect request headers @@ -11986,7 +13326,10 @@ components: value: type: string title: Value - description: JavaScript expression to compute the header's value, normally enclosed in backticks (`${earliest}`). If a constant, use single quotes ('earliest'). Values without delimiters (earliest) are evaluated as strings. + description: JavaScript expression to compute the header's value, normally + enclosed in backticks (`${earliest}`). If a constant, use + single quotes ('earliest'). Values without delimiters + (earliest) are evaluated as strings. authentication: type: string title: Authentication @@ -12013,7 +13356,8 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. + description: Use round-robin DNS lookup. Suitable when DNS server returns + multiple addresses in sort order. disableTimeFilter: type: boolean title: Disable time filter @@ -12021,11 +13365,13 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) + description: Reject certificates that cannot be verified against a valid CA + (such as self-signed certificates) handleEscapedChars: type: boolean title: Preserve escaped characters - description: Escape characters (\") in search queries will be passed directly to Splunk + description: Escape characters (\") in search queries will be passed directly to + Splunk retryRules: type: object required: @@ -12044,6 +13390,18 @@ components: none: "#/components/schemas/SplunkRetryRulesTypeNone" static: "#/components/schemas/SplunkRetryRulesTypeStatic" backoff: "#/components/schemas/SplunkRetryRulesTypeBackoff" + username: + type: string + title: Username + description: Basic authentication username + password: + type: string + title: Password + description: Basic authentication password + credentialsSecret: + type: string + title: Credentials secret + description: Select or create a stored secret that references your credentials token: type: string title: Bearer token @@ -12051,24 +13409,57 @@ components: type: string title: Bearer token secret description: Select or create a stored secret that references your Bearer token + loginUrl: + type: string + title: Login URL + description: URL to use for login API call. This call is expected to be a POST. + loginBody: + type: string + title: POST body + description: Template for POST body to send with login request. ${username} and + ${password} are used to specify location of these attributes in the + message. + tokenRespAttribute: + type: string + title: Token attribute + description: Path to token attribute in login response body. Nested attributes + are allowed. + authHeaderExpr: + type: string + title: Authorize Expression + description: JavaScript expression to compute the Authorization header to pass + in discover and collect calls. The value ${token} is used to + reference the token obtained from login. __template_searchHead: type: string - description: Binds 'searchHead' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'searchHead' at runtime. + description: Binds 'searchHead' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'searchHead' at runtime. __template_search: type: string - description: Binds 'search' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'search' at runtime. + description: Binds 'search' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'search' at runtime. __template_earliest: type: string - description: Binds 'earliest' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'earliest' at runtime. + description: Binds 'earliest' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'earliest' at runtime. __template_latest: type: string - description: Binds 'latest' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'latest' at runtime. + description: Binds 'latest' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'latest' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_outputMode: type: string - description: Binds 'outputMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'outputMode' at runtime. + description: Binds 'outputMode' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'outputMode' at runtime. allOf: - oneOf: - $ref: "#/components/schemas/SplunkAuthenticationNone" @@ -12134,6 +13525,7 @@ components: - macros - notebooks - notebook-templates + - apps x-speakeasy-unknown-values: allow ResourcePolicy: type: object @@ -12143,7 +13535,8 @@ components: description: Unique identifier for the group that owns the resource. id: type: string - description: Unique identifier for the resource. Omitted for resource type groups. + description: Unique identifier for the resource. Omitted for resource type + groups. policy: type: string description: String that defines the access control policy for the resource. @@ -12175,6 +13568,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/UserAccessControlList" CountedDatabaseConnectionConfig: @@ -12185,6 +13579,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/DatabaseConnectionConfig" DatabaseConnectionType: @@ -12237,6 +13632,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/FunctionResponse" InputCollection: @@ -12260,15 +13656,21 @@ components: sendToRoutes: type: boolean title: Send to Routes - description: Send events to normal routing and event processing. Disable to select a specific Pipeline/Destination combination. + description: Send events to normal routing and event processing. Disable to + select a specific Pipeline/Destination combination. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -12276,11 +13678,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -12288,21 +13692,26 @@ components: breakerRulesets: type: array title: Event Breaker rulesets - description: A list of event-breaking rulesets that will be applied, in order, to the input data stream + description: A list of event-breaking rulesets that will be applied, in order, + to the input data stream items: type: string staleChannelFlushMs: type: number title: Event Breaker buffer timeout (ms) - description: How long (in milliseconds) the Event Breaker will wait for new data to be sent to a specific channel before flushing the data stream out, as is, to the Pipelines + description: How long (in milliseconds) the Event Breaker will wait for new data + to be sent to a specific channel before flushing the data stream + out, as is, to the Pipelines minimum: 10 - maximum: 4.32e+07 + maximum: 43200000 preprocess: $ref: "#/components/schemas/PreprocessType" throttleRatePerSec: type: string title: Throttling - description: "Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling." + description: "Rate (in bytes per second) to throttle while writing to an output. + Accepts values with multiple-byte units, such as KB, MB, and GB. + (Example: 42 MB) Default value of 0 specifies no throttling." pattern: ^[\d.]+(\s[KMGTPEZYkmgtpezy][Bb])?$ metadata: type: array @@ -12316,10 +13725,14 @@ components: description: Destination to send results to __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. required: - type InputKafka: @@ -12343,18 +13756,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -12362,11 +13781,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -12374,7 +13795,9 @@ components: brokers: type: array title: Bootstrap servers - description: Enter each Kafka bootstrap server you want to use. Specify the hostname and port (such as mykafkabroker:9092) or just the hostname (in which case @{product} will assign port 9092). + description: Enter each Kafka bootstrap server you want to use. Specify the + hostname and port (such as mykafkabroker:9092) or just the hostname + (in which case @{product} will assign port 9092). minItems: 1 items: type: string @@ -12382,7 +13805,8 @@ components: topics: type: array title: Topic - description: "Topic to subscribe to. Warning: To optimize performance, Cribl suggests subscribing each Kafka Source to a single topic only." + description: "Topic to subscribe to. Warning: To optimize performance, Cribl + suggests subscribing each Kafka Source to a single topic only." minItems: 1 items: type: string @@ -12390,11 +13814,13 @@ components: groupId: type: string title: Group ID - description: The consumer group to which this instance belongs. Defaults to 'Cribl'. + description: The consumer group to which this instance belongs. Defaults to + 'Cribl'. fromBeginning: type: boolean title: From beginning - description: Leave enabled if you want the Source, upon first subscribing to a topic, to read starting with the earliest available message + description: Leave enabled if you want the Source, upon first subscribing to a + topic, to read starting with the earliest available message kafkaSchemaRegistry: $ref: "#/components/schemas/KafkaSchemaRegistryAuthenticationType" connectionTimeout: @@ -12402,49 +13828,62 @@ components: title: Connection timeout (ms) description: Maximum time to wait for a connection to complete successfully minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 requestTimeout: type: number title: Request timeout (ms) description: Maximum time to wait for Kafka to respond to a request minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 maxRetries: type: number title: Retry limit - description: If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data + description: If messages are failing, you can set the maximum number of retries + as high as 100 to prevent loss of data minimum: 0 maximum: 100 maxBackOff: type: number title: Backoff limit (ms) - description: The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds). + description: The maximum wait time for a retry, in milliseconds. Default (and + minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 + seconds). minimum: 30000 maximum: 180000 initialBackoff: type: number title: Initial retry interval (ms) - description: Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes). + description: Initial value used to calculate the retry, in milliseconds. Maximum + is 600,000 ms (10 minutes). minimum: 300 maximum: 600000 backoffRate: type: number title: Backoff multiplier - description: Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details. + description: Set the backoff multiplier (2-20) to control the retry frequency + for failed messages. For faster retries, use a lower multiplier. For + slower retries with more delay between attempts, use a higher + multiplier. The multiplier is used in an exponential backoff + formula; see the Kafka + [documentation](https://kafka.js.org/docs/retry-detailed) for + details. minimum: 2 maximum: 20 authenticationTimeout: type: number title: Authentication timeout (ms) - description: Maximum time to wait for Kafka to respond to an authentication request + description: Maximum time to wait for Kafka to respond to an authentication + request minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 reauthenticationThreshold: type: number title: Reauthentication threshold (ms) - description: Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire. + description: Specifies a time window during which @{product} can reauthenticate + if needed. Creates the window measuring backward from the moment + when credentials are set to expire. minimum: 1000 - maximum: 1.8e+06 + maximum: 1800000 sasl: $ref: "#/components/schemas/AuthenticationType" tls: @@ -12452,55 +13891,71 @@ components: sessionTimeout: type: number title: Session timeout (ms) - description: "\n Timeout used to detect client failures when using Kafka's group-management facilities.\n If the client sends no heartbeats to the broker before the timeout expires, \n the broker will remove the client from the group and initiate a rebalance.\n Value must be between the broker's configured group.min.session.timeout.ms and group.max.session.timeout.ms.\n See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details." + description: >2- + + Timeout used to detect client failures when using Kafka's group-management facilities. + If the client sends no heartbeats to the broker before the timeout expires, + the broker will remove the client from the group and initiate a rebalance. + Value must be between the broker's configured group.min.session.timeout.ms and group.max.session.timeout.ms. + See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 rebalanceTimeout: type: number title: Rebalance timeout (ms) - description: >2- - Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + description: |- + + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 heartbeatInterval: type: number title: Heartbeat interval (ms) - description: >2- - Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + description: |- + + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 autoCommitInterval: type: number title: Offset commit interval (ms) - description: How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. + description: How often to commit offsets. If both this and Offset commit + threshold are set, @{product} commits offsets when either condition + is met. If both are empty, @{product} commits offsets after each + batch. minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 autoCommitThreshold: type: number title: Offset commit threshold - description: How many events are needed to trigger an offset commit. If both this and Offset commit interval are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. + description: How many events are needed to trigger an offset commit. If both + this and Offset commit interval are set, @{product} commits offsets + when either condition is met. If both are empty, @{product} commits + offsets after each batch. minimum: 1 maximum: 10000 maxBytesPerPartition: type: number title: Byte limit, per partition - description: Maximum amount of data that Kafka will return per partition, per fetch request. Must equal or exceed the maximum message size (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, @{product} can get stuck trying to retrieve messages. Defaults to 1048576 (1 MB). + description: Maximum amount of data that Kafka will return per partition, per + fetch request. Must equal or exceed the maximum message size + (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, + @{product} can get stuck trying to retrieve messages. Defaults to + 1048576 (1 MB). minimum: 1 - maximum: 1e+07 + maximum: 10000000 maxBytes: type: number title: Byte limit - description: Maximum number of bytes that Kafka will return per fetch request. Defaults to 10485760 (10 MB). + description: Maximum number of bytes that Kafka will return per fetch request. + Defaults to 10485760 (10 MB). minimum: 1 - maximum: 1e+09 + maximum: 1000000000 maxSocketErrors: type: number title: Error limit, per socket - description: Maximum number of network errors before the consumer re-creates a socket + description: Maximum number of network errors before the consumer re-creates a + socket minimum: 0 maximum: 100 metadata: @@ -12514,19 +13969,29 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_brokers: type: string - description: Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime. + description: Binds 'brokers' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'brokers' at runtime. __template_topics: type: string - description: Binds 'topics' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topics' at runtime. + description: Binds 'topics' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'topics' at runtime. __template_groupId: type: string - description: Binds 'groupId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'groupId' at runtime. + description: Binds 'groupId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'groupId' at runtime. InputMsk: type: object required: @@ -12550,18 +14015,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -12569,11 +14040,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -12581,7 +14054,9 @@ components: brokers: type: array title: Bootstrap servers - description: Enter each Kafka bootstrap server you want to use. Specify the hostname and port (such as mykafkabroker:9092) or just the hostname (in which case @{product} will assign port 9092). + description: Enter each Kafka bootstrap server you want to use. Specify the + hostname and port (such as mykafkabroker:9092) or just the hostname + (in which case @{product} will assign port 9092). minItems: 1 items: type: string @@ -12589,7 +14064,8 @@ components: topics: type: array title: Topic - description: "Topic to subscribe to. Warning: To optimize performance, Cribl suggests subscribing each Kafka Source to a single topic only." + description: "Topic to subscribe to. Warning: To optimize performance, Cribl + suggests subscribing each Kafka Source to a single topic only." minItems: 1 items: type: string @@ -12597,35 +14073,41 @@ components: groupId: type: string title: Group ID - description: The consumer group to which this instance belongs. Defaults to 'Cribl'. + description: The consumer group to which this instance belongs. Defaults to + 'Cribl'. fromBeginning: type: boolean title: From beginning - description: Leave enabled if you want the Source, upon first subscribing to a topic, to read starting with the earliest available message + description: Leave enabled if you want the Source, upon first subscribing to a + topic, to read starting with the earliest available message sessionTimeout: type: number title: Session timeout (ms) - description: "\n Timeout used to detect client failures when using Kafka's group-management facilities.\n If the client sends no heartbeats to the broker before the timeout expires, \n the broker will remove the client from the group and initiate a rebalance.\n Value must be between the broker's configured group.min.session.timeout.ms and group.max.session.timeout.ms.\n See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details." + description: >2- + + Timeout used to detect client failures when using Kafka's group-management facilities. + If the client sends no heartbeats to the broker before the timeout expires, + the broker will remove the client from the group and initiate a rebalance. + Value must be between the broker's configured group.min.session.timeout.ms and group.max.session.timeout.ms. + See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 rebalanceTimeout: type: number title: Rebalance timeout (ms) - description: >2- - Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + description: |- + + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 heartbeatInterval: type: number title: Heartbeat interval (ms) - description: >2- - Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + description: |- + + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 metadata: type: array title: Fields @@ -12639,49 +14121,62 @@ components: title: Connection timeout (ms) description: Maximum time to wait for a connection to complete successfully minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 requestTimeout: type: number title: Request timeout (ms) description: Maximum time to wait for Kafka to respond to a request minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 maxRetries: type: number title: Retry limit - description: If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data + description: If messages are failing, you can set the maximum number of retries + as high as 100 to prevent loss of data minimum: 0 maximum: 100 maxBackOff: type: number title: Backoff limit (ms) - description: The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds). + description: The maximum wait time for a retry, in milliseconds. Default (and + minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 + seconds). minimum: 30000 maximum: 180000 initialBackoff: type: number title: Initial retry interval (ms) - description: Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes). + description: Initial value used to calculate the retry, in milliseconds. Maximum + is 600,000 ms (10 minutes). minimum: 300 maximum: 600000 backoffRate: type: number title: Backoff multiplier - description: Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details. + description: Set the backoff multiplier (2-20) to control the retry frequency + for failed messages. For faster retries, use a lower multiplier. For + slower retries with more delay between attempts, use a higher + multiplier. The multiplier is used in an exponential backoff + formula; see the Kafka + [documentation](https://kafka.js.org/docs/retry-detailed) for + details. minimum: 2 maximum: 20 authenticationTimeout: type: number title: Authentication timeout (ms) - description: Maximum time to wait for Kafka to respond to an authentication request + description: Maximum time to wait for Kafka to respond to an authentication + request minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 reauthenticationThreshold: type: number title: Reauthentication threshold (ms) - description: Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire. + description: Specifies a time window during which @{product} can reauthenticate + if needed. Creates the window measuring backward from the moment + when credentials are set to expire. minimum: 1000 - maximum: 1.8e+06 + maximum: 1800000 awsAuthenticationMethod: $ref: "#/components/schemas/AuthenticationMethodOptionsS3CollectorConf" awsSecretKey: @@ -12694,7 +14189,9 @@ components: endpoint: type: string title: Endpoint - description: MSK cluster service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to MSK cluster-compatible endpoint. + description: MSK cluster service endpoint. If empty, defaults to the AWS + Region-specific endpoint. Otherwise, it must point to MSK + cluster-compatible endpoint. reuseConnections: type: boolean title: Reuse connections @@ -12702,7 +14199,8 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates enableAssumeRole: type: boolean title: Enable for MSK @@ -12720,7 +14218,9 @@ components: durationSeconds: type: number title: Duration (seconds) - description: Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). + description: Duration of the assumed role's session, in seconds. Minimum is 900 + (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 + hours). minimum: 900 maximum: 43200 tls: @@ -12728,31 +14228,43 @@ components: autoCommitInterval: type: number title: Offset commit interval (ms) - description: How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. + description: How often to commit offsets. If both this and Offset commit + threshold are set, @{product} commits offsets when either condition + is met. If both are empty, @{product} commits offsets after each + batch. minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 autoCommitThreshold: type: number title: Offset commit threshold - description: How many events are needed to trigger an offset commit. If both this and Offset commit interval are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. + description: How many events are needed to trigger an offset commit. If both + this and Offset commit interval are set, @{product} commits offsets + when either condition is met. If both are empty, @{product} commits + offsets after each batch. minimum: 1 maximum: 10000 maxBytesPerPartition: type: number title: Byte limit, per partition - description: Maximum amount of data that Kafka will return per partition, per fetch request. Must equal or exceed the maximum message size (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, @{product} can get stuck trying to retrieve messages. Defaults to 1048576 (1 MB). + description: Maximum amount of data that Kafka will return per partition, per + fetch request. Must equal or exceed the maximum message size + (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, + @{product} can get stuck trying to retrieve messages. Defaults to + 1048576 (1 MB). minimum: 1 - maximum: 1e+07 + maximum: 10000000 maxBytes: type: number title: Byte limit - description: Maximum number of bytes that Kafka will return per fetch request. Defaults to 10485760 (10 MB). + description: Maximum number of bytes that Kafka will return per fetch request. + Defaults to 10485760 (10 MB). minimum: 1 - maximum: 1e+09 + maximum: 1000000000 maxSocketErrors: type: number title: Error limit, per socket - description: Maximum number of network errors before the consumer re-creates a socket + description: Maximum number of network errors before the consumer re-creates a + socket minimum: 0 maximum: 100 description: @@ -12765,40 +14277,64 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_brokers: type: string - description: Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime. + description: Binds 'brokers' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'brokers' at runtime. __template_topics: type: string - description: Binds 'topics' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topics' at runtime. + description: Binds 'topics' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'topics' at runtime. __template_groupId: type: string - description: Binds 'groupId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'groupId' at runtime. + description: Binds 'groupId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'groupId' at runtime. __template_awsSecretKey: type: string - description: Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime. + description: Binds 'awsSecretKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsSecretKey' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_assumeRoleArn: type: string - description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. + description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. __template_assumeRoleExternalId: type: string - description: Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime. + description: Binds 'assumeRoleExternalId' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'assumeRoleExternalId' at runtime. __template_awsApiKey: type: string - description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime. + description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsApiKey' at runtime. InputHttp: type: object required: @@ -12820,18 +14356,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -12839,11 +14381,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -12860,7 +14404,8 @@ components: authTokens: type: array title: Auth tokens - description: "Shared secrets to be provided by any client (Authorization: ). If empty, unauthorized access is permitted." + description: "Shared secrets to be provided by any client (Authorization: + ). If empty, unauthorized access is permitted." items: type: string tls: @@ -12868,17 +14413,23 @@ components: maxActiveReq: type: number title: Active request limit - description: "Maximum number of active requests allowed per Worker Process. Set to 0 for unlimited. Caution: Increasing the limit above the default value, or setting it to unlimited, may degrade performance and reduce throughput." + description: "Maximum number of active requests allowed per Worker Process. Set + to 0 for unlimited. Caution: Increasing the limit above the default + value, or setting it to unlimited, may degrade performance and + reduce throughput." minimum: 0 maxRequestsPerSocket: type: integer title: Requests-per-socket limit - description: Maximum number of requests per socket before @{product} instructs the client to close the connection. Default is 0 (unlimited). + description: Maximum number of requests per socket before @{product} instructs + the client to close the connection. Default is 0 (unlimited). minimum: 0 enableProxyHeader: type: boolean title: Show originating IP - description: Extract the client IP and port from PROXY protocol v1/v2. When enabled, the X-Forwarded-For header is ignored. Disable to use the X-Forwarded-For header for client IP extraction. + description: Extract the client IP and port from PROXY protocol v1/v2. When + enabled, the X-Forwarded-For header is ignored. Disable to use the + X-Forwarded-For header for client IP extraction. captureHeaders: type: boolean title: Capture request headers @@ -12886,50 +14437,63 @@ components: activityLogSampleRate: type: number title: Activity log sample rate - description: How often request activity is logged at the `info` level. A value of 1 would log every request, 10 every 10th request, etc. + description: How often request activity is logged at the `info` level. A value + of 1 would log every request, 10 every 10th request, etc. minimum: 1 requestTimeout: type: number title: Request timeout (seconds) - description: How long to wait for an incoming request to complete before aborting it. Use 0 to disable. + description: How long to wait for an incoming request to complete before + aborting it. Use 0 to disable. minimum: 0 socketTimeout: type: number title: Socket timeout (seconds) - description: How long @{product} should wait before assuming that an inactive socket has timed out. To wait forever, set to 0. + description: How long @{product} should wait before assuming that an inactive + socket has timed out. To wait forever, set to 0. minimum: 0 keepAliveTimeout: type: number title: Keep-alive timeout (seconds) - description: After the last response is sent, @{product} will wait this long for additional data before closing the socket connection. Minimum 1 second, maximum 600 seconds (10 minutes). + description: After the last response is sent, @{product} will wait this long for + additional data before closing the socket connection. Minimum 1 + second, maximum 600 seconds (10 minutes). minimum: 1 maximum: 600 enableHealthCheck: type: boolean title: Health check endpoint - description: Expose the /cribl_health endpoint, which returns 200 OK when this Source is healthy + description: Expose the /cribl_health endpoint, which returns 200 OK when this + Source is healthy ipAllowlistRegex: type: string title: IP allowlist regex - description: Messages from matched IP addresses will be processed, unless also matched by the denylist + description: Messages from matched IP addresses will be processed, unless also + matched by the denylist ipDenylistRegex: type: string title: IP denylist regex - description: Messages from matched IP addresses will be ignored. This takes precedence over the allowlist. + description: Messages from matched IP addresses will be ignored. This takes + precedence over the allowlist. criblAPI: type: string title: Cribl HTTP event API - description: Absolute path on which to listen for the Cribl HTTP API requests. Only _bulk (default /cribl/_bulk) is available. Use empty string to disable. + description: Absolute path on which to listen for the Cribl HTTP API requests. + Only _bulk (default /cribl/_bulk) is available. Use empty string to + disable. pattern: ^/|^$ elasticAPI: type: string title: Elasticsearch API endpoint (Bulk API) - description: Absolute path on which to listen for the Elasticsearch API requests. Only _bulk (default /elastic/_bulk) is available. Use empty string to disable. + description: Absolute path on which to listen for the Elasticsearch API + requests. Only _bulk (default /elastic/_bulk) is available. Use + empty string to disable. pattern: ^/|^$ splunkHecAPI: type: string title: Splunk HEC endpoint - description: Absolute path on which listen for the Splunk HTTP Event Collector API requests. Use empty string to disable. + description: Absolute path on which listen for the Splunk HTTP Event Collector + API requests. Use empty string to disable. pattern: ^/|^$ splunkHecAcks: type: boolean @@ -12943,7 +14507,8 @@ components: authTokensExt: type: array title: Auth tokens - description: "Shared secrets to be provided by any client (Authorization: ). If empty, unauthorized access is permitted." + description: "Shared secrets to be provided by any client (Authorization: + ). If empty, unauthorized access is permitted." items: $ref: "#/components/schemas/AuthTokensExtConfInputHttp" description: @@ -12951,28 +14516,44 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. __template_authTokens: type: string - description: Binds 'authTokens' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'authTokens' at runtime. + description: Binds 'authTokens' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'authTokens' at runtime. __template_criblAPI: type: string - description: Binds 'criblAPI' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'criblAPI' at runtime. + description: Binds 'criblAPI' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'criblAPI' at runtime. __template_elasticAPI: type: string - description: Binds 'elasticAPI' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticAPI' at runtime. + description: Binds 'elasticAPI' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'elasticAPI' at runtime. __template_splunkHecAPI: type: string - description: Binds 'splunkHecAPI' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'splunkHecAPI' at runtime. + description: Binds 'splunkHecAPI' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'splunkHecAPI' at runtime. InputSplunk: type: object required: @@ -12994,18 +14575,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -13013,11 +14600,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -13036,31 +14625,43 @@ components: ipWhitelistRegex: type: string title: IP allowlist regex - description: Regex matching IP addresses that are allowed to establish a connection + description: Regex matching IP addresses that are allowed to establish a + connection maxActiveCxn: type: number title: Active connection limit - description: Maximum number of active connections allowed per Worker Process. Use 0 for unlimited. + description: Maximum number of active connections allowed per Worker Process. + Use 0 for unlimited. minimum: 0 socketIdleTimeout: type: number title: Socket idle timeout (seconds) - description: How long @{product} should wait before assuming that an inactive socket has timed out. After this time, the connection will be closed. Leave at 0 for no inactive socket monitoring. + description: How long @{product} should wait before assuming that an inactive + socket has timed out. After this time, the connection will be + closed. Leave at 0 for no inactive socket monitoring. minimum: 0 socketEndingMaxWait: type: number title: Forced socket termination timeout (seconds) - description: How long the server will wait after initiating a closure for a client to close its end of the connection. If the client doesn't close the connection within this time, the server will forcefully terminate the socket to prevent resource leaks and ensure efficient connection cleanup and system stability. Leave at 0 for no inactive socket monitoring. + description: How long the server will wait after initiating a closure for a + client to close its end of the connection. If the client doesn't + close the connection within this time, the server will forcefully + terminate the socket to prevent resource leaks and ensure efficient + connection cleanup and system stability. Leave at 0 for no inactive + socket monitoring. minimum: 0 socketMaxLifespan: type: number title: Socket max lifespan (seconds) - description: The maximum duration a socket can remain open, even if active. This helps manage resources and mitigate issues caused by TCP pinning. Set to 0 to disable. + description: The maximum duration a socket can remain open, even if active. This + helps manage resources and mitigate issues caused by TCP pinning. + Set to 0 to disable. minimum: 0 enableProxyHeader: type: boolean title: Enable proxy protocol - description: Enable if the connection is proxied by a device that supports proxy protocol v1 or v2 + description: Enable if the connection is proxied by a device that supports proxy + protocol v1 or v2 metadata: type: array title: Fields @@ -13070,19 +14671,23 @@ components: breakerRulesets: type: array title: Event Breaker rulesets - description: A list of event-breaking rulesets that will be applied, in order, to the input data stream + description: A list of event-breaking rulesets that will be applied, in order, + to the input data stream items: type: string staleChannelFlushMs: type: number title: Event Breaker buffer timeout (ms) - description: How long (in milliseconds) the Event Breaker will wait for new data to be sent to a specific channel before flushing the data stream out, as is, to the Pipelines + description: How long (in milliseconds) the Event Breaker will wait for new data + to be sent to a specific channel before flushing the data stream + out, as is, to the Pipelines minimum: 10 - maximum: 4.32e+07 + maximum: 43200000 authTokens: type: array title: Auth tokens - description: Shared secrets to be provided by any Splunk forwarder. If empty, unauthorized access is permitted. + description: Shared secrets to be provided by any Splunk forwarder. If empty, + unauthorized access is permitted. items: type: object required: @@ -13091,7 +14696,8 @@ components: token: type: string title: Token - description: Shared secrets to be provided by any Splunk forwarder. If empty, unauthorized access is permitted. + description: Shared secrets to be provided by any Splunk forwarder. If empty, + unauthorized access is permitted. description: type: string title: Description @@ -13112,11 +14718,14 @@ components: useFwdTimezone: type: boolean title: Use Universal Forwarder time zone - description: Event Breakers will determine events' time zone from UF-provided metadata, when TZ can't be inferred from the raw event + description: Event Breakers will determine events' time zone from UF-provided + metadata, when TZ can't be inferred from the raw event dropControlFields: type: boolean title: Drop control fields - description: Drop Splunk control fields such as `crcSalt` and `_savedPort`. If disabled, control fields are stored in the internal field `__ctrlFields`. + description: Drop Splunk control fields such as `crcSalt` and `_savedPort`. If + disabled, control fields are stored in the internal field + `__ctrlFields`. extractMetrics: type: boolean title: Extract metrics @@ -13124,7 +14733,9 @@ components: compress: type: string title: Compression - description: Controls whether to support reading compressed data from a forwarder. Select 'Automatic' to match the forwarder's configuration, or 'Disabled' to reject compressed connections. + description: Controls whether to support reading compressed data from a + forwarder. Select 'Automatic' to match the forwarder's + configuration, or 'Disabled' to reject compressed connections. enum: - disabled - auto @@ -13136,22 +14747,34 @@ components: x-speakeasy-unknown-values: allow __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. __template_maxS2Sversion: type: string - description: Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime. + description: Binds 'maxS2Sversion' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'maxS2Sversion' at runtime. __template_compress: type: string - description: Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime. + description: Binds 'compress' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'compress' at runtime. InputSplunkSearch: type: object required: @@ -13177,18 +14800,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -13196,11 +14825,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -13208,19 +14839,24 @@ components: searchHead: title: Search head type: string - description: Search head base URL. Can be an expression. Default is https://localhost:8089. + description: Search head base URL. Can be an expression. Default is + https://localhost:8089. search: type: string title: Search - description: "Enter Splunk search here. Examples: 'index=myAppLogs level=error channel=myApp' OR '| mstats avg(myStat) as myStat WHERE index=myStatsIndex.'" + description: "Enter Splunk search here. Examples: 'index=myAppLogs level=error + channel=myApp' OR '| mstats avg(myStat) as myStat WHERE + index=myStatsIndex.'" earliest: title: Earliest type: string - description: "The earliest time boundary for the search. Can be an exact or relative time. Examples: '2022-01-14T12:00:00Z' or '-16m@m'" + description: "The earliest time boundary for the search. Can be an exact or + relative time. Examples: '2022-01-14T12:00:00Z' or '-16m@m'" latest: title: Latest type: string - description: "The latest time boundary for the search. Can be an exact or relative time. Examples: '2022-01-14T12:00:00Z' or '-1m@m'" + description: "The latest time boundary for the search. Can be an exact or + relative time. Examples: '2022-01-14T12:00:00Z' or '-1m@m'" cronSchedule: type: string title: Cron schedule @@ -13247,7 +14883,10 @@ components: value: title: Value type: string - description: JavaScript expression to compute the parameter's value, normally enclosed in backticks (e.g., `${earliest}`). If a constant, use single quotes (e.g., 'earliest'). Values without delimiters (e.g., earliest) are evaluated as strings. + description: JavaScript expression to compute the parameter's value, normally + enclosed in backticks (e.g., `${earliest}`). If a constant, + use single quotes (e.g., 'earliest'). Values without + delimiters (e.g., earliest) are evaluated as strings. endpointHeaders: title: Endpoint headers description: Optional request headers to send to the endpoint @@ -13264,7 +14903,10 @@ components: value: type: string title: Value - description: JavaScript expression to compute the header's value, normally enclosed in backticks (e.g., `${earliest}`). If a constant, use single quotes (e.g., 'earliest'). Values without delimiters (e.g., earliest) are evaluated as strings. + description: JavaScript expression to compute the header's value, normally + enclosed in backticks (e.g., `${earliest}`). If a constant, + use single quotes (e.g., 'earliest'). Values without + delimiters (e.g., earliest) are evaluated as strings. logLevel: type: string title: Log level @@ -13284,39 +14926,49 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned + description: When a DNS server returns multiple addresses, @{product} will cycle + through them in the order returned rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) + description: Reject certificates that cannot be verified against a valid CA + (such as self-signed certificates) encoding: type: string title: Encoding - description: Character encoding to use when parsing ingested data. When not set, @{product} will default to UTF-8 but may incorrectly interpret multi-byte characters. + description: Character encoding to use when parsing ingested data. When not set, + @{product} will default to UTF-8 but may incorrectly interpret + multi-byte characters. keepAliveTime: type: number title: Keep alive time (seconds) - description: How often workers should check in with the scheduler to keep job subscription alive + description: How often workers should check in with the scheduler to keep job + subscription alive minimum: 10 jobTimeout: type: string title: Job timeout - description: Maximum time the job is allowed to run (e.g., 30, 45s or 15m). Units are seconds, if not specified. Enter 0 for unlimited time. + description: Maximum time the job is allowed to run (e.g., 30, 45s or 15m). + Units are seconds, if not specified. Enter 0 for unlimited time. pattern: ^\d+[sm]?$ maxMissedKeepAlives: type: number title: Worker timeout (periods) - description: The number of Keep Alive Time periods before an inactive worker will have its job subscription revoked. + description: The number of Keep Alive Time periods before an inactive worker + will have its job subscription revoked. minimum: 2 ttl: type: string title: Time to live - description: Time to keep the job's artifacts on disk after job completion. This also affects how long a job is listed in the Job Inspector. + description: Time to keep the job's artifacts on disk after job completion. This + also affects how long a job is listed in the Job Inspector. pattern: \d+[smh]$ ignoreGroupJobsLimit: type: boolean title: Ignore Worker Group job limits - description: When enabled, this job's artifacts are not counted toward the Worker Group's finished job artifacts limit. Artifacts will be removed only after the Collector's configured time to live. + description: When enabled, this job's artifacts are not counted toward the + Worker Group's finished job artifacts limit. Artifacts will be + removed only after the Collector's configured time to live. metadata: type: array title: Fields @@ -13328,15 +14980,18 @@ components: breakerRulesets: type: array title: Event Breaker rulesets - description: A list of event-breaking rulesets that will be applied, in order, to the input data stream + description: A list of event-breaking rulesets that will be applied, in order, + to the input data stream items: type: string staleChannelFlushMs: type: number title: Event Breaker buffer timeout (ms) - description: How long (in milliseconds) the Event Breaker will wait for new data to be sent to a specific channel before flushing the data stream out, as is, to the Pipelines + description: How long (in milliseconds) the Event Breaker will wait for new data + to be sent to a specific channel before flushing the data stream + out, as is, to the Pipelines minimum: 10 - maximum: 4.32e+07 + maximum: 43200000 authType: type: string title: Authentication type @@ -13377,28 +15032,44 @@ components: description: Select or create a stored text secret __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_searchHead: type: string - description: Binds 'searchHead' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'searchHead' at runtime. + description: Binds 'searchHead' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'searchHead' at runtime. __template_search: type: string - description: Binds 'search' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'search' at runtime. + description: Binds 'search' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'search' at runtime. __template_earliest: type: string - description: Binds 'earliest' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'earliest' at runtime. + description: Binds 'earliest' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'earliest' at runtime. __template_latest: type: string - description: Binds 'latest' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'latest' at runtime. + description: Binds 'latest' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'latest' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_logLevel: type: string - description: Binds 'logLevel' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLevel' at runtime. + description: Binds 'logLevel' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'logLevel' at runtime. InputSplunkHec: type: object required: @@ -13421,18 +15092,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -13440,11 +15117,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -13461,7 +15140,8 @@ components: authTokens: type: array title: Auth tokens - description: "Shared secrets to be provided by any client (Authorization: ). If empty, unauthorized access is permitted." + description: "Shared secrets to be provided by any client (Authorization: + ). If empty, unauthorized access is permitted." items: type: object required: @@ -13476,7 +15156,8 @@ components: token: type: string title: Token - description: "Shared secret to be provided by any client (Authorization: )" + description: "Shared secret to be provided by any client (Authorization: + )" enabled: type: boolean title: Enable token @@ -13487,7 +15168,9 @@ components: allowedIndexesAtToken: type: array title: Allowed indexes - description: Enter the values you want to allow in the HEC event index field at the token level. Supports wildcards. To skip validation, leave blank. + description: Enter the values you want to allow in the HEC event index field at + the token level. Supports wildcards. To skip validation, leave + blank. minItems: 0 items: type: string @@ -13503,17 +15186,23 @@ components: maxActiveReq: type: number title: Active request limit - description: "Maximum number of active requests allowed per Worker Process. Set to 0 for unlimited. Caution: Increasing the limit above the default value, or setting it to unlimited, may degrade performance and reduce throughput." + description: "Maximum number of active requests allowed per Worker Process. Set + to 0 for unlimited. Caution: Increasing the limit above the default + value, or setting it to unlimited, may degrade performance and + reduce throughput." minimum: 0 maxRequestsPerSocket: type: integer title: Requests-per-socket limit - description: Maximum number of requests per socket before @{product} instructs the client to close the connection. Default is 0 (unlimited). + description: Maximum number of requests per socket before @{product} instructs + the client to close the connection. Default is 0 (unlimited). minimum: 0 enableProxyHeader: type: boolean title: Show originating IP - description: Extract the client IP and port from PROXY protocol v1/v2. When enabled, the X-Forwarded-For header is ignored. Disable to use the X-Forwarded-For header for client IP extraction. + description: Extract the client IP and port from PROXY protocol v1/v2. When + enabled, the X-Forwarded-For header is ignored. Disable to use the + X-Forwarded-For header for client IP extraction. captureHeaders: type: boolean title: Capture request headers @@ -13521,47 +15210,61 @@ components: activityLogSampleRate: type: number title: Activity log sample rate - description: How often request activity is logged at the `info` level. A value of 1 would log every request, 10 every 10th request, etc. + description: How often request activity is logged at the `info` level. A value + of 1 would log every request, 10 every 10th request, etc. minimum: 1 requestTimeout: type: number title: Request timeout (seconds) - description: How long to wait for an incoming request to complete before aborting it. Use 0 to disable. + description: How long to wait for an incoming request to complete before + aborting it. Use 0 to disable. minimum: 0 socketTimeout: type: number title: Socket timeout (seconds) - description: How long @{product} should wait before assuming that an inactive socket has timed out. To wait forever, set to 0. + description: How long @{product} should wait before assuming that an inactive + socket has timed out. To wait forever, set to 0. minimum: 0 keepAliveTimeout: type: number title: Keep-alive timeout (seconds) - description: After the last response is sent, @{product} will wait this long for additional data before closing the socket connection. Minimum 1 second, maximum 600 seconds (10 minutes). + description: After the last response is sent, @{product} will wait this long for + additional data before closing the socket connection. Minimum 1 + second, maximum 600 seconds (10 minutes). minimum: 1 maximum: 600 ipAllowlistRegex: type: string title: IP allowlist regex - description: Messages from matched IP addresses will be processed, unless also matched by the denylist + description: Messages from matched IP addresses will be processed, unless also + matched by the denylist ipDenylistRegex: type: string title: IP denylist regex - description: Messages from matched IP addresses will be ignored. This takes precedence over the allowlist. + description: Messages from matched IP addresses will be ignored. This takes + precedence over the allowlist. splunkHecAPI: type: string title: Splunk HEC endpoint - description: Absolute path on which to listen for the Splunk HTTP Event Collector API requests. This input supports the /event, /raw and /s2s endpoints. + description: Absolute path on which to listen for the Splunk HTTP Event + Collector API requests. This input supports the /event, /raw and + /s2s endpoints. pattern: ^/ metadata: type: array title: Fields - description: Fields to add to every event. Overrides fields added at the token or request level. See [the Source documentation](https://docs.cribl.io/stream/sources-splunk-hec/#fields) for more info. + description: Fields to add to every event. Overrides fields added at the token + or request level. See [the Source + documentation](https://docs.cribl.io/stream/sources-splunk-hec/#fields) + for more info. items: $ref: "#/components/schemas/MetadataConfInputCollection" allowedIndexes: type: array title: Allowed indexes - description: List values allowed in HEC event index field. Leave blank to skip validation. Supports wildcards. The values here can expand index validation at the token level. + description: List values allowed in HEC event index field. Leave blank to skip + validation. Supports wildcards. The values here can expand index + validation at the token level. minItems: 0 items: type: string @@ -13573,23 +15276,29 @@ components: breakerRulesets: type: array title: Event Breaker rulesets - description: A list of event-breaking rulesets that will be applied, in order, to the input data stream + description: A list of event-breaking rulesets that will be applied, in order, + to the input data stream items: type: string staleChannelFlushMs: type: number title: Event Breaker buffer timeout (ms) - description: How long (in milliseconds) the Event Breaker will wait for new data to be sent to a specific channel before flushing the data stream out, as is, to the Pipelines + description: How long (in milliseconds) the Event Breaker will wait for new data + to be sent to a specific channel before flushing the data stream + out, as is, to the Pipelines minimum: 10 - maximum: 4.32e+07 + maximum: 43200000 useFwdTimezone: type: boolean title: Use Universal Forwarder time zone (S2S only) - description: Event Breakers will determine events' time zone from UF-provided metadata, when TZ can't be inferred from the raw event + description: Event Breakers will determine events' time zone from UF-provided + metadata, when TZ can't be inferred from the raw event dropControlFields: type: boolean title: Drop control fields (S2S only) - description: Drop Splunk control fields such as `crcSalt` and `_savedPort`. If disabled, control fields are stored in the internal field `__ctrlFields`. + description: Drop Splunk control fields such as `crcSalt` and `_savedPort`. If + disabled, control fields are stored in the internal field + `__ctrlFields`. extractMetrics: type: boolean title: Extract metrics (S2S only) @@ -13597,7 +15306,9 @@ components: accessControlAllowOrigin: title: CORS allowed origins type: array - description: Optionally, list HTTP origins to which @{product} should send CORS (cross-origin resource sharing) Access-Control-Allow-* headers. Supports wildcards. + description: Optionally, list HTTP origins to which @{product} should send CORS + (cross-origin resource sharing) Access-Control-Allow-* headers. + Supports wildcards. minItems: 0 items: type: string @@ -13605,7 +15316,9 @@ components: accessControlAllowHeaders: title: CORS allowed headers type: array - description: Optionally, list HTTP headers that @{product} will send to allowed origins as "Access-Control-Allow-Headers" in a CORS preflight response. Use "*" to allow all headers. + description: Optionally, list HTTP headers that @{product} will send to allowed + origins as "Access-Control-Allow-Headers" in a CORS preflight + response. Use "*" to allow all headers. minItems: 0 items: type: string @@ -13613,25 +15326,36 @@ components: emitTokenMetrics: type: boolean title: Emit per-token request metrics - description: Emit per-token (.http.perToken) and summary (.http.summary) request metrics + description: Emit per-token (.http.perToken) and summary + (.http.summary) request metrics description: type: string title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. __template_splunkHecAPI: type: string - description: Binds 'splunkHecAPI' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'splunkHecAPI' at runtime. + description: Binds 'splunkHecAPI' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'splunkHecAPI' at runtime. InputAzureBlob: type: object required: @@ -13652,18 +15376,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -13671,11 +15401,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -13683,7 +15415,11 @@ components: queueName: type: string title: Queue - description: "The storage account queue name blob notifications will be read from. Value must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myQueue-${C.vars.myVar}`" + description: "The storage account queue name blob notifications will be read + from. Value must be a JavaScript expression (which can evaluate to a + constant value), enclosed in quotes or backticks. Can be evaluated + only at initialization time. Example referencing a Global Variable: + `myQueue-${C.vars.myVar}`" fileFilter: type: string title: Filename filter @@ -13691,31 +15427,38 @@ components: visibilityTimeout: type: number title: Visibility timeout (secs) - description: The duration (in seconds) that the received messages are hidden from subsequent retrieve requests after being retrieved by a ReceiveMessage request. + description: The duration (in seconds) that the received messages are hidden + from subsequent retrieve requests after being retrieved by a + ReceiveMessage request. minimum: 0 maximum: 604800 numReceivers: type: number title: Number of receivers - description: How many receiver processes to run. The higher the number, the better the throughput - at the expense of CPU overhead. + description: How many receiver processes to run. The higher the number, the + better the throughput - at the expense of CPU overhead. minimum: 1 maximum: 100 maxMessages: type: number title: Message limit - description: "The maximum number of messages to return in a poll request. Azure storage queues never returns more messages than this value (however, fewer messages might be returned). Valid values: 1 to 32." + description: "The maximum number of messages to return in a poll request. Azure + storage queues never returns more messages than this value (however, + fewer messages might be returned). Valid values: 1 to 32." minimum: 1 maximum: 32 servicePeriodSecs: type: number title: Service period (secs) - description: The duration (in seconds) which pollers should be validated and restarted if exited + description: The duration (in seconds) which pollers should be validated and + restarted if exited minimum: 1 maximum: 10 skipOnError: type: boolean title: Skip file on error - description: Skip files that trigger a processing error. Disabled by default, which allows retries after processing errors. + description: Skip files that trigger a processing error. Disabled by default, + which allows retries after processing errors. metadata: type: array title: Fields @@ -13725,15 +15468,18 @@ components: breakerRulesets: type: array title: Event Breaker rulesets - description: A list of event-breaking rulesets that will be applied, in order, to the input data stream + description: A list of event-breaking rulesets that will be applied, in order, + to the input data stream items: type: string staleChannelFlushMs: type: number title: Event Breaker buffer timeout (ms) - description: How long (in milliseconds) the Event Breaker will wait for new data to be sent to a specific channel before flushing the data stream out, as is, to the Pipelines + description: How long (in milliseconds) the Event Breaker will wait for new data + to be sent to a specific channel before flushing the data stream + out, as is, to the Pipelines minimum: 10 - maximum: 4.32e+07 + maximum: 43200000 parquetChunkSizeMB: type: number title: Parquet chunk size limit (MB) @@ -13743,7 +15489,9 @@ components: parquetChunkDownloadTimeout: type: number title: Parquet chunk download timeout (seconds) - description: The maximum time allowed for downloading a Parquet chunk. Processing will stop if a chunk cannot be downloaded within the time specified. + description: The maximum time allowed for downloading a Parquet chunk. + Processing will stop if a chunk cannot be downloaded within the time + specified. maximum: 3600 minimum: 1 authType: @@ -13754,7 +15502,8 @@ components: connectionString: type: string title: Connection string - description: Enter your Azure Storage account connection string. If left blank, Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING. + description: Enter your Azure Storage account connection string. If left blank, + Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING. textSecret: type: string title: Connection string (text secret) @@ -13778,7 +15527,8 @@ components: endpointSuffix: type: string title: Endpoint suffix - description: Endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net. + description: Endpoint suffix for the service URL. Takes precedence over the + Azure Cloud setting. Defaults to core.windows.net. clientTextSecret: type: string title: Client secret (text secret) @@ -13787,28 +15537,46 @@ components: $ref: "#/components/schemas/CertificateTypeAzureBlobAuthTypeClientCert" __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_queueName: type: string - description: Binds 'queueName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'queueName' at runtime. + description: Binds 'queueName' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'queueName' at runtime. __template_connectionString: type: string - description: Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime. + description: Binds 'connectionString' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'connectionString' at runtime. __template_storageAccountName: type: string - description: Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime. + description: Binds 'storageAccountName' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'storageAccountName' at runtime. __template_tenantId: type: string - description: Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime. + description: Binds 'tenantId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'tenantId' at runtime. __template_clientId: type: string - description: Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime. + description: Binds 'clientId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'clientId' at runtime. __template_azureCloud: type: string - description: Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime. + description: Binds 'azureCloud' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'azureCloud' at runtime. InputElastic: type: object required: @@ -13831,18 +15599,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -13850,11 +15624,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -13873,17 +15649,23 @@ components: maxActiveReq: type: number title: Active request limit - description: "Maximum number of active requests allowed per Worker Process. Set to 0 for unlimited. Caution: Increasing the limit above the default value, or setting it to unlimited, may degrade performance and reduce throughput." + description: "Maximum number of active requests allowed per Worker Process. Set + to 0 for unlimited. Caution: Increasing the limit above the default + value, or setting it to unlimited, may degrade performance and + reduce throughput." minimum: 0 maxRequestsPerSocket: type: integer title: Requests-per-socket limit - description: Maximum number of requests per socket before @{product} instructs the client to close the connection. Default is 0 (unlimited). + description: Maximum number of requests per socket before @{product} instructs + the client to close the connection. Default is 0 (unlimited). minimum: 0 enableProxyHeader: type: boolean title: Show originating IP - description: Extract the client IP and port from PROXY protocol v1/v2. When enabled, the X-Forwarded-For header is ignored. Disable to use the X-Forwarded-For header for client IP extraction. + description: Extract the client IP and port from PROXY protocol v1/v2. When + enabled, the X-Forwarded-For header is ignored. Disable to use the + X-Forwarded-For header for client IP extraction. captureHeaders: type: boolean title: Capture request headers @@ -13891,40 +15673,52 @@ components: activityLogSampleRate: type: number title: Activity log sample rate - description: How often request activity is logged at the `info` level. A value of 1 would log every request, 10 every 10th request, etc. + description: How often request activity is logged at the `info` level. A value + of 1 would log every request, 10 every 10th request, etc. minimum: 1 requestTimeout: type: number title: Request timeout (seconds) - description: How long to wait for an incoming request to complete before aborting it. Use 0 to disable. + description: How long to wait for an incoming request to complete before + aborting it. Use 0 to disable. minimum: 0 socketTimeout: type: number title: Socket timeout (seconds) - description: How long @{product} should wait before assuming that an inactive socket has timed out. To wait forever, set to 0. + description: How long @{product} should wait before assuming that an inactive + socket has timed out. To wait forever, set to 0. minimum: 0 keepAliveTimeout: type: number title: Keep-alive timeout (seconds) - description: After the last response is sent, @{product} will wait this long for additional data before closing the socket connection. Minimum 1 second, maximum 600 seconds (10 minutes). + description: After the last response is sent, @{product} will wait this long for + additional data before closing the socket connection. Minimum 1 + second, maximum 600 seconds (10 minutes). minimum: 1 maximum: 600 enableHealthCheck: type: boolean title: Health check endpoint - description: Expose the /cribl_health endpoint, which returns 200 OK when this Source is healthy + description: Expose the /cribl_health endpoint, which returns 200 OK when this + Source is healthy ipAllowlistRegex: type: string title: IP allowlist regex - description: Messages from matched IP addresses will be processed, unless also matched by the denylist + description: Messages from matched IP addresses will be processed, unless also + matched by the denylist ipDenylistRegex: type: string title: IP denylist regex - description: Messages from matched IP addresses will be ignored. This takes precedence over the allowlist. + description: Messages from matched IP addresses will be ignored. This takes + precedence over the allowlist. elasticAPI: type: string title: Elasticsearch API endpoint - description: Absolute path on which to listen for Elasticsearch API requests. Defaults to /. _bulk will be appended automatically. For example, /myPath becomes /myPath/_bulk. Requests can then be made to either /myPath/_bulk or /myPath//_bulk. Other entries are faked as success. + description: Absolute path on which to listen for Elasticsearch API requests. + Defaults to /. _bulk will be appended automatically. For example, + /myPath becomes /myPath/_bulk. Requests can then be made to either + /myPath/_bulk or /myPath//_bulk. Other entries are + faked as success. pattern: ^/ authType: type: string @@ -13974,7 +15768,11 @@ components: enabled: type: boolean title: Enable proxy mode - description: Enable proxying of non-bulk API requests to an external Elastic server. Enable this only if you understand the implications. See [Cribl Docs](https://docs.cribl.io/stream/sources-elastic/#proxy-mode) for more details. + description: Enable proxying of non-bulk API requests to an external Elastic + server. Enable this only if you understand the implications. See + [Cribl + Docs](https://docs.cribl.io/stream/sources-elastic/#proxy-mode) + for more details. authType: enum: - none @@ -13997,11 +15795,13 @@ components: url: type: string title: Proxy URL - description: URL of the Elastic server to proxy non-bulk requests to, such as http://elastic:9200 + description: URL of the Elastic server to proxy non-bulk requests to, such as + http://elastic:9200 rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) + description: Reject certificates that cannot be verified against a valid CA + (such as self-signed certificates) removeHeaders: type: array title: Remove headers @@ -14013,12 +15813,15 @@ components: timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Proxy request timeout - description: Amount of time, in seconds, to wait for a proxy request to complete before canceling it + description: Amount of time, in seconds, to wait for a proxy request to complete + before canceling it __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. description: type: string title: Description @@ -14044,22 +15847,34 @@ components: description: Custom version information to respond to requests __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. __template_elasticAPI: type: string - description: Binds 'elasticAPI' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticAPI' at runtime. + description: Binds 'elasticAPI' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'elasticAPI' at runtime. __template_authTokens: type: string - description: Binds 'authTokens' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'authTokens' at runtime. + description: Binds 'authTokens' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'authTokens' at runtime. InputConfluentCloud: type: object required: @@ -14081,18 +15896,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -14100,11 +15921,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -14112,7 +15935,8 @@ components: brokers: type: array title: Bootstrap servers - description: List of Confluent Cloud bootstrap servers to use, such as yourAccount.confluent.cloud:9092 + description: List of Confluent Cloud bootstrap servers to use, such as + yourAccount.confluent.cloud:9092 minItems: 1 items: type: string @@ -14122,7 +15946,8 @@ components: topics: type: array title: Topic - description: "Topic to subscribe to. Warning: To optimize performance, Cribl suggests subscribing each Kafka Source to a single topic only." + description: "Topic to subscribe to. Warning: To optimize performance, Cribl + suggests subscribing each Kafka Source to a single topic only." minItems: 1 items: type: string @@ -14130,11 +15955,13 @@ components: groupId: type: string title: Group ID - description: The consumer group to which this instance belongs. Defaults to 'Cribl'. + description: The consumer group to which this instance belongs. Defaults to + 'Cribl'. fromBeginning: type: boolean title: From beginning - description: Leave enabled if you want the Source, upon first subscribing to a topic, to read starting with the earliest available message + description: Leave enabled if you want the Source, upon first subscribing to a + topic, to read starting with the earliest available message kafkaSchemaRegistry: $ref: "#/components/schemas/KafkaSchemaRegistryAuthenticationType" connectionTimeout: @@ -14142,103 +15969,132 @@ components: title: Connection timeout (ms) description: Maximum time to wait for a connection to complete successfully minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 requestTimeout: type: number title: Request timeout (ms) description: Maximum time to wait for Kafka to respond to a request minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 maxRetries: type: number title: Retry limit - description: If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data + description: If messages are failing, you can set the maximum number of retries + as high as 100 to prevent loss of data minimum: 0 maximum: 100 maxBackOff: type: number title: Backoff limit (ms) - description: The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds). + description: The maximum wait time for a retry, in milliseconds. Default (and + minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 + seconds). minimum: 30000 maximum: 180000 initialBackoff: type: number title: Initial retry interval (ms) - description: Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes). + description: Initial value used to calculate the retry, in milliseconds. Maximum + is 600,000 ms (10 minutes). minimum: 300 maximum: 600000 backoffRate: type: number title: Backoff multiplier - description: Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details. + description: Set the backoff multiplier (2-20) to control the retry frequency + for failed messages. For faster retries, use a lower multiplier. For + slower retries with more delay between attempts, use a higher + multiplier. The multiplier is used in an exponential backoff + formula; see the Kafka + [documentation](https://kafka.js.org/docs/retry-detailed) for + details. minimum: 2 maximum: 20 authenticationTimeout: type: number title: Authentication timeout (ms) - description: Maximum time to wait for Kafka to respond to an authentication request + description: Maximum time to wait for Kafka to respond to an authentication + request minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 reauthenticationThreshold: type: number title: Reauthentication threshold (ms) - description: Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire. + description: Specifies a time window during which @{product} can reauthenticate + if needed. Creates the window measuring backward from the moment + when credentials are set to expire. minimum: 1000 - maximum: 1.8e+06 + maximum: 1800000 sasl: $ref: "#/components/schemas/AuthenticationType" sessionTimeout: type: number title: Session timeout (ms) - description: "\n Timeout used to detect client failures when using Kafka's group-management facilities.\n If the client sends no heartbeats to the broker before the timeout expires, \n the broker will remove the client from the group and initiate a rebalance.\n Value must be between the broker's configured group.min.session.timeout.ms and group.max.session.timeout.ms.\n See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details." + description: >2- + + Timeout used to detect client failures when using Kafka's group-management facilities. + If the client sends no heartbeats to the broker before the timeout expires, + the broker will remove the client from the group and initiate a rebalance. + Value must be between the broker's configured group.min.session.timeout.ms and group.max.session.timeout.ms. + See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 rebalanceTimeout: type: number title: Rebalance timeout (ms) - description: >2- - Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + description: |- + + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 heartbeatInterval: type: number title: Heartbeat interval (ms) - description: >2- - Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + description: |- + + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 autoCommitInterval: type: number title: Offset commit interval (ms) - description: How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. + description: How often to commit offsets. If both this and Offset commit + threshold are set, @{product} commits offsets when either condition + is met. If both are empty, @{product} commits offsets after each + batch. minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 autoCommitThreshold: type: number title: Offset commit threshold - description: How many events are needed to trigger an offset commit. If both this and Offset commit interval are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. + description: How many events are needed to trigger an offset commit. If both + this and Offset commit interval are set, @{product} commits offsets + when either condition is met. If both are empty, @{product} commits + offsets after each batch. minimum: 1 maximum: 10000 maxBytesPerPartition: type: number title: Byte limit, per partition - description: Maximum amount of data that Kafka will return per partition, per fetch request. Must equal or exceed the maximum message size (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, @{product} can get stuck trying to retrieve messages. Defaults to 1048576 (1 MB). + description: Maximum amount of data that Kafka will return per partition, per + fetch request. Must equal or exceed the maximum message size + (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, + @{product} can get stuck trying to retrieve messages. Defaults to + 1048576 (1 MB). minimum: 1 - maximum: 1e+07 + maximum: 10000000 maxBytes: type: number title: Byte limit - description: Maximum number of bytes that Kafka will return per fetch request. Defaults to 10485760 (10 MB). + description: Maximum number of bytes that Kafka will return per fetch request. + Defaults to 10485760 (10 MB). minimum: 1 - maximum: 1e+09 + maximum: 1000000000 maxSocketErrors: type: number title: Error limit, per socket - description: Maximum number of network errors before the consumer re-creates a socket + description: Maximum number of network errors before the consumer re-creates a + socket minimum: 0 maximum: 100 metadata: @@ -14252,19 +16108,29 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_brokers: type: string - description: Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime. + description: Binds 'brokers' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'brokers' at runtime. __template_topics: type: string - description: Binds 'topics' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topics' at runtime. + description: Binds 'topics' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'topics' at runtime. __template_groupId: type: string - description: Binds 'groupId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'groupId' at runtime. + description: Binds 'groupId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'groupId' at runtime. InputGrafana: type: object required: @@ -14286,18 +16152,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -14305,11 +16177,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -14328,17 +16202,23 @@ components: maxActiveReq: type: number title: Active request limit - description: "Maximum number of active requests allowed per Worker Process. Set to 0 for unlimited. Caution: Increasing the limit above the default value, or setting it to unlimited, may degrade performance and reduce throughput." + description: "Maximum number of active requests allowed per Worker Process. Set + to 0 for unlimited. Caution: Increasing the limit above the default + value, or setting it to unlimited, may degrade performance and + reduce throughput." minimum: 0 maxRequestsPerSocket: type: integer title: Requests-per-socket limit - description: Maximum number of requests per socket before @{product} instructs the client to close the connection. Default is 0 (unlimited). + description: Maximum number of requests per socket before @{product} instructs + the client to close the connection. Default is 0 (unlimited). minimum: 0 enableProxyHeader: type: boolean title: Show originating IP - description: Extract the client IP and port from PROXY protocol v1/v2. When enabled, the X-Forwarded-For header is ignored. Disable to use the X-Forwarded-For header for client IP extraction. + description: Extract the client IP and port from PROXY protocol v1/v2. When + enabled, the X-Forwarded-For header is ignored. Disable to use the + X-Forwarded-For header for client IP extraction. captureHeaders: type: boolean title: Capture request headers @@ -14346,45 +16226,63 @@ components: activityLogSampleRate: type: number title: Activity log sample rate - description: How often request activity is logged at the `info` level. A value of 1 would log every request, 10 every 10th request, etc. + description: How often request activity is logged at the `info` level. A value + of 1 would log every request, 10 every 10th request, etc. minimum: 1 requestTimeout: type: number title: Request timeout (seconds) - description: How long to wait for an incoming request to complete before aborting it. Use 0 to disable. + description: How long to wait for an incoming request to complete before + aborting it. Use 0 to disable. minimum: 0 socketTimeout: type: number title: Socket timeout (seconds) - description: How long @{product} should wait before assuming that an inactive socket has timed out. To wait forever, set to 0. + description: How long @{product} should wait before assuming that an inactive + socket has timed out. To wait forever, set to 0. minimum: 0 keepAliveTimeout: type: number title: Keep alive timeout (seconds) - description: Maximum time to wait for additional data, after the last response was sent, before closing a socket connection. This can be very useful when Grafana Agent remote write's request frequency is high so, reusing connections, would help mitigating the cost of creating a new connection per request. Note that Grafana Agent's embedded Prometheus would attempt to keep connections open for up to 5 minutes. + description: Maximum time to wait for additional data, after the last response + was sent, before closing a socket connection. This can be very + useful when Grafana Agent remote write's request frequency is high + so, reusing connections, would help mitigating the cost of creating + a new connection per request. Note that Grafana Agent's embedded + Prometheus would attempt to keep connections open for up to 5 + minutes. minimum: 1 maximum: 600 enableHealthCheck: type: boolean title: Health check endpoint - description: Expose the /cribl_health endpoint, which returns 200 OK when this Source is healthy + description: Expose the /cribl_health endpoint, which returns 200 OK when this + Source is healthy ipAllowlistRegex: type: string title: IP allowlist regex - description: Messages from matched IP addresses will be processed, unless also matched by the denylist + description: Messages from matched IP addresses will be processed, unless also + matched by the denylist ipDenylistRegex: type: string title: IP denylist regex - description: Messages from matched IP addresses will be ignored. This takes precedence over the allowlist. + description: Messages from matched IP addresses will be ignored. This takes + precedence over the allowlist. prometheusAPI: type: string title: Remote Write API endpoint - description: "Absolute path on which to listen for Grafana Agent's Remote Write requests. Defaults to /api/prom/push, which will expand as: 'http://:/api/prom/push'. Either this field or 'Logs API endpoint' must be configured." + description: "Absolute path on which to listen for Grafana Agent's Remote Write + requests. Defaults to /api/prom/push, which will expand as: + 'http://:/api/prom/push'. Either this + field or 'Logs API endpoint' must be configured." pattern: ^/ lokiAPI: type: string title: Logs API endpoint - description: "Absolute path on which to listen for Loki logs requests. Defaults to /loki/api/v1/push, which will (in this example) expand as: 'http://:/loki/api/v1/push'. Either this field or 'Remote Write API endpoint' must be configured." + description: "Absolute path on which to listen for Loki logs requests. Defaults + to /loki/api/v1/push, which will (in this example) expand as: + 'http://:/loki/api/v1/push'. Either + this field or 'Remote Write API endpoint' must be configured." pattern: ^/ prometheusAuth: type: object @@ -14443,22 +16341,34 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. __template_prometheusAPI: type: string - description: Binds 'prometheusAPI' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'prometheusAPI' at runtime. + description: Binds 'prometheusAPI' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'prometheusAPI' at runtime. __template_lokiAPI: type: string - description: Binds 'lokiAPI' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'lokiAPI' at runtime. + description: Binds 'lokiAPI' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'lokiAPI' at runtime. anyOf: - required: - prometheusAPI @@ -14486,18 +16396,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -14505,11 +16421,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -14528,17 +16446,23 @@ components: maxActiveReq: type: number title: Active request limit - description: "Maximum number of active requests allowed per Worker Process. Set to 0 for unlimited. Caution: Increasing the limit above the default value, or setting it to unlimited, may degrade performance and reduce throughput." + description: "Maximum number of active requests allowed per Worker Process. Set + to 0 for unlimited. Caution: Increasing the limit above the default + value, or setting it to unlimited, may degrade performance and + reduce throughput." minimum: 0 maxRequestsPerSocket: type: integer title: Requests-per-socket limit - description: Maximum number of requests per socket before @{product} instructs the client to close the connection. Default is 0 (unlimited). + description: Maximum number of requests per socket before @{product} instructs + the client to close the connection. Default is 0 (unlimited). minimum: 0 enableProxyHeader: type: boolean title: Show originating IP - description: Extract the client IP and port from PROXY protocol v1/v2. When enabled, the X-Forwarded-For header is ignored. Disable to use the X-Forwarded-For header for client IP extraction. + description: Extract the client IP and port from PROXY protocol v1/v2. When + enabled, the X-Forwarded-For header is ignored. Disable to use the + X-Forwarded-For header for client IP extraction. captureHeaders: type: boolean title: Capture request headers @@ -14546,40 +16470,50 @@ components: activityLogSampleRate: type: number title: Activity log sample rate - description: How often request activity is logged at the `info` level. A value of 1 would log every request, 10 every 10th request, etc. + description: How often request activity is logged at the `info` level. A value + of 1 would log every request, 10 every 10th request, etc. minimum: 1 requestTimeout: type: number title: Request timeout (seconds) - description: How long to wait for an incoming request to complete before aborting it. Use 0 to disable. + description: How long to wait for an incoming request to complete before + aborting it. Use 0 to disable. minimum: 0 socketTimeout: type: number title: Socket timeout (seconds) - description: How long @{product} should wait before assuming that an inactive socket has timed out. To wait forever, set to 0. + description: How long @{product} should wait before assuming that an inactive + socket has timed out. To wait forever, set to 0. minimum: 0 keepAliveTimeout: type: number title: Keep-alive timeout (seconds) - description: After the last response is sent, @{product} will wait this long for additional data before closing the socket connection. Minimum 1 second, maximum 600 seconds (10 minutes). + description: After the last response is sent, @{product} will wait this long for + additional data before closing the socket connection. Minimum 1 + second, maximum 600 seconds (10 minutes). minimum: 1 maximum: 600 enableHealthCheck: type: boolean title: Health check endpoint - description: Expose the /cribl_health endpoint, which returns 200 OK when this Source is healthy + description: Expose the /cribl_health endpoint, which returns 200 OK when this + Source is healthy ipAllowlistRegex: type: string title: IP allowlist regex - description: Messages from matched IP addresses will be processed, unless also matched by the denylist + description: Messages from matched IP addresses will be processed, unless also + matched by the denylist ipDenylistRegex: type: string title: IP denylist regex - description: Messages from matched IP addresses will be ignored. This takes precedence over the allowlist. + description: Messages from matched IP addresses will be ignored. This takes + precedence over the allowlist. lokiAPI: type: string title: Logs API endpoint - description: "Absolute path on which to listen for Loki logs requests. Defaults to /loki/api/v1/push, which will (in this example) expand as: 'http://:/loki/api/v1/push'." + description: "Absolute path on which to listen for Loki logs requests. Defaults + to /loki/api/v1/push, which will (in this example) expand as: + 'http://:/loki/api/v1/push'." pattern: ^/ authType: $ref: "#/components/schemas/AuthenticationTypeOptionsLokiAuth" @@ -14612,19 +16546,29 @@ components: description: Select or create a stored text secret __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. __template_lokiAPI: type: string - description: Binds 'lokiAPI' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'lokiAPI' at runtime. + description: Binds 'lokiAPI' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'lokiAPI' at runtime. InputPrometheusRw: type: object required: @@ -14647,18 +16591,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -14666,11 +16616,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -14689,17 +16641,23 @@ components: maxActiveReq: type: number title: Active request limit - description: "Maximum number of active requests allowed per Worker Process. Set to 0 for unlimited. Caution: Increasing the limit above the default value, or setting it to unlimited, may degrade performance and reduce throughput." + description: "Maximum number of active requests allowed per Worker Process. Set + to 0 for unlimited. Caution: Increasing the limit above the default + value, or setting it to unlimited, may degrade performance and + reduce throughput." minimum: 0 maxRequestsPerSocket: type: integer title: Requests-per-socket limit - description: Maximum number of requests per socket before @{product} instructs the client to close the connection. Default is 0 (unlimited). + description: Maximum number of requests per socket before @{product} instructs + the client to close the connection. Default is 0 (unlimited). minimum: 0 enableProxyHeader: type: boolean title: Show originating IP - description: Extract the client IP and port from PROXY protocol v1/v2. When enabled, the X-Forwarded-For header is ignored. Disable to use the X-Forwarded-For header for client IP extraction. + description: Extract the client IP and port from PROXY protocol v1/v2. When + enabled, the X-Forwarded-For header is ignored. Disable to use the + X-Forwarded-For header for client IP extraction. captureHeaders: type: boolean title: Capture request headers @@ -14707,40 +16665,50 @@ components: activityLogSampleRate: type: number title: Activity log sample rate - description: How often request activity is logged at the `info` level. A value of 1 would log every request, 10 every 10th request, etc. + description: How often request activity is logged at the `info` level. A value + of 1 would log every request, 10 every 10th request, etc. minimum: 1 requestTimeout: type: number title: Request timeout (seconds) - description: How long to wait for an incoming request to complete before aborting it. Use 0 to disable. + description: How long to wait for an incoming request to complete before + aborting it. Use 0 to disable. minimum: 0 socketTimeout: type: number title: Socket timeout (seconds) - description: How long @{product} should wait before assuming that an inactive socket has timed out. To wait forever, set to 0. + description: How long @{product} should wait before assuming that an inactive + socket has timed out. To wait forever, set to 0. minimum: 0 keepAliveTimeout: type: number title: Keep-alive timeout (seconds) - description: After the last response is sent, @{product} will wait this long for additional data before closing the socket connection. Minimum 1 second, maximum 600 seconds (10 minutes). + description: After the last response is sent, @{product} will wait this long for + additional data before closing the socket connection. Minimum 1 + second, maximum 600 seconds (10 minutes). minimum: 1 maximum: 600 enableHealthCheck: type: boolean title: Health check endpoint - description: Expose the /cribl_health endpoint, which returns 200 OK when this Source is healthy + description: Expose the /cribl_health endpoint, which returns 200 OK when this + Source is healthy ipAllowlistRegex: type: string title: IP allowlist regex - description: Messages from matched IP addresses will be processed, unless also matched by the denylist + description: Messages from matched IP addresses will be processed, unless also + matched by the denylist ipDenylistRegex: type: string title: IP denylist regex - description: Messages from matched IP addresses will be ignored. This takes precedence over the allowlist. + description: Messages from matched IP addresses will be ignored. This takes + precedence over the allowlist. prometheusAPI: type: string title: Remote Write API endpoint - description: "Absolute path on which to listen for Prometheus requests. Defaults to /write, which will expand as: http://:/write." + description: "Absolute path on which to listen for Prometheus requests. Defaults + to /write, which will expand as: + http://:/write." pattern: ^/ authType: $ref: "#/components/schemas/AuthenticationTypeOptionsPrometheusAuth" @@ -14773,22 +16741,34 @@ components: description: Select or create a stored text secret __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. __template_prometheusAPI: type: string - description: Binds 'prometheusAPI' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'prometheusAPI' at runtime. + description: Binds 'prometheusAPI' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'prometheusAPI' at runtime. __template_username: type: string - description: Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. + description: Binds 'username' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'username' at runtime. InputPrometheus: type: object required: @@ -14810,18 +16790,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -14829,11 +16815,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -14849,7 +16837,9 @@ components: fieldPerMetric: type: boolean title: Use field per metric - description: "When enabled, each metric name is used as the event field key (example: go_threads: 9) instead of the default _metric/_value format." + description: "When enabled, each metric name is used as the event field key + (example: go_threads: 9) instead of the default _metric/_value + format." discoveryType: title: Discovery type type: string @@ -14857,16 +16847,20 @@ components: - static - dns - ec2 + - http_sd x-speakeasy-enum-descriptions: - Static - DNS - AWS EC2 - description: Target discovery mechanism. Use static to manually enter a list of targets. + - HTTP SD + description: Target discovery mechanism. Use static to manually enter a list of + targets. x-speakeasy-unknown-values: allow interval: type: number title: Poll interval - description: How often, in minutes, to scrape targets for metrics. Maximum of 60 minutes. 60 must be evenly divisible by the value you enter. + description: How often, in minutes, to scrape targets for metrics. Maximum of 60 + minutes. 60 must be evenly divisible by the value you enter. minimum: 1 maximum: 60 logLevel: @@ -14874,36 +16868,44 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates timeout: type: number title: HTTP connection timeout - description: Time, in seconds, before aborting HTTP connection attempts; use 0 for no timeout + description: Time, in seconds, before aborting HTTP connection attempts; use 0 + for no timeout minimum: 0 keepAliveTime: type: number title: Keep alive time (seconds) - description: How often workers should check in with the scheduler to keep job subscription alive + description: How often workers should check in with the scheduler to keep job + subscription alive minimum: 10 jobTimeout: type: string title: Job timeout - description: Maximum time the job is allowed to run (e.g., 30, 45s or 15m). Units are seconds, if not specified. Enter 0 for unlimited time. + description: Maximum time the job is allowed to run (e.g., 30, 45s or 15m). + Units are seconds, if not specified. Enter 0 for unlimited time. pattern: ^\d+[sm]?$ maxMissedKeepAlives: type: number title: Worker timeout (periods) - description: The number of Keep Alive Time periods before an inactive worker will have its job subscription revoked. + description: The number of Keep Alive Time periods before an inactive worker + will have its job subscription revoked. minimum: 2 ttl: type: string title: Time to live - description: Time to keep the job's artifacts on disk after job completion. This also affects how long a job is listed in the Job Inspector. + description: Time to keep the job's artifacts on disk after job completion. This + also affects how long a job is listed in the Job Inspector. pattern: \d+[smh]$ ignoreGroupJobsLimit: type: boolean title: Ignore Worker Group job limits - description: When enabled, this job's artifacts are not counted toward the Worker Group's finished job artifacts limit. Artifacts will be removed only after the Collector's configured time to live. + description: When enabled, this job's artifacts are not counted toward the + Worker Group's finished job artifacts limit. Artifacts will be + removed only after the Collector's configured time to live. metadata: type: array title: Fields @@ -14919,7 +16921,11 @@ components: type: array title: Targets minItems: 1 - description: "List of Prometheus targets to pull metrics from. Values can be in URL or host[:port] format. For example: http://localhost:9090/metrics, localhost:9090, or localhost. In cases where just host[:port] is specified, the endpoint will resolve to 'http://host[:port]/metrics'." + description: "List of Prometheus targets to pull metrics from. Values can be in + URL or host[:port] format. For example: + http://localhost:9090/metrics, localhost:9090, or localhost. In + cases where just host[:port] is specified, the endpoint will resolve + to 'http://host[:port]/metrics'." items: type: string title: Targets @@ -14961,11 +16967,13 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key usePublicIp: type: boolean title: Use public IP - description: Use public IP address for discovered targets. Disable to use the private IP address. + description: Use public IP address for discovered targets. Disable to use the + private IP address. searchFilter: title: Search filter description: Filter to apply when searching for EC2 instances @@ -14982,7 +16990,8 @@ components: endpoint: type: string title: Endpoint - description: EC2 service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to EC2-compatible endpoint. + description: EC2 service endpoint. If empty, defaults to the AWS Region-specific + endpoint. Otherwise, it must point to EC2-compatible endpoint. reuseConnections: type: boolean title: Reuse connections @@ -15004,9 +17013,32 @@ components: durationSeconds: type: number title: Duration (seconds) - description: Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). + description: Duration of the assumed role's session, in seconds. Minimum is 900 + (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 + hours). minimum: 900 maximum: 43200 + httpDiscoveryUrl: + type: string + title: Discovery URL + description: URL to fetch target groups from (must be http or https) + pattern: ^https?:// + httpDiscoveryHeaders: + type: array + title: HTTP headers + description: Extra headers to send with the discovery request + items: + $ref: "#/components/schemas/HttpDiscoveryHeaderConfInputPrometheus" + httpDiscoveryRejectUnauthorized: + type: boolean + title: Reject unauthorized certificates + description: Reject TLS certificates that cannot be verified for the discovery + endpoint. Falls back to the source-level setting if not specified. + maxResponseBodySize: + type: string + title: Max response body size + description: Maximum size of the HTTP SD response body. Responses exceeding this + limit will be rejected. Defaults to 20 MB. username: type: string title: Username @@ -15021,49 +17053,80 @@ components: description: Select or create a secret that references your credentials __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_dimensionList: type: string - description: Binds 'dimensionList' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dimensionList' at runtime. + description: Binds 'dimensionList' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'dimensionList' at runtime. __template_discoveryType: type: string - description: Binds 'discoveryType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoveryType' at runtime. + description: Binds 'discoveryType' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'discoveryType' at runtime. __template_logLevel: type: string - description: Binds 'logLevel' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLevel' at runtime. + description: Binds 'logLevel' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'logLevel' at runtime. __template_targetList: type: string - description: Binds 'targetList' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'targetList' at runtime. + description: Binds 'targetList' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'targetList' at runtime. __template_nameList: type: string - description: Binds 'nameList' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nameList' at runtime. + description: Binds 'nameList' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'nameList' at runtime. __template_awsApiKey: type: string - description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime. + description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsApiKey' at runtime. __template_awsSecretKey: type: string - description: Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime. + description: Binds 'awsSecretKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsSecretKey' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_assumeRoleArn: type: string - description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. + description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. __template_assumeRoleExternalId: type: string - description: Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime. + description: Binds 'assumeRoleExternalId' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'assumeRoleExternalId' at runtime. __template_username: type: string - description: Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. + description: Binds 'username' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'username' at runtime. __template_password: type: string - description: Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. + description: Binds 'password' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'password' at runtime. InputEdgePrometheus: type: object required: @@ -15085,18 +17148,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -15104,11 +17173,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -15124,7 +17195,9 @@ components: fieldPerMetric: type: boolean title: Use field per metric - description: "When enabled, each metric name is used as the event field key (example: go_threads: 9) instead of the default _metric/_value format." + description: "When enabled, each metric name is used as the event field key + (example: go_threads: 9) instead of the default _metric/_value + format." discoveryType: title: Discovery type type: string @@ -15135,6 +17208,7 @@ components: - k8s-node - k8s-pods - k8s-service-monitor + - http_sd x-speakeasy-enum-descriptions: - Static - DNS @@ -15142,7 +17216,9 @@ components: - Kubernetes Node - Kubernetes Pods - Kubernetes Service Monitor (v4.18+) - description: Target discovery mechanism. Use static to manually enter a list of targets. + - HTTP SD + description: Target discovery mechanism. Use static to manually enter a list of + targets. x-speakeasy-unknown-values: allow interval: type: number @@ -15152,7 +17228,8 @@ components: timeout: type: number title: HTTP Connection Timeout - description: Timeout, in milliseconds, before aborting HTTP connection attempts; 1-60000 or 0 to disable + description: Timeout, in milliseconds, before aborting HTTP connection attempts; + 1-60000 or 0 to disable maximum: 60000 minimum: 0 persistence: @@ -15233,11 +17310,13 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key usePublicIp: type: boolean title: Use public IP - description: Use public IP address for discovered targets. Disable to use the private IP address. + description: Use public IP address for discovered targets. Disable to use the + private IP address. searchFilter: title: Search filter description: Filter to apply when searching for EC2 instances @@ -15254,7 +17333,8 @@ components: endpoint: type: string title: Endpoint - description: EC2 service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to EC2-compatible endpoint. + description: EC2 service endpoint. If empty, defaults to the AWS Region-specific + endpoint. Otherwise, it must point to EC2-compatible endpoint. reuseConnections: type: boolean title: Reuse connections @@ -15262,7 +17342,8 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates enableAssumeRole: type: boolean title: Enable for EC2 @@ -15280,13 +17361,19 @@ components: durationSeconds: type: number title: Duration (seconds) - description: Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). + description: Duration of the assumed role's session, in seconds. Minimum is 900 + (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 + hours). minimum: 900 maximum: 43200 serviceMonitorNamespace: type: string title: ServiceMonitor Namespace - description: "Namespace to search for ServiceMonitor resources. Leave empty to search in all namespaces. Note: Kubernetes Service Monitor discovery requires Cribl Edge version 4.18 or greater. Nodes running an older version with this option configured will report an error due to configuration schema validation failure." + description: "Namespace to search for ServiceMonitor resources. Leave empty to + search in all namespaces. Note: Kubernetes Service Monitor discovery + requires Cribl Edge version 4.18 or greater. Nodes running an older + version with this option configured will report an error due to + configuration schema validation failure." scrapeProtocolExpr: type: string title: Protocol @@ -15302,10 +17389,11 @@ components: podFilter: type: array title: Filter Rules - description: |2 - Add rules to decide which pods to discover for metrics. - Pods are searched if no rules are given or of all the rules' - expressions evaluate to true. + description: | + + Add rules to decide which pods to discover for metrics. + Pods are searched if no rules are given or of all the rules' + expressions evaluate to true. items: type: object required: @@ -15314,11 +17402,33 @@ components: filter: type: string title: Filter Expression - description: JavaScript expression applied to pods objects. Return 'true' to include it. + description: JavaScript expression applied to pods objects. Return 'true' to + include it. description: type: string title: Description description: Optional description of this rule's purpose + httpDiscoveryUrl: + type: string + title: Discovery URL + description: URL to fetch target groups from (must be http or https) + pattern: ^https?:// + httpDiscoveryHeaders: + type: array + title: HTTP headers + description: Extra headers to send with the discovery request + items: + $ref: "#/components/schemas/HttpDiscoveryHeaderConfInputPrometheus" + httpDiscoveryRejectUnauthorized: + type: boolean + title: Reject unauthorized certificates + description: Reject TLS certificates that cannot be verified for the discovery + endpoint. Falls back to the source-level setting if not specified. + maxResponseBodySize: + type: string + title: Max response body size + description: Maximum size of the HTTP SD response body. Responses exceeding this + limit will be rejected. Defaults to 20 MB. username: type: string title: Username @@ -15333,34 +17443,55 @@ components: description: Select or create a secret that references your credentials __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_dimensionList: type: string - description: Binds 'dimensionList' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dimensionList' at runtime. + description: Binds 'dimensionList' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'dimensionList' at runtime. __template_nameList: type: string - description: Binds 'nameList' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nameList' at runtime. + description: Binds 'nameList' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'nameList' at runtime. __template_awsApiKey: type: string - description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime. + description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsApiKey' at runtime. __template_awsSecretKey: type: string - description: Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime. + description: Binds 'awsSecretKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsSecretKey' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_assumeRoleArn: type: string - description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. + description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. __template_assumeRoleExternalId: type: string - description: Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime. + description: Binds 'assumeRoleExternalId' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'assumeRoleExternalId' at runtime. InputOffice365Mgmt: type: object required: @@ -15383,18 +17514,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -15402,11 +17539,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -15430,27 +17569,33 @@ components: keepAliveTime: type: number title: Keep alive time (seconds) - description: How often workers should check in with the scheduler to keep job subscription alive + description: How often workers should check in with the scheduler to keep job + subscription alive minimum: 10 jobTimeout: type: string title: Job timeout - description: Maximum time the job is allowed to run (e.g., 30, 45s or 15m). Units are seconds, if not specified. Enter 0 for unlimited time. + description: Maximum time the job is allowed to run (e.g., 30, 45s or 15m). + Units are seconds, if not specified. Enter 0 for unlimited time. pattern: ^\d+[sm]?$ maxMissedKeepAlives: type: number title: Worker timeout (periods) - description: The number of Keep Alive Time periods before an inactive worker will have its job subscription revoked. + description: The number of Keep Alive Time periods before an inactive worker + will have its job subscription revoked. minimum: 2 ttl: type: string title: Time to live - description: Time to keep the job's artifacts on disk after job completion. This also affects how long a job is listed in the Job Inspector. + description: Time to keep the job's artifacts on disk after job completion. This + also affects how long a job is listed in the Job Inspector. pattern: \d+[smh]$ ignoreGroupJobsLimit: type: boolean title: Ignore Worker Group job limits - description: When enabled, this job's artifacts are not counted toward the Worker Group's finished job artifacts limit. Artifacts will be removed only after the Collector's configured time to live. + description: When enabled, this job's artifacts are not counted toward the + Worker Group's finished job artifacts limit. Artifacts will be + removed only after the Collector's configured time to live. metadata: type: array title: Fields @@ -15460,7 +17605,9 @@ components: publisherIdentifier: type: string title: Publisher Identifier - description: Optional Publisher Identifier to use in API requests, defaults to tenant id if not defined. For more information see [here](https://docs.microsoft.com/en-us/office/office-365-management-api/office-365-management-activity-api-reference#start-a-subscription) + description: Optional Publisher Identifier to use in API requests, defaults to + tenant id if not defined. For more information see + [here](https://docs.microsoft.com/en-us/office/office-365-management-api/office-365-management-activity-api-reference#start-a-subscription) contentConfig: type: array title: Content Types @@ -15474,7 +17621,8 @@ components: description: type: string title: Interval Description - description: If interval type is minutes the value entered must evenly divisible by 60 or save will fail + description: If interval type is minutes the value entered must evenly divisible + by 60 or save will fail interval: type: number title: Interval @@ -15485,11 +17633,17 @@ components: enabled: type: boolean title: Enabled - description: "Enable Microsoft 365 Management Activity API content types and polling intervals. Polling intervals are used to set up search date range and cron schedule, e.g.: */${interval} * * * *. Because of this, intervals entered must be evenly divisible by 60 to give a predictable schedule." + description: "Enable Microsoft 365 Management Activity API content types and + polling intervals. Polling intervals are used to set up search date + range and cron schedule, e.g.: */${interval} * * * *. Because of + this, intervals entered must be evenly divisible by 60 to give a + predictable schedule." ingestionLag: type: number title: Ingestion lag (minutes) - description: Use this setting to account for ingestion lag. This is necessary because there can be a lag of 60 - 90 minutes (or longer) before Microsoft 365 events are available for retrieval. + description: Use this setting to account for ingestion lag. This is necessary + because there can be a lag of 60 - 90 minutes (or longer) before + Microsoft 365 events are available for retrieval. minimum: 0 maximum: 7200 retryRules: @@ -15509,25 +17663,40 @@ components: description: Select or create a stored text secret __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_planType: type: string - description: Binds 'planType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'planType' at runtime. + description: Binds 'planType' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'planType' at runtime. __template_tenantId: type: string - description: Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime. + description: Binds 'tenantId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'tenantId' at runtime. __template_appId: type: string - description: Binds 'appId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'appId' at runtime. + description: Binds 'appId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'appId' at runtime. __template_publisherIdentifier: type: string - description: Binds 'publisherIdentifier' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'publisherIdentifier' at runtime. + description: Binds 'publisherIdentifier' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'publisherIdentifier' at runtime. __template_clientSecret: type: string - description: Binds 'clientSecret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecret' at runtime. + description: Binds 'clientSecret' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'clientSecret' at runtime. InputOffice365Service: type: object required: @@ -15549,18 +17718,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -15568,11 +17743,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -15596,27 +17773,33 @@ components: keepAliveTime: type: number title: Keep alive time (seconds) - description: How often workers should check in with the scheduler to keep job subscription alive + description: How often workers should check in with the scheduler to keep job + subscription alive minimum: 10 jobTimeout: type: string title: Job timeout - description: Maximum time the job is allowed to run (e.g., 30, 45s or 15m). Units are seconds, if not specified. Enter 0 for unlimited time. + description: Maximum time the job is allowed to run (e.g., 30, 45s or 15m). + Units are seconds, if not specified. Enter 0 for unlimited time. pattern: ^\d+[sm]?$ maxMissedKeepAlives: type: number title: Worker timeout (periods) - description: The number of Keep Alive Time periods before an inactive worker will have its job subscription revoked. + description: The number of Keep Alive Time periods before an inactive worker + will have its job subscription revoked. minimum: 2 ttl: type: string title: Time to live - description: Time to keep the job's artifacts on disk after job completion. This also affects how long a job is listed in the Job Inspector. + description: Time to keep the job's artifacts on disk after job completion. This + also affects how long a job is listed in the Job Inspector. pattern: \d+[smh]$ ignoreGroupJobsLimit: type: boolean title: Ignore Worker Group job limits - description: When enabled, this job's artifacts are not counted toward the Worker Group's finished job artifacts limit. Artifacts will be removed only after the Collector's configured time to live. + description: When enabled, this job's artifacts are not counted toward the + Worker Group's finished job artifacts limit. Artifacts will be + removed only after the Collector's configured time to live. metadata: type: array title: Fields @@ -15636,7 +17819,8 @@ components: description: type: string title: Interval Description - description: If interval type is minutes the value entered must evenly divisible by 60 or save will fail + description: If interval type is minutes the value entered must evenly divisible + by 60 or save will fail interval: type: number title: Interval @@ -15647,7 +17831,11 @@ components: enabled: type: boolean title: Enabled - description: "Enable Microsoft 365 Service Communication API content types and polling intervals. Polling intervals are used to set up search date range and cron schedule, e.g.: */${interval} * * * *. Because of this, intervals entered for current and historical status must be evenly divisible by 60 to give a predictable schedule." + description: "Enable Microsoft 365 Service Communication API content types and + polling intervals. Polling intervals are used to set up search date + range and cron schedule, e.g.: */${interval} * * * *. Because of + this, intervals entered for current and historical status must be + evenly divisible by 60 to give a predictable schedule." retryRules: $ref: "#/components/schemas/RetryRulesTypeCodesEnableHeader" authType: @@ -15665,22 +17853,34 @@ components: description: Select or create a stored text secret __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_planType: type: string - description: Binds 'planType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'planType' at runtime. + description: Binds 'planType' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'planType' at runtime. __template_tenantId: type: string - description: Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime. + description: Binds 'tenantId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'tenantId' at runtime. __template_appId: type: string - description: Binds 'appId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'appId' at runtime. + description: Binds 'appId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'appId' at runtime. __template_clientSecret: type: string - description: Binds 'clientSecret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecret' at runtime. + description: Binds 'clientSecret' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'clientSecret' at runtime. InputOffice365MsgTrace: type: object required: @@ -15702,18 +17902,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -15721,11 +17927,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -15737,21 +17945,27 @@ components: interval: type: integer title: Poll interval - description: How often (in minutes) to run the report. Must divide evenly into 60 minutes to create a predictable schedule, or Save will fail. + description: How often (in minutes) to run the report. Must divide evenly into + 60 minutes to create a predictable schedule, or Save will fail. minimum: 1 maximum: 60 startDate: title: Date range start type: string - description: "Backward offset for the search range's head. (E.g.: -3h@h) Message Trace data is delayed; this parameter (with Date range end) compensates for delay and gaps." + description: "Backward offset for the search range's head. (E.g.: -3h@h) Message + Trace data is delayed; this parameter (with Date range end) + compensates for delay and gaps." endDate: title: Date range end type: string - description: "Backward offset for the search range's tail. (E.g.: -2h@h) Message Trace data is delayed; this parameter (with Date range start) compensates for delay and gaps." + description: "Backward offset for the search range's tail. (E.g.: -2h@h) Message + Trace data is delayed; this parameter (with Date range start) + compensates for delay and gaps." timeout: type: number title: Request timeout (seconds) - description: HTTP request inactivity timeout. Maximum is 2400 (40 minutes); enter 0 to wait indefinitely. + description: HTTP request inactivity timeout. Maximum is 2400 (40 minutes); + enter 0 to wait indefinitely. minimum: 0 maximum: 2400 disableTimeFilter: @@ -15772,27 +17986,34 @@ components: keepAliveTime: type: number title: Keep alive time (seconds) - description: How often workers should check in with the scheduler to keep job subscription alive + description: How often workers should check in with the scheduler to keep job + subscription alive minimum: 10 jobTimeout: title: Job timeout type: string - description: "Maximum time the job is allowed to run. Time unit defaults to seconds if not specified (examples: 30, 45s, 15m). Enter 0 for unlimited time." + description: "Maximum time the job is allowed to run. Time unit defaults to + seconds if not specified (examples: 30, 45s, 15m). Enter 0 for + unlimited time." pattern: \d+[sm]?$ maxMissedKeepAlives: type: number title: Worker timeout (periods) - description: The number of Keep Alive Time periods before an inactive worker will have its job subscription revoked. + description: The number of Keep Alive Time periods before an inactive worker + will have its job subscription revoked. minimum: 2 ttl: type: string title: Time to live - description: Time to keep the job's artifacts on disk after job completion. This also affects how long a job is listed in the Job Inspector. + description: Time to keep the job's artifacts on disk after job completion. This + also affects how long a job is listed in the Job Inspector. pattern: \d+[smh]$ ignoreGroupJobsLimit: type: boolean title: Ignore Worker Group job limits - description: When enabled, this job's artifacts are not counted toward the Worker Group's finished job artifacts limit. Artifacts will be removed only after the Collector's configured time to live. + description: When enabled, this job's artifacts are not counted toward the + Worker Group's finished job artifacts limit. Artifacts will be + removed only after the Collector's configured time to live. metadata: type: array title: Fields @@ -15848,30 +18069,45 @@ components: textSecret: type: string title: Client secret - description: Select or create a secret that references your client_secret to pass in the OAuth request parameter. + description: Select or create a secret that references your client_secret to + pass in the OAuth request parameter. certOptions: $ref: "#/components/schemas/CertOptionsType" __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. __template_tenantId: type: string - description: Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime. + description: Binds 'tenantId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'tenantId' at runtime. __template_clientId: type: string - description: Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime. + description: Binds 'clientId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'clientId' at runtime. __template_resource: type: string - description: Binds 'resource' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'resource' at runtime. + description: Binds 'resource' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'resource' at runtime. __template_planType: type: string - description: Binds 'planType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'planType' at runtime. + description: Binds 'planType' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'planType' at runtime. InputMicrosoftGraph: type: object required: @@ -15893,18 +18129,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -15912,11 +18154,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -15924,25 +18168,32 @@ components: url: title: Endpoint type: string - description: Microsoft Graph API endpoint URL. (ex. https://graph.microsoft.com/v1.0/admin/exchange/tracing/messageTraces) + description: Microsoft Graph API endpoint URL. (ex. + https://graph.microsoft.com/v1.0/admin/exchange/tracing/messageTraces) interval: type: integer title: Poll interval - description: How often (in minutes) to run the report. Must divide evenly into 60 minutes to create a predictable schedule, or Save will fail. + description: How often (in minutes) to run the report. Must divide evenly into + 60 minutes to create a predictable schedule, or Save will fail. minimum: 1 maximum: 60 startDate: title: Date range start type: string - description: "Backward offset for the search range's head. (E.g.: -3h@h) Microsoft Graph data is delayed; this parameter (with Date range end) compensates for delay and gaps." + description: "Backward offset for the search range's head. (E.g.: -3h@h) + Microsoft Graph data is delayed; this parameter (with Date range + end) compensates for delay and gaps." endDate: title: Date range end type: string - description: "Backward offset for the search range's tail. (E.g.: -2h@h) Microsoft Graph data is delayed; this parameter (with Date range start) compensates for delay and gaps." + description: "Backward offset for the search range's tail. (E.g.: -2h@h) + Microsoft Graph data is delayed; this parameter (with Date range + start) compensates for delay and gaps." timeout: type: number title: Request timeout (seconds) - description: HTTP request inactivity timeout. Maximum is 2400 (40 minutes); enter 0 to wait indefinitely. + description: HTTP request inactivity timeout. Maximum is 2400 (40 minutes); + enter 0 to wait indefinitely. minimum: 0 maximum: 2400 disableTimeFilter: @@ -15952,7 +18203,8 @@ components: maxPages: type: integer title: Page limit - description: Maximum number of pages to retrieve per collection task. Set to 0 to retrieve all pages. + description: Maximum number of pages to retrieve per collection task. Set to 0 + to retrieve all pages. minimum: 0 authType: title: Authentication method @@ -15966,27 +18218,34 @@ components: keepAliveTime: type: number title: Keep alive time (seconds) - description: How often workers should check in with the scheduler to keep job subscription alive + description: How often workers should check in with the scheduler to keep job + subscription alive minimum: 10 jobTimeout: title: Job timeout type: string - description: "Maximum time the job is allowed to run. Time unit defaults to seconds if not specified (examples: 30, 45s, 15m). Enter 0 for unlimited time." + description: "Maximum time the job is allowed to run. Time unit defaults to + seconds if not specified (examples: 30, 45s, 15m). Enter 0 for + unlimited time." pattern: \d+[sm]?$ maxMissedKeepAlives: type: number title: Worker timeout (periods) - description: The number of Keep Alive Time periods before an inactive worker will have its job subscription revoked. + description: The number of Keep Alive Time periods before an inactive worker + will have its job subscription revoked. minimum: 2 ttl: type: string title: Time to live - description: Time to keep the job's artifacts on disk after job completion. This also affects how long a job is listed in the Job Inspector. + description: Time to keep the job's artifacts on disk after job completion. This + also affects how long a job is listed in the Job Inspector. pattern: \d+[smh]$ ignoreGroupJobsLimit: type: boolean title: Ignore Worker Group job limits - description: When enabled, this job's artifacts are not counted toward the Worker Group's finished job artifacts limit. Artifacts will be removed only after the Collector's configured time to live. + description: When enabled, this job's artifacts are not counted toward the + Worker Group's finished job artifacts limit. Artifacts will be + removed only after the Collector's configured time to live. metadata: type: array title: Fields @@ -16028,7 +18287,8 @@ components: planType: type: string title: Subscription plan - description: Microsoft 365 subscription plan for your organization, typically Microsoft 365 Enterprise + description: Microsoft 365 subscription plan for your organization, typically + Microsoft 365 Enterprise enum: - enterprise_gcc - gcc @@ -16045,30 +18305,45 @@ components: textSecret: type: string title: Client secret - description: Select or create a secret that references your client_secret to pass in the OAuth request parameter. + description: Select or create a secret that references your client_secret to + pass in the OAuth request parameter. certOptions: $ref: "#/components/schemas/CertOptionsType" __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. __template_tenantId: type: string - description: Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime. + description: Binds 'tenantId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'tenantId' at runtime. __template_clientId: type: string - description: Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime. + description: Binds 'clientId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'clientId' at runtime. __template_resource: type: string - description: Binds 'resource' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'resource' at runtime. + description: Binds 'resource' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'resource' at runtime. __template_planType: type: string - description: Binds 'planType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'planType' at runtime. + description: Binds 'planType' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'planType' at runtime. InputEventhub: type: object required: @@ -16090,18 +18365,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -16109,11 +18390,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -16121,7 +18404,10 @@ components: brokers: type: array title: Brokers - description: "List of Event Hubs Kafka brokers to connect to (example: yourdomain.servicebus.windows.net:9093). The hostname can be found in the host portion of the primary or secondary connection string in Shared Access Policies." + description: "List of Event Hubs Kafka brokers to connect to (example: + yourdomain.servicebus.windows.net:9093). The hostname can be found + in the host portion of the primary or secondary connection string in + Shared Access Policies." minItems: 1 items: type: string @@ -16129,7 +18415,9 @@ components: topics: type: array title: Event Hub name - description: "The name of the Event Hub (Kafka topic) to subscribe to. Warning: To optimize performance, Cribl suggests subscribing each Event Hubs Source to only a single topic." + description: "The name of the Event Hub (Kafka topic) to subscribe to. Warning: + To optimize performance, Cribl suggests subscribing each Event Hubs + Source to only a single topic." minItems: 1 items: type: string @@ -16141,55 +18429,69 @@ components: fromBeginning: type: boolean title: From beginning - description: Start reading from earliest available data; relevant only during initial subscription + description: Start reading from earliest available data; relevant only during + initial subscription connectionTimeout: type: number title: Connection timeout (ms) description: Maximum time to wait for a connection to complete successfully minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 requestTimeout: type: number title: Request timeout (ms) description: Maximum time to wait for Kafka to respond to a request minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 maxRetries: type: number title: Retry limit - description: If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data + description: If messages are failing, you can set the maximum number of retries + as high as 100 to prevent loss of data minimum: 0 maximum: 100 maxBackOff: type: number title: Backoff limit (ms) - description: The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds). + description: The maximum wait time for a retry, in milliseconds. Default (and + minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 + seconds). minimum: 30000 maximum: 180000 initialBackoff: type: number title: Initial retry interval (ms) - description: Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes). + description: Initial value used to calculate the retry, in milliseconds. Maximum + is 600,000 ms (10 minutes). minimum: 300 maximum: 600000 backoffRate: type: number title: Backoff multiplier - description: Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details. + description: Set the backoff multiplier (2-20) to control the retry frequency + for failed messages. For faster retries, use a lower multiplier. For + slower retries with more delay between attempts, use a higher + multiplier. The multiplier is used in an exponential backoff + formula; see the Kafka + [documentation](https://kafka.js.org/docs/retry-detailed) for + details. minimum: 2 maximum: 20 authenticationTimeout: type: number title: Authentication timeout (ms) - description: Maximum time to wait for Kafka to respond to an authentication request + description: Maximum time to wait for Kafka to respond to an authentication + request minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 reauthenticationThreshold: type: number title: Reauthentication threshold (ms) - description: Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire. + description: Specifies a time window during which @{product} can reauthenticate + if needed. Creates the window measuring backward from the moment + when credentials are set to expire. minimum: 1000 - maximum: 1.8e+06 + maximum: 1800000 sasl: $ref: "#/components/schemas/AuthenticationTypeUse" tls: @@ -16197,65 +18499,74 @@ components: sessionTimeout: type: number title: Session timeout (ms) - description: >2- - Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities. - If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance. - Value must be lower than rebalanceTimeout. - See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + description: |- + + Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities. If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance. Value must be lower than rebalanceTimeout. See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). minimum: 6000 maximum: 300000 rebalanceTimeout: type: number title: Rebalance timeout (ms) - description: >2- - Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + description: |- + + Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 heartbeatInterval: type: number title: Heartbeat interval (ms) - description: >2- - Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + description: |- + + Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 autoCommitInterval: type: number title: Offset commit interval (ms) - description: How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. + description: How often to commit offsets. If both this and Offset commit + threshold are set, @{product} commits offsets when either condition + is met. If both are empty, @{product} commits offsets after each + batch. minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 autoCommitThreshold: type: number title: Offset commit threshold - description: How many events are needed to trigger an offset commit. If both this and Offset commit interval are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. + description: How many events are needed to trigger an offset commit. If both + this and Offset commit interval are set, @{product} commits offsets + when either condition is met. If both are empty, @{product} commits + offsets after each batch. minimum: 1 maximum: 10000 maxBytesPerPartition: type: number title: Byte limit, per partition - description: Maximum amount of data that Kafka will return per partition, per fetch request. Must equal or exceed the maximum message size (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, @{product} can get stuck trying to retrieve messages. Defaults to 1048576 (1 MB). + description: Maximum amount of data that Kafka will return per partition, per + fetch request. Must equal or exceed the maximum message size + (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, + @{product} can get stuck trying to retrieve messages. Defaults to + 1048576 (1 MB). minimum: 1 - maximum: 1e+07 + maximum: 10000000 maxBytes: type: number title: Byte limit - description: Maximum number of bytes that Kafka will return per fetch request. Defaults to 10485760 (10 MB). + description: Maximum number of bytes that Kafka will return per fetch request. + Defaults to 10485760 (10 MB). minimum: 1 - maximum: 1e+09 + maximum: 1000000000 maxSocketErrors: type: number title: Error limit, per socket - description: Maximum number of network errors before the consumer re-creates a socket + description: Maximum number of network errors before the consumer re-creates a + socket minimum: 0 maximum: 100 minimizeDuplicates: type: boolean title: Minimize duplicates - description: Minimize duplicate events by starting only one consumer for each topic partition + description: Minimize duplicate events by starting only one consumer for each + topic partition metadata: type: array title: Fields @@ -16267,19 +18578,29 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_brokers: type: string - description: Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime. + description: Binds 'brokers' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'brokers' at runtime. __template_topics: type: string - description: Binds 'topics' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topics' at runtime. + description: Binds 'topics' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'topics' at runtime. __template_groupId: type: string - description: Binds 'groupId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'groupId' at runtime. + description: Binds 'groupId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'groupId' at runtime. InputEventhubAmqp: type: object required: @@ -16301,18 +18622,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -16320,11 +18647,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -16365,7 +18694,31 @@ components: title: Client Secret (text secret) description: Select or create a stored text secret certificate: - $ref: "#/components/schemas/CertificateTypeAzureBlobAuthTypeClientCert" + type: object + required: + - certificateName + - certPath + - privKeyPath + properties: + certificateName: + type: string + title: Certificate + description: The certificate you registered as credentials for your app in the + Azure portal + certPath: + type: string + title: Certificate path + description: Path on server containing certificates to use. PEM format. Can + reference $ENV_VARS. + privKeyPath: + type: string + title: Private key path + description: Path on server containing the private key to use. PEM format. Can + reference $ENV_VARS. + passphrase: + type: string + title: Passphrase + description: Passphrase to use to decrypt private key oauthEndpoint: $ref: "#/components/schemas/MicrosoftEntraIdAuthenticationEndpointOptionsSasl" clientId: @@ -16379,19 +18732,31 @@ components: fullyQualifiedNamespace: type: string title: Fully qualified namespace - description: The fully qualified Event Hubs namespace that the consumer is associated with. This is likely to be similar to {yournamespace}.servicebus.windows.net. + description: The fully qualified Event Hubs namespace that the consumer is + associated with. This is likely to be similar to + {yournamespace}.servicebus.windows.net. __template_oauthEndpoint: type: string - description: Binds 'oauthEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'oauthEndpoint' at runtime. + description: Binds 'oauthEndpoint' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'oauthEndpoint' at + runtime. __template_clientId: type: string - description: Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime. + description: Binds 'clientId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'clientId' at runtime. __template_tenantId: type: string - description: Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime. + description: Binds 'tenantId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'tenantId' at runtime. __template_fullyQualifiedNamespace: type: string - description: Binds 'fullyQualifiedNamespace' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fullyQualifiedNamespace' at runtime. + description: Binds 'fullyQualifiedNamespace' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'fullyQualifiedNamespace' at runtime. checkpointing: type: object required: @@ -16406,7 +18771,8 @@ components: containerName: type: string title: Container name - description: Azure Blob Storage container used to store checkpoints. Must be 3–63 lowercase alphanumeric characters or hyphens. + description: Azure Blob Storage container used to store checkpoints. Must be + 3–63 lowercase alphanumeric characters or hyphens. minLength: 3 maxLength: 63 pattern: ^[a-z0-9](-?[a-z0-9])*$ @@ -16443,7 +18809,8 @@ components: endpointSuffix: type: string title: Endpoint suffix - description: Endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net. + description: Endpoint suffix for the service URL. Takes precedence over the + Azure Cloud setting. Defaults to core.windows.net. clientTextSecret: type: string title: Client secret (text secret) @@ -16452,20 +18819,33 @@ components: $ref: "#/components/schemas/CertificateTypeAzureBlobAuthTypeClientCert" __template_storageAccountName: type: string - description: Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime. + description: Binds 'storageAccountName' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or + 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value + overrides 'storageAccountName' at runtime. __template_tenantId: type: string - description: Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime. + description: Binds 'tenantId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'tenantId' at + runtime. __template_clientId: type: string - description: Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime. + description: Binds 'clientId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'clientId' at + runtime. __template_azureCloud: type: string - description: Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime. + description: Binds 'azureCloud' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'azureCloud' at + runtime. fromBeginning: type: boolean title: From beginning - description: Start reading from earliest available data; relevant only during initial subscription + description: Start reading from earliest available data; relevant only during + initial subscription maxBatchSize: type: integer minimum: 1 @@ -16475,7 +18855,8 @@ components: type: integer minimum: 1 title: Max wait time (secs) - description: Maximum time to wait for a batch of events before delivering a partial batch + description: Maximum time to wait for a batch of events before delivering a + partial batch prefetchCount: type: integer minimum: 1 @@ -16527,10 +18908,14 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. InputExec: type: object required: @@ -16550,18 +18935,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -16569,11 +18960,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -16585,7 +18978,8 @@ components: script: type: string title: Script - description: Optional script content to pipe into the command's stdin. The stdin stream is closed after the script is written. + description: Optional script content to pipe into the command's stdin. The stdin + stream is closed after the script is written. retries: type: number title: Retry limit @@ -16597,20 +18991,24 @@ components: enum: - interval - cronSchedule - description: Select a schedule type; either an interval (in seconds) or a cron-style schedule. + description: Select a schedule type; either an interval (in seconds) or a + cron-style schedule. x-speakeasy-unknown-values: allow breakerRulesets: type: array title: Event Breaker rulesets - description: A list of event-breaking rulesets that will be applied, in order, to the input data stream + description: A list of event-breaking rulesets that will be applied, in order, + to the input data stream items: type: string staleChannelFlushMs: type: number title: Event Breaker buffer timeout (ms) - description: How long (in milliseconds) the Event Breaker will wait for new data to be sent to a specific channel before flushing the data stream out, as is, to the Pipelines + description: How long (in milliseconds) the Event Breaker will wait for new data + to be sent to a specific channel before flushing the data stream + out, as is, to the Pipelines minimum: 10 - maximum: 4.32e+07 + maximum: 43200000 metadata: type: array title: Fields @@ -16631,10 +19029,14 @@ components: description: Cron schedule to execute the command on. __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. InputFirehose: type: object required: @@ -16656,18 +19058,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -16675,11 +19083,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -16696,7 +19106,8 @@ components: authTokens: type: array title: Auth tokens - description: "Shared secrets to be provided by any client (Authorization: ). If empty, unauthorized access is permitted." + description: "Shared secrets to be provided by any client (Authorization: + ). If empty, unauthorized access is permitted." items: type: string tls: @@ -16704,17 +19115,23 @@ components: maxActiveReq: type: number title: Active request limit - description: "Maximum number of active requests allowed per Worker Process. Set to 0 for unlimited. Caution: Increasing the limit above the default value, or setting it to unlimited, may degrade performance and reduce throughput." + description: "Maximum number of active requests allowed per Worker Process. Set + to 0 for unlimited. Caution: Increasing the limit above the default + value, or setting it to unlimited, may degrade performance and + reduce throughput." minimum: 0 maxRequestsPerSocket: type: integer title: Requests-per-socket limit - description: Maximum number of requests per socket before @{product} instructs the client to close the connection. Default is 0 (unlimited). + description: Maximum number of requests per socket before @{product} instructs + the client to close the connection. Default is 0 (unlimited). minimum: 0 enableProxyHeader: type: boolean title: Show originating IP - description: Extract the client IP and port from PROXY protocol v1/v2. When enabled, the X-Forwarded-For header is ignored. Disable to use the X-Forwarded-For header for client IP extraction. + description: Extract the client IP and port from PROXY protocol v1/v2. When + enabled, the X-Forwarded-For header is ignored. Disable to use the + X-Forwarded-For header for client IP extraction. captureHeaders: type: boolean title: Capture request headers @@ -16722,36 +19139,44 @@ components: activityLogSampleRate: type: number title: Activity log sample rate - description: How often request activity is logged at the `info` level. A value of 1 would log every request, 10 every 10th request, etc. + description: How often request activity is logged at the `info` level. A value + of 1 would log every request, 10 every 10th request, etc. minimum: 1 requestTimeout: type: number title: Request timeout (seconds) - description: How long to wait for an incoming request to complete before aborting it. Use 0 to disable. + description: How long to wait for an incoming request to complete before + aborting it. Use 0 to disable. minimum: 0 socketTimeout: type: number title: Socket timeout (seconds) - description: How long @{product} should wait before assuming that an inactive socket has timed out. To wait forever, set to 0. + description: How long @{product} should wait before assuming that an inactive + socket has timed out. To wait forever, set to 0. minimum: 0 keepAliveTimeout: type: number title: Keep-alive timeout (seconds) - description: After the last response is sent, @{product} will wait this long for additional data before closing the socket connection. Minimum 1 second, maximum 600 seconds (10 minutes). + description: After the last response is sent, @{product} will wait this long for + additional data before closing the socket connection. Minimum 1 + second, maximum 600 seconds (10 minutes). minimum: 1 maximum: 600 enableHealthCheck: type: boolean title: Health check endpoint - description: Expose the /cribl_health endpoint, which returns 200 OK when this Source is healthy + description: Expose the /cribl_health endpoint, which returns 200 OK when this + Source is healthy ipAllowlistRegex: type: string title: IP allowlist regex - description: Messages from matched IP addresses will be processed, unless also matched by the denylist + description: Messages from matched IP addresses will be processed, unless also + matched by the denylist ipDenylistRegex: type: string title: IP denylist regex - description: Messages from matched IP addresses will be ignored. This takes precedence over the allowlist. + description: Messages from matched IP addresses will be ignored. This takes + precedence over the allowlist. metadata: type: array title: Fields @@ -16763,19 +19188,29 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. __template_authTokens: type: string - description: Binds 'authTokens' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'authTokens' at runtime. + description: Binds 'authTokens' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'authTokens' at runtime. InputGooglePubsub: type: object required: @@ -16797,18 +19232,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -16816,11 +19257,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -16828,15 +19271,20 @@ components: topicName: type: string title: Topic ID - description: ID of the topic to receive events from. When Monitor subscription is enabled, any value may be entered. + description: ID of the topic to receive events from. When Monitor subscription + is enabled, any value may be entered. subscriptionName: type: string title: Subscription ID - description: "ID of the subscription to use when receiving events. When Monitor subscription is enabled, the fully qualified subscription name must be entered. Example: projects/myProject/subscriptions/mySubscription" + description: "ID of the subscription to use when receiving events. When Monitor + subscription is enabled, the fully qualified subscription name must + be entered. Example: + projects/myProject/subscriptions/mySubscription" monitorSubscription: type: boolean title: Monitor subscription for new messages - description: Use when the subscription is not created by this Source and topic is not known + description: Use when the subscription is not created by this Source and topic + is not known createTopic: type: boolean title: Create topic @@ -16848,13 +19296,17 @@ components: region: type: string title: Region - description: Region to retrieve messages from. Select 'default' to allow Google to auto-select the nearest region. When using ordered delivery, the selected region must be allowed by message storage policy. + description: Region to retrieve messages from. Select 'default' to allow Google + to auto-select the nearest region. When using ordered delivery, the + selected region must be allowed by message storage policy. googleAuthMethod: $ref: "#/components/schemas/GoogleAuthenticationMethodOptions" serviceAccountCredentials: type: string title: Service account credentials - description: Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right. + description: Contents of service account credentials (JSON keys) file downloaded + from Google Cloud. To upload a file, click the upload button at this + field's upper right. secret: type: string title: Service account credentials (text secret) @@ -16862,12 +19314,17 @@ components: maxBacklog: type: number title: Backlog limit - description: If Destination exerts backpressure, this setting limits how many inbound events Stream will queue for processing before it stops retrieving events + description: If Destination exerts backpressure, this setting limits how many + inbound events Stream will queue for processing before it stops + retrieving events minimum: 1 concurrency: type: number title: Number of concurrent streams - description: How many streams to pull messages from at one time. Doubling the value doubles the number of messages this Source pulls from the topic (if available), while consuming more CPU and memory. Defaults to 5. + description: How many streams to pull messages from at one time. Doubling the + value doubles the number of messages this Source pulls from the + topic (if available), while consuming more CPU and memory. Defaults + to 5. minimum: 1 maximum: 100 requestTimeout: @@ -16887,22 +19344,34 @@ components: orderedDelivery: type: boolean title: Ordered delivery - description: Receive events in the order they were added to the queue. The process sending events must have ordering enabled. + description: Receive events in the order they were added to the queue. The + process sending events must have ordering enabled. __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_topicName: type: string - description: Binds 'topicName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicName' at runtime. + description: Binds 'topicName' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'topicName' at runtime. __template_subscriptionName: type: string - description: Binds 'subscriptionName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subscriptionName' at runtime. + description: Binds 'subscriptionName' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'subscriptionName' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. InputCribl: type: object properties: @@ -16920,18 +19389,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -16939,11 +19414,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -16961,10 +19438,14 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. required: - type InputCriblTcp: @@ -16988,18 +19469,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -17007,11 +19494,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -17030,27 +19519,38 @@ components: maxActiveCxn: type: number title: Active connection limit - description: Maximum number of active connections allowed per Worker Process. Use 0 for unlimited. + description: Maximum number of active connections allowed per Worker Process. + Use 0 for unlimited. minimum: 0 socketIdleTimeout: type: number title: Socket idle timeout (seconds) - description: How long @{product} should wait before assuming that an inactive socket has timed out. After this time, the connection will be closed. Leave at 0 for no inactive socket monitoring. + description: How long @{product} should wait before assuming that an inactive + socket has timed out. After this time, the connection will be + closed. Leave at 0 for no inactive socket monitoring. minimum: 0 socketEndingMaxWait: type: number title: Forced socket termination timeout (seconds) - description: How long the server will wait after initiating a closure for a client to close its end of the connection. If the client doesn't close the connection within this time, the server will forcefully terminate the socket to prevent resource leaks and ensure efficient connection cleanup and system stability. Leave at 0 for no inactive socket monitoring. + description: How long the server will wait after initiating a closure for a + client to close its end of the connection. If the client doesn't + close the connection within this time, the server will forcefully + terminate the socket to prevent resource leaks and ensure efficient + connection cleanup and system stability. Leave at 0 for no inactive + socket monitoring. minimum: 0 socketMaxLifespan: type: number title: Socket max lifespan (seconds) - description: The maximum duration a socket can remain open, even if active. This helps manage resources and mitigate issues caused by TCP pinning. Set to 0 to disable. + description: The maximum duration a socket can remain open, even if active. This + helps manage resources and mitigate issues caused by TCP pinning. + Set to 0 to disable. minimum: 0 enableProxyHeader: type: boolean title: Enable proxy protocol - description: Enable if the connection is proxied by a device that supports proxy protocol v1 or v2 + description: Enable if the connection is proxied by a device that supports proxy + protocol v1 or v2 metadata: type: array title: Fields @@ -17064,7 +19564,9 @@ components: authTokens: type: array title: Connected environment tokens - description: Shared secrets to be used by connected environments to authorize connections. These tokens should be installed in Cribl TCP destinations in connected environments. + description: Shared secrets to be used by connected environments to authorize + connections. These tokens should be installed in Cribl TCP + destinations in connected environments. items: $ref: "#/components/schemas/AuthTokenConfInputCriblTcp" description: @@ -17072,16 +19574,24 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. InputCriblHttp: type: object required: @@ -17103,18 +19613,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -17122,11 +19638,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -17143,7 +19661,9 @@ components: authTokens: type: array title: Connected environment tokens - description: Shared secrets to be used by connected environments to authorize connections. These tokens should be installed in Cribl HTTP destinations in connected environments. + description: Shared secrets to be used by connected environments to authorize + connections. These tokens should be installed in Cribl HTTP + destinations in connected environments. items: $ref: "#/components/schemas/AuthTokenConfInputCriblTcp" tls: @@ -17151,17 +19671,23 @@ components: maxActiveReq: type: number title: Active request limit - description: "Maximum number of active requests allowed per Worker Process. Set to 0 for unlimited. Caution: Increasing the limit above the default value, or setting it to unlimited, may degrade performance and reduce throughput." + description: "Maximum number of active requests allowed per Worker Process. Set + to 0 for unlimited. Caution: Increasing the limit above the default + value, or setting it to unlimited, may degrade performance and + reduce throughput." minimum: 0 maxRequestsPerSocket: type: integer title: Requests-per-socket limit - description: Maximum number of requests per socket before @{product} instructs the client to close the connection. Default is 0 (unlimited). + description: Maximum number of requests per socket before @{product} instructs + the client to close the connection. Default is 0 (unlimited). minimum: 0 enableProxyHeader: type: boolean title: Show originating IP - description: Extract the client IP and port from PROXY protocol v1/v2. When enabled, the X-Forwarded-For header is ignored. Disable to use the X-Forwarded-For header for client IP extraction. + description: Extract the client IP and port from PROXY protocol v1/v2. When + enabled, the X-Forwarded-For header is ignored. Disable to use the + X-Forwarded-For header for client IP extraction. captureHeaders: type: boolean title: Capture request headers @@ -17169,36 +19695,44 @@ components: activityLogSampleRate: type: number title: Activity log sample rate - description: How often request activity is logged at the `info` level. A value of 1 would log every request, 10 every 10th request, etc. + description: How often request activity is logged at the `info` level. A value + of 1 would log every request, 10 every 10th request, etc. minimum: 1 requestTimeout: type: number title: Request timeout (seconds) - description: How long to wait for an incoming request to complete before aborting it. Use 0 to disable. + description: How long to wait for an incoming request to complete before + aborting it. Use 0 to disable. minimum: 0 socketTimeout: type: number title: Socket timeout (seconds) - description: How long @{product} should wait before assuming that an inactive socket has timed out. To wait forever, set to 0. + description: How long @{product} should wait before assuming that an inactive + socket has timed out. To wait forever, set to 0. minimum: 0 keepAliveTimeout: type: number title: Keep-alive timeout (seconds) - description: After the last response is sent, @{product} will wait this long for additional data before closing the socket connection. Minimum 1 second, maximum 600 seconds (10 minutes). + description: After the last response is sent, @{product} will wait this long for + additional data before closing the socket connection. Minimum 1 + second, maximum 600 seconds (10 minutes). minimum: 1 maximum: 600 enableHealthCheck: type: boolean title: Health check endpoint - description: Expose the /cribl_health endpoint, which returns 200 OK when this Source is healthy + description: Expose the /cribl_health endpoint, which returns 200 OK when this + Source is healthy ipAllowlistRegex: type: string title: IP allowlist regex - description: Messages from matched IP addresses will be processed, unless also matched by the denylist + description: Messages from matched IP addresses will be processed, unless also + matched by the denylist ipDenylistRegex: type: string title: IP denylist regex - description: Messages from matched IP addresses will be ignored. This takes precedence over the allowlist. + description: Messages from matched IP addresses will be ignored. This takes + precedence over the allowlist. metadata: type: array title: Fields @@ -17210,16 +19744,24 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. InputCriblLakeHttp: type: object required: @@ -17241,18 +19783,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -17260,11 +19808,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -17281,7 +19831,8 @@ components: authTokens: type: array title: Auth tokens - description: "Shared secrets to be provided by any client (Authorization: ). If empty, unauthorized access is permitted." + description: "Shared secrets to be provided by any client (Authorization: + ). If empty, unauthorized access is permitted." items: type: string tls: @@ -17289,17 +19840,23 @@ components: maxActiveReq: type: number title: Active request limit - description: "Maximum number of active requests allowed per Worker Process. Set to 0 for unlimited. Caution: Increasing the limit above the default value, or setting it to unlimited, may degrade performance and reduce throughput." + description: "Maximum number of active requests allowed per Worker Process. Set + to 0 for unlimited. Caution: Increasing the limit above the default + value, or setting it to unlimited, may degrade performance and + reduce throughput." minimum: 0 maxRequestsPerSocket: type: integer title: Requests-per-socket limit - description: Maximum number of requests per socket before @{product} instructs the client to close the connection. Default is 0 (unlimited). + description: Maximum number of requests per socket before @{product} instructs + the client to close the connection. Default is 0 (unlimited). minimum: 0 enableProxyHeader: type: boolean title: Show originating IP - description: Extract the client IP and port from PROXY protocol v1/v2. When enabled, the X-Forwarded-For header is ignored. Disable to use the X-Forwarded-For header for client IP extraction. + description: Extract the client IP and port from PROXY protocol v1/v2. When + enabled, the X-Forwarded-For header is ignored. Disable to use the + X-Forwarded-For header for client IP extraction. captureHeaders: type: boolean title: Capture request headers @@ -17307,50 +19864,63 @@ components: activityLogSampleRate: type: number title: Activity log sample rate - description: How often request activity is logged at the `info` level. A value of 1 would log every request, 10 every 10th request, etc. + description: How often request activity is logged at the `info` level. A value + of 1 would log every request, 10 every 10th request, etc. minimum: 1 requestTimeout: type: number title: Request timeout (seconds) - description: How long to wait for an incoming request to complete before aborting it. Use 0 to disable. + description: How long to wait for an incoming request to complete before + aborting it. Use 0 to disable. minimum: 0 socketTimeout: type: number title: Socket timeout (seconds) - description: How long @{product} should wait before assuming that an inactive socket has timed out. To wait forever, set to 0. + description: How long @{product} should wait before assuming that an inactive + socket has timed out. To wait forever, set to 0. minimum: 0 keepAliveTimeout: type: number title: Keep-alive timeout (seconds) - description: After the last response is sent, @{product} will wait this long for additional data before closing the socket connection. Minimum 1 second, maximum 600 seconds (10 minutes). + description: After the last response is sent, @{product} will wait this long for + additional data before closing the socket connection. Minimum 1 + second, maximum 600 seconds (10 minutes). minimum: 1 maximum: 600 enableHealthCheck: type: boolean title: Health check endpoint - description: Expose the /cribl_health endpoint, which returns 200 OK when this Source is healthy + description: Expose the /cribl_health endpoint, which returns 200 OK when this + Source is healthy ipAllowlistRegex: type: string title: IP allowlist regex - description: Messages from matched IP addresses will be processed, unless also matched by the denylist + description: Messages from matched IP addresses will be processed, unless also + matched by the denylist ipDenylistRegex: type: string title: IP denylist regex - description: Messages from matched IP addresses will be ignored. This takes precedence over the allowlist. + description: Messages from matched IP addresses will be ignored. This takes + precedence over the allowlist. criblAPI: type: string title: Cribl HTTP event API - description: Absolute path on which to listen for the Cribl HTTP API requests. Only _bulk (default /cribl/_bulk) is available. Use empty string to disable. + description: Absolute path on which to listen for the Cribl HTTP API requests. + Only _bulk (default /cribl/_bulk) is available. Use empty string to + disable. pattern: ^/|^$ elasticAPI: type: string title: Elasticsearch API endpoint (Bulk API) - description: Absolute path on which to listen for the Elasticsearch API requests. Only _bulk (default /elastic/_bulk) is available. Use empty string to disable. + description: Absolute path on which to listen for the Elasticsearch API + requests. Only _bulk (default /elastic/_bulk) is available. Use + empty string to disable. pattern: ^/|^$ splunkHecAPI: type: string title: Splunk HEC endpoint - description: Absolute path on which listen for the Splunk HTTP Event Collector API requests. Use empty string to disable. + description: Absolute path on which listen for the Splunk HTTP Event Collector + API requests. Use empty string to disable. pattern: ^/|^$ splunkHecAcks: type: boolean @@ -17407,28 +19977,44 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. __template_authTokens: type: string - description: Binds 'authTokens' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'authTokens' at runtime. + description: Binds 'authTokens' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'authTokens' at runtime. __template_criblAPI: type: string - description: Binds 'criblAPI' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'criblAPI' at runtime. + description: Binds 'criblAPI' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'criblAPI' at runtime. __template_elasticAPI: type: string - description: Binds 'elasticAPI' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticAPI' at runtime. + description: Binds 'elasticAPI' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'elasticAPI' at runtime. __template_splunkHecAPI: type: string - description: Binds 'splunkHecAPI' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'splunkHecAPI' at runtime. + description: Binds 'splunkHecAPI' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'splunkHecAPI' at runtime. InputTcpjson: type: object required: @@ -17450,18 +20036,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -17469,11 +20061,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -17492,31 +20086,43 @@ components: ipWhitelistRegex: type: string title: IP allowlist regex - description: Regex matching IP addresses that are allowed to establish a connection + description: Regex matching IP addresses that are allowed to establish a + connection maxActiveCxn: type: number title: Active connection limit - description: Maximum number of active connections allowed per Worker Process. Use 0 for unlimited. + description: Maximum number of active connections allowed per Worker Process. + Use 0 for unlimited. minimum: 0 socketIdleTimeout: type: number title: Socket idle timeout (seconds) - description: How long @{product} should wait before assuming that an inactive socket has timed out. After this time, the connection will be closed. Leave at 0 for no inactive socket monitoring. + description: How long @{product} should wait before assuming that an inactive + socket has timed out. After this time, the connection will be + closed. Leave at 0 for no inactive socket monitoring. minimum: 0 socketEndingMaxWait: type: number title: Forced socket termination timeout (seconds) - description: How long the server will wait after initiating a closure for a client to close its end of the connection. If the client doesn't close the connection within this time, the server will forcefully terminate the socket to prevent resource leaks and ensure efficient connection cleanup and system stability. Leave at 0 for no inactive socket monitoring. + description: How long the server will wait after initiating a closure for a + client to close its end of the connection. If the client doesn't + close the connection within this time, the server will forcefully + terminate the socket to prevent resource leaks and ensure efficient + connection cleanup and system stability. Leave at 0 for no inactive + socket monitoring. minimum: 0 socketMaxLifespan: type: number title: Socket max lifespan (seconds) - description: The maximum duration a socket can remain open, even if active. This helps manage resources and mitigate issues caused by TCP pinning. Set to 0 to disable. + description: The maximum duration a socket can remain open, even if active. This + helps manage resources and mitigate issues caused by TCP pinning. + Set to 0 to disable. minimum: 0 enableProxyHeader: type: boolean title: Enable proxy protocol - description: Enable if the connection is proxied by a device that supports proxy protocol v1 or v2 + description: Enable if the connection is proxied by a device that supports proxy + protocol v1 or v2 metadata: type: array title: Fields @@ -17535,23 +20141,32 @@ components: authToken: type: string title: Auth token - description: Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted. + description: Shared secret to be provided by any client (in authToken header + field). If empty, unauthorized access is permitted. textSecret: type: string title: Auth token (text secret) description: Select or create a stored text secret __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. InputSystemMetrics: type: object properties: @@ -17569,18 +20184,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -17588,11 +20209,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -17601,7 +20224,8 @@ components: type: number minimum: 1 title: Polling interval - description: Time, in seconds, between consecutive metric collections. Default is 10 seconds. + description: Time, in seconds, between consecutive metric collections. Default + is 10 seconds. host: type: object properties: @@ -17705,11 +20329,13 @@ components: protocols: type: boolean title: Protocol metrics - description: Generate protocol metrics for ICMP, ICMPMsg, IP, TCP, UDP and UDPLite + description: Generate protocol metrics for ICMP, ICMPMsg, IP, TCP, UDP and + UDPLite devices: type: array title: Interface filter - description: "Network interfaces to include/exclude. Examples: eth0, !lo. All interfaces are included if this list is empty." + description: "Network interfaces to include/exclude. Examples: eth0, !lo. All + interfaces are included if this list is empty." items: type: string perInterface: @@ -17744,19 +20370,27 @@ components: devices: type: array title: Device filter - description: "Block devices to include/exclude. Examples: sda*, !loop*. Wildcards and ! (not) operators are supported. All devices are included if this list is empty." + description: "Block devices to include/exclude. Examples: sda*, !loop*. + Wildcards and ! (not) operators are supported. All + devices are included if this list is empty." items: type: string mountpoints: type: array title: Mountpoint filter - description: "Filesystem mountpoints to include/exclude. Examples: /, /home, !/proc*, !/tmp. Wildcards and ! (not) operators are supported. All mountpoints are included if this list is empty." + description: "Filesystem mountpoints to include/exclude. Examples: /, /home, + !/proc*, !/tmp. Wildcards and ! (not) operators are + supported. All mountpoints are included if this list is + empty." items: type: string fstypes: type: array title: Filesystem type filter - description: "Filesystem types to include/exclude. Examples: ext4, !*tmpfs, !squashfs. Wildcards and ! (not) operators are supported. All types are included if this list is empty." + description: "Filesystem types to include/exclude. Examples: ext4, !*tmpfs, + !squashfs. Wildcards and ! (not) operators are + supported. All types are included if this list is + empty." items: type: string perDevice: @@ -17796,7 +20430,8 @@ components: filters: type: array title: Container filters - description: Containers matching any of these will be included. All are included if no filters are added. + description: Containers matching any of these will be included. All are included + if no filters are added. items: type: object required: @@ -17840,28 +20475,35 @@ components: maxDataSize: type: string title: Data size limit - description: "Maximum disk space allowed to be consumed (examples: 420MB, 4GB). When limit is reached, older data will be deleted." + description: "Maximum disk space allowed to be consumed (examples: 420MB, 4GB). + When limit is reached, older data will be deleted." pattern: ^\d+\s*(?:\w{2})?$ maxDataTime: title: Data age limit type: string - description: "Maximum amount of time to retain data (examples: 2h, 4d). When limit is reached, older data will be deleted." + description: "Maximum amount of time to retain data (examples: 2h, 4d). When + limit is reached, older data will be deleted." pattern: \d+[smhd]$ compress: $ref: "#/components/schemas/DataCompressionFormatOptionsPersistence" destPath: type: string title: Path location - description: Path to use to write metrics. Defaults to $CRIBL_HOME/state/system_metrics + description: Path to use to write metrics. Defaults to + $CRIBL_HOME/state/system_metrics description: type: string title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. required: - type InputSystemState: @@ -17881,18 +20523,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -17900,11 +20548,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -17913,7 +20563,8 @@ components: type: number minimum: 1 title: Polling interval - description: Time, in seconds, between consecutive state collections. Default is 300 seconds (5 minutes). + description: Time, in seconds, between consecutive state collections. Default is + 300 seconds (5 minutes). metadata: type: array title: Fields @@ -17958,7 +20609,8 @@ components: routes: type: object title: Routes - description: Creates events based on entries collected from the host’s network routes + description: Creates events based on entries collected from the host’s network + routes properties: enable: type: boolean @@ -18025,36 +20677,48 @@ components: maxDataSize: type: string title: Data size limit - description: "Maximum disk space allowed to be consumed (examples: 420MB, 4GB). When limit is reached, older data will be deleted." + description: "Maximum disk space allowed to be consumed (examples: 420MB, 4GB). + When limit is reached, older data will be deleted." pattern: ^\d+\s*(?:\w{2})?$ maxDataTime: title: Data age limit type: string - description: "Maximum amount of time to retain data (examples: 2h, 4d). When limit is reached, older data will be deleted." + description: "Maximum amount of time to retain data (examples: 2h, 4d). When + limit is reached, older data will be deleted." pattern: \d+[smhd]$ compress: $ref: "#/components/schemas/DataCompressionFormatOptionsPersistence" destPath: type: string title: Path location - description: Path to use to write metrics. Defaults to $CRIBL_HOME/state/system_state + description: Path to use to write metrics. Defaults to + $CRIBL_HOME/state/system_state disableNativeModule: type: boolean title: Use Windows Tools - description: Enable to use built-in tools (PowerShell) to collect events instead of native API (default) [Learn more](https://docs.cribl.io/edge/sources-system-state/#advanced-tab) + description: Enable to use built-in tools (PowerShell) to collect events instead + of native API (default) [Learn + more](https://docs.cribl.io/edge/sources-system-state/#advanced-tab) disableNativeLastLogModule: type: boolean title: Use legacy collection for LastLog - description: Enable only to collect LastLog data via legacy implementation. This option will be removed in a future release. Please contact Support before enabling. [Learn more](https://docs.cribl.io/edge/sources-system-state/#advanced-tab) + description: Enable only to collect LastLog data via legacy implementation. This + option will be removed in a future release. Please contact Support + before enabling. [Learn + more](https://docs.cribl.io/edge/sources-system-state/#advanced-tab) description: type: string title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. required: - type InputKubeMetrics: @@ -18074,18 +20738,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -18093,11 +20763,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -18106,19 +20778,26 @@ components: type: number minimum: 1 title: Polling interval - description: Time, in seconds, between consecutive metrics collections. Default is 15 secs. + description: Time, in seconds, between consecutive metrics collections. Default + is 15 secs. scrapeKubelet: type: boolean title: Collect kubelet metrics - description: Enable to scrape kubelet metrics from https://:10250/metrics. Requires Edge to run as a DaemonSet with direct network access to the node. + description: Enable to scrape kubelet metrics from + https://:10250/metrics. Requires Edge to run as a DaemonSet + with direct network access to the node. scrapeCadvisor: type: boolean title: Collect cAdvisor metrics - description: Scrape cAdvisor container metrics from https://:10250/metrics/cadvisor. Requires Edge to run as a DaemonSet with direct network access to the Node. + description: Scrape cAdvisor container metrics from + https://:10250/metrics/cadvisor. Requires Edge to run as a + DaemonSet with direct network access to the Node. rules: type: array title: Filter Rules - description: Add rules to decide which Kubernetes objects to generate metrics for. Events are generated if no rules are given or of all the rules' expressions evaluate to true. + description: Add rules to decide which Kubernetes objects to generate metrics + for. Events are generated if no rules are given or of all the rules' + expressions evaluate to true. items: $ref: "#/components/schemas/RuleConfInputKubeMetrics" metadata: @@ -18142,12 +20821,14 @@ components: maxDataSize: type: string title: Data size limit - description: "Maximum disk space allowed to be consumed (examples: 420MB, 4GB). When limit is reached, older data will be deleted." + description: "Maximum disk space allowed to be consumed (examples: 420MB, 4GB). + When limit is reached, older data will be deleted." pattern: ^\d+\s*(?:\w{2})?$ maxDataTime: title: Data age limit type: string - description: "Maximum amount of time to retain data (examples: 2h, 4d). When limit is reached, older data will be deleted." + description: "Maximum amount of time to retain data (examples: 2h, 4d). When + limit is reached, older data will be deleted." pattern: \d+[smhd]$ compress: $ref: "#/components/schemas/DataCompressionFormatOptionsPersistence" @@ -18160,10 +20841,14 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. required: - type InputKubeLogs: @@ -18183,18 +20868,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -18202,11 +20893,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -18215,11 +20908,14 @@ components: type: number minimum: 1 title: Polling interval - description: Time, in seconds, between checks for new containers. Default is 15 secs. + description: Time, in seconds, between checks for new containers. Default is 15 + secs. rules: type: array title: Filter Rules - description: Add rules to decide which Pods to collect logs from. Logs are collected if no rules are given or if all the rules' expressions evaluate to true. + description: Add rules to decide which Pods to collect logs from. Logs are + collected if no rules are given or if all the rules' expressions + evaluate to true. items: type: object required: @@ -18228,7 +20924,8 @@ components: filter: type: string title: Filter Expression - description: JavaScript expression applied to Pod objects. Return 'true' to include it. + description: JavaScript expression applied to Pod objects. Return 'true' to + include it. description: type: string title: Description @@ -18236,7 +20933,21 @@ components: timestamps: type: boolean title: Enable timestamps - description: For use when containers do not emit a timestamp, prefix each line of output with a timestamp. If you enable this setting, you can use the Kubernetes Logs Event Breaker and the kubernetes_logs Pre-processing Pipeline to remove them from the events after the timestamps are extracted. + description: For use when containers do not emit a timestamp, prefix each line + of output with a timestamp. If you enable this setting, you can use + the Kubernetes Logs Event Breaker and the kubernetes_logs + Pre-processing Pipeline to remove them from the events after the + timestamps are extracted. + lineBufferLimit: + type: number + minimum: 1024 + title: Line buffer limit + description: Maximum bytes to buffer while reassembling a single log line. A + line that exceeds this size is flushed as-is, either whole or + partially. The default is 1048576 (1 MB). + __LBDisableAssembly: + type: boolean + description: Internal flag to disable LB worker payload reassembly. metadata: type: array title: Fields @@ -18248,15 +20959,18 @@ components: breakerRulesets: type: array title: Event Breaker rulesets - description: A list of event-breaking rulesets that will be applied, in order, to the input data stream + description: A list of event-breaking rulesets that will be applied, in order, + to the input data stream items: type: string staleChannelFlushMs: type: number title: Event Breaker buffer timeout (ms) - description: How long (in milliseconds) the Event Breaker will wait for new data to be sent to a specific channel before flushing the data stream out, as is, to the Pipelines + description: How long (in milliseconds) the Event Breaker will wait for new data + to be sent to a specific channel before flushing the data stream + out, as is, to the Pipelines minimum: 10 - maximum: 4.32e+07 + maximum: 43200000 enableLoadBalancing: type: boolean title: Enable load balancing @@ -18266,10 +20980,14 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. required: - type InputKubeEvents: @@ -18289,18 +21007,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -18308,11 +21032,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -18334,10 +21060,14 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. required: - type InputWindowsMetrics: @@ -18357,18 +21087,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -18376,11 +21112,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -18389,7 +21127,8 @@ components: type: number minimum: 1 title: Polling interval - description: Time, in seconds, between consecutive metric collections. Default is 10 seconds. + description: Time, in seconds, between consecutive metric collections. Default + is 10 seconds. host: type: object properties: @@ -18493,11 +21232,13 @@ components: protocols: type: boolean title: Protocol metrics - description: Generate protocol metrics for ICMP, ICMPMsg, IP, TCP, UDP and UDPLite + description: Generate protocol metrics for ICMP, ICMPMsg, IP, TCP, UDP and + UDPLite devices: type: array title: Interface filter - description: Network interfaces to include/exclude. All interfaces are included if this list is empty. + description: Network interfaces to include/exclude. All interfaces are included + if this list is empty. items: type: string perInterface: @@ -18532,7 +21273,9 @@ components: volumes: type: array title: Volume filter - description: "Windows volumes to include/exclude. E.g.: C:, !E:, etc. Wildcards and ! (not) operators are supported. All volumes are included if this list is empty." + description: "Windows volumes to include/exclude. E.g.: C:, !E:, etc. Wildcards + and ! (not) operators are supported. All volumes are + included if this list is empty." items: type: string process: @@ -18560,32 +21303,41 @@ components: maxDataSize: type: string title: Data size limit - description: "Maximum disk space allowed to be consumed (examples: 420MB, 4GB). When limit is reached, older data will be deleted." + description: "Maximum disk space allowed to be consumed (examples: 420MB, 4GB). + When limit is reached, older data will be deleted." pattern: ^\d+\s*(?:\w{2})?$ maxDataTime: title: Data age limit type: string - description: "Maximum amount of time to retain data (examples: 2h, 4d). When limit is reached, older data will be deleted." + description: "Maximum amount of time to retain data (examples: 2h, 4d). When + limit is reached, older data will be deleted." pattern: \d+[smhd]$ compress: $ref: "#/components/schemas/DataCompressionFormatOptionsPersistence" destPath: type: string title: Path location - description: Path to use to write metrics. Defaults to $CRIBL_HOME/state/windows_metrics + description: Path to use to write metrics. Defaults to + $CRIBL_HOME/state/windows_metrics disableNativeModule: type: boolean title: Use Windows Tools - description: Enable to use built-in tools (PowerShell) to collect metrics instead of native API (default) [Learn more](https://docs.cribl.io/edge/sources-windows-metrics/#advanced-tab) + description: Enable to use built-in tools (PowerShell) to collect metrics + instead of native API (default) [Learn + more](https://docs.cribl.io/edge/sources-windows-metrics/#advanced-tab) description: type: string title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. required: - type InputCrowdstrike: @@ -18608,18 +21360,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -18627,11 +21385,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -18639,14 +21399,21 @@ components: queueName: type: string title: Queue - description: "The name, URL, or ARN of the SQS queue to read notifications from. When a non-AWS URL is specified, format must be: '{url}/myQueueName'. Example: 'https://host:port/myQueueName'. Value must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `https://host:port/myQueue-${C.vars.myVar}`." + description: "The name, URL, or ARN of the SQS queue to read notifications from. + When a non-AWS URL is specified, format must be: + '{url}/myQueueName'. Example: 'https://host:port/myQueueName'. Value + must be a JavaScript expression (which can evaluate to a constant + value), enclosed in quotes or backticks. Can be evaluated only at + init time. Example referencing a Global Variable: + `https://host:port/myQueue-${C.vars.myVar}`." fileFilter: type: string title: Filename filter description: "Regex matching file names to download and process. Defaults to: .*" awsAccountId: title: AWS account ID - description: SQS queue owner's AWS account ID. Leave empty if SQS queue is in same AWS account. + description: SQS queue owner's AWS account ID. Leave empty if SQS queue is in + same AWS account. type: string awsAuthenticationMethod: $ref: "#/components/schemas/AuthenticationMethodOptionsS3CollectorConf" @@ -18656,11 +21423,13 @@ components: region: type: string title: Region - description: AWS Region where the S3 bucket and SQS queue are located. Required, unless the Queue entry is a URL or ARN that includes a Region. + description: AWS Region where the S3 bucket and SQS queue are located. Required, + unless the Queue entry is a URL or ARN that includes a Region. endpoint: type: string title: Endpoint - description: S3 service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to S3-compatible endpoint. + description: S3 service endpoint. If empty, defaults to the AWS Region-specific + endpoint. Otherwise, it must point to S3-compatible endpoint. reuseConnections: type: boolean title: Reuse connections @@ -18668,51 +21437,64 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates breakerRulesets: type: array title: Event Breaker rulesets - description: A list of event-breaking rulesets that will be applied, in order, to the input data stream + description: A list of event-breaking rulesets that will be applied, in order, + to the input data stream items: type: string staleChannelFlushMs: type: number title: Event Breaker buffer timeout (ms) - description: How long (in milliseconds) the Event Breaker will wait for new data to be sent to a specific channel before flushing the data stream out, as is, to the Pipelines + description: How long (in milliseconds) the Event Breaker will wait for new data + to be sent to a specific channel before flushing the data stream + out, as is, to the Pipelines minimum: 10 - maximum: 4.32e+07 + maximum: 43200000 maxMessages: type: number title: Message limit - description: "The maximum number of messages SQS should return in a poll request. Amazon SQS never returns more messages than this value (however, fewer messages might be returned). Valid values: 1 to 10." + description: "The maximum number of messages SQS should return in a poll + request. Amazon SQS never returns more messages than this value + (however, fewer messages might be returned). Valid values: 1 to 10." minimum: 1 maximum: 10 visibilityTimeout: type: number title: Visibility timeout seconds - description: After messages are retrieved by a ReceiveMessage request, @{product} will hide them from subsequent retrieve requests for at least this duration. You can set this as high as 43200 sec. (12 hours). + description: After messages are retrieved by a ReceiveMessage request, + @{product} will hide them from subsequent retrieve requests for at + least this duration. You can set this as high as 43200 sec. (12 + hours). minimum: 0 maximum: 43200 numReceivers: type: number title: Number of receivers - description: How many receiver processes to run. The higher the number, the better the throughput - at the expense of CPU overhead. + description: How many receiver processes to run. The higher the number, the + better the throughput - at the expense of CPU overhead. minimum: 1 maximum: 100 socketTimeout: type: number title: Socket timeout - description: Socket inactivity timeout (in seconds). Increase this value if timeouts occur due to backpressure. + description: Socket inactivity timeout (in seconds). Increase this value if + timeouts occur due to backpressure. minimum: 1 maximum: 43200 skipOnError: type: boolean title: Skip file on error - description: Skip files that trigger a processing error. Disabled by default, which allows retries after processing errors. + description: Skip files that trigger a processing error. Disabled by default, + which allows retries after processing errors. includeSqsMetadata: type: boolean title: Include notification metadata - description: Attach SQS notification metadata to a __sqsMetadata field on each event + description: Attach SQS notification metadata to a __sqsMetadata field on each + event enableAssumeRole: type: boolean title: Enable for Amazon S3 @@ -18730,7 +21512,9 @@ components: durationSeconds: type: number title: Duration (seconds) - description: Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). + description: Duration of the assumed role's session, in seconds. Minimum is 900 + (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 + hours). minimum: 900 maximum: 43200 enableSQSAssumeRole: @@ -18750,13 +21534,18 @@ components: pollTimeout: type: number title: Poll timeout (secs) - description: How long to wait for events before trying polling again. The lower the number the higher the AWS bill. The higher the number the longer it will take for the source to react to configuration changes and system restarts. + description: How long to wait for events before trying polling again. The lower + the number the higher the AWS bill. The higher the number the longer + it will take for the source to react to configuration changes and + system restarts. minimum: 1 maximum: 20 encoding: type: string title: Encoding - description: Character encoding to use when parsing ingested data. When not set, @{product} will default to UTF-8 but may incorrectly interpret multi-byte characters. + description: Character encoding to use when parsing ingested data. When not set, + @{product} will default to UTF-8 but may incorrectly interpret + multi-byte characters. description: type: string title: Description @@ -18767,47 +21556,71 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key tagAfterProcessing: $ref: "#/components/schemas/TagAfterProcessingOptions" processedTagKey: type: string title: Tag key - description: The key for the S3 object tag applied after processing. This field accepts an expression for dynamic generation. + description: The key for the S3 object tag applied after processing. This field + accepts an expression for dynamic generation. processedTagValue: type: string title: Tag value - description: The value for the S3 object tag applied after processing. This field accepts an expression for dynamic generation. + description: The value for the S3 object tag applied after processing. This + field accepts an expression for dynamic generation. __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_queueName: type: string - description: Binds 'queueName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'queueName' at runtime. + description: Binds 'queueName' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'queueName' at runtime. __template_awsAccountId: type: string - description: Binds 'awsAccountId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsAccountId' at runtime. + description: Binds 'awsAccountId' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsAccountId' at runtime. __template_awsSecretKey: type: string - description: Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime. + description: Binds 'awsSecretKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsSecretKey' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_assumeRoleArn: type: string - description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. + description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. __template_assumeRoleExternalId: type: string - description: Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime. + description: Binds 'assumeRoleExternalId' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'assumeRoleExternalId' at runtime. __template_awsApiKey: type: string - description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime. + description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsApiKey' at runtime. InputDatadogAgent: type: object required: @@ -18829,18 +21642,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -18848,11 +21667,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -18871,17 +21692,23 @@ components: maxActiveReq: type: number title: Active request limit - description: "Maximum number of active requests allowed per Worker Process. Set to 0 for unlimited. Caution: Increasing the limit above the default value, or setting it to unlimited, may degrade performance and reduce throughput." + description: "Maximum number of active requests allowed per Worker Process. Set + to 0 for unlimited. Caution: Increasing the limit above the default + value, or setting it to unlimited, may degrade performance and + reduce throughput." minimum: 0 maxRequestsPerSocket: type: integer title: Requests-per-socket limit - description: Maximum number of requests per socket before @{product} instructs the client to close the connection. Default is 0 (unlimited). + description: Maximum number of requests per socket before @{product} instructs + the client to close the connection. Default is 0 (unlimited). minimum: 0 enableProxyHeader: type: boolean title: Show originating IP - description: Extract the client IP and port from PROXY protocol v1/v2. When enabled, the X-Forwarded-For header is ignored. Disable to use the X-Forwarded-For header for client IP extraction. + description: Extract the client IP and port from PROXY protocol v1/v2. When + enabled, the X-Forwarded-For header is ignored. Disable to use the + X-Forwarded-For header for client IP extraction. captureHeaders: type: boolean title: Capture request headers @@ -18889,40 +21716,52 @@ components: activityLogSampleRate: type: number title: Activity log sample rate - description: How often request activity is logged at the `info` level. A value of 1 would log every request, 10 every 10th request, etc. + description: How often request activity is logged at the `info` level. A value + of 1 would log every request, 10 every 10th request, etc. minimum: 1 requestTimeout: type: number title: Request timeout (seconds) - description: How long to wait for an incoming request to complete before aborting it. Use 0 to disable. + description: How long to wait for an incoming request to complete before + aborting it. Use 0 to disable. minimum: 0 socketTimeout: type: number title: Socket timeout (seconds) - description: How long @{product} should wait before assuming that an inactive socket has timed out. To wait forever, set to 0. + description: How long @{product} should wait before assuming that an inactive + socket has timed out. To wait forever, set to 0. minimum: 0 keepAliveTimeout: type: number title: Keep-alive timeout (seconds) - description: After the last response is sent, @{product} will wait this long for additional data before closing the socket connection. Minimum 1 second, maximum 600 seconds (10 minutes). + description: After the last response is sent, @{product} will wait this long for + additional data before closing the socket connection. Minimum 1 + second, maximum 600 seconds (10 minutes). minimum: 1 maximum: 600 enableHealthCheck: type: boolean title: Health check endpoint - description: Expose the /cribl_health endpoint, which returns 200 OK when this Source is healthy + description: Expose the /cribl_health endpoint, which returns 200 OK when this + Source is healthy ipAllowlistRegex: type: string title: IP allowlist regex - description: Messages from matched IP addresses will be processed, unless also matched by the denylist + description: Messages from matched IP addresses will be processed, unless also + matched by the denylist ipDenylistRegex: type: string title: IP denylist regex - description: Messages from matched IP addresses will be ignored. This takes precedence over the allowlist. + description: Messages from matched IP addresses will be ignored. This takes + precedence over the allowlist. extractMetrics: type: boolean title: Extract metrics - description: Toggle to Yes to extract each incoming metric to multiple events, one per data point. This works well when sending metrics to a statsd-type output. If sending metrics to DatadogHQ or any destination that accepts arbitrary JSON, leave toggled to No (the default). + description: Toggle to Yes to extract each incoming metric to multiple events, + one per data point. This works well when sending metrics to a + statsd-type output. If sending metrics to DatadogHQ or any + destination that accepts arbitrary JSON, leave toggled to No (the + default). metadata: type: array title: Fields @@ -18938,26 +21777,38 @@ components: enabled: type: boolean title: Forward API key validation requests - description: Toggle to Yes to send key validation requests from Datadog Agent to the Datadog API. If toggled to No (the default), Stream handles key validation requests by always responding that the key is valid. + description: Toggle to Yes to send key validation requests from Datadog Agent to + the Datadog API. If toggled to No (the default), Stream handles + key validation requests by always responding that the key is + valid. rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Whether to reject certificates that cannot be verified against a valid CA (e.g., self-signed certificates). + description: Whether to reject certificates that cannot be verified against a + valid CA (e.g., self-signed certificates). description: type: string title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. InputDatagen: type: object required: @@ -18978,18 +21829,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -18997,11 +21854,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -19022,7 +21881,8 @@ components: eventsPerSec: type: number title: Events Per Second Per Worker Node - description: Maximum number of events to generate per second per Worker Node. Defaults to 10. + description: Maximum number of events to generate per second per Worker Node. + Defaults to 10. minimum: 1 metadata: type: array @@ -19035,10 +21895,14 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. InputHttpRaw: type: object required: @@ -19060,18 +21924,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -19079,11 +21949,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -19100,7 +21972,8 @@ components: authTokens: type: array title: Auth tokens - description: "Shared secrets to be provided by any client (Authorization: ). If empty, unauthorized access is permitted." + description: "Shared secrets to be provided by any client (Authorization: + ). If empty, unauthorized access is permitted." items: type: string tls: @@ -19108,17 +21981,23 @@ components: maxActiveReq: type: number title: Active request limit - description: "Maximum number of active requests allowed per Worker Process. Set to 0 for unlimited. Caution: Increasing the limit above the default value, or setting it to unlimited, may degrade performance and reduce throughput." + description: "Maximum number of active requests allowed per Worker Process. Set + to 0 for unlimited. Caution: Increasing the limit above the default + value, or setting it to unlimited, may degrade performance and + reduce throughput." minimum: 0 maxRequestsPerSocket: type: integer title: Requests-per-socket limit - description: Maximum number of requests per socket before @{product} instructs the client to close the connection. Default is 0 (unlimited). + description: Maximum number of requests per socket before @{product} instructs + the client to close the connection. Default is 0 (unlimited). minimum: 0 enableProxyHeader: type: boolean title: Show originating IP - description: Extract the client IP and port from PROXY protocol v1/v2. When enabled, the X-Forwarded-For header is ignored. Disable to use the X-Forwarded-For header for client IP extraction. + description: Extract the client IP and port from PROXY protocol v1/v2. When + enabled, the X-Forwarded-For header is ignored. Disable to use the + X-Forwarded-For header for client IP extraction. captureHeaders: type: boolean title: Capture request headers @@ -19126,48 +22005,59 @@ components: activityLogSampleRate: type: number title: Activity log sample rate - description: How often request activity is logged at the `info` level. A value of 1 would log every request, 10 every 10th request, etc. + description: How often request activity is logged at the `info` level. A value + of 1 would log every request, 10 every 10th request, etc. minimum: 1 requestTimeout: type: number title: Request timeout (seconds) - description: How long to wait for an incoming request to complete before aborting it. Use 0 to disable. + description: How long to wait for an incoming request to complete before + aborting it. Use 0 to disable. minimum: 0 socketTimeout: type: number title: Socket timeout (seconds) - description: How long @{product} should wait before assuming that an inactive socket has timed out. To wait forever, set to 0. + description: How long @{product} should wait before assuming that an inactive + socket has timed out. To wait forever, set to 0. minimum: 0 keepAliveTimeout: type: number title: Keep-alive timeout (seconds) - description: After the last response is sent, @{product} will wait this long for additional data before closing the socket connection. Minimum 1 second, maximum 600 seconds (10 minutes). + description: After the last response is sent, @{product} will wait this long for + additional data before closing the socket connection. Minimum 1 + second, maximum 600 seconds (10 minutes). minimum: 1 maximum: 600 enableHealthCheck: type: boolean title: Health check endpoint - description: Expose the /cribl_health endpoint, which returns 200 OK when this Source is healthy + description: Expose the /cribl_health endpoint, which returns 200 OK when this + Source is healthy ipAllowlistRegex: type: string title: IP allowlist regex - description: Messages from matched IP addresses will be processed, unless also matched by the denylist + description: Messages from matched IP addresses will be processed, unless also + matched by the denylist ipDenylistRegex: type: string title: IP denylist regex - description: Messages from matched IP addresses will be ignored. This takes precedence over the allowlist. + description: Messages from matched IP addresses will be ignored. This takes + precedence over the allowlist. breakerRulesets: type: array title: Event Breaker rulesets - description: A list of event-breaking rulesets that will be applied, in order, to the input data stream + description: A list of event-breaking rulesets that will be applied, in order, + to the input data stream items: type: string staleChannelFlushMs: type: number title: Event Breaker buffer timeout (ms) - description: How long (in milliseconds) the Event Breaker will wait for new data to be sent to a specific channel before flushing the data stream out, as is, to the Pipelines + description: How long (in milliseconds) the Event Breaker will wait for new data + to be sent to a specific channel before flushing the data stream + out, as is, to the Pipelines minimum: 10 - maximum: 4.32e+07 + maximum: 43200000 metadata: type: array title: Fields @@ -19177,21 +22067,24 @@ components: allowedPaths: type: array title: Allowed URI paths - description: List of URI paths accepted by this input, wildcards are supported, e.g /api/v*/hook. Defaults to allow all. + description: List of URI paths accepted by this input, wildcards are supported, + e.g /api/v*/hook. Defaults to allow all. items: type: string minLength: 1 allowedMethods: type: array title: Allowed HTTP methods - description: List of HTTP methods accepted by this input. Wildcards are supported (such as P*, GET). Defaults to allow all. + description: List of HTTP methods accepted by this input. Wildcards are + supported (such as P*, GET). Defaults to allow all. items: type: string minLength: 1 authTokensExt: type: array title: Auth tokens - description: "Shared secrets to be provided by any client (Authorization: ). If empty, unauthorized access is permitted." + description: "Shared secrets to be provided by any client (Authorization: + ). If empty, unauthorized access is permitted." items: $ref: "#/components/schemas/AuthTokensExtConfInputHttp" description: @@ -19199,22 +22092,34 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. __template_authTokens: type: string - description: Binds 'authTokens' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'authTokens' at runtime. + description: Binds 'authTokens' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'authTokens' at runtime. __template_allowedPaths: type: string - description: Binds 'allowedPaths' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'allowedPaths' at runtime. + description: Binds 'allowedPaths' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'allowedPaths' at runtime. InputKinesis: type: object required: @@ -19236,18 +22141,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -19255,11 +22166,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -19277,7 +22190,9 @@ components: shardExpr: type: string title: Shard selection expression - description: A JavaScript expression to be called with each shardId for the stream. If the expression evaluates to a truthy value, the shard will be processed. + description: A JavaScript expression to be called with each shardId for the + stream. If the expression evaluates to a truthy value, the shard + will be processed. shardIteratorType: type: string title: Shard iterator start @@ -19292,7 +22207,8 @@ components: payloadFormat: type: string title: Record data format - description: Format of data inside the Kinesis Stream records. Gzip compression is automatically detected. + description: Format of data inside the Kinesis Stream records. Gzip compression + is automatically detected. enum: - cribl - ndjson @@ -19313,12 +22229,14 @@ components: getRecordsLimitTotal: type: number title: Total records limit - description: Maximum number of records, across all shards, to pull down at once per Worker Process + description: Maximum number of records, across all shards, to pull down at once + per Worker Process minimum: 20000 loadBalancingAlgorithm: type: string title: Shard load balancing - description: The load-balancing algorithm to use for spreading out shards across Workers and Worker Processes + description: The load-balancing algorithm to use for spreading out shards across + Workers and Worker Processes enum: - ConsistentHashing - RoundRobin @@ -19338,7 +22256,9 @@ components: endpoint: type: string title: Endpoint - description: Kinesis stream service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to Kinesis stream-compatible endpoint. + description: Kinesis stream service endpoint. If empty, defaults to the AWS + Region-specific endpoint. Otherwise, it must point to Kinesis + stream-compatible endpoint. reuseConnections: type: boolean title: Reuse connections @@ -19346,7 +22266,8 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates enableAssumeRole: type: boolean title: Enable for Kinesis stream @@ -19364,7 +22285,9 @@ components: durationSeconds: type: number title: Duration (seconds) - description: Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). + description: Duration of the assumed role's session, in seconds. Minimum is 900 + (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 + hours). minimum: 900 maximum: 43200 verifyKPLCheckSums: @@ -19374,7 +22297,10 @@ components: avoidDuplicates: type: boolean title: Avoid duplicate records - description: When resuming streaming from a stored state, Stream will read the next available record, rather than rereading the last-read record. Enabling this setting can cause data loss after a Worker Node's unexpected shutdown or restart. + description: When resuming streaming from a stored state, Stream will read the + next available record, rather than rereading the last-read record. + Enabling this setting can cause data loss after a Worker Node's + unexpected shutdown or restart. metadata: type: array title: Fields @@ -19391,40 +22317,65 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_streamName: type: string - description: Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime. + description: Binds 'streamName' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamName' at runtime. __template_shardIteratorType: type: string - description: Binds 'shardIteratorType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'shardIteratorType' at runtime. + description: Binds 'shardIteratorType' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'shardIteratorType' at runtime. __template_payloadFormat: type: string - description: Binds 'payloadFormat' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadFormat' at runtime. + description: Binds 'payloadFormat' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'payloadFormat' at runtime. __template_awsSecretKey: type: string - description: Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime. + description: Binds 'awsSecretKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsSecretKey' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_assumeRoleArn: type: string - description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. + description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. __template_assumeRoleExternalId: type: string - description: Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime. + description: Binds 'assumeRoleExternalId' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'assumeRoleExternalId' at runtime. __template_awsApiKey: type: string - description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime. + description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsApiKey' at runtime. InputCriblmetrics: type: object properties: @@ -19442,18 +22393,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -19461,11 +22418,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -19477,7 +22436,13 @@ components: fullFidelity: type: boolean title: Full fidelity - description: "Include granular metrics. Disabling this will drop the following metrics events: `cribl.logstream.host.(in_bytes,in_events,out_bytes,out_events)`, `cribl.logstream.index.(in_bytes,in_events,out_bytes,out_events)`, `cribl.logstream.source.(in_bytes,in_events,out_bytes,out_events)`, `cribl.logstream.sourcetype.(in_bytes,in_events,out_bytes,out_events)`." + description: "Include granular metrics. Disabling this will drop the following + metrics events: + `cribl.logstream.host.(in_bytes,in_events,out_bytes,out_events)`, + `cribl.logstream.index.(in_bytes,in_events,out_bytes,out_events)`, + `cribl.logstream.source.(in_bytes,in_events,out_bytes,out_events)`, + `cribl.logstream.sourcetype.(in_bytes,in_events,out_bytes,out_event\ + s)`." metadata: type: array title: Fields @@ -19489,10 +22454,14 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. required: - type InputMetrics: @@ -19515,18 +22484,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -19534,11 +22509,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -19546,7 +22523,9 @@ components: host: type: string title: Address - description: Address to bind on. For IPv4 (all addresses), use the default '0.0.0.0'. For IPv6, enter '::' (all addresses) or specify an IP address. + description: Address to bind on. For IPv4 (all addresses), use the default + '0.0.0.0'. For IPv6, enter '::' (all addresses) or specify an IP + address. udpPort: type: number title: UDP Port @@ -19560,7 +22539,8 @@ components: maxBufferSize: type: number title: Buffer size limit (events) - description: Maximum number of events to buffer when downstream is blocking. Only applies to UDP. + description: Maximum number of events to buffer when downstream is blocking. + Only applies to UDP. minimum: 0 ipWhitelistRegex: type: string @@ -19569,7 +22549,8 @@ components: enableProxyHeader: type: boolean title: Enable proxy protocol - description: Enable if the connection is proxied by a device that supports Proxy Protocol V1 or V2 + description: Enable if the connection is proxied by a device that supports Proxy + Protocol V1 or V2 tls: $ref: "#/components/schemas/TlsSettingsServerSideType" metadata: @@ -19581,27 +22562,41 @@ components: udpSocketRxBufSize: type: number title: UDP socket buffer size (bytes) - description: "Optionally, set the SO_RCVBUF socket option for the UDP socket. This value tells the operating system how many bytes can be buffered in the kernel before events are dropped. Leave blank to use the OS default. Caution: Increasing this value will affect OS memory utilization." + description: "Optionally, set the SO_RCVBUF socket option for the UDP socket. + This value tells the operating system how many bytes can be buffered + in the kernel before events are dropped. Leave blank to use the OS + default. Caution: Increasing this value will affect OS memory + utilization." minimum: 256 - maximum: 4.294967295e+09 + maximum: 4294967295 description: type: string title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_udpPort: type: string - description: Binds 'udpPort' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'udpPort' at runtime. + description: Binds 'udpPort' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'udpPort' at runtime. __template_tcpPort: type: string - description: Binds 'tcpPort' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tcpPort' at runtime. + description: Binds 'tcpPort' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'tcpPort' at runtime. InputS3: type: object required: @@ -19622,18 +22617,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -19641,11 +22642,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -19653,14 +22656,21 @@ components: queueName: type: string title: Queue - description: "The name, URL, or ARN of the SQS queue to read notifications from. When a non-AWS URL is specified, format must be: '{url}/myQueueName'. Example: 'https://host:port/myQueueName'. Value must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `https://host:port/myQueue-${C.vars.myVar}`." + description: "The name, URL, or ARN of the SQS queue to read notifications from. + When a non-AWS URL is specified, format must be: + '{url}/myQueueName'. Example: 'https://host:port/myQueueName'. Value + must be a JavaScript expression (which can evaluate to a constant + value), enclosed in quotes or backticks. Can be evaluated only at + init time. Example referencing a Global Variable: + `https://host:port/myQueue-${C.vars.myVar}`." fileFilter: type: string title: Filename filter description: "Regex matching file names to download and process. Defaults to: .*" awsAccountId: title: AWS account ID - description: SQS queue owner's AWS account ID. Leave empty if SQS queue is in same AWS account. + description: SQS queue owner's AWS account ID. Leave empty if SQS queue is in + same AWS account. type: string awsAuthenticationMethod: $ref: "#/components/schemas/AuthenticationMethodOptionsS3CollectorConf" @@ -19670,11 +22680,13 @@ components: region: type: string title: Region - description: AWS Region where the S3 bucket and SQS queue are located. Required, unless the Queue entry is a URL or ARN that includes a Region. + description: AWS Region where the S3 bucket and SQS queue are located. Required, + unless the Queue entry is a URL or ARN that includes a Region. endpoint: type: string title: Endpoint - description: S3 service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to S3-compatible endpoint. + description: S3 service endpoint. If empty, defaults to the AWS Region-specific + endpoint. Otherwise, it must point to S3-compatible endpoint. reuseConnections: type: boolean title: Reuse connections @@ -19682,51 +22694,64 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates breakerRulesets: type: array title: Event Breaker rulesets - description: A list of event-breaking rulesets that will be applied, in order, to the input data stream + description: A list of event-breaking rulesets that will be applied, in order, + to the input data stream items: type: string staleChannelFlushMs: type: number title: Event Breaker buffer timeout (ms) - description: How long (in milliseconds) the Event Breaker will wait for new data to be sent to a specific channel before flushing the data stream out, as is, to the Pipelines + description: How long (in milliseconds) the Event Breaker will wait for new data + to be sent to a specific channel before flushing the data stream + out, as is, to the Pipelines minimum: 10 - maximum: 4.32e+07 + maximum: 43200000 maxMessages: type: number title: Message limit - description: "The maximum number of messages SQS should return in a poll request. Amazon SQS never returns more messages than this value (however, fewer messages might be returned). Valid values: 1 to 10." + description: "The maximum number of messages SQS should return in a poll + request. Amazon SQS never returns more messages than this value + (however, fewer messages might be returned). Valid values: 1 to 10." minimum: 1 maximum: 10 visibilityTimeout: type: number title: Visibility timeout seconds - description: After messages are retrieved by a ReceiveMessage request, @{product} will hide them from subsequent retrieve requests for at least this duration. You can set this as high as 43200 sec. (12 hours). + description: After messages are retrieved by a ReceiveMessage request, + @{product} will hide them from subsequent retrieve requests for at + least this duration. You can set this as high as 43200 sec. (12 + hours). minimum: 0 maximum: 43200 numReceivers: type: number title: Number of receivers - description: How many receiver processes to run. The higher the number, the better the throughput - at the expense of CPU overhead. + description: How many receiver processes to run. The higher the number, the + better the throughput - at the expense of CPU overhead. minimum: 1 maximum: 100 socketTimeout: type: number title: Socket timeout - description: Socket inactivity timeout (in seconds). Increase this value if timeouts occur due to backpressure. + description: Socket inactivity timeout (in seconds). Increase this value if + timeouts occur due to backpressure. minimum: 1 maximum: 43200 skipOnError: type: boolean title: Skip file on error - description: Skip files that trigger a processing error. Disabled by default, which allows retries after processing errors. + description: Skip files that trigger a processing error. Disabled by default, + which allows retries after processing errors. includeSqsMetadata: type: boolean title: Include notification metadata - description: Attach SQS notification metadata to a __sqsMetadata field on each event + description: Attach SQS notification metadata to a __sqsMetadata field on each + event enableAssumeRole: type: boolean title: Enable for Amazon S3 @@ -19744,7 +22769,9 @@ components: durationSeconds: type: number title: Duration (seconds) - description: Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). + description: Duration of the assumed role's session, in seconds. Minimum is 900 + (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 + hours). minimum: 900 maximum: 43200 enableSQSAssumeRole: @@ -19768,7 +22795,9 @@ components: parquetChunkDownloadTimeout: type: number title: Parquet chunk download timeout (seconds) - description: The maximum time allowed for downloading a Parquet chunk. Processing will stop if a chunk cannot be downloaded within the time specified. + description: The maximum time allowed for downloading a Parquet chunk. + Processing will stop if a chunk cannot be downloaded within the time + specified. maximum: 3600 minimum: 1 checkpointing: @@ -19776,17 +22805,23 @@ components: pollTimeout: type: number title: Poll timeout (secs) - description: How long to wait for events before trying polling again. The lower the number the higher the AWS bill. The higher the number the longer it will take for the source to react to configuration changes and system restarts. + description: How long to wait for events before trying polling again. The lower + the number the higher the AWS bill. The higher the number the longer + it will take for the source to react to configuration changes and + system restarts. minimum: 1 maximum: 20 encoding: type: string title: Encoding - description: Character encoding to use when parsing ingested data. When not set, @{product} will default to UTF-8 but may incorrectly interpret multi-byte characters. + description: Character encoding to use when parsing ingested data. When not set, + @{product} will default to UTF-8 but may incorrectly interpret + multi-byte characters. tagAfterProcessing: type: boolean title: Tag after processing - description: Add a tag to processed S3 objects. Requires s3:GetObjectTagging and s3:PutObjectTagging AWS permissions. + description: Add a tag to processed S3 objects. Requires s3:GetObjectTagging and + s3:PutObjectTagging AWS permissions. description: type: string title: Description @@ -19797,45 +22832,69 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key processedTagKey: type: string title: Tag key - description: The key for the S3 object tag applied after processing. This field accepts an expression for dynamic generation. + description: The key for the S3 object tag applied after processing. This field + accepts an expression for dynamic generation. processedTagValue: type: string title: Tag value - description: The value for the S3 object tag applied after processing. This field accepts an expression for dynamic generation. + description: The value for the S3 object tag applied after processing. This + field accepts an expression for dynamic generation. __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_queueName: type: string - description: Binds 'queueName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'queueName' at runtime. + description: Binds 'queueName' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'queueName' at runtime. __template_awsAccountId: type: string - description: Binds 'awsAccountId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsAccountId' at runtime. + description: Binds 'awsAccountId' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsAccountId' at runtime. __template_awsSecretKey: type: string - description: Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime. + description: Binds 'awsSecretKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsSecretKey' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_assumeRoleArn: type: string - description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. + description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. __template_assumeRoleExternalId: type: string - description: Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime. + description: Binds 'assumeRoleExternalId' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'assumeRoleExternalId' at runtime. __template_awsApiKey: type: string - description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime. + description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsApiKey' at runtime. InputS3Inventory: type: object required: @@ -19856,18 +22915,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -19875,11 +22940,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -19887,14 +22954,21 @@ components: queueName: type: string title: Queue - description: "The name, URL, or ARN of the SQS queue to read notifications from. When a non-AWS URL is specified, format must be: '{url}/myQueueName'. Example: 'https://host:port/myQueueName'. Value must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `https://host:port/myQueue-${C.vars.myVar}`." + description: "The name, URL, or ARN of the SQS queue to read notifications from. + When a non-AWS URL is specified, format must be: + '{url}/myQueueName'. Example: 'https://host:port/myQueueName'. Value + must be a JavaScript expression (which can evaluate to a constant + value), enclosed in quotes or backticks. Can be evaluated only at + init time. Example referencing a Global Variable: + `https://host:port/myQueue-${C.vars.myVar}`." fileFilter: type: string title: Filename filter description: "Regex matching file names to download and process. Defaults to: .*" awsAccountId: title: AWS account ID - description: SQS queue owner's AWS account ID. Leave empty if SQS queue is in same AWS account. + description: SQS queue owner's AWS account ID. Leave empty if SQS queue is in + same AWS account. type: string awsAuthenticationMethod: $ref: "#/components/schemas/AuthenticationMethodOptionsS3CollectorConf" @@ -19904,11 +22978,13 @@ components: region: type: string title: Region - description: AWS Region where the S3 bucket and SQS queue are located. Required, unless the Queue entry is a URL or ARN that includes a Region. + description: AWS Region where the S3 bucket and SQS queue are located. Required, + unless the Queue entry is a URL or ARN that includes a Region. endpoint: type: string title: Endpoint - description: S3 service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to S3-compatible endpoint. + description: S3 service endpoint. If empty, defaults to the AWS Region-specific + endpoint. Otherwise, it must point to S3-compatible endpoint. reuseConnections: type: boolean title: Reuse connections @@ -19916,51 +22992,64 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates breakerRulesets: type: array title: Event Breaker rulesets - description: A list of event-breaking rulesets that will be applied, in order, to the input data stream + description: A list of event-breaking rulesets that will be applied, in order, + to the input data stream items: type: string staleChannelFlushMs: type: number title: Event Breaker buffer timeout (ms) - description: How long (in milliseconds) the Event Breaker will wait for new data to be sent to a specific channel before flushing the data stream out, as is, to the Pipelines + description: How long (in milliseconds) the Event Breaker will wait for new data + to be sent to a specific channel before flushing the data stream + out, as is, to the Pipelines minimum: 10 - maximum: 4.32e+07 + maximum: 43200000 maxMessages: type: number title: Message limit - description: "The maximum number of messages SQS should return in a poll request. Amazon SQS never returns more messages than this value (however, fewer messages might be returned). Valid values: 1 to 10." + description: "The maximum number of messages SQS should return in a poll + request. Amazon SQS never returns more messages than this value + (however, fewer messages might be returned). Valid values: 1 to 10." minimum: 1 maximum: 10 visibilityTimeout: type: number title: Visibility timeout seconds - description: After messages are retrieved by a ReceiveMessage request, @{product} will hide them from subsequent retrieve requests for at least this duration. You can set this as high as 43200 sec. (12 hours). + description: After messages are retrieved by a ReceiveMessage request, + @{product} will hide them from subsequent retrieve requests for at + least this duration. You can set this as high as 43200 sec. (12 + hours). minimum: 0 maximum: 43200 numReceivers: type: number title: Number of receivers - description: How many receiver processes to run. The higher the number, the better the throughput - at the expense of CPU overhead. + description: How many receiver processes to run. The higher the number, the + better the throughput - at the expense of CPU overhead. minimum: 1 maximum: 100 socketTimeout: type: number title: Socket timeout - description: Socket inactivity timeout (in seconds). Increase this value if timeouts occur due to backpressure. + description: Socket inactivity timeout (in seconds). Increase this value if + timeouts occur due to backpressure. minimum: 1 maximum: 43200 skipOnError: type: boolean title: Skip file on error - description: Skip files that trigger a processing error. Disabled by default, which allows retries after processing errors. + description: Skip files that trigger a processing error. Disabled by default, + which allows retries after processing errors. includeSqsMetadata: type: boolean title: Include notification metadata - description: Attach SQS notification metadata to a __sqsMetadata field on each event + description: Attach SQS notification metadata to a __sqsMetadata field on each + event enableAssumeRole: type: boolean title: Enable for Amazon S3 @@ -19978,7 +23067,9 @@ components: durationSeconds: type: number title: Duration (seconds) - description: Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). + description: Duration of the assumed role's session, in seconds. Minimum is 900 + (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 + hours). minimum: 900 maximum: 43200 enableSQSAssumeRole: @@ -20002,7 +23093,9 @@ components: parquetChunkDownloadTimeout: type: number title: Parquet chunk download timeout (seconds) - description: The maximum time allowed for downloading a Parquet chunk. Processing will stop if a chunk cannot be downloaded within the time specified. + description: The maximum time allowed for downloading a Parquet chunk. + Processing will stop if a chunk cannot be downloaded within the time + specified. maximum: 3600 minimum: 1 checkpointing: @@ -20010,22 +23103,31 @@ components: pollTimeout: type: number title: Poll timeout (secs) - description: How long to wait for events before trying polling again. The lower the number the higher the AWS bill. The higher the number the longer it will take for the source to react to configuration changes and system restarts. + description: How long to wait for events before trying polling again. The lower + the number the higher the AWS bill. The higher the number the longer + it will take for the source to react to configuration changes and + system restarts. minimum: 1 maximum: 20 checksumSuffix: type: string title: Checksum Suffix - description: Filename suffix of the manifest checksum file. If a filename matching this suffix is received in the queue, the matching manifest file will be downloaded and validated against its value. Defaults to "checksum" + description: Filename suffix of the manifest checksum file. If a filename + matching this suffix is received in the queue, the matching + manifest file will be downloaded and validated against its value. + Defaults to "checksum" maxManifestSizeKB: type: integer title: Manifest size limit (KB) - description: Maximum download size (KB) of each manifest or checksum file. Manifest files larger than this size will not be read. Defaults to 4096. + description: Maximum download size (KB) of each manifest or checksum file. + Manifest files larger than this size will not be + read. Defaults to 4096. minimum: 1 validateInventoryFiles: type: boolean title: Validate inventory files - description: If set to Yes, each inventory file in the manifest will be validated against its checksum. Defaults to false + description: If set to Yes, each inventory file in the manifest will be + validated against its checksum. Defaults to false description: type: string title: Description @@ -20036,47 +23138,71 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key tagAfterProcessing: $ref: "#/components/schemas/TagAfterProcessingOptions" processedTagKey: type: string title: Tag key - description: The key for the S3 object tag applied after processing. This field accepts an expression for dynamic generation. + description: The key for the S3 object tag applied after processing. This field + accepts an expression for dynamic generation. processedTagValue: type: string title: Tag value - description: The value for the S3 object tag applied after processing. This field accepts an expression for dynamic generation. + description: The value for the S3 object tag applied after processing. This + field accepts an expression for dynamic generation. __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_queueName: type: string - description: Binds 'queueName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'queueName' at runtime. + description: Binds 'queueName' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'queueName' at runtime. __template_awsAccountId: type: string - description: Binds 'awsAccountId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsAccountId' at runtime. + description: Binds 'awsAccountId' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsAccountId' at runtime. __template_awsSecretKey: type: string - description: Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime. + description: Binds 'awsSecretKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsSecretKey' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_assumeRoleArn: type: string - description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. + description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. __template_assumeRoleExternalId: type: string - description: Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime. + description: Binds 'assumeRoleExternalId' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'assumeRoleExternalId' at runtime. __template_awsApiKey: type: string - description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime. + description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsApiKey' at runtime. InputSnmp: type: object required: @@ -20098,18 +23224,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -20117,11 +23249,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -20129,7 +23263,9 @@ components: host: type: string title: Address - description: Address to bind on. For IPv4 (all addresses), use the default '0.0.0.0'. For IPv6, enter '::' (all addresses) or specify an IP address. + description: Address to bind on. For IPv4 (all addresses), use the default + '0.0.0.0'. For IPv6, enter '::' (all addresses) or specify an IP + address. port: type: number title: UDP port @@ -20138,7 +23274,8 @@ components: snmpV3Auth: type: object title: SNMPv3 authentication - description: Authentication parameters for SNMPv3 trap. Set the log level to debug if you are experiencing authentication or decryption issues. + description: Authentication parameters for SNMPv3 trap. Set the log level to + debug if you are experiencing authentication or decryption issues. required: - v3AuthEnabled properties: @@ -20148,7 +23285,8 @@ components: allowUnmatchedTrap: type: boolean title: Allow unmatched traps - description: Pass through traps that don't match any of the configured users. @{product} will not attempt to decrypt these traps. + description: Pass through traps that don't match any of the configured users. + @{product} will not attempt to decrypt these traps. v3Users: type: array title: SNMP v3 users @@ -20169,7 +23307,8 @@ components: type: string title: V3 authentication key privProtocol: - $ref: "#/components/schemas/PrivacyProtocolOptionsSnmpTrapSerializeV3UserAuthProtocolNotNone" + $ref: "#/components/schemas/PrivacyProtocolOptionsSnmpTrapSerializeV3UserAuthPr\ + otocolNotNone" privKey: type: string title: V3 privacy key @@ -20191,32 +23330,46 @@ components: udpSocketRxBufSize: type: number title: UDP socket buffer size (bytes) - description: "Optionally, set the SO_RCVBUF socket option for the UDP socket. This value tells the operating system how many bytes can be buffered in the kernel before events are dropped. Leave blank to use the OS default. Caution: Increasing this value will affect OS memory utilization." + description: "Optionally, set the SO_RCVBUF socket option for the UDP socket. + This value tells the operating system how many bytes can be buffered + in the kernel before events are dropped. Leave blank to use the OS + default. Caution: Increasing this value will affect OS memory + utilization." minimum: 256 - maximum: 4.294967295e+09 + maximum: 4294967295 varbindsWithTypes: type: boolean title: Include varbind types - description: If enabled, parses varbinds as an array of objects that include OID, value, and type + description: If enabled, parses varbinds as an array of objects that include + OID, value, and type bestEffortParsing: type: boolean title: Best effort parsing - description: If enabled, the parser will attempt to parse varbind octet strings as UTF-8, first, otherwise will fallback to other methods + description: If enabled, the parser will attempt to parse varbind octet strings + as UTF-8, first, otherwise will fallback to other methods description: type: string title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. InputOpenTelemetry: type: object required: @@ -20238,18 +23391,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -20257,11 +23416,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -20280,41 +23441,52 @@ components: maxActiveReq: type: number title: Active request limit - description: "Maximum number of active requests allowed per Worker Process. Set to 0 for unlimited. Caution: Increasing the limit above the default value, or setting it to unlimited, may degrade performance and reduce throughput." + description: "Maximum number of active requests allowed per Worker Process. Set + to 0 for unlimited. Caution: Increasing the limit above the default + value, or setting it to unlimited, may degrade performance and + reduce throughput." minimum: 0 maxRequestsPerSocket: type: integer title: Requests-per-socket limit - description: Maximum number of requests per socket before @{product} instructs the client to close the connection. Default is 0 (unlimited). + description: Maximum number of requests per socket before @{product} instructs + the client to close the connection. Default is 0 (unlimited). minimum: 0 requestTimeout: type: number title: Request timeout (seconds) - description: How long to wait for an incoming request to complete before aborting it. Use 0 to disable. + description: How long to wait for an incoming request to complete before + aborting it. Use 0 to disable. minimum: 0 socketTimeout: type: number title: Socket timeout (seconds) - description: How long @{product} should wait before assuming that an inactive socket has timed out. To wait forever, set to 0. + description: How long @{product} should wait before assuming that an inactive + socket has timed out. To wait forever, set to 0. minimum: 0 keepAliveTimeout: type: number title: Keep-alive timeout (seconds) - description: After the last response is sent, @{product} will wait this long for additional data before closing the socket connection. Minimum 1 sec.; maximum 600 sec. (10 min.). + description: After the last response is sent, @{product} will wait this long for + additional data before closing the socket connection. Minimum 1 + sec.; maximum 600 sec. (10 min.). minimum: 1 maximum: 600 enableHealthCheck: type: boolean title: Health check endpoint - description: Enable to expose the /cribl_health endpoint, which returns 200 OK when this Source is healthy + description: Enable to expose the /cribl_health endpoint, which returns 200 OK + when this Source is healthy ipAllowlistRegex: type: string title: IP allowlist regex - description: Messages from matched IP addresses will be processed, unless also matched by the denylist. + description: Messages from matched IP addresses will be processed, unless also + matched by the denylist. ipDenylistRegex: type: string title: IP denylist regex - description: Messages from matched IP addresses will be ignored. This takes precedence over the allowlist. + description: Messages from matched IP addresses will be ignored. This takes + precedence over the allowlist. protocol: type: string title: Protocol @@ -20333,11 +23505,13 @@ components: extractMetrics: type: boolean title: Extract metrics - description: Enable to extract each incoming Gauge or IntGauge metric to multiple events, one per data point + description: Enable to extract each incoming Gauge or IntGauge metric to + multiple events, one per data point otlpVersion: type: string title: OTLP version - description: The version of OTLP Protobuf definitions to use when interpreting received data + description: The version of OTLP Protobuf definitions to use when interpreting + received data enum: - 0.10.0 - 1.3.1 @@ -20365,7 +23539,8 @@ components: authMethodsExt: type: array title: Auth methods - description: Shared secrets to authenticate clients. Supports Bearer tokens and Basic auth. If empty, unauthenticated access is permitted. + description: Shared secrets to authenticate clients. Supports Bearer tokens and + Basic auth. If empty, unauthenticated access is permitted. minItems: 0 items: type: object @@ -20433,7 +23608,8 @@ components: maxActiveCxn: type: number title: Active connection limit - description: Maximum number of active connections allowed per Worker Process. Use 0 for unlimited. + description: Maximum number of active connections allowed per Worker Process. + Use 0 for unlimited. minimum: 0 description: type: string @@ -20462,22 +23638,34 @@ components: description: Enable to extract each incoming log record to a separate event __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. __template_protocol: type: string - description: Binds 'protocol' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'protocol' at runtime. + description: Binds 'protocol' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'protocol' at runtime. __template_otlpVersion: type: string - description: Binds 'otlpVersion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'otlpVersion' at runtime. + description: Binds 'otlpVersion' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'otlpVersion' at runtime. InputModelDrivenTelemetry: type: object required: @@ -20499,18 +23687,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -20518,11 +23712,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -20547,28 +23743,38 @@ components: maxActiveCxn: type: number title: Active connection limit - description: Maximum number of active connections allowed per Worker Process. Use 0 for unlimited. + description: Maximum number of active connections allowed per Worker Process. + Use 0 for unlimited. minimum: 0 shutdownTimeoutMs: type: number title: Shutdown timeout - description: Time in milliseconds to allow the server to shutdown gracefully before forcing shutdown. Defaults to 5000. + description: Time in milliseconds to allow the server to shutdown gracefully + before forcing shutdown. Defaults to 5000. minimum: 1 description: type: string title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. InputSqs: type: object required: @@ -20590,18 +23796,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -20609,11 +23821,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -20621,7 +23835,13 @@ components: queueName: type: string title: Queue - description: "The name, URL, or ARN of the SQS queue to read events from. When a non-AWS URL is specified, format must be: '{url}/myQueueName'. Example: 'https://host:port/myQueueName'. Value must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can only be evaluated at init time. Example referencing a Global Variable: `https://host:port/myQueue-${C.vars.myVar}`." + description: "The name, URL, or ARN of the SQS queue to read events from. When a + non-AWS URL is specified, format must be: '{url}/myQueueName'. + Example: 'https://host:port/myQueueName'. Value must be a JavaScript + expression (which can evaluate to a constant value), enclosed in + quotes or backticks. Can only be evaluated at init time. Example + referencing a Global Variable: + `https://host:port/myQueue-${C.vars.myVar}`." queueType: title: Queue type type: string @@ -20635,7 +23855,8 @@ components: x-speakeasy-unknown-values: allow awsAccountId: title: AWS account ID - description: SQS queue owner's AWS account ID. Leave empty if SQS queue is in same AWS account. + description: SQS queue owner's AWS account ID. Leave empty if SQS queue is in + same AWS account. type: string createQueue: type: boolean @@ -20649,11 +23870,13 @@ components: region: type: string title: Region - description: AWS Region where the SQS queue is located. Required, unless the Queue entry is a URL or ARN that includes a Region. + description: AWS Region where the SQS queue is located. Required, unless the + Queue entry is a URL or ARN that includes a Region. endpoint: type: string title: Endpoint - description: SQS service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to SQS-compatible endpoint. + description: SQS service endpoint. If empty, defaults to the AWS Region-specific + endpoint. Otherwise, it must point to SQS-compatible endpoint. reuseConnections: type: boolean title: Reuse connections @@ -20661,7 +23884,8 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates enableAssumeRole: type: boolean title: Enable for SQS @@ -20679,19 +23903,26 @@ components: durationSeconds: type: number title: Duration (seconds) - description: Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). + description: Duration of the assumed role's session, in seconds. Minimum is 900 + (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 + hours). minimum: 900 maximum: 43200 maxMessages: type: number title: Message limit - description: "The maximum number of messages SQS should return in a poll request. Amazon SQS never returns more messages than this value (however, fewer messages might be returned). Valid values: 1 to 10." + description: "The maximum number of messages SQS should return in a poll + request. Amazon SQS never returns more messages than this value + (however, fewer messages might be returned). Valid values: 1 to 10." minimum: 1 maximum: 10 visibilityTimeout: type: number title: Visibility Timeout Seconds - description: After messages are retrieved by a ReceiveMessage request, @{product} will hide them from subsequent retrieve requests for at least this duration. You can set this as high as 43200 sec. (12 hours). + description: After messages are retrieved by a ReceiveMessage request, + @{product} will hide them from subsequent retrieve requests for at + least this duration. You can set this as high as 43200 sec. (12 + hours). minimum: 0 maximum: 43200 metadata: @@ -20703,7 +23934,10 @@ components: pollTimeout: type: number title: Poll timeout (secs) - description: How long to wait for events before trying polling again. The lower the number the higher the AWS bill. The higher the number the longer it will take for the source to react to configuration changes and system restarts. + description: How long to wait for events before trying polling again. The lower + the number the higher the AWS bill. The higher the number the longer + it will take for the source to react to configuration changes and + system restarts. minimum: 1 maximum: 20 description: @@ -20716,46 +23950,71 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key numReceivers: type: number title: Number of receivers - description: How many receiver processes to run. The higher the number, the better the throughput - at the expense of CPU overhead. + description: How many receiver processes to run. The higher the number, the + better the throughput - at the expense of CPU overhead. minimum: 1 maximum: 100 __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_queueName: type: string - description: Binds 'queueName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'queueName' at runtime. + description: Binds 'queueName' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'queueName' at runtime. __template_queueType: type: string - description: Binds 'queueType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'queueType' at runtime. + description: Binds 'queueType' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'queueType' at runtime. __template_awsAccountId: type: string - description: Binds 'awsAccountId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsAccountId' at runtime. + description: Binds 'awsAccountId' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsAccountId' at runtime. __template_awsSecretKey: type: string - description: Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime. + description: Binds 'awsSecretKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsSecretKey' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_assumeRoleArn: type: string - description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. + description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. __template_assumeRoleExternalId: type: string - description: Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime. + description: Binds 'assumeRoleExternalId' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'assumeRoleExternalId' at runtime. __template_awsApiKey: type: string - description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime. + description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsApiKey' at runtime. InputSyslog: type: object required: @@ -20776,18 +24035,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -20795,11 +24060,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -20807,7 +24074,9 @@ components: host: type: string title: Address - description: Address to bind on. For IPv4 (all addresses), use the default '0.0.0.0'. For IPv6, enter '::' (all addresses) or specify an IP address. + description: Address to bind on. For IPv4 (all addresses), use the default + '0.0.0.0'. For IPv6, enter '::' (all addresses) or specify an IP + address. udpPort: type: number title: UDP port @@ -20821,7 +24090,8 @@ components: maxBufferSize: type: number title: Buffer size limit (events) - description: Maximum number of events to buffer when downstream is blocking. Only applies to UDP. + description: Maximum number of events to buffer when downstream is blocking. + Only applies to UDP. minimum: 0 ipWhitelistRegex: type: string @@ -20838,7 +24108,8 @@ components: enableProxyHeader: type: boolean title: Enable proxy protocol - description: Enable if the connection is proxied by a device that supports Proxy Protocol V1 or V2 + description: Enable if the connection is proxied by a device that supports Proxy + Protocol V1 or V2 keepFieldsList: type: array title: Fields to keep @@ -20853,34 +24124,49 @@ components: inferFraming: type: boolean title: Infer Syslog framing - description: Enable if we should infer the syslog framing of the incoming messages. + description: Enable if we should infer the syslog framing of the incoming + messages. strictlyInferOctetCounting: type: boolean title: Strictly infer octet count framing - description: Enable if we should infer octet counting only if the messages comply with RFC 5424. + description: Enable if we should infer octet counting only if the messages + comply with RFC 5424. allowNonStandardAppName: type: boolean title: Allow non-standard app name - description: Enable if RFC 3164-formatted messages have hyphens in the app name portion of the TAG section. If disabled, only alphanumeric characters and underscores are allowed. Ignored for RFC 5424-formatted messages. + description: Enable if RFC 3164-formatted messages have hyphens in the app name + portion of the TAG section. If disabled, only alphanumeric + characters and underscores are allowed. Ignored for RFC + 5424-formatted messages. maxActiveCxn: type: number title: Active connection limit - description: Maximum number of active connections allowed per Worker Process for TCP connections. Use 0 for unlimited. + description: Maximum number of active connections allowed per Worker Process for + TCP connections. Use 0 for unlimited. minimum: 0 socketIdleTimeout: type: number title: TCP socket idle timeout (seconds) - description: How long @{product} should wait before assuming that an inactive socket has timed out. After this time, the connection will be closed. Leave at 0 for no inactive socket monitoring. + description: How long @{product} should wait before assuming that an inactive + socket has timed out. After this time, the connection will be + closed. Leave at 0 for no inactive socket monitoring. minimum: 0 socketEndingMaxWait: type: number title: TCP forced socket termination timeout (seconds) - description: How long the server will wait after initiating a closure for a client to close its end of the connection. If the client doesn't close the connection within this time, the server will forcefully terminate the socket to prevent resource leaks and ensure efficient connection cleanup and system stability. Leave at 0 for no inactive socket monitoring. + description: How long the server will wait after initiating a closure for a + client to close its end of the connection. If the client doesn't + close the connection within this time, the server will forcefully + terminate the socket to prevent resource leaks and ensure efficient + connection cleanup and system stability. Leave at 0 for no inactive + socket monitoring. minimum: 0 socketMaxLifespan: type: number title: TCP Socket max lifespan (seconds) - description: The maximum duration a socket can remain open, even if active. This helps manage resources and mitigate issues caused by TCP pinning. Set to 0 to disable. + description: The maximum duration a socket can remain open, even if active. This + helps manage resources and mitigate issues caused by TCP pinning. + Set to 0 to disable. minimum: 0 tls: $ref: "#/components/schemas/TlsSettingsServerSideType" @@ -20893,9 +24179,13 @@ components: udpSocketRxBufSize: type: number title: UDP socket buffer size (bytes) - description: "Optionally, set the SO_RCVBUF socket option for the UDP socket. This value tells the operating system how many bytes can be buffered in the kernel before events are dropped. Leave blank to use the OS default. Caution: Increasing this value will affect OS memory utilization." + description: "Optionally, set the SO_RCVBUF socket option for the UDP socket. + This value tells the operating system how many bytes can be buffered + in the kernel before events are dropped. Leave blank to use the OS + default. Caution: Increasing this value will affect OS memory + utilization." minimum: 256 - maximum: 4.294967295e+09 + maximum: 4294967295 enableLoadBalancing: type: boolean title: Enable TCP load balancing @@ -20906,25 +24196,39 @@ components: enableEnhancedProxyHeaderParsing: type: boolean title: Enable enhanced TLS handshake for proxy protocol - description: When enabled, parses PROXY protocol headers during the TLS handshake. Disable if compatibility issues arise. + description: When enabled, parses PROXY protocol headers during the TLS + handshake. Disable if compatibility issues arise. __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_udpPort: type: string - description: Binds 'udpPort' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'udpPort' at runtime. + description: Binds 'udpPort' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'udpPort' at runtime. __template_tcpPort: type: string - description: Binds 'tcpPort' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tcpPort' at runtime. + description: Binds 'tcpPort' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'tcpPort' at runtime. __template_timestampTimezone: type: string - description: Binds 'timestampTimezone' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'timestampTimezone' at runtime. + description: Binds 'timestampTimezone' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'timestampTimezone' at runtime. anyOf: - required: - host @@ -20948,18 +24252,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -20967,11 +24277,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -20994,17 +24306,21 @@ components: filenames: type: array title: Filename allowlist - description: The full path of discovered files are matched against this wildcard list + description: The full path of discovered files are matched against this wildcard + list items: type: string filterArchivedFiles: type: boolean title: Apply filename allowlist internal to archive files - description: Apply filename allowlist to file entries in archive file types, like tar or zip. + description: Apply filename allowlist to file entries in archive file types, + like tar or zip. tailOnly: type: boolean title: Collect from end - description: Read only new entries at the end of all files discovered at next startup. @{product} will then read newly discovered files from the head. Disable this to resume reading all files from head. + description: Read only new entries at the end of all files discovered at next + startup. @{product} will then read newly discovered files from the + head. Disable this to resume reading all files from head. idleTimeout: type: number minimum: 1 @@ -21013,15 +24329,20 @@ components: minAgeDur: type: string title: Minimum age duration - description: "The minimum age of files to monitor. Format examples: 30s, 15m, 1h. Age is relative to file modification time. Leave empty to apply no age filters." + description: "The minimum age of files to monitor. Format examples: 30s, 15m, + 1h. Age is relative to file modification time. Leave empty to apply + no age filters." maxAgeDur: type: string title: Maximum age duration - description: 'The maximum age of event timestamps to collect. Format examples: 60s, 4h, 3d, 1w. Can be used in conjuction with "Check file modification times". Leave empty to apply no age filters.' + description: 'The maximum age of event timestamps to collect. Format examples: + 60s, 4h, 3d, 1w. Can be used in conjuction with "Check file + modification times". Leave empty to apply no age filters.' checkFileModTime: type: boolean title: Check file modification times - description: Skip files with modification times earlier than the maximum age duration + description: Skip files with modification times earlier than the maximum age + duration forceText: type: boolean title: Force text format @@ -21030,7 +24351,8 @@ components: type: number minimum: 1 title: Hash length - description: Length of file header bytes to use in hash for unique file identification + description: Length of file header bytes to use in hash for unique file + identification metadata: type: array title: Fields @@ -21040,31 +24362,39 @@ components: breakerRulesets: type: array title: Event Breaker rulesets - description: A list of event-breaking rulesets that will be applied, in order, to the input data stream + description: A list of event-breaking rulesets that will be applied, in order, + to the input data stream items: type: string disableStaleChannelFlush: type: boolean title: Disable Event Breaker buffer timeout - description: When enabled, no Event Breaker channel flush timeout applies and the timeout below is ignored. Prefer this option when using header-based breakers for file types such as CSV or IIS. + description: When enabled, no Event Breaker channel flush timeout applies and + the timeout below is ignored. Prefer this option when using + header-based breakers for file types such as CSV or IIS. staleChannelFlushMs: type: number title: Event Breaker buffer timeout (ms) - description: How long (in milliseconds) the Event Breaker will wait for new data to be sent to a specific channel before flushing the data stream out, as is, to the Pipelines + description: How long (in milliseconds) the Event Breaker will wait for new data + to be sent to a specific channel before flushing the data stream + out, as is, to the Pipelines minimum: 10 - maximum: 4.32e+07 + maximum: 43200000 description: type: string title: Description path: type: string title: Search path - description: "Directory path to search for files. Environment variables will be resolved (example: $CRIBL_HOME/log/)." + description: "Directory path to search for files. Environment variables will be + resolved (example: $CRIBL_HOME/log/)." depth: type: number minimum: 0 title: Max depth - description: Set how many subdirectories deep to search. Use 0 to search only files in the given path, 1 to also look in its immediate subdirectories, etc. Leave it empty for unlimited depth. + description: Set how many subdirectories deep to search. Use 0 to search only + files in the given path, 1 to also look in its immediate + subdirectories, etc. Leave it empty for unlimited depth. suppressMissingPathErrors: type: boolean title: Suppress errors when search path does not exist @@ -21075,21 +24405,32 @@ components: saltHash: type: boolean title: Salt file hash - description: Salt the file hash with the Source file path. Ensures that all files with the same header hash, such as CSV files, are ingested. Moving or renaming the file, or toggling this after starting the Source will cause re-ingestion. + description: Salt the file hash with the Source file path. Ensures that all + files with the same header hash, such as CSV files, are ingested. + Moving or renaming the file, or toggling this after starting the + Source will cause re-ingestion. optimizeLeafDirectories: type: boolean title: Optimize for leaf directories - description: Skip rescans of unchanged directories based on directory modification time. Uses an exponential backoff strategy, reducing load on the filesystems, but possibly delaying detection of new data. This option is optimized for search paths where files exist in the leaf directories. + description: Skip rescans of unchanged directories based on directory + modification time. Uses an exponential backoff strategy, reducing + load on the filesystems, but possibly delaying detection of new + data. This option is optimized for search paths where files exist in + the leaf directories. includeUnidentifiableBinary: type: boolean title: Enable binary files description: Stream binary files as Base64-encoded chunks __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. required: - type InputTcp: @@ -21113,18 +24454,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -21132,11 +24479,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -21155,31 +24504,43 @@ components: ipWhitelistRegex: type: string title: IP allowlist regex - description: Regex matching IP addresses that are allowed to establish a connection + description: Regex matching IP addresses that are allowed to establish a + connection maxActiveCxn: type: number title: Active connection limit - description: Maximum number of active connections allowed per Worker Process. Use 0 for unlimited. + description: Maximum number of active connections allowed per Worker Process. + Use 0 for unlimited. minimum: 0 socketIdleTimeout: type: number title: Socket idle timeout (seconds) - description: How long @{product} should wait before assuming that an inactive socket has timed out. After this time, the connection will be closed. Leave at 0 for no inactive socket monitoring. + description: How long @{product} should wait before assuming that an inactive + socket has timed out. After this time, the connection will be + closed. Leave at 0 for no inactive socket monitoring. minimum: 0 socketEndingMaxWait: type: number title: Forced socket termination timeout (seconds) - description: How long the server will wait after initiating a closure for a client to close its end of the connection. If the client doesn't close the connection within this time, the server will forcefully terminate the socket to prevent resource leaks and ensure efficient connection cleanup and system stability. Leave at 0 for no inactive socket monitoring. + description: How long the server will wait after initiating a closure for a + client to close its end of the connection. If the client doesn't + close the connection within this time, the server will forcefully + terminate the socket to prevent resource leaks and ensure efficient + connection cleanup and system stability. Leave at 0 for no inactive + socket monitoring. minimum: 0 socketMaxLifespan: type: number title: Socket max lifespan (seconds) - description: The maximum duration a socket can remain open, even if active. This helps manage resources and mitigate issues caused by TCP pinning. Set to 0 to disable. + description: The maximum duration a socket can remain open, even if active. This + helps manage resources and mitigate issues caused by TCP pinning. + Set to 0 to disable. minimum: 0 enableProxyHeader: type: boolean title: Enable proxy protocol - description: Enable if the connection is proxied by a device that supports proxy protocol v1 or v2 + description: Enable if the connection is proxied by a device that supports proxy + protocol v1 or v2 metadata: type: array title: Fields @@ -21189,19 +24550,27 @@ components: breakerRulesets: type: array title: Event Breaker rulesets - description: A list of event-breaking rulesets that will be applied, in order, to the input data stream + description: A list of event-breaking rulesets that will be applied, in order, + to the input data stream items: type: string staleChannelFlushMs: type: number title: Event Breaker buffer timeout (ms) - description: How long (in milliseconds) the Event Breaker will wait for new data to be sent to a specific channel before flushing the data stream out, as is, to the Pipelines + description: How long (in milliseconds) the Event Breaker will wait for new data + to be sent to a specific channel before flushing the data stream + out, as is, to the Pipelines minimum: 10 - maximum: 4.32e+07 + maximum: 43200000 enableHeader: type: boolean title: Enable header - description: 'Client will pass the header record with every new connection. The header can contain an authToken, and an object with a list of fields and values to add to every event. These fields can be used to simplify Event Breaker selection, routing, etc. Header has this format, and must be followed by a newline: { "authToken" : "myToken", "fields": { "field1": "value1", "field2": "value2" } }' + description: 'Client will pass the header record with every new connection. The + header can contain an authToken, and an object with a list of fields + and values to add to every event. These fields can be used to + simplify Event Breaker selection, routing, etc. Header has this + format, and must be followed by a newline: { "authToken" : + "myToken", "fields": { "field1": "value1", "field2": "value2" } }' preprocess: $ref: "#/components/schemas/PreprocessType" description: @@ -21210,7 +24579,8 @@ components: authToken: type: string title: Auth token - description: Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted. + description: Shared secret to be provided by any client (in authToken header + field). If empty, unauthorized access is permitted. authType: $ref: "#/components/schemas/AuthenticationMethodOptionsAuthTokensItems" textSecret: @@ -21219,16 +24589,24 @@ components: description: Select or create a stored text secret __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. InputAppscope: type: object required: @@ -21248,18 +24626,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -21267,11 +24651,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -21279,31 +24665,43 @@ components: ipWhitelistRegex: type: string title: IP allowlist regex - description: Regex matching IP addresses that are allowed to establish a connection + description: Regex matching IP addresses that are allowed to establish a + connection maxActiveCxn: type: number title: Active connection limit - description: Maximum number of active connections allowed per Worker Process. Use 0 for unlimited. + description: Maximum number of active connections allowed per Worker Process. + Use 0 for unlimited. minimum: 0 socketIdleTimeout: type: number title: Socket idle timeout (seconds) - description: How long @{product} should wait before assuming that an inactive socket has timed out. After this time, the connection will be closed. Leave at 0 for no inactive socket monitoring. + description: How long @{product} should wait before assuming that an inactive + socket has timed out. After this time, the connection will be + closed. Leave at 0 for no inactive socket monitoring. minimum: 0 socketEndingMaxWait: type: number title: Forced socket termination timeout (seconds) - description: How long the server will wait after initiating a closure for a client to close its end of the connection. If the client doesn't close the connection within this time, the server will forcefully terminate the socket to prevent resource leaks and ensure efficient connection cleanup and system stability. Leave at 0 for no inactive socket monitoring. + description: How long the server will wait after initiating a closure for a + client to close its end of the connection. If the client doesn't + close the connection within this time, the server will forcefully + terminate the socket to prevent resource leaks and ensure efficient + connection cleanup and system stability. Leave at 0 for no inactive + socket monitoring. minimum: 0 socketMaxLifespan: type: number title: Socket max lifespan (seconds) - description: The maximum duration a socket can remain open, even if active. This helps manage resources and mitigate issues caused by TCP pinning. Set to 0 to disable. + description: The maximum duration a socket can remain open, even if active. This + helps manage resources and mitigate issues caused by TCP pinning. + Set to 0 to disable. minimum: 0 enableProxyHeader: type: boolean title: Enable proxy protocol - description: Enable if the connection is proxied by a device that supports proxy protocol v1 or v2 + description: Enable if the connection is proxied by a device that supports proxy + protocol v1 or v2 metadata: type: array title: Fields @@ -21313,26 +24711,31 @@ components: breakerRulesets: type: array title: Event Breaker rulesets - description: A list of event-breaking rulesets that will be applied, in order, to the input data stream + description: A list of event-breaking rulesets that will be applied, in order, + to the input data stream items: type: string staleChannelFlushMs: type: number title: Event Breaker buffer timeout (ms) - description: How long (in milliseconds) the Event Breaker will wait for new data to be sent to a specific channel before flushing the data stream out, as is, to the Pipelines + description: How long (in milliseconds) the Event Breaker will wait for new data + to be sent to a specific channel before flushing the data stream + out, as is, to the Pipelines minimum: 10 - maximum: 4.32e+07 + maximum: 43200000 enableUnixPath: type: boolean title: UNIX domain socket - description: Toggle to Yes to specify a file-backed UNIX domain socket connection, instead of a network host and port. + description: Toggle to Yes to specify a file-backed UNIX domain socket + connection, instead of a network host and port. filter: type: object properties: allow: type: array title: Rules - description: Specify processes that AppScope should be loaded into, and the config to use. + description: Specify processes that AppScope should be loaded into, and the + config to use. items: type: object properties: @@ -21347,14 +24750,17 @@ components: config: type: string title: AppScope config - description: Choose a config to apply to processes that match the process name and/or argument. + description: Choose a config to apply to processes that match the process name + and/or argument. required: - procname - config transportURL: type: string title: Transport override - description: To override the UNIX domain socket or address/port specified in General Settings (while leaving Authentication settings as is), enter a URL. + description: To override the UNIX domain socket or address/port specified in + General Settings (while leaving Authentication settings as is), + enter a URL. persistence: type: object title: Persistence @@ -21370,19 +24776,22 @@ components: maxDataSize: type: string title: Data size limit - description: "Maximum disk space allowed to be consumed (examples: 420MB, 4GB). When limit is reached, older data will be deleted." + description: "Maximum disk space allowed to be consumed (examples: 420MB, 4GB). + When limit is reached, older data will be deleted." pattern: ^\d+\s*(?:\w{2})?$ maxDataTime: title: Data age limit type: string - description: "Maximum amount of time to retain data (examples: 2h, 4d). When limit is reached, older data will be deleted." + description: "Maximum amount of time to retain data (examples: 2h, 4d). When + limit is reached, older data will be deleted." pattern: \d+[smhd]$ compress: $ref: "#/components/schemas/DataCompressionFormatOptionsPersistence" destPath: type: string title: Path location - description: Path to use to write metrics. Defaults to $CRIBL_HOME/state/appscope + description: Path to use to write metrics. Defaults to + $CRIBL_HOME/state/appscope authType: $ref: "#/components/schemas/AuthenticationMethodOptionsAuthTokensItems" description: @@ -21408,27 +24817,37 @@ components: - string - number title: UNIX socket permissions - description: Permissions to set for socket e.g., 777. If empty, falls back to the runtime user's default permissions. + description: Permissions to set for socket e.g., 777. If empty, falls back to + the runtime user's default permissions. authToken: type: string title: Auth token - description: Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted. + description: Shared secret to be provided by any client (in authToken header + field). If empty, unauthorized access is permitted. textSecret: type: string title: Auth token (text secret) description: Select or create a stored text secret __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. InputWef: type: object required: @@ -21451,18 +24870,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -21470,11 +24895,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -21526,7 +24953,8 @@ components: privKeyPath: type: string title: Private key path - description: Path on server containing the private key to use. PEM format. Can reference $ENV_VARS. + description: Path on server containing the private key to use. PEM format. Can + reference $ENV_VARS. passphrase: type: string title: Passphrase @@ -21534,15 +24962,19 @@ components: certPath: type: string title: Certificate path - description: Path on server containing certificates to use. PEM format. Can reference $ENV_VARS. + description: Path on server containing certificates to use. PEM format. Can + reference $ENV_VARS. caPath: type: string title: CA certificate path - description: Server path containing CA certificates (in PEM format) to use. Can reference $ENV_VARS. If multiple certificates are present in a .pem, each must directly certify the one preceding it. + description: Server path containing CA certificates (in PEM format) to use. Can + reference $ENV_VARS. If multiple certificates are present in a + .pem, each must directly certify the one preceding it. commonNameRegex: type: string title: Common name - description: Regex matching allowable common names in peer certificates' subject attribute + description: Regex matching allowable common names in peer certificates' subject + attribute minVersion: $ref: "#/components/schemas/MinimumTlsVersionOptionsTls" maxVersion: @@ -21554,21 +24986,30 @@ components: ocspCheckFailClose: type: boolean title: Strict validation - description: If enabled, checks will fail on any OCSP error. Otherwise, checks will fail only when a certificate is revoked, ignoring other errors. + description: If enabled, checks will fail on any OCSP error. Otherwise, checks + will fail only when a certificate is revoked, ignoring other + errors. maxActiveReq: type: number title: Active request limit - description: "Maximum number of active requests allowed per Worker Process. Set to 0 for unlimited. Caution: Increasing the limit above the default value, or setting it to unlimited, may degrade performance and reduce throughput." + description: "Maximum number of active requests allowed per Worker Process. Set + to 0 for unlimited. Caution: Increasing the limit above the default + value, or setting it to unlimited, may degrade performance and + reduce throughput." minimum: 0 maxRequestsPerSocket: type: integer title: Requests-per-socket limit - description: Maximum number of requests per socket before @{product} instructs the client to close the connection. Default is 0 (unlimited). + description: Maximum number of requests per socket before @{product} instructs + the client to close the connection. Default is 0 (unlimited). minimum: 0 enableProxyHeader: type: boolean title: Show originating IP - description: Preserve the client’s original IP address in the __srcIpPort field when connecting through an HTTP proxy that supports the X-Forwarded-For header. This does not apply to TCP-layer Proxy Protocol v1/v2. + description: Preserve the client’s original IP address in the __srcIpPort field + when connecting through an HTTP proxy that supports the + X-Forwarded-For header. This does not apply to TCP-layer Proxy + Protocol v1/v2. captureHeaders: type: boolean title: Capture request headers @@ -21576,42 +25017,52 @@ components: keepAliveTimeout: type: number title: Keep-alive timeout (seconds) - description: After the last response is sent, @{product} will wait this long for additional data before closing the socket connection. Minimum 1 second, maximum 600 seconds (10 minutes). + description: After the last response is sent, @{product} will wait this long for + additional data before closing the socket connection. Minimum 1 + second, maximum 600 seconds (10 minutes). minimum: 1 maximum: 600 enableHealthCheck: type: boolean title: Health check endpoint - description: Expose the /cribl_health endpoint, which returns 200 OK when this Source is healthy + description: Expose the /cribl_health endpoint, which returns 200 OK when this + Source is healthy ipAllowlistRegex: type: string title: IP allowlist regex - description: Messages from matched IP addresses will be processed, unless also matched by the denylist + description: Messages from matched IP addresses will be processed, unless also + matched by the denylist ipDenylistRegex: type: string title: IP denylist regex - description: Messages from matched IP addresses will be ignored. This takes precedence over the allowlist. + description: Messages from matched IP addresses will be ignored. This takes + precedence over the allowlist. socketTimeout: type: number title: Socket timeout (seconds) - description: How long @{product} should wait before assuming that an inactive socket has timed out. To wait forever, set to 0. + description: How long @{product} should wait before assuming that an inactive + socket has timed out. To wait forever, set to 0. minimum: 0 caFingerprint: type: string title: CA fingerprint override - description: SHA1 fingerprint expected by the client, if it does not match the first certificate in the configured CA chain + description: SHA1 fingerprint expected by the client, if it does not match the + first certificate in the configured CA chain keytab: type: string title: Keytab location - description: Path to the keytab file containing the service principal credentials. @{product} will use `/etc/krb5.keytab` if not provided. + description: Path to the keytab file containing the service principal + credentials. @{product} will use `/etc/krb5.keytab` if not provided. principal: type: string title: Service principal name - description: Kerberos principal used for authentication, typically in the form HTTP/@ + description: Kerberos principal used for authentication, typically in the form + HTTP/@ allowMachineIdMismatch: type: boolean title: Allow MachineID mismatch - description: Allow events to be ingested even if their MachineID does not match the client certificate CN + description: Allow events to be ingested even if their MachineID does not match + the client certificate CN subscriptions: title: Subscriptions description: Subscriptions to events on forwarding endpoints @@ -21632,7 +25083,8 @@ components: version: title: Version type: string - description: Version UUID for this subscription. If any subscription parameters are modified, this value will change. + description: Version UUID for this subscription. If any subscription parameters + are modified, this value will change. contentFormat: title: Format type: string @@ -21644,21 +25096,28 @@ components: heartbeatInterval: title: Heartbeat type: number - description: Maximum time (in seconds) between endpoint checkins before considering it unavailable + description: Maximum time (in seconds) between endpoint checkins before + considering it unavailable minimum: 1 batchTimeout: title: Batch timeout type: number - description: Interval (in seconds) over which the endpoint should collect events before sending them to Stream + description: Interval (in seconds) over which the endpoint should collect events + before sending them to Stream minimum: 0 readExistingEvents: title: Read existing events type: boolean - description: Newly subscribed endpoints will send previously existing events. Disable to receive new events only. + description: Newly subscribed endpoints will send previously existing events. + Disable to receive new events only. sendBookmarks: title: Use bookmarks type: boolean - description: Keep track of which events have been received, resuming from that point after a re-subscription. This setting takes precedence over 'Read existing events'. See [Cribl Docs](https://docs.cribl.io/stream/sources-wef/#subscriptions) for more details. + description: Keep track of which events have been received, resuming from that + point after a re-subscription. This setting takes precedence + over 'Read existing events'. See [Cribl + Docs](https://docs.cribl.io/stream/sources-wef/#subscriptions) + for more details. compress: title: Compression type: boolean @@ -21666,14 +25125,16 @@ components: targets: type: array title: Targets - description: The DNS names of the endpoints that should forward these events. You may use wildcards, such as *.mydomain.com + description: The DNS names of the endpoints that should forward these events. + You may use wildcards, such as *.mydomain.com items: type: string minLength: 1 locale: title: Locale type: string - description: The RFC-3066 locale the Windows clients should use when sending events. Defaults to "en-US". + description: The RFC-3066 locale the Windows clients should use when sending + events. Defaults to "en-US". querySelector: type: string title: Query builder mode @@ -21721,25 +25182,39 @@ components: logFingerprintMismatch: type: boolean title: Log CA fingerprint mismatch warning - description: Log a warning if the client certificate authority (CA) fingerprint does not match the expected value. A mismatch prevents Cribl from receiving events from the Windows Event Forwarder. + description: Log a warning if the client certificate authority (CA) fingerprint + does not match the expected value. A mismatch prevents Cribl from + receiving events from the Windows Event Forwarder. __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. __template_keytab: type: string - description: Binds 'keytab' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'keytab' at runtime. + description: Binds 'keytab' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'keytab' at runtime. __template_principal: type: string - description: Binds 'principal' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'principal' at runtime. + description: Binds 'principal' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'principal' at runtime. InputWinEventLogs: type: object required: @@ -21760,18 +25235,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -21779,11 +25260,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -21791,7 +25274,8 @@ components: logNames: type: array title: Event logs - description: Enter the event logs to collect. Run "Get-WinEvent -ListLog *" in PowerShell to see the available logs. + description: Enter the event logs to collect. Run "Get-WinEvent -ListLog *" in + PowerShell to see the available logs. items: minLength: 1 type: string @@ -21822,17 +25306,23 @@ components: disableNativeModule: type: boolean title: Use Windows Tools - description: Enable to use built-in tools (PowerShell for JSON, wevtutil for XML) to collect event logs instead of native API (default) [Learn more](https://docs.cribl.io/edge/sources-windows-event-logs/#advanced-settings) + description: Enable to use built-in tools (PowerShell for JSON, wevtutil for + XML) to collect event logs instead of native API (default) [Learn + more](https://docs.cribl.io/edge/sources-windows-event-logs/#advanced-settings) interval: type: number minimum: 1 title: Polling interval - description: Time, in seconds, between checking for new entries (Applicable for pre-4.8.0 nodes that use Windows Tools) + description: Time, in seconds, between checking for new entries (Applicable for + pre-4.8.0 nodes that use Windows Tools) batchSize: type: number minimum: 1 title: Batch size - description: The maximum number of events to read in one polling interval. A batch size higher than 500 can cause delays when pulling from multiple event logs. (Applicable for pre-4.8.0 nodes that use Windows Tools) + description: The maximum number of events to read in one polling interval. A + batch size higher than 500 can cause delays when pulling from + multiple event logs. (Applicable for pre-4.8.0 nodes that use + Windows Tools) metadata: type: array title: Fields @@ -21842,26 +25332,33 @@ components: maxEventBytes: type: number title: Event byte limit - description: The maximum number of bytes in an event before it is flushed to the pipelines + description: The maximum number of bytes in an event before it is flushed to the + pipelines minimum: 1 - maximum: 1.34217728e+08 + maximum: 134217728 description: type: string title: Description disableJsonRendering: type: boolean title: Render event message strings - description: Enable/disable the rendering of localized event message strings (Applicable for 4.8.0 nodes and newer that use the Native API) + description: Enable/disable the rendering of localized event message strings + (Applicable for 4.8.0 nodes and newer that use the Native API) disableXmlRendering: type: boolean title: Render event message strings - description: Enable/disable the rendering of localized event message strings (Applicable for 4.8.0 nodes and newer that use the Native API) + description: Enable/disable the rendering of localized event message strings + (Applicable for 4.8.0 nodes and newer that use the Native API) __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. InputAppleUnifiedLogs: type: object required: @@ -21882,18 +25379,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -21901,11 +25404,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -21913,7 +25418,11 @@ components: predicate: type: string title: Predicate - description: String to filter log entries, in NSPredicate format (e.g., subsystem == "com.apple.security" or process == "kernel"). See [Predicate format reference](https://developer.apple.com/library/archive/documentation/Cocoa/Conceptual/Predicates/AdditionalChapters/Introduction.html) for more information. + description: String to filter log entries, in NSPredicate format (e.g., + subsystem == "com.apple.security" or process == "kernel"). See + [Common Log Types and + Predicates](https://docs.cribl.io/edge/sources-apple-unified-logs/#examples) + for more information. minLength: 1 readMode: type: string @@ -21924,7 +25433,8 @@ components: x-speakeasy-enum-descriptions: - Entire log - From last entry - description: Read all log entries (historical and upcoming), or only upcoming, from the last entry + description: Read all log entries (historical and upcoming), or only upcoming, + from the last entry x-speakeasy-unknown-values: allow metadata: type: array @@ -21937,10 +25447,14 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. InputRawUdp: type: object required: @@ -21962,18 +25476,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -21981,11 +25501,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -21993,7 +25515,9 @@ components: host: type: string title: Address - description: Address to bind on. For IPv4 (all addresses), use the default '0.0.0.0'. For IPv6, enter '::' (all addresses) or specify an IP address. + description: Address to bind on. For IPv4 (all addresses), use the default + '0.0.0.0'. For IPv6, enter '::' (all addresses) or specify an IP + address. port: type: number title: Port @@ -22011,17 +25535,24 @@ components: singleMsgUdpPackets: type: boolean title: Single msg per UDP - description: If true, each UDP packet is assumed to contain a single message. If false, each UDP packet is assumed to contain multiple messages, separated by newlines. + description: If true, each UDP packet is assumed to contain a single message. If + false, each UDP packet is assumed to contain multiple messages, + separated by newlines. ingestRawBytes: type: boolean title: Ingest raw bytes - description: If true, a __rawBytes field will be added to each event containing the raw bytes of the datagram. + description: If true, a __rawBytes field will be added to each event containing + the raw bytes of the datagram. udpSocketRxBufSize: type: number title: UDP socket buffer size (bytes) - description: "Optionally, set the SO_RCVBUF socket option for the UDP socket. This value tells the operating system how many bytes can be buffered in the kernel before events are dropped. Leave blank to use the OS default. Caution: Increasing this value will affect OS memory utilization." + description: "Optionally, set the SO_RCVBUF socket option for the UDP socket. + This value tells the operating system how many bytes can be buffered + in the kernel before events are dropped. Leave blank to use the OS + default. Caution: Increasing this value will affect OS memory + utilization." minimum: 256 - maximum: 4.294967295e+09 + maximum: 4294967295 metadata: type: array title: Fields @@ -22033,16 +25564,24 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. InputJournalFiles: type: object required: @@ -22063,18 +25602,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -22082,11 +25627,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -22094,7 +25641,8 @@ components: path: type: string title: Search path - description: Directory path to search for journals. Environment variables will be resolved, e.g. $CRIBL_EDGE_FS_ROOT/var/log/journal/$MACHINE_ID. + description: Directory path to search for journals. Environment variables will + be resolved, e.g. $CRIBL_EDGE_FS_ROOT/var/log/journal/$MACHINE_ID. interval: type: number minimum: 1 @@ -22103,13 +25651,16 @@ components: journals: type: array title: Journal allowlist - description: The full path of discovered journals are matched against this wildcard list. + description: The full path of discovered journals are matched against this + wildcard list. items: type: string rules: type: array title: Filter Rules - description: Add rules to decide which journal objects to allow. Events are generated if no rules are given or if all the rules' expressions evaluate to true. + description: Add rules to decide which journal objects to allow. Events are + generated if no rules are given or if all the rules' expressions + evaluate to true. items: type: object required: @@ -22118,7 +25669,8 @@ components: filter: type: string title: Filter Expression - description: JavaScript expression applied to Journal objects. Return 'true' to include it. + description: JavaScript expression applied to Journal objects. Return 'true' to + include it. description: type: string title: Description @@ -22126,11 +25678,12 @@ components: currentBoot: type: boolean title: Current boot only - description: Skip log messages that are not part of the current boot session. + description: Skip log messages that are not part of the current boot session maxAgeDur: type: string title: Age duration limit - description: "The maximum log message age, in duration form (e.g,: 60s, 4h, 3d, 1w). Default of no value will apply no max age filters." + description: "The maximum log message age, in duration form (e.g,: 60s, 4h, 3d, + 1w). Default of no value will apply no max age filters." suppressMissingPathErrors: type: boolean title: Suppress errors when search path does not exist @@ -22145,10 +25698,14 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. InputWiz: type: object required: @@ -22172,18 +25729,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -22191,11 +25754,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -22203,7 +25768,8 @@ components: endpoint: type: string title: GraphQL endpoint - description: "The Wiz GraphQL API endpoint. Example: https://api.us1.app.wiz.io/graphql" + description: "The Wiz GraphQL API endpoint. Example: + https://api.us1.app.wiz.io/graphql" pattern: ^https:\/\/ authUrl: type: string @@ -22212,7 +25778,8 @@ components: authAudienceOverride: type: string title: Authentication audience - description: The audience to use when requesting an OAuth token for a custom auth URL. When not specified, `wiz-api` will be used. + description: The audience to use when requesting an OAuth token for a custom + auth URL. When not specified, `wiz-api` will be used. clientId: type: string title: Client ID @@ -22247,17 +25814,26 @@ components: stateUpdateExpression: type: string title: State update expression - description: JavaScript expression that defines how to update the state from an event. Use the event's data and the current state to compute the new state. See [Understanding State Expression Fields](https://docs.cribl.io/stream/collectors-rest#state-tracking-expression-fields) for more information. + description: JavaScript expression that defines how to update the state from an + event. Use the event's data and the current state to compute + the new state. See [Understanding State Expression + Fields](https://docs.cribl.io/stream/collectors-rest#state-tracking-expression-fields) + for more information. stateMergeExpression: type: string title: State merge expression - description: JavaScript expression that defines which state to keep when merging a task's newly reported state with previously saved state. Evaluates `prevState` and `newState` variables, resolving to the state to keep. + description: JavaScript expression that defines which state to keep when merging + a task's newly reported state with previously saved state. + Evaluates `prevState` and `newState` variables, resolving to + the state to keep. manageState: type: object contentQuery: type: string title: Content query - description: "Template for POST body to send with the Collect request. Reference global variables, or functions using template params: `${C.vars.myVar}`, or `${Date.now()}`, `${param}`." + description: "Template for POST body to send with the Collect request. Reference + global variables, or functions using template params: + `${C.vars.myVar}`, or `${Date.now()}`, `${param}`." cronSchedule: type: string title: Cron schedule @@ -22265,22 +25841,29 @@ components: earliest: type: string title: Earliest time - description: "Earliest time, relative to now. Format supported: [+|-]@ (ex: -1hr, -42m, -42m@h)" + description: "Earliest time, relative to now. Format supported: + [+|-]@ (ex: -1hr, + -42m, -42m@h)" latest: type: string title: Latest time - description: "Latest time, relative to now. Format supported: [+|-]@ (ex: -1hr, -42m, -42m@h)" + description: "Latest time, relative to now. Format supported: + [+|-]@ (ex: -1hr, + -42m, -42m@h)" jobTimeout: title: Job timeout type: string - description: "Maximum time the job is allowed to run (examples: 30, 45s, 15m). Units default to seconds if not specified. Enter 0 for unlimited time." + description: "Maximum time the job is allowed to run (examples: 30, 45s, 15m). + Units default to seconds if not specified. Enter 0 for + unlimited time." pattern: ^\d+[sm]?$ logLevel: $ref: "#/components/schemas/LogLevelOptionsContentConfigItemsDebugError" maxPages: type: number title: Page limit - description: Maximum number of pages to retrieve per collection task. Defaults to 0. Set to 0 to retrieve all pages. + description: Maximum number of pages to retrieve per collection task. Defaults + to 0. Set to 0 to retrieve all pages. minimum: 0 requestTimeout: type: number @@ -22291,22 +25874,27 @@ components: keepAliveTime: type: number title: Keep alive time (seconds) - description: How often workers should check in with the scheduler to keep job subscription alive + description: How often workers should check in with the scheduler to keep job + subscription alive minimum: 10 maxMissedKeepAlives: type: number title: Worker timeout (periods) - description: The number of Keep Alive Time periods before an inactive worker will have its job subscription revoked. + description: The number of Keep Alive Time periods before an inactive worker + will have its job subscription revoked. minimum: 2 ttl: type: string title: Time to live - description: Time to keep the job's artifacts on disk after job completion. This also affects how long a job is listed in the Job Inspector. + description: Time to keep the job's artifacts on disk after job completion. This + also affects how long a job is listed in the Job Inspector. pattern: \d+[smh]$ ignoreGroupJobsLimit: type: boolean title: Ignore Worker Group job limits - description: When enabled, this job's artifacts are not counted toward the Worker Group's finished job artifacts limit. Artifacts will be removed only after the Collector's configured time to live. + description: When enabled, this job's artifacts are not counted toward the + Worker Group's finished job artifacts limit. Artifacts will be + removed only after the Collector's configured time to live. metadata: type: array title: Fields @@ -22316,15 +25904,18 @@ components: breakerRulesets: type: array title: Event Breaker rulesets - description: A list of event-breaking rulesets that will be applied, in order, to the input data stream + description: A list of event-breaking rulesets that will be applied, in order, + to the input data stream items: type: string staleChannelFlushMs: type: number title: Event Breaker buffer timeout (ms) - description: How long (in milliseconds) the Event Breaker will wait for new data to be sent to a specific channel before flushing the data stream out, as is, to the Pipelines + description: How long (in milliseconds) the Event Breaker will wait for new data + to be sent to a specific channel before flushing the data stream + out, as is, to the Pipelines minimum: 10 - maximum: 4.32e+07 + maximum: 43200000 retryRules: $ref: "#/components/schemas/RetryRulesType" authType: @@ -22342,19 +25933,29 @@ components: description: Select or create a stored text secret __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_authUrl: type: string - description: Binds 'authUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'authUrl' at runtime. + description: Binds 'authUrl' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'authUrl' at runtime. __template_clientId: type: string - description: Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime. + description: Binds 'clientId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'clientId' at runtime. InputOpenai: type: object required: @@ -22376,18 +25977,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -22395,11 +26002,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -22407,11 +26016,13 @@ components: openaiOrganization: type: string title: OpenAI Organization - description: Optional `OpenAI-Organization` request header value, typically `org-xxxxxxxxxxxxxxxxxxxxxxxx` + description: Optional `OpenAI-Organization` request header value, typically + `org-xxxxxxxxxxxxxxxxxxxxxxxx` openaiProject: type: string title: OpenAI Project - description: Optional `OpenAI-Project` request header value, typically `proj_xxxxxxxxxxxxxxxxxxxxxxxx` + description: Optional `OpenAI-Project` request header value, typically + `proj_xxxxxxxxxxxxxxxxxxxxxxxx` contentConfig: type: array title: Content Types @@ -22453,11 +26064,13 @@ components: stateUpdateExpression: type: string title: State update expression - description: JavaScript expression that defines how to update the state from an event + description: JavaScript expression that defines how to update the state from an + event stateMergeExpression: type: string title: State merge expression - description: JavaScript expression that defines which state to keep when merging task state + description: JavaScript expression that defines which state to keep when merging + task state manageState: type: object requestParams: @@ -22465,7 +26078,7 @@ components: title: Query parameters description: Query-string parameters to send with this endpoint items: - $ref: "#/components/schemas/RequestParamConfInputOpenai" + $ref: "#/components/schemas/HttpDiscoveryHeaderConfInputPrometheus" paginationType: type: string title: Pagination type @@ -22491,7 +26104,8 @@ components: maxPages: type: number title: Page limit - description: Maximum number of pages to retrieve per collection task. Set to 0 only when unlimited pagination is required. + description: Maximum number of pages to retrieve per collection task. Set to 0 + only when unlimited pagination is required. minimum: 0 paginationNextRelationAttribute: type: string @@ -22516,7 +26130,8 @@ components: jobTimeout: title: Job timeout type: string - description: "Maximum time the job is allowed to run (examples: 30, 45s, 15m). Enter 0 for unlimited time." + description: "Maximum time the job is allowed to run (examples: 30, 45s, 15m). + Enter 0 for unlimited time." pattern: ^\d+[sm]?$ logLevel: type: string @@ -22547,26 +26162,34 @@ components: textSecret: type: string title: API key (text secret) - description: Select or create a stored API key. Visit [OpenAI's organization admin keys page](https://platform.openai.com/settings/organization/admin-keys) to create an organization admin key. + description: Select or create a stored API key. Visit [OpenAI's organization + admin keys + page](https://platform.openai.com/settings/organization/admin-keys) + to create an organization admin key. keepAliveTime: type: number title: Keep alive time (seconds) - description: How often workers should check in with the scheduler to keep job subscription alive + description: How often workers should check in with the scheduler to keep job + subscription alive minimum: 10 maxMissedKeepAlives: type: number title: Worker timeout (periods) - description: The number of Keep Alive Time periods before an inactive worker will have its job subscription revoked. + description: The number of Keep Alive Time periods before an inactive worker + will have its job subscription revoked. minimum: 2 ttl: type: string title: Time to live - description: Time to keep the job's artifacts on disk after job completion. This also affects how long a job is listed in the Job Inspector. + description: Time to keep the job's artifacts on disk after job completion. This + also affects how long a job is listed in the Job Inspector. pattern: \d+[smh]$ ignoreGroupJobsLimit: type: boolean title: Ignore Worker Group job limits - description: When enabled, this job's artifacts are not counted toward the Worker Group's finished job artifacts limit. Artifacts will be removed only after the Collector's configured time to live. + description: When enabled, this job's artifacts are not counted toward the + Worker Group's finished job artifacts limit. Artifacts will be + removed only after the Collector's configured time to live. metadata: type: array title: Fields @@ -22580,16 +26203,25 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_openaiOrganization: type: string - description: Binds 'openaiOrganization' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'openaiOrganization' at runtime. + description: Binds 'openaiOrganization' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'openaiOrganization' at runtime. __template_openaiProject: type: string - description: Binds 'openaiProject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'openaiProject' at runtime. + description: Binds 'openaiProject' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'openaiProject' at runtime. InputWizWebhook: type: object required: @@ -22611,18 +26243,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -22630,11 +26268,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -22651,7 +26291,8 @@ components: authTokens: type: array title: Auth tokens - description: "Shared secrets to be provided by any client (Authorization: ). If empty, unauthorized access is permitted." + description: "Shared secrets to be provided by any client (Authorization: + ). If empty, unauthorized access is permitted." items: type: string tls: @@ -22659,17 +26300,23 @@ components: maxActiveReq: type: number title: Active request limit - description: "Maximum number of active requests allowed per Worker Process. Set to 0 for unlimited. Caution: Increasing the limit above the default value, or setting it to unlimited, may degrade performance and reduce throughput." + description: "Maximum number of active requests allowed per Worker Process. Set + to 0 for unlimited. Caution: Increasing the limit above the default + value, or setting it to unlimited, may degrade performance and + reduce throughput." minimum: 0 maxRequestsPerSocket: type: integer title: Requests-per-socket limit - description: Maximum number of requests per socket before @{product} instructs the client to close the connection. Default is 0 (unlimited). + description: Maximum number of requests per socket before @{product} instructs + the client to close the connection. Default is 0 (unlimited). minimum: 0 enableProxyHeader: type: boolean title: Show originating IP - description: Extract the client IP and port from PROXY protocol v1/v2. When enabled, the X-Forwarded-For header is ignored. Disable to use the X-Forwarded-For header for client IP extraction. + description: Extract the client IP and port from PROXY protocol v1/v2. When + enabled, the X-Forwarded-For header is ignored. Disable to use the + X-Forwarded-For header for client IP extraction. captureHeaders: type: boolean title: Capture request headers @@ -22677,48 +26324,59 @@ components: activityLogSampleRate: type: number title: Activity log sample rate - description: How often request activity is logged at the `info` level. A value of 1 would log every request, 10 every 10th request, etc. + description: How often request activity is logged at the `info` level. A value + of 1 would log every request, 10 every 10th request, etc. minimum: 1 requestTimeout: type: number title: Request timeout (seconds) - description: How long to wait for an incoming request to complete before aborting it. Use 0 to disable. + description: How long to wait for an incoming request to complete before + aborting it. Use 0 to disable. minimum: 0 socketTimeout: type: number title: Socket timeout (seconds) - description: How long @{product} should wait before assuming that an inactive socket has timed out. To wait forever, set to 0. + description: How long @{product} should wait before assuming that an inactive + socket has timed out. To wait forever, set to 0. minimum: 0 keepAliveTimeout: type: number title: Keep-alive timeout (seconds) - description: After the last response is sent, @{product} will wait this long for additional data before closing the socket connection. Minimum 1 second, maximum 600 seconds (10 minutes). + description: After the last response is sent, @{product} will wait this long for + additional data before closing the socket connection. Minimum 1 + second, maximum 600 seconds (10 minutes). minimum: 1 maximum: 600 enableHealthCheck: type: boolean title: Health check endpoint - description: Expose the /cribl_health endpoint, which returns 200 OK when this Source is healthy + description: Expose the /cribl_health endpoint, which returns 200 OK when this + Source is healthy ipAllowlistRegex: type: string title: IP allowlist regex - description: Messages from matched IP addresses will be processed, unless also matched by the denylist + description: Messages from matched IP addresses will be processed, unless also + matched by the denylist ipDenylistRegex: type: string title: IP denylist regex - description: Messages from matched IP addresses will be ignored. This takes precedence over the allowlist. + description: Messages from matched IP addresses will be ignored. This takes + precedence over the allowlist. breakerRulesets: type: array title: Event Breaker rulesets - description: A list of event-breaking rulesets that will be applied, in order, to the input data stream + description: A list of event-breaking rulesets that will be applied, in order, + to the input data stream items: type: string staleChannelFlushMs: type: number title: Event Breaker buffer timeout (ms) - description: How long (in milliseconds) the Event Breaker will wait for new data to be sent to a specific channel before flushing the data stream out, as is, to the Pipelines + description: How long (in milliseconds) the Event Breaker will wait for new data + to be sent to a specific channel before flushing the data stream + out, as is, to the Pipelines minimum: 10 - maximum: 4.32e+07 + maximum: 43200000 metadata: type: array title: Fields @@ -22728,21 +26386,24 @@ components: allowedPaths: type: array title: Allowed URI paths - description: List of URI paths accepted by this input. Wildcards are supported (such as /api/v*/hook). Defaults to allow all. + description: List of URI paths accepted by this input. Wildcards are supported + (such as /api/v*/hook). Defaults to allow all. items: type: string minLength: 1 allowedMethods: type: array title: Allowed HTTP methods - description: List of HTTP methods accepted by this input. Wildcards are supported (such as P*, GET). Defaults to allow all. + description: List of HTTP methods accepted by this input. Wildcards are + supported (such as P*, GET). Defaults to allow all. items: type: string minLength: 1 authTokensExt: type: array title: Auth tokens - description: "Shared secrets to be provided by any client (Authorization: ). If empty, unauthorized access is permitted." + description: "Shared secrets to be provided by any client (Authorization: + ). If empty, unauthorized access is permitted." items: $ref: "#/components/schemas/AuthTokensExtConfInputHttp" description: @@ -22750,22 +26411,34 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. __template_authTokens: type: string - description: Binds 'authTokens' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'authTokens' at runtime. + description: Binds 'authTokens' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'authTokens' at runtime. __template_allowedPaths: type: string - description: Binds 'allowedPaths' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'allowedPaths' at runtime. + description: Binds 'allowedPaths' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'allowedPaths' at runtime. InputNetflow: type: object required: @@ -22787,18 +26460,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -22806,11 +26485,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -22818,7 +26499,9 @@ components: host: type: string title: Address - description: Address to bind on. For IPv4 (all addresses), use the default '0.0.0.0'. For IPv6, enter '::' (all addresses) or specify an IP address. + description: Address to bind on. For IPv4 (all addresses), use the default + '0.0.0.0'. For IPv6, enter '::' (all addresses) or specify an IP + address. port: type: number title: Port @@ -22827,25 +26510,36 @@ components: enablePassThrough: type: boolean title: Enable pass-through - description: Allow forwarding of events to a NetFlow destination. Enabling this feature will generate an extra event containing __netflowRaw which can be routed to a NetFlow destination. Note that these events will not count against ingest quota. + description: Allow forwarding of events to a NetFlow destination. Enabling this + feature will generate an extra event containing __netflowRaw which + can be routed to a NetFlow destination. Note that these events will + not count against ingest quota. ipAllowlistRegex: type: string title: IP allowlist regex - description: Messages from matched IP addresses will be processed, unless also matched by the denylist. + description: Messages from matched IP addresses will be processed, unless also + matched by the denylist. ipDenylistRegex: type: string title: IP denylist regex - description: Messages from matched IP addresses will be ignored. This takes precedence over the allowlist. + description: Messages from matched IP addresses will be ignored. This takes + precedence over the allowlist. udpSocketRxBufSize: type: number title: UDP socket buffer size (bytes) - description: "Optionally, set the SO_RCVBUF socket option for the UDP socket. This value tells the operating system how many bytes can be buffered in the kernel before events are dropped. Leave blank to use the OS default. Caution: Increasing this value will affect OS memory utilization." + description: "Optionally, set the SO_RCVBUF socket option for the UDP socket. + This value tells the operating system how many bytes can be buffered + in the kernel before events are dropped. Leave blank to use the OS + default. Caution: Increasing this value will affect OS memory + utilization." minimum: 256 - maximum: 4.294967295e+09 + maximum: 4294967295 templateCacheMinutes: type: number title: Template cache minutes - description: Specifies how many minutes NetFlow v9 templates are cached before being discarded if not refreshed. Adjust based on your network's template update frequency to optimize performance and memory usage. + description: Specifies how many minutes NetFlow v9 templates are cached before + being discarded if not refreshed. Adjust based on your network's + template update frequency to optimize performance and memory usage. minimum: 1 maximum: 3600 v5Enabled: @@ -22871,16 +26565,24 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. InputSecurityLake: type: object required: @@ -22901,18 +26603,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -22920,11 +26628,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -22932,14 +26642,21 @@ components: queueName: type: string title: Queue - description: "The name, URL, or ARN of the SQS queue to read notifications from. When a non-AWS URL is specified, format must be: '{url}/myQueueName'. Example: 'https://host:port/myQueueName'. Value must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `https://host:port/myQueue-${C.vars.myVar}`." + description: "The name, URL, or ARN of the SQS queue to read notifications from. + When a non-AWS URL is specified, format must be: + '{url}/myQueueName'. Example: 'https://host:port/myQueueName'. Value + must be a JavaScript expression (which can evaluate to a constant + value), enclosed in quotes or backticks. Can be evaluated only at + init time. Example referencing a Global Variable: + `https://host:port/myQueue-${C.vars.myVar}`." fileFilter: type: string title: Filename filter description: "Regex matching file names to download and process. Defaults to: .*" awsAccountId: title: AWS account ID - description: SQS queue owner's AWS account ID. Leave empty if SQS queue is in same AWS account. + description: SQS queue owner's AWS account ID. Leave empty if SQS queue is in + same AWS account. type: string awsAuthenticationMethod: $ref: "#/components/schemas/AuthenticationMethodOptionsS3CollectorConf" @@ -22949,11 +26666,13 @@ components: region: type: string title: Region - description: AWS Region where the S3 bucket and SQS queue are located. Required, unless the Queue entry is a URL or ARN that includes a Region. + description: AWS Region where the S3 bucket and SQS queue are located. Required, + unless the Queue entry is a URL or ARN that includes a Region. endpoint: type: string title: Endpoint - description: S3 service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to S3-compatible endpoint. + description: S3 service endpoint. If empty, defaults to the AWS Region-specific + endpoint. Otherwise, it must point to S3-compatible endpoint. reuseConnections: type: boolean title: Reuse connections @@ -22961,51 +26680,64 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates breakerRulesets: type: array title: Event Breaker rulesets - description: A list of event-breaking rulesets that will be applied, in order, to the input data stream + description: A list of event-breaking rulesets that will be applied, in order, + to the input data stream items: type: string staleChannelFlushMs: type: number title: Event Breaker buffer timeout (ms) - description: How long (in milliseconds) the Event Breaker will wait for new data to be sent to a specific channel before flushing the data stream out, as is, to the Pipelines + description: How long (in milliseconds) the Event Breaker will wait for new data + to be sent to a specific channel before flushing the data stream + out, as is, to the Pipelines minimum: 10 - maximum: 4.32e+07 + maximum: 43200000 maxMessages: type: number title: Message limit - description: "The maximum number of messages SQS should return in a poll request. Amazon SQS never returns more messages than this value (however, fewer messages might be returned). Valid values: 1 to 10." + description: "The maximum number of messages SQS should return in a poll + request. Amazon SQS never returns more messages than this value + (however, fewer messages might be returned). Valid values: 1 to 10." minimum: 1 maximum: 10 visibilityTimeout: type: number title: Visibility timeout seconds - description: After messages are retrieved by a ReceiveMessage request, @{product} will hide them from subsequent retrieve requests for at least this duration. You can set this as high as 43200 sec. (12 hours). + description: After messages are retrieved by a ReceiveMessage request, + @{product} will hide them from subsequent retrieve requests for at + least this duration. You can set this as high as 43200 sec. (12 + hours). minimum: 0 maximum: 43200 numReceivers: type: number title: Number of receivers - description: How many receiver processes to run. The higher the number, the better the throughput - at the expense of CPU overhead. + description: How many receiver processes to run. The higher the number, the + better the throughput - at the expense of CPU overhead. minimum: 1 maximum: 100 socketTimeout: type: number title: Socket timeout - description: Socket inactivity timeout (in seconds). Increase this value if timeouts occur due to backpressure. + description: Socket inactivity timeout (in seconds). Increase this value if + timeouts occur due to backpressure. minimum: 1 maximum: 43200 skipOnError: type: boolean title: Skip file on error - description: Skip files that trigger a processing error. Disabled by default, which allows retries after processing errors. + description: Skip files that trigger a processing error. Disabled by default, + which allows retries after processing errors. includeSqsMetadata: type: boolean title: Include notification metadata - description: Attach SQS notification metadata to a __sqsMetadata field on each event + description: Attach SQS notification metadata to a __sqsMetadata field on each + event enableAssumeRole: type: boolean title: Enable for Amazon S3 @@ -23023,7 +26755,9 @@ components: durationSeconds: type: number title: Duration (seconds) - description: Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). + description: Duration of the assumed role's session, in seconds. Minimum is 900 + (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 + hours). minimum: 900 maximum: 43200 enableSQSAssumeRole: @@ -23047,7 +26781,9 @@ components: parquetChunkDownloadTimeout: type: number title: Parquet chunk download timeout (seconds) - description: The maximum time allowed for downloading a Parquet chunk. Processing will stop if a chunk cannot be downloaded within the time specified. + description: The maximum time allowed for downloading a Parquet chunk. + Processing will stop if a chunk cannot be downloaded within the time + specified. maximum: 3600 minimum: 1 checkpointing: @@ -23055,13 +26791,18 @@ components: pollTimeout: type: number title: Poll timeout (secs) - description: How long to wait for events before trying polling again. The lower the number the higher the AWS bill. The higher the number the longer it will take for the source to react to configuration changes and system restarts. + description: How long to wait for events before trying polling again. The lower + the number the higher the AWS bill. The higher the number the longer + it will take for the source to react to configuration changes and + system restarts. minimum: 1 maximum: 20 encoding: type: string title: Encoding - description: Character encoding to use when parsing ingested data. When not set, @{product} will default to UTF-8 but may incorrectly interpret multi-byte characters. + description: Character encoding to use when parsing ingested data. When not set, + @{product} will default to UTF-8 but may incorrectly interpret + multi-byte characters. description: type: string title: Description @@ -23072,47 +26813,71 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key tagAfterProcessing: $ref: "#/components/schemas/TagAfterProcessingOptions" processedTagKey: type: string title: Tag key - description: The key for the S3 object tag applied after processing. This field accepts an expression for dynamic generation. + description: The key for the S3 object tag applied after processing. This field + accepts an expression for dynamic generation. processedTagValue: type: string title: Tag value - description: The value for the S3 object tag applied after processing. This field accepts an expression for dynamic generation. + description: The value for the S3 object tag applied after processing. This + field accepts an expression for dynamic generation. __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_queueName: type: string - description: Binds 'queueName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'queueName' at runtime. + description: Binds 'queueName' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'queueName' at runtime. __template_awsAccountId: type: string - description: Binds 'awsAccountId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsAccountId' at runtime. + description: Binds 'awsAccountId' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsAccountId' at runtime. __template_awsSecretKey: type: string - description: Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime. + description: Binds 'awsSecretKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsSecretKey' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_assumeRoleArn: type: string - description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. + description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. __template_assumeRoleExternalId: type: string - description: Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime. + description: Binds 'assumeRoleExternalId' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'assumeRoleExternalId' at runtime. __template_awsApiKey: type: string - description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime. + description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsApiKey' at runtime. InputServicenowTable: type: object required: @@ -23137,18 +26902,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -23156,11 +26927,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -23169,7 +26942,10 @@ components: type: string pattern: .*\S.* title: Instance URL - description: ServiceNow instance base URL for Table API requests. Enter a literal URL (http or https and the instance host, for example a hostname ending in .service-now.com) or a Cribl expression that resolves to a URL. + description: ServiceNow instance base URL for Table API requests. Enter a + literal URL (http or https and the instance host, for example a + hostname ending in .service-now.com) or a Cribl expression that + resolves to a URL. tableName: type: string pattern: .*\S.* @@ -23178,14 +26954,16 @@ components: fields: type: array title: Fields - description: Field names to return from the Table API (sysparm_fields). Leave empty to return all fields. + description: Field names to return from the Table API (sysparm_fields). Leave + empty to return all fields. items: type: string pattern: ^[^*?\[\]]+$ orderByField: type: string title: Sort by field - description: Optional. Sort results by this field (for example sys_created_on or parent.name). Leave empty to use the server default order. + description: Optional. Sort results by this field (for example sys_created_on or + parent.name). Leave empty to use the server default order. orderByDirection: type: string title: Sort direction @@ -23200,21 +26978,28 @@ components: query: type: string title: Filter query (advanced) - description: Optional ServiceNow encoded query for sysparm_query (for example active=true or sys_updated_onRELATIVEGT@hour@ago@1). Enter a literal or a Cribl expression. When combined with Sort by field, the filter and sort are joined with ^. See ServiceNow Table API documentation for encoded query syntax. + description: Optional ServiceNow encoded query for sysparm_query (for example + active=true or sys_updated_onRELATIVEGT@hour@ago@1). Enter a literal + or a Cribl expression. When combined with Sort by field, the filter + and sort are joined with ^. See ServiceNow Table API documentation + for encoded query syntax. pageSize: type: integer title: Page size - description: Maximum records per Table API page request (sysparm_limit). Setting a higher value may increase the risk of timeouts. + description: Maximum records per Table API page request (sysparm_limit). Setting + a higher value may increase the risk of timeouts. minimum: 1 maxPages: type: integer title: Page limit - description: Maximum number of pages to retrieve per collection task. Set to 0 to retrieve all pages. + description: Maximum number of pages to retrieve per collection task. Set to 0 + to retrieve all pages. minimum: 0 rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) + description: Reject certificates that cannot be verified against a valid CA + (such as self-signed certificates) authType: type: string title: Authentication type @@ -23237,12 +27022,16 @@ components: type: string pattern: .*\S.* title: Earliest time - description: "Earliest time, relative to now. Format supported: [+|-]@ (ex: -1hr, -42m, -42m@h)" + description: "Earliest time, relative to now. Format supported: + [+|-]@ (ex: -1hr, -42m, + -42m@h)" latest: type: string pattern: .*\S.* title: Latest time - description: "Latest time, relative to now. Format supported: [+|-]@ (ex: -1hr, -42m, -42m@h)" + description: "Latest time, relative to now. Format supported: + [+|-]@ (ex: -1hr, -42m, + -42m@h)" stateTracking: type: boolean title: State tracking @@ -23257,31 +27046,38 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: When a DNS server returns multiple addresses, @{product} cycles through them in the order returned + description: When a DNS server returns multiple addresses, @{product} cycles + through them in the order returned keepAliveTime: type: number title: Keep alive time (seconds) - description: How often workers should check in with the scheduler to keep job subscription alive + description: How often workers should check in with the scheduler to keep job + subscription alive minimum: 10 jobTimeout: type: string title: Job timeout - description: Maximum time the job is allowed to run (e.g., 30, 45s or 15m). Units are seconds, if not specified. Enter 0 for unlimited time. + description: Maximum time the job is allowed to run (e.g., 30, 45s or 15m). + Units are seconds, if not specified. Enter 0 for unlimited time. pattern: ^\d+[sm]?$ maxMissedKeepAlives: type: number title: Worker timeout (periods) - description: The number of Keep Alive Time periods before an inactive worker will have its job subscription revoked. + description: The number of Keep Alive Time periods before an inactive worker + will have its job subscription revoked. minimum: 2 ttl: type: string title: Time to live - description: Time to keep the job's artifacts on disk after job completion. This also affects how long a job is listed in the Job Inspector. + description: Time to keep the job's artifacts on disk after job completion. This + also affects how long a job is listed in the Job Inspector. pattern: \d+[smh]$ ignoreGroupJobsLimit: type: boolean title: Ignore Worker Group job limits - description: When enabled, this job's artifacts are not counted toward the Worker Group's finished job artifacts limit. Artifacts will be removed only after the Collector's configured time to live. + description: When enabled, this job's artifacts are not counted toward the + Worker Group's finished job artifacts limit. Artifacts will be + removed only after the Collector's configured time to live. metadata: type: array title: Fields @@ -23316,21 +27112,31 @@ components: textSecret: type: string title: Password - description: Select or create a stored text secret for the ServiceNow password value + description: Select or create a stored text secret for the ServiceNow password + value useCustomOAuthParamsOrHeaders: type: boolean title: Use custom parameters and/or headers - description: Enable custom OAuth request parameters or headers for advanced ServiceNow configurations. Leave disabled for standard ServiceNow OAuth flows. + description: Enable custom OAuth request parameters or headers for advanced + ServiceNow configurations. Leave disabled for standard ServiceNow + OAuth flows. oauthParams: type: array title: OAuth parameters - description: Additional parameters to send in the OAuth login request. @{product} will combine the secret with these parameters, and will send the URL-encoded result in a POST request to the endpoint specified in the 'Login URL'. We'll automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request. + description: Additional parameters to send in the OAuth login request. + @{product} will combine the secret with these parameters, and will + send the URL-encoded result in a POST request to the endpoint + specified in the 'Login URL'. We'll automatically add the + content-type header 'application/x-www-form-urlencoded' when sending + this request. items: $ref: "#/components/schemas/OauthParamConfInputServicenowTable" oauthHeaders: type: array title: OAuth headers - description: Additional headers to send in the OAuth login request. @{product} will automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request. + description: Additional headers to send in the OAuth login request. @{product} + will automatically add the content-type header + 'application/x-www-form-urlencoded' when sending this request. items: $ref: "#/components/schemas/OauthHeaderConfInputServicenowTable" clientId: @@ -23340,38 +27146,61 @@ components: clientTextSecret: type: string title: Client secret - description: Select or create a stored text secret for the OAuth client secret value + description: Select or create a stored text secret for the OAuth client secret + value stateUpdateExpression: type: string title: State update expression - description: JavaScript expression that defines how to update the state from an event. This source defaults to checking that `_time` is a finite number (not only `__timestampExtracted`), so state still advances when the event breaker assigns a fallback time. See [Understanding State Expression Fields](https://docs.cribl.io/stream/collectors-rest#state-tracking-expression-fields). + description: JavaScript expression that defines how to update the state from an + event. This source defaults to checking that `_time` is a finite + number (not only `__timestampExtracted`), so state still advances + when the event breaker assigns a fallback time. See [Understanding + State Expression + Fields](https://docs.cribl.io/stream/collectors-rest#state-tracking-expression-fields). stateMergeExpression: type: string title: State merge expression - description: JavaScript expression that defines which state to keep when merging a task's newly reported state with previously saved state. Evaluates `prevState` and `newState` variables, resolving to the state to keep. + description: JavaScript expression that defines which state to keep when merging + a task's newly reported state with previously saved state. Evaluates + `prevState` and `newState` variables, resolving to the state to + keep. manageState: type: object __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_instance: type: string - description: Binds 'instance' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'instance' at runtime. + description: Binds 'instance' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'instance' at runtime. __template_orderByField: type: string - description: Binds 'orderByField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'orderByField' at runtime. + description: Binds 'orderByField' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'orderByField' at runtime. __template_query: type: string - description: Binds 'query' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'query' at runtime. + description: Binds 'query' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'query' at runtime. __template_username: type: string - description: Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. + description: Binds 'username' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'username' at runtime. __template_clientId: type: string - description: Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime. + description: Binds 'clientId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'clientId' at runtime. InputZscalerHec: type: object required: @@ -23394,18 +27223,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -23413,11 +27248,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -23434,7 +27271,8 @@ components: authTokens: type: array title: Auth tokens - description: "Shared secrets to be provided by any client (Authorization: ). If empty, unauthorized access is permitted." + description: "Shared secrets to be provided by any client (Authorization: + ). If empty, unauthorized access is permitted." items: type: object required: @@ -23449,7 +27287,8 @@ components: token: type: string title: Token - description: "Shared secret to be provided by any client (Authorization: )" + description: "Shared secret to be provided by any client (Authorization: + )" enabled: type: boolean title: Enable token @@ -23459,7 +27298,9 @@ components: allowedIndexesAtToken: type: array title: Allowed indexes - description: Enter the values you want to allow in the HEC event index field at the token level. Supports wildcards. To skip validation, leave blank. + description: Enter the values you want to allow in the HEC event index field at + the token level. Supports wildcards. To skip validation, leave + blank. minItems: 0 items: type: string @@ -23475,17 +27316,23 @@ components: maxActiveReq: type: number title: Active request limit - description: "Maximum number of active requests allowed per Worker Process. Set to 0 for unlimited. Caution: Increasing the limit above the default value, or setting it to unlimited, may degrade performance and reduce throughput." + description: "Maximum number of active requests allowed per Worker Process. Set + to 0 for unlimited. Caution: Increasing the limit above the default + value, or setting it to unlimited, may degrade performance and + reduce throughput." minimum: 0 maxRequestsPerSocket: type: integer title: Requests-per-socket limit - description: Maximum number of requests per socket before @{product} instructs the client to close the connection. Default is 0 (unlimited). + description: Maximum number of requests per socket before @{product} instructs + the client to close the connection. Default is 0 (unlimited). minimum: 0 enableProxyHeader: type: boolean title: Show originating IP - description: Extract the client IP and port from PROXY protocol v1/v2. When enabled, the X-Forwarded-For header is ignored. Disable to use the X-Forwarded-For header for client IP extraction. + description: Extract the client IP and port from PROXY protocol v1/v2. When + enabled, the X-Forwarded-For header is ignored. Disable to use the + X-Forwarded-For header for client IP extraction. captureHeaders: type: boolean title: Capture request headers @@ -23493,47 +27340,58 @@ components: activityLogSampleRate: type: number title: Activity log sample rate - description: How often request activity is logged at the `info` level. A value of 1 would log every request, 10 every 10th request, etc. + description: How often request activity is logged at the `info` level. A value + of 1 would log every request, 10 every 10th request, etc. minimum: 1 requestTimeout: type: number title: Request timeout (seconds) - description: How long to wait for an incoming request to complete before aborting it. Use 0 to disable. + description: How long to wait for an incoming request to complete before + aborting it. Use 0 to disable. minimum: 0 socketTimeout: type: number title: Socket timeout (seconds) - description: How long @{product} should wait before assuming that an inactive socket has timed out. To wait forever, set to 0. + description: How long @{product} should wait before assuming that an inactive + socket has timed out. To wait forever, set to 0. minimum: 0 keepAliveTimeout: type: number title: Keep-alive timeout (seconds) - description: After the last response is sent, @{product} will wait this long for additional data before closing the socket connection. Minimum 1 second, maximum 600 seconds (10 minutes). + description: After the last response is sent, @{product} will wait this long for + additional data before closing the socket connection. Minimum 1 + second, maximum 600 seconds (10 minutes). minimum: 1 maximum: 600 ipAllowlistRegex: type: string title: IP allowlist regex - description: Messages from matched IP addresses will be processed, unless also matched by the denylist + description: Messages from matched IP addresses will be processed, unless also + matched by the denylist ipDenylistRegex: type: string title: IP denylist regex - description: Messages from matched IP addresses will be ignored. This takes precedence over the allowlist. + description: Messages from matched IP addresses will be ignored. This takes + precedence over the allowlist. hecAPI: type: string title: HEC endpoint - description: Absolute path on which to listen for the Zscaler HTTP Event Collector API requests. This input supports the /event endpoint. + description: Absolute path on which to listen for the Zscaler HTTP Event + Collector API requests. This input supports the /event endpoint. pattern: ^/ metadata: type: array title: Fields - description: Fields to add to every event. May be overridden by fields added at the token or request level. + description: Fields to add to every event. May be overridden by fields added at + the token or request level. items: $ref: "#/components/schemas/MetadataConfInputCollection" allowedIndexes: type: array title: Allowed indexes - description: List values allowed in HEC event index field. Leave blank to skip validation. Supports wildcards. The values here can expand index validation at the token level. + description: List values allowed in HEC event index field. Leave blank to skip + validation. Supports wildcards. The values here can expand index + validation at the token level. minItems: 0 items: type: string @@ -23545,7 +27403,9 @@ components: accessControlAllowOrigin: title: CORS allowed origins type: array - description: Optionally, list HTTP origins to which @{product} should send CORS (cross-origin resource sharing) Access-Control-Allow-* headers. Supports wildcards. + description: Optionally, list HTTP origins to which @{product} should send CORS + (cross-origin resource sharing) Access-Control-Allow-* headers. + Supports wildcards. minItems: 0 items: type: string @@ -23553,7 +27413,9 @@ components: accessControlAllowHeaders: title: CORS allowed headers type: array - description: Optionally, list HTTP headers that @{product} will send to allowed origins as "Access-Control-Allow-Headers" in a CORS preflight response. Use "*" to allow all headers. + description: Optionally, list HTTP headers that @{product} will send to allowed + origins as "Access-Control-Allow-Headers" in a CORS preflight + response. Use "*" to allow all headers. minItems: 0 items: type: string @@ -23561,25 +27423,36 @@ components: emitTokenMetrics: type: boolean title: Emit per-token request metrics - description: Enable to emit per-token (.http.perToken) and summary (.http.summary) request metrics + description: Enable to emit per-token (.http.perToken) and summary + (.http.summary) request metrics description: type: string title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. __template_hecAPI: type: string - description: Binds 'hecAPI' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'hecAPI' at runtime. + description: Binds 'hecAPI' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'hecAPI' at runtime. InputCloudflareHec: type: object required: @@ -23602,18 +27475,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -23621,11 +27500,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -23642,7 +27523,8 @@ components: authTokens: type: array title: Auth tokens - description: "Shared secrets to be provided by any client (Authorization: ). If empty, unauthorized access is permitted." + description: "Shared secrets to be provided by any client (Authorization: + ). If empty, unauthorized access is permitted." items: type: object properties: @@ -23657,6 +27539,11 @@ components: type: string title: Token secret (text secret) description: Select or create a stored text secret + token: + type: string + title: Token + description: "Shared secret to be provided by any client (Authorization: + )" enabled: type: boolean title: Enable token @@ -23666,7 +27553,9 @@ components: allowedIndexesAtToken: type: array title: Allowed indexes - description: Enter the values you want to allow in the HEC event index field at the token level. Supports wildcards. To skip validation, leave blank. + description: Enter the values you want to allow in the HEC event index field at + the token level. Supports wildcards. To skip validation, leave + blank. minItems: 0 items: type: string @@ -23688,15 +27577,18 @@ components: requestCert: type: boolean title: Authenticate client (mutual auth) - description: Require clients to present their certificates. Used to perform client authentication using SSL certs. + description: Require clients to present their certificates. Used to perform + client authentication using SSL certs. rejectUnauthorized: type: boolean title: Validate client certificates - description: Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's) + description: Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's) commonNameRegex: type: string title: Common name - description: Regex matching allowable common names in peer certificates' subject attribute + description: Regex matching allowable common names in peer certificates' subject + attribute certificateName: type: string title: Certificate @@ -23704,7 +27596,9 @@ components: privKeyPath: type: string title: Private key path - description: Path on server containing the private key to use. PEM format. Can reference $ENV_VARS. Defaults to the built-in Cribl private key when TLS is enabled. + description: Path on server containing the private key to use. PEM format. Can + reference $ENV_VARS. Defaults to the built-in Cribl private key + when TLS is enabled. passphrase: type: string title: Passphrase @@ -23712,11 +27606,14 @@ components: certPath: type: string title: Certificate path - description: Path on server containing certificates to use. PEM format. Can reference $ENV_VARS. Defaults to the built-in Cribl certificate when TLS is enabled. + description: Path on server containing certificates to use. PEM format. Can + reference $ENV_VARS. Defaults to the built-in Cribl certificate + when TLS is enabled. caPath: type: string title: CA certificate path - description: Path on server containing CA certificates to use. PEM format. Can reference $ENV_VARS. + description: Path on server containing CA certificates to use. PEM format. Can + reference $ENV_VARS. minVersion: $ref: "#/components/schemas/MinimumTlsVersionOptionsTls" maxVersion: @@ -23724,17 +27621,23 @@ components: maxActiveReq: type: number title: Active request limit - description: "Maximum number of active requests allowed per Worker Process. Set to 0 for unlimited. Caution: Increasing the limit above the default value, or setting it to unlimited, may degrade performance and reduce throughput." + description: "Maximum number of active requests allowed per Worker Process. Set + to 0 for unlimited. Caution: Increasing the limit above the default + value, or setting it to unlimited, may degrade performance and + reduce throughput." minimum: 0 maxRequestsPerSocket: type: integer title: Requests-per-socket limit - description: Maximum number of requests per socket before @{product} instructs the client to close the connection. Default is 0 (unlimited). + description: Maximum number of requests per socket before @{product} instructs + the client to close the connection. Default is 0 (unlimited). minimum: 0 enableProxyHeader: type: boolean title: Show originating IP - description: Extract the client IP and port from PROXY protocol v1/v2. When enabled, the X-Forwarded-For header is ignored. Disable to use the X-Forwarded-For header for client IP extraction. + description: Extract the client IP and port from PROXY protocol v1/v2. When + enabled, the X-Forwarded-For header is ignored. Disable to use the + X-Forwarded-For header for client IP extraction. captureHeaders: type: boolean title: Capture request headers @@ -23742,47 +27645,58 @@ components: activityLogSampleRate: type: number title: Activity log sample rate - description: How often request activity is logged at the `info` level. A value of 1 would log every request, 10 every 10th request, etc. + description: How often request activity is logged at the `info` level. A value + of 1 would log every request, 10 every 10th request, etc. minimum: 1 requestTimeout: type: number title: Request timeout (seconds) - description: How long to wait for an incoming request to complete before aborting it. Use 0 to disable. + description: How long to wait for an incoming request to complete before + aborting it. Use 0 to disable. minimum: 0 socketTimeout: type: number title: Socket timeout (seconds) - description: How long @{product} should wait before assuming that an inactive socket has timed out. To wait forever, set to 0. + description: How long @{product} should wait before assuming that an inactive + socket has timed out. To wait forever, set to 0. minimum: 0 keepAliveTimeout: type: number title: Keep-alive timeout (seconds) - description: After the last response is sent, @{product} will wait this long for additional data before closing the socket connection. Minimum 1 second, maximum 600 seconds (10 minutes). + description: After the last response is sent, @{product} will wait this long for + additional data before closing the socket connection. Minimum 1 + second, maximum 600 seconds (10 minutes). minimum: 1 maximum: 600 ipAllowlistRegex: type: string title: IP allowlist regex - description: Messages from matched IP addresses will be processed, unless also matched by the denylist + description: Messages from matched IP addresses will be processed, unless also + matched by the denylist ipDenylistRegex: type: string title: IP denylist regex - description: Messages from matched IP addresses will be ignored. This takes precedence over the allowlist. + description: Messages from matched IP addresses will be ignored. This takes + precedence over the allowlist. hecAPI: type: string title: HEC endpoint - description: Absolute path on which to listen for the Cloudflare HTTP Event Collector API requests. This input supports the /event endpoint. + description: Absolute path on which to listen for the Cloudflare HTTP Event + Collector API requests. This input supports the /event endpoint. pattern: ^/ metadata: type: array title: Fields - description: Fields to add to every event. May be overridden by fields added at the token or request level. + description: Fields to add to every event. May be overridden by fields added at + the token or request level. items: $ref: "#/components/schemas/MetadataConfInputCollection" allowedIndexes: type: array title: Allowed indexes - description: List values allowed in HEC event index field. Leave blank to skip validation. Supports wildcards. The values here can expand index validation at the token level. + description: List values allowed in HEC event index field. Leave blank to skip + validation. Supports wildcards. The values here can expand index + validation at the token level. minItems: 0 items: type: string @@ -23790,19 +27704,24 @@ components: breakerRulesets: type: array title: Event Breaker rulesets - description: A list of event-breaking rulesets that will be applied, in order, to the input data stream + description: A list of event-breaking rulesets that will be applied, in order, + to the input data stream items: type: string staleChannelFlushMs: type: number title: Event Breaker buffer timeout (ms) - description: How long (in milliseconds) the Event Breaker will wait for new data to be sent to a specific channel before flushing the data stream out, as is, to the Pipelines + description: How long (in milliseconds) the Event Breaker will wait for new data + to be sent to a specific channel before flushing the data stream + out, as is, to the Pipelines minimum: 10 - maximum: 4.32e+07 + maximum: 43200000 accessControlAllowOrigin: title: CORS allowed origins type: array - description: HTTP origins to which @{product} should send CORS (cross-origin resource sharing) Access-Control-Allow-* headers. Supports wildcards. + description: HTTP origins to which @{product} should send CORS (cross-origin + resource sharing) Access-Control-Allow-* headers. Supports + wildcards. minItems: 0 items: type: string @@ -23810,7 +27729,9 @@ components: accessControlAllowHeaders: title: CORS allowed headers type: array - description: HTTP headers that @{product} will send to allowed origins as "Access-Control-Allow-Headers" in a CORS preflight response. Use "*" to allow all headers. + description: HTTP headers that @{product} will send to allowed origins as + "Access-Control-Allow-Headers" in a CORS preflight response. Use "*" + to allow all headers. minItems: 0 items: type: string @@ -23818,34 +27739,54 @@ components: emitTokenMetrics: type: boolean title: Emit per-token request metrics - description: Emit per-token (.http.perToken) and summary (.http.summary) request metrics + description: Emit per-token (.http.perToken) and summary + (.http.summary) request metrics description: type: string title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. __template_hecAPI: type: string - description: Binds 'hecAPI' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'hecAPI' at runtime. + description: Binds 'hecAPI' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'hecAPI' at runtime. __template_allowedIndexes: type: string - description: Binds 'allowedIndexes' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'allowedIndexes' at runtime. + description: Binds 'allowedIndexes' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'allowedIndexes' at + runtime. __template_accessControlAllowOrigin: type: string - description: Binds 'accessControlAllowOrigin' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'accessControlAllowOrigin' at runtime. + description: Binds 'accessControlAllowOrigin' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'accessControlAllowOrigin' at runtime. __template_accessControlAllowHeaders: type: string - description: Binds 'accessControlAllowHeaders' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'accessControlAllowHeaders' at runtime. + description: Binds 'accessControlAllowHeaders' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'accessControlAllowHeaders' at runtime. InputOpenaiComplianceLogs: type: object required: @@ -23868,18 +27809,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -23887,11 +27834,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -23919,22 +27868,26 @@ components: earliest: type: string title: Earliest time - description: "Relative to the current time. Format: [+|-]" + description: "Relative to the current time. Format: + [+|-]" latest: type: string title: Latest time - description: "Relative to the current time. Format: [+|-]" + description: "Relative to the current time. Format: + [+|-]" jobTimeout: title: Job timeout type: string - description: "Maximum time the job is allowed to run (examples: 30, 45s, 15m). Enter 0 for unlimited time." + description: "Maximum time the job is allowed to run (examples: 30, 45s, 15m). + Enter 0 for unlimited time." pattern: ^\d+[sm]?$ logLevel: $ref: "#/components/schemas/LogLevelOptionsContentConfigItemsDebugError" maxPages: type: number title: Page limit - description: Maximum number of log file listing pages to retrieve per run. Set to 0 to retrieve all pages. + description: Maximum number of log file listing pages to retrieve per run. Set + to 0 to retrieve all pages. minimum: 0 stateTracking: type: boolean @@ -23949,22 +27902,27 @@ components: keepAliveTime: type: number title: Keep alive time (seconds) - description: How often workers should check in with the scheduler to keep job subscription alive + description: How often workers should check in with the scheduler to keep job + subscription alive minimum: 10 maxMissedKeepAlives: type: number title: Worker timeout (periods) - description: The number of Keep Alive Time periods before an inactive worker will have its job subscription revoked. + description: The number of Keep Alive Time periods before an inactive worker + will have its job subscription revoked. minimum: 2 ttl: type: string title: Time to live - description: Time to keep the job's artifacts on disk after job completion. This also affects how long a job is listed in the Job Inspector. + description: Time to keep the job's artifacts on disk after job completion. This + also affects how long a job is listed in the Job Inspector. pattern: \d+[smh]$ ignoreGroupJobsLimit: type: boolean title: Ignore Worker Group job limits - description: When enabled, this job's artifacts are not counted toward the Worker Group's finished job artifacts limit. Artifacts will be removed only after the Collector's configured time to live. + description: When enabled, this job's artifacts are not counted toward the + Worker Group's finished job artifacts limit. Artifacts will be + removed only after the Collector's configured time to live. metadata: type: array title: Fields @@ -23974,15 +27932,18 @@ components: breakerRulesets: type: array title: Event Breaker rulesets - description: A list of event-breaking rulesets that will be applied, in order, to the input data stream + description: A list of event-breaking rulesets that will be applied, in order, + to the input data stream items: type: string staleChannelFlushMs: type: number title: Event Breaker buffer timeout (ms) - description: How long (in milliseconds) the Event Breaker will wait for new data to be sent to a specific channel before flushing the data stream out, as is, to the Pipelines + description: How long (in milliseconds) the Event Breaker will wait for new data + to be sent to a specific channel before flushing the data stream + out, as is, to the Pipelines minimum: 10 - maximum: 4.32e+07 + maximum: 43200000 retryRules: $ref: "#/components/schemas/RetryRulesType" description: @@ -24002,7 +27963,8 @@ components: organizationId: type: string title: Organization ID - description: "The ID of the OpenAI API Platform Organization (example: org-XXXXXXXXXXXXXXXXXXXXXXXX)" + description: "The ID of the OpenAI API Platform Organization (example: + org-XXXXXXXXXXXXXXXXXXXXXXXX)" organizationEventTypes: type: array title: Event types @@ -24013,25 +27975,41 @@ components: stateUpdateExpression: type: string title: State update expression - description: JavaScript expression that defines how to update the state from an event. Use the event's data and the current state to compute the new state. See [Understanding State Expression Fields](https://docs.cribl.io/stream/collectors-rest#state-tracking-expression-fields) for more information. + description: JavaScript expression that defines how to update the state from an + event. Use the event's data and the current state to compute the new + state. See [Understanding State Expression + Fields](https://docs.cribl.io/stream/collectors-rest#state-tracking-expression-fields) + for more information. stateMergeExpression: type: string title: State merge expression - description: JavaScript expression that defines which state to keep when merging a task's newly reported state with previously saved state. Evaluates `prevState` and `newState` variables, resolving to the state to keep. + description: JavaScript expression that defines which state to keep when merging + a task's newly reported state with previously saved state. Evaluates + `prevState` and `newState` variables, resolving to the state to + keep. manageState: type: object __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_workspaceId: type: string - description: Binds 'workspaceId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceId' at runtime. + description: Binds 'workspaceId' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'workspaceId' at runtime. __template_organizationId: type: string - description: Binds 'organizationId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'organizationId' at runtime. + description: Binds 'organizationId' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'organizationId' at + runtime. InputAnthropicCompliance: type: object required: @@ -24053,18 +28031,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -24072,11 +28056,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -24116,11 +28102,13 @@ components: stateUpdateExpression: type: string title: State update expression - description: JavaScript expression that defines how to update the state from an event + description: JavaScript expression that defines how to update the state from an + event stateMergeExpression: type: string title: State merge expression - description: JavaScript expression that defines which state to keep when merging task state + description: JavaScript expression that defines which state to keep when merging + task state manageState: type: object cronSchedule: @@ -24138,7 +28126,8 @@ components: jobTimeout: title: Job timeout type: string - description: "Maximum time the job is allowed to run (examples: 30, 45s, 15m). Enter 0 for unlimited time." + description: "Maximum time the job is allowed to run (examples: 30, 45s, 15m). + Enter 0 for unlimited time." pattern: ^\d+[sm]?$ requestTimeout: type: number @@ -24149,22 +28138,27 @@ components: keepAliveTime: type: number title: Keep alive time (seconds) - description: How often workers should check in with the scheduler to keep job subscription alive + description: How often workers should check in with the scheduler to keep job + subscription alive minimum: 10 maxMissedKeepAlives: type: number title: Worker timeout (periods) - description: The number of Keep Alive Time periods before an inactive worker will have its job subscription revoked. + description: The number of Keep Alive Time periods before an inactive worker + will have its job subscription revoked. minimum: 2 ttl: type: string title: Time to live - description: Time to keep the job's artifacts on disk after job completion. This also affects how long a job is listed in the Job Inspector. + description: Time to keep the job's artifacts on disk after job completion. This + also affects how long a job is listed in the Job Inspector. pattern: \d+[smh]$ ignoreGroupJobsLimit: type: boolean title: Ignore Worker Group job limits - description: When enabled, this job's artifacts are not counted toward the Worker Group's finished job artifacts limit. Artifacts will be removed only after the Collector's configured time to live. + description: When enabled, this job's artifacts are not counted toward the + Worker Group's finished job artifacts limit. Artifacts will be + removed only after the Collector's configured time to live. metadata: type: array title: Fields @@ -24178,10 +28172,14 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. InputOkta: type: object required: @@ -24203,18 +28201,24 @@ components: pipeline: type: string title: Pipeline - description: Pipeline to process data from this Source before sending it through the Routes + description: Pipeline to process data from this Source before sending it through + the Routes sendToRoutes: type: boolean description: Select whether to send data to Routes, or directly to Destinations. environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. pqEnabled: type: boolean title: Enable persistent queue - description: Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). + description: Use a disk queue to minimize data loss when connected services + block. See [Cribl + Docs](https://docs.cribl.io/stream/persistent-queues) for PQ + defaults (Cribl-managed Cloud Workers) and configuration options + (on-prem and hybrid Workers). streamtags: type: array title: Tags @@ -24222,11 +28226,13 @@ components: items: type: string criblSourceProvenance: - $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint" + $ref: "#/components/schemas/InputCollectionOriginDataSourceDiscoveryWithDestina\ + tionArnConstraint" connections: type: array title: Use QuickConnect - description: Direct connections to Destinations, and optionally via a Pipeline or a Pack + description: Direct connections to Destinations, and optionally via a Pipeline + or a Pack items: $ref: "#/components/schemas/ConnectionConfInputCollection" pq: @@ -24234,7 +28240,8 @@ components: oktaDomain: type: string title: Okta domain - description: "Your Okta domain (example: your-org). Do not include .okta.com, https://, or trailing slashes." + description: "Your Okta domain (example: your-org). Do not include .okta.com, + https://, or trailing slashes." oktaToken: type: string title: Okta API token @@ -24258,7 +28265,8 @@ components: jobTimeout: type: string title: Job timeout - description: Maximum time the job is allowed to run (e.g., 30, 45s or 15m). Units are seconds, if not specified. Enter 0 for unlimited time. + description: Maximum time the job is allowed to run (e.g., 30, 45s or 15m). + Units are seconds, if not specified. Enter 0 for unlimited time. pattern: ^\d+[sm]?$ requestTimeout: type: number @@ -24269,22 +28277,27 @@ components: keepAliveTime: type: number title: Keep alive time (seconds) - description: How often workers should check in with the scheduler to keep job subscription alive + description: How often workers should check in with the scheduler to keep job + subscription alive minimum: 10 maxMissedKeepAlives: type: number title: Worker timeout (periods) - description: The number of Keep Alive Time periods before an inactive worker will have its job subscription revoked. + description: The number of Keep Alive Time periods before an inactive worker + will have its job subscription revoked. minimum: 2 ttl: type: string title: Time to live - description: Time to keep the job's artifacts on disk after job completion. This also affects how long a job is listed in the Job Inspector. + description: Time to keep the job's artifacts on disk after job completion. This + also affects how long a job is listed in the Job Inspector. pattern: \d+[smh]$ ignoreGroupJobsLimit: type: boolean title: Ignore Worker Group job limits - description: When enabled, this job's artifacts are not counted toward the Worker Group's finished job artifacts limit. Artifacts will be removed only after the Collector's configured time to live. + description: When enabled, this job's artifacts are not counted toward the + Worker Group's finished job artifacts limit. Artifacts will be + removed only after the Collector's configured time to live. metadata: type: array title: Fields @@ -24298,13 +28311,19 @@ components: title: Description __template_environment: type: string - description: Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. + description: Binds 'environment' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'environment' at runtime. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_oktaDomain: type: string - description: Binds 'oktaDomain' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'oktaDomain' at runtime. + description: Binds 'oktaDomain' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'oktaDomain' at runtime. Input: oneOf: - $ref: "#/components/schemas/InputCollection" @@ -24454,6 +28473,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/InputSplunkHec" AddHecTokenRequest: @@ -24469,12 +28489,16 @@ components: description: Brief description for the HEC token. enabled: type: boolean - description: If true, the HEC token is enabled. Otherwise, false. + description: If true, the HEC token is enabled. Otherwise, + false. metadata: type: array items: $ref: "#/components/schemas/EventBreakerRuleFields" - description: Array of key-value pairs to associate with the HEC token for tagging, categorization, or providing additional context. Each item in the array is an object with a name and a value. + description: Array of key-value pairs to associate with the HEC token for + tagging, categorization, or providing additional context. Each item + in the array is an object with a name and a + value. token: type: string description: The HEC token value to add to the Splunk HEC Source. @@ -24488,6 +28512,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: type: string CountedJobInfo: @@ -24498,6 +28523,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/JobInfo" RunnableJobCollection: @@ -24518,16 +28544,22 @@ components: ttl: type: string title: Time to live - description: Time to keep the job's artifacts on disk after job completion. This also affects how long a job is listed in the Job Inspector. + description: Time to keep the job's artifacts on disk after job completion. This + also affects how long a job is listed in the Job Inspector. pattern: \d+[smh]$ ignoreGroupJobsLimit: type: boolean title: Ignore Worker Group job limits - description: When enabled, this job's artifacts are not counted toward the Worker Group's finished job artifacts limit. Artifacts will be removed only after the Collector's configured time to live. + description: When enabled, this job's artifacts are not counted toward the + Worker Group's finished job artifacts limit. Artifacts will be + removed only after the Collector's configured time to live. removeFields: type: array title: Remove Discover fields - description: List of fields to remove from Discover results. Wildcards (for example, aws*) are allowed. This is useful when discovery returns sensitive fields that should not be exposed in the Jobs user interface. + description: List of fields to remove from Discover results. Wildcards (for + example, aws*) are allowed. This is useful when discovery returns + sensitive fields that should not be exposed in the Jobs user + interface. minItems: 0 items: type: string @@ -24536,11 +28568,13 @@ components: resumeOnBoot: type: boolean title: Resume job on boot - description: Resume the ad hoc job if a failure condition causes Stream to restart during job execution + description: Resume the ad hoc job if a failure condition causes Stream to + restart during job execution environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. schedule: $ref: "#/components/schemas/ScheduleTypeRunnableJobCollection" streamtags: @@ -24556,7 +28590,8 @@ components: collector: $ref: "#/components/schemas/Collector" input: - $ref: "#/components/schemas/RunnableJobCollectionTypeCollectionWithBreakerRulesetsConstraint" + $ref: "#/components/schemas/RunnableJobCollectionTypeCollectionWithBreakerRules\ + etsConstraint" run: type: object required: @@ -24576,12 +28611,18 @@ components: jobTimeout: title: Job timeout type: string - description: "Maximum time the job is allowed to run. Time unit defaults to seconds if not specified (examples: 30, 45s, 15m). Enter 0 for unlimited time." + description: "Maximum time the job is allowed to run. Time unit defaults to + seconds if not specified (examples: 30, 45s, 15m). Enter 0 for + unlimited time." pattern: \d+[sm]?$ mode: type: string title: Mode - description: Job run mode. Preview will either return up to N matching results, or will run until capture time T is reached. Discovery will gather the list of files to turn into streaming tasks, without running the data collection job. Full Run will run the collection job. + description: Job run mode. Preview will either return up to N matching results, + or will run until capture time T is reached. Discovery will + gather the list of files to turn into streaming tasks, without + running the data collection job. Full Run will run the + collection job. enum: - list - preview @@ -24615,22 +28656,22 @@ components: expression: type: string title: Filter - description: A filter for tokens in the provided collect path and/or the events being collected + description: A filter for tokens in the provided collect path and/or the events + being collected minTaskSize: type: string title: Lower task bundle size description: >- Limits the bundle size for small tasks. For example, - if your lower bundle size is 1MB, you can bundle up to five 200KB files into one task. pattern: ^((\d*\.?\d+)((KB|MB|GB|TB|PB|EB|ZB|YB|kb|mb|gb|tb|pb|eb|zb|yb){1}))$ maxTaskSize: type: string title: Upper task bundle size description: >- - Limits the bundle size for files above the lower task bundle size. For example, if your upper bundle size is 10MB, - + Limits the bundle size for files above the lower task bundle + size. For example, if your upper bundle size is 10MB, you can bundle up to five 2MB files into one task. Files greater than this size will be assigned to individual tasks. pattern: ^((\d*\.?\d+)((KB|MB|GB|TB|PB|EB|ZB|YB|kb|mb|gb|tb|pb|eb|zb|yb){1}))$ @@ -24674,7 +28715,9 @@ components: - BeforeTheDestination __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. type: object RunnableJobExecutor: required: @@ -24694,16 +28737,22 @@ components: ttl: type: string title: Time to live - description: Time to keep the job's artifacts on disk after job completion. This also affects how long a job is listed in the Job Inspector. + description: Time to keep the job's artifacts on disk after job completion. This + also affects how long a job is listed in the Job Inspector. pattern: \d+[smh]$ ignoreGroupJobsLimit: type: boolean title: Ignore Worker Group job limits - description: When enabled, this job's artifacts are not counted toward the Worker Group's finished job artifacts limit. Artifacts will be removed only after the Collector's configured time to live. + description: When enabled, this job's artifacts are not counted toward the + Worker Group's finished job artifacts limit. Artifacts will be + removed only after the Collector's configured time to live. removeFields: type: array title: Remove Discover fields - description: List of fields to remove from Discover results. Wildcards (for example, aws*) are allowed. This is useful when discovery returns sensitive fields that should not be exposed in the Jobs user interface. + description: List of fields to remove from Discover results. Wildcards (for + example, aws*) are allowed. This is useful when discovery returns + sensitive fields that should not be exposed in the Jobs user + interface. minItems: 0 items: type: string @@ -24712,11 +28761,13 @@ components: resumeOnBoot: type: boolean title: Resume job on boot - description: Resume the ad hoc job if a failure condition causes Stream to restart during job execution + description: Resume the ad hoc job if a failure condition causes Stream to + restart during job execution environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. schedule: $ref: "#/components/schemas/ScheduleTypeRunnableJobCollection" streamtags: @@ -24744,11 +28795,15 @@ components: jobTimeout: title: Job timeout type: string - description: "Maximum time the job is allowed to run. Time unit defaults to seconds if not specified (examples: 30, 45s, 15m). Enter 0 for unlimited time." + description: "Maximum time the job is allowed to run. Time unit defaults to + seconds if not specified (examples: 30, 45s, 15m). Enter 0 for + unlimited time." pattern: \d+[sm]?$ __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. type: object RunnableJobScheduledSearch: required: @@ -24768,16 +28823,22 @@ components: ttl: type: string title: Time to live - description: Time to keep the job's artifacts on disk after job completion. This also affects how long a job is listed in the Job Inspector. + description: Time to keep the job's artifacts on disk after job completion. This + also affects how long a job is listed in the Job Inspector. pattern: \d+[smh]$ ignoreGroupJobsLimit: type: boolean title: Ignore Worker Group job limits - description: When enabled, this job's artifacts are not counted toward the Worker Group's finished job artifacts limit. Artifacts will be removed only after the Collector's configured time to live. + description: When enabled, this job's artifacts are not counted toward the + Worker Group's finished job artifacts limit. Artifacts will be + removed only after the Collector's configured time to live. removeFields: type: array title: Remove Discover fields - description: List of fields to remove from Discover results. Wildcards (for example, aws*) are allowed. This is useful when discovery returns sensitive fields that should not be exposed in the Jobs user interface. + description: List of fields to remove from Discover results. Wildcards (for + example, aws*) are allowed. This is useful when discovery returns + sensitive fields that should not be exposed in the Jobs user + interface. minItems: 0 items: type: string @@ -24786,11 +28847,13 @@ components: resumeOnBoot: type: boolean title: Resume job on boot - description: Resume the ad hoc job if a failure condition causes Stream to restart during job execution + description: Resume the ad hoc job if a failure condition causes Stream to + restart during job execution environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. schedule: $ref: "#/components/schemas/ScheduleTypeRunnableJobCollection" streamtags: @@ -24805,7 +28868,9 @@ components: description: Identifies which search query to run __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. type: object RunnableJob: oneOf: @@ -24827,7 +28892,9 @@ components: description: Truncated stack trace of the error. required: - message - description: Serialized error object that describes why a job entered its current state. Includes message and may include a nested reason for wrapped errors. + description: Serialized error object that describes why a job entered its + current state. Includes message and may + include a nested reason for wrapped errors. TaskErrorDetail: type: object properties: @@ -24845,13 +28912,16 @@ components: description: Truncated stack trace of the error. required: - message - description: Task error details. May include a nested reason for wrapped errors and additional properties from the original error. + description: Task error details. May include a nested reason for + wrapped errors and additional properties from the original error. JobStatus: type: object properties: reason: $ref: "#/components/schemas/TaskErrorDetail" - description: Reason the job entered its current state, typically populated upon failure. May include a nested reason for wrapped errors. + description: Reason the job entered its current state, typically + populated upon failure. May include a nested reason for + wrapped errors. state: type: integer description: State of the Job @@ -24892,7 +28962,9 @@ components: description: Unique identifier for the job. keep: type: boolean - description: If true, retain the job and its artifacts instead of deleting according to the time-to-live or retention policy. The job persists until it is manually deleted. + description: If true, retain the job and its artifacts instead of + deleting according to the time-to-live or retention policy. The job + persists until it is manually deleted. stats: type: object additionalProperties: @@ -24906,7 +28978,8 @@ components: - id - stats - status - description: Detailed information about a job, including its configuration, status, and statistics. + description: Detailed information about a job, including its configuration, + status, and statistics. CountedInputResponse: type: object properties: @@ -24915,6 +28988,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/InputResponse" Notification: @@ -24931,7 +29005,8 @@ components: disabled: type: boolean title: Disabled - description: If true, the Notification is disabled and the specified condition will not trigger it. + description: If true, the Notification is disabled and the specified condition + will not trigger it. condition: type: string title: Condition @@ -24939,7 +29014,8 @@ components: targets: type: array title: Notification targets - description: List of the IDs for the Notification targets to send the Notification to. + description: List of the IDs for the Notification targets to send the + Notification to. items: type: string targetConfigs: @@ -24989,7 +29065,8 @@ components: conf: type: object title: Condition-specific configurations - description: Configuration for the condition that triggers the Notification. Supported fields vary depending on the condition. + description: Configuration for the condition that triggers the Notification. + Supported fields vary depending on the condition. properties: {} metadata: type: array @@ -25018,7 +29095,8 @@ components: title: Template & Target Pairs description: Pairs of templates and targets for notification routing items: - $ref: "#/components/schemas/TemplateTargetPairConfFunctionConfSchemaNotificationPolicies" + $ref: "#/components/schemas/TemplateTargetPairConfFunctionConfSchemaNotificatio\ + nPolicies" oneOf: - properties: mode: @@ -25103,12 +29181,16 @@ components: description: Brief description for the HEC token. enabled: type: boolean - description: If true, the HEC token is enabled. Otherwise, false. + description: If true, the HEC token is enabled. Otherwise, + false. metadata: type: array items: $ref: "#/components/schemas/EventBreakerRuleFields" - description: Array of key-value pairs to associate with the HEC token for tagging, categorization, or providing additional context. Each item in the array is an object with a name and a value. + description: Array of key-value pairs to associate with the HEC token for + tagging, categorization, or providing additional context. Each item + in the array is an object with a name and a + value. OutputDefault: type: object required: @@ -25130,13 +29212,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -25148,10 +29232,13 @@ components: - string - "null" title: Default Output ID - description: ID of the default output. This will be used whenever a nonexistent/deleted output is referenced. + description: ID of the default output. This will be used whenever a + nonexistent/deleted output is referenced. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. OutputWebhook: type: object required: @@ -25172,13 +29259,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -25205,7 +29294,8 @@ components: keepAlive: type: boolean title: Keep alive - description: Disable to close the connection immediately after sending the outgoing request + description: Disable to close the connection immediately after sending the + outgoing request concurrency: type: number title: Request concurrency @@ -25221,7 +29311,8 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -25230,27 +29321,38 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers - description: Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields). + description: Headers to add to all events. You can also add headers dynamically + on a per-event basis in the __headers field, as explained in [Cribl + Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields). items: $ref: "#/components/schemas/ExtraHttpHeaderConfInputElastic" useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" safeHeaders: @@ -25262,7 +29364,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -25271,7 +29374,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" authType: @@ -25298,19 +29405,27 @@ components: totalMemoryLimitKB: type: number title: Buffer memory limit (KB) - description: Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced. + description: Maximum total size of the batches waiting to be sent. If left + blank, defaults to 5 times the max body size (if set). If 0, no + limit is enforced. minimum: 0 loadBalanced: type: boolean title: Load balancing - description: Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS. + description: Enable for optimal performance. Even if you have one hostname, it + can expand to multiple IPs. If disabled, consider enabling + round-robin DNS. description: type: string title: Description customSourceExpression: type: string title: Source expression - description: "Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON." + description: "Expression to evaluate on events to generate output. Example: + `raw=${_raw}`. See [Cribl + Docs](https://docs.cribl.io/stream/destinations-webhook#custom-form\ + at) for other examples. If empty, the full event is sent as + stringified JSON." customDropWhenNull: type: boolean title: Drop when null @@ -25318,15 +29433,21 @@ components: customEventDelimiter: type: string title: Event delimiter - description: Delimiter string to insert between individual events. Defaults to newline character. + description: Delimiter string to insert between individual events. Defaults to + newline character. customContentType: type: string title: Content type - description: Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry. + description: Content type to use for request. Defaults to application/x-ndjson. + Any content types set in Advanced Settings > Extra HTTP headers will + override this entry. customPayloadExpression: type: string title: Batch expression - description: 'Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ "items" : [${events}] }` would send the batch inside a JSON object.' + description: 'Expression specifying how to format the payload for each batch. To + reference the events to send, use the `${events}` variable. Example + expression: `{ "items" : [${events}] }` would send the batch inside + a JSON object.' advancedContentType: type: string title: Content type @@ -25334,47 +29455,66 @@ components: formatEventCode: type: string title: Format inbound event - description: "Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code." + description: "Custom JavaScript code to format incoming event data accessible + through the __e variable. The formatted content is added to + (__e['__eventOut']) if available. Otherwise, the original event is + serialized as JSON. Caution: This function is evaluated in an + unprotected context, allowing you to execute almost any JavaScript + code." formatPayloadCode: type: string title: Format outbound payload - description: "Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code." + description: "Optional JavaScript code to format the payload sent to the + Destination. The payload, containing a batch of formatted events, is + accessible through the __e['payload'] variable. The formatted + payload is returned in the __e['__payloadOut'] variable. Caution: + This function is evaluated in an unprotected context, allowing you + to execute almost any JavaScript code." pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -25382,7 +29522,9 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object @@ -25421,11 +29563,15 @@ components: tokenAttributeName: type: string title: Token attribute name - description: Name of the auth token attribute in the OAuth response. Can be top-level (e.g., 'token'); or nested, using a period (e.g., 'data.token'). + description: Name of the auth token attribute in the OAuth response. Can be + top-level (e.g., 'token'); or nested, using a period (e.g., + 'data.token'). authHeaderExpr: type: string title: Authorize expression - description: "JavaScript expression to compute the Authorization header value to pass in requests. The value `${token}` is used to reference the token obtained from authentication, e.g.: `Bearer ${token}`." + description: "JavaScript expression to compute the Authorization header value to + pass in requests. The value `${token}` is used to reference the + token obtained from authentication, e.g.: `Bearer ${token}`." tokenTimeoutSecs: type: number title: Refresh interval (secs.) @@ -25435,24 +29581,33 @@ components: oauthParams: type: array title: OAuth parameters - description: Additional parameters to send in the OAuth login request. @{product} will combine the secret with these parameters, and will send the URL-encoded result in a POST request to the endpoint specified in the 'Login URL'. We'll automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request. + description: Additional parameters to send in the OAuth login request. + @{product} will combine the secret with these parameters, and will + send the URL-encoded result in a POST request to the endpoint + specified in the 'Login URL'. We'll automatically add the + content-type header 'application/x-www-form-urlencoded' when sending + this request. items: $ref: "#/components/schemas/OauthParamConfInputServicenowTable" oauthHeaders: type: array title: OAuth headers - description: Additional headers to send in the OAuth login request. @{product} will automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request. + description: Additional headers to send in the OAuth login request. @{product} + will automatically add the content-type header + 'application/x-www-form-urlencoded' when sending this request. items: $ref: "#/components/schemas/OauthHeaderConfInputServicenowTable" url: type: string title: Webhook URL - description: URL of a webhook endpoint to send events to, such as http://localhost:10200 + description: URL of a webhook endpoint to send events to, such as + http://localhost:10200 pattern: ^https?://.* excludeSelf: type: boolean title: Exclude current host IPs - description: Exclude all IPs of the current host from the list of any resolved hostnames + description: Exclude all IPs of the current host from the list of any resolved + hostnames urls: type: array title: Webhook URLs @@ -25466,45 +29621,65 @@ components: url: type: string title: Webhook LB URL - description: URL of a webhook endpoint to send events to, such as http://localhost:10200 + description: URL of a webhook endpoint to send events to, such as + http://localhost:10200 pattern: ^https?://.* weight: type: number title: Load Weight - description: Assign a weight (>0) to each endpoint to indicate its traffic-handling capability + description: Assign a weight (>0) to each endpoint to indicate its + traffic-handling capability minimum: 0 __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. dnsResolvePeriodSec: type: number minimum: 0 maximum: 86400 title: DNS resolution period (seconds) - description: The interval in which to re-resolve any hostnames and pick up destinations from A records + description: The interval in which to re-resolve any hostnames and pick up + destinations from A records loadBalanceStatsPeriodSec: type: number minimum: 10 title: Load balance stats period (seconds) - description: How far back in time to keep traffic stats for load balancing purposes + description: How far back in time to keep traffic stats for load balancing + purposes __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_loginUrl: type: string - description: Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. + description: Binds 'loginUrl' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'loginUrl' at runtime. __template_secret: type: string - description: Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime. + description: Binds 'secret' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'secret' at runtime. __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. anyOf: - required: - url @@ -25534,13 +29709,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -25550,7 +29727,8 @@ components: keepAlive: type: boolean title: Keep alive - description: Disable to close the connection immediately after sending the outgoing request + description: Disable to close the connection immediately after sending the + outgoing request concurrency: type: number title: Request concurrency @@ -25560,13 +29738,15 @@ components: maxPayloadSizeKB: type: number title: Body size limit (KB) - description: Maximum size (KB) of the request body (defaults to the API's maximum limit of 1000 KB) + description: Maximum size (KB) of the request body (defaults to the API's + maximum limit of 1000 KB) minimum: 100 maximum: 1000 maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -25575,27 +29755,38 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers - description: Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields). + description: Headers to add to all events. You can also add headers dynamically + on a per-event basis in the __headers field, as explained in [Cribl + Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields). items: $ref: "#/components/schemas/ExtraHttpHeaderConfInputElastic" useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" safeHeaders: @@ -25607,7 +29798,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -25616,7 +29808,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" authType: @@ -25635,7 +29831,8 @@ components: client_id: title: Client ID type: string - description: JavaScript expression to compute the Client ID for the Azure application. Can be a constant. + description: JavaScript expression to compute the Client ID for the Azure + application. Can be a constant. scope: title: Scope type: string @@ -25654,7 +29851,9 @@ components: totalMemoryLimitKB: type: number title: Buffer memory limit (KB) - description: Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced. + description: Maximum total size of the batches waiting to be sent. If left + blank, defaults to 5 times the max body size (if set). If 0, no + limit is enforced. minimum: 0 description: type: string @@ -25669,7 +29868,11 @@ components: customSourceExpression: type: string title: Source expression - description: "Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON." + description: "Expression to evaluate on events to generate output. Example: + `raw=${_raw}`. See [Cribl + Docs](https://docs.cribl.io/stream/destinations-webhook#custom-form\ + at) for other examples. If empty, the full event is sent as + stringified JSON." customDropWhenNull: type: boolean title: Drop when null @@ -25677,15 +29880,21 @@ components: customEventDelimiter: type: string title: Event delimiter - description: Delimiter string to insert between individual events. Defaults to newline character. + description: Delimiter string to insert between individual events. Defaults to + newline character. customContentType: type: string title: Content type - description: Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry. + description: Content type to use for request. Defaults to application/x-ndjson. + Any content types set in Advanced Settings > Extra HTTP headers will + override this entry. customPayloadExpression: type: string title: Batch expression - description: 'Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ "items" : [${events}] }` would send the batch inside a JSON object.' + description: 'Expression specifying how to format the payload for each batch. To + reference the events to send, use the `${events}` variable. Example + expression: `{ "items" : [${events}] }` would send the batch inside + a JSON object.' advancedContentType: type: string title: Content type @@ -25693,47 +29902,66 @@ components: formatEventCode: type: string title: Format inbound event - description: "Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code." + description: "Custom JavaScript code to format incoming event data accessible + through the __e variable. The formatted content is added to + (__e['__eventOut']) if available. Otherwise, the original event is + serialized as JSON. Caution: This function is evaluated in an + unprotected context, allowing you to execute almost any JavaScript + code." formatPayloadCode: type: string title: Format outbound payload - description: "Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code." + description: "Optional JavaScript code to format the payload sent to the + Destination. The payload, containing a batch of formatted events, is + accessible through the __e['payload'] variable. The formatted + payload is returned in the __e['__payloadOut'] variable. Caution: + This function is evaluated in an unprotected context, allowing you + to execute almost any JavaScript code." pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -25741,7 +29969,9 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object @@ -25758,7 +29988,9 @@ components: dceEndpoint: type: string title: Data collection endpoint - description: "Data collection endpoint (DCE) URL. In the format: `https://-..ingest.monitor.azure.com`" + description: "Data collection endpoint (DCE) URL. In the format: + `https://-..ingest.monitor.azure\ + .com`" pattern: ^https:\/\/([a-zA-Z0-9-_\.]+)\.ingest\.monitor\.azure\.com(\/?)$ streamName: type: string @@ -25766,37 +29998,61 @@ components: description: The name of the stream (Sentinel table) in which to store the events __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_loginUrl: type: string - description: Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. + description: Binds 'loginUrl' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'loginUrl' at runtime. __template_secret: type: string - description: Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime. + description: Binds 'secret' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'secret' at runtime. __template_client_id: type: string - description: Binds 'client_id' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'client_id' at runtime. + description: Binds 'client_id' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'client_id' at runtime. __template_scope: type: string - description: Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime. + description: Binds 'scope' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'scope' at runtime. __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. __template_dcrID: type: string - description: Binds 'dcrID' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dcrID' at runtime. + description: Binds 'dcrID' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'dcrID' at runtime. __template_dceEndpoint: type: string - description: Binds 'dceEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dceEndpoint' at runtime. + description: Binds 'dceEndpoint' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'dceEndpoint' at runtime. __template_streamName: type: string - description: Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime. + description: Binds 'streamName' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamName' at runtime. OutputDevnull: type: object properties: @@ -25815,13 +30071,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -25830,7 +30088,9 @@ components: type: string __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. required: - type OutputSyslog: @@ -25851,13 +30111,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -25878,7 +30140,8 @@ components: facility: type: integer title: Facility - description: Default value for message facility. Will be overwritten by value of __facility if set. Defaults to user. + description: Default value for message facility. Will be overwritten by value of + __facility if set. Defaults to user. enum: - 0 - 1 @@ -25952,7 +30215,8 @@ components: severity: type: integer title: Severity - description: Default value for message severity. Will be overwritten by value of __severity if set. Defaults to notice. + description: Default value for message severity. Will be overwritten by value of + __severity if set. Defaults to notice. enum: - 0 - 1 @@ -25984,7 +30248,9 @@ components: appName: type: string title: App name - description: Default name for device or application that originated the message. Defaults to Cribl, but will be overwritten by value of __appname if set. + description: Default name for device or application that originated the message. + Defaults to Cribl, but will be overwritten by value of __appname if + set. messageFormat: type: string enum: @@ -26010,12 +30276,15 @@ components: throttleRatePerSec: type: string title: Throttling - description: "Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling." + description: "Rate (in bytes per second) to throttle while writing to an output. + Accepts values with multiple-byte units, such as KB, MB, and GB. + (Example: 42 MB) Default value of 0 specifies no throttling." pattern: ^[\d.]+(\s[KMGTPEZYkmgtpezy][Bb])?$ octetCountFraming: type: boolean title: Octet count framing - description: Prefix messages with the byte count of the message. If disabled, no prefix will be set, and the message will be appended with a \n. + description: Prefix messages with the byte count of the message. If disabled, no + prefix will be set, and the message will be appended with a \n. logFailedRequests: type: boolean title: Log failed requests to disk @@ -26026,7 +30295,9 @@ components: loadBalanced: type: boolean title: Load balancing - description: For optimal performance, enable load balancing even if you have one hostname, as it can expand to multiple IPs. If this setting is disabled, consider enabling round-robin DNS. + description: For optimal performance, enable load balancing even if you have one + hostname, as it can expand to multiple IPs. If this setting is + disabled, consider enabling round-robin DNS. host: type: string title: Address @@ -26039,7 +30310,8 @@ components: excludeSelf: type: boolean title: Exclude current host IPs - description: Exclude all IPs of the current host from the list of any resolved hostnames + description: Exclude all IPs of the current host from the list of any resolved + hostnames hosts: type: array title: Destinations @@ -26052,25 +30324,31 @@ components: minimum: 0 maximum: 86400 title: DNS resolution period (seconds) - description: The interval in which to re-resolve any hostnames and pick up destinations from A records + description: The interval in which to re-resolve any hostnames and pick up + destinations from A records loadBalanceStatsPeriodSec: type: number minimum: 10 title: Load balance stats period (seconds) - description: How far back in time to keep traffic stats for load balancing purposes + description: How far back in time to keep traffic stats for load balancing + purposes maxConcurrentSenders: type: number minimum: 0 title: Connection limit - description: Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited. + description: Maximum number of concurrent connections (per Worker Process). A + random set of IPs will be picked on every DNS resolution period. Use + 0 for unlimited. connectionTimeout: type: number title: Connection timeout - description: Amount of time (milliseconds) to wait for the connection to establish before retrying + description: Amount of time (milliseconds) to wait for the connection to + establish before retrying writeTimeout: type: number title: Write timeout - description: Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead + description: Amount of time (milliseconds) to wait for a write to complete + before assuming connection is dead tls: $ref: "#/components/schemas/TlsSettingsClientSideTypeCaPathCertPath" onBackpressure: @@ -26080,53 +30358,68 @@ components: title: Record size limit minimum: 1 maximum: 65535 - description: Maximum size of syslog messages. Make sure this value is less than or equal to the MTU to avoid UDP packet fragmentation. + description: Maximum size of syslog messages. Make sure this value is less than + or equal to the MTU to avoid UDP packet fragmentation. udpDnsResolvePeriodSec: type: number minimum: 0 maximum: 86400 title: DNS resolution period (sec) - description: How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every message sent will incur a DNS lookup. + description: How often to resolve the destination hostname to an IP address. + Ignored if the destination is an IP address. A value of 0 means + every message sent will incur a DNS lookup. enableIpSpoofing: title: Enable Source IP spoofing - description: Send Syslog traffic using the original event's Source IP and port. To enable this, you must install the external `udp-sender` helper binary at `/usr/bin/udp-sender` on all Worker Nodes and grant it the `CAP_NET_RAW` capability. + description: Send Syslog traffic using the original event's Source IP and port. + To enable this, you must install the external `udp-sender` helper + binary at `/usr/bin/udp-sender` on all Worker Nodes and grant it the + `CAP_NET_RAW` capability. type: boolean pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -26134,23 +30427,34 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. required: - type OutputSplunk: @@ -26175,13 +30479,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -26202,26 +30508,32 @@ components: throttleRatePerSec: type: string title: Throttling - description: "Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling." + description: "Rate (in bytes per second) to throttle while writing to an output. + Accepts values with multiple-byte units, such as KB, MB, and GB. + (Example: 42 MB) Default value of 0 specifies no throttling." pattern: ^[\d.]+(\s[KMGTPEZYkmgtpezy][Bb])?$ connectionTimeout: type: number title: Connection timeout - description: Amount of time (milliseconds) to wait for the connection to establish before retrying + description: Amount of time (milliseconds) to wait for the connection to + establish before retrying writeTimeout: type: number title: Write timeout - description: Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead + description: Amount of time (milliseconds) to wait for a write to complete + before assuming connection is dead tls: $ref: "#/components/schemas/TlsSettingsClientSideTypeCaPathCertPath" enableMultiMetrics: type: boolean title: Output multiple metrics - description: Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above. + description: Output metrics in multiple-metric format in a single event. + Supported in Splunk 8.0 and above. enableACK: type: boolean title: Minimize in-flight data loss - description: Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown. + description: Check if indexer is shutting down and stop sending data. This helps + minimize data loss during shutdown. logFailedRequests: type: boolean title: Log failed requests to disk @@ -26238,46 +30550,57 @@ components: maxFailedHealthChecks: type: number title: Failed health check limit - description: Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur. + description: Maximum number of times healthcheck can fail before we close + connection. If set to 0 (disabled), and the connection to Splunk is + forcibly closed, some data loss might occur. minimum: 0 compress: $ref: "#/components/schemas/CompressionOptions" pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -26285,7 +30608,9 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object @@ -26293,32 +30618,48 @@ components: authToken: type: string title: Auth token - description: Shared secret token to use when establishing a connection to a Splunk indexer. + description: Shared secret token to use when establishing a connection to a + Splunk indexer. textSecret: type: string title: Auth token (text secret) description: Select or create a stored text secret __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. __template_nestedFields: type: string - description: Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime. + description: Binds 'nestedFields' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'nestedFields' at runtime. __template_maxS2Sversion: type: string - description: Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime. + description: Binds 'maxS2Sversion' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'maxS2Sversion' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_compress: type: string - description: Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime. + description: Binds 'compress' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'compress' at runtime. OutputSplunkLb: type: object required: @@ -26340,13 +30681,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -26358,42 +30701,52 @@ components: minimum: 0 maximum: 86400 title: DNS resolution period (seconds) - description: The interval in which to re-resolve any hostnames and pick up destinations from A records + description: The interval in which to re-resolve any hostnames and pick up + destinations from A records loadBalanceStatsPeriodSec: type: number minimum: 10 title: Load balance stats period (seconds) - description: How far back in time to keep traffic stats for load balancing purposes + description: How far back in time to keep traffic stats for load balancing + purposes maxConcurrentSenders: type: number minimum: 0 title: Connection limit - description: Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited. + description: Maximum number of concurrent connections (per Worker Process). A + random set of IPs will be picked on every DNS resolution period. Use + 0 for unlimited. nestedFields: $ref: "#/components/schemas/NestedFieldSerializationOptions" throttleRatePerSec: type: string title: Throttling - description: "Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling." + description: "Rate (in bytes per second) to throttle while writing to an output. + Accepts values with multiple-byte units, such as KB, MB, and GB. + (Example: 42 MB) Default value of 0 specifies no throttling." pattern: ^[\d.]+(\s[KMGTPEZYkmgtpezy][Bb])?$ connectionTimeout: type: number title: Connection timeout - description: Amount of time (milliseconds) to wait for the connection to establish before retrying + description: Amount of time (milliseconds) to wait for the connection to + establish before retrying writeTimeout: type: number title: Write timeout - description: Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead + description: Amount of time (milliseconds) to wait for a write to complete + before assuming connection is dead tls: $ref: "#/components/schemas/TlsSettingsClientSideTypeCaPathCertPath" enableMultiMetrics: type: boolean title: Output multiple metrics - description: Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above. + description: Output metrics in multiple-metric format in a single event. + Supported in Splunk 8.0 and above. enableACK: type: boolean title: Minimize in-flight data loss - description: Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown. + description: Check if indexer is shutting down and stop sending data. This helps + minimize data loss during shutdown. logFailedRequests: type: boolean title: Log failed requests to disk @@ -26409,7 +30762,9 @@ components: senderUnhealthyTimeAllowance: type: number title: Endpoint health fluctuation time allowance (ms) - description: How long (in milliseconds) each LB endpoint can report blocked before the Destination reports unhealthy, blocking the sender. (Grace period for fluctuations.) Use 0 to disable; max 1 minute. + description: How long (in milliseconds) each LB endpoint can report blocked + before the Destination reports unhealthy, blocking the sender. + (Grace period for fluctuations.) Use 0 to disable; max 1 minute. minimum: 0 maximum: 60000 authType: @@ -26420,13 +30775,16 @@ components: maxFailedHealthChecks: type: number title: Failed health check limit - description: Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur. + description: Maximum number of times healthcheck can fail before we close + connection. If set to 0 (disabled), and the connection to Splunk is + forcibly closed, some data loss might occur. minimum: 0 compress: $ref: "#/components/schemas/CompressionOptions" indexerDiscoveryConfigs: type: object - description: List of configurations to set up indexer discovery in Splunk Indexer clustering environment. + description: List of configurations to set up indexer discovery in Splunk + Indexer clustering environment. required: - masterUri - site @@ -26436,26 +30794,33 @@ components: type: string pattern: "[0-9A-Za-z-._]+" title: Site - description: Clustering site of the indexers from where indexers need to be discovered. In case of single site cluster, it defaults to 'default' site. + description: Clustering site of the indexers from where indexers need to be + discovered. In case of single site cluster, it defaults to + 'default' site. masterUri: type: string pattern: ^https?://[a-zA-Z0-9-._]+:[0-9]+$ title: Cluster manager URI - description: "Full URI of Splunk cluster manager (scheme://host:port). Example: https://managerAddress:8089" + description: "Full URI of Splunk cluster manager (scheme://host:port). Example: + https://managerAddress:8089" refreshIntervalSec: type: number minimum: 60 maximum: 86400 title: Refresh period - description: Time interval, in seconds, between two consecutive indexer list fetches from cluster manager + description: Time interval, in seconds, between two consecutive indexer list + fetches from cluster manager rejectUnauthorized: type: boolean title: Validate cluster manager certificates - description: During indexer discovery, reject cluster manager certificates that are not authorized by the system's CA. Disable to allow untrusted (for example, self-signed) certificates. + description: During indexer discovery, reject cluster manager certificates that + are not authorized by the system's CA. Disable to allow + untrusted (for example, self-signed) certificates. authTokens: type: array title: Authentication tokens - description: Tokens required to authenticate to cluster manager for indexer discovery + description: Tokens required to authenticate to cluster manager for indexer + discovery items: type: object properties: @@ -26464,7 +30829,8 @@ components: authToken: type: string title: Auth token - description: Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted. + description: Shared secret to be provided by any client (in authToken header + field). If empty, unauthorized access is permitted. textSecret: type: string title: Auth token (text secret) @@ -26474,7 +30840,8 @@ components: authToken: type: string title: Auth token - description: Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted. + description: Shared secret to be provided by any client (in authToken header + field). If empty, unauthorized access is permitted. textSecret: type: string title: Auth token (text secret) @@ -26482,7 +30849,8 @@ components: excludeSelf: type: boolean title: Exclude current host IPs - description: Exclude all IPs of the current host from the list of any resolved hostnames + description: Exclude all IPs of the current host from the list of any resolved + hostnames hosts: type: array title: Destinations @@ -26492,40 +30860,49 @@ components: $ref: "#/components/schemas/HostConfOutputSyslog" pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -26533,7 +30910,9 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object @@ -26541,26 +30920,38 @@ components: authToken: type: string title: Auth token - description: Shared secret token to use when establishing a connection to a Splunk indexer. + description: Shared secret token to use when establishing a connection to a + Splunk indexer. textSecret: type: string title: Auth token (text secret) description: Select or create a stored text secret __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_nestedFields: type: string - description: Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime. + description: Binds 'nestedFields' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'nestedFields' at runtime. __template_maxS2Sversion: type: string - description: Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime. + description: Binds 'maxS2Sversion' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'maxS2Sversion' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_compress: type: string - description: Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime. + description: Binds 'compress' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'compress' at runtime. OutputSplunkHec: type: object properties: @@ -26579,13 +30970,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -26595,15 +30988,19 @@ components: loadBalanced: type: boolean title: Load balancing - description: Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS. + description: Enable for optimal performance. Even if you have one hostname, it + can expand to multiple IPs. If disabled, consider enabling + round-robin DNS. nextQueue: type: string title: Next Processing Queue - description: In the Splunk app, define which Splunk processing queue to send the events after HEC processing. + description: In the Splunk app, define which Splunk processing queue to send the + events after HEC processing. tcpRouting: type: string title: Default _TCP_ROUTING - description: In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set. + description: In the Splunk app, set the value of _TCP_ROUTING for events that do + not have _ctrl._TCP_ROUTING set. tls: $ref: "#/components/schemas/TlsSettingsClientSideTypeCaPathCertPathExtended" concurrency: @@ -26617,11 +31014,12 @@ components: title: Body size limit (KB) description: Maximum size, in KB, of the request body minimum: 1024 - maximum: 2.097152e+06 + maximum: 2097152 maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -26630,17 +31028,23 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -26658,13 +31062,15 @@ components: enableMultiMetrics: type: boolean title: Output multi-metrics - description: Output metrics in multiple-metric format, supported in Splunk 8.0 and above to allow multiple metrics in a single event. + description: Output metrics in multiple-metric format, supported in Splunk 8.0 + and above to allow multiple metrics in a single event. authType: $ref: "#/components/schemas/AuthenticationMethodOptionsAuthTokensItems" responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -26673,7 +31079,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" description: @@ -26682,16 +31092,21 @@ components: url: type: string title: Splunk HEC Endpoint - description: URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event + description: URL to a Splunk HEC endpoint to send events to, e.g., + http://localhost:8088/services/collector/event pattern: ^https?://.* useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. excludeSelf: type: boolean title: Exclude current host IPs - description: Exclude all IPs of the current host from the list of any resolved hostnames + description: Exclude all IPs of the current host from the list of any resolved + hostnames urls: type: array title: Splunk HEC Endpoints @@ -26705,27 +31120,33 @@ components: url: type: string title: HEC Endpoint - description: URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event + description: URL to a Splunk HEC endpoint to send events to, e.g., + http://localhost:8088/services/collector/event pattern: ^https?://.* weight: type: number title: Load Weight - description: Assign a weight (>0) to each endpoint to indicate its traffic-handling capability + description: Assign a weight (>0) to each endpoint to indicate its + traffic-handling capability minimum: 0 __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. dnsResolvePeriodSec: type: number minimum: 0 maximum: 86400 title: DNS resolution period (seconds) - description: The interval in which to re-resolve any hostnames and pick up destinations from A records + description: The interval in which to re-resolve any hostnames and pick up + destinations from A records loadBalanceStatsPeriodSec: type: number minimum: 10 title: Load balance stats period (seconds) - description: How far back in time to keep traffic stats for load balancing purposes + description: How far back in time to keep traffic stats for load balancing + purposes token: type: string title: HEC Auth token @@ -26736,40 +31157,49 @@ components: description: Select or create a stored text secret pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -26777,23 +31207,35 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. required: - type OutputWizHec: @@ -26814,13 +31256,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -26830,11 +31274,13 @@ components: nextQueue: type: string title: Next Processing Queue - description: In the Splunk app, define which Splunk processing queue to send the events after HEC processing. + description: In the Splunk app, define which Splunk processing queue to send the + events after HEC processing. tcpRouting: type: string title: Default _TCP_ROUTING - description: In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set. + description: In the Splunk app, set the value of _TCP_ROUTING for events that do + not have _ctrl._TCP_ROUTING set. tls: $ref: "#/components/schemas/TlsSettingsClientSideTypeCaPathCertPathExtended" concurrency: @@ -26852,7 +31298,8 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -26861,17 +31308,23 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -26891,7 +31344,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -26900,13 +31354,19 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" wiz_connector_id: type: string title: Wiz Connector ID - description: The unique identifier for the specific Cribl connector defined in your Wiz Settings. This is used to cross-validate the bearer token and ensure traffic is originating from the authorized integration. + description: The unique identifier for the specific Cribl connector defined in + your Wiz Settings. This is used to cross-validate the bearer token + and ensure traffic is originating from the authorized integration. wiz_environment: type: string title: Wiz Environment @@ -26914,7 +31374,9 @@ components: data_center: type: string title: Wiz Data Center - description: Your Wiz deployment data center (e.g., us1, us8, eu1). From Tenant Info → Data Center and Regions → Tenant Data Center in your Wiz console. + description: Your Wiz deployment data center (e.g., us1, us8, eu1). From Tenant + Info → Data Center and Regions → Tenant Data Center in your Wiz + console. wiz_sourcetype: type: string title: Wiz Defend Source Type @@ -26924,40 +31386,49 @@ components: title: Description pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -26965,7 +31436,9 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object @@ -26980,22 +31453,38 @@ components: description: Select or create a stored text secret __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_wiz_environment: type: string - description: Binds 'wiz_environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_environment' at runtime. + description: Binds 'wiz_environment' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'wiz_environment' at + runtime. __template_data_center: type: string - description: Binds 'data_center' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'data_center' at runtime. + description: Binds 'data_center' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'data_center' at runtime. __template_wiz_sourcetype: type: string - description: Binds 'wiz_sourcetype' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_sourcetype' at runtime. + description: Binds 'wiz_sourcetype' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'wiz_sourcetype' at + runtime. required: - type - wiz_connector_id @@ -27020,13 +31509,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -27046,28 +31537,35 @@ components: throttleRatePerSec: type: string title: Throttling - description: "Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling." + description: "Rate (in bytes per second) to throttle while writing to an output. + Accepts values with multiple-byte units, such as KB, MB, and GB. + (Example: 42 MB) Default value of 0 specifies no throttling." pattern: ^[\d.]+(\s[KMGTPEZYkmgtpezy][Bb])?$ tls: $ref: "#/components/schemas/TlsSettingsClientSideTypeCaPathCertPath" connectionTimeout: type: number title: Connection timeout - description: Amount of time (milliseconds) to wait for the connection to establish before retrying + description: Amount of time (milliseconds) to wait for the connection to + establish before retrying writeTimeout: type: number title: Write timeout - description: Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead + description: Amount of time (milliseconds) to wait for a write to complete + before assuming connection is dead tokenTTLMinutes: type: number title: Auth Token TTL minutes minimum: 1 maximum: 60 - description: The number of minutes before the internally generated authentication token expires, valid values between 1 and 60 + description: The number of minutes before the internally generated + authentication token expires, valid values between 1 and 60 sendHeader: type: boolean title: Send auth token in initial record - description: Upon connection, send a header-like record containing the auth token and other metadata.This record will not contain an actual event – only subsequent records will. + description: Upon connection, send a header-like record containing the auth + token and other metadata.This record will not contain an actual + event – only subsequent records will. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" authType: @@ -27087,7 +31585,8 @@ components: excludeSelf: type: boolean title: Exclude current host IPs - description: Exclude all IPs of the current host from the list of any resolved hostnames + description: Exclude all IPs of the current host from the list of any resolved + hostnames hosts: type: array title: Destinations @@ -27100,53 +31599,66 @@ components: minimum: 0 maximum: 86400 title: DNS resolution period (seconds) - description: The interval in which to re-resolve any hostnames and pick up destinations from A records + description: The interval in which to re-resolve any hostnames and pick up + destinations from A records loadBalanceStatsPeriodSec: type: number minimum: 10 title: Load balance stats period (seconds) - description: How far back in time to keep traffic stats for load balancing purposes + description: How far back in time to keep traffic stats for load balancing + purposes maxConcurrentSenders: type: number minimum: 0 title: Connection limit - description: Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited. + description: Maximum number of concurrent connections (per Worker Process). A + random set of IPs will be picked on every DNS resolution period. Use + 0 for unlimited. pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -27154,7 +31666,9 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object @@ -27162,23 +31676,33 @@ components: authToken: type: string title: Auth token - description: Optional authentication token to include as part of the connection header + description: Optional authentication token to include as part of the connection + header textSecret: type: string title: Auth token (text secret) description: Select or create a stored text secret __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. required: - type OutputWavefront: @@ -27202,13 +31726,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -27236,7 +31762,8 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -27245,17 +31772,23 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -27265,7 +31798,10 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" safeHeaders: @@ -27277,7 +31813,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -27286,7 +31823,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" description: @@ -27295,47 +31836,57 @@ components: token: type: string title: Auth token - description: WaveFront API authentication token (see [here](https://docs.wavefront.com/wavefront_api.html#generating-an-api-token)) + description: WaveFront API authentication token (see + [here](https://docs.wavefront.com/wavefront_api.html#generating-an-api-token)) textSecret: type: string title: Auth token (text secret) description: Select or create a stored text secret pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -27343,20 +31894,30 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputSignalfx: type: object required: @@ -27378,13 +31939,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -27396,7 +31959,9 @@ components: realm: type: string title: Realm - description: SignalFx realm name, e.g. "us0". For a complete list of available SignalFx realm names, please check [here](https://docs.splunk.com/observability/en/get-started/service-description.html#sd-regions). + description: SignalFx realm name, e.g. "us0". For a complete list of available + SignalFx realm names, please check + [here](https://docs.splunk.com/observability/en/get-started/service-description.html#sd-regions). concurrency: type: number title: Request concurrency @@ -27412,7 +31977,8 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -27421,17 +31987,23 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -27441,7 +32013,10 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" safeHeaders: @@ -27453,7 +32028,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -27462,7 +32038,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" description: @@ -27471,47 +32051,57 @@ components: token: type: string title: Auth token - description: SignalFx API access token (see [here](https://docs.signalfx.com/en/latest/admin-guide/tokens.html#working-with-access-tokens)) + description: SignalFx API access token (see + [here](https://docs.signalfx.com/en/latest/admin-guide/tokens.html#working-with-access-tokens)) textSecret: type: string title: Auth token (text secret) description: Select or create a stored text secret pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -27519,20 +32109,30 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputFilesystem: type: object required: @@ -27554,13 +32154,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -27574,7 +32176,8 @@ components: stagePath: type: string title: Staging location - description: Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage. + description: Filesystem location in which to buffer files, before compressing + and moving to final destination. Use performant and stable storage. addIdToStagePath: type: boolean title: Add output ID @@ -27586,45 +32189,58 @@ components: partitionExpr: type: string title: Partitioning expression - description: JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory. + description: JavaScript expression defining how files are partitioned and + organized. Default is date-based. If blank, Stream will fall back to + the event's __partition field value – if present – otherwise to each + location's root directory. format: $ref: "#/components/schemas/DataFormatOptions" baseFileName: type: string title: File name prefix expression - description: JavaScript expression to define the output filename prefix (can be constant) + description: JavaScript expression to define the output filename prefix (can be + constant) fileNameSuffix: type: string title: File name suffix expression - description: JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`). + description: JavaScript expression to define the output filename suffix (can be + constant). The `__format` variable refers to the value of the `Data + format` field (`json` or `raw`). The `__compression` field refers + to the kind of compression being used (`none` or `gzip`). maxFileSizeMB: type: number title: File size limit (MB) - description: Maximum uncompressed output file size. Files of this size will be closed and moved to final output location. + description: Maximum uncompressed output file size. Files of this size will be + closed and moved to final output location. maximum: 1024 minimum: 5 maxFileOpenTimeSec: type: number title: File open time limit (sec) - description: Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to write to a file. Files open for longer + than this will be closed and moved to final output location. minimum: 10 maximum: 1800 maxFileIdleTimeSec: type: number title: Idle time limit (sec) - description: Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to keep inactive files open. Files open for + longer than this will be closed and moved to final output location. minimum: 5 maximum: 1800 maxOpenFiles: type: number title: Open file limit - description: Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location. + description: Maximum number of files to keep open concurrently. When exceeded, + @{product} will close the oldest open files and move them to the + final output location. minimum: 10 maximum: 2000 headerLine: type: string title: Header line - description: If set, this line will be written to the beginning of each output file + description: If set, this line will be written to the beginning of each output + file writeHighWaterMark: type: number title: Writing high watermark (KB) @@ -27636,13 +32252,17 @@ components: deadletterEnabled: type: boolean title: Enable dead-lettering - description: If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors + description: If a file fails to move to its final destination after the maximum + number of retries, move it to a designated directory to prevent + further errors onDiskFullBackpressure: $ref: "#/components/schemas/DiskSpaceProtectionOptions" forceCloseOnShutdown: type: boolean title: Force close on shutdown - description: Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss. + description: Force all staged files to close during an orderly Node shutdown. + This triggers immediate upload of in-progress data — regardless of + idle time, file age, or size thresholds — to minimize data loss. retrySettings: $ref: "#/components/schemas/RetrySettingsType" orphans: @@ -27657,11 +32277,13 @@ components: automaticSchema: type: boolean title: Automatic schema - description: Automatically calculate the schema based on the events of each Parquet file generated + description: Automatically calculate the schema based on the events of each + Parquet file generated parquetSchema: type: string title: Parquet schema - description: To add a new schema, navigate to Processing > Knowledge > Parquet Schemas + description: To add a new schema, navigate to Processing > Knowledge > Parquet + Schemas minLength: 1 parquetVersion: $ref: "#/components/schemas/ParquetVersionOptions" @@ -27670,13 +32292,16 @@ components: parquetRowGroupLength: type: number title: Group row limit - description: The number of rows that every group will contain. The final group can contain a smaller number of rows. + description: The number of rows that every group will contain. The final group + can contain a smaller number of rows. minimum: 1 - maximum: 6.7108864e+07 + maximum: 67108864 parquetPageSize: type: string title: Page size - description: Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression. + description: Target memory size for page segments, such as 1MB or 128MB. + Generally, lower values improve reading speed, while higher values + improve compression. pattern: ^\d+\s*(?:[kK][bB]|[mM][bB]|[gG][bB]|[tT][bB])?$ shouldLogInvalidRows: type: boolean @@ -27685,22 +32310,28 @@ components: keyValueMetadata: type: array title: Metadata (optional) - description: 'The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: "key":"OCSF Event Class", "value":"9001"' + description: 'The metadata of files the Destination writes will include the + properties you add here as key-value pairs. Useful for tagging. + Examples: "key":"OCSF Event Class", "value":"9001"' minItems: 0 items: $ref: "#/components/schemas/KeyValueMetadataConfOutputFilesystem" enableStatistics: type: boolean title: Write statistics - description: Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics. + description: Statistics profile an entire file in terms of minimum/maximum + values within data, numbers of nulls, etc. You can use Parquet tools + to view statistics. enableWritePageIndex: type: boolean title: Write page indexes - description: One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping. + description: One page index contains statistics for one data page. Parquet + readers use statistics to enable page skipping. enablePageChecksum: type: boolean title: Write page checksum - description: Parquet tools can use the checksum of a Parquet page to verify data integrity + description: Parquet tools can use the checksum of a Parquet page to verify data + integrity emptyDirCleanupSec: type: number title: Staging cleanup period @@ -27710,40 +32341,62 @@ components: directoryBatchSize: type: number title: Directory batch size - description: Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory. + description: Number of directories to process in each batch during cleanup of + empty directories. Minimum is 10, maximum is 10000. Higher values + may require more memory. deadletterPath: type: string title: Dead-letter location - description: Storage location for files that fail to reach their final destination after maximum retries are exceeded + description: Storage location for files that fail to reach their final + destination after maximum retries are exceeded maxRetryNum: type: number title: Retry limit - description: The maximum number of times a file will attempt to move to its final destination before being dead-lettered + description: The maximum number of times a file will attempt to move to its + final destination before being dead-lettered minimum: 1 __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_partitionExpr: type: string - description: Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime. + description: Binds 'partitionExpr' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'partitionExpr' at runtime. __template_format: type: string - description: Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime. + description: Binds 'format' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'format' at runtime. __template_baseFileName: type: string - description: Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime. + description: Binds 'baseFileName' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'baseFileName' at runtime. __template_fileNameSuffix: type: string - description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime. + description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'fileNameSuffix' at + runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_compress: type: string - description: Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime. + description: Binds 'compress' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'compress' at runtime. __template_parquetSchema: type: string - description: Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime. + description: Binds 'parquetSchema' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'parquetSchema' at runtime. OutputS3: type: object required: @@ -27766,13 +32419,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -27782,7 +32437,8 @@ components: endpoint: type: string title: Endpoint - description: S3 service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to S3-compatible endpoint. + description: S3 service endpoint. If empty, defaults to the AWS Region-specific + endpoint. Otherwise, it must point to S3-compatible endpoint. enableAssumeRole: type: boolean title: Enable for S3 @@ -27800,7 +32456,9 @@ components: durationSeconds: type: number title: Duration (seconds) - description: Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). + description: Duration of the assumed role's session, in seconds. Minimum is 900 + (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 + hours). minimum: 900 maximum: 43200 awsAuthenticationMethod: @@ -27812,11 +32470,15 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates bucket: type: string title: S3 bucket name - description: "Name of the destination S3 bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`" + description: "Name of the destination S3 bucket. Must be a JavaScript expression + (which can evaluate to a constant value), enclosed in quotes or + backticks. Can be evaluated only at initialization time. Example + referencing a Global Variable: `myBucket-${C.vars.myVar}`" region: type: string title: Region @@ -27824,27 +32486,34 @@ components: destPath: type: string title: Key prefix - description: "Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" + description: "Prefix to prepend to files before uploading. Must be a JavaScript + expression (which can evaluate to a constant value), enclosed in + quotes or backticks. Can be evaluated only at init time. Example + referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" maxConcurrentFileParts: type: number title: Concurrent file parts upload limit - description: Maximum number of parts to upload in parallel per file. Minimum part size is 5MB. + description: Maximum number of parts to upload in parallel per file. Minimum + part size is 5MB. minimum: 1 maximum: 10 verifyPermissions: type: boolean title: Verify if bucket exists - description: Disable if you can access files within the bucket but not the bucket itself + description: Disable if you can access files within the bucket but not the + bucket itself maxClosingFilesToBackpressure: type: number title: Staging file limit - description: Maximum number of files that can be waiting for upload before backpressure is applied + description: Maximum number of files that can be waiting for upload before + backpressure is applied minimum: 10 maximum: 4200 stagePath: type: string title: Staging location - description: Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage. + description: Filesystem location in which to buffer files, before compressing + and moving to final destination. Use performant and stable storage. addIdToStagePath: type: boolean title: Add output ID @@ -27856,45 +32525,58 @@ components: partitionExpr: type: string title: Partitioning expression - description: JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory. + description: JavaScript expression defining how files are partitioned and + organized. Default is date-based. If blank, Stream will fall back to + the event's __partition field value – if present – otherwise to each + location's root directory. format: $ref: "#/components/schemas/DataFormatOptions" baseFileName: type: string title: File name prefix expression - description: JavaScript expression to define the output filename prefix (can be constant) + description: JavaScript expression to define the output filename prefix (can be + constant) fileNameSuffix: type: string title: File name suffix expression - description: JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`). + description: JavaScript expression to define the output filename suffix (can be + constant). The `__format` variable refers to the value of the `Data + format` field (`json` or `raw`). The `__compression` field refers + to the kind of compression being used (`none` or `gzip`). maxFileSizeMB: type: number title: File size limit (MB) - description: Maximum uncompressed output file size. Files of this size will be closed and moved to final output location. + description: Maximum uncompressed output file size. Files of this size will be + closed and moved to final output location. maximum: 1024 minimum: 5 maxFileOpenTimeSec: type: number title: File open time limit (sec) - description: Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to write to a file. Files open for longer + than this will be closed and moved to final output location. minimum: 10 maximum: 86400 maxFileIdleTimeSec: type: number title: Idle time limit (sec) - description: Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to keep inactive files open. Files open for + longer than this will be closed and moved to final output location. minimum: 5 maximum: 86400 maxOpenFiles: type: number title: Open file limit - description: Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location. + description: Maximum number of files to keep open concurrently. When exceeded, + @{product} will close the oldest open files and move them to the + final output location. minimum: 10 maximum: 2000 headerLine: type: string title: Header line - description: If set, this line will be written to the beginning of each output file + description: If set, this line will be written to the beginning of each output + file writeHighWaterMark: type: number title: Writing high watermark (KB) @@ -27906,13 +32588,17 @@ components: deadletterEnabled: type: boolean title: Enable dead-lettering - description: If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors + description: If a file fails to move to its final destination after the maximum + number of retries, move it to a designated directory to prevent + further errors onDiskFullBackpressure: $ref: "#/components/schemas/DiskSpaceProtectionOptions" forceCloseOnShutdown: type: boolean title: Force close on shutdown - description: Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss. + description: Force all staged files to close during an orderly Node shutdown. + This triggers immediate upload of in-progress data — regardless of + idle time, file age, or size thresholds — to minimize data loss. retrySettings: $ref: "#/components/schemas/RetrySettingsType" orphans: @@ -27920,7 +32606,8 @@ components: awsSecretKey: type: string title: Secret key - description: "Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)" + description: "Secret key. This value can be a constant or a JavaScript + expression. Example: `${C.env.SOME_SECRET}`)" objectACL: $ref: "#/components/schemas/ObjectAclOptions" storageClass: @@ -27937,11 +32624,13 @@ components: awsApiKey: type: string title: Access key - description: This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`) + description: This value can be a constant or a JavaScript expression + (`${C.env.SOME_ACCESS_KEY}`) awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key compress: $ref: "#/components/schemas/CompressionOptionsHttp" compressionLevel: @@ -27949,11 +32638,13 @@ components: automaticSchema: type: boolean title: Automatic schema - description: Automatically calculate the schema based on the events of each Parquet file generated + description: Automatically calculate the schema based on the events of each + Parquet file generated parquetSchema: type: string title: Parquet schema - description: To add a new schema, navigate to Processing > Knowledge > Parquet Schemas + description: To add a new schema, navigate to Processing > Knowledge > Parquet + Schemas minLength: 1 parquetVersion: $ref: "#/components/schemas/ParquetVersionOptions" @@ -27962,13 +32653,16 @@ components: parquetRowGroupLength: type: number title: Group row limit - description: The number of rows that every group will contain. The final group can contain a smaller number of rows. + description: The number of rows that every group will contain. The final group + can contain a smaller number of rows. minimum: 1 - maximum: 6.7108864e+07 + maximum: 67108864 parquetPageSize: type: string title: Page size - description: Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression. + description: Target memory size for page segments, such as 1MB or 128MB. + Generally, lower values improve reading speed, while higher values + improve compression. pattern: ^\d+\s*(?:[kK][bB]|[mM][bB]|[gG][bB]|[tT][bB])?$ shouldLogInvalidRows: type: boolean @@ -27977,22 +32671,28 @@ components: keyValueMetadata: type: array title: Metadata (optional) - description: 'The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: "key":"OCSF Event Class", "value":"9001"' + description: 'The metadata of files the Destination writes will include the + properties you add here as key-value pairs. Useful for tagging. + Examples: "key":"OCSF Event Class", "value":"9001"' minItems: 0 items: $ref: "#/components/schemas/KeyValueMetadataConfOutputFilesystem" enableStatistics: type: boolean title: Write statistics - description: Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics. + description: Statistics profile an entire file in terms of minimum/maximum + values within data, numbers of nulls, etc. You can use Parquet tools + to view statistics. enableWritePageIndex: type: boolean title: Write page indexes - description: One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping. + description: One page index contains statistics for one data page. Parquet + readers use statistics to enable page skipping. enablePageChecksum: type: boolean title: Write page checksum - description: Parquet tools can use the checksum of a Parquet page to verify data integrity + description: Parquet tools can use the checksum of a Parquet page to verify data + integrity emptyDirCleanupSec: type: number title: Staging cleanup period @@ -28002,76 +32702,124 @@ components: directoryBatchSize: type: number title: Directory batch size - description: Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory. + description: Number of directories to process in each batch during cleanup of + empty directories. Minimum is 10, maximum is 10000. Higher values + may require more memory. deadletterPath: type: string title: Dead-letter location - description: Storage location for files that fail to reach their final destination after maximum retries are exceeded + description: Storage location for files that fail to reach their final + destination after maximum retries are exceeded maxRetryNum: type: number title: Retry limit - description: The maximum number of times a file will attempt to move to its final destination before being dead-lettered + description: The maximum number of times a file will attempt to move to its + final destination before being dead-lettered minimum: 1 __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_assumeRoleArn: type: string - description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. + description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. __template_assumeRoleExternalId: type: string - description: Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime. + description: Binds 'assumeRoleExternalId' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'assumeRoleExternalId' at runtime. __template_bucket: type: string - description: Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime. + description: Binds 'bucket' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'bucket' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_destPath: type: string - description: Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime. + description: Binds 'destPath' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'destPath' at runtime. __template_partitionExpr: type: string - description: Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime. + description: Binds 'partitionExpr' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'partitionExpr' at runtime. __template_format: type: string - description: Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime. + description: Binds 'format' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'format' at runtime. __template_baseFileName: type: string - description: Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime. + description: Binds 'baseFileName' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'baseFileName' at runtime. __template_fileNameSuffix: type: string - description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime. + description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'fileNameSuffix' at + runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_awsSecretKey: type: string - description: Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime. + description: Binds 'awsSecretKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsSecretKey' at runtime. __template_objectACL: type: string - description: Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime. + description: Binds 'objectACL' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'objectACL' at runtime. __template_storageClass: type: string - description: Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime. + description: Binds 'storageClass' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'storageClass' at runtime. __template_serverSideEncryption: type: string - description: Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime. + description: Binds 'serverSideEncryption' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'serverSideEncryption' at runtime. __template_kmsKeyId: type: string - description: Binds 'kmsKeyId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'kmsKeyId' at runtime. + description: Binds 'kmsKeyId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'kmsKeyId' at runtime. __template_awsApiKey: type: string - description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime. + description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsApiKey' at runtime. __template_compress: type: string - description: Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime. + description: Binds 'compress' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'compress' at runtime. __template_parquetSchema: type: string - description: Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime. + description: Binds 'parquetSchema' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'parquetSchema' at runtime. OutputAzureBlob: type: object required: @@ -28094,13 +32842,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -28110,19 +32860,30 @@ components: containerName: type: string title: Container name - description: The Azure Blob Storage container name. Name can include only lowercase letters, numbers, and hyphens. For dynamic container names, enter a JavaScript expression within quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myContainer-${C.env["CRIBL_WORKER_ID"]}`. + description: The Azure Blob Storage container name. Name can include only + lowercase letters, numbers, and hyphens. For dynamic container + names, enter a JavaScript expression within quotes or backticks, to + be evaluated at initialization. The expression can evaluate to a + constant value and can reference Global Variables, such as + `myContainer-${C.env["CRIBL_WORKER_ID"]}`. createContainer: type: boolean title: Create container - description: Create the configured container in Azure Blob Storage if it does not already exist + description: Create the configured container in Azure Blob Storage if it does + not already exist destPath: type: string title: Blob prefix - description: Root directory prepended to path before uploading. Value can be a JavaScript expression enclosed in quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myBlobPrefix-${C.env["CRIBL_WORKER_ID"]}`. + description: Root directory prepended to path before uploading. Value can be a + JavaScript expression enclosed in quotes or backticks, to be + evaluated at initialization. The expression can evaluate to a + constant value and can reference Global Variables, such as + `myBlobPrefix-${C.env["CRIBL_WORKER_ID"]}`. stagePath: type: string title: Staging location - description: Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage. + description: Filesystem location in which to buffer files before compressing and + moving to final destination. Use performant and stable storage. addIdToStagePath: type: boolean title: Add output ID @@ -28140,45 +32901,58 @@ components: partitionExpr: type: string title: Partitioning expression - description: JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory. + description: JavaScript expression defining how files are partitioned and + organized. Default is date-based. If blank, Stream will fall back to + the event's __partition field value – if present – otherwise to each + location's root directory. format: $ref: "#/components/schemas/DataFormatOptions" baseFileName: type: string title: File name prefix expression - description: JavaScript expression to define the output filename prefix (can be constant) + description: JavaScript expression to define the output filename prefix (can be + constant) fileNameSuffix: type: string title: File name suffix expression - description: JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`). + description: JavaScript expression to define the output filename suffix (can be + constant). The `__format` variable refers to the value of the `Data + format` field (`json` or `raw`). The `__compression` field refers + to the kind of compression being used (`none` or `gzip`). maxFileSizeMB: type: number title: File size limit (MB) - description: Maximum uncompressed output file size. Files of this size will be closed and moved to final output location. + description: Maximum uncompressed output file size. Files of this size will be + closed and moved to final output location. maximum: 1024 minimum: 5 maxFileOpenTimeSec: type: number title: File open time limit (sec) - description: Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to write to a file. Files open for longer + than this will be closed and moved to final output location. minimum: 10 maximum: 1800 maxFileIdleTimeSec: type: number title: Idle time limit (sec) - description: Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to keep inactive files open. Files open for + longer than this will be closed and moved to final output location. minimum: 5 maximum: 1800 maxOpenFiles: type: number title: Open file limit - description: Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location. + description: Maximum number of files to keep open concurrently. When exceeded, + @{product} will close the oldest open files and move them to the + final output location. minimum: 10 maximum: 2000 headerLine: type: string title: Header line - description: If set, this line will be written to the beginning of each output file + description: If set, this line will be written to the beginning of each output + file writeHighWaterMark: type: number title: Writing high watermark (KB) @@ -28190,13 +32964,17 @@ components: deadletterEnabled: type: boolean title: Enable dead-lettering - description: If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors + description: If a file fails to move to its final destination after the maximum + number of retries, move it to a designated directory to prevent + further errors onDiskFullBackpressure: $ref: "#/components/schemas/DiskSpaceProtectionOptions" forceCloseOnShutdown: type: boolean title: Force close on shutdown - description: Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss. + description: Force all staged files to close during an orderly Node shutdown. + This triggers immediate upload of in-progress data — regardless of + idle time, file age, or size thresholds — to minimize data loss. retrySettings: $ref: "#/components/schemas/RetrySettingsType" orphans: @@ -28229,11 +33007,13 @@ components: automaticSchema: type: boolean title: Automatic schema - description: Automatically calculate the schema based on the events of each Parquet file generated + description: Automatically calculate the schema based on the events of each + Parquet file generated parquetSchema: type: string title: Parquet schema - description: To add a new schema, navigate to Processing > Knowledge > Parquet Schemas + description: To add a new schema, navigate to Processing > Knowledge > Parquet + Schemas minLength: 1 parquetVersion: $ref: "#/components/schemas/ParquetVersionOptions" @@ -28242,13 +33022,16 @@ components: parquetRowGroupLength: type: number title: Group row limit - description: The number of rows that every group will contain. The final group can contain a smaller number of rows. + description: The number of rows that every group will contain. The final group + can contain a smaller number of rows. minimum: 1 - maximum: 6.7108864e+07 + maximum: 67108864 parquetPageSize: type: string title: Page size - description: Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression. + description: Target memory size for page segments, such as 1MB or 128MB. + Generally, lower values improve reading speed, while higher values + improve compression. pattern: ^\d+\s*(?:[kK][bB]|[mM][bB]|[gG][bB]|[tT][bB])?$ shouldLogInvalidRows: type: boolean @@ -28257,22 +33040,28 @@ components: keyValueMetadata: type: array title: Metadata (optional) - description: 'The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: "key":"OCSF Event Class", "value":"9001"' + description: 'The metadata of files the Destination writes will include the + properties you add here as key-value pairs. Useful for tagging. + Examples: "key":"OCSF Event Class", "value":"9001"' minItems: 0 items: $ref: "#/components/schemas/KeyValueMetadataConfOutputFilesystem" enableStatistics: type: boolean title: Write statistics - description: Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics. + description: Statistics profile an entire file in terms of minimum/maximum + values within data, numbers of nulls, etc. You can use Parquet tools + to view statistics. enableWritePageIndex: type: boolean title: Write page indexes - description: One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping. + description: One page index contains statistics for one data page. Parquet + readers use statistics to enable page skipping. enablePageChecksum: type: boolean title: Write page checksum - description: Parquet tools can use the checksum of a Parquet page to verify data integrity + description: Parquet tools can use the checksum of a Parquet page to verify data + integrity emptyDirCleanupSec: type: number title: Staging cleanup period @@ -28282,20 +33071,25 @@ components: directoryBatchSize: type: number title: Directory batch size - description: Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory. + description: Number of directories to process in each batch during cleanup of + empty directories. Minimum is 10, maximum is 10000. Higher values + may require more memory. deadletterPath: type: string title: Dead-letter location - description: Storage location for files that fail to reach their final destination after maximum retries are exceeded + description: Storage location for files that fail to reach their final + destination after maximum retries are exceeded maxRetryNum: type: number title: Retry limit - description: The maximum number of times a file will attempt to move to its final destination before being dead-lettered + description: The maximum number of times a file will attempt to move to its + final destination before being dead-lettered minimum: 1 connectionString: type: string title: Connection string - description: Enter your Azure Storage account connection string. If left blank, Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING. + description: Enter your Azure Storage account connection string. If left blank, + Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING. textSecret: type: string title: Connection string (text secret) @@ -28319,7 +33113,8 @@ components: endpointSuffix: type: string title: Endpoint suffix - description: Endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net. + description: Endpoint suffix for the service URL. Takes precedence over the + Azure Cloud setting. Defaults to core.windows.net. clientTextSecret: type: string title: Client secret (text secret) @@ -28328,49 +33123,83 @@ components: $ref: "#/components/schemas/CertificateTypeAzureBlobAuthTypeClientCert" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_containerName: type: string - description: Binds 'containerName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'containerName' at runtime. + description: Binds 'containerName' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'containerName' at runtime. __template_destPath: type: string - description: Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime. + description: Binds 'destPath' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'destPath' at runtime. __template_partitionExpr: type: string - description: Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime. + description: Binds 'partitionExpr' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'partitionExpr' at runtime. __template_format: type: string - description: Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime. + description: Binds 'format' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'format' at runtime. __template_baseFileName: type: string - description: Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime. + description: Binds 'baseFileName' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'baseFileName' at runtime. __template_fileNameSuffix: type: string - description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime. + description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'fileNameSuffix' at + runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_compress: type: string - description: Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime. + description: Binds 'compress' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'compress' at runtime. __template_parquetSchema: type: string - description: Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime. + description: Binds 'parquetSchema' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'parquetSchema' at runtime. __template_connectionString: type: string - description: Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime. + description: Binds 'connectionString' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'connectionString' at runtime. __template_storageAccountName: type: string - description: Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime. + description: Binds 'storageAccountName' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'storageAccountName' at runtime. __template_tenantId: type: string - description: Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime. + description: Binds 'tenantId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'tenantId' at runtime. __template_clientId: type: string - description: Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime. + description: Binds 'clientId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'clientId' at runtime. __template_azureCloud: type: string - description: Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime. + description: Binds 'azureCloud' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'azureCloud' at runtime. OutputAzureDataExplorer: type: object required: @@ -28400,13 +33229,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -28416,7 +33247,8 @@ components: clusterUrl: type: string title: Cluster base URI - description: The base URI for your cluster. Typically, `https://..kusto.windows.net`. + description: The base URI for your cluster. Typically, + `https://..kusto.windows.net`. pattern: ^https:// database: type: string @@ -28433,7 +33265,10 @@ components: validateDatabaseSettings: type: boolean title: Validate database settings - description: When saving or starting the Destination, validate the database name and credentials; also validate table name, except when creating a new table. Disable if your Azure app does not have both the Database Viewer and the Table Viewer role. + description: When saving or starting the Destination, validate the database name + and credentials; also validate table name, except when creating a + new table. Disable if your Azure app does not have both the Database + Viewer and the Table Viewer role. ingestMode: type: string title: Ingestion mode @@ -28488,7 +33323,8 @@ components: certificateName: type: string title: Certificate - description: The certificate you registered as credentials for your app in the Azure portal + description: The certificate you registered as credentials for your app in the + Azure portal format: $ref: "#/components/schemas/DataFormatOptions" compress: @@ -28498,11 +33334,13 @@ components: automaticSchema: type: boolean title: Automatic schema - description: Automatically calculate the schema based on the events of each Parquet file generated + description: Automatically calculate the schema based on the events of each + Parquet file generated parquetSchema: type: string title: Parquet schema - description: To add a new schema, navigate to Processing > Knowledge > Parquet Schemas + description: To add a new schema, navigate to Processing > Knowledge > Parquet + Schemas minLength: 1 parquetVersion: $ref: "#/components/schemas/ParquetVersionOptions" @@ -28511,13 +33349,16 @@ components: parquetRowGroupLength: type: number title: Group row limit - description: The number of rows that every group will contain. The final group can contain a smaller number of rows. + description: The number of rows that every group will contain. The final group + can contain a smaller number of rows. minimum: 1 - maximum: 6.7108864e+07 + maximum: 67108864 parquetPageSize: type: string title: Page size - description: Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression. + description: Target memory size for page segments, such as 1MB or 128MB. + Generally, lower values improve reading speed, while higher values + improve compression. pattern: ^\d+\s*(?:[kK][bB]|[mM][bB]|[gG][bB]|[tT][bB])?$ shouldLogInvalidRows: type: boolean @@ -28526,22 +33367,28 @@ components: keyValueMetadata: type: array title: Metadata (optional) - description: 'The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: "key":"OCSF Event Class", "value":"9001"' + description: 'The metadata of files the Destination writes will include the + properties you add here as key-value pairs. Useful for tagging. + Examples: "key":"OCSF Event Class", "value":"9001"' minItems: 0 items: $ref: "#/components/schemas/KeyValueMetadataConfOutputFilesystem" enableStatistics: type: boolean title: Write statistics - description: Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics. + description: Statistics profile an entire file in terms of minimum/maximum + values within data, numbers of nulls, etc. You can use Parquet tools + to view statistics. enableWritePageIndex: type: boolean title: Write page indexes - description: One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping. + description: One page index contains statistics for one data page. Parquet + readers use statistics to enable page skipping. enablePageChecksum: type: boolean title: Write page checksum - description: Parquet tools can use the checksum of a Parquet page to verify data integrity + description: Parquet tools can use the checksum of a Parquet page to verify data + integrity removeEmptyDirs: type: boolean title: Remove empty staging directories @@ -28555,24 +33402,31 @@ components: directoryBatchSize: type: number title: Directory batch size - description: Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory. + description: Number of directories to process in each batch during cleanup of + empty directories. Minimum is 10, maximum is 10000. Higher values + may require more memory. deadletterEnabled: type: boolean title: Enable dead-lettering - description: If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors + description: If a file fails to move to its final destination after the maximum + number of retries, move it to a designated directory to prevent + further errors deadletterPath: type: string title: Dead-letter location - description: Storage location for files that fail to reach their final destination after maximum retries are exceeded + description: Storage location for files that fail to reach their final + destination after maximum retries are exceeded maxRetryNum: type: number title: Retry limit - description: The maximum number of times a file will attempt to move to its final destination before being dead-lettered + description: The maximum number of times a file will attempt to move to its + final destination before being dead-lettered minimum: 1 isMappingObj: type: boolean title: Add mapping object - description: Send a JSON mapping object instead of specifying an existing named data mapping + description: Send a JSON mapping object instead of specifying an existing named + data mapping mappingObj: type: string title: Data mapping @@ -28580,45 +33434,57 @@ components: mappingRef: type: string title: Data mapping - description: Enter the name of a data mapping associated with your target table. Or, if incoming event and target table fields match exactly, you can leave the field empty. + description: Enter the name of a data mapping associated with your target table. + Or, if incoming event and target table fields match exactly, you can + leave the field empty. pattern: ^[\w\-\.]+$ ingestUrl: type: string title: Ingestion service URI - description: The ingestion service URI for your cluster. Typically, `https://ingest-..kusto.windows.net`. + description: The ingestion service URI for your cluster. Typically, + `https://ingest-..kusto.windows.net`. pattern: ^https:// onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" stagePath: type: string title: Staging location - description: Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage. + description: Filesystem location in which to buffer files before compressing and + moving to final destination. Use performant and stable storage. fileNameSuffix: type: string title: File name suffix expression - description: JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`). + description: JavaScript expression to define the output filename suffix (can be + constant). The `__format` variable refers to the value of the `Data + format` field (`json` or `raw`). The `__compression` field refers + to the kind of compression being used (`none` or `gzip`). maxFileSizeMB: type: number title: File size limit (MB) - description: Maximum uncompressed output file size. Files of this size will be closed and moved to final output location. + description: Maximum uncompressed output file size. Files of this size will be + closed and moved to final output location. maximum: 1024 minimum: 5 maxFileOpenTimeSec: type: number title: File open time limit (sec) - description: Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to write to a file. Files open for longer + than this will be closed and moved to final output location. minimum: 10 maximum: 1800 maxFileIdleTimeSec: type: number title: Idle time limit (sec) - description: Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to keep inactive files open. Files open for + longer than this will be closed and moved to final output location. minimum: 5 maximum: 1800 maxOpenFiles: type: number title: Open file limit - description: Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location. + description: Maximum number of files to keep open concurrently. When exceeded, + @{product} will close the oldest open files and move them to the + final output location. minimum: 10 maximum: 2000 maxConcurrentFileParts: @@ -28640,9 +33506,10 @@ components: timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushImmediately: type: boolean title: Flush immediately @@ -28676,7 +33543,8 @@ components: ingestIfNotExists: type: array title: Enforce uniqueness via tag values - description: Prevents duplicate ingestion by verifying whether an extent with the specified ingest-by tag already exists + description: Prevents duplicate ingestion by verifying whether an extent with + the specified ingest-by tag already exists items: type: object required: @@ -28714,7 +33582,8 @@ components: additionalProperties: type: array title: Additional fields - description: Optionally, enter additional configuration properties to send to the ingestion service + description: Optionally, enter additional configuration properties to send to + the ingestion service items: type: object required: @@ -28731,7 +33600,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -28740,7 +33610,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. concurrency: type: number title: Request concurrency @@ -28756,60 +33630,79 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. keepAlive: type: boolean title: Keep alive - description: Disable to close the connection immediately after sending the outgoing request + description: Disable to close the connection immediately after sending the + outgoing request pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -28817,59 +33710,95 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_clusterUrl: type: string - description: Binds 'clusterUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clusterUrl' at runtime. + description: Binds 'clusterUrl' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'clusterUrl' at runtime. __template_database: type: string - description: Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime. + description: Binds 'database' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'database' at runtime. __template_table: type: string - description: Binds 'table' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'table' at runtime. + description: Binds 'table' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'table' at runtime. __template_oauthEndpoint: type: string - description: Binds 'oauthEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'oauthEndpoint' at runtime. + description: Binds 'oauthEndpoint' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'oauthEndpoint' at runtime. __template_tenantId: type: string - description: Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime. + description: Binds 'tenantId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'tenantId' at runtime. __template_clientId: type: string - description: Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime. + description: Binds 'clientId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'clientId' at runtime. __template_scope: type: string - description: Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime. + description: Binds 'scope' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'scope' at runtime. __template_clientSecret: type: string - description: Binds 'clientSecret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecret' at runtime. + description: Binds 'clientSecret' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'clientSecret' at runtime. __template_format: type: string - description: Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime. + description: Binds 'format' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'format' at runtime. __template_compress: type: string - description: Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime. + description: Binds 'compress' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'compress' at runtime. __template_parquetSchema: type: string - description: Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime. + description: Binds 'parquetSchema' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'parquetSchema' at runtime. __template_mappingRef: type: string - description: Binds 'mappingRef' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'mappingRef' at runtime. + description: Binds 'mappingRef' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'mappingRef' at runtime. __template_ingestUrl: type: string - description: Binds 'ingestUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'ingestUrl' at runtime. + description: Binds 'ingestUrl' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'ingestUrl' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_fileNameSuffix: type: string - description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime. + description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'fileNameSuffix' at + runtime. OutputAzureLogs: type: object required: @@ -28891,13 +33820,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -28907,12 +33838,19 @@ components: logType: type: string title: Log Type - description: The Log Type of events sent to this LogAnalytics workspace. Defaults to `Cribl`. Use only letters, numbers, and `_` characters, and can't exceed 100 characters. Can be overwritten by event field __logType. + description: The Log Type of events sent to this LogAnalytics workspace. + Defaults to `Cribl`. Use only letters, numbers, and `_` characters, + and can't exceed 100 characters. Can be overwritten by event field + __logType. maxLength: 100 resourceId: type: string title: Resource ID - description: Optional Resource ID of the Azure resource to associate the data with. Can be overridden by the __resourceId event field. This ID populates the _ResourceId property, allowing the data to be included in resource-centric queries. If the ID is neither specified nor overridden, resource-centric queries will omit the data. + description: Optional Resource ID of the Azure resource to associate the data + with. Can be overridden by the __resourceId event field. This ID + populates the _ResourceId property, allowing the data to be included + in resource-centric queries. If the ID is neither specified nor + overridden, resource-centric queries will omit the data. concurrency: type: number title: Request concurrency @@ -28928,24 +33866,31 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -28955,7 +33900,10 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" safeHeaders: @@ -28967,12 +33915,18 @@ components: apiUrl: type: string title: DNS name of API endpoint - description: "The DNS name of the Log API endpoint that sends log data to a Log Analytics workspace in Azure Monitor. Defaults to .ods.opinsights.azure.com. @{product} will add a prefix and suffix to construct a URI in this format: /api/logs?api-version=." + description: "The DNS name of the Log API endpoint that sends log data to a Log + Analytics workspace in Azure Monitor. Defaults to + .ods.opinsights.azure.com. @{product} will add a prefix and suffix + to construct a URI in this format: + /api/logs?api-version=." pattern: ^\.[^\/]+$ responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -28981,7 +33935,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" authType: @@ -28990,47 +33948,57 @@ components: enum: - manual - secret - description: Enter workspace ID and workspace key directly, or select a stored secret + description: Enter workspace ID and workspace key directly, or select a stored + secret x-speakeasy-unknown-values: allow description: type: string title: Description pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -29038,7 +34006,9 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object @@ -29046,30 +34016,45 @@ components: workspaceId: type: string title: Workspace ID - description: Azure Log Analytics Workspace ID. See Azure Dashboard Workspace > Advanced settings. + description: Azure Log Analytics Workspace ID. See Azure Dashboard Workspace > + Advanced settings. workspaceKey: type: string title: Workspace key - description: Azure Log Analytics Workspace Primary or Secondary Shared Key. See Azure Dashboard Workspace > Advanced settings. + description: Azure Log Analytics Workspace Primary or Secondary Shared Key. See + Azure Dashboard Workspace > Advanced settings. keypairSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_workspaceId: type: string - description: Binds 'workspaceId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceId' at runtime. + description: Binds 'workspaceId' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'workspaceId' at runtime. __template_workspaceKey: type: string - description: Binds 'workspaceKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceKey' at runtime. + description: Binds 'workspaceKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'workspaceKey' at runtime. OutputKinesis: type: object required: @@ -29092,13 +34077,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -29121,7 +34108,9 @@ components: endpoint: type: string title: Endpoint - description: Kinesis stream service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to Kinesis stream-compatible endpoint. + description: Kinesis stream service endpoint. If empty, defaults to the AWS + Region-specific endpoint. Otherwise, it must point to Kinesis + stream-compatible endpoint. reuseConnections: type: boolean title: Reuse connections @@ -29129,7 +34118,8 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates enableAssumeRole: type: boolean title: Enable for Kinesis stream @@ -29147,7 +34137,9 @@ components: durationSeconds: type: number title: Duration (seconds) - description: Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). + description: Duration of the assumed role's session, in seconds. Minimum is 900 + (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 + hours). minimum: 900 maximum: 43200 concurrency: @@ -29159,13 +34151,16 @@ components: maxRecordSizeKB: type: number title: Record size limit (KB, uncompressed) - description: Maximum size (KB) of each individual record before compression. For uncompressed or non-compressible data 1MB is the max recommended size + description: Maximum size (KB) of each individual record before compression. For + uncompressed or non-compressible data 1MB is the max recommended + size minimum: 1 maximum: 10240 flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Max record size. compression: type: string enum: @@ -29180,7 +34175,10 @@ components: useListShards: type: boolean title: ListShards API - description: Provides higher stream rate limits, improving delivery speed and reliability by minimizing throttling. See the [ListShards API](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_ListShards.html) documentation for details. + description: Provides higher stream rate limits, improving delivery speed and + reliability by minimizing throttling. See the [ListShards + API](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_ListShards.html) + documentation for details. asNdjson: type: boolean title: Send batched @@ -29197,7 +34195,8 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key maxEventsPerFlush: type: number title: Records-per-flush limit @@ -29206,40 +34205,49 @@ components: maximum: 500 pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -29247,38 +34255,60 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_streamName: type: string - description: Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime. + description: Binds 'streamName' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamName' at runtime. __template_awsSecretKey: type: string - description: Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime. + description: Binds 'awsSecretKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsSecretKey' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_assumeRoleArn: type: string - description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. + description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. __template_assumeRoleExternalId: type: string - description: Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime. + description: Binds 'assumeRoleExternalId' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'assumeRoleExternalId' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_awsApiKey: type: string - description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime. + description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsApiKey' at runtime. OutputHoneycomb: type: object required: @@ -29300,13 +34330,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -29332,7 +34364,8 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -29341,17 +34374,23 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -29361,7 +34400,10 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" safeHeaders: @@ -29373,7 +34415,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -29382,7 +34425,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" authType: @@ -29392,40 +34439,49 @@ components: title: Description pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -29433,7 +34489,9 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object @@ -29448,13 +34506,21 @@ components: description: Select or create a stored text secret __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputAzureEventhub: type: object required: @@ -29477,13 +34543,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -29493,7 +34561,10 @@ components: brokers: type: array title: Brokers - description: List of Event Hubs Kafka brokers to connect to, eg. yourdomain.servicebus.windows.net:9093. The hostname can be found in the host portion of the primary or secondary connection string in Shared Access Policies. + description: List of Event Hubs Kafka brokers to connect to, eg. + yourdomain.servicebus.windows.net:9093. The hostname can be found in + the host portion of the primary or secondary connection string in + Shared Access Policies. minItems: 1 items: type: string @@ -29501,7 +34572,8 @@ components: topic: type: string title: Event Hub name - description: The name of the Event Hub (Kafka Topic) to publish events. Can be overwritten using field __topicOut. + description: The name of the Event Hub (Kafka Topic) to publish events. Can be + overwritten using field __topicOut. ack: $ref: "#/components/schemas/AcknowledgmentsOptions" format: @@ -29510,7 +34582,8 @@ components: type: number minimum: 1 title: Record size limit (KB, uncompressed) - description: Maximum size of each record batch before compression. Setting should be < message.max.bytes settings in Event Hubs brokers. + description: Maximum size of each record batch before compression. Setting + should be < message.max.bytes settings in Event Hubs brokers. flushEventCount: type: number minimum: 1 @@ -29520,55 +34593,69 @@ components: flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Max record size. connectionTimeout: type: number title: Connection timeout (ms) description: Maximum time to wait for a connection to complete successfully minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 requestTimeout: type: number title: Request timeout (ms) description: Maximum time to wait for Kafka to respond to a request minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 maxRetries: type: number title: Retry limit - description: If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data + description: If messages are failing, you can set the maximum number of retries + as high as 100 to prevent loss of data minimum: 0 maximum: 100 maxBackOff: type: number title: Backoff limit (ms) - description: The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds). + description: The maximum wait time for a retry, in milliseconds. Default (and + minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 + seconds). minimum: 30000 maximum: 180000 initialBackoff: type: number title: Initial retry interval (ms) - description: Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes). + description: Initial value used to calculate the retry, in milliseconds. Maximum + is 600,000 ms (10 minutes). minimum: 300 maximum: 600000 backoffRate: type: number title: Backoff multiplier - description: Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details. + description: Set the backoff multiplier (2-20) to control the retry frequency + for failed messages. For faster retries, use a lower multiplier. For + slower retries with more delay between attempts, use a higher + multiplier. The multiplier is used in an exponential backoff + formula; see the Kafka + [documentation](https://kafka.js.org/docs/retry-detailed) for + details. minimum: 2 maximum: 20 authenticationTimeout: type: number title: Authentication timeout (ms) - description: Maximum time to wait for Kafka to respond to an authentication request + description: Maximum time to wait for Kafka to respond to an authentication + request minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 reauthenticationThreshold: type: number title: Reauthentication threshold (ms) - description: Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire. + description: Specifies a time window during which @{product} can reauthenticate + if needed. Creates the window measuring backward from the moment + when credentials are set to expire. minimum: 1000 - maximum: 1.8e+06 + maximum: 1800000 sasl: $ref: "#/components/schemas/AuthenticationTypeUse" tls: @@ -29580,40 +34667,49 @@ components: title: Description pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -29621,26 +34717,39 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_brokers: type: string - description: Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime. + description: Binds 'brokers' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'brokers' at runtime. __template_topic: type: string - description: Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime. + description: Binds 'topic' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'topic' at runtime. __template_format: type: string - description: Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime. + description: Binds 'format' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'format' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputGoogleChronicle: type: object required: @@ -29662,13 +34771,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -29702,7 +34813,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -29711,7 +34823,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. logFormatType: type: string title: Send events as @@ -29742,7 +34858,8 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -29751,17 +34868,23 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -29779,13 +34902,16 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" totalMemoryLimitKB: type: number title: Buffer memory limit (KB) - description: Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced. + description: Maximum total size of the batches waiting to be sent. If left + blank, defaults to 5 times the max body size (if set). If 0, no + limit is enforced. minimum: 0 description: type: string @@ -29793,7 +34919,9 @@ components: extraLogTypes: type: array title: Custom log types - description: Custom log types. If the value "Custom" is selected in the setting "Default log type" above, the first custom log type in this table will be automatically selected as default log type. + description: Custom log types. If the value "Custom" is selected in the setting + "Default log type" above, the first custom log type in this table + will be automatically selected as default log type. items: type: object required: @@ -29809,19 +34937,26 @@ components: logType: type: string title: Default log type - description: Default log type value to send to SecOps. Can be overwritten by event field __logType. + description: Default log type value to send to SecOps. Can be overwritten by + event field __logType. logTextField: type: string title: Log text field - description: Name of the event field that contains the log text to send. If not specified, Stream sends a JSON representation of the whole event. + description: Name of the event field that contains the log text to send. If not + specified, Stream sends a JSON representation of the whole event. customerId: type: string title: Customer ID - description: A unique identifier (UUID) for your Google SecOps instance. This is provided by your Google representative and is required for API V2 authentication. + description: A unique identifier (UUID) for your Google SecOps instance. This is + provided by your Google representative and is required for API V2 + authentication. namespace: type: string title: Namespace - description: User-configured environment namespace to identify the data domain the logs originated from. Use namespace as a tag to identify the appropriate data domain for indexing and enrichment functionality. Can be overwritten by event field __namespace. + description: User-configured environment namespace to identify the data domain + the logs originated from. Use namespace as a tag to identify the + appropriate data domain for indexing and enrichment functionality. + Can be overwritten by event field __namespace. customLabels: type: array title: Custom labels @@ -29831,7 +34966,8 @@ components: udmType: type: string title: UDM type - description: Defines the specific format for UDM events sent to Google SecOps. This must match the type of UDM data being sent. + description: Defines the specific format for UDM events sent to Google SecOps. + This must match the type of UDM data being sent. enum: - entities - logs @@ -29847,47 +34983,58 @@ components: serviceAccountCredentials: type: string title: Service account credentials - description: Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right. + description: Contents of service account credentials (JSON keys) file downloaded + from Google Cloud. To upload a file, click the upload button at this + field's upper right. serviceAccountCredentialsSecret: type: string title: Service account credentials (text secret) description: Select or create a stored text secret pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -29895,29 +35042,45 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_apiVersion: type: string - description: Binds 'apiVersion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'apiVersion' at runtime. + description: Binds 'apiVersion' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'apiVersion' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_customerId: type: string - description: Binds 'customerId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customerId' at runtime. + description: Binds 'customerId' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'customerId' at runtime. OutputGoogleCloudStorage: type: object required: @@ -29942,13 +35105,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -29958,7 +35123,10 @@ components: bucket: type: string title: Bucket name - description: "Name of the destination bucket. This value can be a constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a Global Variable: `myBucket-${C.vars.myVar}`." + description: "Name of the destination bucket. This value can be a constant or a + JavaScript expression that can only be evaluated at init time. + Example of referencing a Global Variable: + `myBucket-${C.vars.myVar}`." region: type: string title: Region @@ -29982,17 +35150,23 @@ components: stagePath: type: string title: Staging location - description: Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage. + description: Filesystem location in which to buffer files, before compressing + and moving to final destination. Use performant and stable storage. destPath: type: string title: Key prefix - description: "Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" + description: "Prefix to prepend to files before uploading. Must be a JavaScript + expression (which can evaluate to a constant value), enclosed in + quotes or backticks. Can be evaluated only at init time. Example + referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" verifyPermissions: type: boolean title: Verify if bucket exists - description: Disable if you can access files within the bucket but not the bucket itself + description: Disable if you can access files within the bucket but not the + bucket itself objectACL: - $ref: "#/components/schemas/ObjectAclOptionsAuthenticatedreadBucketownerfullcontrol" + $ref: "#/components/schemas/ObjectAclOptionsAuthenticatedreadBucketownerfullcon\ + trol" storageClass: $ref: "#/components/schemas/StorageClassOptionsArchiveColdline" reuseConnections: @@ -30002,7 +35176,8 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates addIdToStagePath: type: boolean title: Add output ID @@ -30014,45 +35189,58 @@ components: partitionExpr: type: string title: Partitioning expression - description: JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory. + description: JavaScript expression defining how files are partitioned and + organized. Default is date-based. If blank, Stream will fall back to + the event's __partition field value – if present – otherwise to each + location's root directory. format: $ref: "#/components/schemas/DataFormatOptions" baseFileName: type: string title: File name prefix expression - description: JavaScript expression to define the output filename prefix (can be constant) + description: JavaScript expression to define the output filename prefix (can be + constant) fileNameSuffix: type: string title: File name suffix expression - description: JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`). + description: JavaScript expression to define the output filename suffix (can be + constant). The `__format` variable refers to the value of the `Data + format` field (`json` or `raw`). The `__compression` field refers + to the kind of compression being used (`none` or `gzip`). maxFileSizeMB: type: number title: File size limit (MB) - description: Maximum uncompressed output file size. Files of this size will be closed and moved to final output location. + description: Maximum uncompressed output file size. Files of this size will be + closed and moved to final output location. maximum: 1024 minimum: 5 maxFileOpenTimeSec: type: number title: File open time limit (sec) - description: Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to write to a file. Files open for longer + than this will be closed and moved to final output location. minimum: 10 maximum: 1800 maxFileIdleTimeSec: type: number title: Idle time limit (sec) - description: Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to keep inactive files open. Files open for + longer than this will be closed and moved to final output location. minimum: 5 maximum: 1800 maxOpenFiles: type: number title: Open file limit - description: Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location. + description: Maximum number of files to keep open concurrently. When exceeded, + @{product} will close the oldest open files and move them to the + final output location. minimum: 10 maximum: 2000 headerLine: type: string title: Header line - description: If set, this line will be written to the beginning of each output file + description: If set, this line will be written to the beginning of each output + file writeHighWaterMark: type: number title: Writing high watermark (KB) @@ -30064,13 +35252,17 @@ components: deadletterEnabled: type: boolean title: Enable dead-lettering - description: If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors + description: If a file fails to move to its final destination after the maximum + number of retries, move it to a designated directory to prevent + further errors onDiskFullBackpressure: $ref: "#/components/schemas/DiskSpaceProtectionOptions" forceCloseOnShutdown: type: boolean title: Force close on shutdown - description: Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss. + description: Force all staged files to close during an orderly Node shutdown. + This triggers immediate upload of in-progress data — regardless of + idle time, file age, or size thresholds — to minimize data loss. retrySettings: $ref: "#/components/schemas/RetrySettingsType" orphans: @@ -30085,11 +35277,13 @@ components: automaticSchema: type: boolean title: Automatic schema - description: Automatically calculate the schema based on the events of each Parquet file generated + description: Automatically calculate the schema based on the events of each + Parquet file generated parquetSchema: type: string title: Parquet schema - description: To add a new schema, navigate to Processing > Knowledge > Parquet Schemas + description: To add a new schema, navigate to Processing > Knowledge > Parquet + Schemas minLength: 1 parquetVersion: $ref: "#/components/schemas/ParquetVersionOptions" @@ -30098,13 +35292,16 @@ components: parquetRowGroupLength: type: number title: Group row limit - description: The number of rows that every group will contain. The final group can contain a smaller number of rows. + description: The number of rows that every group will contain. The final group + can contain a smaller number of rows. minimum: 1 - maximum: 6.7108864e+07 + maximum: 67108864 parquetPageSize: type: string title: Page size - description: Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression. + description: Target memory size for page segments, such as 1MB or 128MB. + Generally, lower values improve reading speed, while higher values + improve compression. pattern: ^\d+\s*(?:[kK][bB]|[mM][bB]|[gG][bB]|[tT][bB])?$ shouldLogInvalidRows: type: boolean @@ -30113,22 +35310,28 @@ components: keyValueMetadata: type: array title: Metadata (optional) - description: 'The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: "key":"OCSF Event Class", "value":"9001"' + description: 'The metadata of files the Destination writes will include the + properties you add here as key-value pairs. Useful for tagging. + Examples: "key":"OCSF Event Class", "value":"9001"' minItems: 0 items: $ref: "#/components/schemas/KeyValueMetadataConfOutputFilesystem" enableStatistics: type: boolean title: Write statistics - description: Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics. + description: Statistics profile an entire file in terms of minimum/maximum + values within data, numbers of nulls, etc. You can use Parquet tools + to view statistics. enableWritePageIndex: type: boolean title: Write page indexes - description: One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping. + description: One page index contains statistics for one data page. Parquet + readers use statistics to enable page skipping. enablePageChecksum: type: boolean title: Write page checksum - description: Parquet tools can use the checksum of a Parquet page to verify data integrity + description: Parquet tools can use the checksum of a Parquet page to verify data + integrity emptyDirCleanupSec: type: number title: Staging cleanup period @@ -30138,76 +35341,117 @@ components: directoryBatchSize: type: number title: Directory batch size - description: Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory. + description: Number of directories to process in each batch during cleanup of + empty directories. Minimum is 10, maximum is 10000. Higher values + may require more memory. deadletterPath: type: string title: Dead-letter location - description: Storage location for files that fail to reach their final destination after maximum retries are exceeded + description: Storage location for files that fail to reach their final + destination after maximum retries are exceeded maxRetryNum: type: number title: Retry limit - description: The maximum number of times a file will attempt to move to its final destination before being dead-lettered + description: The maximum number of times a file will attempt to move to its + final destination before being dead-lettered minimum: 1 awsApiKey: type: string title: Access key - description: HMAC access key. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`. + description: HMAC access key. This value can be a constant or a JavaScript + expression, such as `${C.env.GCS_ACCESS_KEY}`. awsSecretKey: type: string title: Secret - description: HMAC secret. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`. + description: HMAC secret. This value can be a constant or a JavaScript + expression, such as `${C.env.GCS_SECRET}`. awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_bucket: type: string - description: Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime. + description: Binds 'bucket' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'bucket' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_destPath: type: string - description: Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime. + description: Binds 'destPath' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'destPath' at runtime. __template_objectACL: type: string - description: Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime. + description: Binds 'objectACL' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'objectACL' at runtime. __template_storageClass: type: string - description: Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime. + description: Binds 'storageClass' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'storageClass' at runtime. __template_partitionExpr: type: string - description: Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime. + description: Binds 'partitionExpr' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'partitionExpr' at runtime. __template_format: type: string - description: Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime. + description: Binds 'format' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'format' at runtime. __template_baseFileName: type: string - description: Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime. + description: Binds 'baseFileName' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'baseFileName' at runtime. __template_fileNameSuffix: type: string - description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime. + description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'fileNameSuffix' at + runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_compress: type: string - description: Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime. + description: Binds 'compress' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'compress' at runtime. __template_parquetSchema: type: string - description: Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime. + description: Binds 'parquetSchema' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'parquetSchema' at runtime. __template_awsApiKey: type: string - description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime. + description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsApiKey' at runtime. __template_awsSecretKey: type: string - description: Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime. + description: Binds 'awsSecretKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsSecretKey' at runtime. OutputGoogleCloudLogging: type: object required: @@ -30231,13 +35475,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -30261,7 +35507,10 @@ components: logNameExpression: type: string title: Log name expression - description: JavaScript expression to compute the value of the log name. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore. + description: JavaScript expression to compute the value of the log name. If + Validate and correct log name is enabled, invalid characters + (characters other than alphanumerics, forward-slashes, underscores, + hyphens, and periods) will be replaced with an underscore. sanitizeLogNames: type: boolean title: Validate and correct log name @@ -30285,17 +35534,27 @@ components: resourceTypeExpression: type: string title: Resource type expression - description: JavaScript expression to compute the value of the managed resource type field. Must evaluate to one of the valid values [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types). Defaults to "global". + description: JavaScript expression to compute the value of the managed resource + type field. Must evaluate to one of the valid values + [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types). + Defaults to "global". resourceTypeLabels: type: array title: Resource labels - description: Labels to apply to the managed resource. These must correspond to the valid labels for the specified resource type (see [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types)). Otherwise, they will be dropped by Google Cloud Logging. + description: Labels to apply to the managed resource. These must correspond to + the valid labels for the specified resource type (see + [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types)). + Otherwise, they will be dropped by Google Cloud Logging. items: $ref: "#/components/schemas/LogLabelConfOutputGoogleCloudLogging" severityExpression: type: string title: Severity expression - description: JavaScript expression to compute the value of the severity field. Must evaluate to one of the severity values supported by Google Cloud Logging [here](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logseverity) (case insensitive). Defaults to "DEFAULT". + description: JavaScript expression to compute the value of the severity field. + Must evaluate to one of the severity values supported by Google + Cloud Logging + [here](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logseverity) + (case insensitive). Defaults to "DEFAULT". insertIdExpression: type: string title: Insert ID expression @@ -30305,7 +35564,9 @@ components: serviceAccountCredentials: type: string title: Service account credentials - description: Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right. + description: Contents of service account credentials (JSON keys) file downloaded + from Google Cloud. To upload a file, click the upload button at this + field's upper right. secret: type: string title: Service account credentials (text secret) @@ -30319,12 +35580,14 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Max number of events to include in the request body. Default is 0 (unlimited). + description: Max number of events to include in the request body. Default is 0 + (unlimited). minimum: 0 flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Max record size. concurrency: type: number title: Request concurrency @@ -30334,13 +35597,15 @@ components: connectionTimeout: type: number title: Connection timeout - description: Amount of time (milliseconds) to wait for the connection to establish before retrying + description: Amount of time (milliseconds) to wait for the connection to + establish before retrying timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it. + description: Amount of time, in seconds, to wait for a request to complete + before canceling it. throttleRateReqPerSec: type: integer title: Throttle request rate @@ -30349,169 +35614,272 @@ components: requestMethodExpression: type: string title: Request method expression - description: A JavaScript expression that evaluates to the HTTP request method as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details. + description: A JavaScript expression that evaluates to the HTTP request method + as a string. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) + for details. requestUrlExpression: type: string title: Request URL expression - description: A JavaScript expression that evaluates to the HTTP request URL as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details. + description: A JavaScript expression that evaluates to the HTTP request URL as a + string. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) + for details. requestSizeExpression: type: string title: Request size expression - description: A JavaScript expression that evaluates to the HTTP request size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details. + description: A JavaScript expression that evaluates to the HTTP request size as + a string, in int64 format. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) + for details. statusExpression: type: string title: Request status expression - description: A JavaScript expression that evaluates to the HTTP request method as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details. + description: A JavaScript expression that evaluates to the HTTP request method + as a number. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) + for details. responseSizeExpression: type: string title: Response size expression - description: A JavaScript expression that evaluates to the HTTP response size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details. + description: A JavaScript expression that evaluates to the HTTP response size as + a string, in int64 format. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) + for details. userAgentExpression: type: string title: Request user agent expression - description: A JavaScript expression that evaluates to the HTTP request user agent as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details. + description: A JavaScript expression that evaluates to the HTTP request user + agent as a string. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) + for details. remoteIpExpression: type: string title: Remote IP expression - description: A JavaScript expression that evaluates to the HTTP request remote IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details. + description: A JavaScript expression that evaluates to the HTTP request remote + IP as a string. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) + for details. serverIpExpression: type: string title: Server IP expression - description: A JavaScript expression that evaluates to the HTTP request server IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details. + description: A JavaScript expression that evaluates to the HTTP request server + IP as a string. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) + for details. refererExpression: type: string title: Referer expression - description: A JavaScript expression that evaluates to the HTTP request referer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details. + description: A JavaScript expression that evaluates to the HTTP request referer + as a string. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) + for details. latencyExpression: type: string title: Latency expression - description: A JavaScript expression that evaluates to the HTTP request latency, formatted as .s (for example, 1.23s). See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details. + description: A JavaScript expression that evaluates to the HTTP request latency, + formatted as .s (for example, 1.23s). See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) + for details. cacheLookupExpression: type: string title: Cache lookup expression - description: A JavaScript expression that evaluates to the HTTP request cache lookup as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details. + description: A JavaScript expression that evaluates to the HTTP request cache + lookup as a boolean. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) + for details. cacheHitExpression: type: string title: Cache hit expression - description: A JavaScript expression that evaluates to the HTTP request cache hit as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details. + description: A JavaScript expression that evaluates to the HTTP request cache + hit as a boolean. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) + for details. cacheValidatedExpression: type: string title: Cache validated with origin server expression - description: A JavaScript expression that evaluates to the HTTP request cache validated with origin server as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details. + description: A JavaScript expression that evaluates to the HTTP request cache + validated with origin server as a boolean. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) + for details. cacheFillBytesExpression: type: string title: Cache fill bytes expression - description: A JavaScript expression that evaluates to the HTTP request cache fill bytes as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details. + description: A JavaScript expression that evaluates to the HTTP request cache + fill bytes as a string, in int64 format. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) + for details. protocolExpression: type: string title: Protocol expression - description: A JavaScript expression that evaluates to the HTTP request protocol as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details. + description: A JavaScript expression that evaluates to the HTTP request protocol + as a string. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) + for details. idExpression: type: string title: ID expression - description: A JavaScript expression that evaluates to the log entry operation ID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details. + description: A JavaScript expression that evaluates to the log entry operation + ID as a string. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) + for details. producerExpression: type: string title: Producer expression - description: A JavaScript expression that evaluates to the log entry operation producer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details. + description: A JavaScript expression that evaluates to the log entry operation + producer as a string. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) + for details. firstExpression: type: string title: First expression - description: A JavaScript expression that evaluates to the log entry operation first flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details. + description: A JavaScript expression that evaluates to the log entry operation + first flag as a boolean. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) + for details. lastExpression: type: string title: Last expression - description: A JavaScript expression that evaluates to the log entry operation last flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details. + description: A JavaScript expression that evaluates to the log entry operation + last flag as a boolean. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) + for details. fileExpression: type: string title: File expression - description: A JavaScript expression that evaluates to the log entry source location file as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details. + description: A JavaScript expression that evaluates to the log entry source + location file as a string. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) + for details. lineExpression: type: string title: Line expression - description: A JavaScript expression that evaluates to the log entry source location line as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details. + description: A JavaScript expression that evaluates to the log entry source + location line as a string, in int64 format. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) + for details. functionExpression: type: string title: Function expression - description: A JavaScript expression that evaluates to the log entry source location function as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details. + description: A JavaScript expression that evaluates to the log entry source + location function as a string. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) + for details. uidExpression: type: string title: UID expression - description: A JavaScript expression that evaluates to the log entry log split UID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details. + description: A JavaScript expression that evaluates to the log entry log split + UID as a string. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) + for details. indexExpression: type: string title: Index expression - description: A JavaScript expression that evaluates to the log entry log split index as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details. + description: A JavaScript expression that evaluates to the log entry log split + index as a number. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) + for details. totalSplitsExpression: type: string title: Total splits expression - description: A JavaScript expression that evaluates to the log entry log split total splits as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details. + description: A JavaScript expression that evaluates to the log entry log split + total splits as a number. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) + for details. traceExpression: type: string title: Trace expression - description: A JavaScript expression that evaluates to the REST resource name of the trace being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details. + description: A JavaScript expression that evaluates to the REST resource name of + the trace being written as a string. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) + for details. spanIdExpression: type: string title: Span ID expression - description: A JavaScript expression that evaluates to the ID of the cloud trace span associated with the current operation in which the log is being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details. + description: A JavaScript expression that evaluates to the ID of the cloud trace + span associated with the current operation in which the log is being + written as a string. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) + for details. traceSampledExpression: type: string title: Trace sampled expression - description: A JavaScript expression that evaluates to the the sampling decision of the span associated with the log entry. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details. + description: A JavaScript expression that evaluates to the the sampling decision + of the span associated with the log entry. See the + [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) + for details. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" totalMemoryLimitKB: type: number title: Buffer memory limit (KB) - description: Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced. + description: Maximum total size of the batches waiting to be sent. If left + blank, defaults to 5 times the max body size (if set). If 0, no + limit is enforced. minimum: 0 description: type: string title: Description logLocationExpression: title: Folder ID expression - description: JavaScript expression to compute the value of the folder ID with which log entries should be associated. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore. + description: JavaScript expression to compute the value of the folder ID with + which log entries should be associated. If Validate and correct log + name is enabled, invalid characters (characters other than + alphanumerics, forward-slashes, underscores, hyphens, and periods) + will be replaced with an underscore. type: string payloadExpression: title: Payload object expression - description: JavaScript expression to compute the value of the payload. Must evaluate to a JavaScript object value. If an invalid value is encountered it will result in the default value instead. Defaults to the entire event. + description: JavaScript expression to compute the value of the payload. Must + evaluate to a JavaScript object value. If an invalid value is + encountered it will result in the default value instead. Defaults to + the entire event. type: string pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -30519,50 +35887,308 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_logLocationType: type: string - description: Binds 'logLocationType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationType' at runtime. + description: Binds 'logLocationType' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'logLocationType' at + runtime. __template_logNameExpression: type: string - description: Binds 'logNameExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logNameExpression' at runtime. + description: Binds 'logNameExpression' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'logNameExpression' at runtime. __template_payloadFormat: type: string - description: Binds 'payloadFormat' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadFormat' at runtime. + description: Binds 'payloadFormat' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'payloadFormat' at runtime. __template_resourceTypeExpression: type: string - description: Binds 'resourceTypeExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'resourceTypeExpression' at runtime. + description: Binds 'resourceTypeExpression' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'resourceTypeExpression' at runtime. __template_severityExpression: type: string - description: Binds 'severityExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'severityExpression' at runtime. + description: Binds 'severityExpression' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'severityExpression' at runtime. __template_insertIdExpression: type: string - description: Binds 'insertIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'insertIdExpression' at runtime. + description: Binds 'insertIdExpression' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'insertIdExpression' at runtime. __template_traceExpression: type: string - description: Binds 'traceExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceExpression' at runtime. + description: Binds 'traceExpression' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'traceExpression' at + runtime. __template_spanIdExpression: type: string - description: Binds 'spanIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'spanIdExpression' at runtime. + description: Binds 'spanIdExpression' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'spanIdExpression' at runtime. __template_traceSampledExpression: type: string - description: Binds 'traceSampledExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceSampledExpression' at runtime. + description: Binds 'traceSampledExpression' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'traceSampledExpression' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_logLocationExpression: type: string - description: Binds 'logLocationExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationExpression' at runtime. + description: Binds 'logLocationExpression' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'logLocationExpression' at runtime. __template_payloadExpression: type: string - description: Binds 'payloadExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadExpression' at runtime. + description: Binds 'payloadExpression' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'payloadExpression' at runtime. + OutputGoogleCloudObservability: + type: object + required: + - type + - googleAuthMethod + properties: + id: + type: string + title: Output ID + description: Unique ID for this output + type: + type: string + enum: + - google_cloud_observability + pipeline: + type: string + title: Pipeline + description: Pipeline to process data before sending out to this output + systemFields: + type: array + title: System fields + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. + items: + type: string + environment: + type: string + title: Environment + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. + streamtags: + type: array + title: Tags + description: Tags for filtering and grouping in @{product} + items: + type: string + protocol: + type: string + enum: + - grpc + x-speakeasy-unknown-values: allow + otlpVersion: + type: string + enum: + - 1.3.1 + x-speakeasy-unknown-values: allow + endpoint: + type: string + title: Endpoint + description: Fixed Google Cloud Observability gRPC endpoint. All three signals + share this transport; the OTLP service path determines whether the + call lands on traces, metrics, or logs. + enum: + - telemetry.googleapis.com:443 + x-speakeasy-unknown-values: allow + googleAuthMethod: + type: string + title: Google authentication method + description: Choose Auto to use Google Application Default Credentials (ADC). + Choose Secret to select or create a stored secret that references + Google service account credentials. + enum: + - auto + - secret + x-speakeasy-enum-descriptions: + - Auto + - Secret + x-speakeasy-unknown-values: allow + metadata: + type: array + title: Metadata + description: List of key-value pairs to send with each gRPC request. Value + supports JavaScript expressions that are evaluated just once, when + the destination gets started. To pass credentials as metadata, use + 'C.Secret'. + minItems: 0 + items: + $ref: "#/components/schemas/KeyValueMetadataConfOutputFilesystem" + dynamicHeadersEnabled: + type: boolean + title: Use dynamic metadata + description: Batch event data upon dynamic metadata (whether presented or not) + dynamicHeadersField: + type: string + title: Dynamic metadata field + description: When presented, this field which contains metadata, will be + injected into the Destination metadata and used to batch events. + concurrency: + type: number + title: Request concurrency + description: Maximum number of ongoing requests before blocking + minimum: 1 + maximum: 32 + maxPayloadSizeKB: + type: number + title: Body size limit (KB) + description: Maximum size, in KB, of the request body sent to Google Cloud + Observability + minimum: 1024 + maximum: 10240 + timeoutSec: + type: number + minimum: 1 + maximum: 9007199254740991 + title: Request timeout + description: Amount of time, in seconds, to wait for a request to complete + before canceling it + flushPeriodSec: + type: number + title: Flush period (sec) + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. + failedRequestLoggingMode: + $ref: "#/components/schemas/FailedRequestLoggingModeOptions" + connectionTimeout: + type: number + title: Connection timeout + description: Amount of time (milliseconds) to wait for the connection to + establish before retrying + keepAliveTime: + type: number + title: Keep alive time (seconds) + description: How often the sender should ping the peer to keep the connection open + minimum: 1 + tls: + $ref: "#/components/schemas/TlsSettingsClientSideTypeExtended" + maxPayloadEvents: + type: number + title: Events-per-request limit + description: Max number of events to include in the request body. Default is 0 + (unlimited). Use to keep outgoing data points within GCO request + limits. For metrics, combine with the OTLP Metrics function + batchSize. + minimum: 0 + onBackpressure: + $ref: "#/components/schemas/BackpressureBehaviorOptions" + description: + type: string + title: Description + secret: + type: string + title: Service account credentials (text secret) + description: Select or create a stored text secret + pqStrictOrdering: + title: Strict ordering + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. + type: boolean + pqRatePerSec: + type: number + title: Drain rate limit (EPS) + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. + minimum: 0 + pqMode: + $ref: "#/components/schemas/ModeOptions" + pqMaxBufferSize: + type: number + title: Buffer size limit (events - deprecated) + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. + minimum: 42 + maximum: 1000 + pqMaxBackpressureSec: + type: number + title: Backpressure duration limit + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue + minimum: 0 + pqMaxFileSize: + type: string + title: File size limit + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) + pattern: ^\d+\s*(?:\w{2})?$ + pqMaxSize: + type: string + title: Queue size limit + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. + pattern: ^\d+\s*(?:\w{2})?$ + pqPath: + type: string + title: Queue file path + description: "The location for the persistent queue files. To this field's + value, the system will append: //." + pqCompress: + $ref: "#/components/schemas/CompressionOptionsPq" + pqOnBackpressure: + $ref: "#/components/schemas/QueueFullBehaviorOptions" + pqMaxBufferSizeBytes: + type: string + title: Buffer size limit (bytes) + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. + pattern: ^\d+\s*(?:\w{2})?$ + pqControls: + type: object + title: "" + __template_streamtags: + type: string + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. + __template_failedRequestLoggingMode: + type: string + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. + __template_onBackpressure: + type: string + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputGooglePubsub: type: object required: @@ -30584,13 +36210,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -30608,17 +36236,23 @@ components: orderedDelivery: type: boolean title: Ordered delivery - description: If enabled, send events in the order they were added to the queue. For this to work correctly, the process receiving events must have ordering enabled. + description: If enabled, send events in the order they were added to the queue. + For this to work correctly, the process receiving events must have + ordering enabled. region: type: string title: Region - description: Region to publish messages to. Select 'default' to allow Google to auto-select the nearest region. When using ordered delivery, the selected region must be allowed by message storage policy. + description: Region to publish messages to. Select 'default' to allow Google to + auto-select the nearest region. When using ordered delivery, the + selected region must be allowed by message storage policy. googleAuthMethod: $ref: "#/components/schemas/GoogleAuthenticationMethodOptions" serviceAccountCredentials: type: string title: Service account credentials - description: Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right. + description: Contents of service account credentials (JSON keys) file downloaded + from Google Cloud. To upload a file, click the upload button at this + field's upper right. secret: type: string title: Service account credentials (text secret) @@ -30628,13 +36262,15 @@ components: title: Batch size minimum: 1 maximum: 10000 - description: The maximum number of items the Google API should batch before it sends them to the topic. + description: The maximum number of items the Google API should batch before it + sends them to the topic. batchTimeout: type: number title: Batch timeout (ms) minimum: 1 maximum: 100000 - description: The maximum amount of time, in milliseconds, that the Google API should wait to send a batch (if the Batch size is not reached). + description: The maximum amount of time, in milliseconds, that the Google API + should wait to send a batch (if the Batch size is not reached). maxQueueSize: type: number title: Queue size limit @@ -30648,12 +36284,14 @@ components: maximum: 256 flushPeriod: title: Flush period (sec) - description: Maximum time to wait before sending a batch (when batch size limit is not reached) + description: Maximum time to wait before sending a batch (when batch size limit + is not reached) type: number maxInProgress: type: number title: Concurrent request limit - description: The maximum number of in-progress API requests before backpressure is applied. + description: The maximum number of in-progress API requests before backpressure + is applied. minimum: 1 maximum: 100 onBackpressure: @@ -30663,40 +36301,49 @@ components: title: Description pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -30704,23 +36351,34 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_topicName: type: string - description: Binds 'topicName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicName' at runtime. + description: Binds 'topicName' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'topicName' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputExabeam: type: object required: @@ -30746,13 +36404,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -30762,7 +36422,10 @@ components: bucket: type: string title: Bucket name - description: "Name of the destination bucket. A constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a JavaScript Global Variable: `myBucket-${C.vars.myVar}`." + description: "Name of the destination bucket. A constant or a JavaScript + expression that can only be evaluated at init time. Example of + referencing a JavaScript Global Variable: + `myBucket-${C.vars.myVar}`." region: type: string title: Region @@ -30770,13 +36433,15 @@ components: stagePath: type: string title: Staging location - description: Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage. + description: Filesystem location in which to buffer files, before compressing + and moving to final destination. Use performant and stable storage. endpoint: type: string title: Endpoint description: Google Cloud Storage service endpoint objectACL: - $ref: "#/components/schemas/ObjectAclOptionsAuthenticatedreadBucketownerfullcontrol" + $ref: "#/components/schemas/ObjectAclOptionsAuthenticatedreadBucketownerfullcon\ + trol" storageClass: $ref: "#/components/schemas/StorageClassOptionsArchiveColdline" reuseConnections: @@ -30786,7 +36451,8 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates addIdToStagePath: type: boolean title: Add output ID @@ -30798,19 +36464,23 @@ components: maxFileOpenTimeSec: type: number title: File open time limit (sec) - description: Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to write to a file. Files open for longer + than this will be closed and moved to final output location. minimum: 10 maximum: 1800 maxFileIdleTimeSec: type: number title: Idle time limit (sec) - description: Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to keep inactive files open. Files open for + longer than this will be closed and moved to final output location. minimum: 5 maximum: 1800 maxOpenFiles: type: number title: Open file limit - description: Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location. + description: Maximum number of files to keep open concurrently. When exceeded, + @{product} will close the oldest open files and move them to the + final output location. minimum: 10 maximum: 2000 onBackpressure: @@ -30818,7 +36488,9 @@ components: deadletterEnabled: type: boolean title: Enable dead-lettering - description: If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors + description: If a file fails to move to its final destination after the maximum + number of retries, move it to a designated directory to prevent + further errors onDiskFullBackpressure: $ref: "#/components/schemas/DiskSpaceProtectionOptions" retrySettings: @@ -30828,7 +36500,8 @@ components: maxFileSizeMB: type: number title: File size limit (MB) - description: Maximum uncompressed output file size. Files of this size will be closed and moved to final output location. + description: Maximum uncompressed output file size. Files of this size will be + closed and moved to final output location. maximum: 1024 minimum: 5 encodedConfiguration: @@ -30839,27 +36512,32 @@ components: type: string title: Collector instance ID description: > - ID of the Exabeam Collector where data should be sent. Example: 11112222-3333-4444-5555-666677778888 - + ID of the Exabeam Collector where data should be sent. Example: + 11112222-3333-4444-5555-666677778888 siteName: type: string title: Site name - description: Constant or JavaScript expression to create an Exabeam site name. Values that aren't successfully evaluated will be treated as string constants. + description: Constant or JavaScript expression to create an Exabeam site name. + Values that aren't successfully evaluated will be treated as string + constants. siteId: type: string title: Site ID - description: Exabeam site ID. If left blank, @{product} will use the value of the Exabeam site name. + description: Exabeam site ID. If left blank, @{product} will use the value of + the Exabeam site name. timezoneOffset: type: string title: Timezone offset awsApiKey: type: string title: Access key - description: HMAC access key. Can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`. + description: HMAC access key. Can be a constant or a JavaScript expression, such + as `${C.env.GCS_ACCESS_KEY}`. awsSecretKey: type: string title: Secret - description: HMAC secret. Can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`. + description: HMAC secret. Can be a constant or a JavaScript expression, such as + `${C.env.GCS_SECRET}`. description: type: string title: Description @@ -30872,34 +36550,51 @@ components: directoryBatchSize: type: number title: Directory batch size - description: Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory. + description: Number of directories to process in each batch during cleanup of + empty directories. Minimum is 10, maximum is 10000. Higher values + may require more memory. deadletterPath: type: string title: Dead-letter location - description: Storage location for files that fail to reach their final destination after maximum retries are exceeded + description: Storage location for files that fail to reach their final + destination after maximum retries are exceeded maxRetryNum: type: number title: Retry limit - description: The maximum number of times a file will attempt to move to its final destination before being dead-lettered + description: The maximum number of times a file will attempt to move to its + final destination before being dead-lettered minimum: 1 __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_objectACL: type: string - description: Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime. + description: Binds 'objectACL' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'objectACL' at runtime. __template_storageClass: type: string - description: Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime. + description: Binds 'storageClass' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'storageClass' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputKafka: type: object required: @@ -30922,13 +36617,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -30938,7 +36635,9 @@ components: brokers: type: array title: Bootstrap servers - description: Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092. + description: Enter each Kafka bootstrap server you want to use. Specify hostname + and port, e.g., mykafkabroker:9092, or just hostname, in which case + @{product} will assign port 9092. minItems: 1 items: type: string @@ -30946,7 +36645,8 @@ components: topic: type: string title: Topic - description: The topic to publish events to. Can be overridden using the __topicOut field. + description: The topic to publish events to. Can be overridden using the + __topicOut field. ack: $ref: "#/components/schemas/AcknowledgmentsOptionsAllLeader" format: @@ -30957,67 +36657,85 @@ components: type: number minimum: 1 title: Record size limit (KB, uncompressed) - description: Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting. + description: Maximum size of each record batch before compression. The value + must not exceed the Kafka brokers' message.max.bytes setting. flushEventCount: type: number minimum: 1 maximum: 10000 title: Events-per-batch limit - description: The maximum number of events you want the Destination to allow in a batch before forcing a flush + description: The maximum number of events you want the Destination to allow in a + batch before forcing a flush flushPeriodSec: type: number title: Flush period (sec) - description: The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent. + description: The maximum amount of time you want the Destination to wait before + forcing a flush. Shorter intervals tend to result in smaller batches + being sent. kafkaSchemaRegistry: - $ref: "#/components/schemas/KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryUrlAuth" + $ref: "#/components/schemas/KafkaSchemaRegistryAuthenticationTypeTemplateschema\ + RegistryUrlAuth" connectionTimeout: type: number title: Connection timeout (ms) description: Maximum time to wait for a connection to complete successfully minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 requestTimeout: type: number title: Request timeout (ms) description: Maximum time to wait for Kafka to respond to a request minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 maxRetries: type: number title: Retry limit - description: If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data + description: If messages are failing, you can set the maximum number of retries + as high as 100 to prevent loss of data minimum: 0 maximum: 100 maxBackOff: type: number title: Backoff limit (ms) - description: The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds). + description: The maximum wait time for a retry, in milliseconds. Default (and + minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 + seconds). minimum: 30000 maximum: 180000 initialBackoff: type: number title: Initial retry interval (ms) - description: Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes). + description: Initial value used to calculate the retry, in milliseconds. Maximum + is 600,000 ms (10 minutes). minimum: 300 maximum: 600000 backoffRate: type: number title: Backoff multiplier - description: Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details. + description: Set the backoff multiplier (2-20) to control the retry frequency + for failed messages. For faster retries, use a lower multiplier. For + slower retries with more delay between attempts, use a higher + multiplier. The multiplier is used in an exponential backoff + formula; see the Kafka + [documentation](https://kafka.js.org/docs/retry-detailed) for + details. minimum: 2 maximum: 20 authenticationTimeout: type: number title: Authentication timeout (ms) - description: Maximum time to wait for Kafka to respond to an authentication request + description: Maximum time to wait for Kafka to respond to an authentication + request minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 reauthenticationThreshold: type: number title: Reauthentication threshold (ms) - description: Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire. + description: Specifies a time window during which @{product} can reauthenticate + if needed. Creates the window measuring backward from the moment + when credentials are set to expire. minimum: 1000 - maximum: 1.8e+06 + maximum: 1800000 sasl: $ref: "#/components/schemas/AuthenticationType" tls: @@ -31034,43 +36752,53 @@ components: protobufEncodingId: type: string title: Object type - description: Select the type of object you want the Protobuf definitions to use for event encoding + description: Select the type of object you want the Protobuf definitions to use + for event encoding pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -31078,26 +36806,39 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_topic: type: string - description: Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime. + description: Binds 'topic' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'topic' at runtime. __template_format: type: string - description: Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime. + description: Binds 'format' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'format' at runtime. __template_compression: type: string - description: Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime. + description: Binds 'compression' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'compression' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputConfluentCloud: type: object required: @@ -31120,13 +36861,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -31136,7 +36879,8 @@ components: brokers: type: array title: Bootstrap servers - description: List of Confluent Cloud bootstrap servers to use, such as yourAccount.confluent.cloud:9092. + description: List of Confluent Cloud bootstrap servers to use, such as + yourAccount.confluent.cloud:9092. minItems: 1 items: type: string @@ -31146,7 +36890,8 @@ components: topic: type: string title: Topic - description: The topic to publish events to. Can be overridden using the __topicOut field. + description: The topic to publish events to. Can be overridden using the + __topicOut field. ack: $ref: "#/components/schemas/AcknowledgmentsOptionsAllLeader" format: @@ -31157,67 +36902,85 @@ components: type: number minimum: 1 title: Record size limit (KB, uncompressed) - description: Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting. + description: Maximum size of each record batch before compression. The value + must not exceed the Kafka brokers' message.max.bytes setting. flushEventCount: type: number minimum: 1 maximum: 10000 title: Events-per-batch limit - description: The maximum number of events you want the Destination to allow in a batch before forcing a flush + description: The maximum number of events you want the Destination to allow in a + batch before forcing a flush flushPeriodSec: type: number title: Flush period (sec) - description: The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent. + description: The maximum amount of time you want the Destination to wait before + forcing a flush. Shorter intervals tend to result in smaller batches + being sent. kafkaSchemaRegistry: - $ref: "#/components/schemas/KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryUrlAuth" + $ref: "#/components/schemas/KafkaSchemaRegistryAuthenticationTypeTemplateschema\ + RegistryUrlAuth" connectionTimeout: type: number title: Connection timeout (ms) description: Maximum time to wait for a connection to complete successfully minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 requestTimeout: type: number title: Request timeout (ms) description: Maximum time to wait for Kafka to respond to a request minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 maxRetries: type: number title: Retry limit - description: If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data + description: If messages are failing, you can set the maximum number of retries + as high as 100 to prevent loss of data minimum: 0 maximum: 100 maxBackOff: type: number title: Backoff limit (ms) - description: The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds). + description: The maximum wait time for a retry, in milliseconds. Default (and + minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 + seconds). minimum: 30000 maximum: 180000 initialBackoff: type: number title: Initial retry interval (ms) - description: Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes). + description: Initial value used to calculate the retry, in milliseconds. Maximum + is 600,000 ms (10 minutes). minimum: 300 maximum: 600000 backoffRate: type: number title: Backoff multiplier - description: Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details. + description: Set the backoff multiplier (2-20) to control the retry frequency + for failed messages. For faster retries, use a lower multiplier. For + slower retries with more delay between attempts, use a higher + multiplier. The multiplier is used in an exponential backoff + formula; see the Kafka + [documentation](https://kafka.js.org/docs/retry-detailed) for + details. minimum: 2 maximum: 20 authenticationTimeout: type: number title: Authentication timeout (ms) - description: Maximum time to wait for Kafka to respond to an authentication request + description: Maximum time to wait for Kafka to respond to an authentication + request minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 reauthenticationThreshold: type: number title: Reauthentication threshold (ms) - description: Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire. + description: Specifies a time window during which @{product} can reauthenticate + if needed. Creates the window measuring backward from the moment + when credentials are set to expire. minimum: 1000 - maximum: 1.8e+06 + maximum: 1800000 sasl: $ref: "#/components/schemas/AuthenticationType" onBackpressure: @@ -31232,43 +36995,53 @@ components: protobufEncodingId: type: string title: Object type - description: Select the type of object you want the Protobuf definitions to use for event encoding + description: Select the type of object you want the Protobuf definitions to use + for event encoding pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -31276,29 +37049,44 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_brokers: type: string - description: Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime. + description: Binds 'brokers' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'brokers' at runtime. __template_topic: type: string - description: Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime. + description: Binds 'topic' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'topic' at runtime. __template_format: type: string - description: Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime. + description: Binds 'format' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'format' at runtime. __template_compression: type: string - description: Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime. + description: Binds 'compression' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'compression' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputMsk: type: object required: @@ -31323,13 +37111,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -31339,7 +37129,9 @@ components: brokers: type: array title: Bootstrap servers - description: Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092. + description: Enter each Kafka bootstrap server you want to use. Specify hostname + and port, e.g., mykafkabroker:9092, or just hostname, in which case + @{product} will assign port 9092. minItems: 1 items: type: string @@ -31347,7 +37139,8 @@ components: topic: type: string title: Topic - description: The topic to publish events to. Can be overridden using the __topicOut field. + description: The topic to publish events to. Can be overridden using the + __topicOut field. ack: $ref: "#/components/schemas/AcknowledgmentsOptionsAllLeader" format: @@ -31358,67 +37151,85 @@ components: type: number minimum: 1 title: Record size limit (KB, uncompressed) - description: Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting. + description: Maximum size of each record batch before compression. The value + must not exceed the Kafka brokers' message.max.bytes setting. flushEventCount: type: number minimum: 1 maximum: 10000 title: Events-per-batch limit - description: The maximum number of events you want the Destination to allow in a batch before forcing a flush + description: The maximum number of events you want the Destination to allow in a + batch before forcing a flush flushPeriodSec: type: number title: Flush period (sec) - description: The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent. + description: The maximum amount of time you want the Destination to wait before + forcing a flush. Shorter intervals tend to result in smaller batches + being sent. kafkaSchemaRegistry: - $ref: "#/components/schemas/KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryUrlAuth" + $ref: "#/components/schemas/KafkaSchemaRegistryAuthenticationTypeTemplateschema\ + RegistryUrlAuth" connectionTimeout: type: number title: Connection timeout (ms) description: Maximum time to wait for a connection to complete successfully minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 requestTimeout: type: number title: Request timeout (ms) description: Maximum time to wait for Kafka to respond to a request minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 maxRetries: type: number title: Retry limit - description: If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data + description: If messages are failing, you can set the maximum number of retries + as high as 100 to prevent loss of data minimum: 0 maximum: 100 maxBackOff: type: number title: Backoff limit (ms) - description: The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds). + description: The maximum wait time for a retry, in milliseconds. Default (and + minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 + seconds). minimum: 30000 maximum: 180000 initialBackoff: type: number title: Initial retry interval (ms) - description: Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes). + description: Initial value used to calculate the retry, in milliseconds. Maximum + is 600,000 ms (10 minutes). minimum: 300 maximum: 600000 backoffRate: type: number title: Backoff multiplier - description: Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details. + description: Set the backoff multiplier (2-20) to control the retry frequency + for failed messages. For faster retries, use a lower multiplier. For + slower retries with more delay between attempts, use a higher + multiplier. The multiplier is used in an exponential backoff + formula; see the Kafka + [documentation](https://kafka.js.org/docs/retry-detailed) for + details. minimum: 2 maximum: 20 authenticationTimeout: type: number title: Authentication timeout (ms) - description: Maximum time to wait for Kafka to respond to an authentication request + description: Maximum time to wait for Kafka to respond to an authentication + request minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 reauthenticationThreshold: type: number title: Reauthentication threshold (ms) - description: Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire. + description: Specifies a time window during which @{product} can reauthenticate + if needed. Creates the window measuring backward from the moment + when credentials are set to expire. minimum: 1000 - maximum: 1.8e+06 + maximum: 1800000 awsAuthenticationMethod: $ref: "#/components/schemas/AuthenticationMethodOptionsS3CollectorConf" awsSecretKey: @@ -31431,7 +37242,9 @@ components: endpoint: type: string title: Endpoint - description: MSK cluster service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to MSK cluster-compatible endpoint. + description: MSK cluster service endpoint. If empty, defaults to the AWS + Region-specific endpoint. Otherwise, it must point to MSK + cluster-compatible endpoint. reuseConnections: type: boolean title: Reuse connections @@ -31439,7 +37252,8 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates enableAssumeRole: type: boolean title: Enable for MSK @@ -31457,7 +37271,9 @@ components: durationSeconds: type: number title: Duration (seconds) - description: Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). + description: Duration of the assumed role's session, in seconds. Minimum is 900 + (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 + hours). minimum: 900 maximum: 43200 tls: @@ -31474,7 +37290,8 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key protobufLibraryId: type: string title: Definition set @@ -31482,43 +37299,53 @@ components: protobufEncodingId: type: string title: Object type - description: Select the type of object you want the Protobuf definitions to use for event encoding + description: Select the type of object you want the Protobuf definitions to use + for event encoding pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -31526,44 +37353,70 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_topic: type: string - description: Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime. + description: Binds 'topic' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'topic' at runtime. __template_format: type: string - description: Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime. + description: Binds 'format' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'format' at runtime. __template_compression: type: string - description: Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime. + description: Binds 'compression' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'compression' at runtime. __template_awsSecretKey: type: string - description: Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime. + description: Binds 'awsSecretKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsSecretKey' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_assumeRoleArn: type: string - description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. + description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. __template_assumeRoleExternalId: type: string - description: Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime. + description: Binds 'assumeRoleExternalId' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'assumeRoleExternalId' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_awsApiKey: type: string - description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime. + description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsApiKey' at runtime. OutputElastic: type: object required: @@ -31585,13 +37438,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -31601,15 +37456,20 @@ components: loadBalanced: type: boolean title: Load balancing - description: Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS. + description: Enable for optimal performance. Even if you have one hostname, it + can expand to multiple IPs. If disabled, consider enabling + round-robin DNS. index: type: string title: Index or data stream - description: Index or data stream to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field. + description: Index or data stream to send events to. Must be a JavaScript + expression (which can evaluate to a constant value), enclosed in + quotes or backticks. Can be overwritten by an event's __index field. docType: type: string title: Type - description: Document type to use for events. Can be overwritten by an event's __type field. + description: Document type to use for events. Can be overwritten by an event's + __type field. concurrency: type: number title: Request concurrency @@ -31625,7 +37485,8 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -31634,17 +37495,23 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -31662,7 +37529,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -31671,7 +37539,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. extraParams: type: array title: Extra parameters @@ -31682,7 +37554,8 @@ components: elasticVersion: type: string title: Elastic version - description: Optional Elasticsearch version, used to format events. If not specified, will auto-discover version. + description: Optional Elasticsearch version, used to format events. If not + specified, will auto-discover version. enum: - auto - "6" @@ -31699,11 +37572,13 @@ components: includeDocId: type: boolean title: Include document _id - description: Include the `document_id` field when sending events to an Elastic TSDS (time series data stream) + description: Include the `document_id` field when sending events to an Elastic + TSDS (time series data stream) writeAction: type: string title: Write action - description: Action to use when writing events. Must be set to `Create` when writing to a data stream. + description: Action to use when writing events. Must be set to `Create` when + writing to a data stream. enum: - index - create @@ -31714,7 +37589,9 @@ components: retryPartialErrors: type: boolean title: Retry partial errors - description: Retry failed events when a bulk request to Elastic is successful, but the response body returns an error for one or more events in the batch + description: Retry failed events when a bulk request to Elastic is successful, + but the response body returns an error for one or more events in the + batch onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" description: @@ -31723,15 +37600,20 @@ components: url: type: string title: Bulk API URL or Cloud ID - description: "The Cloud ID or URL to an Elastic cluster to send events to. Example: http://elastic:9200/_bulk" + description: "The Cloud ID or URL to an Elastic cluster to send events to. + Example: http://elastic:9200/_bulk" useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. excludeSelf: type: boolean title: Exclude current host IPs - description: Exclude all IPs of the current host from the list of any resolved hostnames + description: Exclude all IPs of the current host from the list of any resolved + hostnames urls: type: array title: Bulk API URLs @@ -31745,62 +37627,77 @@ components: url: type: string title: URL - description: "The URL to an Elastic node to send events to. Example: http://elastic:9200/_bulk" + description: "The URL to an Elastic node to send events to. Example: + http://elastic:9200/_bulk" weight: type: number title: Load Weight - description: Assign a weight (>0) to each endpoint to indicate its traffic-handling capability + description: Assign a weight (>0) to each endpoint to indicate its + traffic-handling capability minimum: 0 __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. dnsResolvePeriodSec: type: number minimum: 0 maximum: 86400 title: DNS resolution period (seconds) - description: The interval in which to re-resolve any hostnames and pick up destinations from A records + description: The interval in which to re-resolve any hostnames and pick up + destinations from A records loadBalanceStatsPeriodSec: type: number minimum: 10 title: Load balance stats period (seconds) - description: How far back in time to keep traffic stats for load balancing purposes + description: How far back in time to keep traffic stats for load balancing + purposes pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -31808,32 +37705,51 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_index: type: string - description: Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime. + description: Binds 'index' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'index' at runtime. __template_docType: type: string - description: Binds 'docType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'docType' at runtime. + description: Binds 'docType' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'docType' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_elasticPipeline: type: string - description: Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime. + description: Binds 'elasticPipeline' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'elasticPipeline' at + runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. OutputElasticCloud: type: object required: @@ -31856,13 +37772,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -31876,7 +37794,9 @@ components: index: type: string title: Data stream or index - description: Data stream or index to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field. + description: Data stream or index to send events to. Must be a JavaScript + expression (which can evaluate to a constant value), enclosed in + quotes or backticks. Can be overwritten by an event's __index field. concurrency: type: number title: Request concurrency @@ -31892,7 +37812,8 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -31901,17 +37822,23 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -31941,11 +37868,13 @@ components: includeDocId: type: boolean title: Include document _id - description: Include the `document_id` field when sending events to an Elastic TSDS (time series data stream) + description: Include the `document_id` field when sending events to an Elastic + TSDS (time series data stream) responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -31954,7 +37883,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" description: @@ -31962,40 +37895,49 @@ components: title: Description pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -32003,29 +37945,46 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. __template_index: type: string - description: Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime. + description: Binds 'index' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'index' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_elasticPipeline: type: string - description: Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime. + description: Binds 'elasticPipeline' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'elasticPipeline' at + runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputNewrelic: type: object properties: @@ -32044,13 +38003,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -32062,11 +38023,14 @@ components: logType: type: string title: Log type - description: "Name of the logtype to send with events, e.g.: observability, access_log. The event's 'sourcetype' field (if set) will override this value." + description: "Name of the logtype to send with events, e.g.: observability, + access_log. The event's 'sourcetype' field (if set) will override + this value." messageField: type: string title: Log message field - description: Name of field to send as log message value. If not present, event will be serialized and sent as JSON. + description: Name of field to send as log message value. If not present, event + will be serialized and sent as JSON. metadata: type: array title: Fields @@ -32090,7 +38054,8 @@ components: value: type: string title: Value - description: JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.) + description: JavaScript expression to compute field's value, enclosed in quotes + or backticks. (Can evaluate to a constant.) concurrency: type: number title: Request concurrency @@ -32106,7 +38071,8 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -32115,17 +38081,23 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -32135,7 +38107,10 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" safeHeaders: @@ -32147,7 +38122,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -32156,7 +38132,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" authType: @@ -32164,7 +38144,9 @@ components: totalMemoryLimitKB: type: number title: Buffer memory limit (KB) - description: Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced. + description: Maximum total size of the batches waiting to be sent. If left + blank, defaults to 5 times the max body size (if set). If 0, no + limit is enforced. minimum: 0 description: type: string @@ -32174,40 +38156,49 @@ components: pattern: ^https?://.* pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -32215,7 +38206,9 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object @@ -32230,22 +38223,36 @@ components: description: Select or create a stored text secret __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_logType: type: string - description: Binds 'logType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logType' at runtime. + description: Binds 'logType' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'logType' at runtime. __template_messageField: type: string - description: Binds 'messageField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'messageField' at runtime. + description: Binds 'messageField' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'messageField' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. required: - type OutputNewrelicEvents: @@ -32266,13 +38273,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -32288,7 +38297,9 @@ components: eventType: type: string title: Event type - description: Default New Relic eventType to use when event type is not present. For more information, see the [New Relic eventType documentation](https://docs.newrelic.com/docs/telemetry-data-platform/custom-data/custom-events/data-requirements-limits-custom-event-data/#reserved-words). + description: Default New Relic eventType to use when event type is not present. + For more information, see the [New Relic eventType + documentation](https://docs.newrelic.com/docs/telemetry-data-platform/custom-data/custom-events/data-requirements-limits-custom-event-data/#reserved-words). concurrency: type: number title: Request concurrency @@ -32304,7 +38315,8 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -32313,17 +38325,23 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -32333,7 +38351,10 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" safeHeaders: @@ -32345,7 +38366,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -32354,7 +38376,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" authType: @@ -32367,40 +38393,49 @@ components: pattern: ^https?://.* pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -32408,7 +38443,9 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object @@ -32423,25 +38460,41 @@ components: description: Select or create a stored text secret __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_accountId: type: string - description: Binds 'accountId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'accountId' at runtime. + description: Binds 'accountId' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'accountId' at runtime. __template_eventType: type: string - description: Binds 'eventType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'eventType' at runtime. + description: Binds 'eventType' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'eventType' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_customUrl: type: string - description: Binds 'customUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customUrl' at runtime. + description: Binds 'customUrl' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'customUrl' at runtime. required: - type - accountId @@ -32467,13 +38520,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -32483,7 +38538,8 @@ components: url: type: string title: Write API URL - description: URL of an InfluxDB cluster to send events to, e.g., http://localhost:8086/write + description: URL of an InfluxDB cluster to send events to, e.g., + http://localhost:8086/write pattern: ^https?://.* useV2API: type: boolean @@ -32492,7 +38548,8 @@ components: timestampPrecision: type: string title: Timestamp precision - description: Sets the precision for the supplied Unix time values. Defaults to milliseconds. + description: Sets the precision for the supplied Unix time values. Defaults to + milliseconds. enum: - ns - u @@ -32511,11 +38568,15 @@ components: dynamicValueFieldName: type: boolean title: Dynamic value fields - description: Enabling this will pull the value field from the metric name. E,g, 'db.query.user' will use 'db.query' as the measurement and 'user' as the value field. + description: Enabling this will pull the value field from the metric name. E,g, + 'db.query.user' will use 'db.query' as the measurement and 'user' as + the value field. valueFieldName: type: string title: Value field name - description: Name of the field in which to store the metric when sending to InfluxDB. If dynamic generation is enabled and fails, this will be used as a fallback. + description: Name of the field in which to store the metric when sending to + InfluxDB. If dynamic generation is enabled and fails, this will be + used as a fallback. concurrency: type: number title: Request concurrency @@ -32531,7 +38592,8 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -32540,17 +38602,23 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -32560,7 +38628,10 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" safeHeaders: @@ -32572,7 +38643,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -32581,7 +38653,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" authType: @@ -32618,40 +38694,49 @@ components: description: Organization ID for this bucket. pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -32659,7 +38744,9 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object @@ -32684,22 +38771,36 @@ components: description: Select or create a stored text secret __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_database: type: string - description: Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime. + description: Binds 'database' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'database' at runtime. __template_bucket: type: string - description: Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime. + description: Binds 'bucket' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'bucket' at runtime. OutputCloudwatch: type: object required: @@ -32723,13 +38824,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -32743,7 +38846,9 @@ components: logStreamName: type: string title: Log stream prefix - description: "Prefix for CloudWatch log stream name. This prefix will be used to generate a unique log stream name per cribl instance, for example: myStream_myHost_myOutputId" + description: "Prefix for CloudWatch log stream name. This prefix will be used to + generate a unique log stream name per cribl instance, for example: + myStream_myHost_myOutputId" awsAuthenticationMethod: $ref: "#/components/schemas/AuthenticationMethodOptionsS3CollectorConf" awsSecretKey: @@ -32756,7 +38861,9 @@ components: endpoint: type: string title: Endpoint - description: CloudWatchLogs service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to CloudWatchLogs-compatible endpoint. + description: CloudWatchLogs service endpoint. If empty, defaults to the AWS + Region-specific endpoint. Otherwise, it must point to + CloudWatchLogs-compatible endpoint. reuseConnections: type: boolean title: Reuse connections @@ -32764,7 +38871,8 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates enableAssumeRole: type: boolean title: Enable for CloudWatchLogs @@ -32782,7 +38890,9 @@ components: durationSeconds: type: number title: Duration (seconds) - description: Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). + description: Duration of the assumed role's session, in seconds. Minimum is 900 + (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 + hours). minimum: 900 maximum: 43200 maxQueueSize: @@ -32794,13 +38904,15 @@ components: maxRecordSizeKB: type: number title: Record size limit (KB, uncompressed) - description: Maximum size (KB) of each individual record before compression. For non compressible data 1MB is the max recommended size + description: Maximum size (KB) of each individual record before compression. For + non compressible data 1MB is the max recommended size minimum: 1 maximum: 10240 flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Max record size. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" description: @@ -32813,43 +38925,53 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -32857,41 +38979,65 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_logGroupName: type: string - description: Binds 'logGroupName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logGroupName' at runtime. + description: Binds 'logGroupName' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'logGroupName' at runtime. __template_logStreamName: type: string - description: Binds 'logStreamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logStreamName' at runtime. + description: Binds 'logStreamName' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'logStreamName' at runtime. __template_awsSecretKey: type: string - description: Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime. + description: Binds 'awsSecretKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsSecretKey' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_assumeRoleArn: type: string - description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. + description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. __template_assumeRoleExternalId: type: string - description: Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime. + description: Binds 'assumeRoleExternalId' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'assumeRoleExternalId' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_awsApiKey: type: string - description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime. + description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsApiKey' at runtime. OutputMinio: type: object required: @@ -32915,13 +39061,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -32937,11 +39085,15 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates bucket: type: string title: MinIO bucket name - description: "Name of the destination MinIO bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`" + description: "Name of the destination MinIO bucket. Must be a JavaScript + expression (which can evaluate to a constant value), enclosed in + quotes or backticks. Can be evaluated only at initialization time. + Example referencing a Global Variable: `myBucket-${C.vars.myVar}`" region: type: string title: Region @@ -32949,27 +39101,34 @@ components: destPath: type: string title: Key prefix - description: "Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" + description: "Prefix to prepend to files before uploading. Must be a JavaScript + expression (which can evaluate to a constant value), enclosed in + quotes or backticks. Can be evaluated only at init time. Example + referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" maxConcurrentFileParts: type: number title: Concurrent file parts upload limit - description: Maximum number of parts to upload in parallel per file. Minimum part size is 5MB. + description: Maximum number of parts to upload in parallel per file. Minimum + part size is 5MB. minimum: 1 maximum: 10 verifyPermissions: type: boolean title: Verify if bucket exists - description: Disable if you can access files within the bucket but not the bucket itself + description: Disable if you can access files within the bucket but not the + bucket itself maxClosingFilesToBackpressure: type: number title: Staging file limit - description: Maximum number of files that can be waiting for upload before backpressure is applied + description: Maximum number of files that can be waiting for upload before + backpressure is applied minimum: 10 maximum: 4200 stagePath: type: string title: Staging location - description: Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage. + description: Filesystem location in which to buffer files, before compressing + and moving to final destination. Use performant and stable storage. addIdToStagePath: type: boolean title: Add output ID @@ -32981,45 +39140,58 @@ components: partitionExpr: type: string title: Partitioning expression - description: JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory. + description: JavaScript expression defining how files are partitioned and + organized. Default is date-based. If blank, Stream will fall back to + the event's __partition field value – if present – otherwise to each + location's root directory. format: $ref: "#/components/schemas/DataFormatOptions" baseFileName: type: string title: File name prefix expression - description: JavaScript expression to define the output filename prefix (can be constant) + description: JavaScript expression to define the output filename prefix (can be + constant) fileNameSuffix: type: string title: File name suffix expression - description: JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`). + description: JavaScript expression to define the output filename suffix (can be + constant). The `__format` variable refers to the value of the `Data + format` field (`json` or `raw`). The `__compression` field refers + to the kind of compression being used (`none` or `gzip`). maxFileSizeMB: type: number title: File size limit (MB) - description: Maximum uncompressed output file size. Files of this size will be closed and moved to final output location. + description: Maximum uncompressed output file size. Files of this size will be + closed and moved to final output location. maximum: 1024 minimum: 5 maxFileOpenTimeSec: type: number title: File open time limit (sec) - description: Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to write to a file. Files open for longer + than this will be closed and moved to final output location. minimum: 10 maximum: 86400 maxFileIdleTimeSec: type: number title: Idle time limit (sec) - description: Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to keep inactive files open. Files open for + longer than this will be closed and moved to final output location. minimum: 5 maximum: 86400 maxOpenFiles: type: number title: Open file limit - description: Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location. + description: Maximum number of files to keep open concurrently. When exceeded, + @{product} will close the oldest open files and move them to the + final output location. minimum: 10 maximum: 2000 headerLine: type: string title: Header line - description: If set, this line will be written to the beginning of each output file + description: If set, this line will be written to the beginning of each output + file writeHighWaterMark: type: number title: Writing high watermark (KB) @@ -33031,13 +39203,17 @@ components: deadletterEnabled: type: boolean title: Enable dead-lettering - description: If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors + description: If a file fails to move to its final destination after the maximum + number of retries, move it to a designated directory to prevent + further errors onDiskFullBackpressure: $ref: "#/components/schemas/DiskSpaceProtectionOptions" forceCloseOnShutdown: type: boolean title: Force close on shutdown - description: Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss. + description: Force all staged files to close during an orderly Node shutdown. + This triggers immediate upload of in-progress data — regardless of + idle time, file age, or size thresholds — to minimize data loss. retrySettings: $ref: "#/components/schemas/RetrySettingsType" orphans: @@ -33045,7 +39221,8 @@ components: awsSecretKey: type: string title: Secret key - description: "Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)" + description: "Secret key. This value can be a constant or a JavaScript + expression. Example: `${C.env.SOME_SECRET}`)" endpoint: type: string title: MinIO endpoint @@ -33063,11 +39240,13 @@ components: awsApiKey: type: string title: Access key - description: This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`) + description: This value can be a constant or a JavaScript expression + (`${C.env.SOME_ACCESS_KEY}`) awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key compress: $ref: "#/components/schemas/CompressionOptionsHttp" compressionLevel: @@ -33075,11 +39254,13 @@ components: automaticSchema: type: boolean title: Automatic schema - description: Automatically calculate the schema based on the events of each Parquet file generated + description: Automatically calculate the schema based on the events of each + Parquet file generated parquetSchema: type: string title: Parquet schema - description: To add a new schema, navigate to Processing > Knowledge > Parquet Schemas + description: To add a new schema, navigate to Processing > Knowledge > Parquet + Schemas minLength: 1 parquetVersion: $ref: "#/components/schemas/ParquetVersionOptions" @@ -33088,13 +39269,16 @@ components: parquetRowGroupLength: type: number title: Group row limit - description: The number of rows that every group will contain. The final group can contain a smaller number of rows. + description: The number of rows that every group will contain. The final group + can contain a smaller number of rows. minimum: 1 - maximum: 6.7108864e+07 + maximum: 67108864 parquetPageSize: type: string title: Page size - description: Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression. + description: Target memory size for page segments, such as 1MB or 128MB. + Generally, lower values improve reading speed, while higher values + improve compression. pattern: ^\d+\s*(?:[kK][bB]|[mM][bB]|[gG][bB]|[tT][bB])?$ shouldLogInvalidRows: type: boolean @@ -33103,22 +39287,28 @@ components: keyValueMetadata: type: array title: Metadata (optional) - description: 'The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: "key":"OCSF Event Class", "value":"9001"' + description: 'The metadata of files the Destination writes will include the + properties you add here as key-value pairs. Useful for tagging. + Examples: "key":"OCSF Event Class", "value":"9001"' minItems: 0 items: $ref: "#/components/schemas/KeyValueMetadataConfOutputFilesystem" enableStatistics: type: boolean title: Write statistics - description: Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics. + description: Statistics profile an entire file in terms of minimum/maximum + values within data, numbers of nulls, etc. You can use Parquet tools + to view statistics. enableWritePageIndex: type: boolean title: Write page indexes - description: One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping. + description: One page index contains statistics for one data page. Parquet + readers use statistics to enable page skipping. enablePageChecksum: type: boolean title: Write page checksum - description: Parquet tools can use the checksum of a Parquet page to verify data integrity + description: Parquet tools can use the checksum of a Parquet page to verify data + integrity emptyDirCleanupSec: type: number title: Staging cleanup period @@ -33128,64 +39318,103 @@ components: directoryBatchSize: type: number title: Directory batch size - description: Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory. + description: Number of directories to process in each batch during cleanup of + empty directories. Minimum is 10, maximum is 10000. Higher values + may require more memory. deadletterPath: type: string title: Dead-letter location - description: Storage location for files that fail to reach their final destination after maximum retries are exceeded + description: Storage location for files that fail to reach their final + destination after maximum retries are exceeded maxRetryNum: type: number title: Retry limit - description: The maximum number of times a file will attempt to move to its final destination before being dead-lettered + description: The maximum number of times a file will attempt to move to its + final destination before being dead-lettered minimum: 1 __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_bucket: type: string - description: Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime. + description: Binds 'bucket' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'bucket' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_destPath: type: string - description: Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime. + description: Binds 'destPath' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'destPath' at runtime. __template_partitionExpr: type: string - description: Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime. + description: Binds 'partitionExpr' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'partitionExpr' at runtime. __template_format: type: string - description: Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime. + description: Binds 'format' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'format' at runtime. __template_baseFileName: type: string - description: Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime. + description: Binds 'baseFileName' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'baseFileName' at runtime. __template_fileNameSuffix: type: string - description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime. + description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'fileNameSuffix' at + runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_awsSecretKey: type: string - description: Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime. + description: Binds 'awsSecretKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsSecretKey' at runtime. __template_objectACL: type: string - description: Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime. + description: Binds 'objectACL' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'objectACL' at runtime. __template_storageClass: type: string - description: Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime. + description: Binds 'storageClass' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'storageClass' at runtime. __template_serverSideEncryption: type: string - description: Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime. + description: Binds 'serverSideEncryption' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'serverSideEncryption' at runtime. __template_awsApiKey: type: string - description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime. + description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsApiKey' at runtime. __template_compress: type: string - description: Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime. + description: Binds 'compress' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'compress' at runtime. __template_parquetSchema: type: string - description: Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime. + description: Binds 'parquetSchema' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'parquetSchema' at runtime. OutputStatsd: type: object required: @@ -33209,13 +39438,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -33239,71 +39470,89 @@ components: minimum: 1 maximum: 65535 title: Record size limit (bytes) - description: When protocol is UDP, specifies the maximum size of packets sent to the destination. Also known as the MTU for the network path to the destination system. + description: When protocol is UDP, specifies the maximum size of packets sent to + the destination. Also known as the MTU for the network path to the + destination system. flushPeriodSec: type: number title: Flush period (sec) - description: When protocol is TCP, specifies how often buffers should be flushed, resulting in records sent to the destination. + description: When protocol is TCP, specifies how often buffers should be + flushed, resulting in records sent to the destination. dnsResolvePeriodSec: type: number minimum: 0 maximum: 86400 title: DNS resolution period (sec) - description: How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every batch sent will incur a DNS lookup. + description: How often to resolve the destination hostname to an IP address. + Ignored if the destination is an IP address. A value of 0 means + every batch sent will incur a DNS lookup. description: type: string title: Description throttleRatePerSec: type: string title: Throttling - description: "Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling." + description: "Rate (in bytes per second) to throttle while writing to an output. + Accepts values with multiple-byte units, such as KB, MB, and GB. + (Example: 42 MB) Default value of 0 specifies no throttling." pattern: ^[\d.]+(\s[KMGTPEZYkmgtpezy][Bb])?$ connectionTimeout: type: number title: Connection timeout - description: Amount of time (milliseconds) to wait for the connection to establish before retrying + description: Amount of time (milliseconds) to wait for the connection to + establish before retrying writeTimeout: type: number title: Write timeout - description: Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead + description: Amount of time (milliseconds) to wait for a write to complete + before assuming connection is dead onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -33311,17 +39560,24 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputStatsdExt: type: object required: @@ -33345,13 +39601,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -33375,71 +39633,89 @@ components: minimum: 1 maximum: 65535 title: Record size limit (bytes) - description: When protocol is UDP, specifies the maximum size of packets sent to the destination. Also known as the MTU for the network path to the destination system. + description: When protocol is UDP, specifies the maximum size of packets sent to + the destination. Also known as the MTU for the network path to the + destination system. flushPeriodSec: type: number title: Flush period (sec) - description: When protocol is TCP, specifies how often buffers should be flushed, resulting in records sent to the destination. + description: When protocol is TCP, specifies how often buffers should be + flushed, resulting in records sent to the destination. dnsResolvePeriodSec: type: number minimum: 0 maximum: 86400 title: DNS resolution period (sec) - description: How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every batch sent will incur a DNS lookup. + description: How often to resolve the destination hostname to an IP address. + Ignored if the destination is an IP address. A value of 0 means + every batch sent will incur a DNS lookup. description: type: string title: Description throttleRatePerSec: type: string title: Throttling - description: "Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling." + description: "Rate (in bytes per second) to throttle while writing to an output. + Accepts values with multiple-byte units, such as KB, MB, and GB. + (Example: 42 MB) Default value of 0 specifies no throttling." pattern: ^[\d.]+(\s[KMGTPEZYkmgtpezy][Bb])?$ connectionTimeout: type: number title: Connection timeout - description: Amount of time (milliseconds) to wait for the connection to establish before retrying + description: Amount of time (milliseconds) to wait for the connection to + establish before retrying writeTimeout: type: number title: Write timeout - description: Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead + description: Amount of time (milliseconds) to wait for a write to complete + before assuming connection is dead onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -33447,17 +39723,24 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputGraphite: type: object required: @@ -33481,13 +39764,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -33511,71 +39796,89 @@ components: minimum: 1 maximum: 65535 title: Record size limit (bytes) - description: When protocol is UDP, specifies the maximum size of packets sent to the destination. Also known as the MTU for the network path to the destination system. + description: When protocol is UDP, specifies the maximum size of packets sent to + the destination. Also known as the MTU for the network path to the + destination system. flushPeriodSec: type: number title: Flush period (sec) - description: When protocol is TCP, specifies how often buffers should be flushed, resulting in records sent to the destination. + description: When protocol is TCP, specifies how often buffers should be + flushed, resulting in records sent to the destination. dnsResolvePeriodSec: type: number minimum: 0 maximum: 86400 title: DNS resolution period (sec) - description: How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every batch sent will incur a DNS lookup. + description: How often to resolve the destination hostname to an IP address. + Ignored if the destination is an IP address. A value of 0 means + every batch sent will incur a DNS lookup. description: type: string title: Description throttleRatePerSec: type: string title: Throttling - description: "Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling." + description: "Rate (in bytes per second) to throttle while writing to an output. + Accepts values with multiple-byte units, such as KB, MB, and GB. + (Example: 42 MB) Default value of 0 specifies no throttling." pattern: ^[\d.]+(\s[KMGTPEZYkmgtpezy][Bb])?$ connectionTimeout: type: number title: Connection timeout - description: Amount of time (milliseconds) to wait for the connection to establish before retrying + description: Amount of time (milliseconds) to wait for the connection to + establish before retrying writeTimeout: type: number title: Write timeout - description: Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead + description: Amount of time (milliseconds) to wait for a write to complete + before assuming connection is dead onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -33583,17 +39886,24 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputRouter: type: object required: @@ -33615,13 +39925,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -33654,13 +39966,16 @@ components: final: type: boolean title: Final - description: Flag to control whether to stop the event from being checked against other rules + description: Flag to control whether to stop the event from being checked + against other rules description: type: string title: Description __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. OutputSns: type: object required: @@ -33683,13 +39998,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -33699,15 +40016,27 @@ components: topicArn: type: string title: Topic ARN - description: "The ARN of the SNS topic to send events to. When a non-AWS URL is specified, format must be: '{url}/myQueueName'. E.g., 'https://host:port/myQueueName'. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `https://host:port/myQueue-${C.vars.myVar}`" + description: "The ARN of the SNS topic to send events to. When a non-AWS URL is + specified, format must be: '{url}/myQueueName'. E.g., + 'https://host:port/myQueueName'. Must be a JavaScript expression + (which can evaluate to a constant value), enclosed in quotes or + backticks. Can be evaluated only at initialization time. Example + referencing a Global Variable: + `https://host:port/myQueue-${C.vars.myVar}`" messageGroupId: type: string title: Message Group ID - description: "Messages in the same group are processed in a FIFO manner. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `https://host:port/myQueue-${C.vars.myVar}`." + description: "Messages in the same group are processed in a FIFO manner. Must be + a JavaScript expression (which can evaluate to a constant value), + enclosed in quotes or backticks. Can be evaluated only at init time. + Example referencing a Global Variable: + `https://host:port/myQueue-${C.vars.myVar}`." maxRetries: type: number title: Maximum number of retries - description: Maximum number of retries before the output returns an error. Note that not all errors are retryable. The retries use an exponential backoff policy. + description: Maximum number of retries before the output returns an error. Note + that not all errors are retryable. The retries use an exponential + backoff policy. awsAuthenticationMethod: $ref: "#/components/schemas/AuthenticationMethodOptionsS3CollectorConf" awsSecretKey: @@ -33720,7 +40049,8 @@ components: endpoint: type: string title: Endpoint - description: SNS service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to SNS-compatible endpoint. + description: SNS service endpoint. If empty, defaults to the AWS Region-specific + endpoint. Otherwise, it must point to SNS-compatible endpoint. reuseConnections: type: boolean title: Reuse connections @@ -33728,7 +40058,8 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates enableAssumeRole: type: boolean title: Enable for SNS @@ -33746,7 +40077,9 @@ components: durationSeconds: type: number title: Duration (seconds) - description: Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). + description: Duration of the assumed role's session, in seconds. Minimum is 900 + (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 + hours). minimum: 900 maximum: 43200 onBackpressure: @@ -33761,43 +40094,53 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -33805,41 +40148,66 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_topicArn: type: string - description: Binds 'topicArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicArn' at runtime. + description: Binds 'topicArn' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'topicArn' at runtime. __template_messageGroupId: type: string - description: Binds 'messageGroupId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'messageGroupId' at runtime. + description: Binds 'messageGroupId' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'messageGroupId' at + runtime. __template_awsSecretKey: type: string - description: Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime. + description: Binds 'awsSecretKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsSecretKey' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_assumeRoleArn: type: string - description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. + description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. __template_assumeRoleExternalId: type: string - description: Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime. + description: Binds 'assumeRoleExternalId' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'assumeRoleExternalId' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_awsApiKey: type: string - description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime. + description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsApiKey' at runtime. OutputSqs: type: object required: @@ -33862,13 +40230,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -33878,7 +40248,13 @@ components: queueName: type: string title: Queue Name - description: "The name, URL, or ARN of the SQS queue to send events to. When a non-AWS URL is specified, format must be: '{url}/myQueueName'. Example: 'https://host:port/myQueueName'. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `https://host:port/myQueue-${C.vars.myVar}`." + description: "The name, URL, or ARN of the SQS queue to send events to. When a + non-AWS URL is specified, format must be: '{url}/myQueueName'. + Example: 'https://host:port/myQueueName'. Must be a JavaScript + expression (which can evaluate to a constant value), enclosed in + quotes or backticks. Can be evaluated only at init time. Example + referencing a Global Variable: + `https://host:port/myQueue-${C.vars.myVar}`." queueType: title: Queue Type type: string @@ -33892,12 +40268,16 @@ components: x-speakeasy-unknown-values: allow awsAccountId: title: AWS account ID - description: SQS queue owner's AWS account ID. Leave empty if SQS queue is in same AWS account. + description: SQS queue owner's AWS account ID. Leave empty if SQS queue is in + same AWS account. type: string messageGroupId: type: string title: Message Group ID - description: This parameter applies only to FIFO queues. The tag that specifies that a message belongs to a specific message group. Messages that belong to the same message group are processed in a FIFO manner. Use event field __messageGroupId to override this value. + description: This parameter applies only to FIFO queues. The tag that specifies + that a message belongs to a specific message group. Messages that + belong to the same message group are processed in a FIFO manner. Use + event field __messageGroupId to override this value. createQueue: type: boolean title: Create Queue @@ -33910,11 +40290,13 @@ components: region: type: string title: Region - description: AWS Region where the SQS queue is located. Required, unless the Queue entry is a URL or ARN that includes a Region. + description: AWS Region where the SQS queue is located. Required, unless the + Queue entry is a URL or ARN that includes a Region. endpoint: type: string title: Endpoint - description: SQS service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to SQS-compatible endpoint. + description: SQS service endpoint. If empty, defaults to the AWS Region-specific + endpoint. Otherwise, it must point to SQS-compatible endpoint. reuseConnections: type: boolean title: Reuse connections @@ -33922,7 +40304,8 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates enableAssumeRole: type: boolean title: Enable for SQS @@ -33940,7 +40323,9 @@ components: durationSeconds: type: number title: Duration (seconds) - description: Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). + description: Duration of the assumed role's session, in seconds. Minimum is 900 + (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 + hours). minimum: 900 maximum: 43200 maxQueueSize: @@ -33951,17 +40336,20 @@ components: maxRecordSizeKB: type: number title: Record size limit (KB) - description: Maximum size (KB) of batches to send. Per the SQS spec, the max allowed value is 256 KB. + description: Maximum size (KB) of batches to send. Per the SQS spec, the max + allowed value is 256 KB. minimum: 1 maximum: 256 flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Max record size. maxInProgress: type: number title: Concurrent request limit - description: The maximum number of in-progress API requests before backpressure is applied. + description: The maximum number of in-progress API requests before backpressure + is applied. minimum: 1 maximum: 100 onBackpressure: @@ -33976,43 +40364,53 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -34020,47 +40418,76 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_queueName: type: string - description: Binds 'queueName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'queueName' at runtime. + description: Binds 'queueName' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'queueName' at runtime. __template_queueType: type: string - description: Binds 'queueType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'queueType' at runtime. + description: Binds 'queueType' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'queueType' at runtime. __template_awsAccountId: type: string - description: Binds 'awsAccountId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsAccountId' at runtime. + description: Binds 'awsAccountId' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsAccountId' at runtime. __template_messageGroupId: type: string - description: Binds 'messageGroupId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'messageGroupId' at runtime. + description: Binds 'messageGroupId' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'messageGroupId' at + runtime. __template_awsSecretKey: type: string - description: Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime. + description: Binds 'awsSecretKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsSecretKey' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_assumeRoleArn: type: string - description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. + description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. __template_assumeRoleExternalId: type: string - description: Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime. + description: Binds 'assumeRoleExternalId' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'assumeRoleExternalId' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_awsApiKey: type: string - description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime. + description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsApiKey' at runtime. OutputSnmp: type: object required: @@ -34082,13 +40509,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -34117,22 +40546,30 @@ components: description: Destination port, default is 162 __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. dnsResolvePeriodSec: type: number minimum: 0 maximum: 86400 title: DNS resolution period (sec) - description: How often to resolve the destination hostname to an IP address. Ignored if all destinations are IP addresses. A value of 0 means every trap sent will incur a DNS lookup. + description: How often to resolve the destination hostname to an IP address. + Ignored if all destinations are IP addresses. A value of 0 means + every trap sent will incur a DNS lookup. description: type: string title: Description __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. OutputSumoLogic: type: object required: @@ -34154,13 +40591,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -34175,11 +40614,15 @@ components: customSource: type: string title: Custom source name - description: Override the source name configured on the Sumo Logic HTTP collector. This can also be overridden at the event level with the __sourceName field. + description: Override the source name configured on the Sumo Logic HTTP + collector. This can also be overridden at the event level with the + __sourceName field. customCategory: type: string title: Custom source category - description: Override the source category configured on the Sumo Logic HTTP collector. This can also be overridden at the event level with the __sourceCategory field. + description: Override the source category configured on the Sumo Logic HTTP + collector. This can also be overridden at the event level with the + __sourceCategory field. format: type: string title: Data format @@ -34206,7 +40649,8 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -34215,17 +40659,23 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -34235,7 +40685,10 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" safeHeaders: @@ -34247,7 +40700,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -34256,53 +40710,68 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" totalMemoryLimitKB: type: number title: Buffer memory limit (KB) - description: Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced. + description: Maximum total size of the batches waiting to be sent. If left + blank, defaults to 5 times the max body size (if set). If 0, no + limit is enforced. minimum: 0 description: type: string title: Description pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -34310,23 +40779,35 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputDatadog: type: object properties: @@ -34345,13 +40826,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -34372,29 +40855,39 @@ components: message: type: string title: Message field - description: Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event. + description: Name of the event field that contains the message to send. If not + specified, Stream sends a JSON representation of the whole event. source: type: string title: Source - description: Name of the source to send with logs. When you send logs as JSON objects, the event's 'source' field (if set) will override this value. + description: Name of the source to send with logs. When you send logs as JSON + objects, the event's 'source' field (if set) will override this + value. host: type: string title: Host - description: Name of the host to send with logs. When you send logs as JSON objects, the event's 'host' field (if set) will override this value. + description: Name of the host to send with logs. When you send logs as JSON + objects, the event's 'host' field (if set) will override this value. service: type: string title: Service - description: Name of the service to send with logs. When you send logs as JSON objects, the event's '__service' field (if set) will override this value. + description: Name of the service to send with logs. When you send logs as JSON + objects, the event's '__service' field (if set) will override this + value. tags: type: array title: Datadog tags - description: List of tags to send with logs, such as 'env:prod' and 'env_staging:east' + description: List of tags to send with logs, such as 'env:prod' and + 'env_staging:east' items: type: string batchByTags: type: boolean title: Batch by tags - description: Batch events by API key and the ddtags field on the event. When disabled, batches events only by API key. If incoming events have high cardinality in the ddtags field, disabling this setting may improve Destination performance. + description: Batch events by API key and the ddtags field on the event. When + disabled, batches events only by API key. If incoming events have + high cardinality in the ddtags field, disabling this setting may + improve Destination performance. allowApiKeyFromEvents: type: boolean title: Allow API key from events @@ -34402,7 +40895,9 @@ components: severity: type: string title: Severity - description: Default value for message severity. When you send logs as JSON objects, the event's '__severity' field (if set) will override this value. + description: Default value for message severity. When you send logs as JSON + objects, the event's '__severity' field (if set) will override this + value. enum: - emergency - alert @@ -34446,7 +40941,9 @@ components: sendCountersAsCount: type: boolean title: Send counter metrics as 'count' - description: If not enabled, Datadog will transform 'counter' metrics to 'gauge'. [Learn more about Datadog metrics types.](https://docs.datadoghq.com/metrics/types/?tab=count) + description: If not enabled, Datadog will transform 'counter' metrics to + 'gauge'. [Learn more about Datadog metrics + types.](https://docs.datadoghq.com/metrics/types/?tab=count) concurrency: type: number title: Request concurrency @@ -34462,7 +40959,8 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -34471,17 +40969,23 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -34491,7 +40995,10 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" safeHeaders: @@ -34503,7 +41010,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -34512,7 +41020,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" authType: @@ -34520,7 +41032,9 @@ components: totalMemoryLimitKB: type: number title: Buffer memory limit (KB) - description: Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced. + description: Maximum total size of the batches waiting to be sent. If left + blank, defaults to 5 times the max body size (if set). If 0, no + limit is enforced. minimum: 0 description: type: string @@ -34529,40 +41043,49 @@ components: type: string pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -34570,7 +41093,9 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object @@ -34585,16 +41110,26 @@ components: description: Select or create a stored text secret __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_tags: type: string - description: Binds 'tags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tags' at runtime. + description: Binds 'tags' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'tags' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. required: - type OutputGrafanaCloud: @@ -34615,13 +41150,16 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. These fields are added as dimensions and labels to generated metrics and logs, respectively. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. These fields are added as dimensions and labels to + generated metrics and logs, respectively. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -34631,30 +41169,40 @@ components: lokiUrl: type: string title: Loki URL - description: The endpoint to send logs to, such as https://logs-prod-us-central1.grafana.net + description: The endpoint to send logs to, such as + https://logs-prod-us-central1.grafana.net pattern: ^https?:// prometheusUrl: type: string title: Prometheus URL - description: The remote_write endpoint to send Prometheus metrics to, such as https://prometheus-blocks-prod-us-central1.grafana.net/api/prom/push + description: The remote_write endpoint to send Prometheus metrics to, such as + https://prometheus-blocks-prod-us-central1.grafana.net/api/prom/push pattern: ^https?:// message: type: string title: Logs message field - description: Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event. + description: Name of the event field that contains the message to send. If not + specified, Stream sends a JSON representation of the whole event. messageFormat: $ref: "#/components/schemas/MessageFormatOptions" labels: type: array title: Logs labels - description: "List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'" + description: "List of labels to send with logs. Labels define Loki streams, so + use static labels to avoid proliferating label value combinations + and streams. Can be merged and/or overridden by the event's __labels + field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'" minItems: 0 items: - $ref: "#/components/schemas/RequestParamConfInputOpenai" + $ref: "#/components/schemas/HttpDiscoveryHeaderConfInputPrometheus" metricRenameExpr: type: string title: Metrics renaming expression - description: JavaScript expression that can be used to rename metrics. For example, name.replace(/\./g, '_') will replace all '.' characters in a metric's name with the supported '_' character. Use the 'name' global variable to access the metric's name. You can access event fields' values via __e.. + description: JavaScript expression that can be used to rename metrics. For + example, name.replace(/\./g, '_') will replace all '.' characters in + a metric's name with the supported '_' character. Use the 'name' + global variable to access the metric's name. You can access event + fields' values via __e.. prometheusAuth: $ref: "#/components/schemas/PrometheusAuthType" lokiAuth: @@ -34662,34 +41210,55 @@ components: concurrency: type: number title: Request concurrency - description: "Maximum number of ongoing requests before blocking. Warning: Setting this value > 1 can cause Loki and Prometheus to complain about entries being delivered out of order." + description: "Maximum number of ongoing requests before blocking. Warning: + Setting this value > 1 can cause Loki and Prometheus to complain + about entries being delivered out of order." minimum: 1 maximum: 32 maxPayloadSizeKB: type: number title: Body size limit (KB) - description: "Maximum size, in KB, of the request body. Warning: Setting this too low can increase the number of ongoing requests (depending on the value of 'Request concurrency'); this can cause Loki and Prometheus to complain about entries being delivered out of order." + description: "Maximum size, in KB, of the request body. Warning: Setting this + too low can increase the number of ongoing requests (depending on + the value of 'Request concurrency'); this can cause Loki and + Prometheus to complain about entries being delivered out of order." minimum: 1024 maximum: 10240 maxPayloadEvents: type: number title: Events-per-request limit - description: "Maximum number of events to include in the request body. Default is 0 (unlimited). Warning: Setting this too low can increase the number of ongoing requests (depending on the value of 'Request concurrency'); this can cause Loki and Prometheus to complain about entries being delivered out of order." + description: "Maximum number of events to include in the request body. Default + is 0 (unlimited). Warning: Setting this too low can increase the + number of ongoing requests (depending on the value of 'Request + concurrency'); this can cause Loki and Prometheus to complain about + entries being delivered out of order." minimum: 0 rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: "Maximum time between requests. Small values could cause the payload size to be smaller than the configured Maximum time between requests. Small values can reduce the payload size below the configured 'Max record size' and 'Max events per request'. Warning: Setting this too low can increase the number of ongoing requests (depending on the value of 'Request concurrency'); this can cause Loki and Prometheus to complain about entries being delivered out of order." + description: "Maximum time between requests. Small values could cause the + payload size to be smaller than the configured Maximum time between + requests. Small values can reduce the payload size below the + configured 'Max record size' and 'Max events per request'. Warning: + Setting this too low can increase the number of ongoing requests + (depending on the value of 'Request concurrency'); this can cause + Loki and Prometheus to complain about entries being delivered out of + order." extraHttpHeaders: type: array title: Extra HTTP headers @@ -34699,7 +41268,10 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" safeHeaders: @@ -34711,7 +41283,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -34720,7 +41293,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" description: @@ -34729,43 +41306,54 @@ components: compress: type: boolean title: Compress - description: Compress the payload body before sending. Applies only to JSON payloads; the Protobuf variant for both Prometheus and Loki are snappy-compressed by default. + description: Compress the payload body before sending. Applies only to JSON + payloads; the Protobuf variant for both Prometheus and Loki are + snappy-compressed by default. pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -34773,26 +41361,40 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_lokiUrl: type: string - description: Binds 'lokiUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'lokiUrl' at runtime. + description: Binds 'lokiUrl' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'lokiUrl' at runtime. __template_prometheusUrl: type: string - description: Binds 'prometheusUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'prometheusUrl' at runtime. + description: Binds 'prometheusUrl' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'prometheusUrl' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. anyOf: - required: - lokiUrl @@ -34821,13 +41423,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. These fields are added as labels to generated logs. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. These fields are added as labels to generated logs. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -34842,49 +41446,74 @@ components: message: type: string title: Logs message field - description: Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event. + description: Name of the event field that contains the message to send. If not + specified, Stream sends a JSON representation of the whole event. messageFormat: $ref: "#/components/schemas/MessageFormatOptions" labels: type: array title: Logs labels - description: "List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'" + description: "List of labels to send with logs. Labels define Loki streams, so + use static labels to avoid proliferating label value combinations + and streams. Can be merged and/or overridden by the event's __labels + field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'" minItems: 0 items: - $ref: "#/components/schemas/RequestParamConfInputOpenai" + $ref: "#/components/schemas/HttpDiscoveryHeaderConfInputPrometheus" authType: - $ref: "#/components/schemas/AuthenticationTypeOptionsPrometheusAuthBasicCredentialsSecret" + $ref: "#/components/schemas/AuthenticationTypeOptionsPrometheusAuthBasicCredent\ + ialsSecret" concurrency: type: number title: Request concurrency - description: "Maximum number of ongoing requests before blocking. Warning: Setting this value > 1 can cause Loki to complain about entries being delivered out of order." + description: "Maximum number of ongoing requests before blocking. Warning: + Setting this value > 1 can cause Loki to complain about entries + being delivered out of order." minimum: 1 maximum: 32 maxPayloadSizeKB: type: number title: Body size limit (KB) - description: "Maximum size, in KB, of the request body. Warning: Setting this too low can increase the number of ongoing requests (depending on the value of 'Request concurrency'); this can cause Loki to complain about entries being delivered out of order." + description: "Maximum size, in KB, of the request body. Warning: Setting this + too low can increase the number of ongoing requests (depending on + the value of 'Request concurrency'); this can cause Loki to complain + about entries being delivered out of order." minimum: 1024 maximum: 10240 maxPayloadEvents: type: number title: Events-per-request limit - description: "Maximum number of events to include in the request body. Defaults to 0 (unlimited). Warning: Setting this too low can increase the number of ongoing requests (depending on the value of 'Request concurrency'); this can cause Loki to complain about entries being delivered out of order." + description: "Maximum number of events to include in the request body. Defaults + to 0 (unlimited). Warning: Setting this too low can increase the + number of ongoing requests (depending on the value of 'Request + concurrency'); this can cause Loki to complain about entries being + delivered out of order." minimum: 0 rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: "Maximum time between requests. Small values could cause the payload size to be smaller than the configured Maximum time between requests. Small values can reduce the payload size below the configured 'Max record size' and 'Max events per request'. Warning: Setting this too low can increase the number of ongoing requests (depending on the value of 'Request concurrency'); this can cause Loki to complain about entries being delivered out of order." + description: "Maximum time between requests. Small values could cause the + payload size to be smaller than the configured Maximum time between + requests. Small values can reduce the payload size below the + configured 'Max record size' and 'Max events per request'. Warning: + Setting this too low can increase the number of ongoing requests + (depending on the value of 'Request concurrency'); this can cause + Loki to complain about entries being delivered out of order." extraHttpHeaders: type: array title: Extra HTTP headers @@ -34894,7 +41523,10 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" safeHeaders: @@ -34906,7 +41538,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -34915,17 +41548,25 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. enableDynamicHeaders: type: boolean title: Enable dynamic headers - description: Add per-event HTTP headers from the __headers field to outgoing requests. Events with different headers are batched and sent separately. + description: Add per-event HTTP headers from the __headers field to outgoing + requests. Events with different headers are batched and sent + separately. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" totalMemoryLimitKB: type: number title: Buffer memory limit (KB) - description: Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced. + description: Maximum total size of the batches waiting to be sent. If left + blank, defaults to 5 times the max body size (if set). If 0, no + limit is enforced. minimum: 0 description: type: string @@ -34937,7 +41578,10 @@ components: token: type: string title: Auth token - description: "Bearer token to include in the authorization header. In Grafana Cloud, this is generally built by concatenating the username and the API key, separated by a colon. Example: :" + description: "Bearer token to include in the authorization header. In Grafana + Cloud, this is generally built by concatenating the username and the + API key, separated by a colon. Example: + :" textSecret: type: string title: Auth token (text secret) @@ -34956,40 +41600,49 @@ components: description: Select or create a secret that references your credentials pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -34997,20 +41650,30 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputPrometheus: type: object required: @@ -35032,13 +41695,16 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. These fields are added as dimensions to generated metrics. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. These fields are added as dimensions to generated + metrics. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -35053,7 +41719,11 @@ components: metricRenameExpr: type: string title: Metric renaming expression - description: JavaScript expression that can be used to rename metrics. For example, name.replace(/\./g, '_') will replace all '.' characters in a metric's name with the supported '_' character. Use the 'name' global variable to access the metric's name. You can access event fields' values via __e.. + description: JavaScript expression that can be used to rename metrics. For + example, name.replace(/\./g, '_') will replace all '.' characters in + a metric's name with the supported '_' character. Use the 'name' + global variable to access the metric's name. You can access event + fields' values via __e.. sendMetadata: type: boolean title: Send metadata @@ -35061,7 +41731,8 @@ components: usePrometheusHistogramBucketSuffix: type: boolean title: Use `_bucket` suffix for histogram buckets - description: Serialize histogram bucket series as `_bucket` to match Prometheus histogram naming convention + description: Serialize histogram bucket series as `_bucket` to match + Prometheus histogram naming convention concurrency: type: number title: Request concurrency @@ -35077,22 +41748,29 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -35102,7 +41780,10 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" safeHeaders: @@ -35114,7 +41795,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -35123,7 +41805,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" authType: @@ -35134,43 +41820,53 @@ components: metricsFlushPeriodSec: type: number title: Metadata flush period (sec) - description: How frequently metrics metadata is sent out. Value cannot be smaller than the base Flush period set above. + description: How frequently metrics metadata is sent out. Value cannot be + smaller than the base Flush period set above. pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -35178,7 +41874,9 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object @@ -35203,16 +41901,26 @@ components: description: Select or create a stored text secret __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputRing: type: object properties: @@ -35231,13 +41939,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -35255,16 +41965,19 @@ components: partitionExpr: type: string title: Partitioning expression - description: JS expression to define how files are partitioned and organized. If left blank, Cribl Stream will fallback on event.__partition. + description: JS expression to define how files are partitioned and organized. If + left blank, Cribl Stream will fallback on event.__partition. maxDataSize: type: string title: Data size limit - description: "Maximum disk space allowed to be consumed (examples: 420MB, 4GB). When limit is reached, older data will be deleted." + description: "Maximum disk space allowed to be consumed (examples: 420MB, 4GB). + When limit is reached, older data will be deleted." pattern: ^\d+\s*(?:\w{2})?$ maxDataTime: title: Data age limit type: string - description: "Maximum amount of time to retain data (examples: 2h, 4d). When limit is reached, older data will be deleted." + description: "Maximum amount of time to retain data (examples: 2h, 4d). When + limit is reached, older data will be deleted." pattern: \d+[smhd]$ compress: $ref: "#/components/schemas/DataCompressionFormatOptionsPersistence" @@ -35279,10 +41992,15 @@ components: title: Description __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. required: - type OutputOpenTelemetry: @@ -35306,13 +42024,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -35324,11 +42044,16 @@ components: endpoint: type: string title: Endpoint - description: The endpoint where OTel events will be sent. Enter any valid URL or an IP address (IPv4 or IPv6; enclose IPv6 addresses in square brackets). Unspecified ports will default to 4317, unless the endpoint is an HTTPS-based URL or TLS is enabled, in which case 443 will be used. + description: The endpoint where OTel events will be sent. Enter any valid URL or + an IP address (IPv4 or IPv6; enclose IPv6 addresses in square + brackets). Unspecified ports will default to 4317, unless the + endpoint is an HTTPS-based URL or TLS is enabled, in which case 443 + will be used. otlpVersion: type: string title: OTLP version - description: The version of OTLP Protobuf definitions to use when structuring data to send + description: The version of OTLP Protobuf definitions to use when structuring + data to send enum: - 0.10.0 - 1.3.1 @@ -35361,19 +42086,28 @@ components: httpTracesEndpointOverride: type: string title: Traces endpoint override - description: If you want to send traces to the default `{endpoint}/v1/traces` endpoint, leave this field empty; otherwise, specify the desired endpoint + description: If you want to send traces to the default `{endpoint}/v1/traces` + endpoint, leave this field empty; otherwise, specify the desired + endpoint httpMetricsEndpointOverride: type: string title: Metrics endpoint override - description: If you want to send metrics to the default `{endpoint}/v1/metrics` endpoint, leave this field empty; otherwise, specify the desired endpoint + description: If you want to send metrics to the default `{endpoint}/v1/metrics` + endpoint, leave this field empty; otherwise, specify the desired + endpoint httpLogsEndpointOverride: type: string title: Logs endpoint override - description: If you want to send logs to the default `{endpoint}/v1/logs` endpoint, leave this field empty; otherwise, specify the desired endpoint + description: If you want to send logs to the default `{endpoint}/v1/logs` + endpoint, leave this field empty; otherwise, specify the desired + endpoint metadata: type: array title: Metadata - description: List of key-value pairs to send with each gRPC request. Value supports JavaScript expressions that are evaluated just once, when the destination gets started. To pass credentials as metadata, use 'C.Secret'. + description: List of key-value pairs to send with each gRPC request. Value + supports JavaScript expressions that are evaluated just once, when + the destination gets started. To pass credentials as metadata, use + 'C.Secret'. minItems: 0 items: $ref: "#/components/schemas/KeyValueMetadataConfOutputFilesystem" @@ -35384,7 +42118,8 @@ components: dynamicHeadersField: type: string title: Dynamic metadata field - description: When presented, this field which contains metadata, will be injected into the Destination metadata and used to batch events. + description: When presented, this field which contains metadata, will be + injected into the Destination metadata and used to batch events. concurrency: type: number title: Request concurrency @@ -35400,19 +42135,22 @@ components: timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" connectionTimeout: type: number title: Connection timeout - description: Amount of time (milliseconds) to wait for the connection to establish before retrying + description: Amount of time (milliseconds) to wait for the connection to + establish before retrying keepAliveTime: type: number title: Keep alive time (seconds) @@ -35421,7 +42159,8 @@ components: keepAlive: type: boolean title: Keep alive - description: Disable to close the connection immediately after sending the outgoing request + description: Disable to close the connection immediately after sending the + outgoing request onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" description: @@ -35457,15 +42196,20 @@ components: oauthTextSecret: type: string title: OAuth secret (text secret) - description: Select or create a stored text secret for the OAuth secret parameter value to pass in request body + description: Select or create a stored text secret for the OAuth secret + parameter value to pass in request body tokenAttributeName: type: string title: Token attribute name - description: Name of the auth token attribute in the OAuth response. Can be top-level (e.g., 'token'); or nested, using a period (e.g., 'data.token'). + description: Name of the auth token attribute in the OAuth response. Can be + top-level (e.g., 'token'); or nested, using a period (e.g., + 'data.token'). authHeaderExpr: type: string title: Authorize expression - description: "JavaScript expression to compute the Authorization header value to pass in requests. The value `${token}` is used to reference the token obtained from authentication, e.g.: `Bearer ${token}`." + description: "JavaScript expression to compute the Authorization header value to + pass in requests. The value `${token}` is used to reference the + token obtained from authentication, e.g.: `Bearer ${token}`." tokenTimeoutSecs: type: number title: Refresh interval (secs.) @@ -35475,23 +42219,37 @@ components: oauthParams: type: array title: OAuth parameters - description: Additional parameters to send in the OAuth login request. @{product} will combine the secret with these parameters, and will send the URL-encoded result in a POST request to the endpoint specified in the 'Login URL'. We'll automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request. + description: Additional parameters to send in the OAuth login request. + @{product} will combine the secret with these parameters, and will + send the URL-encoded result in a POST request to the endpoint + specified in the 'Login URL'. We'll automatically add the + content-type header 'application/x-www-form-urlencoded' when sending + this request. items: $ref: "#/components/schemas/OauthParamConfInputServicenowTable" oauthHeaders: type: array title: OAuth headers - description: Additional headers to send in the OAuth login request. @{product} will automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request. + description: Additional headers to send in the OAuth login request. @{product} + will automatically add the content-type header + 'application/x-www-form-urlencoded' when sending this request. items: $ref: "#/components/schemas/OauthHeaderConfInputServicenowTable" rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. extraHttpHeaders: type: array title: Extra HTTP headers @@ -35507,7 +42265,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -35516,45 +42275,58 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. tls: $ref: "#/components/schemas/TlsSettingsClientSideTypeExtended" pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -35562,23 +42334,35 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_loginUrl: type: string - description: Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. + description: Binds 'loginUrl' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'loginUrl' at runtime. OutputServiceNow: type: object required: @@ -35603,13 +42387,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -35619,7 +42405,9 @@ components: endpoint: type: string title: Endpoint - description: The endpoint where ServiceNow events will be sent. Enter any valid URL or an IP address (IPv4 or IPv6; enclose IPv6 addresses in square brackets) + description: The endpoint where ServiceNow events will be sent. Enter any valid + URL or an IP address (IPv4 or IPv6; enclose IPv6 addresses in square + brackets) tokenSecret: type: string title: Auth token (text secret) @@ -35644,19 +42432,28 @@ components: httpTracesEndpointOverride: type: string title: Traces endpoint override - description: If you want to send traces to the default `{endpoint}/v1/traces` endpoint, leave this field empty; otherwise, specify the desired endpoint + description: If you want to send traces to the default `{endpoint}/v1/traces` + endpoint, leave this field empty; otherwise, specify the desired + endpoint httpMetricsEndpointOverride: type: string title: Metrics endpoint override - description: If you want to send metrics to the default `{endpoint}/v1/metrics` endpoint, leave this field empty; otherwise, specify the desired endpoint + description: If you want to send metrics to the default `{endpoint}/v1/metrics` + endpoint, leave this field empty; otherwise, specify the desired + endpoint httpLogsEndpointOverride: type: string title: Logs endpoint override - description: If you want to send logs to the default `{endpoint}/v1/logs` endpoint, leave this field empty; otherwise, specify the desired endpoint + description: If you want to send logs to the default `{endpoint}/v1/logs` + endpoint, leave this field empty; otherwise, specify the desired + endpoint metadata: type: array title: Metadata - description: List of key-value pairs to send with each gRPC request. Value supports JavaScript expressions that are evaluated just once, when the destination gets started. To pass credentials as metadata, use 'C.Secret'. + description: List of key-value pairs to send with each gRPC request. Value + supports JavaScript expressions that are evaluated just once, when + the destination gets started. To pass credentials as metadata, use + 'C.Secret'. minItems: 0 items: $ref: "#/components/schemas/KeyValueMetadataConfOutputFilesystem" @@ -35667,7 +42464,8 @@ components: dynamicHeadersField: type: string title: Dynamic metadata field - description: When presented, this field which contains metadata, will be injected into the Destination metadata and used to batch events. + description: When presented, this field which contains metadata, will be + injected into the Destination metadata and used to batch events. concurrency: type: number title: Request concurrency @@ -35677,19 +42475,22 @@ components: timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" connectionTimeout: type: number title: Connection timeout - description: Amount of time (milliseconds) to wait for the connection to establish before retrying + description: Amount of time (milliseconds) to wait for the connection to + establish before retrying keepAliveTime: type: number title: Keep alive time (seconds) @@ -35698,7 +42499,8 @@ components: keepAlive: type: boolean title: Keep alive - description: Disable to close the connection immediately after sending the outgoing request + description: Disable to close the connection immediately after sending the + outgoing request onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" description: @@ -35707,11 +42509,18 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. extraHttpHeaders: type: array title: Extra HTTP headers @@ -35727,7 +42536,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -35736,45 +42546,58 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. tls: $ref: "#/components/schemas/TlsSettingsClientSideTypeExtended" pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -35782,20 +42605,30 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputDataset: type: object properties: @@ -35814,13 +42647,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -35830,25 +42665,34 @@ components: messageField: type: string title: Message field - description: Name of the event field that contains the message or attributes to send. If not specified, all of the event's non-internal fields will be sent as attributes. + description: Name of the event field that contains the message or attributes to + send. If not specified, all of the event's non-internal fields will + be sent as attributes. excludeFields: type: array title: Exclude fields - description: Fields to exclude from the event if the Message field is either unspecified or refers to an object. Ignored if the Message field is a string. If empty, we send all non-internal fields. + description: Fields to exclude from the event if the Message field is either + unspecified or refers to an object. Ignored if the Message field is + a string. If empty, we send all non-internal fields. items: type: string serverHostField: type: string title: Server/host field - description: Name of the event field that contains the `serverHost` identifier. If not specified, defaults to `cribl_`. + description: Name of the event field that contains the `serverHost` identifier. + If not specified, defaults to `cribl_`. timestampField: type: string title: Timestamp field - description: Name of the event field that contains the timestamp. If not specified, defaults to `ts`, `_time`, or `Date.now()`, in that order. + description: Name of the event field that contains the timestamp. If not + specified, defaults to `ts`, `_time`, or `Date.now()`, in that + order. defaultSeverity: type: string title: Severity - description: Default value for event severity. If the `sev` or `__severity` fields are set on an event, the first one matching will override this value. + description: Default value for event severity. If the `sev` or `__severity` + fields are set on an event, the first one matching will override + this value. enum: - finest - finer @@ -35869,7 +42713,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -35878,7 +42723,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. site: type: string title: DataSet site @@ -35907,7 +42756,8 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -35916,17 +42766,23 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -35936,7 +42792,10 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" safeHeaders: @@ -35952,7 +42811,9 @@ components: totalMemoryLimitKB: type: number title: Buffer memory limit (KB) - description: Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced. + description: Maximum total size of the batches waiting to be sent. If left + blank, defaults to 5 times the max body size (if set). If 0, no + limit is enforced. minimum: 0 description: type: string @@ -35962,40 +42823,49 @@ components: pattern: ^https?://.* pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -36003,7 +42873,9 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object @@ -36018,16 +42890,26 @@ components: description: Select or create a stored text secret __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_customUrl: type: string - description: Binds 'customUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customUrl' at runtime. + description: Binds 'customUrl' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'customUrl' at runtime. required: - type OutputCriblTcp: @@ -36048,13 +42930,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -36074,34 +42958,43 @@ components: throttleRatePerSec: type: string title: Throttling - description: "Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling." + description: "Rate (in bytes per second) to throttle while writing to an output. + Accepts values with multiple-byte units, such as KB, MB, and GB. + (Example: 42 MB) Default value of 0 specifies no throttling." pattern: ^[\d.]+(\s[KMGTPEZYkmgtpezy][Bb])?$ tls: $ref: "#/components/schemas/TlsSettingsClientSideTypeCaPathCertPath" connectionTimeout: type: number title: Connection timeout - description: Amount of time (milliseconds) to wait for the connection to establish before retrying + description: Amount of time (milliseconds) to wait for the connection to + establish before retrying writeTimeout: type: number title: Write timeout - description: Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead + description: Amount of time (milliseconds) to wait for a write to complete + before assuming connection is dead tokenTTLMinutes: type: number title: Auth Token TTL minutes minimum: 1 maximum: 60 - description: The number of minutes before the internally generated authentication token expires, valid values between 1 and 60 + description: The number of minutes before the internally generated + authentication token expires, valid values between 1 and 60 authTokens: type: array title: Connected environment tokens - description: Shared secrets to be used by connected environments to authorize connections. These tokens should also be installed in Cribl TCP Source in Cribl.Cloud. + description: Shared secrets to be used by connected environments to authorize + connections. These tokens should also be installed in Cribl TCP + Source in Cribl.Cloud. items: $ref: "#/components/schemas/AuthTokenConfInputCriblTcp" excludeFields: type: array title: Exclude fields - description: "Fields to exclude from the event. By default, all internal fields except `__output` are sent. Example: `cribl_pipe`, `c*`. Wildcards supported." + description: "Fields to exclude from the event. By default, all internal fields + except `__output` are sent. Example: `cribl_pipe`, `c*`. Wildcards + supported." items: type: string onBackpressure: @@ -36121,7 +43014,8 @@ components: excludeSelf: type: boolean title: Exclude current host IPs - description: Exclude all IPs of the current host from the list of any resolved hostnames + description: Exclude all IPs of the current host from the list of any resolved + hostnames hosts: type: array title: Destinations @@ -36134,53 +43028,66 @@ components: minimum: 0 maximum: 86400 title: DNS resolution period (seconds) - description: The interval in which to re-resolve any hostnames and pick up destinations from A records + description: The interval in which to re-resolve any hostnames and pick up + destinations from A records loadBalanceStatsPeriodSec: type: number minimum: 10 title: Load balance stats period (seconds) - description: How far back in time to keep traffic stats for load balancing purposes + description: How far back in time to keep traffic stats for load balancing + purposes maxConcurrentSenders: type: number minimum: 0 title: Connection limit - description: Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited. + description: Maximum number of concurrent connections (per Worker Process). A + random set of IPs will be picked on every DNS resolution period. Use + 0 for unlimited. pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -36188,23 +43095,34 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. required: - type OutputCriblHttp: @@ -36225,13 +43143,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -36241,7 +43161,9 @@ components: loadBalanced: type: boolean title: Load balancing - description: For optimal performance, enable load balancing even if you have one hostname, as it can expand to multiple IPs. If this setting is disabled, consider enabling round-robin DNS. + description: For optimal performance, enable load balancing even if you have one + hostname, as it can expand to multiple IPs. If this setting is + disabled, consider enabling round-robin DNS. tls: $ref: "#/components/schemas/TlsSettingsClientSideTypeCaPathCertPath" tokenTTLMinutes: @@ -36249,11 +43171,14 @@ components: title: Auth Token TTL minutes minimum: 1 maximum: 60 - description: The number of minutes before the internally generated authentication token expires. Valid values are between 1 and 60. + description: The number of minutes before the internally generated + authentication token expires. Valid values are between 1 and 60. excludeFields: type: array title: Exclude fields - description: "Fields to exclude from the event. By default, all internal fields except `__output` are sent. Example: `cribl_pipe`, `c*`. Wildcards supported." + description: "Fields to exclude from the event. By default, all internal fields + except `__output` are sent. Example: `cribl_pipe`, `c*`. Wildcards + supported." items: type: string compression: @@ -36273,22 +43198,29 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -36306,12 +43238,15 @@ components: throttleRatePerSec: type: string title: Throttling - description: "Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling." + description: "Rate (in bytes per second) to throttle while writing to an output. + Accepts values with multiple-byte units, such as KB, MB, and GB. + (Example: 42 MB) Default value of 0 specifies no throttling." pattern: ^[\d.]+(\s[KMGTPEZYkmgtpezy][Bb])?$ responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -36320,11 +43255,17 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. authTokens: type: array title: Connected environment tokens - description: Shared secrets to be used by connected environments to authorize connections. These tokens should also be installed in Cribl HTTP Source in Cribl.Cloud. + description: Shared secrets to be used by connected environments to authorize + connections. These tokens should also be installed in Cribl HTTP + Source in Cribl.Cloud. items: $ref: "#/components/schemas/AuthTokenConfOutputCriblHttp" onBackpressure: @@ -36335,16 +43276,21 @@ components: url: type: string title: Cribl endpoint - description: URL of a Cribl Worker to send events to, such as http://localhost:10200 + description: URL of a Cribl Worker to send events to, such as + http://localhost:10200 pattern: ^https?://.* useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. excludeSelf: type: boolean title: Exclude current host IPs - description: Exclude all IPs of the current host from the list of any resolved hostnames + description: Exclude all IPs of the current host from the list of any resolved + hostnames urls: type: array title: Cribl Worker endpoints @@ -36357,48 +43303,59 @@ components: minimum: 0 maximum: 86400 title: DNS resolution period (seconds) - description: The interval in which to re-resolve any hostnames and pick up destinations from A records + description: The interval in which to re-resolve any hostnames and pick up + destinations from A records loadBalanceStatsPeriodSec: type: number minimum: 10 title: Load balance stats period (seconds) - description: How far back in time to keep traffic stats for load balancing purposes + description: How far back in time to keep traffic stats for load balancing + purposes pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -36406,23 +43363,35 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. required: - type OutputCriblSearchEngine: @@ -36443,13 +43412,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -36459,7 +43430,9 @@ components: loadBalanced: type: boolean title: Load balancing - description: For optimal performance, enable load balancing even if you have one hostname, as it can expand to multiple IPs. If this setting is disabled, consider enabling round-robin DNS. + description: For optimal performance, enable load balancing even if you have one + hostname, as it can expand to multiple IPs. If this setting is + disabled, consider enabling round-robin DNS. tls: $ref: "#/components/schemas/TlsSettingsClientSideTypeCaPathCertPath" tokenTTLMinutes: @@ -36467,11 +43440,14 @@ components: title: Auth Token TTL minutes minimum: 1 maximum: 60 - description: The number of minutes before the internally generated authentication token expires. Valid values are between 1 and 60. + description: The number of minutes before the internally generated + authentication token expires. Valid values are between 1 and 60. excludeFields: type: array title: Exclude fields - description: "Fields to exclude from the event. By default, all internal fields except `__output` are sent. Example: `cribl_pipe`, `c*`. Wildcards supported." + description: "Fields to exclude from the event. By default, all internal fields + except `__output` are sent. Example: `cribl_pipe`, `c*`. Wildcards + supported." items: type: string compression: @@ -36491,22 +43467,29 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -36524,12 +43507,15 @@ components: throttleRatePerSec: type: string title: Throttling - description: "Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling." + description: "Rate (in bytes per second) to throttle while writing to an output. + Accepts values with multiple-byte units, such as KB, MB, and GB. + (Example: 42 MB) Default value of 0 specifies no throttling." pattern: ^[\d.]+(\s[KMGTPEZYkmgtpezy][Bb])?$ responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -36538,11 +43524,17 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. authTokens: type: array title: Connected environment tokens - description: Shared secrets to be used by connected environments to authorize connections. These tokens should also be installed in Cribl Search Source in Cribl.Cloud. + description: Shared secrets to be used by connected environments to authorize + connections. These tokens should also be installed in Cribl Search + Source in Cribl.Cloud. items: $ref: "#/components/schemas/AuthTokenConfOutputCriblHttp" onBackpressure: @@ -36550,19 +43542,24 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. description: type: string title: Description url: type: string title: Cribl endpoint - description: URL of a Cribl Worker to send events to, such as http://localhost:10200 + description: URL of a Cribl Worker to send events to, such as + http://localhost:10200 pattern: ^https?://.* excludeSelf: type: boolean title: Exclude current host IPs - description: Exclude all IPs of the current host from the list of any resolved hostnames + description: Exclude all IPs of the current host from the list of any resolved + hostnames urls: type: array title: Cribl Worker endpoints @@ -36575,48 +43572,59 @@ components: minimum: 0 maximum: 86400 title: DNS resolution period (seconds) - description: The interval in which to re-resolve any hostnames and pick up destinations from A records + description: The interval in which to re-resolve any hostnames and pick up + destinations from A records loadBalanceStatsPeriodSec: type: number minimum: 10 title: Load balance stats period (seconds) - description: How far back in time to keep traffic stats for load balancing purposes + description: How far back in time to keep traffic stats for load balancing + purposes pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -36624,23 +43632,35 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. required: - type OutputHumioHec: @@ -36665,13 +43685,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -36681,7 +43703,9 @@ components: url: type: string title: LogScale endpoint - description: "URL to a CrowdStrike Falcon LogScale endpoint to send events to. Examples: https://cloud.us.humio.com/api/v1/ingest/hec for JSON and https://cloud.us.humio.com/api/v1/ingest/hec/raw for raw" + description: "URL to a CrowdStrike Falcon LogScale endpoint to send events to. + Examples: https://cloud.us.humio.com/api/v1/ingest/hec for JSON and + https://cloud.us.humio.com/api/v1/ingest/hec/raw for raw" pattern: ^https?://.* concurrency: type: number @@ -36698,7 +43722,8 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -36707,17 +43732,23 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -36727,7 +43758,10 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" safeHeaders: @@ -36743,7 +43777,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -36752,7 +43787,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" description: @@ -36768,40 +43807,49 @@ components: description: Select or create a stored text secret pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -36809,23 +43857,35 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputCrowdstrikeNextGenSiem: type: object required: @@ -36848,13 +43908,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -36864,7 +43926,9 @@ components: url: type: string title: Next-Gen SIEM endpoint - description: "URL provided from a CrowdStrike data connector. \nExample: https://ingest..crowdstrike.com/api/ingest/hec//v1/services/collector" + description: |- + URL provided from a CrowdStrike data connector. + Example: https://ingest..crowdstrike.com/api/ingest/hec//v1/services/collector pattern: ^https?://.* concurrency: type: number @@ -36881,7 +43945,8 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -36890,17 +43955,23 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -36910,7 +43981,10 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" safeHeaders: @@ -36926,7 +44000,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -36935,7 +44010,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" description: @@ -36950,40 +44029,49 @@ components: description: Select or create a stored text secret pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -36991,23 +44079,35 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputDlS3: type: object required: @@ -37030,13 +44130,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -37046,7 +44148,8 @@ components: endpoint: type: string title: Endpoint - description: S3 service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to S3-compatible endpoint. + description: S3 service endpoint. If empty, defaults to the AWS Region-specific + endpoint. Otherwise, it must point to S3-compatible endpoint. enableAssumeRole: type: boolean title: Enable for S3 @@ -37064,7 +44167,9 @@ components: durationSeconds: type: number title: Duration (seconds) - description: Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). + description: Duration of the assumed role's session, in seconds. Minimum is 900 + (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 + hours). minimum: 900 maximum: 43200 awsAuthenticationMethod: @@ -37076,11 +44181,15 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates bucket: type: string title: S3 bucket name - description: "Name of the destination S3 bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`" + description: "Name of the destination S3 bucket. Must be a JavaScript expression + (which can evaluate to a constant value), enclosed in quotes or + backticks. Can be evaluated only at initialization time. Example + referencing a Global Variable: `myBucket-${C.vars.myVar}`" region: type: string title: Region @@ -37088,27 +44197,34 @@ components: destPath: type: string title: Key prefix - description: "Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" + description: "Prefix to prepend to files before uploading. Must be a JavaScript + expression (which can evaluate to a constant value), enclosed in + quotes or backticks. Can be evaluated only at init time. Example + referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" maxConcurrentFileParts: type: number title: Concurrent file parts upload limit - description: Maximum number of parts to upload in parallel per file. Minimum part size is 5MB. + description: Maximum number of parts to upload in parallel per file. Minimum + part size is 5MB. minimum: 1 maximum: 10 verifyPermissions: type: boolean title: Verify if bucket exists - description: Disable if you can access files within the bucket but not the bucket itself + description: Disable if you can access files within the bucket but not the + bucket itself maxClosingFilesToBackpressure: type: number title: Staging file limit - description: Maximum number of files that can be waiting for upload before backpressure is applied + description: Maximum number of files that can be waiting for upload before + backpressure is applied minimum: 10 maximum: 4200 stagePath: type: string title: Staging location - description: Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage. + description: Filesystem location in which to buffer files, before compressing + and moving to final destination. Use performant and stable storage. addIdToStagePath: type: boolean title: Add output ID @@ -37122,39 +44238,49 @@ components: baseFileName: type: string title: File name prefix expression - description: JavaScript expression to define the output filename prefix (can be constant) + description: JavaScript expression to define the output filename prefix (can be + constant) fileNameSuffix: type: string title: File name suffix expression - description: JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`). + description: JavaScript expression to define the output filename suffix (can be + constant). The `__format` variable refers to the value of the `Data + format` field (`json` or `raw`). The `__compression` field refers + to the kind of compression being used (`none` or `gzip`). maxFileSizeMB: type: number title: File size limit (MB) - description: Maximum uncompressed output file size. Files of this size will be closed and moved to final output location. + description: Maximum uncompressed output file size. Files of this size will be + closed and moved to final output location. maximum: 1024 minimum: 5 maxFileOpenTimeSec: type: number title: File open time limit (sec) - description: Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to write to a file. Files open for longer + than this will be closed and moved to final output location. minimum: 10 maximum: 86400 maxFileIdleTimeSec: type: number title: Idle time limit (sec) - description: Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to keep inactive files open. Files open for + longer than this will be closed and moved to final output location. minimum: 5 maximum: 86400 maxOpenFiles: type: number title: Open file limit - description: Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location. + description: Maximum number of files to keep open concurrently. When exceeded, + @{product} will close the oldest open files and move them to the + final output location. minimum: 10 maximum: 2000 headerLine: type: string title: Header line - description: If set, this line will be written to the beginning of each output file + description: If set, this line will be written to the beginning of each output + file writeHighWaterMark: type: number title: Writing high watermark (KB) @@ -37166,13 +44292,17 @@ components: deadletterEnabled: type: boolean title: Enable dead-lettering - description: If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors + description: If a file fails to move to its final destination after the maximum + number of retries, move it to a designated directory to prevent + further errors onDiskFullBackpressure: $ref: "#/components/schemas/DiskSpaceProtectionOptions" forceCloseOnShutdown: type: boolean title: Force close on shutdown - description: Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss. + description: Force all staged files to close during an orderly Node shutdown. + This triggers immediate upload of in-progress data — regardless of + idle time, file age, or size thresholds — to minimize data loss. retrySettings: $ref: "#/components/schemas/RetrySettingsType" orphans: @@ -37180,7 +44310,8 @@ components: awsSecretKey: type: string title: Secret key - description: "Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)" + description: "Secret key. This value can be a constant or a JavaScript + expression. Example: `${C.env.SOME_SECRET}`)" objectACL: $ref: "#/components/schemas/ObjectAclOptions" storageClass: @@ -37194,7 +44325,9 @@ components: partitioningFields: type: array title: Partition by fields - description: List of fields to partition the path by, in addition to time, which is included automatically. The effective partition will be YYYY/MM/DD/HH/. + description: List of fields to partition the path by, in addition to time, which + is included automatically. The effective partition will be + YYYY/MM/DD/HH/. items: type: string description: @@ -37203,11 +44336,13 @@ components: awsApiKey: type: string title: Access key - description: This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`) + description: This value can be a constant or a JavaScript expression + (`${C.env.SOME_ACCESS_KEY}`) awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key compress: $ref: "#/components/schemas/CompressionOptionsHttp" compressionLevel: @@ -37215,11 +44350,13 @@ components: automaticSchema: type: boolean title: Automatic schema - description: Automatically calculate the schema based on the events of each Parquet file generated + description: Automatically calculate the schema based on the events of each + Parquet file generated parquetSchema: type: string title: Parquet schema - description: To add a new schema, navigate to Processing > Knowledge > Parquet Schemas + description: To add a new schema, navigate to Processing > Knowledge > Parquet + Schemas minLength: 1 parquetVersion: $ref: "#/components/schemas/ParquetVersionOptions" @@ -37228,13 +44365,16 @@ components: parquetRowGroupLength: type: number title: Group row limit - description: The number of rows that every group will contain. The final group can contain a smaller number of rows. + description: The number of rows that every group will contain. The final group + can contain a smaller number of rows. minimum: 1 - maximum: 6.7108864e+07 + maximum: 67108864 parquetPageSize: type: string title: Page size - description: Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression. + description: Target memory size for page segments, such as 1MB or 128MB. + Generally, lower values improve reading speed, while higher values + improve compression. pattern: ^\d+\s*(?:[kK][bB]|[mM][bB]|[gG][bB]|[tT][bB])?$ shouldLogInvalidRows: type: boolean @@ -37243,22 +44383,28 @@ components: keyValueMetadata: type: array title: Metadata (optional) - description: 'The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: "key":"OCSF Event Class", "value":"9001"' + description: 'The metadata of files the Destination writes will include the + properties you add here as key-value pairs. Useful for tagging. + Examples: "key":"OCSF Event Class", "value":"9001"' minItems: 0 items: $ref: "#/components/schemas/KeyValueMetadataConfOutputFilesystem" enableStatistics: type: boolean title: Write statistics - description: Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics. + description: Statistics profile an entire file in terms of minimum/maximum + values within data, numbers of nulls, etc. You can use Parquet tools + to view statistics. enableWritePageIndex: type: boolean title: Write page indexes - description: One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping. + description: One page index contains statistics for one data page. Parquet + readers use statistics to enable page skipping. enablePageChecksum: type: boolean title: Write page checksum - description: Parquet tools can use the checksum of a Parquet page to verify data integrity + description: Parquet tools can use the checksum of a Parquet page to verify data + integrity emptyDirCleanupSec: type: number title: Staging cleanup period @@ -37268,76 +44414,125 @@ components: directoryBatchSize: type: number title: Directory batch size - description: Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory. + description: Number of directories to process in each batch during cleanup of + empty directories. Minimum is 10, maximum is 10000. Higher values + may require more memory. deadletterPath: type: string title: Dead-letter location - description: Storage location for files that fail to reach their final destination after maximum retries are exceeded + description: Storage location for files that fail to reach their final + destination after maximum retries are exceeded maxRetryNum: type: number title: Retry limit - description: The maximum number of times a file will attempt to move to its final destination before being dead-lettered + description: The maximum number of times a file will attempt to move to its + final destination before being dead-lettered minimum: 1 __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_assumeRoleArn: type: string - description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. + description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. __template_assumeRoleExternalId: type: string - description: Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime. + description: Binds 'assumeRoleExternalId' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'assumeRoleExternalId' at runtime. __template_bucket: type: string - description: Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime. + description: Binds 'bucket' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'bucket' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_destPath: type: string - description: Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime. + description: Binds 'destPath' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'destPath' at runtime. __template_format: type: string - description: Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime. + description: Binds 'format' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'format' at runtime. __template_baseFileName: type: string - description: Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime. + description: Binds 'baseFileName' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'baseFileName' at runtime. __template_fileNameSuffix: type: string - description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime. + description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'fileNameSuffix' at + runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_awsSecretKey: type: string - description: Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime. + description: Binds 'awsSecretKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsSecretKey' at runtime. __template_objectACL: type: string - description: Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime. + description: Binds 'objectACL' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'objectACL' at runtime. __template_storageClass: type: string - description: Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime. + description: Binds 'storageClass' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'storageClass' at runtime. __template_serverSideEncryption: type: string - description: Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime. + description: Binds 'serverSideEncryption' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'serverSideEncryption' at runtime. __template_kmsKeyId: type: string - description: Binds 'kmsKeyId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'kmsKeyId' at runtime. + description: Binds 'kmsKeyId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'kmsKeyId' at runtime. __template_partitioningFields: type: string - description: Binds 'partitioningFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitioningFields' at runtime. + description: Binds 'partitioningFields' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'partitioningFields' at runtime. __template_awsApiKey: type: string - description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime. + description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsApiKey' at runtime. __template_compress: type: string - description: Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime. + description: Binds 'compress' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'compress' at runtime. __template_parquetSchema: type: string - description: Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime. + description: Binds 'parquetSchema' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'parquetSchema' at runtime. OutputSecurityLake: type: object required: @@ -37364,13 +44559,16 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. These fields are added as dimensions and labels to generated metrics and logs, respectively. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. These fields are added as dimensions and labels to + generated metrics and logs, respectively. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -37380,7 +44578,9 @@ components: endpoint: type: string title: Endpoint - description: Amazon Security Lake service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to Amazon Security Lake-compatible endpoint. + description: Amazon Security Lake service endpoint. If empty, defaults to the + AWS Region-specific endpoint. Otherwise, it must point to Amazon + Security Lake-compatible endpoint. enableAssumeRole: type: boolean title: Enable for S3 @@ -37398,7 +44598,9 @@ components: durationSeconds: type: number title: Duration (seconds) - description: Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). + description: Duration of the assumed role's session, in seconds. Minimum is 900 + (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 + hours). minimum: 900 maximum: 43200 awsAuthenticationMethod: @@ -37410,11 +44612,15 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates bucket: type: string title: S3 bucket name - description: "Name of the destination S3 bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`" + description: "Name of the destination S3 bucket. Must be a JavaScript expression + (which can evaluate to a constant value), enclosed in quotes or + backticks. Can be evaluated only at initialization time. Example + referencing a Global Variable: `myBucket-${C.vars.myVar}`" region: type: string title: Region @@ -37422,23 +44628,27 @@ components: maxConcurrentFileParts: type: number title: Concurrent file parts upload limit - description: Maximum number of parts to upload in parallel per file. Minimum part size is 5MB. + description: Maximum number of parts to upload in parallel per file. Minimum + part size is 5MB. minimum: 1 maximum: 10 verifyPermissions: type: boolean title: Verify if bucket exists - description: Disable if you can access files within the bucket but not the bucket itself + description: Disable if you can access files within the bucket but not the + bucket itself maxClosingFilesToBackpressure: type: number title: Staging file limit - description: Maximum number of files that can be waiting for upload before backpressure is applied + description: Maximum number of files that can be waiting for upload before + backpressure is applied minimum: 10 maximum: 4200 stagePath: type: string title: Staging location - description: Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage. + description: Filesystem location in which to buffer files, before compressing + and moving to final destination. Use performant and stable storage. addIdToStagePath: type: boolean title: Add output ID @@ -37450,35 +44660,42 @@ components: baseFileName: type: string title: File name prefix expression - description: JavaScript expression to define the output filename prefix (can be constant) + description: JavaScript expression to define the output filename prefix (can be + constant) maxFileSizeMB: type: number title: File size limit (MB) - description: Maximum uncompressed output file size. Files of this size will be closed and moved to final output location. + description: Maximum uncompressed output file size. Files of this size will be + closed and moved to final output location. maximum: 1024 minimum: 5 maxFileOpenTimeSec: type: number title: File open time limit (sec) - description: Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to write to a file. Files open for longer + than this will be closed and moved to final output location. minimum: 10 maximum: 86400 maxFileIdleTimeSec: type: number title: Idle time limit (sec) - description: Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to keep inactive files open. Files open for + longer than this will be closed and moved to final output location. minimum: 5 maximum: 86400 maxOpenFiles: type: number title: Open file limit - description: Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location. + description: Maximum number of files to keep open concurrently. When exceeded, + @{product} will close the oldest open files and move them to the + final output location. minimum: 10 maximum: 2000 headerLine: type: string title: Header line - description: If set, this line will be written to the beginning of each output file + description: If set, this line will be written to the beginning of each output + file writeHighWaterMark: type: number title: Writing high watermark (KB) @@ -37490,13 +44707,17 @@ components: deadletterEnabled: type: boolean title: Enable dead-lettering - description: If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors + description: If a file fails to move to its final destination after the maximum + number of retries, move it to a designated directory to prevent + further errors onDiskFullBackpressure: $ref: "#/components/schemas/DiskSpaceProtectionOptions" forceCloseOnShutdown: type: boolean title: Force close on shutdown - description: Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss. + description: Force all staged files to close during an orderly Node shutdown. + This triggers immediate upload of in-progress data — regardless of + idle time, file age, or size thresholds — to minimize data loss. retrySettings: $ref: "#/components/schemas/RetrySettingsType" orphans: @@ -37517,7 +44738,9 @@ components: accountId: type: string title: Account ID - description: ID of the AWS account whose data the Destination will write to Security Lake. This should have been configured when creating the Amazon Security Lake custom source. + description: ID of the AWS account whose data the Destination will write to + Security Lake. This should have been configured when creating the + Amazon Security Lake custom source. customSource: type: string title: Custom source name @@ -37525,7 +44748,8 @@ components: automaticSchema: type: boolean title: Automatic schema - description: Automatically calculate the schema based on the events of each Parquet file generated + description: Automatically calculate the schema based on the events of each + Parquet file generated parquetVersion: $ref: "#/components/schemas/ParquetVersionOptions" parquetDataPageVersion: @@ -37533,13 +44757,16 @@ components: parquetRowGroupLength: type: number title: Group row limit - description: The number of rows that every group will contain. The final group can contain a smaller number of rows. + description: The number of rows that every group will contain. The final group + can contain a smaller number of rows. minimum: 1 - maximum: 6.7108864e+07 + maximum: 67108864 parquetPageSize: type: string title: Page size - description: Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression. + description: Target memory size for page segments, such as 1MB or 128MB. + Generally, lower values improve reading speed, while higher values + improve compression. pattern: ^\d+\s*(?:[kK][bB]|[mM][bB]|[gG][bB]|[tT][bB])?$ shouldLogInvalidRows: type: boolean @@ -37548,33 +44775,41 @@ components: keyValueMetadata: type: array title: Metadata (optional) - description: 'The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: "key":"OCSF Event Class", "value":"9001"' + description: 'The metadata of files the Destination writes will include the + properties you add here as key-value pairs. Useful for tagging. + Examples: "key":"OCSF Event Class", "value":"9001"' minItems: 0 items: $ref: "#/components/schemas/KeyValueMetadataConfOutputFilesystem" enableStatistics: type: boolean title: Write statistics - description: Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics. + description: Statistics profile an entire file in terms of minimum/maximum + values within data, numbers of nulls, etc. You can use Parquet tools + to view statistics. enableWritePageIndex: type: boolean title: Write page indexes - description: One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping. + description: One page index contains statistics for one data page. Parquet + readers use statistics to enable page skipping. enablePageChecksum: type: boolean title: Write page checksum - description: Parquet tools can use the checksum of a Parquet page to verify data integrity + description: Parquet tools can use the checksum of a Parquet page to verify data + integrity description: type: string title: Description awsApiKey: type: string title: Access key - description: This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`) + description: This value can be a constant or a JavaScript expression + (`${C.env.SOME_ACCESS_KEY}`) awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key emptyDirCleanupSec: type: number title: Staging cleanup period @@ -37584,72 +44819,114 @@ components: directoryBatchSize: type: number title: Directory batch size - description: Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory. + description: Number of directories to process in each batch during cleanup of + empty directories. Minimum is 10, maximum is 10000. Higher values + may require more memory. parquetSchema: type: string title: Parquet schema - description: To add a new schema, navigate to Processing > Knowledge > Parquet Schemas + description: To add a new schema, navigate to Processing > Knowledge > Parquet + Schemas minLength: 1 deadletterPath: type: string title: Dead-letter location - description: Storage location for files that fail to reach their final destination after maximum retries are exceeded + description: Storage location for files that fail to reach their final + destination after maximum retries are exceeded maxRetryNum: type: number title: Retry limit - description: The maximum number of times a file will attempt to move to its final destination before being dead-lettered + description: The maximum number of times a file will attempt to move to its + final destination before being dead-lettered minimum: 1 __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_assumeRoleArn: type: string - description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. + description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. __template_assumeRoleExternalId: type: string - description: Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime. + description: Binds 'assumeRoleExternalId' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'assumeRoleExternalId' at runtime. __template_bucket: type: string - description: Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime. + description: Binds 'bucket' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'bucket' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_baseFileName: type: string - description: Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime. + description: Binds 'baseFileName' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'baseFileName' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_awsSecretKey: type: string - description: Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime. + description: Binds 'awsSecretKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsSecretKey' at runtime. __template_objectACL: type: string - description: Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime. + description: Binds 'objectACL' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'objectACL' at runtime. __template_storageClass: type: string - description: Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime. + description: Binds 'storageClass' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'storageClass' at runtime. __template_serverSideEncryption: type: string - description: Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime. + description: Binds 'serverSideEncryption' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'serverSideEncryption' at runtime. __template_kmsKeyId: type: string - description: Binds 'kmsKeyId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'kmsKeyId' at runtime. + description: Binds 'kmsKeyId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'kmsKeyId' at runtime. __template_accountId: type: string - description: Binds 'accountId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'accountId' at runtime. + description: Binds 'accountId' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'accountId' at runtime. __template_customSource: type: string - description: Binds 'customSource' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customSource' at runtime. + description: Binds 'customSource' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'customSource' at runtime. __template_awsApiKey: type: string - description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime. + description: Binds 'awsApiKey' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsApiKey' at runtime. __template_parquetSchema: type: string - description: Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime. + description: Binds 'parquetSchema' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'parquetSchema' at runtime. OutputCriblLake: type: object properties: @@ -37668,13 +44945,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -37684,7 +44963,8 @@ components: endpoint: type: string title: Endpoint - description: S3 service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to S3-compatible endpoint. + description: S3 service endpoint. If empty, defaults to the AWS Region-specific + endpoint. Otherwise, it must point to S3-compatible endpoint. enableAssumeRole: type: boolean title: Enable for S3 @@ -37702,7 +44982,9 @@ components: durationSeconds: type: number title: Duration (seconds) - description: Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). + description: Duration of the assumed role's session, in seconds. Minimum is 900 + (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 + hours). minimum: 900 maximum: 43200 reuseConnections: @@ -37712,11 +44994,15 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates bucket: type: string title: S3 bucket name - description: "Name of the destination S3 bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`" + description: "Name of the destination S3 bucket. Must be a JavaScript expression + (which can evaluate to a constant value), enclosed in quotes or + backticks. Can be evaluated only at initialization time. Example + referencing a Global Variable: `myBucket-${C.vars.myVar}`" region: type: string title: Region @@ -37728,17 +45014,20 @@ components: verifyPermissions: type: boolean title: Verify if bucket exists - description: Disable if you can access files within the bucket but not the bucket itself + description: Disable if you can access files within the bucket but not the + bucket itself maxClosingFilesToBackpressure: type: number title: Staging file limit - description: Maximum number of files that can be waiting for upload before backpressure is applied + description: Maximum number of files that can be waiting for upload before + backpressure is applied minimum: 10 maximum: 4200 stagePath: type: string title: Staging location - description: Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage. + description: Filesystem location in which to buffer files, before compressing + and moving to final destination. Use performant and stable storage. addIdToStagePath: type: boolean title: Add output ID @@ -37750,39 +45039,49 @@ components: baseFileName: type: string title: File name prefix expression - description: JavaScript expression to define the output filename prefix (can be constant) + description: JavaScript expression to define the output filename prefix (can be + constant) fileNameSuffix: type: string title: File name suffix expression - description: JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`). + description: JavaScript expression to define the output filename suffix (can be + constant). The `__format` variable refers to the value of the `Data + format` field (`json` or `raw`). The `__compression` field refers + to the kind of compression being used (`none` or `gzip`). maxFileSizeMB: type: number title: File size limit (MB) - description: Maximum uncompressed output file size. Files of this size will be closed and moved to final output location. + description: Maximum uncompressed output file size. Files of this size will be + closed and moved to final output location. maximum: 1024 minimum: 5 maxFileOpenTimeSec: type: number title: File open time limit (sec) - description: Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to write to a file. Files open for longer + than this will be closed and moved to final output location. minimum: 10 maximum: 86400 maxFileIdleTimeSec: type: number title: Idle time limit (sec) - description: Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to keep inactive files open. Files open for + longer than this will be closed and moved to final output location. minimum: 5 maximum: 86400 maxOpenFiles: type: number title: Open file limit - description: Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location. + description: Maximum number of files to keep open concurrently. When exceeded, + @{product} will close the oldest open files and move them to the + final output location. minimum: 10 maximum: 2000 headerLine: type: string title: Header line - description: If set, this line will be written to the beginning of each output file + description: If set, this line will be written to the beginning of each output + file writeHighWaterMark: type: number title: Writing high watermark (KB) @@ -37794,13 +45093,17 @@ components: deadletterEnabled: type: boolean title: Enable dead-lettering - description: If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors + description: If a file fails to move to its final destination after the maximum + number of retries, move it to a designated directory to prevent + further errors onDiskFullBackpressure: $ref: "#/components/schemas/DiskSpaceProtectionOptions" forceCloseOnShutdown: type: boolean title: Force close on shutdown - description: Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss. + description: Force all staged files to close during an orderly Node shutdown. + This triggers immediate upload of in-progress data — regardless of + idle time, file age, or size thresholds — to minimize data loss. retrySettings: $ref: "#/components/schemas/RetrySettingsType" orphans: @@ -37808,7 +45111,8 @@ components: awsSecretKey: type: string title: Secret key - description: "Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)" + description: "Secret key. This value can be a constant or a JavaScript + expression. Example: `${C.env.SOME_SECRET}`)" objectACL: $ref: "#/components/schemas/ObjectAclOptions" storageClass: @@ -37832,11 +45136,13 @@ components: - json - parquet - ddss + - netskope x-speakeasy-unknown-values: allow maxConcurrentFileParts: type: number title: Concurrent file parts limit - description: Maximum number of parts to upload in parallel per file. Minimum part size is 5MB. + description: Maximum number of parts to upload in parallel per file. Minimum + part size is 5MB. minimum: 1 maximum: 10 description: @@ -37851,61 +45157,99 @@ components: directoryBatchSize: type: number title: Directory batch size - description: Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory. + description: Number of directories to process in each batch during cleanup of + empty directories. Minimum is 10, maximum is 10000. Higher values + may require more memory. deadletterPath: type: string title: Dead-letter location - description: Storage location for files that fail to reach their final destination after maximum retries are exceeded + description: Storage location for files that fail to reach their final + destination after maximum retries are exceeded maxRetryNum: type: number title: Retry limit - description: The maximum number of times a file will attempt to move to its final destination before being dead-lettered + description: The maximum number of times a file will attempt to move to its + final destination before being dead-lettered minimum: 1 __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_assumeRoleArn: type: string - description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. + description: Binds 'assumeRoleArn' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'assumeRoleArn' at runtime. __template_assumeRoleExternalId: type: string - description: Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime. + description: Binds 'assumeRoleExternalId' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'assumeRoleExternalId' at runtime. __template_bucket: type: string - description: Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime. + description: Binds 'bucket' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'bucket' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_destPath: type: string - description: Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime. + description: Binds 'destPath' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'destPath' at runtime. __template_baseFileName: type: string - description: Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime. + description: Binds 'baseFileName' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'baseFileName' at runtime. __template_fileNameSuffix: type: string - description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime. + description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'fileNameSuffix' at + runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_awsSecretKey: type: string - description: Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime. + description: Binds 'awsSecretKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsSecretKey' at runtime. __template_objectACL: type: string - description: Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime. + description: Binds 'objectACL' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'objectACL' at runtime. __template_storageClass: type: string - description: Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime. + description: Binds 'storageClass' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'storageClass' at runtime. __template_serverSideEncryption: type: string - description: Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime. + description: Binds 'serverSideEncryption' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'serverSideEncryption' at runtime. __template_kmsKeyId: type: string - description: Binds 'kmsKeyId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'kmsKeyId' at runtime. + description: Binds 'kmsKeyId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'kmsKeyId' at runtime. required: - type OutputDiskSpool: @@ -37926,13 +45270,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -37946,25 +45292,32 @@ components: maxDataSize: type: string title: Data size limit - description: "Maximum disk space that can be consumed before older buckets are deleted. Examples: 420MB, 4GB. Default is 1GB." + description: "Maximum disk space that can be consumed before older buckets are + deleted. Examples: 420MB, 4GB. Default is 1GB." pattern: ^\d+(\.\d+)?\s*(?:[kmgKMG](b|B))?$ maxDataTime: title: Data age limit type: string - description: "Maximum amount of time to retain data before older buckets are deleted. Examples: 2h, 4d. Default is 24h." + description: "Maximum amount of time to retain data before older buckets are + deleted. Examples: 2h, 4d. Default is 24h." pattern: \d+[smhd]$ compress: $ref: "#/components/schemas/CompressionOptionsPersistence" partitionExpr: type: string title: Partitioning expression - description: JavaScript expression defining how files are partitioned and organized within the time-buckets. If blank, the event's __partition property is used and otherwise, events go directly into the time-bucket directory. + description: JavaScript expression defining how files are partitioned and + organized within the time-buckets. If blank, the event's __partition + property is used and otherwise, events go directly into the + time-bucket directory. description: type: string title: Description __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. required: - type OutputClickHouse: @@ -37990,13 +45343,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -38015,12 +45370,15 @@ components: tableName: type: string title: ClickHouse table - description: Name of the ClickHouse table where data will be inserted. Name can contain letters (A-Z, a-z), numbers (0-9), and the character "_", and must start with either a letter or the character "_". + description: Name of the ClickHouse table where data will be inserted. Name can + contain letters (A-Z, a-z), numbers (0-9), and the character "_", + and must start with either a letter or the character "_". pattern: ^[a-zA-Z_][0-9a-zA-Z_]*$ format: type: string title: Format - description: Data format to use when sending data to ClickHouse. Defaults to JSON Compact. + description: Data format to use when sending data to ClickHouse. Defaults to + JSON Compact. enum: - json-compact-each-row-with-names - json-each-row @@ -38042,7 +45400,13 @@ components: asyncInserts: type: boolean title: Async inserts - description: Collect data into batches for later processing on the ClickHouse server. Disable to write to a ClickHouse table immediately. Cribl sends the configured value with every insert (async_insert=1 or async_insert=0) so behavior is consistent across ClickHouse versions, including 26.3 LTS and later, where async inserts are enabled by default on the server. + description: Collect data into batches for later processing on the ClickHouse + server. Disable to write to a ClickHouse table immediately. Cribl + sends the configured value with every insert + (async_insert=1 or async_insert=0) so + behavior is consistent across ClickHouse versions, including 26.3 + LTS and later, where async inserts are enabled by default on the + server. tls: $ref: "#/components/schemas/TlsSettingsClientSideTypeCaPathCertPathExtended" concurrency: @@ -38060,7 +45424,8 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -38069,17 +45434,23 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -38089,7 +45460,10 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" safeHeaders: @@ -38101,7 +45475,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -38110,7 +45485,16 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. + workload: + type: string + title: Workload + description: Optional ClickHouse workload name to append as a SETTINGS clause on + INSERT queries. Used for workload scheduling classification. dumpFormatErrorsToDisk: type: boolean title: Log last schema mismatch @@ -38137,7 +45521,10 @@ components: waitForAsyncInserts: type: boolean title: Wait for async inserts - description: Cribl will wait for confirmation that data has been fully inserted into the ClickHouse database before proceeding. Disabling this option can increase throughput, but Cribl won't be able to verify data has been completely inserted. + description: Cribl will wait for confirmation that data has been fully inserted + into the ClickHouse database before proceeding. Disabling this + option can increase throughput, but Cribl won't be able to verify + data has been completely inserted. excludeMappingFields: type: array title: Exclude fields @@ -38149,7 +45536,8 @@ components: describeTable: type: string title: Retrieve table columns - description: Retrieves the table schema from ClickHouse and populates the Column Mapping table + description: Retrieves the table schema from ClickHouse and populates the Column + Mapping table columnMappings: type: array title: Column Mapping @@ -38171,43 +45559,53 @@ components: columnValueExpression: type: string title: Column value - description: JavaScript expression to compute value to be inserted into ClickHouse table + description: JavaScript expression to compute value to be inserted into + ClickHouse table pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -38215,29 +45613,45 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. __template_database: type: string - description: Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime. + description: Binds 'database' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'database' at runtime. __template_tableName: type: string - description: Binds 'tableName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tableName' at runtime. + description: Binds 'tableName' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'tableName' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputLocalSearchStorage: type: object required: @@ -38261,13 +45675,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -38286,7 +45702,9 @@ components: tableName: type: string title: Table - description: Name of the table where data will be inserted. Name can contain letters (A-Z, a-z), numbers (0-9), and the character "_", and must start with either a letter or the character "_". + description: Name of the table where data will be inserted. Name can contain + letters (A-Z, a-z), numbers (0-9), and the character "_", and must + start with either a letter or the character "_". pattern: ^[a-zA-Z_][0-9a-zA-Z_]*$ format: type: string @@ -38313,7 +45731,8 @@ components: asyncInserts: type: boolean title: Async inserts - description: Collect data into batches for later processing. Disable to write to a table immediately. + description: Collect data into batches for later processing. Disable to write to + a table immediately. tls: $ref: "#/components/schemas/TlsSettingsClientSideTypeCaPathCertPathExtended" concurrency: @@ -38331,7 +45750,8 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -38340,17 +45760,23 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -38360,7 +45786,10 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" safeHeaders: @@ -38372,7 +45801,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -38381,7 +45811,16 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. + workload: + type: string + title: Workload + description: Optional ClickHouse workload name to append as a SETTINGS clause on + INSERT queries. Used for workload scheduling classification. dumpFormatErrorsToDisk: type: boolean title: Log last schema mismatch @@ -38405,6 +45844,10 @@ components: type: string password: type: string + waitForAsyncInserts: + type: boolean + concurrency: + type: number description: type: string title: Description @@ -38425,7 +45868,10 @@ components: waitForAsyncInserts: type: boolean title: Wait for async inserts - description: Cribl will wait for confirmation that data has been fully inserted into the database before proceeding. Disabling this option can increase throughput, but Cribl won't be able to verify data has been completely inserted. + description: Cribl will wait for confirmation that data has been fully inserted + into the database before proceeding. Disabling this option can + increase throughput, but Cribl won't be able to verify data has been + completely inserted. excludeMappingFields: type: array title: Exclude fields @@ -38459,43 +45905,53 @@ components: columnValueExpression: type: string title: Column value - description: JavaScript expression to compute value to be inserted into the table + description: JavaScript expression to compute value to be inserted into the + table pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -38503,29 +45959,45 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. __template_database: type: string - description: Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime. + description: Binds 'database' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'database' at runtime. __template_tableName: type: string - description: Binds 'tableName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tableName' at runtime. + description: Binds 'tableName' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'tableName' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputXsiam: type: object properties: @@ -38544,13 +46016,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -38560,7 +46034,9 @@ components: loadBalanced: type: boolean title: Load balancing - description: Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS. + description: Enable for optimal performance. Even if you have one hostname, it + can expand to multiple IPs. If disabled, consider enabling + round-robin DNS. concurrency: type: number title: Request concurrency @@ -38576,7 +46052,8 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -38585,17 +46062,23 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -38621,7 +46104,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -38630,7 +46114,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. throttleRateReqPerSec: type: integer title: Throttle request rate limit @@ -38641,7 +46129,9 @@ components: totalMemoryLimitKB: type: number title: Buffer memory limit (KB) - description: Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced. + description: Maximum total size of the batches waiting to be sent. If left + blank, defaults to 5 times the max body size (if set). If 0, no + limit is enforced. minimum: 0 description: type: string @@ -38649,16 +46139,21 @@ components: url: type: string title: XSIAM endpoint - description: XSIAM endpoint URL to send events to, such as https://api-{tenant external URL}/logs/v1/event + description: XSIAM endpoint URL to send events to, such as https://api-{tenant + external URL}/logs/v1/event pattern: ^https?://.* useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. excludeSelf: type: boolean title: Exclude current host IPs - description: Exclude all IPs of the current host from the list of any resolved hostnames + description: Exclude all IPs of the current host from the list of any resolved + hostnames urls: type: array title: XSIAM Endpoints @@ -38670,19 +46165,22 @@ components: weight: type: number title: Load Weight - description: Assign a weight (>0) to each endpoint to indicate its traffic-handling capability + description: Assign a weight (>0) to each endpoint to indicate its + traffic-handling capability minimum: 0 dnsResolvePeriodSec: type: number minimum: 0 maximum: 86400 title: DNS resolution period (seconds) - description: The interval in which to re-resolve any hostnames and pick up destinations from A records + description: The interval in which to re-resolve any hostnames and pick up + destinations from A records loadBalanceStatsPeriodSec: type: number minimum: 10 title: Load balance stats period (seconds) - description: How far back in time to keep traffic stats for load balancing purposes + description: How far back in time to keep traffic stats for load balancing + purposes token: type: string title: Auth token @@ -38693,40 +46191,49 @@ components: description: Select or create a stored text secret pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -38734,23 +46241,35 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. required: - type OutputNetflow: @@ -38774,13 +46293,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -38809,19 +46330,28 @@ components: description: Destination port, default is 2055 __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. dnsResolvePeriodSec: type: number minimum: 0 maximum: 86400 title: DNS resolution period (sec) - description: How often to resolve the destination hostname to an IP address. Ignored if all destinations are IP addresses. A value of 0 means every datagram sent will incur a DNS lookup. + description: How often to resolve the destination hostname to an IP address. + Ignored if all destinations are IP addresses. A value of 0 means + every datagram sent will incur a DNS lookup. enableIpSpoofing: title: Enable Source IP spoofing - description: Send NetFlow traffic using the original event's Source IP and port. To enable this, you must install the external `udp-sender` helper binary at `/usr/bin/udp-sender` on all Worker Nodes and grant it the `CAP_NET_RAW` capability. + description: Send NetFlow traffic using the original event's Source IP and port. + To enable this, you must install the external `udp-sender` helper + binary at `/usr/bin/udp-sender` on all Worker Nodes and grant it the + `CAP_NET_RAW` capability. type: boolean description: type: string @@ -38830,10 +46360,15 @@ components: type: number title: Maximum transmission unit (MTU) minimum: 1 - description: MTU in bytes. The actual maximum NetFlow payload size will be MTU minus IP and UDP headers (28 bytes for IPv4, 48 bytes for IPv6). For example, with the default MTU of 1500, the max payload is 1472 bytes for IPv4. Payloads exceeding this limit will be dropped. + description: MTU in bytes. The actual maximum NetFlow payload size will be MTU + minus IP and UDP headers (28 bytes for IPv4, 48 bytes for IPv6). For + example, with the default MTU of 1500, the max payload is 1472 bytes + for IPv4. Payloads exceeding this limit will be dropped. __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. OutputDynatraceHttp: type: object required: @@ -38857,13 +46392,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -38875,7 +46412,8 @@ components: keepAlive: type: boolean title: Keep alive - description: Disable to close the connection immediately after sending the outgoing request + description: Disable to close the connection immediately after sending the + outgoing request concurrency: type: number title: Request concurrency @@ -38891,7 +46429,8 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 maximum: 50000 compress: @@ -38901,27 +46440,38 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers - description: Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields). + description: Headers to add to all events. You can also add headers dynamically + on a per-event basis in the __headers field, as explained in [Cribl + Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields). items: $ref: "#/components/schemas/ExtraHttpHeaderConfInputElastic" useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" safeHeaders: @@ -38933,7 +46483,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -38942,7 +46493,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" authType: @@ -38958,7 +46513,8 @@ components: format: type: string title: Format - description: How to format events before sending. Defaults to JSON. Plaintext is not currently supported. + description: How to format events before sending. Defaults to JSON. Plaintext is + not currently supported. enum: - json_array - plaintext @@ -38991,47 +46547,58 @@ components: totalMemoryLimitKB: type: number title: Buffer memory limit (KB) - description: Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced. + description: Maximum total size of the batches waiting to be sent. If left + blank, defaults to 5 times the max body size (if set). If 0, no + limit is enforced. minimum: 0 description: type: string title: Description pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -39039,7 +46606,9 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object @@ -39058,7 +46627,9 @@ components: description: ID of the environment to send to activeGateDomain: type: string - description: ActiveGate domain with Log analytics collector module enabled. For example https://{activeGate-domain}:9999/e/{environment-id}/api/v2/logs/ingest. + description: ActiveGate domain with Log analytics collector module enabled. For + example + https://{activeGate-domain}:9999/e/{environment-id}/api/v2/logs/ingest. title: ActiveGate domain url: title: URL @@ -39067,16 +46638,26 @@ components: pattern: ^https?://.* __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. OutputDynatraceOtlp: type: object required: @@ -39102,13 +46683,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -39127,7 +46710,9 @@ components: endpoint: type: string title: Endpoint - description: The endpoint where Dynatrace events will be sent. Enter any valid URL or an IP address (IPv4 or IPv6; enclose IPv6 addresses in square brackets) + description: The endpoint where Dynatrace events will be sent. Enter any valid + URL or an IP address (IPv4 or IPv6; enclose IPv6 addresses in square + brackets) otlpVersion: $ref: "#/components/schemas/OtlpVersionOptions131" compress: @@ -39137,19 +46722,28 @@ components: httpTracesEndpointOverride: type: string title: Traces endpoint override - description: If you want to send traces to the default `{endpoint}/v1/traces` endpoint, leave this field empty; otherwise, specify the desired endpoint + description: If you want to send traces to the default `{endpoint}/v1/traces` + endpoint, leave this field empty; otherwise, specify the desired + endpoint httpMetricsEndpointOverride: type: string title: Metrics endpoint override - description: If you want to send metrics to the default `{endpoint}/v1/metrics` endpoint, leave this field empty; otherwise, specify the desired endpoint + description: If you want to send metrics to the default `{endpoint}/v1/metrics` + endpoint, leave this field empty; otherwise, specify the desired + endpoint httpLogsEndpointOverride: type: string title: Logs endpoint override - description: If you want to send logs to the default `{endpoint}/v1/logs` endpoint, leave this field empty; otherwise, specify the desired endpoint + description: If you want to send logs to the default `{endpoint}/v1/logs` + endpoint, leave this field empty; otherwise, specify the desired + endpoint metadata: type: array title: Metadata - description: List of key-value pairs to send with each gRPC request. Value supports JavaScript expressions that are evaluated just once, when the destination gets started. To pass credentials as metadata, use 'C.Secret'. + description: List of key-value pairs to send with each gRPC request. Value + supports JavaScript expressions that are evaluated just once, when + the destination gets started. To pass credentials as metadata, use + 'C.Secret'. minItems: 0 items: $ref: "#/components/schemas/KeyValueMetadataConfOutputFilesystem" @@ -39160,7 +46754,8 @@ components: dynamicHeadersField: type: string title: Dynamic metadata field - description: When presented, this field which contains metadata, will be injected into the Destination metadata and used to batch events. + description: When presented, this field which contains metadata, will be + injected into the Destination metadata and used to batch events. concurrency: type: number title: Request concurrency @@ -39170,25 +46765,30 @@ components: maxPayloadSizeKB: type: number title: Body size limit - description: Maximum size (in KB) of the request body. The maximum payload size is 4 MB. If this limit is exceeded, the entire OTLP message is dropped + description: Maximum size (in KB) of the request body. The maximum payload size + is 4 MB. If this limit is exceeded, the entire OTLP message is + dropped minimum: 1024 maximum: 4096 timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. failedRequestLoggingMode: $ref: "#/components/schemas/FailedRequestLoggingModeOptions" connectionTimeout: type: number title: Connection timeout - description: Amount of time (milliseconds) to wait for the connection to establish before retrying + description: Amount of time (milliseconds) to wait for the connection to + establish before retrying keepAliveTime: type: number title: Keep alive time (seconds) @@ -39197,7 +46797,8 @@ components: keepAlive: type: boolean title: Keep alive - description: Disable to close the connection immediately after sending the outgoing request + description: Disable to close the connection immediately after sending the + outgoing request endpointType: type: string title: Endpoint type @@ -39224,11 +46825,18 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. + For optimal performance, consider enabling this setting for non-load + balanced destinations. extraHttpHeaders: type: array title: Extra HTTP headers @@ -39244,7 +46852,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -39253,43 +46862,56 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -39297,20 +46919,30 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputSentinelOneAiSiem: type: object required: @@ -39333,13 +46965,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -39349,7 +46983,9 @@ components: region: type: string title: Region - description: The SentinelOne region to send events to. In most cases you can find the region by either looking at your SentinelOne URL or knowing what geographic region your SentinelOne instance is contained in. + description: The SentinelOne region to send events to. In most cases you can + find the region by either looking at your SentinelOne URL or knowing + what geographic region your SentinelOne instance is contained in. enum: - US - CA @@ -39365,7 +47001,9 @@ components: enum: - /services/collector/event - /services/collector/raw - description: Endpoint to send events to. Use /services/collector/event for structured JSON payloads with standard HEC top-level fields. Use /services/collector/raw for unstructured log lines (plain text). + description: Endpoint to send events to. Use /services/collector/event for + structured JSON payloads with standard HEC top-level fields. Use + /services/collector/raw for unstructured log lines (plain text). x-speakeasy-unknown-values: allow concurrency: type: number @@ -39378,11 +47016,12 @@ components: title: Body size limit (KB) description: Maximum size, in KB, of the request body minimum: 1024 - maximum: 2.097152e+06 + maximum: 2097152 maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -39391,17 +47030,23 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -39421,7 +47066,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -39430,7 +47076,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" description: @@ -39439,7 +47089,9 @@ components: token: type: string title: AI SIEM API Key - description: In the SentinelOne Console select Policy & Settings then select the Singularity AI SIEM section, API Keys will be at the bottom. Under Log Access Keys select a Write token and copy it here + description: In the SentinelOne Console select Policy & Settings then select the + Singularity AI SIEM section, API Keys will be at the bottom. Under + Log Access Keys select a Write token and copy it here textSecret: type: string title: AI SIEM API Key (text secret) @@ -39448,99 +47100,144 @@ components: title: Base AI SIEM endpoint URL type: string pattern: ^https?://[a-zA-Z0-9.-]+(:[0-9]+)?$ - description: "Base URL of the endpoint used to send events to, such as https://.sentinelone.net. Must begin with http:// or https://, can include a port number, and no trailing slashes. Matches pattern: ^https?://[a-zA-Z0-9.-]+(:[0-9]+)?$." + description: "Base URL of the endpoint used to send events to, such as + https://.sentinelone.net. Must begin with http:// or + https://, can include a port number, and no trailing slashes. + Matches pattern: ^https?://[a-zA-Z0-9.-]+(:[0-9]+)?$." hostExpression: type: string title: serverHost expression - description: Define serverHost for events using a JavaScript expression. You must enclose text constants in quotes (such as, 'myServer'). + description: Define serverHost for events using a JavaScript expression. You + must enclose text constants in quotes (such as, 'myServer'). sourceExpression: type: string title: logFile expression - description: Define logFile for events using a JavaScript expression. You must enclose text constants in quotes (such as, 'myLogFile.txt'). + description: Define logFile for events using a JavaScript expression. You must + enclose text constants in quotes (such as, 'myLogFile.txt'). sourceTypeExpression: type: string title: parser expression - description: Define the parser for events using a JavaScript expression. This value helps parse data into AI SIEM. You must enclose text constants in quotes (such as, 'dottedJson'). For custom parsers, substitute 'dottedJson' with your parser's name. + description: Define the parser for events using a JavaScript expression. This + value helps parse data into AI SIEM. You must enclose text constants + in quotes (such as, 'dottedJson'). For custom parsers, substitute + 'dottedJson' with your parser's name. dataSourceCategoryExpression: type: string title: dataSource.category expression - description: Define the dataSource.category for events using a JavaScript expression. This value helps categorize data and helps enable extra features in SentinelOne AI SIEM. You must enclose text constants in quotes. The default value is 'security'. + description: Define the dataSource.category for events using a JavaScript + expression. This value helps categorize data and helps enable extra + features in SentinelOne AI SIEM. You must enclose text constants in + quotes. The default value is 'security'. dataSourceNameExpression: type: string title: dataSource.name expression - description: Define the dataSource.name for events using a JavaScript expression. This value should reflect the type of data being inserted into AI SIEM. You must enclose text constants in quotes (such as, 'networkActivity' or 'authLogs'). + description: Define the dataSource.name for events using a JavaScript + expression. This value should reflect the type of data being + inserted into AI SIEM. You must enclose text constants in quotes + (such as, 'networkActivity' or 'authLogs'). dataSourceVendorExpression: type: string title: dataSource.vendor expression - description: Define the dataSource.vendor for events using a JavaScript expression. This value should reflect the vendor of the data being inserted into AI SIEM. You must enclose text constants in quotes (such as, 'Cisco' or 'Microsoft'). + description: Define the dataSource.vendor for events using a JavaScript + expression. This value should reflect the vendor of the data being + inserted into AI SIEM. You must enclose text constants in quotes + (such as, 'Cisco' or 'Microsoft'). eventTypeExpression: type: string title: event.type expression - description: Optionally, define the event.type for events using a JavaScript expression. This value acts as a label, grouping events into meaningful categories. You must enclose text constants in quotes (such as, 'Process Creation' or 'Network Connection'). + description: Optionally, define the event.type for events using a JavaScript + expression. This value acts as a label, grouping events into + meaningful categories. You must enclose text constants in quotes + (such as, 'Process Creation' or 'Network Connection'). host: type: string title: serverHost expression - description: Define the serverHost for events using a JavaScript expression. This value will be passed to AI SIEM. You must enclose text constants in quotes (such as, 'myServerName'). + description: Define the serverHost for events using a JavaScript expression. + This value will be passed to AI SIEM. You must enclose text + constants in quotes (such as, 'myServerName'). source: type: string title: logFile - description: Specify the logFile value to pass as a parameter to SentinelOne AI SIEM. Don't quote this value. The default is cribl. + description: Specify the logFile value to pass as a parameter to SentinelOne AI + SIEM. Don't quote this value. The default is cribl. sourceType: type: string title: parser - description: Specify the sourcetype parameter for SentinelOne AI SIEM, which determines the parser. Don't quote this value. For custom parsers, substitute hecRawParser with your parser's name. The default is hecRawParser. + description: Specify the sourcetype parameter for SentinelOne AI SIEM, which + determines the parser. Don't quote this value. For custom parsers, + substitute hecRawParser with your parser's name. The default is + hecRawParser. dataSourceCategory: type: string title: dataSource.category - description: Specify the dataSource.category value to pass as a parameter to SentinelOne AI SIEM. This value helps categorize data and enables additional features. Don't quote this value. The default is security. + description: Specify the dataSource.category value to pass as a parameter to + SentinelOne AI SIEM. This value helps categorize data and enables + additional features. Don't quote this value. The default is + security. dataSourceName: type: string title: dataSource.name - description: Specify the dataSource.name value to pass as a parameter to AI SIEM. This value should reflect the type of data being inserted. Don't quote this value. The default is cribl. + description: Specify the dataSource.name value to pass as a parameter to AI + SIEM. This value should reflect the type of data being inserted. + Don't quote this value. The default is cribl. dataSourceVendor: type: string title: dataSource.vendor - description: Specify the dataSource.vendorvalue to pass as a parameter to AI SIEM. This value should reflect the vendor of the data being inserted. Don't quote this value. The default is cribl. + description: Specify the dataSource.vendorvalue to pass as a parameter to AI + SIEM. This value should reflect the vendor of the data being + inserted. Don't quote this value. The default is cribl. eventType: type: string title: event.type - description: Specify the event.type value to pass as an optional parameter to AI SIEM. This value acts as a label, grouping events into meaningful categories like Process Creation, File Modification, or Network Connection. Don't quote this value. By default, this field is empty. + description: Specify the event.type value to pass as an optional parameter to AI + SIEM. This value acts as a label, grouping events into meaningful + categories like Process Creation, File Modification, or Network + Connection. Don't quote this value. By default, this field is empty. pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -39548,20 +47245,30 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. OutputChronicle: type: object required: @@ -39586,13 +47293,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -39612,7 +47321,8 @@ components: responseRetrySettings: type: array title: Settings for failed HTTP requests - description: Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) + description: Automatically retry after unsuccessful response status codes, such + as 429 (Too Many Requests) or 503 (Service Unavailable) minItems: 0 items: $ref: "#/components/schemas/ResponseRetrySettingConfOutputWebhook" @@ -39621,7 +47331,11 @@ components: responseHonorRetryAfterHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) no + longer than 180 seconds after the retry request. @{product} limits + the delay to 180 seconds, even if the Retry-After header specifies a + longer delay. When enabled, takes precedence over user-configured + retry options. When disabled, all Retry-After headers are ignored. region: type: string title: Region @@ -39641,7 +47355,8 @@ components: maxPayloadEvents: type: number title: Events-per-request limit - description: Maximum number of events to include in the request body. Default is 0 (unlimited). + description: Maximum number of events to include in the request body. Default is + 0 (unlimited). minimum: 0 compress: type: boolean @@ -39650,17 +47365,23 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). \n Enabled by default. When this setting is also present in TLS Settings (Client Side), \n that value will take precedence." + description: >- + Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. timeoutSec: type: number minimum: 1 - maximum: 9.007199254740991e+15 + maximum: 9007199254740991 title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it + description: Amount of time, in seconds, to wait for a request to complete + before canceling it flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Body size limit. extraHttpHeaders: type: array title: Extra HTTP headers @@ -39678,13 +47399,16 @@ components: useRoundRobinDns: type: boolean title: Round-robin DNS - description: Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. + description: Enable round-robin DNS lookup. When a DNS server returns multiple + addresses, @{product} will cycle through them in the order returned. onBackpressure: $ref: "#/components/schemas/BackpressureBehaviorOptions" totalMemoryLimitKB: type: number title: Buffer memory limit (KB) - description: Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced. + description: Maximum total size of the batches waiting to be sent. If left + blank, defaults to 5 times the max body size (if set). If 0, no + limit is enforced. minimum: 0 ingestionMethod: type: string @@ -39692,15 +47416,20 @@ components: namespace: type: string title: Namespace - description: User-configured environment namespace to identify the data domain the logs originated from. This namespace is used as a tag to identify the appropriate data domain for indexing and enrichment functionality. Can be overwritten by event field __namespace. + description: User-configured environment namespace to identify the data domain + the logs originated from. This namespace is used as a tag to + identify the appropriate data domain for indexing and enrichment + functionality. Can be overwritten by event field __namespace. logType: type: string title: Default log type - description: Default log type value to send to SecOps. Can be overwritten by event field __logType. + description: Default log type value to send to SecOps. Can be overwritten by + event field __logType. logTextField: type: string title: Log text field - description: Name of the event field that contains the log text to send. If not specified, Stream sends a JSON representation of the whole event. + description: Name of the event field that contains the log text to send. If not + specified, Stream sends a JSON representation of the whole event. gcpProjectId: type: string title: GCP project ID @@ -39708,7 +47437,8 @@ components: gcpInstance: type: string title: GCP instance - description: The Google Cloud Platform (GCP) instance to send events to. This is the Chronicle customer uuid. + description: The Google Cloud Platform (GCP) instance to send events to. This is + the Chronicle customer uuid. customLabels: type: array title: Custom labels @@ -39732,7 +47462,10 @@ components: endpoint: type: string title: Endpoint - description: "Chronicle API service endpoint. If empty, defaults to the Region-specific endpoint. Otherwise, it must point to a Chronicle API-compatible endpoint. (Example: https://custom-endpoint.googleapis.com)" + description: "Chronicle API service endpoint. If empty, defaults to the + Region-specific endpoint. Otherwise, it must point to a Chronicle + API-compatible endpoint. (Example: + https://custom-endpoint.googleapis.com)" pattern: ^https?://.* description: type: string @@ -39740,47 +47473,58 @@ components: serviceAccountCredentials: type: string title: Service account credentials - description: Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right. + description: Contents of service account credentials (JSON keys) file downloaded + from Google Cloud. To upload a file, click the upload button at this + field's upper right. serviceAccountCredentialsSecret: type: string title: Service account credentials (text secret) description: Select or create a stored text secret pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -39788,41 +47532,65 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_failedRequestLoggingMode: type: string - description: Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. + description: Binds 'failedRequestLoggingMode' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'failedRequestLoggingMode' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_namespace: type: string - description: Binds 'namespace' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'namespace' at runtime. + description: Binds 'namespace' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'namespace' at runtime. __template_logType: type: string - description: Binds 'logType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logType' at runtime. + description: Binds 'logType' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'logType' at runtime. __template_logTextField: type: string - description: Binds 'logTextField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logTextField' at runtime. + description: Binds 'logTextField' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'logTextField' at runtime. __template_gcpProjectId: type: string - description: Binds 'gcpProjectId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'gcpProjectId' at runtime. + description: Binds 'gcpProjectId' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'gcpProjectId' at runtime. __template_gcpInstance: type: string - description: Binds 'gcpInstance' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'gcpInstance' at runtime. + description: Binds 'gcpInstance' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'gcpInstance' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. OutputDatabricks: type: object required: @@ -39850,13 +47618,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -39870,7 +47640,8 @@ components: stagePath: type: string title: Staging location - description: Filesystem location in which to buffer files before compressing and moving to final destination. Use performant, stable storage. + description: Filesystem location in which to buffer files before compressing and + moving to final destination. Use performant, stable storage. addIdToStagePath: type: boolean title: Add output ID @@ -39882,45 +47653,58 @@ components: partitionExpr: type: string title: Partitioning expression - description: JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory. + description: JavaScript expression defining how files are partitioned and + organized. Default is date-based. If blank, Stream will fall back to + the event's __partition field value – if present – otherwise to each + location's root directory. format: $ref: "#/components/schemas/DataFormatOptions" baseFileName: type: string title: File name prefix expression - description: JavaScript expression to define the output filename prefix (can be constant) + description: JavaScript expression to define the output filename prefix (can be + constant) fileNameSuffix: type: string title: File name suffix expression - description: JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`). + description: JavaScript expression to define the output filename suffix (can be + constant). The `__format` variable refers to the value of the `Data + format` field (`json` or `raw`). The `__compression` field refers + to the kind of compression being used (`none` or `gzip`). maxFileSizeMB: type: number title: File size limit (MB) - description: Maximum uncompressed output file size. Files of this size will be closed and moved to final output location. + description: Maximum uncompressed output file size. Files of this size will be + closed and moved to final output location. maximum: 1024 minimum: 5 maxFileOpenTimeSec: type: number title: File open time limit (sec) - description: Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to write to a file. Files open for longer + than this will be closed and moved to final output location. minimum: 10 maximum: 1800 maxFileIdleTimeSec: type: number title: Idle time limit (sec) - description: Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to keep inactive files open. Files open for + longer than this will be closed and moved to final output location. minimum: 5 maximum: 1800 maxOpenFiles: type: number title: Open file limit - description: Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location. + description: Maximum number of files to keep open concurrently. When exceeded, + @{product} will close the oldest open files and move them to the + final output location. minimum: 10 maximum: 2000 headerLine: type: string title: Header line - description: If set, this line will be written to the beginning of each output file + description: If set, this line will be written to the beginning of each output + file writeHighWaterMark: type: number title: Writing high watermark (KB) @@ -39932,13 +47716,17 @@ components: deadletterEnabled: type: boolean title: Enable dead-lettering - description: If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors + description: If a file fails to move to its final destination after the maximum + number of retries, move it to a designated directory to prevent + further errors onDiskFullBackpressure: $ref: "#/components/schemas/DiskSpaceProtectionOptions" forceCloseOnShutdown: type: boolean title: Force close on shutdown - description: Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss. + description: Force all staged files to close during an orderly Node shutdown. + This triggers immediate upload of in-progress data — regardless of + idle time, file age, or size thresholds — to minimize data loss. retrySettings: $ref: "#/components/schemas/RetrySettingsType" orphans: @@ -39946,11 +47734,14 @@ components: workspaceId: type: string title: Workspace ID - description: Unique identifier for the Databricks workspace. Used to construct the OAuth login URL and API base URL. + description: Unique identifier for the Databricks workspace. Used to construct + the OAuth login URL and API base URL. workspaceHost: type: string title: Workspace host - description: Hostname for the Databricks workspace. Override this to connect to government or secure cloud environments (e.g. cloud.databricks.us, cloud.databricks.mil, azuredatabricks.net). + description: Hostname for the Databricks workspace. Override this to connect to + government or secure cloud environments (e.g. cloud.databricks.us, + cloud.databricks.mil, azuredatabricks.net). scope: type: string title: OAuth scope @@ -39978,7 +47769,8 @@ components: timeoutSec: type: integer title: Request timeout - description: Amount of time, in seconds, to wait for a request to complete before canceling it. + description: Amount of time, in seconds, to wait for a request to complete + before canceling it. minimum: 30 description: type: string @@ -39990,11 +47782,13 @@ components: automaticSchema: type: boolean title: Automatic schema - description: Automatically calculate the schema based on the events of each Parquet file generated + description: Automatically calculate the schema based on the events of each + Parquet file generated parquetSchema: type: string title: Parquet schema - description: To add a new schema, navigate to Processing > Knowledge > Parquet Schemas + description: To add a new schema, navigate to Processing > Knowledge > Parquet + Schemas minLength: 1 parquetVersion: $ref: "#/components/schemas/ParquetVersionOptions" @@ -40003,13 +47797,16 @@ components: parquetRowGroupLength: type: number title: Group row limit - description: The number of rows that every group will contain. The final group can contain a smaller number of rows. + description: The number of rows that every group will contain. The final group + can contain a smaller number of rows. minimum: 1 - maximum: 6.7108864e+07 + maximum: 67108864 parquetPageSize: type: string title: Page size - description: Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression. + description: Target memory size for page segments, such as 1MB or 128MB. + Generally, lower values improve reading speed, while higher values + improve compression. pattern: ^\d+\s*(?:[kK][bB]|[mM][bB]|[gG][bB]|[tT][bB])?$ shouldLogInvalidRows: type: boolean @@ -40018,22 +47815,28 @@ components: keyValueMetadata: type: array title: Metadata (optional) - description: 'The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: "key":"OCSF Event Class", "value":"9001"' + description: 'The metadata of files the Destination writes will include the + properties you add here as key-value pairs. Useful for tagging. + Examples: "key":"OCSF Event Class", "value":"9001"' minItems: 0 items: $ref: "#/components/schemas/KeyValueMetadataConfOutputFilesystem" enableStatistics: type: boolean title: Write statistics - description: Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics. + description: Statistics profile an entire file in terms of minimum/maximum + values within data, numbers of nulls, etc. You can use Parquet tools + to view statistics. enableWritePageIndex: type: boolean title: Write page indexes - description: One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping. + description: One page index contains statistics for one data page. Parquet + readers use statistics to enable page skipping. enablePageChecksum: type: boolean title: Write page checksum - description: Parquet tools can use the checksum of a Parquet page to verify data integrity + description: Parquet tools can use the checksum of a Parquet page to verify data + integrity emptyDirCleanupSec: type: number title: Staging cleanup period @@ -40043,40 +47846,62 @@ components: directoryBatchSize: type: number title: Directory batch size - description: Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory. + description: Number of directories to process in each batch during cleanup of + empty directories. Minimum is 10, maximum is 10000. Higher values + may require more memory. deadletterPath: type: string title: Dead-letter location - description: Storage location for files that fail to reach their final destination after maximum retries are exceeded + description: Storage location for files that fail to reach their final + destination after maximum retries are exceeded maxRetryNum: type: number title: Retry limit - description: The maximum number of times a file will attempt to move to its final destination before being dead-lettered + description: The maximum number of times a file will attempt to move to its + final destination before being dead-lettered minimum: 1 __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_partitionExpr: type: string - description: Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime. + description: Binds 'partitionExpr' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'partitionExpr' at runtime. __template_format: type: string - description: Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime. + description: Binds 'format' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'format' at runtime. __template_baseFileName: type: string - description: Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime. + description: Binds 'baseFileName' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'baseFileName' at runtime. __template_fileNameSuffix: type: string - description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime. + description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'fileNameSuffix' at + runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_compress: type: string - description: Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime. + description: Binds 'compress' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'compress' at runtime. __template_parquetSchema: type: string - description: Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime. + description: Binds 'parquetSchema' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'parquetSchema' at runtime. OutputMicrosoftFabric: type: object required: @@ -40099,13 +47924,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -40124,7 +47951,8 @@ components: type: number minimum: 1 title: Record size limit (KB, uncompressed) - description: Maximum size of each record batch before compression. Setting should be < message.max.bytes settings in Event Hubs brokers. + description: Maximum size of each record batch before compression. Setting + should be < message.max.bytes settings in Event Hubs brokers. flushEventCount: type: number minimum: 1 @@ -40134,59 +47962,74 @@ components: flushPeriodSec: type: number title: Flush period (sec) - description: Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size. + description: Maximum time between requests. Small values could cause the payload + size to be smaller than the configured Max record size. connectionTimeout: type: number title: Connection timeout (ms) description: Maximum time to wait for a connection to complete successfully minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 requestTimeout: type: number title: Request timeout (ms) description: Maximum time to wait for Kafka to respond to a request minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 maxRetries: type: number title: Retry limit - description: If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data + description: If messages are failing, you can set the maximum number of retries + as high as 100 to prevent loss of data minimum: 0 maximum: 100 maxBackOff: type: number title: Backoff limit (ms) - description: The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds). + description: The maximum wait time for a retry, in milliseconds. Default (and + minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 + seconds). minimum: 30000 maximum: 180000 initialBackoff: type: number title: Initial retry interval (ms) - description: Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes). + description: Initial value used to calculate the retry, in milliseconds. Maximum + is 600,000 ms (10 minutes). minimum: 300 maximum: 600000 backoffRate: type: number title: Backoff multiplier - description: Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details. + description: Set the backoff multiplier (2-20) to control the retry frequency + for failed messages. For faster retries, use a lower multiplier. For + slower retries with more delay between attempts, use a higher + multiplier. The multiplier is used in an exponential backoff + formula; see the Kafka + [documentation](https://kafka.js.org/docs/retry-detailed) for + details. minimum: 2 maximum: 20 authenticationTimeout: type: number title: Authentication timeout (ms) - description: Maximum time to wait for Kafka to respond to an authentication request + description: Maximum time to wait for Kafka to respond to an authentication + request minimum: 1000 - maximum: 3.6e+06 + maximum: 3600000 reauthenticationThreshold: type: number title: Reauthentication threshold (ms) - description: Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire. + description: Specifies a time window during which @{product} can reauthenticate + if needed. Creates the window measuring backward from the moment + when credentials are set to expire. minimum: 1000 - maximum: 1.8e+06 + maximum: 1800000 sasl: type: object title: Authentication - description: Authentication parameters to use when connecting to bootstrap server. Using TLS is highly recommended. + description: Authentication parameters to use when connecting to bootstrap + server. Using TLS is highly recommended. required: - disabled properties: @@ -40198,11 +48041,13 @@ components: username: type: string title: SASL JASS username - description: The username for authentication. This should always be $ConnectionString. + description: The username for authentication. This should always be + $ConnectionString. textSecret: type: string title: SASL JASS password - description: Select or create a stored text secret corresponding to the SASL JASS Password Primary or Password Secondary + description: Select or create a stored text secret corresponding to the SASL + JASS Password Primary or Password Secondary clientSecretAuthType: $ref: "#/components/schemas/AuthenticationMethodOptionsAuth" clientTextSecret: @@ -40235,19 +48080,30 @@ components: description: Scope to pass in the OAuth request parameter __template_mechanism: type: string - description: Binds 'mechanism' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'mechanism' at runtime. + description: Binds 'mechanism' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'mechanism' at runtime. __template_oauthEndpoint: type: string - description: Binds 'oauthEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'oauthEndpoint' at runtime. + description: Binds 'oauthEndpoint' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'oauthEndpoint' at + runtime. __template_clientId: type: string - description: Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime. + description: Binds 'clientId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'clientId' at runtime. __template_tenantId: type: string - description: Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime. + description: Binds 'tenantId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'tenantId' at runtime. __template_scope: type: string - description: Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime. + description: Binds 'scope' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'scope' at runtime. tls: $ref: "#/components/schemas/TlsSettingsClientSideType" onBackpressure: @@ -40261,40 +48117,49 @@ components: title: Description pqStrictOrdering: title: Strict ordering - description: Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. + description: Use FIFO (first in, first out) processing. Disable to forward new + events to receivers before queue is flushed. type: boolean pqRatePerSec: type: number title: Drain rate limit (EPS) - description: Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. + description: Throttling rate (in events per second) to impose while writing to + Destinations from PQ. Defaults to 0, which disables throttling. minimum: 0 pqMode: $ref: "#/components/schemas/ModeOptions" pqMaxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use pqMaxBufferSizeBytes instead. minimum: 42 maximum: 1000 pqMaxBackpressureSec: type: number title: Backpressure duration limit - description: How long (in seconds) to wait for backpressure to resolve before engaging the queue + description: How long (in seconds) to wait for backpressure to resolve before + engaging the queue minimum: 0 pqMaxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) + description: The maximum size to store in each queue file before closing and + optionally compressing (KB, MB, etc.) pattern: ^\d+\s*(?:\w{2})?$ pqMaxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ pqPath: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //." + description: "The location for the persistent queue files. To this field's + value, the system will append: //." pqCompress: $ref: "#/components/schemas/CompressionOptionsPq" pqOnBackpressure: @@ -40302,26 +48167,40 @@ components: pqMaxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ pqControls: type: object title: "" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_topic: type: string - description: Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime. + description: Binds 'topic' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'topic' at runtime. __template_format: type: string - description: Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime. + description: Binds 'format' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'format' at runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_bootstrap_server: type: string - description: Binds 'bootstrap_server' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bootstrap_server' at runtime. + description: Binds 'bootstrap_server' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'bootstrap_server' at runtime. OutputCloudflareR2: type: object required: @@ -40345,13 +48224,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -40376,35 +48257,45 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates bucket: type: string title: R2 bucket name - description: "Name of the destination R2 bucket. This value can be a constant or a JavaScript expression that can only be evaluated at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`" + description: "Name of the destination R2 bucket. This value can be a constant or + a JavaScript expression that can only be evaluated at init time. + Example referencing a Global Variable: `myBucket-${C.vars.myVar}`" destPath: type: string title: Key prefix - description: "Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" + description: "Prefix to prepend to files before uploading. Must be a JavaScript + expression (which can evaluate to a constant value), enclosed in + quotes or backticks. Can be evaluated only at init time. Example + referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" maxConcurrentFileParts: type: number title: Concurrent file parts upload limit - description: Maximum number of parts to upload in parallel per file. Minimum part size is 5MB. + description: Maximum number of parts to upload in parallel per file. Minimum + part size is 5MB. minimum: 1 maximum: 10 verifyPermissions: type: boolean title: Verify if bucket exists - description: Disable if you can access files within the bucket but not the bucket itself + description: Disable if you can access files within the bucket but not the + bucket itself maxClosingFilesToBackpressure: type: number title: Staging file limit - description: Maximum number of files that can be waiting for upload before backpressure is applied + description: Maximum number of files that can be waiting for upload before + backpressure is applied minimum: 10 maximum: 4200 stagePath: type: string title: Staging location - description: Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage. + description: Filesystem location in which to buffer files, before compressing + and moving to final destination. Use performant and stable storage. addIdToStagePath: type: boolean title: Add output ID @@ -40416,45 +48307,58 @@ components: partitionExpr: type: string title: Partitioning expression - description: JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory. + description: JavaScript expression defining how files are partitioned and + organized. Default is date-based. If blank, Stream will fall back to + the event's __partition field value – if present – otherwise to each + location's root directory. format: $ref: "#/components/schemas/DataFormatOptions" baseFileName: type: string title: File name prefix expression - description: JavaScript expression to define the output filename prefix (can be constant) + description: JavaScript expression to define the output filename prefix (can be + constant) fileNameSuffix: type: string title: File name suffix expression - description: JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`). + description: JavaScript expression to define the output filename suffix (can be + constant). The `__format` variable refers to the value of the `Data + format` field (`json` or `raw`). The `__compression` field refers + to the kind of compression being used (`none` or `gzip`). maxFileSizeMB: type: number title: File size limit (MB) - description: Maximum uncompressed output file size. Files of this size will be closed and moved to final output location. + description: Maximum uncompressed output file size. Files of this size will be + closed and moved to final output location. maximum: 1024 minimum: 5 maxFileOpenTimeSec: type: number title: File open time limit (sec) - description: Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to write to a file. Files open for longer + than this will be closed and moved to final output location. minimum: 10 maximum: 86400 maxFileIdleTimeSec: type: number title: Idle time limit (sec) - description: Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to keep inactive files open. Files open for + longer than this will be closed and moved to final output location. minimum: 5 maximum: 86400 maxOpenFiles: type: number title: Open file limit - description: Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location. + description: Maximum number of files to keep open concurrently. When exceeded, + @{product} will close the oldest open files and move them to the + final output location. minimum: 10 maximum: 2000 headerLine: type: string title: Header line - description: If set, this line will be written to the beginning of each output file + description: If set, this line will be written to the beginning of each output + file writeHighWaterMark: type: number title: Writing high watermark (KB) @@ -40466,13 +48370,17 @@ components: deadletterEnabled: type: boolean title: Enable dead-lettering - description: If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors + description: If a file fails to move to its final destination after the maximum + number of retries, move it to a designated directory to prevent + further errors onDiskFullBackpressure: $ref: "#/components/schemas/DiskSpaceProtectionOptions" forceCloseOnShutdown: type: boolean title: Force close on shutdown - description: Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss. + description: Force all staged files to close during an orderly Node shutdown. + This triggers immediate upload of in-progress data — regardless of + idle time, file age, or size thresholds — to minimize data loss. retrySettings: $ref: "#/components/schemas/RetrySettingsType" orphans: @@ -40480,11 +48388,13 @@ components: awsSecretKey: type: string title: Secret key - description: "Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)" + description: "Secret key. This value can be a constant or a JavaScript + expression. Example: `${C.env.SOME_SECRET}`)" endpoint: type: string title: R2 endpoint - description: "Cloudflare R2 service URL (example: https://.r2.cloudflarestorage.com)" + description: "Cloudflare R2 service URL (example: + https://.r2.cloudflarestorage.com)" pattern: ^https?://.* storageClass: $ref: "#/components/schemas/StorageClassOptionsReducedredundancyStandard" @@ -40496,7 +48406,8 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key compress: $ref: "#/components/schemas/CompressionOptionsHttp" compressionLevel: @@ -40504,11 +48415,13 @@ components: automaticSchema: type: boolean title: Automatic schema - description: Automatically calculate the schema based on the events of each Parquet file generated + description: Automatically calculate the schema based on the events of each + Parquet file generated parquetSchema: type: string title: Parquet schema - description: To add a new schema, navigate to Processing > Knowledge > Parquet Schemas + description: To add a new schema, navigate to Processing > Knowledge > Parquet + Schemas minLength: 1 parquetVersion: $ref: "#/components/schemas/ParquetVersionOptions" @@ -40517,13 +48430,16 @@ components: parquetRowGroupLength: type: number title: Group row limit - description: The number of rows that every group will contain. The final group can contain a smaller number of rows. + description: The number of rows that every group will contain. The final group + can contain a smaller number of rows. minimum: 1 - maximum: 6.7108864e+07 + maximum: 67108864 parquetPageSize: type: string title: Page size - description: Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression. + description: Target memory size for page segments, such as 1MB or 128MB. + Generally, lower values improve reading speed, while higher values + improve compression. pattern: ^\d+\s*(?:[kK][bB]|[mM][bB]|[gG][bB]|[tT][bB])?$ shouldLogInvalidRows: type: boolean @@ -40532,22 +48448,28 @@ components: keyValueMetadata: type: array title: Metadata (optional) - description: 'The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: "key":"OCSF Event Class", "value":"9001"' + description: 'The metadata of files the Destination writes will include the + properties you add here as key-value pairs. Useful for tagging. + Examples: "key":"OCSF Event Class", "value":"9001"' minItems: 0 items: $ref: "#/components/schemas/KeyValueMetadataConfOutputFilesystem" enableStatistics: type: boolean title: Write statistics - description: Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics. + description: Statistics profile an entire file in terms of minimum/maximum + values within data, numbers of nulls, etc. You can use Parquet tools + to view statistics. enableWritePageIndex: type: boolean title: Write page indexes - description: One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping. + description: One page index contains statistics for one data page. Parquet + readers use statistics to enable page skipping. enablePageChecksum: type: boolean title: Write page checksum - description: Parquet tools can use the checksum of a Parquet page to verify data integrity + description: Parquet tools can use the checksum of a Parquet page to verify data + integrity emptyDirCleanupSec: type: number title: Staging cleanup period @@ -40557,55 +48479,88 @@ components: directoryBatchSize: type: number title: Directory batch size - description: Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory. + description: Number of directories to process in each batch during cleanup of + empty directories. Minimum is 10, maximum is 10000. Higher values + may require more memory. deadletterPath: type: string title: Dead-letter location - description: Storage location for files that fail to reach their final destination after maximum retries are exceeded + description: Storage location for files that fail to reach their final + destination after maximum retries are exceeded maxRetryNum: type: number title: Retry limit - description: The maximum number of times a file will attempt to move to its final destination before being dead-lettered + description: The maximum number of times a file will attempt to move to its + final destination before being dead-lettered minimum: 1 __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_bucket: type: string - description: Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime. + description: Binds 'bucket' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'bucket' at runtime. __template_destPath: type: string - description: Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime. + description: Binds 'destPath' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'destPath' at runtime. __template_partitionExpr: type: string - description: Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime. + description: Binds 'partitionExpr' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'partitionExpr' at runtime. __template_format: type: string - description: Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime. + description: Binds 'format' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'format' at runtime. __template_baseFileName: type: string - description: Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime. + description: Binds 'baseFileName' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'baseFileName' at runtime. __template_fileNameSuffix: type: string - description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime. + description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'fileNameSuffix' at + runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_awsSecretKey: type: string - description: Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime. + description: Binds 'awsSecretKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'awsSecretKey' at runtime. __template_storageClass: type: string - description: Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime. + description: Binds 'storageClass' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'storageClass' at runtime. __template_serverSideEncryption: type: string - description: Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime. + description: Binds 'serverSideEncryption' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'serverSideEncryption' at runtime. __template_compress: type: string - description: Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime. + description: Binds 'compress' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'compress' at runtime. __template_parquetSchema: type: string - description: Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime. + description: Binds 'parquetSchema' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'parquetSchema' at runtime. OutputNutanixObjects: type: object required: @@ -40629,13 +48584,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -40651,11 +48608,16 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates bucket: type: string title: Nutanix Objects bucket name - description: "Name of the destination Nutanix Objects bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`" + description: "Name of the destination Nutanix Objects bucket. Must be a + JavaScript expression (which can evaluate to a constant value), + enclosed in quotes or backticks. Can be evaluated only at + initialization time. Example referencing a Global Variable: + `myBucket-${C.vars.myVar}`" region: type: string title: Region @@ -40663,27 +48625,34 @@ components: destPath: type: string title: Key prefix - description: "Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" + description: "Prefix to prepend to files before uploading. Must be a JavaScript + expression (which can evaluate to a constant value), enclosed in + quotes or backticks. Can be evaluated only at init time. Example + referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" maxConcurrentFileParts: type: number title: Concurrent file parts upload limit - description: Maximum number of parts to upload in parallel per file. Minimum part size is 5MB. + description: Maximum number of parts to upload in parallel per file. Minimum + part size is 5MB. minimum: 1 maximum: 10 verifyPermissions: type: boolean title: Verify if bucket exists - description: Disable if you can access files within the bucket but not the bucket itself + description: Disable if you can access files within the bucket but not the + bucket itself maxClosingFilesToBackpressure: type: number title: Staging file limit - description: Maximum number of files that can be waiting for upload before backpressure is applied + description: Maximum number of files that can be waiting for upload before + backpressure is applied minimum: 10 maximum: 4200 stagePath: type: string title: Staging location - description: Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage. + description: Filesystem location in which to buffer files, before compressing + and moving to final destination. Use performant and stable storage. addIdToStagePath: type: boolean title: Add output ID @@ -40695,45 +48664,58 @@ components: partitionExpr: type: string title: Partitioning expression - description: JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory. + description: JavaScript expression defining how files are partitioned and + organized. Default is date-based. If blank, Stream will fall back to + the event's __partition field value – if present – otherwise to each + location's root directory. format: $ref: "#/components/schemas/DataFormatOptions" baseFileName: type: string title: File name prefix expression - description: JavaScript expression to define the output filename prefix (can be constant) + description: JavaScript expression to define the output filename prefix (can be + constant) fileNameSuffix: type: string title: File name suffix expression - description: JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`). + description: JavaScript expression to define the output filename suffix (can be + constant). The `__format` variable refers to the value of the `Data + format` field (`json` or `raw`). The `__compression` field refers + to the kind of compression being used (`none` or `gzip`). maxFileSizeMB: type: number title: File size limit (MB) - description: Maximum uncompressed output file size. Files of this size will be closed and moved to final output location. + description: Maximum uncompressed output file size. Files of this size will be + closed and moved to final output location. maximum: 1024 minimum: 5 maxFileOpenTimeSec: type: number title: File open time limit (sec) - description: Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to write to a file. Files open for longer + than this will be closed and moved to final output location. minimum: 10 maximum: 86400 maxFileIdleTimeSec: type: number title: Idle time limit (sec) - description: Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to keep inactive files open. Files open for + longer than this will be closed and moved to final output location. minimum: 5 maximum: 86400 maxOpenFiles: type: number title: Open file limit - description: Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location. + description: Maximum number of files to keep open concurrently. When exceeded, + @{product} will close the oldest open files and move them to the + final output location. minimum: 10 maximum: 2000 headerLine: type: string title: Header line - description: If set, this line will be written to the beginning of each output file + description: If set, this line will be written to the beginning of each output + file writeHighWaterMark: type: number title: Writing high watermark (KB) @@ -40745,13 +48727,17 @@ components: deadletterEnabled: type: boolean title: Enable dead-lettering - description: If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors + description: If a file fails to move to its final destination after the maximum + number of retries, move it to a designated directory to prevent + further errors onDiskFullBackpressure: $ref: "#/components/schemas/DiskSpaceProtectionOptions" forceCloseOnShutdown: type: boolean title: Force close on shutdown - description: Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss. + description: Force all staged files to close during an orderly Node shutdown. + This triggers immediate upload of in-progress data — regardless of + idle time, file age, or size thresholds — to minimize data loss. retrySettings: $ref: "#/components/schemas/RetrySettingsType" orphans: @@ -40759,7 +48745,8 @@ components: endpoint: type: string title: Nutanix Objects endpoint - description: "Nutanix Objects S3-compatible endpoint URL (example: https://objects.nutanix.local)" + description: "Nutanix Objects S3-compatible endpoint URL (example: + https://objects.nutanix.local)" pattern: ^https?://.* description: type: string @@ -40767,7 +48754,8 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key compress: $ref: "#/components/schemas/CompressionOptionsHttp" compressionLevel: @@ -40775,11 +48763,13 @@ components: automaticSchema: type: boolean title: Automatic schema - description: Automatically calculate the schema based on the events of each Parquet file generated + description: Automatically calculate the schema based on the events of each + Parquet file generated parquetSchema: type: string title: Parquet schema - description: To add a new schema, navigate to Processing > Knowledge > Parquet Schemas + description: To add a new schema, navigate to Processing > Knowledge > Parquet + Schemas minLength: 1 parquetVersion: $ref: "#/components/schemas/ParquetVersionOptions" @@ -40788,13 +48778,16 @@ components: parquetRowGroupLength: type: number title: Group row limit - description: The number of rows that every group will contain. The final group can contain a smaller number of rows. + description: The number of rows that every group will contain. The final group + can contain a smaller number of rows. minimum: 1 - maximum: 6.7108864e+07 + maximum: 67108864 parquetPageSize: type: string title: Page size - description: Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression. + description: Target memory size for page segments, such as 1MB or 128MB. + Generally, lower values improve reading speed, while higher values + improve compression. pattern: ^\d+\s*(?:[kK][bB]|[mM][bB]|[gG][bB]|[tT][bB])?$ shouldLogInvalidRows: type: boolean @@ -40803,22 +48796,28 @@ components: keyValueMetadata: type: array title: Metadata (optional) - description: 'The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: "key":"OCSF Event Class", "value":"9001"' + description: 'The metadata of files the Destination writes will include the + properties you add here as key-value pairs. Useful for tagging. + Examples: "key":"OCSF Event Class", "value":"9001"' minItems: 0 items: $ref: "#/components/schemas/KeyValueMetadataConfOutputFilesystem" enableStatistics: type: boolean title: Write statistics - description: Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics. + description: Statistics profile an entire file in terms of minimum/maximum + values within data, numbers of nulls, etc. You can use Parquet tools + to view statistics. enableWritePageIndex: type: boolean title: Write page indexes - description: One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping. + description: One page index contains statistics for one data page. Parquet + readers use statistics to enable page skipping. enablePageChecksum: type: boolean title: Write page checksum - description: Parquet tools can use the checksum of a Parquet page to verify data integrity + description: Parquet tools can use the checksum of a Parquet page to verify data + integrity emptyDirCleanupSec: type: number title: Staging cleanup period @@ -40828,52 +48827,82 @@ components: directoryBatchSize: type: number title: Directory batch size - description: Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory. + description: Number of directories to process in each batch during cleanup of + empty directories. Minimum is 10, maximum is 10000. Higher values + may require more memory. deadletterPath: type: string title: Dead-letter location - description: Storage location for files that fail to reach their final destination after maximum retries are exceeded + description: Storage location for files that fail to reach their final + destination after maximum retries are exceeded maxRetryNum: type: number title: Retry limit - description: The maximum number of times a file will attempt to move to its final destination before being dead-lettered + description: The maximum number of times a file will attempt to move to its + final destination before being dead-lettered minimum: 1 __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_bucket: type: string - description: Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime. + description: Binds 'bucket' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'bucket' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_destPath: type: string - description: Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime. + description: Binds 'destPath' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'destPath' at runtime. __template_partitionExpr: type: string - description: Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime. + description: Binds 'partitionExpr' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'partitionExpr' at runtime. __template_format: type: string - description: Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime. + description: Binds 'format' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'format' at runtime. __template_baseFileName: type: string - description: Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime. + description: Binds 'baseFileName' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'baseFileName' at runtime. __template_fileNameSuffix: type: string - description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime. + description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'fileNameSuffix' at + runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_compress: type: string - description: Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime. + description: Binds 'compress' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'compress' at runtime. __template_parquetSchema: type: string - description: Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime. + description: Binds 'parquetSchema' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'parquetSchema' at runtime. OutputStorjS3: type: object required: @@ -40897,13 +48926,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -40919,35 +48950,46 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates bucket: type: string title: Storj bucket name - description: "Name of the destination Storj bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`" + description: "Name of the destination Storj bucket. Must be a JavaScript + expression (which can evaluate to a constant value), enclosed in + quotes or backticks. Can be evaluated only at initialization time. + Example referencing a Global Variable: `myBucket-${C.vars.myVar}`" destPath: type: string title: Key prefix - description: "Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" + description: "Prefix to prepend to files before uploading. Must be a JavaScript + expression (which can evaluate to a constant value), enclosed in + quotes or backticks. Can be evaluated only at init time. Example + referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" maxConcurrentFileParts: type: number title: Concurrent file parts upload limit - description: Maximum number of parts to upload in parallel per file. Minimum part size is 5MB. + description: Maximum number of parts to upload in parallel per file. Minimum + part size is 5MB. minimum: 1 maximum: 10 verifyPermissions: type: boolean title: Verify if bucket exists - description: Disable if you can access files within the bucket but not the bucket itself + description: Disable if you can access files within the bucket but not the + bucket itself maxClosingFilesToBackpressure: type: number title: Staging file limit - description: Maximum number of files that can be waiting for upload before backpressure is applied + description: Maximum number of files that can be waiting for upload before + backpressure is applied minimum: 10 maximum: 4200 stagePath: type: string title: Staging location - description: Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage. + description: Filesystem location in which to buffer files, before compressing + and moving to final destination. Use performant and stable storage. addIdToStagePath: type: boolean title: Add output ID @@ -40959,45 +49001,58 @@ components: partitionExpr: type: string title: Partitioning expression - description: JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory. + description: JavaScript expression defining how files are partitioned and + organized. Default is date-based. If blank, Stream will fall back to + the event's __partition field value – if present – otherwise to each + location's root directory. format: $ref: "#/components/schemas/DataFormatOptions" baseFileName: type: string title: File name prefix expression - description: JavaScript expression to define the output filename prefix (can be constant) + description: JavaScript expression to define the output filename prefix (can be + constant) fileNameSuffix: type: string title: File name suffix expression - description: JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`). + description: JavaScript expression to define the output filename suffix (can be + constant). The `__format` variable refers to the value of the `Data + format` field (`json` or `raw`). The `__compression` field refers + to the kind of compression being used (`none` or `gzip`). maxFileSizeMB: type: number title: File size limit (MB) - description: Maximum uncompressed output file size. Files of this size will be closed and moved to final output location. + description: Maximum uncompressed output file size. Files of this size will be + closed and moved to final output location. maximum: 1024 minimum: 5 maxFileOpenTimeSec: type: number title: File open time limit (sec) - description: Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to write to a file. Files open for longer + than this will be closed and moved to final output location. minimum: 10 maximum: 86400 maxFileIdleTimeSec: type: number title: Idle time limit (sec) - description: Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to keep inactive files open. Files open for + longer than this will be closed and moved to final output location. minimum: 5 maximum: 86400 maxOpenFiles: type: number title: Open file limit - description: Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location. + description: Maximum number of files to keep open concurrently. When exceeded, + @{product} will close the oldest open files and move them to the + final output location. minimum: 10 maximum: 2000 headerLine: type: string title: Header line - description: If set, this line will be written to the beginning of each output file + description: If set, this line will be written to the beginning of each output + file writeHighWaterMark: type: number title: Writing high watermark (KB) @@ -41009,13 +49064,17 @@ components: deadletterEnabled: type: boolean title: Enable dead-lettering - description: If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors + description: If a file fails to move to its final destination after the maximum + number of retries, move it to a designated directory to prevent + further errors onDiskFullBackpressure: $ref: "#/components/schemas/DiskSpaceProtectionOptions" forceCloseOnShutdown: type: boolean title: Force close on shutdown - description: Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss. + description: Force all staged files to close during an orderly Node shutdown. + This triggers immediate upload of in-progress data — regardless of + idle time, file age, or size thresholds — to minimize data loss. retrySettings: $ref: "#/components/schemas/RetrySettingsType" orphans: @@ -41023,7 +49082,8 @@ components: endpoint: type: string title: Storj endpoint - description: "Storj S3-compatible gateway endpoint URL (example: https://gateway.storjshare.io)" + description: "Storj S3-compatible gateway endpoint URL (example: + https://gateway.storjshare.io)" pattern: ^https?://.* description: type: string @@ -41031,7 +49091,8 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key compress: $ref: "#/components/schemas/CompressionOptionsHttp" compressionLevel: @@ -41039,11 +49100,13 @@ components: automaticSchema: type: boolean title: Automatic schema - description: Automatically calculate the schema based on the events of each Parquet file generated + description: Automatically calculate the schema based on the events of each + Parquet file generated parquetSchema: type: string title: Parquet schema - description: To add a new schema, navigate to Processing > Knowledge > Parquet Schemas + description: To add a new schema, navigate to Processing > Knowledge > Parquet + Schemas minLength: 1 parquetVersion: $ref: "#/components/schemas/ParquetVersionOptions" @@ -41052,13 +49115,16 @@ components: parquetRowGroupLength: type: number title: Group row limit - description: The number of rows that every group will contain. The final group can contain a smaller number of rows. + description: The number of rows that every group will contain. The final group + can contain a smaller number of rows. minimum: 1 - maximum: 6.7108864e+07 + maximum: 67108864 parquetPageSize: type: string title: Page size - description: Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression. + description: Target memory size for page segments, such as 1MB or 128MB. + Generally, lower values improve reading speed, while higher values + improve compression. pattern: ^\d+\s*(?:[kK][bB]|[mM][bB]|[gG][bB]|[tT][bB])?$ shouldLogInvalidRows: type: boolean @@ -41067,22 +49133,28 @@ components: keyValueMetadata: type: array title: Metadata (optional) - description: 'The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: "key":"OCSF Event Class", "value":"9001"' + description: 'The metadata of files the Destination writes will include the + properties you add here as key-value pairs. Useful for tagging. + Examples: "key":"OCSF Event Class", "value":"9001"' minItems: 0 items: $ref: "#/components/schemas/KeyValueMetadataConfOutputFilesystem" enableStatistics: type: boolean title: Write statistics - description: Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics. + description: Statistics profile an entire file in terms of minimum/maximum + values within data, numbers of nulls, etc. You can use Parquet tools + to view statistics. enableWritePageIndex: type: boolean title: Write page indexes - description: One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping. + description: One page index contains statistics for one data page. Parquet + readers use statistics to enable page skipping. enablePageChecksum: type: boolean title: Write page checksum - description: Parquet tools can use the checksum of a Parquet page to verify data integrity + description: Parquet tools can use the checksum of a Parquet page to verify data + integrity emptyDirCleanupSec: type: number title: Staging cleanup period @@ -41092,49 +49164,77 @@ components: directoryBatchSize: type: number title: Directory batch size - description: Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory. + description: Number of directories to process in each batch during cleanup of + empty directories. Minimum is 10, maximum is 10000. Higher values + may require more memory. deadletterPath: type: string title: Dead-letter location - description: Storage location for files that fail to reach their final destination after maximum retries are exceeded + description: Storage location for files that fail to reach their final + destination after maximum retries are exceeded maxRetryNum: type: number title: Retry limit - description: The maximum number of times a file will attempt to move to its final destination before being dead-lettered + description: The maximum number of times a file will attempt to move to its + final destination before being dead-lettered minimum: 1 __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_bucket: type: string - description: Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime. + description: Binds 'bucket' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'bucket' at runtime. __template_destPath: type: string - description: Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime. + description: Binds 'destPath' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'destPath' at runtime. __template_partitionExpr: type: string - description: Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime. + description: Binds 'partitionExpr' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'partitionExpr' at runtime. __template_format: type: string - description: Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime. + description: Binds 'format' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'format' at runtime. __template_baseFileName: type: string - description: Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime. + description: Binds 'baseFileName' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'baseFileName' at runtime. __template_fileNameSuffix: type: string - description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime. + description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'fileNameSuffix' at + runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_compress: type: string - description: Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime. + description: Binds 'compress' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'compress' at runtime. __template_parquetSchema: type: string - description: Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime. + description: Binds 'parquetSchema' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'parquetSchema' at runtime. OutputAlphasocS3: type: object required: @@ -41157,13 +49257,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -41179,35 +49281,46 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates bucket: type: string title: AlphaSOC bucket name - description: "Name of the destination AlphaSOC bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`" + description: "Name of the destination AlphaSOC bucket. Must be a JavaScript + expression (which can evaluate to a constant value), enclosed in + quotes or backticks. Can be evaluated only at initialization time. + Example referencing a Global Variable: `myBucket-${C.vars.myVar}`" destPath: type: string title: Key prefix - description: "Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" + description: "Prefix to prepend to files before uploading. Must be a JavaScript + expression (which can evaluate to a constant value), enclosed in + quotes or backticks. Can be evaluated only at init time. Example + referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" maxConcurrentFileParts: type: number title: Concurrent file parts upload limit - description: Maximum number of parts to upload in parallel per file. Minimum part size is 5MB. + description: Maximum number of parts to upload in parallel per file. Minimum + part size is 5MB. minimum: 1 maximum: 10 verifyPermissions: type: boolean title: Verify if bucket exists - description: Disable if you can access files within the bucket but not the bucket itself + description: Disable if you can access files within the bucket but not the + bucket itself maxClosingFilesToBackpressure: type: number title: Staging file limit - description: Maximum number of files that can be waiting for upload before backpressure is applied + description: Maximum number of files that can be waiting for upload before + backpressure is applied minimum: 10 maximum: 4200 stagePath: type: string title: Staging location - description: Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage. + description: Filesystem location in which to buffer files, before compressing + and moving to final destination. Use performant and stable storage. addIdToStagePath: type: boolean title: Add output ID @@ -41219,45 +49332,58 @@ components: partitionExpr: type: string title: Partitioning expression - description: JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory. + description: JavaScript expression defining how files are partitioned and + organized. Default is date-based. If blank, Stream will fall back to + the event's __partition field value – if present – otherwise to each + location's root directory. format: $ref: "#/components/schemas/DataFormatOptions" baseFileName: type: string title: File name prefix expression - description: JavaScript expression to define the output filename prefix (can be constant) + description: JavaScript expression to define the output filename prefix (can be + constant) fileNameSuffix: type: string title: File name suffix expression - description: JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`). + description: JavaScript expression to define the output filename suffix (can be + constant). The `__format` variable refers to the value of the `Data + format` field (`json` or `raw`). The `__compression` field refers + to the kind of compression being used (`none` or `gzip`). maxFileSizeMB: type: number title: File size limit (MB) - description: Maximum uncompressed output file size. Files of this size will be closed and moved to final output location. + description: Maximum uncompressed output file size. Files of this size will be + closed and moved to final output location. maximum: 1024 minimum: 5 maxFileOpenTimeSec: type: number title: File open time limit (sec) - description: Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to write to a file. Files open for longer + than this will be closed and moved to final output location. minimum: 10 maximum: 86400 maxFileIdleTimeSec: type: number title: Idle time limit (sec) - description: Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to keep inactive files open. Files open for + longer than this will be closed and moved to final output location. minimum: 5 maximum: 86400 maxOpenFiles: type: number title: Open file limit - description: Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location. + description: Maximum number of files to keep open concurrently. When exceeded, + @{product} will close the oldest open files and move them to the + final output location. minimum: 10 maximum: 2000 headerLine: type: string title: Header line - description: If set, this line will be written to the beginning of each output file + description: If set, this line will be written to the beginning of each output + file writeHighWaterMark: type: number title: Writing high watermark (KB) @@ -41269,13 +49395,17 @@ components: deadletterEnabled: type: boolean title: Enable dead-lettering - description: If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors + description: If a file fails to move to its final destination after the maximum + number of retries, move it to a designated directory to prevent + further errors onDiskFullBackpressure: $ref: "#/components/schemas/DiskSpaceProtectionOptions" forceCloseOnShutdown: type: boolean title: Force close on shutdown - description: Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss. + description: Force all staged files to close during an orderly Node shutdown. + This triggers immediate upload of in-progress data — regardless of + idle time, file age, or size thresholds — to minimize data loss. retrySettings: $ref: "#/components/schemas/RetrySettingsType" orphans: @@ -41283,7 +49413,8 @@ components: endpoint: type: string title: AlphaSOC endpoint - description: "AlphaSOC S3-compatible endpoint URL (example: https://s3.alphasoc.net)" + description: "AlphaSOC S3-compatible endpoint URL (example: + https://s3.alphasoc.net)" pattern: ^https?://.* description: type: string @@ -41291,7 +49422,8 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key compress: $ref: "#/components/schemas/CompressionOptionsHttp" compressionLevel: @@ -41299,11 +49431,13 @@ components: automaticSchema: type: boolean title: Automatic schema - description: Automatically calculate the schema based on the events of each Parquet file generated + description: Automatically calculate the schema based on the events of each + Parquet file generated parquetSchema: type: string title: Parquet schema - description: To add a new schema, navigate to Processing > Knowledge > Parquet Schemas + description: To add a new schema, navigate to Processing > Knowledge > Parquet + Schemas minLength: 1 parquetVersion: $ref: "#/components/schemas/ParquetVersionOptions" @@ -41312,13 +49446,16 @@ components: parquetRowGroupLength: type: number title: Group row limit - description: The number of rows that every group will contain. The final group can contain a smaller number of rows. + description: The number of rows that every group will contain. The final group + can contain a smaller number of rows. minimum: 1 - maximum: 6.7108864e+07 + maximum: 67108864 parquetPageSize: type: string title: Page size - description: Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression. + description: Target memory size for page segments, such as 1MB or 128MB. + Generally, lower values improve reading speed, while higher values + improve compression. pattern: ^\d+\s*(?:[kK][bB]|[mM][bB]|[gG][bB]|[tT][bB])?$ shouldLogInvalidRows: type: boolean @@ -41327,22 +49464,28 @@ components: keyValueMetadata: type: array title: Metadata (optional) - description: 'The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: "key":"OCSF Event Class", "value":"9001"' + description: 'The metadata of files the Destination writes will include the + properties you add here as key-value pairs. Useful for tagging. + Examples: "key":"OCSF Event Class", "value":"9001"' minItems: 0 items: $ref: "#/components/schemas/KeyValueMetadataConfOutputFilesystem" enableStatistics: type: boolean title: Write statistics - description: Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics. + description: Statistics profile an entire file in terms of minimum/maximum + values within data, numbers of nulls, etc. You can use Parquet tools + to view statistics. enableWritePageIndex: type: boolean title: Write page indexes - description: One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping. + description: One page index contains statistics for one data page. Parquet + readers use statistics to enable page skipping. enablePageChecksum: type: boolean title: Write page checksum - description: Parquet tools can use the checksum of a Parquet page to verify data integrity + description: Parquet tools can use the checksum of a Parquet page to verify data + integrity emptyDirCleanupSec: type: number title: Staging cleanup period @@ -41352,46 +49495,72 @@ components: directoryBatchSize: type: number title: Directory batch size - description: Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory. + description: Number of directories to process in each batch during cleanup of + empty directories. Minimum is 10, maximum is 10000. Higher values + may require more memory. deadletterPath: type: string title: Dead-letter location - description: Storage location for files that fail to reach their final destination after maximum retries are exceeded + description: Storage location for files that fail to reach their final + destination after maximum retries are exceeded maxRetryNum: type: number title: Retry limit - description: The maximum number of times a file will attempt to move to its final destination before being dead-lettered + description: The maximum number of times a file will attempt to move to its + final destination before being dead-lettered minimum: 1 __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_bucket: type: string - description: Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime. + description: Binds 'bucket' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'bucket' at runtime. __template_destPath: type: string - description: Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime. + description: Binds 'destPath' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'destPath' at runtime. __template_format: type: string - description: Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime. + description: Binds 'format' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'format' at runtime. __template_baseFileName: type: string - description: Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime. + description: Binds 'baseFileName' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'baseFileName' at runtime. __template_fileNameSuffix: type: string - description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime. + description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'fileNameSuffix' at + runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_compress: type: string - description: Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime. + description: Binds 'compress' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'compress' at runtime. __template_parquetSchema: type: string - description: Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime. + description: Binds 'parquetSchema' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'parquetSchema' at runtime. OutputDellS3: type: object required: @@ -41415,13 +49584,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -41437,11 +49608,16 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates bucket: type: string title: Dell PowerScale OneFS bucket name - description: "Name of the destination Dell PowerScale OneFS bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`" + description: "Name of the destination Dell PowerScale OneFS bucket. Must be a + JavaScript expression (which can evaluate to a constant value), + enclosed in quotes or backticks. Can be evaluated only at + initialization time. Example referencing a Global Variable: + `myBucket-${C.vars.myVar}`" region: type: string title: Region @@ -41449,27 +49625,34 @@ components: destPath: type: string title: Key prefix - description: "Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" + description: "Prefix to prepend to files before uploading. Must be a JavaScript + expression (which can evaluate to a constant value), enclosed in + quotes or backticks. Can be evaluated only at init time. Example + referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" maxConcurrentFileParts: type: number title: Concurrent file parts upload limit - description: Maximum number of parts to upload in parallel per file. Minimum part size is 5MB. + description: Maximum number of parts to upload in parallel per file. Minimum + part size is 5MB. minimum: 1 maximum: 10 verifyPermissions: type: boolean title: Verify if bucket exists - description: Disable if you can access files within the bucket but not the bucket itself + description: Disable if you can access files within the bucket but not the + bucket itself maxClosingFilesToBackpressure: type: number title: Staging file limit - description: Maximum number of files that can be waiting for upload before backpressure is applied + description: Maximum number of files that can be waiting for upload before + backpressure is applied minimum: 10 maximum: 4200 stagePath: type: string title: Staging location - description: Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage. + description: Filesystem location in which to buffer files, before compressing + and moving to final destination. Use performant and stable storage. addIdToStagePath: type: boolean title: Add output ID @@ -41481,45 +49664,58 @@ components: partitionExpr: type: string title: Partitioning expression - description: JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory. + description: JavaScript expression defining how files are partitioned and + organized. Default is date-based. If blank, Stream will fall back to + the event's __partition field value – if present – otherwise to each + location's root directory. format: $ref: "#/components/schemas/DataFormatOptions" baseFileName: type: string title: File name prefix expression - description: JavaScript expression to define the output filename prefix (can be constant) + description: JavaScript expression to define the output filename prefix (can be + constant) fileNameSuffix: type: string title: File name suffix expression - description: JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`). + description: JavaScript expression to define the output filename suffix (can be + constant). The `__format` variable refers to the value of the `Data + format` field (`json` or `raw`). The `__compression` field refers + to the kind of compression being used (`none` or `gzip`). maxFileSizeMB: type: number title: File size limit (MB) - description: Maximum uncompressed output file size. Files of this size will be closed and moved to final output location. + description: Maximum uncompressed output file size. Files of this size will be + closed and moved to final output location. maximum: 1024 minimum: 5 maxFileOpenTimeSec: type: number title: File open time limit (sec) - description: Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to write to a file. Files open for longer + than this will be closed and moved to final output location. minimum: 10 maximum: 86400 maxFileIdleTimeSec: type: number title: Idle time limit (sec) - description: Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to keep inactive files open. Files open for + longer than this will be closed and moved to final output location. minimum: 5 maximum: 86400 maxOpenFiles: type: number title: Open file limit - description: Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location. + description: Maximum number of files to keep open concurrently. When exceeded, + @{product} will close the oldest open files and move them to the + final output location. minimum: 10 maximum: 2000 headerLine: type: string title: Header line - description: If set, this line will be written to the beginning of each output file + description: If set, this line will be written to the beginning of each output + file writeHighWaterMark: type: number title: Writing high watermark (KB) @@ -41531,13 +49727,17 @@ components: deadletterEnabled: type: boolean title: Enable dead-lettering - description: If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors + description: If a file fails to move to its final destination after the maximum + number of retries, move it to a designated directory to prevent + further errors onDiskFullBackpressure: $ref: "#/components/schemas/DiskSpaceProtectionOptions" forceCloseOnShutdown: type: boolean title: Force close on shutdown - description: Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss. + description: Force all staged files to close during an orderly Node shutdown. + This triggers immediate upload of in-progress data — regardless of + idle time, file age, or size thresholds — to minimize data loss. retrySettings: $ref: "#/components/schemas/RetrySettingsType" orphans: @@ -41547,7 +49747,8 @@ components: endpoint: type: string title: Dell PowerScale OneFS endpoint - description: "Dell PowerScale OneFS S3-compatible endpoint URL (example: https://powerscale.example.com:9021)" + description: "Dell PowerScale OneFS S3-compatible endpoint URL (example: + https://powerscale.example.com:9021)" pattern: ^https?://.* description: type: string @@ -41555,7 +49756,8 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key compress: $ref: "#/components/schemas/CompressionOptionsHttp" compressionLevel: @@ -41563,11 +49765,13 @@ components: automaticSchema: type: boolean title: Automatic schema - description: Automatically calculate the schema based on the events of each Parquet file generated + description: Automatically calculate the schema based on the events of each + Parquet file generated parquetSchema: type: string title: Parquet schema - description: To add a new schema, navigate to Processing > Knowledge > Parquet Schemas + description: To add a new schema, navigate to Processing > Knowledge > Parquet + Schemas minLength: 1 parquetVersion: $ref: "#/components/schemas/ParquetVersionOptions" @@ -41576,13 +49780,16 @@ components: parquetRowGroupLength: type: number title: Group row limit - description: The number of rows that every group will contain. The final group can contain a smaller number of rows. + description: The number of rows that every group will contain. The final group + can contain a smaller number of rows. minimum: 1 - maximum: 6.7108864e+07 + maximum: 67108864 parquetPageSize: type: string title: Page size - description: Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression. + description: Target memory size for page segments, such as 1MB or 128MB. + Generally, lower values improve reading speed, while higher values + improve compression. pattern: ^\d+\s*(?:[kK][bB]|[mM][bB]|[gG][bB]|[tT][bB])?$ shouldLogInvalidRows: type: boolean @@ -41591,22 +49798,28 @@ components: keyValueMetadata: type: array title: Metadata (optional) - description: 'The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: "key":"OCSF Event Class", "value":"9001"' + description: 'The metadata of files the Destination writes will include the + properties you add here as key-value pairs. Useful for tagging. + Examples: "key":"OCSF Event Class", "value":"9001"' minItems: 0 items: $ref: "#/components/schemas/KeyValueMetadataConfOutputFilesystem" enableStatistics: type: boolean title: Write statistics - description: Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics. + description: Statistics profile an entire file in terms of minimum/maximum + values within data, numbers of nulls, etc. You can use Parquet tools + to view statistics. enableWritePageIndex: type: boolean title: Write page indexes - description: One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping. + description: One page index contains statistics for one data page. Parquet + readers use statistics to enable page skipping. enablePageChecksum: type: boolean title: Write page checksum - description: Parquet tools can use the checksum of a Parquet page to verify data integrity + description: Parquet tools can use the checksum of a Parquet page to verify data + integrity emptyDirCleanupSec: type: number title: Staging cleanup period @@ -41616,55 +49829,87 @@ components: directoryBatchSize: type: number title: Directory batch size - description: Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory. + description: Number of directories to process in each batch during cleanup of + empty directories. Minimum is 10, maximum is 10000. Higher values + may require more memory. deadletterPath: type: string title: Dead-letter location - description: Storage location for files that fail to reach their final destination after maximum retries are exceeded + description: Storage location for files that fail to reach their final + destination after maximum retries are exceeded maxRetryNum: type: number title: Retry limit - description: The maximum number of times a file will attempt to move to its final destination before being dead-lettered + description: The maximum number of times a file will attempt to move to its + final destination before being dead-lettered minimum: 1 __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_bucket: type: string - description: Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime. + description: Binds 'bucket' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'bucket' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_destPath: type: string - description: Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime. + description: Binds 'destPath' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'destPath' at runtime. __template_partitionExpr: type: string - description: Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime. + description: Binds 'partitionExpr' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'partitionExpr' at runtime. __template_format: type: string - description: Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime. + description: Binds 'format' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'format' at runtime. __template_baseFileName: type: string - description: Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime. + description: Binds 'baseFileName' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'baseFileName' at runtime. __template_fileNameSuffix: type: string - description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime. + description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'fileNameSuffix' at + runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_objectACL: type: string - description: Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime. + description: Binds 'objectACL' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'objectACL' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_compress: type: string - description: Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime. + description: Binds 'compress' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'compress' at runtime. __template_parquetSchema: type: string - description: Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime. + description: Binds 'parquetSchema' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'parquetSchema' at runtime. OutputCloudianS3: type: object required: @@ -41688,13 +49933,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -41704,7 +49951,8 @@ components: endpoint: type: string title: Cloudian HyperStore endpoint - description: "Cloudian HyperStore S3-compatible endpoint URL (example: https://s3.hyperstore.example.com)" + description: "Cloudian HyperStore S3-compatible endpoint URL (example: + https://s3.hyperstore.example.com)" pattern: ^https?://.* awsAuthenticationMethod: $ref: "#/components/schemas/AuthenticationMethodOptionsSecret" @@ -41715,11 +49963,15 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates bucket: type: string title: Cloudian bucket name - description: "Name of the destination Cloudian bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`" + description: "Name of the destination Cloudian bucket. Must be a JavaScript + expression (which can evaluate to a constant value), enclosed in + quotes or backticks. Can be evaluated only at initialization time. + Example referencing a Global Variable: `myBucket-${C.vars.myVar}`" region: type: string title: Region @@ -41727,27 +49979,34 @@ components: destPath: type: string title: Key prefix - description: "Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" + description: "Prefix to prepend to files before uploading. Must be a JavaScript + expression (which can evaluate to a constant value), enclosed in + quotes or backticks. Can be evaluated only at init time. Example + referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" maxConcurrentFileParts: type: number title: Concurrent file parts upload limit - description: Maximum number of parts to upload in parallel per file. Minimum part size is 5MB. + description: Maximum number of parts to upload in parallel per file. Minimum + part size is 5MB. minimum: 1 maximum: 10 verifyPermissions: type: boolean title: Verify if bucket exists - description: Disable if you can access files within the bucket but not the bucket itself + description: Disable if you can access files within the bucket but not the + bucket itself maxClosingFilesToBackpressure: type: number title: Staging file limit - description: Maximum number of files that can be waiting for upload before backpressure is applied + description: Maximum number of files that can be waiting for upload before + backpressure is applied minimum: 10 maximum: 4200 stagePath: type: string title: Staging location - description: Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage. + description: Filesystem location in which to buffer files, before compressing + and moving to final destination. Use performant and stable storage. addIdToStagePath: type: boolean title: Add output ID @@ -41759,45 +50018,58 @@ components: partitionExpr: type: string title: Partitioning expression - description: JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory. + description: JavaScript expression defining how files are partitioned and + organized. Default is date-based. If blank, Stream will fall back to + the event's __partition field value – if present – otherwise to each + location's root directory. format: $ref: "#/components/schemas/DataFormatOptions" baseFileName: type: string title: File name prefix expression - description: JavaScript expression to define the output filename prefix (can be constant) + description: JavaScript expression to define the output filename prefix (can be + constant) fileNameSuffix: type: string title: File name suffix expression - description: JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`). + description: JavaScript expression to define the output filename suffix (can be + constant). The `__format` variable refers to the value of the `Data + format` field (`json` or `raw`). The `__compression` field refers + to the kind of compression being used (`none` or `gzip`). maxFileSizeMB: type: number title: File size limit (MB) - description: Maximum uncompressed output file size. Files of this size will be closed and moved to final output location. + description: Maximum uncompressed output file size. Files of this size will be + closed and moved to final output location. maximum: 1024 minimum: 5 maxFileOpenTimeSec: type: number title: File open time limit (sec) - description: Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to write to a file. Files open for longer + than this will be closed and moved to final output location. minimum: 10 maximum: 86400 maxFileIdleTimeSec: type: number title: Idle time limit (sec) - description: Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to keep inactive files open. Files open for + longer than this will be closed and moved to final output location. minimum: 5 maximum: 86400 maxOpenFiles: type: number title: Open file limit - description: Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location. + description: Maximum number of files to keep open concurrently. When exceeded, + @{product} will close the oldest open files and move them to the + final output location. minimum: 10 maximum: 2000 headerLine: type: string title: Header line - description: If set, this line will be written to the beginning of each output file + description: If set, this line will be written to the beginning of each output + file writeHighWaterMark: type: number title: Writing high watermark (KB) @@ -41809,13 +50081,17 @@ components: deadletterEnabled: type: boolean title: Enable dead-lettering - description: If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors + description: If a file fails to move to its final destination after the maximum + number of retries, move it to a designated directory to prevent + further errors onDiskFullBackpressure: $ref: "#/components/schemas/DiskSpaceProtectionOptions" forceCloseOnShutdown: type: boolean title: Force close on shutdown - description: Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss. + description: Force all staged files to close during an orderly Node shutdown. + This triggers immediate upload of in-progress data — regardless of + idle time, file age, or size thresholds — to minimize data loss. retrySettings: $ref: "#/components/schemas/RetrySettingsType" orphans: @@ -41836,7 +50112,8 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key compress: $ref: "#/components/schemas/CompressionOptionsHttp" compressionLevel: @@ -41844,11 +50121,13 @@ components: automaticSchema: type: boolean title: Automatic schema - description: Automatically calculate the schema based on the events of each Parquet file generated + description: Automatically calculate the schema based on the events of each + Parquet file generated parquetSchema: type: string title: Parquet schema - description: To add a new schema, navigate to Processing > Knowledge > Parquet Schemas + description: To add a new schema, navigate to Processing > Knowledge > Parquet + Schemas minLength: 1 parquetVersion: $ref: "#/components/schemas/ParquetVersionOptions" @@ -41857,13 +50136,16 @@ components: parquetRowGroupLength: type: number title: Group row limit - description: The number of rows that every group will contain. The final group can contain a smaller number of rows. + description: The number of rows that every group will contain. The final group + can contain a smaller number of rows. minimum: 1 - maximum: 6.7108864e+07 + maximum: 67108864 parquetPageSize: type: string title: Page size - description: Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression. + description: Target memory size for page segments, such as 1MB or 128MB. + Generally, lower values improve reading speed, while higher values + improve compression. pattern: ^\d+\s*(?:[kK][bB]|[mM][bB]|[gG][bB]|[tT][bB])?$ shouldLogInvalidRows: type: boolean @@ -41872,22 +50154,28 @@ components: keyValueMetadata: type: array title: Metadata (optional) - description: 'The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: "key":"OCSF Event Class", "value":"9001"' + description: 'The metadata of files the Destination writes will include the + properties you add here as key-value pairs. Useful for tagging. + Examples: "key":"OCSF Event Class", "value":"9001"' minItems: 0 items: $ref: "#/components/schemas/KeyValueMetadataConfOutputFilesystem" enableStatistics: type: boolean title: Write statistics - description: Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics. + description: Statistics profile an entire file in terms of minimum/maximum + values within data, numbers of nulls, etc. You can use Parquet tools + to view statistics. enableWritePageIndex: type: boolean title: Write page indexes - description: One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping. + description: One page index contains statistics for one data page. Parquet + readers use statistics to enable page skipping. enablePageChecksum: type: boolean title: Write page checksum - description: Parquet tools can use the checksum of a Parquet page to verify data integrity + description: Parquet tools can use the checksum of a Parquet page to verify data + integrity emptyDirCleanupSec: type: number title: Staging cleanup period @@ -41897,64 +50185,103 @@ components: directoryBatchSize: type: number title: Directory batch size - description: Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory. + description: Number of directories to process in each batch during cleanup of + empty directories. Minimum is 10, maximum is 10000. Higher values + may require more memory. deadletterPath: type: string title: Dead-letter location - description: Storage location for files that fail to reach their final destination after maximum retries are exceeded + description: Storage location for files that fail to reach their final + destination after maximum retries are exceeded maxRetryNum: type: number title: Retry limit - description: The maximum number of times a file will attempt to move to its final destination before being dead-lettered + description: The maximum number of times a file will attempt to move to its + final destination before being dead-lettered minimum: 1 __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_bucket: type: string - description: Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime. + description: Binds 'bucket' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'bucket' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_destPath: type: string - description: Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime. + description: Binds 'destPath' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'destPath' at runtime. __template_partitionExpr: type: string - description: Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime. + description: Binds 'partitionExpr' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'partitionExpr' at runtime. __template_format: type: string - description: Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime. + description: Binds 'format' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'format' at runtime. __template_baseFileName: type: string - description: Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime. + description: Binds 'baseFileName' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'baseFileName' at runtime. __template_fileNameSuffix: type: string - description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime. + description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'fileNameSuffix' at + runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_objectACL: type: string - description: Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime. + description: Binds 'objectACL' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'objectACL' at runtime. __template_storageClass: type: string - description: Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime. + description: Binds 'storageClass' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'storageClass' at runtime. __template_serverSideEncryption: type: string - description: Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime. + description: Binds 'serverSideEncryption' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'serverSideEncryption' at runtime. __template_kmsKeyId: type: string - description: Binds 'kmsKeyId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'kmsKeyId' at runtime. + description: Binds 'kmsKeyId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'kmsKeyId' at runtime. __template_compress: type: string - description: Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime. + description: Binds 'compress' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'compress' at runtime. __template_parquetSchema: type: string - description: Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime. + description: Binds 'parquetSchema' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'parquetSchema' at runtime. OutputScalityS3: type: object required: @@ -41978,13 +50305,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -42000,11 +50329,15 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates bucket: type: string title: Scality bucket name - description: "Name of the destination Scality bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`" + description: "Name of the destination Scality bucket. Must be a JavaScript + expression (which can evaluate to a constant value), enclosed in + quotes or backticks. Can be evaluated only at initialization time. + Example referencing a Global Variable: `myBucket-${C.vars.myVar}`" region: type: string title: Region @@ -42012,27 +50345,34 @@ components: destPath: type: string title: Key prefix - description: "Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" + description: "Prefix to prepend to files before uploading. Must be a JavaScript + expression (which can evaluate to a constant value), enclosed in + quotes or backticks. Can be evaluated only at init time. Example + referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" maxConcurrentFileParts: type: number title: Concurrent file parts upload limit - description: Maximum number of parts to upload in parallel per file. Minimum part size is 5MB. + description: Maximum number of parts to upload in parallel per file. Minimum + part size is 5MB. minimum: 1 maximum: 10 verifyPermissions: type: boolean title: Verify if bucket exists - description: Disable if you can access files within the bucket but not the bucket itself + description: Disable if you can access files within the bucket but not the + bucket itself maxClosingFilesToBackpressure: type: number title: Staging file limit - description: Maximum number of files that can be waiting for upload before backpressure is applied + description: Maximum number of files that can be waiting for upload before + backpressure is applied minimum: 10 maximum: 4200 stagePath: type: string title: Staging location - description: Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage. + description: Filesystem location in which to buffer files, before compressing + and moving to final destination. Use performant and stable storage. addIdToStagePath: type: boolean title: Add output ID @@ -42044,45 +50384,58 @@ components: partitionExpr: type: string title: Partitioning expression - description: JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory. + description: JavaScript expression defining how files are partitioned and + organized. Default is date-based. If blank, Stream will fall back to + the event's __partition field value – if present – otherwise to each + location's root directory. format: $ref: "#/components/schemas/DataFormatOptions" baseFileName: type: string title: File name prefix expression - description: JavaScript expression to define the output filename prefix (can be constant) + description: JavaScript expression to define the output filename prefix (can be + constant) fileNameSuffix: type: string title: File name suffix expression - description: JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`). + description: JavaScript expression to define the output filename suffix (can be + constant). The `__format` variable refers to the value of the `Data + format` field (`json` or `raw`). The `__compression` field refers + to the kind of compression being used (`none` or `gzip`). maxFileSizeMB: type: number title: File size limit (MB) - description: Maximum uncompressed output file size. Files of this size will be closed and moved to final output location. + description: Maximum uncompressed output file size. Files of this size will be + closed and moved to final output location. maximum: 1024 minimum: 5 maxFileOpenTimeSec: type: number title: File open time limit (sec) - description: Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to write to a file. Files open for longer + than this will be closed and moved to final output location. minimum: 10 maximum: 86400 maxFileIdleTimeSec: type: number title: Idle time limit (sec) - description: Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to keep inactive files open. Files open for + longer than this will be closed and moved to final output location. minimum: 5 maximum: 86400 maxOpenFiles: type: number title: Open file limit - description: Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location. + description: Maximum number of files to keep open concurrently. When exceeded, + @{product} will close the oldest open files and move them to the + final output location. minimum: 10 maximum: 2000 headerLine: type: string title: Header line - description: If set, this line will be written to the beginning of each output file + description: If set, this line will be written to the beginning of each output + file writeHighWaterMark: type: number title: Writing high watermark (KB) @@ -42094,13 +50447,17 @@ components: deadletterEnabled: type: boolean title: Enable dead-lettering - description: If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors + description: If a file fails to move to its final destination after the maximum + number of retries, move it to a designated directory to prevent + further errors onDiskFullBackpressure: $ref: "#/components/schemas/DiskSpaceProtectionOptions" forceCloseOnShutdown: type: boolean title: Force close on shutdown - description: Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss. + description: Force all staged files to close during an orderly Node shutdown. + This triggers immediate upload of in-progress data — regardless of + idle time, file age, or size thresholds — to minimize data loss. retrySettings: $ref: "#/components/schemas/RetrySettingsType" orphans: @@ -42108,7 +50465,8 @@ components: endpoint: type: string title: Scality endpoint - description: "Scality RING S3-compatible endpoint URL (example: https://s3.scality.example.com)" + description: "Scality RING S3-compatible endpoint URL (example: + https://s3.scality.example.com)" pattern: ^https?://.* description: type: string @@ -42116,7 +50474,8 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key compress: $ref: "#/components/schemas/CompressionOptionsHttp" compressionLevel: @@ -42124,11 +50483,13 @@ components: automaticSchema: type: boolean title: Automatic schema - description: Automatically calculate the schema based on the events of each Parquet file generated + description: Automatically calculate the schema based on the events of each + Parquet file generated parquetSchema: type: string title: Parquet schema - description: To add a new schema, navigate to Processing > Knowledge > Parquet Schemas + description: To add a new schema, navigate to Processing > Knowledge > Parquet + Schemas minLength: 1 parquetVersion: $ref: "#/components/schemas/ParquetVersionOptions" @@ -42137,13 +50498,16 @@ components: parquetRowGroupLength: type: number title: Group row limit - description: The number of rows that every group will contain. The final group can contain a smaller number of rows. + description: The number of rows that every group will contain. The final group + can contain a smaller number of rows. minimum: 1 - maximum: 6.7108864e+07 + maximum: 67108864 parquetPageSize: type: string title: Page size - description: Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression. + description: Target memory size for page segments, such as 1MB or 128MB. + Generally, lower values improve reading speed, while higher values + improve compression. pattern: ^\d+\s*(?:[kK][bB]|[mM][bB]|[gG][bB]|[tT][bB])?$ shouldLogInvalidRows: type: boolean @@ -42152,22 +50516,28 @@ components: keyValueMetadata: type: array title: Metadata (optional) - description: 'The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: "key":"OCSF Event Class", "value":"9001"' + description: 'The metadata of files the Destination writes will include the + properties you add here as key-value pairs. Useful for tagging. + Examples: "key":"OCSF Event Class", "value":"9001"' minItems: 0 items: $ref: "#/components/schemas/KeyValueMetadataConfOutputFilesystem" enableStatistics: type: boolean title: Write statistics - description: Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics. + description: Statistics profile an entire file in terms of minimum/maximum + values within data, numbers of nulls, etc. You can use Parquet tools + to view statistics. enableWritePageIndex: type: boolean title: Write page indexes - description: One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping. + description: One page index contains statistics for one data page. Parquet + readers use statistics to enable page skipping. enablePageChecksum: type: boolean title: Write page checksum - description: Parquet tools can use the checksum of a Parquet page to verify data integrity + description: Parquet tools can use the checksum of a Parquet page to verify data + integrity emptyDirCleanupSec: type: number title: Staging cleanup period @@ -42177,52 +50547,82 @@ components: directoryBatchSize: type: number title: Directory batch size - description: Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory. + description: Number of directories to process in each batch during cleanup of + empty directories. Minimum is 10, maximum is 10000. Higher values + may require more memory. deadletterPath: type: string title: Dead-letter location - description: Storage location for files that fail to reach their final destination after maximum retries are exceeded + description: Storage location for files that fail to reach their final + destination after maximum retries are exceeded maxRetryNum: type: number title: Retry limit - description: The maximum number of times a file will attempt to move to its final destination before being dead-lettered + description: The maximum number of times a file will attempt to move to its + final destination before being dead-lettered minimum: 1 __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_bucket: type: string - description: Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime. + description: Binds 'bucket' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'bucket' at runtime. __template_region: type: string - description: Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. + description: Binds 'region' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'region' at runtime. __template_destPath: type: string - description: Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime. + description: Binds 'destPath' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'destPath' at runtime. __template_partitionExpr: type: string - description: Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime. + description: Binds 'partitionExpr' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'partitionExpr' at runtime. __template_format: type: string - description: Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime. + description: Binds 'format' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'format' at runtime. __template_baseFileName: type: string - description: Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime. + description: Binds 'baseFileName' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'baseFileName' at runtime. __template_fileNameSuffix: type: string - description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime. + description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'fileNameSuffix' at + runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_compress: type: string - description: Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime. + description: Binds 'compress' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'compress' at runtime. __template_parquetSchema: type: string - description: Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime. + description: Binds 'parquetSchema' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'parquetSchema' at runtime. OutputAlibabaCloudS3: type: object required: @@ -42246,13 +50646,15 @@ components: systemFields: type: array title: System fields - description: Fields to automatically add to events, such as cribl_pipe. Supports wildcards. + description: Fields to automatically add to events, such as cribl_pipe. Supports + wildcards. items: type: string environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. streamtags: type: array title: Tags @@ -42268,35 +50670,46 @@ components: rejectUnauthorized: type: boolean title: Reject unauthorized certificates - description: Reject certificates that cannot be verified against a valid CA, such as self-signed certificates + description: Reject certificates that cannot be verified against a valid CA, + such as self-signed certificates bucket: type: string title: Alibaba OSS bucket name - description: "Name of the destination Alibaba OSS bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`" + description: "Name of the destination Alibaba OSS bucket. Must be a JavaScript + expression (which can evaluate to a constant value), enclosed in + quotes or backticks. Can be evaluated only at initialization time. + Example referencing a Global Variable: `myBucket-${C.vars.myVar}`" destPath: type: string title: Key prefix - description: "Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" + description: "Prefix to prepend to files before uploading. Must be a JavaScript + expression (which can evaluate to a constant value), enclosed in + quotes or backticks. Can be evaluated only at init time. Example + referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`" maxConcurrentFileParts: type: number title: Concurrent file parts upload limit - description: Maximum number of parts to upload in parallel per file. Minimum part size is 5MB. + description: Maximum number of parts to upload in parallel per file. Minimum + part size is 5MB. minimum: 1 maximum: 10 verifyPermissions: type: boolean title: Verify if bucket exists - description: Disable if you can access files within the bucket but not the bucket itself + description: Disable if you can access files within the bucket but not the + bucket itself maxClosingFilesToBackpressure: type: number title: Staging file limit - description: Maximum number of files that can be waiting for upload before backpressure is applied + description: Maximum number of files that can be waiting for upload before + backpressure is applied minimum: 10 maximum: 4200 stagePath: type: string title: Staging location - description: Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage. + description: Filesystem location in which to buffer files, before compressing + and moving to final destination. Use performant and stable storage. addIdToStagePath: type: boolean title: Add output ID @@ -42308,45 +50721,58 @@ components: partitionExpr: type: string title: Partitioning expression - description: JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory. + description: JavaScript expression defining how files are partitioned and + organized. Default is date-based. If blank, Stream will fall back to + the event's __partition field value – if present – otherwise to each + location's root directory. format: $ref: "#/components/schemas/DataFormatOptions" baseFileName: type: string title: File name prefix expression - description: JavaScript expression to define the output filename prefix (can be constant) + description: JavaScript expression to define the output filename prefix (can be + constant) fileNameSuffix: type: string title: File name suffix expression - description: JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`). + description: JavaScript expression to define the output filename suffix (can be + constant). The `__format` variable refers to the value of the `Data + format` field (`json` or `raw`). The `__compression` field refers + to the kind of compression being used (`none` or `gzip`). maxFileSizeMB: type: number title: File size limit (MB) - description: Maximum uncompressed output file size. Files of this size will be closed and moved to final output location. + description: Maximum uncompressed output file size. Files of this size will be + closed and moved to final output location. maximum: 1024 minimum: 5 maxFileOpenTimeSec: type: number title: File open time limit (sec) - description: Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to write to a file. Files open for longer + than this will be closed and moved to final output location. minimum: 10 maximum: 86400 maxFileIdleTimeSec: type: number title: Idle time limit (sec) - description: Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location. + description: Maximum amount of time to keep inactive files open. Files open for + longer than this will be closed and moved to final output location. minimum: 5 maximum: 86400 maxOpenFiles: type: number title: Open file limit - description: Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location. + description: Maximum number of files to keep open concurrently. When exceeded, + @{product} will close the oldest open files and move them to the + final output location. minimum: 10 maximum: 2000 headerLine: type: string title: Header line - description: If set, this line will be written to the beginning of each output file + description: If set, this line will be written to the beginning of each output + file writeHighWaterMark: type: number title: Writing high watermark (KB) @@ -42358,13 +50784,17 @@ components: deadletterEnabled: type: boolean title: Enable dead-lettering - description: If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors + description: If a file fails to move to its final destination after the maximum + number of retries, move it to a designated directory to prevent + further errors onDiskFullBackpressure: $ref: "#/components/schemas/DiskSpaceProtectionOptions" forceCloseOnShutdown: type: boolean title: Force close on shutdown - description: Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss. + description: Force all staged files to close during an orderly Node shutdown. + This triggers immediate upload of in-progress data — regardless of + idle time, file age, or size thresholds — to minimize data loss. retrySettings: $ref: "#/components/schemas/RetrySettingsType" orphans: @@ -42374,7 +50804,9 @@ components: endpoint: type: string title: OSS endpoint - description: "Alibaba OSS S3-compatible endpoint URL. Examples: public `https://s3.oss-{region}.aliyuncs.com`, internal `https://s3.oss-{region}-internal.aliyuncs.com`" + description: "Alibaba OSS S3-compatible endpoint URL. Examples: public + `https://s3.oss-{region}.aliyuncs.com`, internal + `https://s3.oss-{region}-internal.aliyuncs.com`" pattern: ^https?://.* description: type: string @@ -42382,7 +50814,8 @@ components: awsSecret: type: string title: Secret key pair - description: Select or create a stored secret that references your access key and secret key + description: Select or create a stored secret that references your access key + and secret key compress: $ref: "#/components/schemas/CompressionOptionsHttp" compressionLevel: @@ -42390,11 +50823,13 @@ components: automaticSchema: type: boolean title: Automatic schema - description: Automatically calculate the schema based on the events of each Parquet file generated + description: Automatically calculate the schema based on the events of each + Parquet file generated parquetSchema: type: string title: Parquet schema - description: To add a new schema, navigate to Processing > Knowledge > Parquet Schemas + description: To add a new schema, navigate to Processing > Knowledge > Parquet + Schemas minLength: 1 parquetVersion: $ref: "#/components/schemas/ParquetVersionOptions" @@ -42403,13 +50838,16 @@ components: parquetRowGroupLength: type: number title: Group row limit - description: The number of rows that every group will contain. The final group can contain a smaller number of rows. + description: The number of rows that every group will contain. The final group + can contain a smaller number of rows. minimum: 1 - maximum: 6.7108864e+07 + maximum: 67108864 parquetPageSize: type: string title: Page size - description: Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression. + description: Target memory size for page segments, such as 1MB or 128MB. + Generally, lower values improve reading speed, while higher values + improve compression. pattern: ^\d+\s*(?:[kK][bB]|[mM][bB]|[gG][bB]|[tT][bB])?$ shouldLogInvalidRows: type: boolean @@ -42418,22 +50856,28 @@ components: keyValueMetadata: type: array title: Metadata (optional) - description: 'The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: "key":"OCSF Event Class", "value":"9001"' + description: 'The metadata of files the Destination writes will include the + properties you add here as key-value pairs. Useful for tagging. + Examples: "key":"OCSF Event Class", "value":"9001"' minItems: 0 items: $ref: "#/components/schemas/KeyValueMetadataConfOutputFilesystem" enableStatistics: type: boolean title: Write statistics - description: Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics. + description: Statistics profile an entire file in terms of minimum/maximum + values within data, numbers of nulls, etc. You can use Parquet tools + to view statistics. enableWritePageIndex: type: boolean title: Write page indexes - description: One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping. + description: One page index contains statistics for one data page. Parquet + readers use statistics to enable page skipping. enablePageChecksum: type: boolean title: Write page checksum - description: Parquet tools can use the checksum of a Parquet page to verify data integrity + description: Parquet tools can use the checksum of a Parquet page to verify data + integrity emptyDirCleanupSec: type: number title: Staging cleanup period @@ -42443,52 +50887,82 @@ components: directoryBatchSize: type: number title: Directory batch size - description: Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory. + description: Number of directories to process in each batch during cleanup of + empty directories. Minimum is 10, maximum is 10000. Higher values + may require more memory. deadletterPath: type: string title: Dead-letter location - description: Storage location for files that fail to reach their final destination after maximum retries are exceeded + description: Storage location for files that fail to reach their final + destination after maximum retries are exceeded maxRetryNum: type: number title: Retry limit - description: The maximum number of times a file will attempt to move to its final destination before being dead-lettered + description: The maximum number of times a file will attempt to move to its + final destination before being dead-lettered minimum: 1 __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. __template_bucket: type: string - description: Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime. + description: Binds 'bucket' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'bucket' at runtime. __template_destPath: type: string - description: Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime. + description: Binds 'destPath' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'destPath' at runtime. __template_partitionExpr: type: string - description: Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime. + description: Binds 'partitionExpr' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'partitionExpr' at runtime. __template_format: type: string - description: Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime. + description: Binds 'format' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'format' at runtime. __template_baseFileName: type: string - description: Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime. + description: Binds 'baseFileName' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'baseFileName' at runtime. __template_fileNameSuffix: type: string - description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime. + description: Binds 'fileNameSuffix' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'fileNameSuffix' at + runtime. __template_onBackpressure: type: string - description: Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. + description: Binds 'onBackpressure' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'onBackpressure' at + runtime. __template_objectACL: type: string - description: Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime. + description: Binds 'objectACL' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'objectACL' at runtime. __template_endpoint: type: string - description: Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime. + description: Binds 'endpoint' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'endpoint' at runtime. __template_compress: type: string - description: Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime. + description: Binds 'compress' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'compress' at runtime. __template_parquetSchema: type: string - description: Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime. + description: Binds 'parquetSchema' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'parquetSchema' at runtime. Output: oneOf: - $ref: "#/components/schemas/OutputDefault" @@ -42514,6 +50988,7 @@ components: - $ref: "#/components/schemas/OutputGoogleChronicle" - $ref: "#/components/schemas/OutputGoogleCloudStorage" - $ref: "#/components/schemas/OutputGoogleCloudLogging" + - $ref: "#/components/schemas/OutputGoogleCloudObservability" - $ref: "#/components/schemas/OutputGooglePubsub" - $ref: "#/components/schemas/OutputExabeam" - $ref: "#/components/schemas/OutputKafka" @@ -42595,6 +51070,7 @@ components: google_chronicle: "#/components/schemas/OutputGoogleChronicle" google_cloud_storage: "#/components/schemas/OutputGoogleCloudStorage" google_cloud_logging: "#/components/schemas/OutputGoogleCloudLogging" + google_cloud_observability: "#/components/schemas/OutputGoogleCloudObservability" google_pubsub: "#/components/schemas/OutputGooglePubsub" exabeam: "#/components/schemas/OutputExabeam" kafka: "#/components/schemas/OutputKafka" @@ -42658,6 +51134,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/OutputResponse" OutputResponse: @@ -42720,6 +51197,7 @@ components: - google_pubsub - google_chronicle - chronicle + - google_cloud_observability - grafana_cloud - loki - open_telemetry @@ -42763,6 +51241,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/OutputSamplesResponse" OutputSamplesResponse: @@ -42785,6 +51264,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/OutputTestResponse" OutputTestResponse: @@ -42793,7 +51273,8 @@ components: details: type: object additionalProperties: true - description: Additional details about the Destination test, such as per-event results and transport-level information. + description: Additional details about the Destination test, such as per-event + results and transport-level information. error: type: string description: Error message that describes a failed Destination test. @@ -42802,7 +51283,8 @@ components: description: The id of the Destination that was tested. success: type: boolean - description: If true, the Destination test succeeded. Otherwise, false. + description: If true, the Destination test succeeded. Otherwise, + false. successDetail: type: string description: Human-readable description for a successful Destination test result. @@ -42829,6 +51311,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/Pipeline" Pipeline: @@ -42848,7 +51331,8 @@ components: asyncFuncTimeout: type: integer title: Async function timeout (ms) - description: Time (in ms) to wait for an async function to complete processing of a data item + description: Time (in ms) to wait for an async function to complete processing + of a data item minimum: 0 maximum: 10000 output: @@ -42888,7 +51372,10 @@ components: title: Disabled __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at + runtime. CountedRoutes: type: object properties: @@ -42897,6 +51384,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/Routes" RouteComment: @@ -42907,7 +51395,8 @@ components: description: Brief description of the Route. groupId: type: string - description: Unique identifier for the Route Group that the Route is associated with. + description: Unique identifier for the Route Group that the Route is associated + with. id: type: string description: Unique identifier for the comment. @@ -42936,28 +51425,40 @@ components: type: array items: $ref: "#/components/schemas/RouteCloneConf" - description: Array of clone configurations, each with a key-value pair to set or overwrite in cloned events. Original events continue to the next Route. + description: Array of clone configurations, each with a key-value pair to set or + overwrite in cloned events. Original events continue to the next + Route. context: type: string - description: "Context for the Route: group (Worker Group or Edge Fleet) or pack." + description: "Context for the Route: group (Worker Group or Edge + Fleet) or pack." description: type: string description: Brief description of the Route. disabled: type: boolean - description: If true, disable the Route. Otherwise, false. + description: If true, disable the Route. Otherwise, + false. enableOutputExpression: type: boolean - description: If true, use the outputExpression for dynamic Destination selection. Otherwise, false. + description: If true, use the outputExpression for + dynamic Destination selection. Otherwise, false. filter: type: string description: JavaScript expression to select events for routing. final: type: boolean - description: If true the Route processes matched events and sends them to the specified Pipeline. Matched events do not continue to the next Route, but non-matched events do continue to the next Route. If false, the Route processes matched events and sends them to the specified Pipeline, and all events (matched and non-matched) continue to the next Route. Must be false to clone events. + description: If true the Route processes matched events and sends + them to the specified Pipeline. Matched events do not continue to + the next Route, but non-matched events do continue to the next + Route. If false, the Route processes matched events and + sends them to the specified Pipeline, and all events (matched and + non-matched) continue to the next Route. Must be false + to clone events. groupId: type: string - description: Unique identifier for the Route Group that the Route is associated with. + description: Unique identifier for the Route Group that the Route is associated + with. id: type: string description: Unique identifier for the Route. @@ -42966,16 +51467,21 @@ components: description: Name of the Route. output: type: string - description: Destination that the Route sends matching events to after the Pipeline processes the events. + description: Destination that the Route sends matching events to after the + Pipeline processes the events. outputExpression: type: string - description: JavaScript expression to evaluate for dynamic Destination selection. Evaluation occurs when the Route is constructed, not for each event. + description: JavaScript expression to evaluate for dynamic Destination + selection. Evaluation occurs when the Route is constructed, not for + each event. pipeline: type: string description: Pipeline that the Route sends matching events to. targetContext: $ref: "#/components/schemas/TargetContext" - description: "Target context for subsequent event processing after applying the Route: group (Worker Group or Edge Fleet) or pack." + description: "Target context for subsequent event processing after applying the + Route: group (Worker Group or Edge Fleet) or + pack." required: - final - id @@ -42996,12 +51502,14 @@ components: description: Information about the Route Groups that the Route is associated with. id: type: string - description: Unique identifier for the Routing table. The supported value is default. + description: Unique identifier for the Routing table. The supported value is + default. routes: type: array items: $ref: "#/components/schemas/RouteConf" - description: Array of Route configurations that define how events are processed and routed. + description: Array of Route configurations that define how events are processed + and routed. required: - id - routes @@ -43020,12 +51528,14 @@ components: description: Information about the Route Groups that the Route is associated with. id: type: string - description: Unique identifier for the Routing table. The supported value is default. + description: Unique identifier for the Routing table. The supported value is + default. routes: type: array items: $ref: "#/components/schemas/RouteConfInput" - description: Array of Route configurations that define how events are processed and routed. + description: Array of Route configurations that define how events are processed + and routed. required: - id - routes @@ -43041,6 +51551,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/InputStatus" HealthCountType: @@ -43065,10 +51576,17 @@ components: description: Health status of the persistent queue. healthCounts: $ref: "#/components/schemas/HealthCountType" - description: "Counts of persistent queue health statuses for the Source or Destination across all Worker Processes. Includes only statuses with non-zero counts.

Green == Healthy: Normal operation

Yellow == Degraded: Potential issues

Red == Critical: Problem or error that affects operation

Unknown == Unknown: Cannot determine health status." + description: "Counts of persistent queue health statuses for the Source or + Destination across all Worker Processes. Includes only statuses with + non-zero counts.

Green == Healthy: Normal + operation

Yellow == Degraded: Potential + issues

Red == Critical: Problem or error that + affects operation

Unknown == Unknown: Cannot + determine health status." timestamp: type: number - description: Timestamp (in Unix time) when the persistent queue status was last updated. + description: Timestamp (in Unix time) when the persistent queue status was last + updated. required: - health - healthCounts @@ -43084,11 +51602,19 @@ components: description: Overall health status of the Source or Destination. healthCounts: $ref: "#/components/schemas/HealthCountType" - description: "Counts of health statuses for the Source or Destination across all Worker Processes. Includes only statuses with non-zero counts.

Green == Healthy: Normal operation

Yellow == Degraded: Potential issues

Red == Critical: Problem or error that affects operation

Unknown == Unknown: Cannot determine health status." + description: "Counts of health statuses for the Source or Destination across all + Worker Processes. Includes only statuses with non-zero counts.
+
Green == Healthy: Normal operation
+
Yellow == Degraded: Potential issues
+
Red == Critical: Problem or error that affects + operation

Unknown == Unknown: Cannot determine + health status." metrics: type: object additionalProperties: true - description: Metrics data for the Source or Destination, including base metrics, aggregated across all Worker Processes. For load-balanced Destinations, includes item-level metrics. + description: Metrics data for the Source or Destination, including base metrics, + aggregated across all Worker Processes. For load-balanced + Destinations, includes item-level metrics. pq: $ref: "#/components/schemas/AggregatedPQStatus" description: Persistent queue status information (if persistent queue is enabled). @@ -43107,7 +51633,8 @@ components: description: Unique identifier of the Source or Destination. status: $ref: "#/components/schemas/AggregatedInputOutputStatusBody" - description: Status information for the Source or Destination, aggregated across all Worker Processes. + description: Status information for the Source or Destination, aggregated across + all Worker Processes. type: type: string description: Type of the Source or Destination. @@ -43123,6 +51650,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/OutputStatus" OutputStatus: @@ -43133,7 +51661,8 @@ components: description: Unique identifier of the Source or Destination. status: $ref: "#/components/schemas/AggregatedInputOutputStatusBody" - description: Status information for the Source or Destination, aggregated across all Worker Processes. + description: Status information for the Source or Destination, aggregated across + all Worker Processes. type: type: string description: Type of the Source or Destination. @@ -43149,6 +51678,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/SavedJobResponse" SavedJobResponseEnrichedFields: @@ -43182,16 +51712,22 @@ components: ttl: type: string title: Time to live - description: Time to keep the job's artifacts on disk after job completion. This also affects how long a job is listed in the Job Inspector. + description: Time to keep the job's artifacts on disk after job completion. This + also affects how long a job is listed in the Job Inspector. pattern: \d+[smh]$ ignoreGroupJobsLimit: type: boolean title: Ignore Worker Group job limits - description: When enabled, this job's artifacts are not counted toward the Worker Group's finished job artifacts limit. Artifacts will be removed only after the Collector's configured time to live. + description: When enabled, this job's artifacts are not counted toward the + Worker Group's finished job artifacts limit. Artifacts will be + removed only after the Collector's configured time to live. removeFields: type: array title: Remove Discover fields - description: List of fields to remove from Discover results. Wildcards (for example, aws*) are allowed. This is useful when discovery returns sensitive fields that should not be exposed in the Jobs user interface. + description: List of fields to remove from Discover results. Wildcards (for + example, aws*) are allowed. This is useful when discovery returns + sensitive fields that should not be exposed in the Jobs user + interface. minItems: 0 items: type: string @@ -43200,11 +51736,13 @@ components: resumeOnBoot: type: boolean title: Resume job on boot - description: Resume the ad hoc job if a failure condition causes Stream to restart during job execution + description: Resume the ad hoc job if a failure condition causes Stream to + restart during job execution environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. schedule: $ref: "#/components/schemas/ScheduleTypeSavedJobResponseCollection" streamtags: @@ -43220,10 +51758,13 @@ components: collector: $ref: "#/components/schemas/Collector" input: - $ref: "#/components/schemas/RunnableJobCollectionTypeCollectionWithBreakerRulesetsConstraint" + $ref: "#/components/schemas/RunnableJobCollectionTypeCollectionWithBreakerRules\ + etsConstraint" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. type: object SavedJobResponseExecutor: required: @@ -43243,16 +51784,22 @@ components: ttl: type: string title: Time to live - description: Time to keep the job's artifacts on disk after job completion. This also affects how long a job is listed in the Job Inspector. + description: Time to keep the job's artifacts on disk after job completion. This + also affects how long a job is listed in the Job Inspector. pattern: \d+[smh]$ ignoreGroupJobsLimit: type: boolean title: Ignore Worker Group job limits - description: When enabled, this job's artifacts are not counted toward the Worker Group's finished job artifacts limit. Artifacts will be removed only after the Collector's configured time to live. + description: When enabled, this job's artifacts are not counted toward the + Worker Group's finished job artifacts limit. Artifacts will be + removed only after the Collector's configured time to live. removeFields: type: array title: Remove Discover fields - description: List of fields to remove from Discover results. Wildcards (for example, aws*) are allowed. This is useful when discovery returns sensitive fields that should not be exposed in the Jobs user interface. + description: List of fields to remove from Discover results. Wildcards (for + example, aws*) are allowed. This is useful when discovery returns + sensitive fields that should not be exposed in the Jobs user + interface. minItems: 0 items: type: string @@ -43261,11 +51808,13 @@ components: resumeOnBoot: type: boolean title: Resume job on boot - description: Resume the ad hoc job if a failure condition causes Stream to restart during job execution + description: Resume the ad hoc job if a failure condition causes Stream to + restart during job execution environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. schedule: $ref: "#/components/schemas/ScheduleTypeSavedJobResponseCollection" streamtags: @@ -43278,7 +51827,9 @@ components: $ref: "#/components/schemas/ExecutorTypeRunnableJobExecutor" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. type: object SavedJobResponseScheduledSearch: required: @@ -43298,16 +51849,22 @@ components: ttl: type: string title: Time to live - description: Time to keep the job's artifacts on disk after job completion. This also affects how long a job is listed in the Job Inspector. + description: Time to keep the job's artifacts on disk after job completion. This + also affects how long a job is listed in the Job Inspector. pattern: \d+[smh]$ ignoreGroupJobsLimit: type: boolean title: Ignore Worker Group job limits - description: When enabled, this job's artifacts are not counted toward the Worker Group's finished job artifacts limit. Artifacts will be removed only after the Collector's configured time to live. + description: When enabled, this job's artifacts are not counted toward the + Worker Group's finished job artifacts limit. Artifacts will be + removed only after the Collector's configured time to live. removeFields: type: array title: Remove Discover fields - description: List of fields to remove from Discover results. Wildcards (for example, aws*) are allowed. This is useful when discovery returns sensitive fields that should not be exposed in the Jobs user interface. + description: List of fields to remove from Discover results. Wildcards (for + example, aws*) are allowed. This is useful when discovery returns + sensitive fields that should not be exposed in the Jobs user + interface. minItems: 0 items: type: string @@ -43316,11 +51873,13 @@ components: resumeOnBoot: type: boolean title: Resume job on boot - description: Resume the ad hoc job if a failure condition causes Stream to restart during job execution + description: Resume the ad hoc job if a failure condition causes Stream to + restart during job execution environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. schedule: $ref: "#/components/schemas/ScheduleTypeSavedJobResponseCollection" streamtags: @@ -43335,7 +51894,9 @@ components: description: Identifies which search query to run __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. type: object SavedJobResponse: allOf: @@ -43362,16 +51923,22 @@ components: ttl: type: string title: Time to live - description: Time to keep the job's artifacts on disk after job completion. This also affects how long a job is listed in the Job Inspector. + description: Time to keep the job's artifacts on disk after job completion. This + also affects how long a job is listed in the Job Inspector. pattern: \d+[smh]$ ignoreGroupJobsLimit: type: boolean title: Ignore Worker Group job limits - description: When enabled, this job's artifacts are not counted toward the Worker Group's finished job artifacts limit. Artifacts will be removed only after the Collector's configured time to live. + description: When enabled, this job's artifacts are not counted toward the + Worker Group's finished job artifacts limit. Artifacts will be + removed only after the Collector's configured time to live. removeFields: type: array title: Remove Discover fields - description: List of fields to remove from Discover results. Wildcards (for example, aws*) are allowed. This is useful when discovery returns sensitive fields that should not be exposed in the Jobs user interface. + description: List of fields to remove from Discover results. Wildcards (for + example, aws*) are allowed. This is useful when discovery returns + sensitive fields that should not be exposed in the Jobs user + interface. minItems: 0 items: type: string @@ -43380,11 +51947,13 @@ components: resumeOnBoot: type: boolean title: Resume job on boot - description: Resume the ad hoc job if a failure condition causes Stream to restart during job execution + description: Resume the ad hoc job if a failure condition causes Stream to + restart during job execution environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. schedule: $ref: "#/components/schemas/ScheduleTypeSavedJobResponseCollection" streamtags: @@ -43400,10 +51969,13 @@ components: collector: $ref: "#/components/schemas/Collector" input: - $ref: "#/components/schemas/RunnableJobCollectionTypeCollectionWithBreakerRulesetsConstraint" + $ref: "#/components/schemas/RunnableJobCollectionTypeCollectionWithBreakerRules\ + etsConstraint" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. type: object SavedJobExecutor: required: @@ -43423,16 +51995,22 @@ components: ttl: type: string title: Time to live - description: Time to keep the job's artifacts on disk after job completion. This also affects how long a job is listed in the Job Inspector. + description: Time to keep the job's artifacts on disk after job completion. This + also affects how long a job is listed in the Job Inspector. pattern: \d+[smh]$ ignoreGroupJobsLimit: type: boolean title: Ignore Worker Group job limits - description: When enabled, this job's artifacts are not counted toward the Worker Group's finished job artifacts limit. Artifacts will be removed only after the Collector's configured time to live. + description: When enabled, this job's artifacts are not counted toward the + Worker Group's finished job artifacts limit. Artifacts will be + removed only after the Collector's configured time to live. removeFields: type: array title: Remove Discover fields - description: List of fields to remove from Discover results. Wildcards (for example, aws*) are allowed. This is useful when discovery returns sensitive fields that should not be exposed in the Jobs user interface. + description: List of fields to remove from Discover results. Wildcards (for + example, aws*) are allowed. This is useful when discovery returns + sensitive fields that should not be exposed in the Jobs user + interface. minItems: 0 items: type: string @@ -43441,11 +52019,13 @@ components: resumeOnBoot: type: boolean title: Resume job on boot - description: Resume the ad hoc job if a failure condition causes Stream to restart during job execution + description: Resume the ad hoc job if a failure condition causes Stream to + restart during job execution environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. schedule: $ref: "#/components/schemas/ScheduleTypeSavedJobResponseCollection" streamtags: @@ -43458,7 +52038,9 @@ components: $ref: "#/components/schemas/ExecutorTypeRunnableJobExecutor" __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. type: object SavedJobScheduledSearch: required: @@ -43478,16 +52060,22 @@ components: ttl: type: string title: Time to live - description: Time to keep the job's artifacts on disk after job completion. This also affects how long a job is listed in the Job Inspector. + description: Time to keep the job's artifacts on disk after job completion. This + also affects how long a job is listed in the Job Inspector. pattern: \d+[smh]$ ignoreGroupJobsLimit: type: boolean title: Ignore Worker Group job limits - description: When enabled, this job's artifacts are not counted toward the Worker Group's finished job artifacts limit. Artifacts will be removed only after the Collector's configured time to live. + description: When enabled, this job's artifacts are not counted toward the + Worker Group's finished job artifacts limit. Artifacts will be + removed only after the Collector's configured time to live. removeFields: type: array title: Remove Discover fields - description: List of fields to remove from Discover results. Wildcards (for example, aws*) are allowed. This is useful when discovery returns sensitive fields that should not be exposed in the Jobs user interface. + description: List of fields to remove from Discover results. Wildcards (for + example, aws*) are allowed. This is useful when discovery returns + sensitive fields that should not be exposed in the Jobs user + interface. minItems: 0 items: type: string @@ -43496,11 +52084,13 @@ components: resumeOnBoot: type: boolean title: Resume job on boot - description: Resume the ad hoc job if a failure condition causes Stream to restart during job execution + description: Resume the ad hoc job if a failure condition causes Stream to + restart during job execution environment: type: string title: Environment - description: Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. + description: Optionally, enable this config only on a specified Git branch. If + empty, will be enabled everywhere. schedule: $ref: "#/components/schemas/ScheduleTypeSavedJobResponseCollection" streamtags: @@ -43515,13 +52105,29 @@ components: description: Identifies which search query to run __template_streamtags: type: string - description: Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. + description: Binds 'streamtags' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'streamtags' at runtime. type: object SavedJob: oneOf: - $ref: "#/components/schemas/SavedJobCollection" - $ref: "#/components/schemas/SavedJobExecutor" - $ref: "#/components/schemas/SavedJobScheduledSearch" + CollectorType: + type: string + enum: + - azure_blob + - cribl_lake + - database + - filesystem + - google_cloud_storage + - health_check + - rest + - s3 + - script + - splunk + x-speakeasy-unknown-values: allow CloudProvider: type: - string @@ -43582,7 +52188,8 @@ components: properties: deployedVersion: type: string - description: Version of the lookup file currently deployed on the Worker or Node. + description: Version of the lookup file currently deployed on the Worker or + Node. file: type: string description: File name of the deployed lookup. @@ -43603,10 +52210,20 @@ components: description: Cloud provider and region details for a Cribl.Cloud Worker Group. configVersion: type: string - description: "Commit hash of the deployed configuration version for the Worker Group, Outpost Group, or Edge Fleet. Automatically populated and returned in responses.

**Warning**: Do not change the value of configVersion in the body of PATCH requests. The PATCH request body must include the value as it appears in the GET /products/{product}/groups/{id} response." + description: "Commit hash of the deployed configuration version for the Worker + Group, Outpost Group, or Edge Fleet. Automatically populated and + returned in responses.

**Warning**: Do not change the + value of configVersion in the body of PATCH requests. + The PATCH request body must include the value as it appears in the + GET /products/{product}/groups/{id} response." deployingWorkerCount: type: integer - description: "Number of Workers or Nodes that are currently deploying the latest configuration version.

**Warning**: Do not change the value of deployingWorkerCount in the body of PATCH requests. The PATCH request body must include the value as it appears in the GET /products/{product}/groups/{id} response." + description: "Number of Workers or Nodes that are currently deploying the latest + configuration version.

**Warning**: Do not change the + value of deployingWorkerCount in the body of PATCH + requests. The PATCH request body must include the value as it + appears in the GET /products/{product}/groups/{id} + response." description: type: string description: Brief description of the Worker Group, Outpost Group, or Edge Fleet. @@ -43627,60 +52244,95 @@ components: items: $ref: "#/components/schemas/Commit" description: List of recent configuration commits. - description: Git status of the Worker Group, Outpost Group, or Edge Fleet configuration. Automatically populated and returned in responses. + description: Git status of the Worker Group, Outpost Group, or Edge Fleet + configuration. Automatically populated and returned in responses. id: type: string + description: Unique identifier. incompatibleWorkerCount: type: integer - description: "Number of Workers or Nodes running a Cribl version that is incompatible with the current upgrade target.

**Warning**: Do not change the value of incompatibleWorkerCount in the body of PATCH requests. The PATCH request body must include the value as it appears in the GET /products/{product}/groups/{id} response." + description: "Number of Workers or Nodes running a Cribl version that is + incompatible with the current upgrade target.

**Warning**: + Do not change the value of incompatibleWorkerCount in + the body of PATCH requests. The PATCH request body must include the + value as it appears in the GET + /products/{product}/groups/{id} response." inherits: type: string - description: The id of the parent Edge Fleet. If provided, this Fleet inherits configuration from the specified parent Fleet. Applies only to Edge Fleets. + description: The id of the parent Edge Fleet. If provided, this + Fleet inherits configuration from the specified parent Fleet. + Applies only to Edge Fleets. isFleet: type: boolean - description: Indicates whether this is an Edge Fleet. Deprecated. Use to identify Edge Fleets. + description: Indicates whether this is an Edge Fleet. Deprecated. Use to + identify Edge Fleets. deprecated: true isSearch: type: boolean - description: Indicates whether this is an internal Search Group. Deprecated. Use to identify Search Groups. + description: Indicates whether this is an internal Search Group. Deprecated. Use + to identify Search Groups. deprecated: true lookupDeployments: type: array items: $ref: "#/components/schemas/ConfigGroupLookups" - description: "Lookup deployment status per Worker or Node context.

**Warning**: Do not change the value of lookupDeployments in the body of PATCH requests. The PATCH request body must include the value as it appears in the GET /products/{product}/groups/{id} response." + description: "Lookup deployment status per Worker or Node context.

+ **Warning**: Do not change the value of + lookupDeployments in the body of PATCH requests. The + PATCH request body must include the value as it appears in the + GET /products/{product}/groups/{id} response." maxWorkerAge: type: string - description: Maximum duration a Worker or Node can remain disconnected before the Leader removes it. The value is a numeral with units, such as 8h, 5d, 1w. + description: Maximum duration a Worker or Node can remain disconnected before + the Leader removes it. The value is a numeral with units, such as + 8h, 5d, 1w. name: type: string description: Name of the Worker Group, Outpost Group, or Edge Fleet. onPrem: type: boolean - description: If true, the Worker Group, Outpost Group, or Edge Fleet uses customer-hosted (on-prem) workers. If false, the Worker Group, Outpost Group, or Edge Fleet is managed in Cribl.Cloud. + description: If true, the Worker Group, Outpost Group, or Edge + Fleet uses customer-hosted (on-prem) workers. If false, + the Worker Group, Outpost Group, or Edge Fleet is managed in + Cribl.Cloud. provisioned: type: boolean - description: If true, the Cribl.Cloud Worker Group has active Workers provisioned. Applies only to Cribl.Cloud Worker Groups. + description: If true, the Cribl.Cloud Worker Group has active + Workers provisioned. Applies only to Cribl.Cloud Worker Groups. streamtags: type: array items: type: string - description: Metadata tags attached to the Worker Group, Outpost Group, or Edge Fleet for categorization, filtering, and tag-based routing and policy application. Useful for organizing Groups and Fleets and enabling tag-driven workflows in Cribl. + description: Metadata tags attached to the Worker Group, Outpost Group, or Edge + Fleet for categorization, filtering, and tag-based routing and + policy application. Useful for organizing Groups and Fleets and + enabling tag-driven workflows in Cribl. tags: type: string - description: Legacy system-level tags associated with the Worker Group, Outpost Group, or Edge Fleet. Use streamtags instead. + description: Legacy system-level tags associated with the Worker Group, Outpost + Group, or Edge Fleet. Use streamtags instead. deprecated: true type: $ref: "#/components/schemas/TypeOptionsConfigGroup" upgradeVersion: type: string - description: Target software upgrade version. Applies only to Outpost Groups and Edge Fleets. + description: Target software upgrade version. Applies only to Outpost Groups and + Edge Fleets. workerCount: type: integer - description: "Number of Workers or Nodes currently in the Worker Group, Outpost Group, or Edge Fleet. The value is automatically populated and **does not scale Cribl.Cloud Worker Groups**. Use estimatedIngestRate to scale Cribl.Cloud Worker Groups.

**Warning**: Do not change the value of workerCount in the body of PATCH requests. The PATCH request body must include the value as it appears in the GET /products/{product}/groups/{id} response." + description: "Number of Workers or Nodes currently in the Worker Group, Outpost + Group, or Edge Fleet. The value is automatically populated and + **does not scale Cribl.Cloud Worker Groups**. Use + estimatedIngestRate to scale Cribl.Cloud Worker Groups. +

**Warning**: Do not change the value of + workerCount in the body of PATCH requests. The PATCH + request body must include the value as it appears in the GET + /products/{product}/groups/{id} response." workerRemoteAccess: type: boolean - description: If true, the Leader allows remote access (teleporting) into the Workers or Nodes of the Worker Group, Outpost Group, or Edge Fleet. + description: If true, the Leader allows remote access (teleporting) + into the Workers or Nodes of the Worker Group, Outpost Group, or + Edge Fleet. required: - id CountedConfigGroup: @@ -43691,6 +52343,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/ConfigGroup" GroupCreateRequest: @@ -43707,49 +52360,69 @@ components: $ref: "#/components/schemas/EstimatedIngestRateOptionsConfigGroup" id: type: string + description: Unique identifier. inherits: type: string - description: The id of the parent Edge Fleet. If provided, this Fleet inherits configuration from the specified parent Fleet. Applies only to Edge Fleets. + description: The id of the parent Edge Fleet. If provided, this + Fleet inherits configuration from the specified parent Fleet. + Applies only to Edge Fleets. isFleet: type: boolean - description: Indicates whether this is an Edge Fleet. Deprecated. Use to identify Edge Fleets. + description: Indicates whether this is an Edge Fleet. Deprecated. Use to + identify Edge Fleets. deprecated: true isSearch: type: boolean - description: Indicates whether this is an internal Search Group. Deprecated. Use to identify Search Groups. + description: Indicates whether this is an internal Search Group. Deprecated. Use + to identify Search Groups. deprecated: true maxWorkerAge: type: string - description: Maximum duration a Worker or Node can remain disconnected before the Leader removes it. The value is a numeral with units, such as 8h, 5d, 1w. + description: Maximum duration a Worker or Node can remain disconnected before + the Leader removes it. The value is a numeral with units, such as + 8h, 5d, 1w. name: type: string description: Name of the Worker Group, Outpost Group, or Edge Fleet. onPrem: type: boolean - description: If true, the Worker Group, Outpost Group, or Edge Fleet uses customer-hosted (on-prem) workers. If false, the Worker Group, Outpost Group, or Edge Fleet is managed in Cribl.Cloud. + description: If true, the Worker Group, Outpost Group, or Edge + Fleet uses customer-hosted (on-prem) workers. If false, + the Worker Group, Outpost Group, or Edge Fleet is managed in + Cribl.Cloud. provisioned: type: boolean - description: If true, the Cribl.Cloud Worker Group has active Workers provisioned. Applies only to Cribl.Cloud Worker Groups. + description: If true, the Cribl.Cloud Worker Group has active + Workers provisioned. Applies only to Cribl.Cloud Worker Groups. sourceGroupId: type: string - description: The id of an existing Worker Group, Outpost Group, or Edge Fleet to copy configuration from when creating a new Group or Fleet. + description: The id of an existing Worker Group, Outpost Group, or + Edge Fleet to copy configuration from when creating a new Group or + Fleet. streamtags: type: array items: type: string - description: Metadata tags attached to the Worker Group, Outpost Group, or Edge Fleet for categorization, filtering, and tag-based routing and policy application. Useful for organizing Groups and Fleets and enabling tag-driven workflows in Cribl. + description: Metadata tags attached to the Worker Group, Outpost Group, or Edge + Fleet for categorization, filtering, and tag-based routing and + policy application. Useful for organizing Groups and Fleets and + enabling tag-driven workflows in Cribl. tags: type: string - description: Legacy system-level tags associated with the Worker Group, Outpost Group, or Edge Fleet. Use streamtags instead. + description: Legacy system-level tags associated with the Worker Group, Outpost + Group, or Edge Fleet. Use streamtags instead. deprecated: true type: $ref: "#/components/schemas/TypeOptionsConfigGroup" upgradeVersion: type: string - description: Target software upgrade version. Applies only to Outpost Groups and Edge Fleets. + description: Target software upgrade version. Applies only to Outpost Groups and + Edge Fleets. workerRemoteAccess: type: boolean - description: If true, the Leader allows remote access (teleporting) into the Workers or Nodes of the Worker Group, Outpost Group, or Edge Fleet. + description: If true, the Leader allows remote access (teleporting) + into the Workers or Nodes of the Worker Group, Outpost Group, or + Edge Fleet. required: - id DeployRequestLookups: @@ -43798,6 +52471,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/TeamAccessControlList" TeamAccessControlList: @@ -43826,6 +52500,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/CriblLakeDataset" CacheConnectionBackfillStatus: @@ -43856,16 +52531,20 @@ components: description: Backfill status for data being loaded into the cache. cacheRef: type: string - description: Identifier of the Lakehouse cache referenced by the Dataset. + description: Unique identifier for the Lakehouse cache referenced by the Dataset. createdAt: type: number - description: Timestamp when the continuous data feed to the Lakehouse cache started, in Unix time (milliseconds). + description: Timestamp (in Unix time) when the continuous data feed to the + Lakehouse cache started, in milliseconds. lakehouseConnectionType: $ref: "#/components/schemas/LakehouseConnectionType" - description: If new, the Lakehouse was attached before data existed in the Dataset. If existing, the Lakehouse was attached after data existed in the Dataset. + description: If new, the Lakehouse was attached before data existed + in the Dataset. If existing, the Lakehouse was attached + after data existed in the Dataset. migrationQueryId: type: string - description: Query identifier of the active Lakehouse migration. Omitted if no migration is in progress. + description: Unique identifier for the active Lakehouse migration query. Omitted + if no migration is in progress. retentionInDays: type: number description: Retention period for the Lakehouse cache connection, in days. @@ -43881,7 +52560,8 @@ components: description: Total current logical size of the Dataset, in bytes. metricsDate: type: string - description: Timestamp (ISO 8601) when the metrics snapshot was generated. + description: Timestamp (in Unix time) when the metrics snapshot was generated, + as a YYYY-MM-DD calendar date. required: - currentSizeBytes - metricsDate @@ -43890,16 +52570,20 @@ components: properties: earliestScannedTime: type: integer - description: Timestamp (in Unix time) for the earliest event that was observed during the scan (seconds). + description: Timestamp (in Unix time) for the earliest event that was observed + during the scan (seconds). finishedAt: type: integer - description: Timestamp (in Unix time) when the acceleration run finished (milliseconds). + description: Timestamp (in Unix time) when the acceleration run finished + (milliseconds). latestScannedTime: type: integer - description: Timestamp (in Unix time) for the latest event that was observed during the scan (seconds). + description: Timestamp (in Unix time) for the latest event that was observed + during the scan (seconds). objectCount: type: integer - description: Number of objects on the acceleration manifest after the scan completed. + description: Number of objects on the acceleration manifest after the scan + completed. DatasetMetadata: type: object properties: @@ -43909,12 +52593,14 @@ components: example: -30d enableAcceleration: type: boolean - description: If true, the system automatically backfills and refreshes Dataset metadata. + description: If true, the system automatically backfills and + refreshes Dataset metadata. Otherwise, false. fieldList: type: array items: type: string - description: Fields for which acceleration gathers statistics. Required when scan mode is detailed. + description: Fields for which acceleration gathers statistics. Required when + scan mode is detailed. latestRunInfo: $ref: "#/components/schemas/DatasetMetadataRunInfo" description: Details from the most recent acceleration scan. @@ -43923,7 +52609,9 @@ components: enum: - detailed - quick - description: Acceleration scan mode. quick collects object-level metadata; detailed also collects field-level statistics. + description: Acceleration scan mode. quick collects object-level + metadata; detailed also collects field-level + statistics. x-speakeasy-unknown-values: allow required: - earliest @@ -43944,10 +52632,16 @@ components: description: Row format for Search v2 Lake path filters. dataTypeId: type: string - description: Datatype identifier that maps filtered objects to a data type definition. + description: Datatype identifier that maps filtered objects to a data type + definition. filter: type: string description: Glob pattern for selecting files within the storage path. + preprocessOuterJson: + type: boolean + description: When true, instructs the C++ reader to unwrap the outer JSON + envelope before applying the user datatype to the nested _raw field. + Set for Cribl Lake NDJSON filters only. required: - dataTypeId - filter @@ -43964,10 +52658,11 @@ components: type: array items: type: string - description: Datatype identifiers assigned to the Dataset for search-time event classification. + description: Datatype identifiers assigned to the Dataset for search-time event + classification. description: type: string - description: Brief description of Dataset search configuration. + description: Brief description of the Dataset search configuration. metadata: $ref: "#/components/schemas/DatasetMetadata" description: Key-value metadata for the Dataset search configuration. @@ -43975,10 +52670,13 @@ components: type: array items: $ref: "#/components/schemas/ObjectStorageFilter" - description: Glob-to-Datatype mappings for the Lake bucket path. Used only for search execution v2. + description: Glob-to-Datatype mappings for the Lake bucket path. Used only for + search execution v2. searchVersion: $ref: "#/components/schemas/SearchVersion" - description: Search execution version for the Cribl Lake Dataset. Search execution v1 uses Event Breakers and Datatypes, and v2 uses path filters. If omitted, default is v1. + description: Search execution version for the Cribl Lake Dataset. Search + execution v1 uses Event Breakers and Datatypes, and v2 uses path + filters. If omitted, default is v1. tags: type: string description: Comma-separated tags for the Dataset search configuration. @@ -43989,16 +52687,19 @@ components: type: array items: type: string - description: Accelerated fields for the Dataset. Data is partitioned by these fields in storage to improve query performance. + description: Accelerated fields for the Dataset. Data is partitioned by these + fields in storage to improve query performance. bucketName: type: string - description: Name of the legacy Cribl Lake bucket that backs the Dataset. Mutually exclusive with storageLocationId. + description: Name of the legacy Cribl Lake bucket that backs the Dataset. + Mutually exclusive with storageLocationId. cacheConnection: $ref: "#/components/schemas/CacheConnection" description: Lakehouse cache connection settings for the Dataset. deletionStartedAt: type: number - description: Timestamp (in Unix time) when Dataset deletion was initiated, in milliseconds. + description: Timestamp (in Unix time) when Dataset deletion was initiated, in + milliseconds. description: type: string description: Brief description of the Dataset. @@ -44007,6 +52708,7 @@ components: httpDAUsed: type: boolean description: If true, the Dataset is used by Direct Access HTTP. + Otherwise, false. id: type: string description: Unique identifier for the Dataset. @@ -44023,7 +52725,8 @@ components: $ref: "#/components/schemas/StorageClassOptionsCriblLakeDataset" storageLocationId: type: string - description: Identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName. + description: Unique identifier for the Storage Location that backs the Dataset. + Mutually exclusive with bucketName. viewName: type: string description: Name of the ClickHouse view for the Dataset on the Lakehouse. @@ -44036,16 +52739,19 @@ components: type: array items: type: string - description: Accelerated fields for the Dataset. Data is partitioned by these fields in storage to improve query performance. + description: Accelerated fields for the Dataset. Data is partitioned by these + fields in storage to improve query performance. bucketName: type: string - description: Name of the legacy Cribl Lake bucket that backs the Dataset. Mutually exclusive with storageLocationId. + description: Name of the legacy Cribl Lake bucket that backs the Dataset. + Mutually exclusive with storageLocationId. cacheConnection: $ref: "#/components/schemas/CacheConnection" description: Lakehouse cache connection settings for the Dataset. deletionStartedAt: type: number - description: Timestamp (in Unix time) when Dataset deletion was initiated, in milliseconds. + description: Timestamp (in Unix time) when Dataset deletion was initiated, in + milliseconds. description: type: string description: Brief description of the Dataset. @@ -44054,9 +52760,11 @@ components: httpDAUsed: type: boolean description: If true, the Dataset is used by Direct Access HTTP. + Otherwise, false. id: type: string - description: Dataset identifier. Optional; the path parameter id is authoritative. + description: Unique identifier for the Dataset. Optional; the path parameter + id is authoritative. metrics: $ref: "#/components/schemas/LakeDatasetMetrics" description: Most recent Dataset metrics snapshot. @@ -44070,7 +52778,8 @@ components: $ref: "#/components/schemas/StorageClassOptionsCriblLakeDataset" storageLocationId: type: string - description: Identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName. + description: Unique identifier for the Storage Location that backs the Dataset. + Mutually exclusive with bucketName. viewName: type: string description: Name of the ClickHouse view for the Dataset on the Lakehouse. @@ -44124,7 +52833,10 @@ components: - 1 - 2 - 3 - description: Stage at which events are captured.
0 == Before pre-processing Pipeline
1 == Before the Routes
2 == Before post-processing Pipeline
3 == Before the Destination. + description: Stage at which events are captured.
0 == Before + pre-processing Pipeline
1 == Before the Routes +
2 == Before post-processing Pipeline
3 + == Before the Destination. x-speakeasy-enum-descriptions: - 1. Before pre-processing Pipeline - 2. Before the Routes @@ -44141,30 +52853,40 @@ components: properties: duration: type: integer - description: Amount of time to keep capture open, in seconds. If not provided, the default is 5 seconds. + description: Amount of time to keep capture open, in seconds. If not provided, + the default is 5 seconds. minimum: 1 filter: type: string - description: JavaScript expression evaluated against each event to determine whether an event is included in the capture output. Expressions can reference any event field and use logical operators. If not provided, all events are captured. + description: JavaScript expression evaluated against each event to determine + whether an event is included in the capture output. Expressions can + reference any event field and use logical operators. If not + provided, all events are captured. level: $ref: "#/components/schemas/CaptureLevel" - description: Stage at which events are captured. If not provided, the default is 0. + description: Stage at which events are captured. If not provided, the default is + 0. minimum: 0 maximum: 3 maxEvents: type: integer - description: Maximum number of events to capture. If not provided, the default is 100. + description: Maximum number of events to capture. If not provided, the default + is 100. minimum: 1 maximum: 10000 stepDuration: type: integer - description: How long to wait before increasing the capture sample size. Specify 1 second or longer. If not provided, the default is 5 seconds. + description: How long to wait before increasing the capture sample size. Specify + 1 second or longer. If not provided, the default is 5 + seconds. workerId: type: string description: Unique ID of the Worker. workerThreshold: type: integer - description: Maximum number of Workers that can capture initially. A value of 0 means unlimited (all available Workers can capture). If not provided, the default is 50. + description: Maximum number of Workers that can capture initially. A value of + 0 means unlimited (all available Workers can capture). + If not provided, the default is 50. CountedNumber: type: object properties: @@ -44173,6 +52895,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: type: number CountedMasterWorkerEntry: @@ -44183,6 +52906,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/MasterWorkerEntry" ConnectionProtocol: @@ -44223,7 +52947,8 @@ components: required: - host - port - description: Connection parameters for the Leader Node, as reported in a Worker heartbeat. + description: Connection parameters for the Leader Node, as reported in a Worker + heartbeat. HBCriblInfo: type: object properties: @@ -44244,7 +52969,8 @@ components: description: Current policies revision string. usersRev: type: string - description: Current users revision string. Only used in leader <> leader universal subscription. + description: Current users revision string. Only used in leader <> leader + universal subscription. version: type: string description: Configuration bundle version. @@ -44254,7 +52980,8 @@ components: description: Unique identifier for the deployment assigned for the node. disableSNIRouting: type: boolean - description: If true, SNI-based routing to the Leader is disabled for the connection. + description: If true, SNI-based routing to the Leader is disabled + for the connection. distMode: type: string enum: @@ -44282,22 +53009,28 @@ components: description: Unique instance identifier for the Cribl node. installType: type: string - description: Value of the CRIBL_INSTALL_TYPE environment variable, relayed for upgrade decisions (since 4.5.0). + description: Value of the CRIBL_INSTALL_TYPE environment variable, + relayed for upgrade decisions (since 4.5.0). lookupVersions: $ref: "#/components/schemas/LookupVersions" description: Deployed Lookup file names and their deployed versions by context. master: $ref: "#/components/schemas/HBLeaderInfo" - description: Leader connection details when the node is a Worker or Edge reporting upstream. + description: Leader connection details when the node is a Worker or Edge + reporting upstream. + overlayId: + type: string pid: type: integer description: The process ID. socksEnabled: type: boolean - description: If true, SOCKS proxy connectivity is enabled for the node. + description: If true, SOCKS proxy connectivity is enabled for the + node. startTime: type: integer - description: Timestamp (in Unix time) when the Cribl server process started, in milliseconds. + description: Timestamp (in Unix time) when the Cribl server process started, in + milliseconds. tags: type: array items: @@ -44532,6 +53265,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/RestartResponse" RestartResponse: @@ -44568,6 +53302,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/DistributedSummary" DistributedSummary: @@ -44610,10 +53345,12 @@ components: properties: alive: type: integer - description: Total number of Worker or Edge Nodes that are connected with healthy status. + description: Total number of Worker or Edge Nodes that are connected with + healthy status. confVersions: type: integer - description: Total number of unique configuration versions across all Worker or Edge Nodes. + description: Total number of unique configuration versions across all Worker or + Edge Nodes. count: type: integer description: Total number of Worker or Edge Nodes. @@ -44622,13 +53359,16 @@ components: description: Total number of Worker or Edge Nodes in a disconnected state. groups: type: integer - description: Total number of distinct Worker Groups or Edge Fleets that the Workers or Edge Nodes belong to. + description: Total number of distinct Worker Groups or Edge Fleets that the + Workers or Edge Nodes belong to. softwareVersions: type: integer - description: Total number of unique Cribl software versions across all Worker or Edge Nodes. + description: Total number of unique Cribl software versions across all Worker or + Edge Nodes. unhealthy: type: integer - description: Total number of Worker or Edge Nodes that are connected with a status other than healthy. + description: Total number of Worker or Edge Nodes that are connected with a + status other than healthy. required: - alive - confVersions @@ -44639,10 +53379,52 @@ components: - unhealthy required: - groups - description: Summary of the deployment for the specified Cribl product (Stream or Edge). + description: Summary of the deployment for the specified Cribl product (Stream + or Edge). + ActiveHealthOverlayStatus: + type: object + properties: + binaryVersion: + type: string + description: Binary version targeted by the active overlay. + example: 4.12.0 + overlayId: + type: string + description: Active overlay identifier. + examples: + - patch.0 + - sideload.a1b2c3d + state: + type: string + const: active + description: Current overlay state. + example: active + required: + - binaryVersion + - overlayId + - state + title: ActiveHealthOverlayStatus + NoActiveHealthOverlayStatus: + type: object + properties: + state: + type: string + const: inactive + description: Current overlay state. + example: inactive + required: + - state + title: NoActiveHealthOverlayStatus + HealthOverlayStatus: + oneOf: + - $ref: "#/components/schemas/ActiveHealthOverlayStatus" + - $ref: "#/components/schemas/NoActiveHealthOverlayStatus" HealthServerStatus: type: object properties: + overlay: + $ref: "#/components/schemas/HealthOverlayStatus" + description: Overlay state for this process. role: type: string enum: @@ -44659,9 +53441,11 @@ components: - healthy - shutting down - standby - description: "Health state: healthy, standby, or shutting down." + description: "Health state: healthy, standby, or + shutting down." x-speakeasy-unknown-values: allow required: + - overlay - startTime - status description: Health status of the Leader or Worker Node. @@ -44673,6 +53457,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/PackInstallInfo" InstallWarnings: @@ -44700,6 +53485,7 @@ components: type: string id: type: string + description: Unique identifier. inputs: type: number isDisabled: @@ -44763,6 +53549,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/PackUninstallInfo" PackUninstallInfo: @@ -44783,6 +53570,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/PackInfo" PackInfo: @@ -44806,6 +53594,7 @@ components: type: string id: type: string + description: Unique identifier. inputs: type: number isDisabled: @@ -44856,6 +53645,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/GitCommitSummary" GitFileRename: @@ -44914,6 +53704,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/GitCountResult" GitCountResult: @@ -44931,6 +53722,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/GitDiffResult" DiffFiles: @@ -45026,6 +53818,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/GitFilesResponse" GitFile: @@ -45064,6 +53857,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/GitRevertResult" GitRevertResult: @@ -45104,6 +53898,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/GitShowResult" GitShowResult: @@ -45124,6 +53919,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/SystemSettingsConf" EmptyObject: @@ -45286,6 +54082,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/SystemRestartResponse" SystemRestartResponse: @@ -45305,6 +54102,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/BranchInfo" BranchInfo: @@ -45312,6 +54110,7 @@ components: properties: id: type: string + description: Unique identifier. required: - id GitCommitBody: @@ -45342,6 +54141,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/GitInfo" GitInfo: @@ -45366,6 +54166,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/GitLogResult" GitLogResult: @@ -45393,6 +54194,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: $ref: "#/components/schemas/GitStatusResult" GitStatusResult: @@ -45475,6 +54277,7 @@ components: description: number of items present in the items array items: type: array + description: List of items in this response. items: type: boolean AdditionalPropertiesTypeEnrichedFieldsSavedState: @@ -45548,6 +54351,23 @@ components: - TLSv1.2 - TLSv1.3 x-speakeasy-unknown-values: allow + RootNodeConfRedisDeploymentTypeCluster: + type: object + required: + - host + - port + properties: + host: + type: string + title: Hostname + description: "Hostname of cluster node. Must be a JavaScript expression (which + can evaluate to a constant value), enclosed in quotes or backticks. + Can be evaluated only at init time. Example referencing a Global + Variable: `myBucket-${C.vars.myVar}`." + port: + type: number + title: Port + description: Port of cluster node ScaleReadsOptionsRedisDeploymentTypeCluster: title: Scale reads type: string @@ -45569,7 +54389,9 @@ components: regex: type: string title: Regex - description: Regex literal with named capturing groups, such as (?bar), or _NAME_ and _VALUE_ capturing groups, such as (?<_NAME_0>[^ =]+)=(?<_VALUE_0>[^,]+) + description: Regex literal with named capturing groups, such as (?bar), or + _NAME_ and _VALUE_ capturing groups, such as (?<_NAME_0>[^ + =]+)=(?<_VALUE_0>[^,]+) minLength: 1 PatternListConfSerdeTypeGrok: type: object @@ -45579,7 +54401,8 @@ components: pattern: type: string title: Pattern - description: "Grok pattern to extract fields. Syntax supported: %{PATTERN_NAME:FIELD_NAME}" + description: "Grok pattern to extract fields. Syntax supported: + %{PATTERN_NAME:FIELD_NAME}" PrivacyProtocolOptionsSnmpTrapSerializeV3UserAuthProtocolNotNone: type: string enum: @@ -45683,7 +54506,8 @@ components: certificateName: type: string title: Certificate - description: The certificate you registered as credentials for your app in the Azure portal + description: The certificate you registered as credentials for your app in the + Azure portal HiddenDefaultBreakersOptionsDatabaseCollectorConf: type: string title: Hidden Default Breakers @@ -45703,7 +54527,8 @@ components: value: title: Value type: string - description: JavaScript expression to compute the parameter value (can be a constant). + description: JavaScript expression to compute the parameter value (can be a + constant). AuthRequestHeaderConfHealthCheckAuthenticationLogin: type: object required: @@ -45717,7 +54542,8 @@ components: value: type: string title: Value - description: JavaScript expression to compute the header value (can be a constant). + description: JavaScript expression to compute the header value (can be a + constant). AuthRequestParamConfHealthCheckAuthenticationOauth: type: object required: @@ -45731,7 +54557,10 @@ components: value: title: Value type: string - description: JavaScript expression to compute the parameter's value, normally enclosed in backticks (e.g., `${earliest}`). If a constant, use single quotes (e.g., 'earliest'). Values without delimiters (e.g., earliest) are evaluated as strings. + description: JavaScript expression to compute the parameter's value, normally + enclosed in backticks (e.g., `${earliest}`). If a constant, use + single quotes (e.g., 'earliest'). Values without delimiters + (e.g., earliest) are evaluated as strings. AuthRequestHeaderConfHealthCheckAuthenticationOauth: type: object required: @@ -45745,7 +54574,10 @@ components: value: type: string title: Value - description: JavaScript expression to compute the header's value, normally enclosed in backticks (e.g., `${earliest}`). If a constant, use single quotes (e.g., 'earliest'). Values without delimiters (e.g., earliest) are evaluated as strings. + description: JavaScript expression to compute the header's value, normally + enclosed in backticks (e.g., `${earliest}`). If a constant, use + single quotes (e.g., 'earliest'). Values without delimiters + (e.g., earliest) are evaluated as strings. DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHttp: type: string title: Discover method @@ -45784,7 +54616,10 @@ components: value: title: Value type: string - description: JavaScript expression to compute parameter value, usually enclosed in backticks (`${earliest}`). If a constant, use single quotes ('earliest'). Values that aren't successfully evaluated as JavaScript expressions will be treated as string constants. + description: JavaScript expression to compute parameter value, usually enclosed + in backticks (`${earliest}`). If a constant, use single quotes + ('earliest'). Values that aren't successfully evaluated as + JavaScript expressions will be treated as string constants. DiscoverMethodOptionsRestDiscoveryDiscoverTypeHttp: type: string title: Discover method @@ -45820,20 +54655,30 @@ components: RestDiscoveryDiscoverTypeHttpPaginationType: oneOf: - $ref: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPaginationTypeNone" - - $ref: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPaginationTypeResponseBody" - - $ref: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPaginationTypeResponseHeader" - - $ref: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPaginationTypeResponseHeaderLink" - - $ref: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPaginationTypeRequestOffset" - - $ref: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPaginationTypeRequestPage" + - $ref: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPaginationTypeResponse\ + Body" + - $ref: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPaginationTypeResponse\ + Header" + - $ref: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPaginationTypeResponse\ + HeaderLink" + - $ref: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPaginationTypeRequestO\ + ffset" + - $ref: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPaginationTypeRequestP\ + age" discriminator: propertyName: type mapping: none: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPaginationTypeNone" - response_body: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPaginationTypeResponseBody" - response_header: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPaginationTypeResponseHeader" - response_header_link: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPaginationTypeResponseHeaderLink" - request_offset: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPaginationTypeRequestOffset" - request_page: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPaginationTypeRequestPage" + response_body: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPaginationTyp\ + eResponseBody" + response_header: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPaginationT\ + ypeResponseHeader" + response_header_link: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPagina\ + tionTypeResponseHeaderLink" + request_offset: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPaginationTy\ + peRequestOffset" + request_page: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPaginationType\ + RequestPage" AuthenticationMethodOptionsS3CollectorConf: type: string title: Authentication method @@ -45858,7 +54703,9 @@ components: InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint: type: object title: Input provenance - description: Read-only metadata that records how the Source was created. Preserved on update when omitted from the request body. Cannot be set on create. + description: Read-only metadata that records how the Source was created. + Preserved on update when omitted from the request body. Cannot be set on + create. additionalProperties: false properties: origin: @@ -45869,7 +54716,8 @@ components: x-speakeasy-unknown-values: allow destinationArn: type: string - description: ARN of the S3 bucket or Firehose delivery stream configured as the Source. + description: ARN of the S3 bucket or Firehose delivery stream configured as the + Source. sourceArn: type: string description: ARN of the AWS resource that produces the logs. @@ -45886,7 +54734,10 @@ components: ModeOptionsPq: type: string title: Mode - description: With Smart mode, PQ will write events to the filesystem only when it detects backpressure from the processing engine. With Always On mode, PQ will always write events directly to the queue before forwarding them to the processing engine. + description: With Smart mode, PQ will write events to the filesystem only when + it detects backpressure from the processing engine. With Always On mode, + PQ will always write events directly to the queue before forwarding them + to the processing engine. enum: - smart - always @@ -45916,7 +54767,8 @@ components: command: type: string title: Command - description: Command to feed the data through (via stdin) and process its output (stdout) + description: Command to feed the data through (via stdin) and process its output + (stdout) args: type: array title: Arguments @@ -45935,20 +54787,20 @@ components: value: type: string title: Value - description: JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.) - AuthType: + description: JavaScript expression to compute field's value, enclosed in quotes + or backticks. (Can evaluate to a constant.) + OauthParamConfInputKafka: type: object - description: Credentials to use when authenticating with the schema registry using basic HTTP authentication required: - - disabled + - name + - value properties: - disabled: - type: boolean - title: Disabled - credentialsSecret: + name: type: string - title: Credentials secret - description: Select or create a secret that references your credentials + title: Parameter Name + value: + type: string + title: Parameter Value MinimumTlsVersionOptionsTls: type: string title: Minimum TLS version @@ -45989,18 +54841,6 @@ components: - GSSAPI/Kerberos title: SASL mechanism x-speakeasy-unknown-values: allow - OauthParamConfInputKafka: - type: object - required: - - name - - value - properties: - name: - type: string - title: Parameter Name - value: - type: string - title: Parameter Value SaslExtensionConfInputKafka: type: object required: @@ -46019,7 +54859,8 @@ components: enum: - manual - secret - description: Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate + description: Select Manual to enter an auth token directly, or select Secret to + use a text secret to authenticate x-speakeasy-unknown-values: allow AuthenticationMethodOptions: title: Authentication method @@ -46105,15 +54946,31 @@ components: Name: type: string title: Filter name - description: See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html for information. Attributes can be manually entered if not present in the list. + description: See + https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html + for information. Attributes can be manually entered if not present + in the list. Values: type: array title: Filter values - description: Values to match within this row's attribute. If empty, search will return only running EC2 instances. + description: Values to match within this row's attribute. If empty, search will + return only running EC2 instances. minItems: 0 items: type: string minLength: 1 + HttpDiscoveryHeaderConfInputPrometheus: + type: object + required: + - name + - value + properties: + name: + type: string + title: Name + value: + type: string + title: Value CompressionOptionsPersistence: type: string title: Compression @@ -46133,7 +54990,8 @@ components: SubscriptionPlanOptions: type: string title: Subscription plan - description: Microsoft 365 subscription plan for your organization, typically Microsoft 365 Enterprise + description: Microsoft 365 subscription plan for your organization, typically + Microsoft 365 Enterprise enum: - enterprise_gcc - gcc @@ -46187,7 +55045,8 @@ components: privKeyPath: type: string title: Private key path - description: Path to the private key to use. Key should be in PEM format. Can reference $ENV_VARS. + description: Path to the private key to use. Key should be in PEM format. Can + reference $ENV_VARS. passphrase: type: string title: Passphrase @@ -46195,7 +55054,8 @@ components: certPath: type: string title: Certificate path - description: Path to the certificate to use. Certificate should be in PEM format. Can reference $ENV_VARS. + description: Path to the certificate to use. Certificate should be in PEM + format. Can reference $ENV_VARS. AuthenticationMethodOptionsSaslManualSecret: enum: - manual @@ -46243,7 +55103,8 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: Reject certificates that are not authorized by a CA in the CA certificate path, or by another trusted CA (such as the system's) + description: Reject certificates that are not authorized by a CA in the CA + certificate path, or by another trusted CA (such as the system's) AuthenticationMethodOptionsAuth: enum: - secret @@ -46254,7 +55115,10 @@ components: GoogleAuthenticationMethodOptions: type: string title: Google authentication method - description: Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials. + description: Choose Auto to use Google Application Default Credentials (ADC), + Manual to enter Google service account credentials directly, or Secret + to select or create a stored secret that references Google service + account credentials. enum: - auto - manual @@ -46338,7 +55202,8 @@ components: filter: type: string title: Filter Expression - description: JavaScript expression applied to Kubernetes objects. Return 'true' to include it. + description: JavaScript expression applied to Kubernetes objects. Return 'true' + to include it. description: type: string title: Description @@ -46355,7 +55220,8 @@ components: retries: type: number title: Retries - description: The number of times to retry processing when a processing error occurs. If Skip file on error is enabled, this setting is ignored. + description: The number of times to retry processing when a processing error + occurs. If Skip file on error is enabled, this setting is ignored. maximum: 100 minimum: 0 TagAfterProcessingOptions: @@ -46374,18 +55240,6 @@ components: - silly description: Collector runtime log level x-speakeasy-unknown-values: allow - RequestParamConfInputOpenai: - type: object - required: - - name - - value - properties: - name: - type: string - title: Name - value: - type: string - title: Value OauthParamConfInputServicenowTable: type: object required: @@ -46471,8 +55325,10 @@ components: description: Timestamp (in Unix time) when the status was last updated. useStatusFromLB: type: boolean - description: Set to prefer status from the LB process, not from the worker process. - description: "Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable." + description: Set to prefer status from the LB process, not from the worker + process. + description: "Runtime status: health, metrics, and optional persistent-queue + info. Fields may be absent when data is unavailable." MethodOptions: type: string title: Method @@ -46485,7 +55341,8 @@ components: FailedRequestLoggingModeOptions: type: string title: Failed request logging mode - description: Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below. + description: Data to log when a request fails. All headers are redacted by + default, unless listed as safe headers below. enum: - payload - payloadAndHeaders @@ -46509,19 +55366,24 @@ components: initialBackoff: type: number title: Pre-backoff interval (ms) - description: How long, in milliseconds, Cribl Stream should wait before initiating backoff. Maximum interval is 600,000 ms (10 minutes). + description: How long, in milliseconds, Cribl Stream should wait before + initiating backoff. Maximum interval is 600,000 ms (10 minutes). minimum: 0 maximum: 600000 backoffRate: type: number title: Backoff multiplier - description: Base for exponential backoff. A value of 2 (default) means Cribl Stream will retry after 2 seconds, then 4 seconds, then 8 seconds, etc. + description: Base for exponential backoff. A value of 2 (default) means Cribl + Stream will retry after 2 seconds, then 4 seconds, then 8 seconds, + etc. minimum: 1 maximum: 20 maxBackoff: type: number title: Backoff limit (ms) - description: The maximum backoff interval, in milliseconds, Cribl Stream should apply. Default (and minimum) is 10,000 ms (10 seconds); maximum is 180,000 ms (180 seconds). + description: The maximum backoff interval, in milliseconds, Cribl Stream should + apply. Default (and minimum) is 10,000 ms (10 seconds); maximum is + 180,000 ms (180 seconds). minimum: 10000 maximum: 180000 TimeoutRetrySettingsType: @@ -46535,19 +55397,24 @@ components: initialBackoff: type: number title: Pre-backoff interval (ms) - description: How long, in milliseconds, Cribl Stream should wait before initiating backoff. Maximum interval is 600,000 ms (10 minutes). + description: How long, in milliseconds, Cribl Stream should wait before + initiating backoff. Maximum interval is 600,000 ms (10 minutes). minimum: 0 maximum: 600000 backoffRate: type: number title: Backoff multiplier - description: Base for exponential backoff. A value of 2 (default) means Cribl Stream will retry after 2 seconds, then 4 seconds, then 8 seconds, etc. + description: Base for exponential backoff. A value of 2 (default) means Cribl + Stream will retry after 2 seconds, then 4 seconds, then 8 seconds, + etc. minimum: 1 maximum: 20 maxBackoff: type: number title: Backoff limit (ms) - description: The maximum backoff interval, in milliseconds, Cribl Stream should apply. Default (and minimum) is 10,000 ms (10 seconds); maximum is 180,000 ms (180 seconds). + description: The maximum backoff interval, in milliseconds, Cribl Stream should + apply. Default (and minimum) is 10,000 ms (10 seconds); maximum is + 180,000 ms (180 seconds). minimum: 10000 maximum: 180000 BackpressureBehaviorOptions: @@ -46569,7 +55436,10 @@ components: - always - backpressure title: Mode - description: In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem. + description: In Error mode, PQ writes events to the filesystem if the + Destination is unavailable. In Backpressure mode, PQ writes events to + the filesystem when it detects backpressure from the Destination. In + Always On mode, PQ always writes events to the filesystem. type: string x-speakeasy-enum-descriptions: - Error @@ -46585,7 +55455,10 @@ components: - Block - Drop new data title: Queue-full behavior - description: How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. + description: How to handle events when the queue is exerting backpressure (full + capacity or low disk). 'Block' is the same behavior as non-PQ blocking. + 'Drop new data' throws away incoming data, while leaving the contents of + the PQ unchanged. x-speakeasy-unknown-values: allow TlsOptionsHostsItems: type: string @@ -46617,7 +55490,9 @@ components: CompressionOptions: type: string title: Compression - description: Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data. + description: Controls whether the sender should send compressed data to the + server. Select 'Disabled' to reject compressed connections or 'Always' + to ignore server's configuration and send compressed data. enum: - disabled - auto @@ -46665,7 +55540,8 @@ components: DiskSpaceProtectionOptions: type: string title: Disk space protection - description: How to handle events when disk space is below the global 'Min free disk space' limit + description: How to handle events when disk space is below the global 'Min free + disk space' limit enum: - block - drop @@ -46679,23 +55555,32 @@ components: enabled: type: boolean title: Enable retry backoff - description: Apply exponential backoff with jitter when file uploads fail repeatedly. + description: Apply exponential backoff with jitter when file uploads fail + repeatedly. initialBackoffMs: type: number title: Initial backoff (ms) - description: "Initial delay before first retry attempt. Valid range: 1s-5min (1000-300000ms). Values outside this range will be clamped to the nearest valid value." + description: "Initial delay before first retry attempt. Valid range: 1s-5min + (1000-300000ms). Values outside this range will be clamped to the + nearest valid value." backoffMultiplier: type: number title: Backoff multiplier - description: "Multiplier applied to backoff delay after each retry. Valid range: 1-10. Values outside this range will be clamped to the nearest valid value." + description: "Multiplier applied to backoff delay after each retry. Valid range: + 1-10. Values outside this range will be clamped to the nearest valid + value." maxBackoffMs: type: number title: Max backoff (ms) - description: "Maximum delay between retry attempts. Valid range: 1s-10min (1000-600000ms). Values outside this range will be clamped to the nearest valid value." + description: "Maximum delay between retry attempts. Valid range: 1s-10min + (1000-600000ms). Values outside this range will be clamped to the + nearest valid value." jitterPercent: type: number title: Jitter (%) - description: "Random jitter percentage added to backoff delay to prevent thundering herd. Valid range: 0-100. Values outside this range will be clamped to the nearest valid value." + description: "Random jitter percentage added to backoff delay to prevent + thundering herd. Valid range: 0-100. Values outside this range will + be clamped to the nearest valid value." OrphanFileRecoveryType: type: object title: Orphan file recovery @@ -46703,7 +55588,8 @@ components: disabled: type: boolean title: Disabled - description: Periodically scan the staging directory for files not tracked by any Worker manifest to recover them + description: Periodically scan the staging directory for files not tracked by + any Worker manifest to recover them periodMin: type: number title: Period (minutes) @@ -46753,7 +55639,9 @@ components: x-speakeasy-enum-descriptions: - V1 - V2 - description: Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it. + description: Serialization format of data pages. Note that some reader + implementations use Data page V2's attributes to work more efficiently, + while others ignore it. x-speakeasy-unknown-values: allow KeyValueMetadataConfOutputFilesystem: type: object @@ -46853,7 +55741,8 @@ components: - json - raw title: Record data format - description: Format to use to serialize events before writing to the Event Hubs Kafka brokers + description: Format to use to serialize events before writing to the Event Hubs + Kafka brokers x-speakeasy-enum-descriptions: - JSON - Field _raw @@ -47048,7 +55937,8 @@ components: CompressionOptionsDeflateGzip: type: string title: Compression - description: Type of compression to apply to messages sent to the OpenTelemetry endpoint + description: Type of compression to apply to messages sent to the OpenTelemetry + endpoint enum: - none - deflate @@ -47061,7 +55951,8 @@ components: CompressionOptionsMessages: type: string title: Compression - description: Type of compression to apply to messages sent to the OpenTelemetry endpoint + description: Type of compression to apply to messages sent to the OpenTelemetry + endpoint enum: - none - gzip @@ -47072,7 +55963,8 @@ components: OtlpVersionOptions131: type: string title: OTLP version - description: The version of OTLP Protobuf definitions to use when structuring data to send + description: The version of OTLP Protobuf definitions to use when structuring + data to send enum: - 1.3.1 x-speakeasy-enum-descriptions: @@ -47101,16 +55993,20 @@ components: url: type: string title: Cribl Endpoint - description: URL of a Cribl Worker to send events to, such as http://localhost:10200 + description: URL of a Cribl Worker to send events to, such as + http://localhost:10200 pattern: ^https?://.* weight: type: number title: Load Weight - description: Assign a weight (>0) to each endpoint to indicate its traffic-handling capability + description: Assign a weight (>0) to each endpoint to indicate its + traffic-handling capability minimum: 0 __template_url: type: string - description: Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. + description: Binds 'url' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'url' at runtime. RequestFormatOptions: title: Request format type: string @@ -47120,7 +56016,9 @@ components: x-speakeasy-enum-descriptions: - JSON - Raw - description: When set to JSON, the event is automatically formatted with required fields before sending. When set to Raw, only the event's `_raw` value is sent. + description: When set to JSON, the event is automatically formatted with + required fields before sending. When set to Raw, only the event's `_raw` + value is sent. x-speakeasy-unknown-values: allow AuthenticationTypeOptions: type: string @@ -47154,7 +56052,9 @@ components: description: Brief description of the Route Group. index: type: integer - description: Relative position of the Route Group among all Route Groups. Routes are evaluated in ascending order according to the index value of their Route Group. + description: Relative position of the Route Group among all Route Groups. Routes + are evaluated in ascending order according to the index value of + their Route Group. name: type: string description: Name of the Route Group. @@ -47168,46 +56068,64 @@ components: type: array items: $ref: "#/components/schemas/RouteCloneConf" - description: Array of clone configurations, each with a key-value pair to set or overwrite in cloned events. Original events continue to the next Route. + description: Array of clone configurations, each with a key-value pair to set or + overwrite in cloned events. Original events continue to the next + Route. context: type: string - description: "Context for the Route: group (Worker Group or Edge Fleet) or pack." + description: "Context for the Route: group (Worker Group or Edge + Fleet) or pack." description: type: string description: Brief description of the Route. disabled: type: boolean - description: If true, disable the Route. Otherwise, false. + description: If true, disable the Route. Otherwise, + false. enableOutputExpression: type: boolean - description: If true, use the outputExpression for dynamic Destination selection. Otherwise, false. + description: If true, use the outputExpression for + dynamic Destination selection. Otherwise, false. filter: type: string description: JavaScript expression to select events for routing. groupId: type: string - description: Unique identifier for the Route Group that the Route is associated with. + description: Unique identifier for the Route Group that the Route is associated + with. name: type: string description: Name of the Route. output: type: string - description: Destination that the Route sends matching events to after the Pipeline processes the events. + description: Destination that the Route sends matching events to after the + Pipeline processes the events. outputExpression: type: string - description: JavaScript expression to evaluate for dynamic Destination selection. Evaluation occurs when the Route is constructed, not for each event. + description: JavaScript expression to evaluate for dynamic Destination + selection. Evaluation occurs when the Route is constructed, not for + each event. pipeline: type: string description: Pipeline that the Route sends matching events to. targetContext: $ref: "#/components/schemas/TargetContext" - description: "Target context for subsequent event processing after applying the Route: group (Worker Group or Edge Fleet) or pack." + description: "Target context for subsequent event processing after applying the + Route: group (Worker Group or Edge Fleet) or + pack." final: type: boolean - description: If true (default), the Route processes matched events and sends them to the specified Pipeline. Matched events do not continue to the next Route, but non-matched events do continue to the next Route. If false, the Route processes matched events and sends them to the specified Pipeline, and all events (matched and non-matched) continue to the next Route. Must be false to clone events. + description: If true (default), the Route processes matched events + and sends them to the specified Pipeline. Matched events do not + continue to the next Route, but non-matched events do continue to + the next Route. If false, the Route processes matched + events and sends them to the specified Pipeline, and all events + (matched and non-matched) continue to the next Route. Must be + false to clone events. id: type: string - description: Unique identifier for the Route. If omitted, the server generates a deterministic identifier. + description: Unique identifier for the Route. If omitted, the server generates a + deterministic identifier. required: - name - pipeline @@ -47262,6 +56180,7 @@ components: enum: - ddss - json + - netskope - parquet description: Storage format used for data persisted in the Dataset. x-speakeasy-unknown-values: allow @@ -47404,7 +56323,8 @@ components: type: array items: $ref: "#/components/schemas/GitFileRename" - description: Array of file rename operations, each containing the original path and the new path. + description: Array of file rename operations, each containing the original path + and the new path. SslTypeSystemSettingsConfApi: type: object properties: @@ -47505,7 +56425,8 @@ components: title: Timestamp format properties: type: - $ref: "#/components/schemas/TimestampTypeOptionsEventBreakerExistingOrNewNewTimestamp" + $ref: "#/components/schemas/TimestampTypeOptionsEventBreakerExistingOrNewNewTim\ + estamp" length: type: number title: Length @@ -47521,11 +56442,14 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: Reject certificates that are not authorized by a CA in the 'CA certificate path', or by another trusted CA (such as the system's CA) + description: Reject certificates that are not authorized by a CA in the 'CA + certificate path', or by another trusted CA (such as the system's + CA) servername: type: string title: Server name (SNI) - description: Server name for the SNI (Server Name Indication) TLS extension. Must be a host name, not an IP address. + description: Server name for the SNI (Server Name Indication) TLS extension. + Must be a host name, not an IP address. certificateName: type: string title: Certificate @@ -47533,34 +56457,41 @@ components: caPath: type: string title: CA certificate path - description: Path on client in which to find CA certificates to verify the server's certificate. PEM format. Can reference $ENV_VARS. + description: Path on client in which to find CA certificates to verify the + server's certificate. PEM format. Can reference $ENV_VARS. privKeyPath: type: string title: Private key path (mutual auth) - description: Path on client in which to find the private key to use. PEM format. Can reference $ENV_VARS. + description: Path on client in which to find the private key to use. PEM format. + Can reference $ENV_VARS. certPath: type: string title: Certificate path (mutual auth) - description: Path on client in which to find certificates to use. PEM format. Can reference $ENV_VARS. + description: Path on client in which to find certificates to use. PEM format. + Can reference $ENV_VARS. passphrase: type: string title: Passphrase description: Passphrase to use to decrypt private key minVersion: - $ref: "#/components/schemas/MinimumTlsVersionOptionsRedisDeploymentTypeStandaloneTlsOptions" + $ref: "#/components/schemas/MinimumTlsVersionOptionsRedisDeploymentTypeStandalo\ + neTlsOptions" maxVersion: - $ref: "#/components/schemas/MaximumTlsVersionOptionsRedisDeploymentTypeStandaloneTlsOptions" + $ref: "#/components/schemas/MaximumTlsVersionOptionsRedisDeploymentTypeStandalo\ + neTlsOptions" TlsOptionsTypeRedisDeploymentTypeCluster: type: object properties: rejectUnauthorized: type: boolean title: Validate server certs - description: Reject certs that are not authorized by a CA in the CA certificate path, or by another trusted CA (such as the system's CA) + description: Reject certs that are not authorized by a CA in the CA certificate + path, or by another trusted CA (such as the system's CA) servername: type: string title: Server name (SNI) - description: Server name for the SNI (Server Name Indication) TLS extension. Must be a host name, not an IP address. + description: Server name for the SNI (Server Name Indication) TLS extension. + Must be a host name, not an IP address. certificateName: type: string title: Certificate @@ -47568,71 +56499,107 @@ components: caPath: type: string title: CA certificate path - description: Path on client in which to find CA certificates to verify the server's certificate. PEM format. Can reference $ENV_VARS. + description: Path on client in which to find CA certificates to verify the + server's certificate. PEM format. Can reference $ENV_VARS. privKeyPath: type: string title: Private key path (mutual auth) - description: Path on client in which to find the private key to use. PEM format. Can reference $ENV_VARS. + description: Path on client in which to find the private key to use. PEM format. + Can reference $ENV_VARS. certPath: type: string title: Certificate path (mutual auth) - description: Path on client in which to find certificates to use. PEM format. Can reference $ENV_VARS. + description: Path on client in which to find certificates to use. PEM format. + Can reference $ENV_VARS. passphrase: type: string title: Passphrase description: Passphrase to use to decrypt private key minVersion: - $ref: "#/components/schemas/MinimumTlsVersionOptionsRedisDeploymentTypeStandaloneTlsOptions" + $ref: "#/components/schemas/MinimumTlsVersionOptionsRedisDeploymentTypeStandalo\ + neTlsOptions" maxVersion: - $ref: "#/components/schemas/MaximumTlsVersionOptionsRedisDeploymentTypeStandaloneTlsOptions" + $ref: "#/components/schemas/MaximumTlsVersionOptionsRedisDeploymentTypeStandalo\ + neTlsOptions" PaginationTypeRestDiscoveryDiscoverTypeHttp: type: object required: - type properties: type: - $ref: "#/components/schemas/PaginationOptionsRestDiscoveryDiscoverTypeHttpPagination" + $ref: "#/components/schemas/PaginationOptionsRestDiscoveryDiscoverTypeHttpPagin\ + ation" + maxPages: + type: number + title: Page limit + description: Maximum number of pages to retrieve for the discover task. Defaults + to 50 pages. Set to 0 to retrieve all pages. + minimum: 0 lastPageExpr: type: string title: Last-page expression - description: JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section. + description: JavaScript expression used to determine when the last page has been + reached. The values tested by this expression must be in the + Response attributes section. nextRelationAttribute: type: string title: Next page relation name - description: 'Relation name used in the link header that refers to the next page in the result set. Example: rel="next" refers to the next page of results: ; rel="next"' + description: 'Relation name used in the link header that refers to the next page + in the result set. Example: rel="next" refers to the next page of + results: ; rel="next"' curRelationAttribute: type: string title: Current page relation name - description: 'Relation name used in the link header that refers to the current result set. Example: rel="self" refers to the current page of results: ; rel="self" ' + description: 'Relation name used in the link header that refers to the current + result set. Example: rel="self" refers to the current page of + results: ; rel="self" ' offsetField: type: string title: Offset field name - description: "Query string parameter that sets the index from which to begin returning records. Example: /api/v1/query?term=cribl&limit=100&offset=0" + description: "Query string parameter that sets the index from which to begin + returning records. Example: + /api/v1/query?term=cribl&limit=100&offset=0" offset: type: number title: Starting offset - description: Offset index from which to start request. Defaults to undefined, which will start discovery from the first record. + description: Offset index from which to start request. Defaults to undefined, + which will start discovery from the first record. limitField: type: string title: Limit field name - description: "Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0" + description: "Query string parameter that sets the number of records retrieved + per request. Example: /api/v1/query?term=cribl&limit=100&offset=0" limit: type: number title: Record limit description: Maximum number of records to retrieve per request minimum: 1 + totalRecordField: + type: string + title: Total record count field name + description: Name of the attribute in the response that contains the total + number of records for the query + zeroIndexed: + type: boolean + title: Zero-based index + description: Enable to indicate that the first page in the requested data is at + index 0. Disabled by default, which indicates index 1. pageField: type: string title: Page number field name - description: "Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0" + description: "Query string parameter that sets the page index to be returned. + Example: /api/v1/query?term=cribl&page_size=100&page_number=0" page: type: number title: Starting page number - description: Page number from which to start request. Defaults to undefined, which will start discovery from the first page. + description: Page number from which to start request. Defaults to undefined, + which will start discovery from the first page. sizeField: type: string title: Page size field name - description: "Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0" + description: "Query string parameter that sets the number of records retrieved + per request. Example: + /api/v1/query?term=cribl&page_size=100&page_number=0" size: type: number title: Record limit @@ -47641,7 +56608,8 @@ components: totalPageField: type: string title: Total page count field name - description: Name of the attribute in the response that contains the total number of pages for the query + description: Name of the attribute in the response that contains the total + number of pages for the query allOf: - $ref: "#/components/schemas/RestDiscoveryDiscoverTypeHttpPaginationType" PqType: @@ -47652,37 +56620,118 @@ components: maxBufferSizeBytes: type: string title: Buffer size limit (bytes) - description: The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. + description: The maximum size to hold in memory before writing events to disk. + Enter a numeral with units of KB, MB, etc. The minimum value is 64KB + and the maximum value is 10MB. pattern: ^\d+\s*(?:\w{2})?$ maxBufferSize: type: number title: Buffer size limit (events - deprecated) - description: Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use maxBufferSizeBytes instead. + description: Maximum number of events to hold in memory before writing the + events to disk. Deprecated and only supported in workers < v4.17.0. + Use maxBufferSizeBytes instead. minimum: 42 commitFrequency: type: number title: Commit frequency - description: The number of events to send downstream before committing that Stream has read them + description: The number of events to send downstream before committing that + Stream has read them minimum: 1 maxFileSize: type: string title: File size limit - description: The maximum size to store in each queue file before closing and optionally compressing. Enter a numeral with units of KB, MB, etc. + description: The maximum size to store in each queue file before closing and + optionally compressing. Enter a numeral with units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ maxSize: type: string title: Queue size limit - description: The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. + description: The maximum disk space that the queue can consume (as an average + per Worker Process) before queueing stops. Enter a numeral with + units of KB, MB, etc. pattern: ^\d+\s*(?:\w{2})?$ path: type: string title: Queue file path - description: "The location for the persistent queue files. To this field's value, the system will append: //inputs/" + description: "The location for the persistent queue files. To this field's + value, the system will append: //inputs/" compress: $ref: "#/components/schemas/CompressionOptionsPq" pqControls: type: object title: "" + AuthType: + type: object + description: Credentials to use when authenticating with the schema registry + required: + - disabled + properties: + disabled: + type: boolean + title: Disabled + oauthEnabled: + type: boolean + title: Enable OAuth + description: Authenticate with the schema registry using OAuth instead of basic + HTTP authentication + tokenUrl: + type: string + title: Token URL + description: URL of the token endpoint to use for OAuth authentication + clientId: + type: string + title: Client ID + description: Client ID to use for OAuth authentication + oauthSecretType: + type: string + clientTextSecret: + type: string + title: Client secret (text secret) + description: Select or create a stored text secret + oauthParams: + type: array + title: Add OAuth Parameters + description: Additional fields to send to the token endpoint, such as scope or + audience + items: + $ref: "#/components/schemas/OauthParamConfInputKafka" + identityPoolId: + type: string + title: Identity pool ID + description: Confluent Cloud identity pool ID. Sent as the + `Confluent-Identity-Pool-Id` header on requests to the schema + registry. + logicalCluster: + type: string + title: Logical cluster + description: Confluent Cloud Schema Registry logical cluster ID. Sent as the + `target-sr-cluster` header on requests to the schema registry. + credentialsSecret: + type: string + title: Credentials secret + description: Select or create a secret that references your credentials + __template_tokenUrl: + type: string + description: Binds 'tokenUrl' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'tokenUrl' at runtime. + __template_clientId: + type: string + description: Binds 'clientId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'clientId' at runtime. + __template_identityPoolId: + type: string + description: Binds 'identityPoolId' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'identityPoolId' at + runtime. + __template_logicalCluster: + type: string + description: Binds 'logicalCluster' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'logicalCluster' at + runtime. TlsSettingsClientSideTypeCaPathCertPath: type: object title: TLS settings (client side) @@ -47693,11 +56742,15 @@ components: rejectUnauthorized: type: boolean title: Validate server certs - description: "Reject certificates that are not authorized by a CA in the CA certificate path, or by another \n trusted CA (such as the system's). Defaults to Enabled. Overrides the toggle from Advanced Settings, when also present." + description: >- + Reject certificates that are not authorized by a CA in the CA + certificate path, or by another + trusted CA (such as the system's). Defaults to Enabled. Overrides the toggle from Advanced Settings, when also present. servername: type: string title: Server name (SNI) - description: Server name for the SNI (Server Name Indication) TLS extension. It must be a host name, and not an IP address. + description: Server name for the SNI (Server Name Indication) TLS extension. It + must be a host name, and not an IP address. certificateName: type: string title: Certificate @@ -47705,15 +56758,18 @@ components: caPath: type: string title: CA certificate path - description: Path on client in which to find CA certificates to verify the server's cert. PEM format. Can reference $ENV_VARS. + description: Path on client in which to find CA certificates to verify the + server's cert. PEM format. Can reference $ENV_VARS. privKeyPath: type: string title: Private key path (mutual auth) - description: Path on client in which to find the private key to use. PEM format. Can reference $ENV_VARS. + description: Path on client in which to find the private key to use. PEM format. + Can reference $ENV_VARS. certPath: type: string title: Certificate path (mutual auth) - description: Path on client in which to find certificates to use. PEM format. Can reference $ENV_VARS. + description: Path on client in which to find certificates to use. PEM format. + Can reference $ENV_VARS. passphrase: type: string title: Passphrase @@ -47725,7 +56781,8 @@ components: AuthenticationType: type: object title: Authentication - description: Authentication parameters to use when connecting to brokers. Using TLS is highly recommended. + description: Authentication parameters to use when connecting to brokers. Using + TLS is highly recommended. required: - disabled properties: @@ -47779,33 +56836,49 @@ components: oauthParams: type: array title: Add OAuth Parameters - description: Additional fields to send to the token endpoint, such as scope or audience + description: Additional fields to send to the token endpoint, such as scope or + audience items: $ref: "#/components/schemas/OauthParamConfInputKafka" saslExtensions: type: array title: Add SASL Extension Fields - description: Additional SASL extension fields, such as Confluent's logicalCluster or identityPoolId + description: Additional SASL extension fields, such as Confluent's + logicalCluster or identityPoolId items: $ref: "#/components/schemas/SaslExtensionConfInputKafka" __template_mechanism: type: string - description: Binds 'mechanism' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'mechanism' at runtime. + description: Binds 'mechanism' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'mechanism' at runtime. __template_keytabLocation: type: string - description: Binds 'keytabLocation' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'keytabLocation' at runtime. + description: Binds 'keytabLocation' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'keytabLocation' at + runtime. __template_principal: type: string - description: Binds 'principal' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'principal' at runtime. + description: Binds 'principal' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'principal' at runtime. __template_brokerServiceClass: type: string - description: Binds 'brokerServiceClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokerServiceClass' at runtime. + description: Binds 'brokerServiceClass' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'brokerServiceClass' at runtime. __template_tokenUrl: type: string - description: Binds 'tokenUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenUrl' at runtime. + description: Binds 'tokenUrl' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'tokenUrl' at runtime. __template_clientId: type: string - description: Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime. + description: Binds 'clientId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'clientId' at runtime. TlsSettingsServerSideType: type: object title: TLS settings (server side) @@ -47816,15 +56889,18 @@ components: requestCert: type: boolean title: Authenticate client (mutual auth) - description: Require clients to present their certificates. Used to perform client authentication using SSL certs. + description: Require clients to present their certificates. Used to perform + client authentication using SSL certs. rejectUnauthorized: type: boolean title: Validate client certificates - description: Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's) + description: Reject certificates not authorized by a CA in the CA certificate + path or by another trusted CA (such as the system's) commonNameRegex: type: string title: Common name - description: Regex matching allowable common names in peer certificates' subject attribute + description: Regex matching allowable common names in peer certificates' subject + attribute certificateName: type: string title: Certificate @@ -47832,7 +56908,8 @@ components: privKeyPath: type: string title: Private key path - description: Path on server containing the private key to use. PEM format. Can reference $ENV_VARS. + description: Path on server containing the private key to use. PEM format. Can + reference $ENV_VARS. passphrase: type: string title: Passphrase @@ -47840,11 +56917,13 @@ components: certPath: type: string title: Certificate path - description: Path on server containing certificates to use. PEM format. Can reference $ENV_VARS. + description: Path on server containing certificates to use. PEM format. Can + reference $ENV_VARS. caPath: type: string title: CA certificate path - description: Path on server containing CA certificates to use. PEM format. Can reference $ENV_VARS. + description: Path on server containing CA certificates to use. PEM format. Can + reference $ENV_VARS. minVersion: $ref: "#/components/schemas/MinimumTlsVersionOptionsTls" maxVersion: @@ -47877,7 +56956,8 @@ components: interval: type: number title: Initial retry interval (ms) - description: Time interval between failed request and first retry (kickoff). Maximum allowed value is 20,000 ms (1/3 minute). + description: Time interval between failed request and first retry (kickoff). + Maximum allowed value is 20,000 ms (1/3 minute). minimum: 0 maximum: 20000 limit: @@ -47889,13 +56969,15 @@ components: multiplier: type: number title: Backoff multiplier - description: Base for exponential backoff, e.g., base 2 means that retries will occur after 2, then 4, then 8 seconds, and so on + description: Base for exponential backoff, e.g., base 2 means that retries will + occur after 2, then 4, then 8 seconds, and so on minimum: 1 maximum: 20 codes: type: array title: Retry HTTP codes - description: List of HTTP codes that trigger a retry. Leave empty to use the default list of 429 and 503. + description: List of HTTP codes that trigger a retry. Leave empty to use the + default list of 429 and 503. minItems: 1 items: type: number @@ -47903,11 +56985,15 @@ components: enableHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) or a timestamp after which to retry the request. The delay is limited to 20 seconds, even if the Retry-After header specifies a longer delay. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) or + a timestamp after which to retry the request. The delay is limited + to 20 seconds, even if the Retry-After header specifies a longer + delay. When disabled, all Retry-After headers are ignored. retryConnectTimeout: type: boolean title: Retry connection timeout - description: Make a single retry attempt when a connection timeout (ETIMEDOUT) error occurs + description: Make a single retry attempt when a connection timeout (ETIMEDOUT) + error occurs retryConnectReset: type: boolean title: Retry connection reset @@ -47927,12 +57013,14 @@ components: maxDataSize: type: string title: Data size limit - description: "Maximum disk space that can be consumed before older buckets are deleted. Examples: 420MB, 4GB. Default is 1GB." + description: "Maximum disk space that can be consumed before older buckets are + deleted. Examples: 420MB, 4GB. Default is 1GB." pattern: ^\d+(\.\d+)?\s*(?:[kmgKMG](b|B))?$ maxDataTime: title: Data age limit type: string - description: "Maximum amount of time to retain data before older buckets are deleted. Examples: 2h, 4d. Default is 24h." + description: "Maximum amount of time to retain data before older buckets are + deleted. Examples: 2h, 4d. Default is 24h." pattern: \d+[smhd]$ compress: $ref: "#/components/schemas/CompressionOptionsPersistence" @@ -47946,7 +57034,8 @@ components: interval: type: number title: Initial retry interval (ms) - description: Time interval between failed request and first retry (kickoff). Maximum allowed value is 20,000 ms (1/3 minute). + description: Time interval between failed request and first retry (kickoff). + Maximum allowed value is 20,000 ms (1/3 minute). minimum: 0 maximum: 20000 limit: @@ -47958,13 +57047,15 @@ components: multiplier: type: number title: Backoff multiplier - description: Base for exponential backoff, e.g., base 2 means that retries will occur after 2, then 4, then 8 seconds, and so on + description: Base for exponential backoff, e.g., base 2 means that retries will + occur after 2, then 4, then 8 seconds, and so on minimum: 1 maximum: 20 codes: type: array title: Retry HTTP codes - description: List of http codes that trigger a retry. Leave empty to use the default list of 429, 500, and 503. + description: List of http codes that trigger a retry. Leave empty to use the + default list of 429, 500, and 503. minItems: 1 items: type: number @@ -47972,11 +57063,15 @@ components: enableHeader: type: boolean title: Honor Retry-After header - description: Honor any Retry-After header that specifies a delay (in seconds) or a timestamp after which to retry the request. The delay is limited to 20 seconds, even if the Retry-After header specifies a longer delay. When disabled, all Retry-After headers are ignored. + description: Honor any Retry-After header that specifies a delay (in seconds) or + a timestamp after which to retry the request. The delay is limited + to 20 seconds, even if the Retry-After header specifies a longer + delay. When disabled, all Retry-After headers are ignored. retryConnectTimeout: type: boolean title: Retry connection timeout - description: Make a single retry attempt when a connection timeout (ETIMEDOUT) error occurs + description: Make a single retry attempt when a connection timeout (ETIMEDOUT) + error occurs retryConnectReset: type: boolean title: Retry connection reset @@ -47984,7 +57079,8 @@ components: AuthenticationTypeUse: type: object title: Authentication - description: Authentication parameters to use when connecting to brokers. Using TLS is highly recommended. + description: Authentication parameters to use when connecting to brokers. Using + TLS is highly recommended. required: - disabled properties: @@ -47996,7 +57092,8 @@ components: password: type: string title: Password - description: Connection-string primary key, or connection-string secondary key, from the Event Hubs workspace + description: Connection-string primary key, or connection-string secondary key, + from the Event Hubs workspace textSecret: type: string title: Password (text secret) @@ -48006,7 +57103,8 @@ components: username: type: string title: Username - description: The username for authentication. For Event Hubs, this should always be $ConnectionString. + description: The username for authentication. For Event Hubs, this should always + be $ConnectionString. clientSecretAuthType: $ref: "#/components/schemas/AuthenticationMethodOptionsSaslCertificateManual" clientSecret: @@ -48043,22 +57141,34 @@ components: description: Scope to pass in the OAuth request parameter __template_password: type: string - description: Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. + description: Binds 'password' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'password' at runtime. __template_mechanism: type: string - description: Binds 'mechanism' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'mechanism' at runtime. + description: Binds 'mechanism' to a variable for dynamic value resolution. Set + to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'mechanism' at runtime. __template_oauthEndpoint: type: string - description: Binds 'oauthEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'oauthEndpoint' at runtime. + description: Binds 'oauthEndpoint' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'oauthEndpoint' at runtime. __template_clientId: type: string - description: Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime. + description: Binds 'clientId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'clientId' at runtime. __template_tenantId: type: string - description: Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime. + description: Binds 'tenantId' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'tenantId' at runtime. __template_scope: type: string - description: Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime. + description: Binds 'scope' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'scope' at runtime. ProcessType: type: object properties: @@ -48100,12 +57210,17 @@ components: jobTimeout: title: Job timeout type: string - description: "Maximum time the job is allowed to run. Time unit defaults to seconds if not specified (examples: 30, 45s, 15m). Enter 0 for unlimited time." + description: "Maximum time the job is allowed to run. Time unit defaults to + seconds if not specified (examples: 30, 45s, 15m). Enter 0 for + unlimited time." pattern: \d+[sm]?$ mode: type: string title: Mode - description: Job run mode. Preview will either return up to N matching results, or will run until capture time T is reached. Discovery will gather the list of files to turn into streaming tasks, without running the data collection job. Full Run will run the collection job. + description: Job run mode. Preview will either return up to N matching results, + or will run until capture time T is reached. Discovery will gather + the list of files to turn into streaming tasks, without running the + data collection job. Full Run will run the collection job. timeRangeType: type: string title: Time range @@ -48127,22 +57242,22 @@ components: expression: type: string title: Filter - description: A filter for tokens in the provided collect path and/or the events being collected + description: A filter for tokens in the provided collect path and/or the events + being collected minTaskSize: type: string title: Lower task bundle size description: >- Limits the bundle size for small tasks. For example, - if your lower bundle size is 1MB, you can bundle up to five 200KB files into one task. pattern: ^((\d*\.?\d+)((KB|MB|GB|TB|PB|EB|ZB|YB|kb|mb|gb|tb|pb|eb|zb|yb){1}))$ maxTaskSize: type: string title: Upper task bundle size description: >- - Limits the bundle size for files above the lower task bundle size. For example, if your upper bundle size is 10MB, - + Limits the bundle size for files above the lower task bundle size. + For example, if your upper bundle size is 10MB, you can bundle up to five 2MB files into one task. Files greater than this size will be assigned to individual tasks. pattern: ^((\d*\.?\d+)((KB|MB|GB|TB|PB|EB|ZB|YB|kb|mb|gb|tb|pb|eb|zb|yb){1}))$ @@ -48157,25 +57272,31 @@ components: breakerRulesets: type: array title: Event Breaker rulesets - description: A list of event-breaking rulesets that will be applied, in order, to the input data stream + description: A list of event-breaking rulesets that will be applied, in order, + to the input data stream items: type: string staleChannelFlushMs: type: number title: Event Breaker buffer timeout (ms) - description: How long (in milliseconds) the Event Breaker will wait for new data to be sent to a specific channel before flushing the data stream out, as is, to the Pipelines + description: How long (in milliseconds) the Event Breaker will wait for new data + to be sent to a specific channel before flushing the data stream + out, as is, to the Pipelines minimum: 10 - maximum: 4.32e+07 + maximum: 43200000 sendToRoutes: type: boolean title: Send to Routes - description: Send events to normal routing and event processing. Disable to select a specific Pipeline/Destination combination. + description: Send events to normal routing and event processing. Disable to + select a specific Pipeline/Destination combination. preprocess: $ref: "#/components/schemas/PreprocessType" throttleRatePerSec: type: string title: Throttling - description: "Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling." + description: "Rate (in bytes per second) to throttle while writing to an output. + Accepts values with multiple-byte units, such as KB, MB, and GB. + (Example: 42 MB) Default value of 0 specifies no throttling." pattern: ^[\d.]+(\s[KMGTPEZYkmgtpezy][Bb])?$ metadata: type: array @@ -48205,7 +57326,8 @@ components: title: Store task results description: Determines whether or not to write task results to disk conf: - $ref: "#/components/schemas/ExecutorSpecificSettingsTypeRunnableJobExecutorExecutor" + $ref: "#/components/schemas/ExecutorSpecificSettingsTypeRunnableJobExecutorExec\ + utor" TlsSettingsClientSideTypeCaPathCertPathExtended: type: object title: TLS settings (client side) @@ -48216,7 +57338,8 @@ components: servername: type: string title: Server name (SNI) - description: Server name for the SNI (Server Name Indication) TLS extension. It must be a host name, and not an IP address. + description: Server name for the SNI (Server Name Indication) TLS extension. It + must be a host name, and not an IP address. certificateName: type: string title: Certificate @@ -48224,15 +57347,18 @@ components: caPath: type: string title: CA certificate path - description: Path on client in which to find CA certificates to verify the server's cert. PEM format. Can reference $ENV_VARS. + description: Path on client in which to find CA certificates to verify the + server's cert. PEM format. Can reference $ENV_VARS. privKeyPath: type: string title: Private key path (mutual auth) - description: Path on client in which to find the private key to use. PEM format. Can reference $ENV_VARS. + description: Path on client in which to find the private key to use. PEM format. + Can reference $ENV_VARS. certPath: type: string title: Certificate path (mutual auth) - description: Path on client in which to find certificates to use. PEM format. Can reference $ENV_VARS. + description: Path on client in which to find certificates to use. PEM format. + Can reference $ENV_VARS. passphrase: type: string title: Passphrase @@ -48261,18 +57387,66 @@ components: servername: type: string title: TLS Servername - description: Servername to use if establishing a TLS connection. If not specified, defaults to connection host (if not an IP); otherwise, uses the global TLS settings. + description: Servername to use if establishing a TLS connection. If not + specified, defaults to connection host (if not an IP); otherwise, + uses the global TLS settings. weight: type: number title: Load Weight - description: Assign a weight (>0) to each endpoint to indicate its traffic-handling capability + description: Assign a weight (>0) to each endpoint to indicate its + traffic-handling capability minimum: 0 __template_host: type: string - description: Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. + description: Binds 'host' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'host' at runtime. __template_port: type: string - description: Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime. + description: Binds 'port' to a variable for dynamic value resolution. Set to + variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'port' at runtime. + TlsSettingsClientSideTypeExtended: + type: object + title: TLS settings (client side) + properties: + disabled: + type: boolean + title: Disabled + rejectUnauthorized: + type: boolean + title: Validate server certs + description: >- + Reject certificates that are not authorized by a CA in the CA + certificate path, or by another + trusted CA (such as the system's). Defaults to Enabled. Overrides the toggle from Advanced Settings, when also present. + certificateName: + type: string + title: Certificate + description: The name of the predefined certificate + caPath: + type: string + title: CA certificate path + description: Path on client in which to find CA certificates to verify the + server's cert. PEM format. Can reference $ENV_VARS. + privKeyPath: + type: string + title: Private key path (mutual auth) + description: Path on client in which to find the private key to use. PEM format. + Can reference $ENV_VARS. + certPath: + type: string + title: Certificate path (mutual auth) + description: Path on client in which to find certificates to use. PEM format. + Can reference $ENV_VARS. + passphrase: + type: string + title: Passphrase + description: Passphrase to use to decrypt private key + minVersion: + $ref: "#/components/schemas/MinimumTlsVersionOptionsTls" + maxVersion: + $ref: "#/components/schemas/MaximumTlsVersionOptionsTls" AuthTypeTemplatemanualApiKeyAuthType: type: object required: @@ -48303,16 +57477,22 @@ components: description: Select or create a stored text secret __template_manualAPIKey: type: string - description: Binds 'manualAPIKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'manualAPIKey' at runtime. + description: Binds 'manualAPIKey' to a variable for dynamic value resolution. + Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID + (group-scoped). Variable value overrides 'manualAPIKey' at runtime. PrometheusAuthType: type: object properties: authType: - $ref: "#/components/schemas/AuthenticationTypeOptionsPrometheusAuthBasicCredentialsSecret" + $ref: "#/components/schemas/AuthenticationTypeOptionsPrometheusAuthBasicCredent\ + ialsSecret" token: type: string title: Auth token - description: "Bearer token to include in the authorization header. In Grafana Cloud, this is generally built by concatenating the username and the API key, separated by a colon. Example: :" + description: "Bearer token to include in the authorization header. In Grafana + Cloud, this is generally built by concatenating the username and the + API key, separated by a colon. Example: + :" textSecret: type: string title: Auth token (text secret) @@ -48329,41 +57509,6 @@ components: type: string title: Credentials secret description: Select or create a secret that references your credentials - TlsSettingsClientSideTypeExtended: - type: object - title: TLS settings (client side) - properties: - disabled: - type: boolean - title: Disabled - rejectUnauthorized: - type: boolean - title: Validate server certs - description: "Reject certificates that are not authorized by a CA in the CA certificate path, or by another \n trusted CA (such as the system's). Defaults to Enabled. Overrides the toggle from Advanced Settings, when also present." - certificateName: - type: string - title: Certificate - description: The name of the predefined certificate - caPath: - type: string - title: CA certificate path - description: Path on client in which to find CA certificates to verify the server's cert. PEM format. Can reference $ENV_VARS. - privKeyPath: - type: string - title: Private key path (mutual auth) - description: Path on client in which to find the private key to use. PEM format. Can reference $ENV_VARS. - certPath: - type: string - title: Certificate path (mutual auth) - description: Path on client in which to find certificates to use. PEM format. Can reference $ENV_VARS. - passphrase: - type: string - title: Passphrase - description: Passphrase to use to decrypt private key - minVersion: - $ref: "#/components/schemas/MinimumTlsVersionOptionsTls" - maxVersion: - $ref: "#/components/schemas/MaximumTlsVersionOptionsTls" KubeTypeHeartbeatMetadata: type: object properties: @@ -48459,11 +57604,14 @@ components: schemaRegistryURL: type: string title: Schema Registry URL - description: "URL for accessing the Confluent Schema Registry. Example: http://localhost:8081. To connect over TLS, use https instead of http." + description: "URL for accessing the Confluent Schema Registry. Example: + http://localhost:8081. To connect over TLS, use https instead of + http." connectionTimeout: type: number title: Connection timeout (ms) - description: Maximum time to wait for a Schema Registry connection to complete successfully + description: Maximum time to wait for a Schema Registry connection to complete + successfully minimum: 1000 maximum: 60000 requestTimeout: @@ -48475,7 +57623,8 @@ components: maxRetries: type: number title: Retry limit - description: Maximum number of times to try fetching schemas from the Schema Registry + description: Maximum number of times to try fetching schemas from the Schema + Registry minimum: 0 maximum: 100 auth: @@ -48484,7 +57633,10 @@ components: $ref: "#/components/schemas/TlsSettingsClientSideTypeCaPathCertPath" __template_schemaRegistryURL: type: string - description: Binds 'schemaRegistryURL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'schemaRegistryURL' at runtime. + description: Binds 'schemaRegistryURL' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'schemaRegistryURL' at runtime. RunSettingsTypeRunnableJobCollectionSchedule: type: object title: Run settings @@ -48503,11 +57655,14 @@ components: schemaRegistryURL: type: string title: Schema Registry URL - description: "URL for accessing the Confluent Schema Registry. Example: http://localhost:8081. To connect over TLS, use https instead of http." + description: "URL for accessing the Confluent Schema Registry. Example: + http://localhost:8081. To connect over TLS, use https instead of + http." connectionTimeout: type: number title: Connection timeout (ms) - description: Maximum time to wait for a Schema Registry connection to complete successfully + description: Maximum time to wait for a Schema Registry connection to complete + successfully minimum: 1000 maximum: 60000 requestTimeout: @@ -48519,7 +57674,8 @@ components: maxRetries: type: number title: Retry limit - description: Maximum number of times to try fetching schemas from the Schema Registry + description: Maximum number of times to try fetching schemas from the Schema + Registry minimum: 0 maximum: 100 auth: @@ -48529,14 +57685,19 @@ components: defaultKeySchemaId: type: number title: Default key schema ID - description: Used when __keySchemaIdOut is not present, to transform key values, leave blank if key transformation is not required by default. + description: Used when __keySchemaIdOut is not present, to transform key values, + leave blank if key transformation is not required by default. defaultValueSchemaId: type: number title: Default value schema ID - description: Used when __valueSchemaIdOut is not present, to transform _raw, leave blank if value transformation is not required by default. + description: Used when __valueSchemaIdOut is not present, to transform _raw, + leave blank if value transformation is not required by default. __template_schemaRegistryURL: type: string - description: Binds 'schemaRegistryURL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'schemaRegistryURL' at runtime. + description: Binds 'schemaRegistryURL' to a variable for dynamic value + resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' + prefixed ID (group-scoped). Variable value overrides + 'schemaRegistryURL' at runtime. RunSettingsTypeSavedJobResponseCollectionSchedule: type: object title: Run settings @@ -48555,11 +57716,13 @@ components: skippable: type: boolean title: Skippable - description: Skippable jobs can be delayed, up to their next run time, if the system is hitting concurrency limits + description: Skippable jobs can be delayed, up to their next run time, if the + system is hitting concurrency limits resumeMissed: type: boolean title: Resume missed runs - description: If Stream Leader (or single instance) restarts, run all missed jobs according to their original schedules + description: If Stream Leader (or single instance) restarts, run all missed jobs + according to their original schedules cronSchedule: type: string title: Cron schedule @@ -48567,7 +57730,8 @@ components: maxConcurrentRuns: type: number title: Concurrent run limit - description: The maximum number of instances of this scheduled job that may be running at any time + description: The maximum number of instances of this scheduled job that may be + running at any time minimum: 1 run: $ref: "#/components/schemas/RunSettingsTypeRunnableJobCollectionSchedule" @@ -48583,11 +57747,13 @@ components: skippable: type: boolean title: Skippable - description: Skippable jobs can be delayed, up to their next run time, if the system is hitting concurrency limits + description: Skippable jobs can be delayed, up to their next run time, if the + system is hitting concurrency limits resumeMissed: type: boolean title: Resume missed runs - description: If Stream Leader (or single instance) restarts, run all missed jobs according to their original schedules + description: If Stream Leader (or single instance) restarts, run all missed jobs + according to their original schedules cronSchedule: type: string title: Cron schedule @@ -48595,14 +57761,16 @@ components: maxConcurrentRuns: type: number title: Concurrent run limit - description: The maximum number of instances of this scheduled job that may be running at any time + description: The maximum number of instances of this scheduled job that may be + running at any time minimum: 1 run: $ref: "#/components/schemas/RunSettingsTypeSavedJobResponseCollectionSchedule" examples: DatabaseConnectionExamplesMySQLWithConnectionString: summary: MySQL with connection string - description: Create a MySQL database connection using a connection string with embedded credentials + description: Create a MySQL database connection using a connection string with + embedded credentials value: id: mysql-prod-db description: Production MySQL database for customer data @@ -48613,7 +57781,8 @@ components: tags: production,mysql,customer-data DatabaseConnectionExamplesMySQLWithSecret: summary: MySQL with secret - description: Create a MySQL database connection using a stored secret for the connection string + description: Create a MySQL database connection using a stored secret for the + connection string value: id: mysql-analytics-db description: Analytics MySQL database @@ -48652,7 +57821,8 @@ components: description: ERP SQL Server database databaseType: sqlserver authType: connectionString - connectionString: Server=sqlserver.example.com;Database=ERP;User Id=erp_admin;Password=ERP_Pass789!;Encrypt=true + connectionString: Server=sqlserver.example.com;Database=ERP;User + Id=erp_admin;Password=ERP_Pass789!;Encrypt=true connectionTimeout: 15000 requestTimeout: 30000 tags: erp,sqlserver,finance @@ -48670,7 +57840,8 @@ components: tags: crm,sqlserver,sales DatabaseConnectionExamplesSQLServerWithConfigObject: summary: SQL Server with config object - description: Create a SQL Server database connection using a configuration object for advanced settings + description: Create a SQL Server database connection using a configuration + object for advanced settings value: id: sqlserver-reporting description: Reporting SQL Server database with custom config @@ -48681,7 +57852,8 @@ components: tags: reporting,sqlserver,analytics DatabaseConnectionExamplesOracleWithConnectionString: summary: Oracle with connection string - description: Create an Oracle database connection using Easy Connect format with credentials + description: Create an Oracle database connection using Easy Connect format with + credentials value: id: oracle-erp description: Oracle ERP database @@ -48694,7 +57866,8 @@ components: tags: erp,oracle,finance DatabaseConnectionExamplesOracleWithSecret: summary: Oracle with secret - description: Create an Oracle database connection using a stored secret for the connection string + description: Create an Oracle database connection using a stored secret for the + connection string value: id: oracle-warehouse description: Oracle data warehouse @@ -48707,7 +57880,156 @@ components: tags: warehouse,oracle,reporting DatabaseConnectionExamplesOracleWithCredentialsSecrets: summary: Oracle with credentials secrets - description: Create an Oracle database connection using separate secrets for credentials and connection string + description: Create an Oracle database connection using separate secrets for + credentials and connection string + value: + id: oracle-secure-db + description: High-security Oracle database with credential secrets + databaseType: oracle + authType: secrets + credsSecrets: oracle-secure-credentials + textSecret: oracle-secure-connection + connectionTimeout: 15000 + tags: secure,oracle,sensitive-data + UpdateDatabaseConnectionExamplesMySQLWithConnectionString: + summary: Update MySQL with connection string + description: Example request body for updating a Database + Connection.

The request body must include a complete + representation of the Database Connection that you want to update. This + endpoint does not support partial updates. + value: + id: mysql-prod-db + description: Production MySQL database for customer data + databaseType: mysql + authType: connectionString + connectionString: mysql://admin:password123@mysql.example.com:3306/production?ssl=true + connectionTimeout: 10000 + tags: production,mysql,customer-data + UpdateDatabaseConnectionExamplesMySQLWithSecret: + summary: Update MySQL with secret + description: Example request body for updating a Database + Connection.

The request body must include a complete + representation of the Database Connection that you want to update. This + endpoint does not support partial updates. + value: + id: mysql-analytics-db + description: Analytics MySQL database + databaseType: mysql + authType: secret + textSecret: mysql-analytics-connection + connectionTimeout: 15000 + tags: analytics,mysql + UpdateDatabaseConnectionExamplesPostgreSQLWithConnectionString: + summary: Update PostgreSQL with connection string + description: Example request body for updating a Database + Connection.

The request body must include a complete + representation of the Database Connection that you want to update. This + endpoint does not support partial updates. + value: + id: postgres-warehouse + description: Data warehouse PostgreSQL database + databaseType: postgres + authType: connectionString + connectionString: postgresql://warehouse_user:SecurePass456@postgres.example.com:5432/warehouse?sslmode=require + connectionTimeout: 15000 + tags: warehouse,postgres,reporting + UpdateDatabaseConnectionExamplesPostgreSQLWithSecret: + summary: Update PostgreSQL with secret + description: Example request body for updating a Database + Connection.

The request body must include a complete + representation of the Database Connection that you want to update. This + endpoint does not support partial updates. + value: + id: postgres-logs + description: Logs PostgreSQL database + databaseType: postgres + authType: secret + textSecret: postgres-logs-connection + connectionTimeout: 10000 + tags: logs,postgres + UpdateDatabaseConnectionExamplesSQLServerWithConnectionString: + summary: Update SQL Server with connection string + description: Example request body for updating a Database + Connection.

The request body must include a complete + representation of the Database Connection that you want to update. This + endpoint does not support partial updates. + value: + id: sqlserver-erp + description: ERP SQL Server database + databaseType: sqlserver + authType: connectionString + connectionString: Server=sqlserver.example.com;Database=ERP;User + Id=erp_admin;Password=ERP_Pass789!;Encrypt=true + connectionTimeout: 15000 + requestTimeout: 30000 + tags: erp,sqlserver,finance + UpdateDatabaseConnectionExamplesSQLServerWithSecret: + summary: Update SQL Server with secret + description: Example request body for updating a Database + Connection.

The request body must include a complete + representation of the Database Connection that you want to update. This + endpoint does not support partial updates. + value: + id: sqlserver-crm + description: CRM SQL Server database + databaseType: sqlserver + authType: secret + textSecret: sqlserver-crm-connection + connectionTimeout: 15000 + requestTimeout: 15000 + tags: crm,sqlserver,sales + UpdateDatabaseConnectionExamplesSQLServerWithConfigObject: + summary: Update SQL Server with config object + description: Example request body for updating a Database + Connection.

The request body must include a complete + representation of the Database Connection that you want to update. This + endpoint does not support partial updates. + value: + id: sqlserver-reporting + description: Reporting SQL Server database with custom config + databaseType: sqlserver + authType: configObj + configObj: '{"server":"sqlserver.example.com","database":"Reporting","user":"report_user","password":"Report_Pass123!","options":{"encrypt":true,"trustServerCertificate":false,"connectTimeout":20000}}' + requestTimeout: 60000 + tags: reporting,sqlserver,analytics + UpdateDatabaseConnectionExamplesOracleWithConnectionString: + summary: Update Oracle with connection string + description: Example request body for updating a Database + Connection.

The request body must include a complete + representation of the Database Connection that you want to update. This + endpoint does not support partial updates. + value: + id: oracle-erp + description: Oracle ERP database + databaseType: oracle + authType: connectionString + connectionString: oracle.example.com:1521/ORCL + user: erp_user + password: Oracle_Pass456! + connectionTimeout: 15000 + tags: erp,oracle,finance + UpdateDatabaseConnectionExamplesOracleWithSecret: + summary: Update Oracle with secret + description: Example request body for updating a Database + Connection.

The request body must include a complete + representation of the Database Connection that you want to update. This + endpoint does not support partial updates. + value: + id: oracle-warehouse + description: Oracle data warehouse + databaseType: oracle + authType: secret + textSecret: oracle-warehouse-connection + user: warehouse_user + password: Warehouse_Pass789! + connectionTimeout: 20000 + tags: warehouse,oracle,reporting + UpdateDatabaseConnectionExamplesOracleWithCredentialsSecrets: + summary: Update Oracle with credentials secrets + description: Example request body for updating a Database + Connection.

The request body must include a complete + representation of the Database Connection that you want to update. This + endpoint does not support partial updates. value: id: oracle-secure-db description: High-security Oracle database with credential secrets @@ -48719,7 +58041,8 @@ components: tags: secure,oracle,sensitive-data HecTokenExamplesHecToken: summary: Basic HEC token - description: Example request body for adding an HEC token with metadata to a Splunk HEC Source. + description: Example request body for adding an HEC token with metadata to a + Splunk HEC Source. value: enabled: true metadata: @@ -48728,7 +58051,8 @@ components: token: "12345678901" HecTokenExamplesHecTokenWithIndexAccess: summary: HEC token with allowed indexes - description: Example request body for adding an HEC token with index-level access control. + description: Example request body for adding an HEC token with index-level + access control. value: enabled: true allowedIndexesAtToken: @@ -48749,7 +58073,8 @@ components: latest: now jobTimeout: "300" stateTracking: true - stateUpdateExpression: "__timestampExtracted !== false && {latestTime: (state.latestTime || 0) > _time ? state.latestTime : _time}" + stateUpdateExpression: "__timestampExtracted !== false && {latestTime: + (state.latestTime || 0) > _time ? state.latestTime : _time}" stateMergeExpression: "prevState.latestTime > newState.latestTime ? prevState : newState" sendToRoutes: true pqEnabled: false @@ -49403,508 +58728,1426 @@ components: hecAPI: /services/collector sendToRoutes: true pqEnabled: false - InputExamplesCribl: + UpdateInputExamplesAnthropicCompliance: + summary: Anthropic Compliance + value: + id: anthropic-compliance-source + type: anthropic_compliance + textSecret: anthropic-api-key-secret + contentConfig: + - contentType: activities + contentDescription: Compliance Activities + enabled: true + cronSchedule: "*/5 * * * *" + earliest: -7d@d + latest: now + jobTimeout: "300" + stateTracking: true + stateUpdateExpression: "__timestampExtracted !== false && {latestTime: + (state.latestTime || 0) > _time ? state.latestTime : _time}" + stateMergeExpression: "prevState.latestTime > newState.latestTime ? prevState : newState" + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Anthropic Compliance + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesAppleUnifiedLogs: + summary: Apple Unified Logs + value: + id: apple-unified-logs-source + type: apple_unified_logs + predicate: subsystem == "com.apple.security" + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Apple Unified Logs + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesAppscope: + summary: AppScope + value: + id: appscope-source + type: appscope + host: 0.0.0.0 + port: 9109 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a AppScope Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesAzureBlob: + summary: Azure Blob + value: + id: azure-blob-source + type: azure_blob + queueName: azure-blob-queue + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Azure Blob Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesCloudflareHec: + summary: Cloudflare HEC + value: + id: cloudflare-hec-source + type: cloudflare_hec + host: 0.0.0.0 + port: 8088 + hecAPI: /services/collector + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Cloudflare HEC + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesConfluentCloud: + summary: Confluent Cloud + value: + id: confluent-cloud-source + type: confluent_cloud + brokers: + - pkc-xxxxx.us-east-1.aws.confluent.cloud:9092 + topics: + - logs + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Confluent Cloud + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesCollection: + summary: Collection + value: + id: collection-source + type: collection + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Collection Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesCribl: summary: Cribl Internal value: id: cribl-source type: cribl sendToRoutes: true pqEnabled: false - InputExamplesCriblMetrics: + description: Example request body for updating a Cribl Internal + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesCriblHttp: + summary: Cribl HTTP + value: + id: cribl-http-source + type: cribl_http + host: 0.0.0.0 + port: 10080 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Cribl HTTP Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesCriblLakeHttp: + summary: Cribl Lake HTTP + value: + id: cribl-lake-http-source + type: cribl_lake_http + host: 0.0.0.0 + port: 10080 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Cribl Lake HTTP + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesCriblMetrics: summary: Cribl Metrics value: id: cribl-metrics-source type: criblmetrics sendToRoutes: true pqEnabled: false - OutputCreateExamplesTcpjson: - summary: TCP JSON + description: Example request body for updating a Cribl Metrics + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesCriblTcp: + summary: Cribl TCP value: - id: tcpjson-output - type: tcpjson - host: localhost + id: cribl-tcp-source + type: cribl_tcp + host: 0.0.0.0 port: 10090 - OutputCreateExamplesSplunk: - summary: Splunk - value: - id: splunk-output - type: splunk - host: localhost - port: 9997 - OutputCreateExamplesSplunkLb: - summary: Splunk Load Balanced - value: - id: splunk-lb-output - type: splunk_lb - hosts: - - host: localhost - port: 9997 - OutputCreateExamplesSplunkHec: - summary: Splunk HEC + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Cribl TCP Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesCrowdstrike: + summary: CrowdStrike FDR value: - id: splunk-hec-output - type: splunk_hec - host: localhost - port: 8088 - hecToken: your-hec-token - OutputCreateExamplesSyslog: - summary: Syslog + id: crowdstrike-source + type: crowdstrike + queueName: crowdstrike-queue + region: us-east-1 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a CrowdStrike FDR + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesDatadogAgent: + summary: Datadog Agent value: - id: syslog-output - type: syslog - host: localhost - port: 514 - OutputCreateExamplesFilesystem: - summary: Filesystem + id: datadog-agent-source + type: datadog_agent + host: 0.0.0.0 + port: 8126 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Datadog Agent + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesDatagen: + summary: Datagen value: - id: filesystem-output - type: filesystem - destPath: /var/log/output - OutputCreateExamplesS3: - summary: S3 + id: datagen-source + type: datagen + samples: + - sample: sample.json + eventsPerSec: 10 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Datagen Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesEdgePrometheus: + summary: Edge Prometheus value: - id: s3-output - type: s3 - bucket: my-bucket - region: us-east-1 - stagePath: /tmp/staging - OutputCreateExamplesNutanixObjects: - summary: Nutanix Objects + id: edge-prometheus-source + type: edge_prometheus + interval: 60 + discoveryType: static + targets: + - host: localhost + scrapeProtocol: http + scrapePort: 9090 + scrapePath: /metrics + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Edge Prometheus + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesElastic: + summary: Elasticsearch value: - id: nutanix-objects-output - type: nutanix_objects - bucket: my-bucket - endpoint: https://nutanix-objects.example.com - stagePath: /tmp/staging - OutputCreateExamplesStorjS3: - summary: Storj + id: elastic-source + type: elastic + host: localhost + port: 9200 + elasticAPI: / + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Elasticsearch + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesEventhub: + summary: Event Hubs value: - id: storj-s3-output - type: storj_s3 - bucket: my-bucket - endpoint: https://gateway.storjshare.io - stagePath: /tmp/staging - OutputCreateExamplesAlphasocS3: - summary: AlphaSOC + id: eventhub-source + type: eventhub + brokers: + - myeventhub.servicebus.windows.net:9093 + topics: + - logs + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Event Hubs Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesEventhubAmqp: + summary: Event Hubs AMQP value: - id: alphasoc-s3-output - type: alphasoc_s3 - bucket: events - endpoint: https://s3.alphasoc.net - stagePath: /tmp/staging - OutputCreateExamplesdellS3: - summary: Dell PowerScale OneFS + id: eventhub-amqp-source + type: eventhub_amqp + eventHubName: my-event-hub + consumerGroup: $Default + checkpointing: + blobStore: + containerName: my-container + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Event Hubs AMQP + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesExec: + summary: Exec value: - id: dell-s3-output - type: dell_s3 - bucket: my-bucket - endpoint: https://powerscale.example.com:9021 - stagePath: /tmp/staging - OutputCreateExamplescloudianS3: - summary: Cloudian + id: exec-source + type: exec + command: echo "Hello World" + interval: 60 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Exec Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesFile: + summary: File Monitor value: - id: cloudian-s3-output - type: cloudian_s3 - bucket: my-bucket - endpoint: https://s3.hyperstore.example.com - stagePath: /tmp/staging - OutputCreateExamplesscalityS3: - summary: Scality + id: file-source + type: file + mode: manual + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a File Monitor + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesFirehose: + summary: Firehose value: - id: scality-s3-output - type: scality_s3 - bucket: my-bucket - endpoint: https://s3.scality.example.com - stagePath: /tmp/staging - OutputCreateExamplesalibabaCloudS3: - summary: Alibaba OSS + id: firehose-source + type: firehose + host: 0.0.0.0 + port: 10080 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Firehose Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesGrafana: + summary: Grafana value: - id: alibaba-oss-output - type: alibaba_cloud_s3 - bucket: my-bucket - endpoint: https://s3.oss-cn-hangzhou.aliyuncs.com - stagePath: /tmp/staging - OutputCreateExamplesAzureBlob: - summary: Azure Blob + id: grafana-source + type: grafana + host: 0.0.0.0 + port: 10080 + prometheusAPI: /api/prom/push + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Grafana Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesGooglePubsub: + summary: Google Pub/Sub value: - id: azure-blob-output - type: azure_blob - containerName: my-container - stagePath: /tmp/staging - OutputCreateExamplesAzureDataExplorer: - summary: Azure Data Explorer + id: google-pubsub-source + type: google_pubsub + subscriptionName: my-subscription + topicName: my-topic + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Google Pub/Sub + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesHttp: + summary: HTTP value: - id: azure-data-explorer-output - type: azure_data_explorer - clusterUrl: https://mycluster.kusto.windows.net - database: mydatabase - table: mytable - oauthEndpoint: https://login.microsoftonline.com - tenantId: tenant-id - clientId: client-id - scope: https://mycluster.kusto.windows.net/.default - oauthType: clientSecret - clientSecret: client-secret - ingestMode: streaming - format: json - compress: gzip - OutputCreateExamplesSentinel: - summary: Azure Sentinel + id: http-source + type: http + host: 0.0.0.0 + port: 10080 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a HTTP Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesHttpRaw: + summary: HTTP Raw value: - id: sentinel-output - type: sentinel - endpointURLConfiguration: url - url: https://your-workspace.ingest.monitor.azure.com - loginUrl: https://login.microsoftonline.com - secret: client-secret - client_id: client-id - OutputCreateExamplesAzureLogs: - summary: Azure Logs + id: http-raw-source + type: http_raw + host: 0.0.0.0 + port: 10080 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a HTTP Raw Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesJournalFiles: + summary: Journal Files value: - id: azure-logs-output - type: azure_logs - workspaceId: workspace-id - workspaceKey: workspace-key - logType: Cribl - authType: manual - OutputCreateExamplesKafka: + id: journal-files-source + type: journal_files + path: /var/log/journal + journals: + - system + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Journal Files + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesKafka: summary: Kafka value: - id: kafka-output + id: kafka-source type: kafka brokers: - localhost:9092 - topic: logs - OutputCreateExamplesConfluentCloud: - summary: Confluent Cloud - value: - id: confluent-cloud-output - type: confluent_cloud - brokers: - - pkc-xxxxx.us-east-1.aws.confluent.cloud:9092 - topic: logs - OutputCreateExamplesMsk: - summary: MSK - value: - id: msk-output - type: msk - brokers: - - b-1.example.xxxxx.c2.kafka.us-east-1.amazonaws.com:9092 - topic: logs - region: us-east-1 - awsAuthenticationMethod: auto - OutputCreateExamplesKinesis: + topics: + - logs + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Kafka Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesKinesis: summary: Kinesis value: - id: kinesis-output + id: kinesis-source type: kinesis streamName: my-stream region: us-east-1 - OutputCreateExamplesElastic: - summary: Elasticsearch + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Kinesis Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesKubeEvents: + summary: Kubernetes Events value: - id: elastic-output - type: elastic - host: localhost - port: 9200 - index: logs - OutputCreateExamplesElasticCloud: - summary: Elastic Cloud + id: kube-events-source + type: kube_events + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Kubernetes Events + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesKubeLogs: + summary: Kubernetes Logs value: - id: elastic-cloud-output - type: elastic_cloud - url: my-cloud-id - index: logs - OutputCreateExamplesMicrosoftFabric: - summary: Microsoft Fabric + id: kube-logs-source + type: kube_logs + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Kubernetes Logs + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesKubeMetrics: + summary: Kubernetes Metrics value: - id: microsoft-fabric-output - type: microsoft_fabric - bootstrap_server: myeventstream.servicebus.windows.net:9093 - topic: logs - OutputCreateExamplesCloudflareR2: - summary: Cloudflare R2 + id: kube-metrics-source + type: kube_metrics + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Kubernetes Metrics + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesLoki: + summary: Loki value: - id: cloudflare-r2-output - type: cloudflare_r2 - bucket: my-bucket - endpoint: https://account-id.r2.cloudflarestorage.com - stagePath: /tmp/staging - OutputCreateExamplesHoneycomb: - summary: Honeycomb + id: loki-source + type: loki + host: 0.0.0.0 + port: 10080 + lokiAPI: /loki/api/v1/push + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Loki Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesMetrics: + summary: Metrics value: - id: honeycomb-output - type: honeycomb - apiKey: your-api-key - dataset: my-dataset - OutputCreateExamplesNewrelic: - summary: New Relic + id: metrics-source + type: metrics + host: 0.0.0.0 + udpPort: 8125 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Metrics Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesModelDrivenTelemetry: + summary: Model Driven Telemetry value: - id: newrelic-output - type: newrelic - apiKey: your-api-key - baseUrl: https://insights-collector.newrelic.com - OutputCreateExamplesNewrelicEvents: - summary: New Relic Events + id: mdt-source + type: model_driven_telemetry + host: 0.0.0.0 + port: 57000 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Model Driven Telemetry + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesMsk: + summary: MSK value: - id: newrelic-events-output - type: newrelic_events - accountId: "123456" - eventType: CriblEvent - apiKey: your-api-key - baseUrl: https://insights-collector.newrelic.com - OutputCreateExamplesSnmp: - summary: SNMP + id: msk-source + type: msk + brokers: + - b-1.example.xxxxx.c2.kafka.us-east-1.amazonaws.com:9092 + topics: + - logs + region: us-east-1 + awsAuthenticationMethod: auto + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a MSK Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesNetflow: + summary: Netflow value: - id: snmp-output - type: snmp - hosts: - - host: 192.168.1.1 - port: 161 - OutputCreateExamplesInfluxdb: - summary: InfluxDB + id: netflow-source + type: netflow + host: 0.0.0.0 + port: 2055 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Netflow Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesOffice365Mgmt: + summary: Microsoft 365 Management Activity value: - id: influxdb-output - type: influxdb - url: http://localhost:8086 - database: mydb - OutputCreateExamplesMinio: - summary: MinIO + id: office365-mgmt-source + type: office365_mgmt + tenantId: tenant-id + appId: app-id + planType: enterprise_gcc + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Microsoft 365 Management + Activity Source.

The request body must include a complete + representation of the Source that you want to update. This endpoint does + not support partial updates. + UpdateInputExamplesMicrosoftGraph: + summary: Microsoft Graph value: - id: minio-output - type: minio - bucket: my-bucket - stagePath: /tmp/staging - endpoint: http://localhost:9000 - OutputCreateExamplesCloudwatch: - summary: CloudWatch + id: microsoft-graph-source + type: microsoft_graph + url: https://graph.microsoft.com/v1.0/admin/exchange/tracing/messageTraces + interval: 15 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Microsoft Graph + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesOffice365MsgTrace: + summary: Microsoft 365 Message Trace value: - id: cloudwatch-output - type: cloudwatch - logGroupName: my-log-group - logStreamName: my-log-stream - region: us-east-1 - OutputCreateExamplesAzureEventhub: - summary: Azure Event Hub + id: office365-msg-trace-source + type: office365_msg_trace + url: https://reports.office365.com/ecp/reportingwebservice/reporting.svc/MessageTrace + interval: 15 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Microsoft 365 Message Trace + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesOffice365Service: + summary: Microsoft 365 Services value: - id: azure-eventhub-output - type: azure_eventhub - brokers: - - myeventhub.servicebus.windows.net:9093 - topic: logs - OutputCreateExamplesStatsd: - summary: StatsD + id: office365-service-source + type: office365_service + tenantId: tenant-id + appId: app-id + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Microsoft 365 Services + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesOkta: + summary: Okta value: - id: statsd-output - type: statsd - protocol: udp - host: localhost - port: 8125 - OutputCreateExamplesStatsdExt: - summary: StatsD Extended + id: okta-source + type: okta + textSecret: okta-api-token-secret + oktaDomain: your-org + cronSchedule: "*/5 * * * *" + earliest: -7d@d + latest: now + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Okta Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesOpenAI: + summary: OpenAI value: - id: statsd-ext-output - type: statsd_ext - protocol: udp - host: localhost - port: 8125 - OutputCreateExamplesGraphite: - summary: Graphite + id: openai-source + type: openai + textSecret: openai-api-key-secret + contentConfig: + - contentType: Audit Logs + contentDescription: Get organization audit logs. + collectPath: /v1/organization/audit_logs + requestParams: + - name: effective_at[gt] + value: "`${Math.round(Date.now()/1000 - 3600)}`" + - name: limit + value: "100" + paginationType: response_body + paginationAttribute: + - last_id + paginationLastPageExpr: has_more === false + cronSchedule: 0 * * * * + earliest: -1h + latest: now + disabled: false + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a OpenAI Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesOpenAIComplianceLogs: + summary: OpenAI Compliance Logs value: - id: graphite-output - type: graphite - protocol: tcp - host: localhost - port: 2003 - OutputCreateExamplesWavefront: - summary: Wavefront + id: openai-compliance-logs-source + type: openai_compliance_logs + textSecret: openai-api-key-secret + accountType: workspace + workspaceId: aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee + workspaceEventTypes: + - AUDIT_LOG + - AUTH_LOG + cronSchedule: "*/15 * * * *" + earliest: -1h + latest: now + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a OpenAI Compliance Logs + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesOpenTelemetry: + summary: OpenTelemetry value: - id: wavefront-output - type: wavefront - domain: longboard - endpoint: https://your-instance.wavefront.com - token: your-token - OutputCreateExamplesSignalfx: - summary: SignalFx + id: otel-source + type: open_telemetry + host: 0.0.0.0 + port: 4317 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a OpenTelemetry + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesPrometheus: + summary: Prometheus Scraper value: - id: signalfx-output - type: signalfx - realm: us0 - endpoint: https://ingest.signalfx.com - token: your-token - OutputCreateExamplesSqs: + id: prometheus-source + type: prometheus + interval: 60 + logLevel: info + discoveryType: static + targetList: + - http://localhost:9090/metrics + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Prometheus Scraper + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesPrometheusRw: + summary: Prometheus Remote Write + value: + id: prometheus-rw-source + type: prometheus_rw + host: 0.0.0.0 + port: 10080 + prometheusAPI: /write + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Prometheus Remote Write + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesRawUdp: + summary: Raw UDP + value: + id: raw-udp-source + type: raw_udp + host: 0.0.0.0 + port: 514 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Raw UDP Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesS3: + summary: S3 + value: + id: s3-source + type: s3 + queueName: s3-notifications-queue + region: us-east-1 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a S3 Source.

The request + body must include a complete representation of the Source that you want + to update. This endpoint does not support partial updates. + UpdateInputExamplesS3Inventory: + summary: S3 Inventory + value: + id: s3-inventory-source + type: s3_inventory + queueName: s3-inventory-queue + region: us-east-1 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a S3 Inventory + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesSecurityLake: + summary: Security Lake + value: + id: security-lake-source + type: security_lake + queueName: security-lake-queue + region: us-east-1 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Security Lake + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesServiceNowTable: + summary: ServiceNow Table API + value: + id: servicenow-table-source + type: servicenow_table + instance: https://example.service-now.com + tableName: incident + fields: + - sys_id + - number + - short_description + pageSize: 10000 + cronSchedule: 0 * * * * + earliest: -1d + latest: now + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a ServiceNow Table API + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesSnmp: + summary: SNMP + value: + id: snmp-source + type: snmp + host: 192.168.1.1 + port: 161 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a SNMP Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesSplunk: + summary: Splunk TCP + value: + id: splunk-source + type: splunk + host: 0.0.0.0 + port: 9997 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Splunk TCP Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesSplunkHec: + summary: Splunk HEC + value: + id: splunk-hec-source + type: splunk_hec + host: 0.0.0.0 + port: 8088 + splunkHecAPI: /services/collector + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Splunk HEC Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesSplunkSearch: + summary: Splunk Search + value: + id: splunk-search-source + type: splunk_search + authType: basic + searchHead: https://localhost:8089 + search: index=main + cronSchedule: "*/15 * * * *" + endpoint: /services/search/v2/jobs/export + outputMode: json + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Splunk Search + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesSqs: summary: SQS value: - id: sqs-output + id: sqs-source type: sqs queueName: my-queue queueType: standard region: us-east-1 - OutputCreateExamplesGoogleCloudStorage: - summary: Google Cloud Storage + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a SQS Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesSyslog: + summary: Syslog value: - id: google-cloud-storage-output - type: google_cloud_storage - bucket: my-bucket - endpoint: https://storage.googleapis.com - region: us-east1 - stagePath: /tmp/staging - projectId: my-project - OutputCreateExamplesSumoLogic: - summary: Sumo Logic + id: syslog-source + type: syslog + host: 0.0.0.0 + udpPort: 514 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Syslog Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesSystemMetrics: + summary: System Metrics value: - id: sumo-logic-output - type: sumo_logic - url: https://endpoint1.collection.us2.sumologic.com - sourceCategory: logs - OutputCreateExamplesDatadog: - summary: Datadog + id: system-metrics-source + type: system_metrics + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a System Metrics + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesSystemState: + summary: System State value: - id: datadog-output - type: datadog - endpoint: https://http-intake.logs.datadoghq.com - apiKey: your-api-key - OutputCreateExamplesWebhook: - summary: Webhook + id: system-state-source + type: system_state + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a System State + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesTcp: + summary: TCP value: - id: webhook-output - type: webhook - url: https://example.com/webhook - OutputCreateExamplesPrometheus: - summary: Prometheus + id: tcp-source + type: tcp + host: 0.0.0.0 + port: 10090 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a TCP Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesTcpjson: + summary: TCP JSON value: - id: prometheus-output - type: prometheus - url: http://localhost:9091/api/v1/write - OutputCreateExamplesGooglePubsub: - summary: Google Pub/Sub + id: tcpjson-source + type: tcpjson + host: 0.0.0.0 + port: 10090 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a TCP JSON Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesWef: + summary: Windows Event Forwarder value: - id: google-pubsub-output - type: google_pubsub - projectId: my-project - topicName: my-topic - OutputCreateExamplesGoogleChronicle: - summary: Google Chronicle + id: wef-source + type: wef + host: 0.0.0.0 + port: 5985 + privKeyPath: /path/to/private.key + certPath: /path/to/certificate.crt + caPath: /path/to/ca.crt + subscriptions: + - subscriptionName: subscription-1 + contentFormat: RenderedText + heartbeatInterval: 60 + batchTimeout: 5 + targets: [] + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Windows Event Forwarder + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesWinEventLogs: + summary: Windows Event Logs value: - id: google-chronicle-output - type: google_chronicle - logFormatType: unstructured - region: us - customerId: customer-id - OutputCreateExamplesChronicle: - summary: Chronicle + id: win-event-logs-source + type: win_event_logs + logNames: + - Application + - System + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Windows Event Logs + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesWindowsMetrics: + summary: Windows Metrics value: - id: chronicle-output - type: chronicle - gcpProjectId: my-project - gcpInstance: customer-id - region: us - logType: UNKNOWN - OutputCreateExamplesGrafanaCloud: - summary: Grafana Cloud + id: windows-metrics-source + type: windows_metrics + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Windows Metrics + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesWiz: + summary: Wiz API value: - id: grafana-cloud-output - type: grafana_cloud - lokiUrl: https://logs-prod-us-central1.grafana.net - OutputCreateExamplesLoki: - summary: Loki + id: wiz-source + type: wiz + endpoint: https://api.wiz.io + authUrl: https://auth.wiz.io/oauth/token + clientId: client-id + contentConfig: [] + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Wiz API Source.

The + request body must include a complete representation of the Source that + you want to update. This endpoint does not support partial updates. + UpdateInputExamplesWizWebhook: + summary: Wiz Webhook value: - id: loki-output - type: loki - url: http://localhost:3100/loki/api/v1/push - OutputCreateExamplesOpenTelemetry: - summary: OpenTelemetry + id: wiz-webhook-source + type: wiz_webhook + host: 0.0.0.0 + port: 10080 + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Wiz Webhook + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + UpdateInputExamplesZscalerHec: + summary: Zscaler Cloud NSS value: - id: opentelemetry-output - type: open_telemetry - endpoint: http://localhost:4317 - OutputCreateExamplesServiceNow: - summary: ServiceNow + id: zscaler-hec-source + type: zscaler_hec + host: 0.0.0.0 + port: 8088 + hecAPI: /services/collector + sendToRoutes: true + pqEnabled: false + description: Example request body for updating a Zscaler Cloud NSS + Source.

The request body must include a complete representation + of the Source that you want to update. This endpoint does not support + partial updates. + OutputCreateExamplesTcpjson: + summary: TCP JSON value: - id: servicenow-output - type: service_now - endpoint: ingest.lightstep.com:443 - protocol: http - otlpVersion: 1.3.1 - tokenSecret: your-token-secret - OutputCreateExamplesDynatraceOtlp: - summary: Dynatrace OTLP + id: tcpjson-output + type: tcpjson + host: localhost + port: 10090 + OutputCreateExamplesSplunk: + summary: Splunk value: - id: dynatrace-otlp-output - type: dynatrace_otlp - endpoint: https://your-environment.live.dynatrace.com/api/v2/otlp - endpointType: saas - protocol: http - otlpVersion: 1.3.1 - tokenSecret: your-token-secret - OutputCreateExamplesSentinelOneAiSiem: - summary: SentinelOne AI SIEM + id: splunk-output + type: splunk + host: localhost + port: 9997 + OutputCreateExamplesSplunkLb: + summary: Splunk Load Balanced value: - id: sentinel-one-ai-siem-output - type: sentinel_one_ai_siem - region: US - endpoint: /services/collector/event - OutputCreateExamplesDataset: - summary: Dataset + id: splunk-lb-output + type: splunk_lb + hosts: + - host: localhost + port: 9997 + OutputCreateExamplesSplunkHec: + summary: Splunk HEC value: - id: dataset-output - type: dataset - dataset: my-dataset - OutputCreateExamplesRing: - summary: Ring Buffer + id: splunk-hec-output + type: splunk_hec + host: localhost + port: 8088 + hecToken: your-hec-token + OutputCreateExamplesSyslog: + summary: Syslog value: - id: ring-output - type: ring - OutputCreateExamplesRouter: - summary: Output Router + id: syslog-output + type: syslog + host: localhost + port: 514 + OutputCreateExamplesFilesystem: + summary: Filesystem value: - id: router-output - type: router - rules: - - filter: "true" - output: my-output - OutputCreateExamplesWizHec: - summary: Wiz Defend + id: filesystem-output + type: filesystem + destPath: /var/log/output + OutputCreateExamplesS3: + summary: S3 value: - id: wiz-hec-output - type: wiz_hec - data_center: us1 - wiz_sourcetype: placeholder - wiz_connector_id: 00000000-0000-0000-0000-000000000000 - wiz_environment: test - authType: manual - hecToken: your-hec-token - OutputCreateExamplesHumioHec: - summary: Humio HEC + id: s3-output + type: s3 + bucket: my-bucket + region: us-east-1 + stagePath: /tmp/staging + OutputCreateExamplesNutanixObjects: + summary: Nutanix Objects value: - id: humio-hec-output - type: humio_hec - url: https://cloud.us.humio.com/api/v1/ingest/hec - format: JSON - authType: manual - token: your-token - OutputCreateExamplesCrowdstrikeNextGenSiem: - summary: CrowdStrike Next Gen SIEM + id: nutanix-objects-output + type: nutanix_objects + bucket: my-bucket + endpoint: https://nutanix-objects.example.com + stagePath: /tmp/staging + OutputCreateExamplesStorjS3: + summary: Storj value: - id: crowdstrike-next-gen-siem-output - type: crowdstrike_next_gen_siem - url: https://ingest.us.crowdstrike.com/api/ingest/hec/connection-id/v1/services/collector - format: JSON - authType: manual - token: your-token - OutputCreateExamplesCriblHttp: - summary: Cribl HTTP + id: storj-s3-output + type: storj_s3 + bucket: my-bucket + endpoint: https://gateway.storjshare.io + stagePath: /tmp/staging + OutputCreateExamplesAlphasocS3: + summary: AlphaSOC value: - id: cribl-http-output - type: cribl_http - host: localhost - port: 10080 - OutputCreateExamplesCriblTcp: - summary: Cribl TCP + id: alphasoc-s3-output + type: alphasoc_s3 + bucket: events + endpoint: https://s3.alphasoc.net + stagePath: /tmp/staging + OutputCreateExamplesdellS3: + summary: Dell PowerScale OneFS value: - id: cribl-tcp-output - type: cribl_tcp - host: localhost + id: dell-s3-output + type: dell_s3 + bucket: my-bucket + endpoint: https://powerscale.example.com:9021 + stagePath: /tmp/staging + OutputCreateExamplescloudianS3: + summary: Cloudian + value: + id: cloudian-s3-output + type: cloudian_s3 + bucket: my-bucket + endpoint: https://s3.hyperstore.example.com + stagePath: /tmp/staging + OutputCreateExamplesscalityS3: + summary: Scality + value: + id: scality-s3-output + type: scality_s3 + bucket: my-bucket + endpoint: https://s3.scality.example.com + stagePath: /tmp/staging + OutputCreateExamplesalibabaCloudS3: + summary: Alibaba OSS + value: + id: alibaba-oss-output + type: alibaba_cloud_s3 + bucket: my-bucket + endpoint: https://s3.oss-cn-hangzhou.aliyuncs.com + stagePath: /tmp/staging + OutputCreateExamplesAzureBlob: + summary: Azure Blob + value: + id: azure-blob-output + type: azure_blob + containerName: my-container + stagePath: /tmp/staging + OutputCreateExamplesAzureDataExplorer: + summary: Azure Data Explorer + value: + id: azure-data-explorer-output + type: azure_data_explorer + clusterUrl: https://mycluster.kusto.windows.net + database: mydatabase + table: mytable + oauthEndpoint: https://login.microsoftonline.com + tenantId: tenant-id + clientId: client-id + scope: https://mycluster.kusto.windows.net/.default + oauthType: clientSecret + clientSecret: client-secret + ingestMode: streaming + format: json + compress: gzip + OutputCreateExamplesSentinel: + summary: Azure Sentinel + value: + id: sentinel-output + type: sentinel + endpointURLConfiguration: url + url: https://your-workspace.ingest.monitor.azure.com + loginUrl: https://login.microsoftonline.com + secret: client-secret + client_id: client-id + OutputCreateExamplesAzureLogs: + summary: Azure Logs + value: + id: azure-logs-output + type: azure_logs + workspaceId: workspace-id + workspaceKey: workspace-key + logType: Cribl + authType: manual + OutputCreateExamplesKafka: + summary: Kafka + value: + id: kafka-output + type: kafka + brokers: + - localhost:9092 + topic: logs + OutputCreateExamplesConfluentCloud: + summary: Confluent Cloud + value: + id: confluent-cloud-output + type: confluent_cloud + brokers: + - pkc-xxxxx.us-east-1.aws.confluent.cloud:9092 + topic: logs + OutputCreateExamplesMsk: + summary: MSK + value: + id: msk-output + type: msk + brokers: + - b-1.example.xxxxx.c2.kafka.us-east-1.amazonaws.com:9092 + topic: logs + region: us-east-1 + awsAuthenticationMethod: auto + OutputCreateExamplesKinesis: + summary: Kinesis + value: + id: kinesis-output + type: kinesis + streamName: my-stream + region: us-east-1 + OutputCreateExamplesElastic: + summary: Elasticsearch + value: + id: elastic-output + type: elastic + host: localhost + port: 9200 + index: logs + OutputCreateExamplesElasticCloud: + summary: Elastic Cloud + value: + id: elastic-cloud-output + type: elastic_cloud + url: my-cloud-id + index: logs + OutputCreateExamplesMicrosoftFabric: + summary: Microsoft Fabric + value: + id: microsoft-fabric-output + type: microsoft_fabric + bootstrap_server: myeventstream.servicebus.windows.net:9093 + topic: logs + OutputCreateExamplesCloudflareR2: + summary: Cloudflare R2 + value: + id: cloudflare-r2-output + type: cloudflare_r2 + bucket: my-bucket + endpoint: https://account-id.r2.cloudflarestorage.com + stagePath: /tmp/staging + OutputCreateExamplesHoneycomb: + summary: Honeycomb + value: + id: honeycomb-output + type: honeycomb + apiKey: your-api-key + dataset: my-dataset + OutputCreateExamplesNewrelic: + summary: New Relic + value: + id: newrelic-output + type: newrelic + apiKey: your-api-key + baseUrl: https://insights-collector.newrelic.com + OutputCreateExamplesNewrelicEvents: + summary: New Relic Events + value: + id: newrelic-events-output + type: newrelic_events + accountId: "123456" + eventType: CriblEvent + apiKey: your-api-key + baseUrl: https://insights-collector.newrelic.com + OutputCreateExamplesSnmp: + summary: SNMP + value: + id: snmp-output + type: snmp + hosts: + - host: 192.168.1.1 + port: 161 + OutputCreateExamplesInfluxdb: + summary: InfluxDB + value: + id: influxdb-output + type: influxdb + url: http://localhost:8086 + database: mydb + OutputCreateExamplesMinio: + summary: MinIO + value: + id: minio-output + type: minio + bucket: my-bucket + stagePath: /tmp/staging + endpoint: http://localhost:9000 + OutputCreateExamplesCloudwatch: + summary: CloudWatch + value: + id: cloudwatch-output + type: cloudwatch + logGroupName: my-log-group + logStreamName: my-log-stream + region: us-east-1 + OutputCreateExamplesAzureEventhub: + summary: Azure Event Hub + value: + id: azure-eventhub-output + type: azure_eventhub + brokers: + - myeventhub.servicebus.windows.net:9093 + topic: logs + OutputCreateExamplesStatsd: + summary: StatsD + value: + id: statsd-output + type: statsd + protocol: udp + host: localhost + port: 8125 + OutputCreateExamplesStatsdExt: + summary: StatsD Extended + value: + id: statsd-ext-output + type: statsd_ext + protocol: udp + host: localhost + port: 8125 + OutputCreateExamplesGraphite: + summary: Graphite + value: + id: graphite-output + type: graphite + protocol: tcp + host: localhost + port: 2003 + OutputCreateExamplesWavefront: + summary: Wavefront + value: + id: wavefront-output + type: wavefront + domain: longboard + endpoint: https://your-instance.wavefront.com + token: your-token + OutputCreateExamplesSignalfx: + summary: SignalFx + value: + id: signalfx-output + type: signalfx + realm: us0 + endpoint: https://ingest.signalfx.com + token: your-token + OutputCreateExamplesSqs: + summary: SQS + value: + id: sqs-output + type: sqs + queueName: my-queue + queueType: standard + region: us-east-1 + OutputCreateExamplesGoogleCloudStorage: + summary: Google Cloud Storage + value: + id: google-cloud-storage-output + type: google_cloud_storage + bucket: my-bucket + endpoint: https://storage.googleapis.com + region: us-east1 + stagePath: /tmp/staging + projectId: my-project + OutputCreateExamplesSumoLogic: + summary: Sumo Logic + value: + id: sumo-logic-output + type: sumo_logic + url: https://endpoint1.collection.us2.sumologic.com + sourceCategory: logs + OutputCreateExamplesDatadog: + summary: Datadog + value: + id: datadog-output + type: datadog + endpoint: https://http-intake.logs.datadoghq.com + apiKey: your-api-key + OutputCreateExamplesWebhook: + summary: Webhook + value: + id: webhook-output + type: webhook + url: https://example.com/webhook + OutputCreateExamplesPrometheus: + summary: Prometheus + value: + id: prometheus-output + type: prometheus + url: http://localhost:9091/api/v1/write + OutputCreateExamplesGooglePubsub: + summary: Google Pub/Sub + value: + id: google-pubsub-output + type: google_pubsub + projectId: my-project + topicName: my-topic + OutputCreateExamplesGoogleChronicle: + summary: Google Chronicle + value: + id: google-chronicle-output + type: google_chronicle + logFormatType: unstructured + region: us + customerId: customer-id + OutputCreateExamplesChronicle: + summary: Chronicle + value: + id: chronicle-output + type: chronicle + gcpProjectId: my-project + gcpInstance: customer-id + region: us + logType: UNKNOWN + OutputCreateExamplesGrafanaCloud: + summary: Grafana Cloud + value: + id: grafana-cloud-output + type: grafana_cloud + lokiUrl: https://logs-prod-us-central1.grafana.net + OutputCreateExamplesLoki: + summary: Loki + value: + id: loki-output + type: loki + url: http://localhost:3100/loki/api/v1/push + OutputCreateExamplesOpenTelemetry: + summary: OpenTelemetry + value: + id: opentelemetry-output + type: open_telemetry + endpoint: http://localhost:4317 + OutputCreateExamplesServiceNow: + summary: ServiceNow + value: + id: servicenow-output + type: service_now + endpoint: ingest.lightstep.com:443 + protocol: http + otlpVersion: 1.3.1 + tokenSecret: your-token-secret + OutputCreateExamplesDynatraceOtlp: + summary: Dynatrace OTLP + value: + id: dynatrace-otlp-output + type: dynatrace_otlp + endpoint: https://your-environment.live.dynatrace.com/api/v2/otlp + endpointType: saas + protocol: http + otlpVersion: 1.3.1 + tokenSecret: your-token-secret + OutputCreateExamplesGoogleCloudObservability: + summary: Google Cloud Observability + value: + id: google-cloud-observability-output + type: google_cloud_observability + googleAuthMethod: auto + OutputCreateExamplesSentinelOneAiSiem: + summary: SentinelOne AI SIEM + value: + id: sentinel-one-ai-siem-output + type: sentinel_one_ai_siem + region: US + endpoint: /services/collector/event + OutputCreateExamplesDataset: + summary: Dataset + value: + id: dataset-output + type: dataset + dataset: my-dataset + OutputCreateExamplesRing: + summary: Ring Buffer + value: + id: ring-output + type: ring + OutputCreateExamplesRouter: + summary: Output Router + value: + id: router-output + type: router + rules: + - filter: "true" + output: my-output + OutputCreateExamplesWizHec: + summary: Wiz Defend + value: + id: wiz-hec-output + type: wiz_hec + data_center: us1 + wiz_sourcetype: placeholder + wiz_connector_id: 00000000-0000-0000-0000-000000000000 + wiz_environment: test + authType: manual + hecToken: your-hec-token + OutputCreateExamplesHumioHec: + summary: Humio HEC + value: + id: humio-hec-output + type: humio_hec + url: https://cloud.us.humio.com/api/v1/ingest/hec + format: JSON + authType: manual + token: your-token + OutputCreateExamplesCrowdstrikeNextGenSiem: + summary: CrowdStrike Next Gen SIEM + value: + id: crowdstrike-next-gen-siem-output + type: crowdstrike_next_gen_siem + url: https://ingest.us.crowdstrike.com/api/ingest/hec/connection-id/v1/services/collector + format: JSON + authType: manual + token: your-token + OutputCreateExamplesCriblHttp: + summary: Cribl HTTP + value: + id: cribl-http-output + type: cribl_http + host: localhost + port: 10080 + OutputCreateExamplesCriblTcp: + summary: Cribl TCP + value: + id: cribl-tcp-output + type: cribl_tcp + host: localhost port: 10090 OutputCreateExamplesCriblSearchEngine: summary: Cribl Search Engine @@ -50014,104 +60257,1981 @@ components: OutputCreateExamplesCriblLake: summary: Cribl Lake value: - id: cribl-lake-output - type: cribl_lake - dataset: my-dataset - OutputCreateExamplesExabeam: - summary: Exabeam + id: cribl-lake-output + type: cribl_lake + dataset: my-dataset + OutputCreateExamplesExabeam: + summary: Exabeam + value: + id: exabeam-output + type: exabeam + bucket: my-bucket + region: us-east1 + endpoint: https://storage.googleapis.com + stagePath: /tmp/staging + collectorInstanceId: 11112222-3333-4444-5555-666677778888 + OutputCreateExamplesDiskSpool: + summary: Disk Spool + value: + id: disk-spool-output + type: disk_spool + path: /var/spool/cribl + OutputCreateExamplesClickHouse: + summary: ClickHouse + value: + id: clickhouse-output + type: click_house + url: http://localhost:8123/ + database: mydb + tableName: mytable + OutputCreateExamplesLocalSearchStorage: + summary: Local Search Storage + value: + id: local-search-storage-output + type: local_search_storage + url: http://localhost:8123/ + database: default + tableName: mytable + OutputCreateExamplesXsiam: + summary: XSIAM + value: + id: xsiam-output + type: xsiam + endpoint: https://api.paloaltonetworks.com + apiKey: your-api-key + OutputCreateExamplesNetflow: + summary: Netflow + value: + id: netflow-output + type: netflow + hosts: + - host: localhost + port: 2055 + OutputCreateExamplesDynatraceHttp: + summary: Dynatrace HTTP + value: + id: dynatrace-http-output + type: dynatrace_http + format: json_array + endpoint: cloud + telemetryType: logs + authType: token + token: your-api-key + OutputCreateExamplesDatabricks: + summary: Databricks + value: + id: databricks-output + type: databricks + workspaceId: your-workspace-id + scope: all-apis + clientId: your-client-id + clientTextSecret: your-client-secret + catalog: main + schema: external + eventsVolumeName: events + OutputTestExamplesSingleEvent: + summary: Send a single test event + description: Example request body for sending a single test event to the Destination. + value: + events: + - _raw: This is a test event + source: test + sourcetype: manual + OutputTestExamplesMultipleEvents: + summary: Send multiple test events + description: Example request body for sending multiple test events to the Destination. + value: + events: + - _raw: Test event 1 + source: test + sourcetype: manual + - _raw: Test event 2 + source: test + sourcetype: manual + UpdateOutputExamplesDefault: + summary: Default + value: + id: default-output + type: default + defaultId: my-default-output + description: Example request body for updating a Default + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesTcpjson: + summary: TCP JSON + value: + id: tcpjson-output + type: tcpjson + host: localhost + port: 10090 + description: Example request body for updating a TCP JSON + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesSplunk: + summary: Splunk + value: + id: splunk-output + type: splunk + host: localhost + port: 9997 + description: Example request body for updating a Splunk + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesSplunkLb: + summary: Splunk Load Balanced + value: + id: splunk-lb-output + type: splunk_lb + hosts: + - host: localhost + port: 9997 + description: Example request body for updating a Splunk Load Balanced + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesSplunkHec: + summary: Splunk HEC + value: + id: splunk-hec-output + type: splunk_hec + host: localhost + port: 8088 + hecToken: your-hec-token + description: Example request body for updating a Splunk HEC + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesSyslog: + summary: Syslog + value: + id: syslog-output + type: syslog + host: localhost + port: 514 + description: Example request body for updating a Syslog + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesFilesystem: + summary: Filesystem + value: + id: filesystem-output + type: filesystem + destPath: /var/log/output + description: Example request body for updating a Filesystem + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesS3: + summary: S3 + value: + id: s3-output + type: s3 + bucket: my-bucket + region: us-east-1 + stagePath: /tmp/staging + description: Example request body for updating a S3 Destination.

The + request body must include a complete representation of the Destination + that you want to update. This endpoint does not support partial updates. + UpdateOutputExamplesNutanixObjects: + summary: Nutanix Objects + value: + id: nutanix-objects-output + type: nutanix_objects + bucket: my-bucket + endpoint: https://nutanix-objects.example.com + stagePath: /tmp/staging + description: Example request body for updating a Nutanix Objects + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesStorjS3: + summary: Storj + value: + id: storj-s3-output + type: storj_s3 + bucket: my-bucket + endpoint: https://gateway.storjshare.io + stagePath: /tmp/staging + description: Example request body for updating a Storj Destination.

The + request body must include a complete representation of the Destination + that you want to update. This endpoint does not support partial updates. + UpdateOutputExamplesAlphasocS3: + summary: AlphaSOC + value: + id: alphasoc-s3-output + type: alphasoc_s3 + bucket: events + endpoint: https://s3.alphasoc.net + stagePath: /tmp/staging + description: Example request body for updating a AlphaSOC + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesdellS3: + summary: Dell PowerScale OneFS + value: + id: dell-s3-output + type: dell_s3 + bucket: my-bucket + endpoint: https://powerscale.example.com:9021 + stagePath: /tmp/staging + description: Example request body for updating a Dell PowerScale OneFS + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplescloudianS3: + summary: Cloudian + value: + id: cloudian-s3-output + type: cloudian_s3 + bucket: my-bucket + endpoint: https://s3.hyperstore.example.com + stagePath: /tmp/staging + description: Example request body for updating a Cloudian + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesscalityS3: + summary: Scality + value: + id: scality-s3-output + type: scality_s3 + bucket: my-bucket + endpoint: https://s3.scality.example.com + stagePath: /tmp/staging + description: Example request body for updating a Scality + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesalibabaCloudS3: + summary: Alibaba OSS + value: + id: alibaba-oss-output + type: alibaba_cloud_s3 + bucket: my-bucket + endpoint: https://s3.oss-cn-hangzhou.aliyuncs.com + stagePath: /tmp/staging + description: Example request body for updating a Alibaba OSS + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesAzureBlob: + summary: Azure Blob + value: + id: azure-blob-output + type: azure_blob + containerName: my-container + stagePath: /tmp/staging + description: Example request body for updating a Azure Blob + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesAzureDataExplorer: + summary: Azure Data Explorer + value: + id: azure-data-explorer-output + type: azure_data_explorer + clusterUrl: https://mycluster.kusto.windows.net + database: mydatabase + table: mytable + oauthEndpoint: https://login.microsoftonline.com + tenantId: tenant-id + clientId: client-id + scope: https://mycluster.kusto.windows.net/.default + oauthType: clientSecret + clientSecret: client-secret + ingestMode: streaming + format: json + compress: gzip + description: Example request body for updating a Azure Data Explorer + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesSentinel: + summary: Azure Sentinel + value: + id: sentinel-output + type: sentinel + endpointURLConfiguration: url + url: https://your-workspace.ingest.monitor.azure.com + loginUrl: https://login.microsoftonline.com + secret: client-secret + client_id: client-id + description: Example request body for updating a Azure Sentinel + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesAzureLogs: + summary: Azure Logs + value: + id: azure-logs-output + type: azure_logs + workspaceId: workspace-id + workspaceKey: workspace-key + logType: Cribl + authType: manual + description: Example request body for updating a Azure Logs + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesKafka: + summary: Kafka + value: + id: kafka-output + type: kafka + brokers: + - localhost:9092 + topic: logs + description: Example request body for updating a Kafka Destination.

The + request body must include a complete representation of the Destination + that you want to update. This endpoint does not support partial updates. + UpdateOutputExamplesConfluentCloud: + summary: Confluent Cloud + value: + id: confluent-cloud-output + type: confluent_cloud + brokers: + - pkc-xxxxx.us-east-1.aws.confluent.cloud:9092 + topic: logs + description: Example request body for updating a Confluent Cloud + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesMsk: + summary: MSK + value: + id: msk-output + type: msk + brokers: + - b-1.example.xxxxx.c2.kafka.us-east-1.amazonaws.com:9092 + topic: logs + region: us-east-1 + awsAuthenticationMethod: auto + description: Example request body for updating a MSK Destination.

The + request body must include a complete representation of the Destination + that you want to update. This endpoint does not support partial updates. + UpdateOutputExamplesKinesis: + summary: Kinesis + value: + id: kinesis-output + type: kinesis + streamName: my-stream + region: us-east-1 + description: Example request body for updating a Kinesis + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesElastic: + summary: Elasticsearch + value: + id: elastic-output + type: elastic + host: localhost + port: 9200 + index: logs + description: Example request body for updating a Elasticsearch + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesElasticCloud: + summary: Elastic Cloud + value: + id: elastic-cloud-output + type: elastic_cloud + url: my-cloud-id + index: logs + description: Example request body for updating a Elastic Cloud + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesMicrosoftFabric: + summary: Microsoft Fabric + value: + id: microsoft-fabric-output + type: microsoft_fabric + bootstrap_server: myeventstream.servicebus.windows.net:9093 + topic: logs + description: Example request body for updating a Microsoft Fabric + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesCloudflareR2: + summary: Cloudflare R2 + value: + id: cloudflare-r2-output + type: cloudflare_r2 + bucket: my-bucket + endpoint: https://account-id.r2.cloudflarestorage.com + stagePath: /tmp/staging + description: Example request body for updating a Cloudflare R2 + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesHoneycomb: + summary: Honeycomb + value: + id: honeycomb-output + type: honeycomb + apiKey: your-api-key + dataset: my-dataset + description: Example request body for updating a Honeycomb + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesNewrelic: + summary: New Relic + value: + id: newrelic-output + type: newrelic + apiKey: your-api-key + baseUrl: https://insights-collector.newrelic.com + description: Example request body for updating a New Relic + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesNewrelicEvents: + summary: New Relic Events + value: + id: newrelic-events-output + type: newrelic_events + accountId: "123456" + eventType: CriblEvent + apiKey: your-api-key + baseUrl: https://insights-collector.newrelic.com + description: Example request body for updating a New Relic Events + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesSnmp: + summary: SNMP + value: + id: snmp-output + type: snmp + hosts: + - host: 192.168.1.1 + port: 161 + description: Example request body for updating a SNMP Destination.

The + request body must include a complete representation of the Destination + that you want to update. This endpoint does not support partial updates. + UpdateOutputExamplesInfluxdb: + summary: InfluxDB + value: + id: influxdb-output + type: influxdb + url: http://localhost:8086 + database: mydb + description: Example request body for updating a InfluxDB + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesMinio: + summary: MinIO + value: + id: minio-output + type: minio + bucket: my-bucket + stagePath: /tmp/staging + endpoint: http://localhost:9000 + description: Example request body for updating a MinIO Destination.

The + request body must include a complete representation of the Destination + that you want to update. This endpoint does not support partial updates. + UpdateOutputExamplesCloudwatch: + summary: CloudWatch + value: + id: cloudwatch-output + type: cloudwatch + logGroupName: my-log-group + logStreamName: my-log-stream + region: us-east-1 + description: Example request body for updating a CloudWatch + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesAzureEventhub: + summary: Azure Event Hub + value: + id: azure-eventhub-output + type: azure_eventhub + brokers: + - myeventhub.servicebus.windows.net:9093 + topic: logs + description: Example request body for updating a Azure Event Hub + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesStatsd: + summary: StatsD + value: + id: statsd-output + type: statsd + protocol: udp + host: localhost + port: 8125 + description: Example request body for updating a StatsD + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesStatsdExt: + summary: StatsD Extended + value: + id: statsd-ext-output + type: statsd_ext + protocol: udp + host: localhost + port: 8125 + description: Example request body for updating a StatsD Extended + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesGraphite: + summary: Graphite + value: + id: graphite-output + type: graphite + protocol: tcp + host: localhost + port: 2003 + description: Example request body for updating a Graphite + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesWavefront: + summary: Wavefront + value: + id: wavefront-output + type: wavefront + domain: longboard + endpoint: https://your-instance.wavefront.com + token: your-token + description: Example request body for updating a Wavefront + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesSignalfx: + summary: SignalFx + value: + id: signalfx-output + type: signalfx + realm: us0 + endpoint: https://ingest.signalfx.com + token: your-token + description: Example request body for updating a SignalFx + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesSqs: + summary: SQS + value: + id: sqs-output + type: sqs + queueName: my-queue + queueType: standard + region: us-east-1 + description: Example request body for updating a SQS Destination.

The + request body must include a complete representation of the Destination + that you want to update. This endpoint does not support partial updates. + UpdateOutputExamplesGoogleCloudStorage: + summary: Google Cloud Storage + value: + id: google-cloud-storage-output + type: google_cloud_storage + bucket: my-bucket + endpoint: https://storage.googleapis.com + region: us-east1 + stagePath: /tmp/staging + projectId: my-project + description: Example request body for updating a Google Cloud Storage + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesSumoLogic: + summary: Sumo Logic + value: + id: sumo-logic-output + type: sumo_logic + url: https://endpoint1.collection.us2.sumologic.com + sourceCategory: logs + description: Example request body for updating a Sumo Logic + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesDatadog: + summary: Datadog + value: + id: datadog-output + type: datadog + endpoint: https://http-intake.logs.datadoghq.com + apiKey: your-api-key + description: Example request body for updating a Datadog + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesWebhook: + summary: Webhook + value: + id: webhook-output + type: webhook + url: https://example.com/webhook + description: Example request body for updating a Webhook + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesPrometheus: + summary: Prometheus + value: + id: prometheus-output + type: prometheus + url: http://localhost:9091/api/v1/write + description: Example request body for updating a Prometheus + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesGooglePubsub: + summary: Google Pub/Sub + value: + id: google-pubsub-output + type: google_pubsub + projectId: my-project + topicName: my-topic + description: Example request body for updating a Google Pub/Sub + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesGoogleChronicle: + summary: Google Chronicle + value: + id: google-chronicle-output + type: google_chronicle + logFormatType: unstructured + region: us + customerId: customer-id + description: Example request body for updating a Google Chronicle + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesChronicle: + summary: Chronicle + value: + id: chronicle-output + type: chronicle + gcpProjectId: my-project + gcpInstance: customer-id + region: us + logType: UNKNOWN + description: Example request body for updating a Chronicle + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesGrafanaCloud: + summary: Grafana Cloud + value: + id: grafana-cloud-output + type: grafana_cloud + lokiUrl: https://logs-prod-us-central1.grafana.net + description: Example request body for updating a Grafana Cloud + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesLoki: + summary: Loki + value: + id: loki-output + type: loki + url: http://localhost:3100/loki/api/v1/push + description: Example request body for updating a Loki Destination.

The + request body must include a complete representation of the Destination + that you want to update. This endpoint does not support partial updates. + UpdateOutputExamplesOpenTelemetry: + summary: OpenTelemetry + value: + id: opentelemetry-output + type: open_telemetry + endpoint: http://localhost:4317 + description: Example request body for updating a OpenTelemetry + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesServiceNow: + summary: ServiceNow + value: + id: servicenow-output + type: service_now + endpoint: ingest.lightstep.com:443 + protocol: http + otlpVersion: 1.3.1 + tokenSecret: your-token-secret + description: Example request body for updating a ServiceNow + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesDynatraceOtlp: + summary: Dynatrace OTLP + value: + id: dynatrace-otlp-output + type: dynatrace_otlp + endpoint: https://your-environment.live.dynatrace.com/api/v2/otlp + endpointType: saas + protocol: http + otlpVersion: 1.3.1 + tokenSecret: your-token-secret + description: Example request body for updating a Dynatrace OTLP + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesGoogleCloudObservability: + summary: Google Cloud Observability + value: + id: google-cloud-observability-output + type: google_cloud_observability + googleAuthMethod: auto + description: Example request body for updating a Google Cloud Observability + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesSentinelOneAiSiem: + summary: SentinelOne AI SIEM + value: + id: sentinel-one-ai-siem-output + type: sentinel_one_ai_siem + region: US + endpoint: /services/collector/event + description: Example request body for updating a SentinelOne AI SIEM + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesDataset: + summary: Dataset + value: + id: dataset-output + type: dataset + dataset: my-dataset + description: Example request body for updating a Dataset + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesRing: + summary: Ring Buffer + value: + id: ring-output + type: ring + description: Example request body for updating a Ring Buffer + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesRouter: + summary: Output Router + value: + id: router-output + type: router + rules: + - filter: "true" + output: my-output + description: Example request body for updating a Output Router + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesWizHec: + summary: Wiz Defend + value: + id: wiz-hec-output + type: wiz_hec + data_center: us1 + wiz_sourcetype: placeholder + wiz_connector_id: 00000000-0000-0000-0000-000000000000 + wiz_environment: test + authType: manual + hecToken: your-hec-token + description: Example request body for updating a Wiz Defend + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesHumioHec: + summary: Humio HEC + value: + id: humio-hec-output + type: humio_hec + url: https://cloud.us.humio.com/api/v1/ingest/hec + format: JSON + authType: manual + token: your-token + description: Example request body for updating a Humio HEC + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesCrowdstrikeNextGenSiem: + summary: CrowdStrike Next Gen SIEM + value: + id: crowdstrike-next-gen-siem-output + type: crowdstrike_next_gen_siem + url: https://ingest.us.crowdstrike.com/api/ingest/hec/connection-id/v1/services/collector + format: JSON + authType: manual + token: your-token + description: Example request body for updating a CrowdStrike Next Gen SIEM + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesCriblHttp: + summary: Cribl HTTP + value: + id: cribl-http-output + type: cribl_http + host: localhost + port: 10080 + description: Example request body for updating a Cribl HTTP + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesCriblTcp: + summary: Cribl TCP + value: + id: cribl-tcp-output + type: cribl_tcp + host: localhost + port: 10090 + description: Example request body for updating a Cribl TCP + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesCriblSearchEngine: + summary: Cribl Search Engine + value: + id: cribl-search-engine-output + systemFields: + - cribl_pipe + streamtags: [] + loadBalanced: false + tls: + disabled: true + tokenTTLMinutes: 60 + excludeFields: + - __kube_* + - __metadata + - __winEvent + compression: gzip + concurrency: 5 + maxPayloadSizeKB: 4096 + maxPayloadEvents: 0 + rejectUnauthorized: true + timeoutSec: 30 + flushPeriodSec: 1 + failedRequestLoggingMode: none + safeHeaders: [] + throttleRatePerSec: "0" + responseRetrySettings: + - httpStatus: 401 + initialBackoff: 1000 + backoffRate: 2 + maxBackoff: 20000 + - httpStatus: 403 + initialBackoff: 1000 + backoffRate: 2 + maxBackoff: 20000 + - httpStatus: 408 + initialBackoff: 250 + backoffRate: 2 + maxBackoff: 10000 + - httpStatus: 429 + initialBackoff: 1000 + backoffRate: 2 + maxBackoff: 10000 + - httpStatus: 500 + initialBackoff: 250 + backoffRate: 2 + maxBackoff: 10000 + - httpStatus: 502 + initialBackoff: 250 + backoffRate: 2 + maxBackoff: 10000 + - httpStatus: 503 + initialBackoff: 250 + backoffRate: 2 + maxBackoff: 10000 + - httpStatus: 504 + initialBackoff: 250 + backoffRate: 2 + maxBackoff: 10000 + - httpStatus: 509 + initialBackoff: 250 + backoffRate: 2 + maxBackoff: 10000 + timeoutRetrySettings: + timeoutRetry: false + responseHonorRetryAfterHeader: true + onBackpressure: block + useRoundRobinDns: true + type: cribl_search_engine + url: https://0.0.0.0:10200 + description: Example request body for updating a Cribl Search Engine + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesGoogleCloudLogging: + summary: Google Cloud Logging + value: + id: google-cloud-logging-output + type: google_cloud_logging + logLocationType: project + logLocationExpression: my-project + logNameExpression: my-log + projectId: my-project + description: Example request body for updating a Google Cloud Logging + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesSns: + summary: SNS + value: + id: sns-output + type: sns + topicArn: arn:aws:sns:us-east-1:123456789012:my-topic + messageGroupId: my-message-group + region: us-east-1 + description: Example request body for updating a SNS Destination.

The + request body must include a complete representation of the Destination + that you want to update. This endpoint does not support partial updates. + UpdateOutputExamplesDlS3: + summary: Data Lake S3 + value: + id: dl-s3-output + type: dl_s3 + bucket: my-bucket + stagePath: /tmp/staging + region: us-east-1 + description: Example request body for updating a Data Lake S3 + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesSecurityLake: + summary: Security Lake + value: + id: security-lake-output + type: security_lake + bucket: my-bucket + stagePath: /tmp/staging + region: us-east-1 + accountId: "123456789012" + customSource: my-custom-source + assumeRoleArn: arn:aws:iam::123456789012:role/my-role + description: Example request body for updating a Security Lake + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesCriblLake: + summary: Cribl Lake + value: + id: cribl-lake-output + type: cribl_lake + dataset: my-dataset + description: Example request body for updating a Cribl Lake + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesExabeam: + summary: Exabeam + value: + id: exabeam-output + type: exabeam + bucket: my-bucket + region: us-east1 + endpoint: https://storage.googleapis.com + stagePath: /tmp/staging + collectorInstanceId: 11112222-3333-4444-5555-666677778888 + description: Example request body for updating a Exabeam + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesDiskSpool: + summary: Disk Spool + value: + id: disk-spool-output + type: disk_spool + path: /var/spool/cribl + description: Example request body for updating a Disk Spool + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesClickHouse: + summary: ClickHouse + value: + id: clickhouse-output + type: click_house + url: http://localhost:8123/ + database: mydb + tableName: mytable + description: Example request body for updating a ClickHouse + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesLocalSearchStorage: + summary: Local Search Storage + value: + id: local-search-storage-output + type: local_search_storage + url: http://localhost:8123/ + database: default + tableName: mytable + description: Example request body for updating a Local Search Storage + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesXsiam: + summary: XSIAM + value: + id: xsiam-output + type: xsiam + endpoint: https://api.paloaltonetworks.com + apiKey: your-api-key + description: Example request body for updating a XSIAM Destination.

The + request body must include a complete representation of the Destination + that you want to update. This endpoint does not support partial updates. + UpdateOutputExamplesNetflow: + summary: Netflow + value: + id: netflow-output + type: netflow + hosts: + - host: localhost + port: 2055 + description: Example request body for updating a Netflow + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesDynatraceHttp: + summary: Dynatrace HTTP + value: + id: dynatrace-http-output + type: dynatrace_http + format: json_array + endpoint: cloud + telemetryType: logs + authType: token + token: your-api-key + description: Example request body for updating a Dynatrace HTTP + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + UpdateOutputExamplesDatabricks: + summary: Databricks + value: + id: databricks-output + type: databricks + workspaceId: your-workspace-id + scope: all-apis + clientId: your-client-id + clientTextSecret: your-client-secret + catalog: main + schema: external + eventsVolumeName: events + description: Example request body for updating a Databricks + Destination.

The request body must include a complete + representation of the Destination that you want to update. This endpoint + does not support partial updates. + PipelineExamplesEmpty: + summary: New empty Pipeline + value: + id: empty-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + functions: [] + description: "" + PipelineExamplesAggregations: + summary: Pipeline with aggregation function summing rejected bytes grouped by + source address + value: + id: aggregation-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that aggregates rejected bytes grouped by source address + every 10 seconds + functions: + - id: aggregation + filter: "true" + conf: + passthrough: false + preserveGroupBys: false + sufficientStatsOnly: false + metricsMode: false + timeWindow: 10s + aggregations: + - sum(bytes).where(action=="REJECT").as(TotalBytes) + groupbys: + - srcaddr + cumulative: false + shouldTreatDotsAsLiterals: false + flushOnInputClose: true + PipelineExamplesAggregateMetrics: + summary: Pipeline with aggregate metrics function computing statistics on + process metrics + value: + id: aggregate-metrics-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: "Pipeline that aggregates process metrics: CPU, memory, and bytes + over time windows" + functions: + - id: aggregate_metrics + filter: (_metric == 'proc.cpu_perc' || + __criblMetrics[0].nameExpr.includes("'proc.cpu_perc'")) || + (_metric == 'proc.mem_perc' || + __criblMetrics[0].nameExpr.includes("'proc.mem_perc'")) || + (_metric == 'proc.bytes_in' || + __criblMetrics[0].nameExpr.includes("'proc.bytes_in'")) + conf: + passthrough: false + preserveGroupBys: false + sufficientStatsOnly: false + timeWindow: 10s + aggregations: + - metricType: gauge + agg: avg(_value || proc.cpu_perc).as(proc.cpu_perc_avg) + - metricType: gauge + agg: sum(_value || proc.mem_perc).as(proc.mem_perc_sum) + - metricType: counter + agg: count(_value || proc.bytes_in).as(proc.bytes_in_count) + groupbys: + - proc + cumulative: false + shouldTreatDotsAsLiterals: true + flushOnInputClose: true + PipelineExamplesAutoTimestamp: + summary: Pipeline with auto timestamp function extracting timestamps from event + data + value: + id: auto-timestamp-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that extracts timestamps from event data using auto + timestamp function + functions: + - id: auto_timestamp + filter: "true" + conf: + srcField: _raw + dstField: _time + defaultTimezone: local + timeExpression: time.getTime() / 1000 + offset: 0 + maxLen: 150 + defaultTime: now + latestDateAllowed: +1week + earliestDateAllowed: -420weeks + timestamps: + - regex: /(\d{1,2}\/\d{2}\/\d{4}\s\d{1,2}:\d{2}:\d{2}\s\w{2})/ + strptime: "%Y-%m-%d %H:%M:%S" + PipelineExamplesCEFSerializer: + summary: Pipeline with CEF serializer function formatting events in Common Event + Format + value: + id: cef-serializer-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that formats events in CEF format with custom header and + extension fields + functions: + - id: cef + filter: "true" + conf: + outputField: _raw + header: + - name: cef_version + value: "'CEF:0'" + - name: device_vendor + value: "'Cribl'" + - name: device_product + value: "'Cribl'" + - name: device_version + value: C.version + - name: device_event_class_id + value: "420" + - name: name + value: "'Cribl Event'" + - name: severity + value: "6" + extension: + - name: c6a1Label + value: "'Colorado_Ext_Bldg7'" + PipelineExamplesChain: + summary: Pipeline with chain function connecting to another pipeline for + sequential processing + value: + id: chain-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that chains to another pipeline for sequential data + processing + functions: + - id: chain + filter: "true" + conf: + processor: prometheus_metrics + PipelineExamplesClone: + summary: Pipeline with clone function creating copies of events with additional + fields + value: + id: clone-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that creates cloned events with additional fields for + comparison or routing + functions: + - id: clone + filter: "true" + conf: + clones: + - env: staging + - index: clones + PipelineExamplesComment: + summary: Pipeline with comment function adding documentation annotations + value: + id: comment-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline with comment function for documentation + functions: + - id: comment + filter: "true" + conf: + comment: This function processes security events and enriches them with DNS + lookups + PipelineExamplesDNSLookup: + summary: Pipeline with DNS lookup function resolving hostnames and IP addresses + value: + id: dns-lookup-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that performs DNS lookups to resolve hostnames and IP + addresses + functions: + - id: dns_lookup + filter: "true" + conf: + dnsLookupFields: + - inFieldName: hostname + resourceRecordType: A + outFieldName: hostname_ip + reverseLookupFields: + - inFieldName: src_ip + outFieldName: src_hostname + cacheTTL: 30 + maxCacheSize: 5000 + useResolvConf: false + lookupFallback: false + lookupFailLogLevel: error + PipelineExamplesDrop: + summary: Pipeline with drop function filtering out events matching specified + criteria + value: + id: drop-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that drops events containing success messages + functions: + - id: drop + filter: _raw.search(/success/i)>=0 + conf: {} + PipelineExamplesDropDimensions: + summary: Pipeline with drop dimensions function reducing metric cardinality by + removing dimensions + value: + id: drop-dimensions-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that drops specified dimensions from metrics to reduce + cardinality + functions: + - id: drop_dimensions + filter: (_metric == 'proc.cpu_perc' || + __criblMetrics[0].nameExpr.includes("'proc.cpu_perc'")) && + (__criblMetrics[0].dims.includes("proc")) + conf: + timeWindow: 10s + dropDimensions: + - proc + - pie + - unit + flushOnInputClose: true + PipelineExamplesDynamicSampling: + summary: Pipeline with dynamic sampling function automatically adjusting sample + rates based on event volume + value: + id: dynamic-sampling-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that dynamically samples events based on volume using + square root mode + functions: + - id: dynamic_sampling + filter: "true" + conf: + mode: sqrt + keyExpr: "`${domain}:${httpCode}`" + samplePeriod: 20 + minEvents: 3 + maxSampleRate: 3 + PipelineExamplesEval: + summary: Pipeline with eval function adding, modifying, and removing event + fields using JavaScript expressions + value: + id: eval-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that evaluates JavaScript expressions to add, modify, and + remove fields + functions: + - id: eval + filter: "true" + conf: + add: + - name: action + value: "login == 'error' ? 'blocked' : action" + - name: myTags + value: "login == 'error' ? [...myTags, 'error'] : myTags" + keep: + - host + - source + - action + - myTags + remove: + - identification + PipelineExamplesEventBreaker: + summary: Pipeline with event breaker function splitting large blobs or streams + into discrete events + value: + id: event-breaker-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that breaks large event streams into discrete events using + regex + functions: + - id: event_breaker + filter: "true" + conf: + existingOrNew: new + ruleType: regex + eventBreakerRegex: /[\n\r]+(?!\s)/ + maxEventBytes: 51200 + timestampAnchorRegex: /^/ + timestamp: + type: auto + length: 150 + timestampTimezone: local + timestampEarliest: -420weeks + timestampLatest: +1week + shouldMarkCriblBreaker: true + PipelineExamplesFlatten: + summary: Pipeline with flatten function pulling nested fields up to a higher + level in the object + value: + id: flatten-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that flattens nested JSON structures into top-level fields + functions: + - id: flatten + filter: "true" + conf: + fields: [] + prefix: "" + depth: 5 + delimiter: _ + PipelineExamplesFoldKeys: + summary: Pipeline with fold keys function transforming flat field names into + nested structures + value: + id: fold-keys-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that transforms flat field names with separators into + nested structures + functions: + - id: foldkeys + filter: "true" + conf: + deleteOriginal: true + separator: _ + selectionRegExp: ^data + PipelineExamplesGeoIP: + summary: Pipeline with GeoIP function enriching events with geographic + information based on IP addresses + value: + id: geoip-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that enriches events with geolocation data from IP addresses + functions: + - id: geoip + filter: "true" + conf: + file: GeoLite2-City.mmdb + inField: ip + outField: geoip + additionalFields: + - extraInField: src_ip + extraOutField: src_geoip + PipelineExamplesGrok: + summary: Pipeline with grok function extracting structured fields from + unstructured log data using patterns + value: + id: grok-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that extracts structured fields from log data using Grok + patterns + functions: + - id: grok + filter: "true" + conf: + pattern: "%{TIMESTAMP_ISO8601:event_time} %{LOGLEVEL:log_level} + %{GREEDYDATA:log_message}" + source: _raw + patternList: [] + PipelineExamplesGuard: + summary: Pipeline with guard function detecting and protecting sensitive data + using AI-driven scanning rulesets + value: + id: guard-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that scans for sensitive data and applies mitigation + expressions + functions: + - id: sensitive_data_scanner + filter: "true" + conf: + rules: + - rulesetId: Finance_Global + replaceExpr: "'REDACTED'" + disabled: false + fields: + - _raw + excludeFields: [] + flags: + - name: _sensitive + value: "true" + includeDetectedRules: true + PipelineExamplesJSONUnroll: + summary: Pipeline with JSON unroll function exploding arrays of objects into + individual events + value: + id: json-unroll-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that unrolls JSON arrays into individual events while + retaining parent fields + functions: + - id: json_unroll + filter: "true" + conf: + path: allCars + name: cars + PipelineExamplesLookup: + summary: Pipeline with lookup function enriching events with external fields + from lookup tables + value: + id: lookup-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that enriches events with location data from IP address + lookups + functions: + - id: lookup + filter: "true" + conf: + file: ip_locations.csv + dbLookup: false + matchMode: exact + reloadPeriodSec: -1 + inFields: + - eventField: destination_ip + lookupField: ip + outFields: + - lookupField: location + eventField: location + defaultValue: Unknown + addToEvent: false + ignoreCase: false + PipelineExamplesMask: + summary: Pipeline with mask function redacting sensitive data using pattern + matching and replacement + value: + id: mask-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that masks Social Security numbers and other sensitive data + functions: + - id: mask + filter: "true" + conf: + rules: + - matchRegex: /(social=)(\d+)/ + replaceExpr: "`${g1}${C.Mask.md5(g2)}`" + disabled: false + fields: + - _raw + depth: 5 + PipelineExamplesNumerify: + summary: Pipeline with numerify function converting string numbers to numeric type + value: + id: numerify-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that converts string numbers to numeric type for + mathematical operations + functions: + - id: numerify + filter: "true" + conf: + depth: 5 + ignoreFields: [] + filterExpr: "" + format: none + PipelineExamplesOTLPLogs: + summary: Pipeline with OTLP logs function normalizing and batching OpenTelemetry + log events + value: + id: otlp-logs-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that normalizes and batches OTLP log events from + OpenTelemetry sources + functions: + - id: otlp_logs + filter: __inputId=='open_telemetry:open_telemetry' + conf: + dropNonLogEvents: false + batchOTLPLogs: true + sendBatchSize: 8192 + timeout: 200 + sendBatchMaxSize: 0 + metadataKeys: [] + metadataCardinalityLimit: 1000 + PipelineExamplesOTLPMetrics: + summary: Pipeline with OTLP metrics function converting dimensional metrics to + OpenTelemetry format + value: + id: otlp-metrics-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that converts dimensional metrics to OTLP format and + batches them by resource attributes + functions: + - id: otlp_metrics + filter: __inputId=='prometheus_rw:prom_rw_in' + conf: + resourceAttributePrefixes: + - service + - system + - telemetry + - k8s + - cloud + - host + - process + dropNonMetricEvents: false + otlpVersion: 0.10.0 + batchOTLPMetrics: true + sendBatchSize: 8192 + timeout: 200 + sendBatchMaxSize: 0 + metadataKeys: [] + metadataCardinalityLimit: 1000 + PipelineExamplesOTLPTraces: + summary: Pipeline with OTLP traces function normalizing and batching + OpenTelemetry trace events + value: + id: otlp-traces-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that normalizes and batches OTLP trace events from + OpenTelemetry sources + functions: + - id: otlp_traces + filter: __inputId=='open_telemetry:open_telemetry' + conf: + dropNonTraceEvents: false + otlpVersion: 0.10.0 + batchOTLPTraces: true + sendBatchSize: 8192 + timeout: 200 + sendBatchMaxSize: 0 + metadataKeys: [] + metadataCardinalityLimit: 1000 + PipelineExamplesParser: + summary: Pipeline with parser function extracting fields from key-value pairs + value: + id: parser-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that extracts fields from key-value pair formatted data + functions: + - id: serde + filter: "true" + conf: + mode: extract + type: kvp + srcField: _raw + keep: + - a + - b + - c + remove: + - "*" + cleanFields: false + PipelineExamplesPublishMetrics: + summary: Pipeline with publish metrics function extracting and formatting + metrics from events + value: + id: publish-metrics-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that extracts metrics from events and formats them for + metrics aggregation platforms + functions: + - id: publish_metrics + filter: "true" + conf: + fields: + - inFieldName: bytes + outFieldExpr: "'metric_name.bytes'" + metricType: gauge + - inFieldName: packets + outFieldExpr: "'metric_name.packets'" + metricType: gauge + overwrite: false + dimensions: + - action + - interface_id + - dstaddr + removeMetrics: [] + removeDimensions: [] + PipelineExamplesRedis: + summary: Pipeline with Redis function interacting with Redis stores to set and + get key-value pairs value: - id: exabeam-output - type: exabeam - bucket: my-bucket - region: us-east1 - endpoint: https://storage.googleapis.com - stagePath: /tmp/staging - collectorInstanceId: 11112222-3333-4444-5555-666677778888 - OutputCreateExamplesDiskSpool: - summary: Disk Spool + id: redis-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that retrieves values from Redis using GET command + functions: + - id: redis + filter: "true" + conf: + commands: + - outField: cached_value + command: get + keyExpr: "'user_session'" + argsExpr: "" + deploymentType: standalone + url: "'redis://localhost:6379/0'" + authType: none + maxBlockSecs: 60 + PipelineExamplesRegexExtract: + summary: Pipeline with regex extract function extracting fields from events + using regular expressions with named capture groups value: - id: disk-spool-output - type: disk_spool - path: /var/spool/cribl - OutputCreateExamplesClickHouse: - summary: ClickHouse + id: regex-extract-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that extracts structured fields from log data using regex + patterns with named capture groups + functions: + - id: regex_extract + filter: "true" + conf: + regex: /metric1=(?\d+)/ + source: _raw + iterations: 100 + overwrite: false + PipelineExamplesRegexFilter: + summary: Pipeline with regex filter function filtering out events based on + regular expression matches value: - id: clickhouse-output - type: click_house - url: http://localhost:8123/ - database: mydb - tableName: mytable - OutputCreateExamplesLocalSearchStorage: - summary: Local Search Storage + id: regex-filter-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that filters out events matching specific regex patterns + functions: + - id: regex_filter + filter: "true" + conf: + regex: /Opera/ + field: _raw + PipelineExamplesRename: + summary: Pipeline with rename function changing or reformatting field names + within events value: - id: local-search-storage-output - type: local_search_storage - url: http://localhost:8123/ - database: default - tableName: mytable - OutputCreateExamplesXsiam: - summary: XSIAM + id: rename-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that renames fields using key-value pairs and expressions + functions: + - id: rename + filter: "true" + conf: + rename: + - currentName: level + newName: LEVEL + renameExpr: "name.startsWith('out') ? name.toUpperCase() : name" + baseFields: [] + wildcardDepth: 5 + PipelineExamplesRollupMetrics: + summary: Pipeline with rollup metrics function consolidating high-frequency + metrics into time windows value: - id: xsiam-output - type: xsiam - endpoint: https://api.paloaltonetworks.com - apiKey: your-api-key - OutputCreateExamplesNetflow: - summary: Netflow + id: rollup-metrics-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that consolidates high-frequency metrics into manageable + time windows + functions: + - id: rollup_metrics + filter: "true" + conf: + dimensions: + - "*" + timeWindow: 30s + gaugeRollup: last + PipelineExamplesSampling: + summary: Pipeline with sampling function filtering events based on criteria and + sampling rates value: - id: netflow-output - type: netflow - hosts: - - host: localhost - port: 2055 - OutputCreateExamplesDynatraceHttp: - summary: Dynatrace HTTP + id: sampling-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that samples events at specified rates based on filter + criteria + functions: + - id: sampling + filter: "true" + conf: + rules: + - filter: __status == 200 + rate: 5 + PipelineExamplesSerialize: + summary: Pipeline with serialize function converting event content into + predefined formats value: - id: dynatrace-http-output - type: dynatrace_http - format: json_array - endpoint: cloud - telemetryType: logs - authType: token - token: your-api-key - OutputCreateExamplesDatabricks: - summary: Databricks + id: serialize-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that serializes event fields into JSON format + functions: + - id: serialize + filter: "true" + conf: + type: json + fields: + - city + - state + srcField: "" + dstField: _raw + PipelineExamplesSNMPTrapSerialize: + summary: Pipeline with SNMP trap serialize function converting compliant events + into SNMP traps value: - id: databricks-output - type: databricks - workspaceId: your-workspace-id - scope: all-apis - clientId: your-client-id - clientTextSecret: your-client-secret - catalog: main - schema: external - eventsVolumeName: events - OutputTestExamplesSingleEvent: - summary: Send a single test event - description: Example request body for sending a single test event to the Destination. + id: snmp-trap-serialize-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that serializes events into SNMP trap format for SNMP trap + destinations + functions: + - id: snmp_trap_serialize + filter: "true" + conf: + strict: true + dropFailedEvents: true + PipelineExamplesSuppress: + summary: Pipeline with suppress function suppressing duplicate events based on + key expressions value: - events: - - _raw: This is a test event - source: test - sourcetype: manual - OutputTestExamplesMultipleEvents: - summary: Send multiple test events - description: Example request body for sending multiple test events to the Destination. + id: suppress-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that suppresses duplicate events based on a key expression + functions: + - id: suppress + filter: "true" + conf: + keyExpr: "`${ip}:${port}`" + allow: 1 + suppressPeriodSec: 30 + dropEventsMode: true + maxCacheSize: 50000 + cacheIdleTimeoutPeriods: 2 + numEventsIdleTimeoutTrigger: 10000 + PipelineExamplesTee: + summary: Pipeline with tee function sending events to a command via stdin for + debugging and verification value: - events: - - _raw: Test event 1 - source: test - sourcetype: manual - - _raw: Test event 2 - source: test - sourcetype: manual - OutputExamplesDefault: - summary: Default + id: tee-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that sends events to a command via stdin for debugging + purposes + functions: + - id: tee + filter: "true" + conf: + command: tee + args: + - /opt/cribl/foo.log + restartOnExit: true + env: {} + PipelineExamplesUnroll: + summary: Pipeline with unroll function breaking array fields into individual + events value: - id: default-output - type: default - defaultId: my-default-output - PipelineExamplesEmpty: + id: unroll-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that unrolls array fields into separate events + functions: + - id: unroll + filter: "true" + conf: + srcExpr: _raw.split(/\n/) + dstField: _raw + PipelineExamplesXMLUnroll: + summary: Pipeline with XML unroll function converting XML elements into + individual events + value: + id: xml-unroll-pipeline + conf: + output: default + streamtags: [] + groups: {} + asyncFuncTimeout: 1000 + description: Pipeline that unrolls XML elements into separate events + functions: + - id: xml_unroll + filter: "true" + conf: + unroll: ^Parent\.Child$ + inherit: ^Parent\.(myID|branchLocation)$ + unrollIdxField: unroll_idx + pretty: false + UpdatePipelineExamplesEmpty: summary: New empty Pipeline value: id: empty-pipeline @@ -50122,8 +62242,12 @@ components: asyncFuncTimeout: 1000 functions: [] description: "" - PipelineExamplesAggregations: - summary: Pipeline with aggregation function summing rejected bytes grouped by source address + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesAggregations: + summary: Pipeline with aggregation function summing rejected bytes grouped by + source address value: id: aggregation-pipeline conf: @@ -50131,7 +62255,8 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that aggregates rejected bytes grouped by source address every 10 seconds + description: Pipeline that aggregates rejected bytes grouped by source address + every 10 seconds functions: - id: aggregation filter: "true" @@ -50148,8 +62273,12 @@ components: cumulative: false shouldTreatDotsAsLiterals: false flushOnInputClose: true - PipelineExamplesAggregateMetrics: - summary: Pipeline with aggregate metrics function computing statistics on process metrics + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesAggregateMetrics: + summary: Pipeline with aggregate metrics function computing statistics on + process metrics value: id: aggregate-metrics-pipeline conf: @@ -50157,10 +62286,16 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: "Pipeline that aggregates process metrics: CPU, memory, and bytes over time windows" + description: "Pipeline that aggregates process metrics: CPU, memory, and bytes + over time windows" functions: - id: aggregate_metrics - filter: (_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes("'proc.cpu_perc'")) || (_metric == 'proc.mem_perc' || __criblMetrics[0].nameExpr.includes("'proc.mem_perc'")) || (_metric == 'proc.bytes_in' || __criblMetrics[0].nameExpr.includes("'proc.bytes_in'")) + filter: (_metric == 'proc.cpu_perc' || + __criblMetrics[0].nameExpr.includes("'proc.cpu_perc'")) || + (_metric == 'proc.mem_perc' || + __criblMetrics[0].nameExpr.includes("'proc.mem_perc'")) || + (_metric == 'proc.bytes_in' || + __criblMetrics[0].nameExpr.includes("'proc.bytes_in'")) conf: passthrough: false preserveGroupBys: false @@ -50178,8 +62313,12 @@ components: cumulative: false shouldTreatDotsAsLiterals: true flushOnInputClose: true - PipelineExamplesAutoTimestamp: - summary: Pipeline with auto timestamp function extracting timestamps from event data + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesAutoTimestamp: + summary: Pipeline with auto timestamp function extracting timestamps from event + data value: id: auto-timestamp-pipeline conf: @@ -50187,7 +62326,8 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that extracts timestamps from event data using auto timestamp function + description: Pipeline that extracts timestamps from event data using auto + timestamp function functions: - id: auto_timestamp filter: "true" @@ -50204,8 +62344,12 @@ components: timestamps: - regex: /(\d{1,2}\/\d{2}\/\d{4}\s\d{1,2}:\d{2}:\d{2}\s\w{2})/ strptime: "%Y-%m-%d %H:%M:%S" - PipelineExamplesCEFSerializer: - summary: Pipeline with CEF serializer function formatting events in Common Event Format + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesCEFSerializer: + summary: Pipeline with CEF serializer function formatting events in Common Event + Format value: id: cef-serializer-pipeline conf: @@ -50213,7 +62357,8 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that formats events in CEF format with custom header and extension fields + description: Pipeline that formats events in CEF format with custom header and + extension fields functions: - id: cef filter: "true" @@ -50237,8 +62382,12 @@ components: extension: - name: c6a1Label value: "'Colorado_Ext_Bldg7'" - PipelineExamplesChain: - summary: Pipeline with chain function connecting to another pipeline for sequential processing + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesChain: + summary: Pipeline with chain function connecting to another pipeline for + sequential processing value: id: chain-pipeline conf: @@ -50246,14 +62395,19 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that chains to another pipeline for sequential data processing + description: Pipeline that chains to another pipeline for sequential data + processing functions: - id: chain filter: "true" conf: processor: prometheus_metrics - PipelineExamplesClone: - summary: Pipeline with clone function creating copies of events with additional fields + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesClone: + summary: Pipeline with clone function creating copies of events with additional + fields value: id: clone-pipeline conf: @@ -50261,7 +62415,8 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that creates cloned events with additional fields for comparison or routing + description: Pipeline that creates cloned events with additional fields for + comparison or routing functions: - id: clone filter: "true" @@ -50269,7 +62424,10 @@ components: clones: - env: staging - index: clones - PipelineExamplesComment: + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesComment: summary: Pipeline with comment function adding documentation annotations value: id: comment-pipeline @@ -50283,8 +62441,12 @@ components: - id: comment filter: "true" conf: - comment: This function processes security events and enriches them with DNS lookups - PipelineExamplesDNSLookup: + comment: This function processes security events and enriches them with DNS + lookups + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesDNSLookup: summary: Pipeline with DNS lookup function resolving hostnames and IP addresses value: id: dns-lookup-pipeline @@ -50293,7 +62455,8 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that performs DNS lookups to resolve hostnames and IP addresses + description: Pipeline that performs DNS lookups to resolve hostnames and IP + addresses functions: - id: dns_lookup filter: "true" @@ -50310,8 +62473,12 @@ components: useResolvConf: false lookupFallback: false lookupFailLogLevel: error - PipelineExamplesDrop: - summary: Pipeline with drop function filtering out events matching specified criteria + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesDrop: + summary: Pipeline with drop function filtering out events matching specified + criteria value: id: drop-pipeline conf: @@ -50324,8 +62491,12 @@ components: - id: drop filter: _raw.search(/success/i)>=0 conf: {} - PipelineExamplesDropDimensions: - summary: Pipeline with drop dimensions function reducing metric cardinality by removing dimensions + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesDropDimensions: + summary: Pipeline with drop dimensions function reducing metric cardinality by + removing dimensions value: id: drop-dimensions-pipeline conf: @@ -50333,10 +62504,13 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that drops specified dimensions from metrics to reduce cardinality + description: Pipeline that drops specified dimensions from metrics to reduce + cardinality functions: - id: drop_dimensions - filter: (_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes("'proc.cpu_perc'")) && (__criblMetrics[0].dims.includes("proc")) + filter: (_metric == 'proc.cpu_perc' || + __criblMetrics[0].nameExpr.includes("'proc.cpu_perc'")) && + (__criblMetrics[0].dims.includes("proc")) conf: timeWindow: 10s dropDimensions: @@ -50344,8 +62518,12 @@ components: - pie - unit flushOnInputClose: true - PipelineExamplesDynamicSampling: - summary: Pipeline with dynamic sampling function automatically adjusting sample rates based on event volume + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesDynamicSampling: + summary: Pipeline with dynamic sampling function automatically adjusting sample + rates based on event volume value: id: dynamic-sampling-pipeline conf: @@ -50353,7 +62531,8 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that dynamically samples events based on volume using square root mode + description: Pipeline that dynamically samples events based on volume using + square root mode functions: - id: dynamic_sampling filter: "true" @@ -50363,8 +62542,12 @@ components: samplePeriod: 20 minEvents: 3 maxSampleRate: 3 - PipelineExamplesEval: - summary: Pipeline with eval function adding, modifying, and removing event fields using JavaScript expressions + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesEval: + summary: Pipeline with eval function adding, modifying, and removing event + fields using JavaScript expressions value: id: eval-pipeline conf: @@ -50372,7 +62555,8 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that evaluates JavaScript expressions to add, modify, and remove fields + description: Pipeline that evaluates JavaScript expressions to add, modify, and + remove fields functions: - id: eval filter: "true" @@ -50389,8 +62573,12 @@ components: - myTags remove: - identification - PipelineExamplesEventBreaker: - summary: Pipeline with event breaker function splitting large blobs or streams into discrete events + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesEventBreaker: + summary: Pipeline with event breaker function splitting large blobs or streams + into discrete events value: id: event-breaker-pipeline conf: @@ -50398,7 +62586,8 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that breaks large event streams into discrete events using regex + description: Pipeline that breaks large event streams into discrete events using + regex functions: - id: event_breaker filter: "true" @@ -50415,8 +62604,12 @@ components: timestampEarliest: -420weeks timestampLatest: +1week shouldMarkCriblBreaker: true - PipelineExamplesFlatten: - summary: Pipeline with flatten function pulling nested fields up to a higher level in the object + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesFlatten: + summary: Pipeline with flatten function pulling nested fields up to a higher + level in the object value: id: flatten-pipeline conf: @@ -50433,8 +62626,12 @@ components: prefix: "" depth: 5 delimiter: _ - PipelineExamplesFoldKeys: - summary: Pipeline with fold keys function transforming flat field names into nested structures + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesFoldKeys: + summary: Pipeline with fold keys function transforming flat field names into + nested structures value: id: fold-keys-pipeline conf: @@ -50442,7 +62639,8 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that transforms flat field names with separators into nested structures + description: Pipeline that transforms flat field names with separators into + nested structures functions: - id: foldkeys filter: "true" @@ -50450,8 +62648,12 @@ components: deleteOriginal: true separator: _ selectionRegExp: ^data - PipelineExamplesGeoIP: - summary: Pipeline with GeoIP function enriching events with geographic information based on IP addresses + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesGeoIP: + summary: Pipeline with GeoIP function enriching events with geographic + information based on IP addresses value: id: geoip-pipeline conf: @@ -50470,8 +62672,12 @@ components: additionalFields: - extraInField: src_ip extraOutField: src_geoip - PipelineExamplesGrok: - summary: Pipeline with grok function extracting structured fields from unstructured log data using patterns + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesGrok: + summary: Pipeline with grok function extracting structured fields from + unstructured log data using patterns value: id: grok-pipeline conf: @@ -50479,16 +62685,22 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that extracts structured fields from log data using Grok patterns + description: Pipeline that extracts structured fields from log data using Grok + patterns functions: - id: grok filter: "true" conf: - pattern: "%{TIMESTAMP_ISO8601:event_time} %{LOGLEVEL:log_level} %{GREEDYDATA:log_message}" + pattern: "%{TIMESTAMP_ISO8601:event_time} %{LOGLEVEL:log_level} + %{GREEDYDATA:log_message}" source: _raw patternList: [] - PipelineExamplesGuard: - summary: Pipeline with guard function detecting and protecting sensitive data using AI-driven scanning rulesets + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesGuard: + summary: Pipeline with guard function detecting and protecting sensitive data + using AI-driven scanning rulesets value: id: guard-pipeline conf: @@ -50496,7 +62708,8 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that scans for sensitive data and applies mitigation expressions + description: Pipeline that scans for sensitive data and applies mitigation + expressions functions: - id: sensitive_data_scanner filter: "true" @@ -50512,8 +62725,12 @@ components: - name: _sensitive value: "true" includeDetectedRules: true - PipelineExamplesJSONUnroll: - summary: Pipeline with JSON unroll function exploding arrays of objects into individual events + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesJSONUnroll: + summary: Pipeline with JSON unroll function exploding arrays of objects into + individual events value: id: json-unroll-pipeline conf: @@ -50521,15 +62738,20 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that unrolls JSON arrays into individual events while retaining parent fields + description: Pipeline that unrolls JSON arrays into individual events while + retaining parent fields functions: - id: json_unroll filter: "true" conf: path: allCars name: cars - PipelineExamplesLookup: - summary: Pipeline with lookup function enriching events with external fields from lookup tables + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesLookup: + summary: Pipeline with lookup function enriching events with external fields + from lookup tables value: id: lookup-pipeline conf: @@ -50537,7 +62759,8 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that enriches events with location data from IP address lookups + description: Pipeline that enriches events with location data from IP address + lookups functions: - id: lookup filter: "true" @@ -50555,8 +62778,12 @@ components: defaultValue: Unknown addToEvent: false ignoreCase: false - PipelineExamplesMask: - summary: Pipeline with mask function redacting sensitive data using pattern matching and replacement + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesMask: + summary: Pipeline with mask function redacting sensitive data using pattern + matching and replacement value: id: mask-pipeline conf: @@ -50576,7 +62803,10 @@ components: fields: - _raw depth: 5 - PipelineExamplesNumerify: + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesNumerify: summary: Pipeline with numerify function converting string numbers to numeric type value: id: numerify-pipeline @@ -50585,7 +62815,8 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that converts string numbers to numeric type for mathematical operations + description: Pipeline that converts string numbers to numeric type for + mathematical operations functions: - id: numerify filter: "true" @@ -50594,8 +62825,12 @@ components: ignoreFields: [] filterExpr: "" format: none - PipelineExamplesOTLPLogs: - summary: Pipeline with OTLP logs function normalizing and batching OpenTelemetry log events + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesOTLPLogs: + summary: Pipeline with OTLP logs function normalizing and batching OpenTelemetry + log events value: id: otlp-logs-pipeline conf: @@ -50603,7 +62838,8 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that normalizes and batches OTLP log events from OpenTelemetry sources + description: Pipeline that normalizes and batches OTLP log events from + OpenTelemetry sources functions: - id: otlp_logs filter: __inputId=='open_telemetry:open_telemetry' @@ -50615,8 +62851,12 @@ components: sendBatchMaxSize: 0 metadataKeys: [] metadataCardinalityLimit: 1000 - PipelineExamplesOTLPMetrics: - summary: Pipeline with OTLP metrics function converting dimensional metrics to OpenTelemetry format + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesOTLPMetrics: + summary: Pipeline with OTLP metrics function converting dimensional metrics to + OpenTelemetry format value: id: otlp-metrics-pipeline conf: @@ -50624,7 +62864,8 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that converts dimensional metrics to OTLP format and batches them by resource attributes + description: Pipeline that converts dimensional metrics to OTLP format and + batches them by resource attributes functions: - id: otlp_metrics filter: __inputId=='prometheus_rw:prom_rw_in' @@ -50645,8 +62886,12 @@ components: sendBatchMaxSize: 0 metadataKeys: [] metadataCardinalityLimit: 1000 - PipelineExamplesOTLPTraces: - summary: Pipeline with OTLP traces function normalizing and batching OpenTelemetry trace events + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesOTLPTraces: + summary: Pipeline with OTLP traces function normalizing and batching + OpenTelemetry trace events value: id: otlp-traces-pipeline conf: @@ -50654,7 +62899,8 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that normalizes and batches OTLP trace events from OpenTelemetry sources + description: Pipeline that normalizes and batches OTLP trace events from + OpenTelemetry sources functions: - id: otlp_traces filter: __inputId=='open_telemetry:open_telemetry' @@ -50667,7 +62913,10 @@ components: sendBatchMaxSize: 0 metadataKeys: [] metadataCardinalityLimit: 1000 - PipelineExamplesParser: + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesParser: summary: Pipeline with parser function extracting fields from key-value pairs value: id: parser-pipeline @@ -50691,8 +62940,12 @@ components: remove: - "*" cleanFields: false - PipelineExamplesPublishMetrics: - summary: Pipeline with publish metrics function extracting and formatting metrics from events + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesPublishMetrics: + summary: Pipeline with publish metrics function extracting and formatting + metrics from events value: id: publish-metrics-pipeline conf: @@ -50700,7 +62953,8 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that extracts metrics from events and formats them for metrics aggregation platforms + description: Pipeline that extracts metrics from events and formats them for + metrics aggregation platforms functions: - id: publish_metrics filter: "true" @@ -50719,8 +62973,12 @@ components: - dstaddr removeMetrics: [] removeDimensions: [] - PipelineExamplesRedis: - summary: Pipeline with Redis function interacting with Redis stores to set and get key-value pairs + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesRedis: + summary: Pipeline with Redis function interacting with Redis stores to set and + get key-value pairs value: id: redis-pipeline conf: @@ -50742,8 +63000,12 @@ components: url: "'redis://localhost:6379/0'" authType: none maxBlockSecs: 60 - PipelineExamplesRegexExtract: - summary: Pipeline with regex extract function extracting fields from events using regular expressions with named capture groups + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesRegexExtract: + summary: Pipeline with regex extract function extracting fields from events + using regular expressions with named capture groups value: id: regex-extract-pipeline conf: @@ -50751,7 +63013,8 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that extracts structured fields from log data using regex patterns with named capture groups + description: Pipeline that extracts structured fields from log data using regex + patterns with named capture groups functions: - id: regex_extract filter: "true" @@ -50760,8 +63023,12 @@ components: source: _raw iterations: 100 overwrite: false - PipelineExamplesRegexFilter: - summary: Pipeline with regex filter function filtering out events based on regular expression matches + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesRegexFilter: + summary: Pipeline with regex filter function filtering out events based on + regular expression matches value: id: regex-filter-pipeline conf: @@ -50776,8 +63043,12 @@ components: conf: regex: /Opera/ field: _raw - PipelineExamplesRename: - summary: Pipeline with rename function changing or reformatting field names within events + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesRename: + summary: Pipeline with rename function changing or reformatting field names + within events value: id: rename-pipeline conf: @@ -50796,8 +63067,12 @@ components: renameExpr: "name.startsWith('out') ? name.toUpperCase() : name" baseFields: [] wildcardDepth: 5 - PipelineExamplesRollupMetrics: - summary: Pipeline with rollup metrics function consolidating high-frequency metrics into time windows + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesRollupMetrics: + summary: Pipeline with rollup metrics function consolidating high-frequency + metrics into time windows value: id: rollup-metrics-pipeline conf: @@ -50805,7 +63080,8 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that consolidates high-frequency metrics into manageable time windows + description: Pipeline that consolidates high-frequency metrics into manageable + time windows functions: - id: rollup_metrics filter: "true" @@ -50814,8 +63090,12 @@ components: - "*" timeWindow: 30s gaugeRollup: last - PipelineExamplesSampling: - summary: Pipeline with sampling function filtering events based on criteria and sampling rates + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesSampling: + summary: Pipeline with sampling function filtering events based on criteria and + sampling rates value: id: sampling-pipeline conf: @@ -50823,7 +63103,8 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that samples events at specified rates based on filter criteria + description: Pipeline that samples events at specified rates based on filter + criteria functions: - id: sampling filter: "true" @@ -50831,8 +63112,12 @@ components: rules: - filter: __status == 200 rate: 5 - PipelineExamplesSerialize: - summary: Pipeline with serialize function converting event content into predefined formats + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesSerialize: + summary: Pipeline with serialize function converting event content into + predefined formats value: id: serialize-pipeline conf: @@ -50851,8 +63136,12 @@ components: - state srcField: "" dstField: _raw - PipelineExamplesSNMPTrapSerialize: - summary: Pipeline with SNMP trap serialize function converting compliant events into SNMP traps + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesSNMPTrapSerialize: + summary: Pipeline with SNMP trap serialize function converting compliant events + into SNMP traps value: id: snmp-trap-serialize-pipeline conf: @@ -50860,15 +63149,20 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that serializes events into SNMP trap format for SNMP trap destinations + description: Pipeline that serializes events into SNMP trap format for SNMP trap + destinations functions: - id: snmp_trap_serialize filter: "true" conf: strict: true dropFailedEvents: true - PipelineExamplesSuppress: - summary: Pipeline with suppress function suppressing duplicate events based on key expressions + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesSuppress: + summary: Pipeline with suppress function suppressing duplicate events based on + key expressions value: id: suppress-pipeline conf: @@ -50888,8 +63182,12 @@ components: maxCacheSize: 50000 cacheIdleTimeoutPeriods: 2 numEventsIdleTimeoutTrigger: 10000 - PipelineExamplesTee: - summary: Pipeline with tee function sending events to a command via stdin for debugging and verification + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesTee: + summary: Pipeline with tee function sending events to a command via stdin for + debugging and verification value: id: tee-pipeline conf: @@ -50897,7 +63195,8 @@ components: streamtags: [] groups: {} asyncFuncTimeout: 1000 - description: Pipeline that sends events to a command via stdin for debugging purposes + description: Pipeline that sends events to a command via stdin for debugging + purposes functions: - id: tee filter: "true" @@ -50907,8 +63206,12 @@ components: - /opt/cribl/foo.log restartOnExit: true env: {} - PipelineExamplesUnroll: - summary: Pipeline with unroll function breaking array fields into individual events + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesUnroll: + summary: Pipeline with unroll function breaking array fields into individual + events value: id: unroll-pipeline conf: @@ -50923,8 +63226,12 @@ components: conf: srcExpr: _raw.split(/\n/) dstField: _raw - PipelineExamplesXMLUnroll: - summary: Pipeline with XML unroll function converting XML elements into individual events + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. + UpdatePipelineExamplesXMLUnroll: + summary: Pipeline with XML unroll function converting XML elements into + individual events value: id: xml-unroll-pipeline conf: @@ -50941,9 +63248,16 @@ components: inherit: ^Parent\.(myID|branchLocation)$ unrollIdxField: unroll_idx pretty: false + description: Example request body for updating a Pipeline.

The request + body must include a complete representation of the Pipeline that you + want to update. This endpoint does not support partial updates. RoutesUpdateExamplesBasicRoute: summary: Update Routes with a basic Route configuration - description: "Example request body for updating the default Routes table (id: default) with a simple Route that filters access.log events and sends them to the main Pipeline" + description: "Example request body for updating the default Routes table + (id: default) with a simple Route that filters access.log + events and sends them to the main Pipeline.

The request body + must include a complete representation of the Routing table that you + want to update. This endpoint does not support partial updates." value: id: default routes: @@ -50955,7 +63269,11 @@ components: final: true RoutesUpdateExamplesMultipleRoutes: summary: Update Routes with multiple Routes and a catch-all - description: "Example request body for updating the default Routes table (id: default) with multiple specific Routes evaluated in order, followed by a default catch-all Route" + description: "Example request body for updating the default Routes table + (id: default) with multiple specific Routes evaluated in + order, followed by a default catch-all Route.

The request body + must include a complete representation of the Routing table that you + want to update. This endpoint does not support partial updates." value: id: default routes: @@ -50989,7 +63307,12 @@ components: final: true RoutesUpdateExamplesRouteWithOutputExpression: summary: Update Routes with dynamic Destination expression - description: "Example request body for updating the default Routes table (id: default) with a Route that uses a JavaScript expression to dynamically determine the Destination" + description: "Example request body for updating the default Routes table + (id: default) with a Route that uses a JavaScript + expression to dynamically determine the Destination.

The + request body must include a complete representation of the Routing table + that you want to update. This endpoint does not support partial + updates." value: id: default routes: @@ -51003,7 +63326,13 @@ components: final: true RoutesUpdateExamplesRouteWithDefaults: summary: Update the basic Route configuration - description: "Example request body for updating the default Routes table (id: default) with a basic Route that omits the id and final fields. The server generates a deterministic id and sets final to true by default." + description: "Example request body for updating the default Routes table + (id: default) with a basic Route that omits the + id and final fields. The server generates a + deterministic id and sets final to + true by default.

The request body must include a + complete representation of the Routing table that you want to update. + This endpoint does not support partial updates." value: id: default routes: @@ -51023,7 +63352,8 @@ components: final: true RoutesAppendExamplesMultipleRoutes: summary: Append multiple Routes to the Routing table - description: "Add multiple Routes to the end of the default Routes table (id: default)" + description: "Add multiple Routes to the end of the default Routes table (id: + default)" value: - id: route-audit name: audit @@ -51041,7 +63371,9 @@ components: final: false RoutesAppendExamplesRouteWithOutputExpression: summary: Append a Route with dynamic Destination expression - description: "Add a Route to the end of the default Routes table (id: default) that uses a JavaScript expression to dynamically determine the Destination" + description: "Add a Route to the end of the default Routes table (id: default) + that uses a JavaScript expression to dynamically determine the + Destination" value: - id: route-dynamic-append name: dynamic-append @@ -51053,7 +63385,11 @@ components: final: true RoutesAppendExamplesRouteWithDefaults: summary: Append a Route omitting optional id and final fields - description: "Example request body for adding a Route to the end of the default Routes table (id: default) omitting the id and final fields. The server generates a deterministic id and sets final to true by default." + description: "Example request body for adding a Route to the end of the default + Routes table (id: default) omitting the id and + final fields. The server generates a deterministic + id and sets final to true by + default." value: - name: new-route pipeline: main @@ -51166,7 +63502,8 @@ components: containerName: "'data-container'" pattern: "'*.json'" authType: manual - connectionString: "'DefaultEndpointsProtocol=https;AccountName=mystorageaccount;AccountKey=...'" + connectionString: "'DefaultEndpointsProtocol=https;AccountName=mystorageaccount\ + ;AccountKey=...'" pipelines: - data-pipeline destinations: @@ -51194,7 +63531,8 @@ components: bucket: "'my-gcs-bucket'" path: "'data/'" authType: manual - serviceAccountCredentials: "'{ \"type\": \"service_account\", \"project_id\": \"my-project\", \"private_key_id\": \"key123\" }'" + serviceAccountCredentials: "'{ \"type\": \"service_account\", \"project_id\": + \"my-project\", \"private_key_id\": \"key123\" }'" pipelines: - csv-processing destinations: @@ -51314,7 +63652,8 @@ components: - analytics-platform CreateGroupExamplesCloudWg: summary: Create a Worker Group in Cribl.Cloud - description: Worker Group on Cribl.Cloud with estimated ingest rate of 2048 (24 MB/s, 9 Worker Processes) + description: Example request body for creating a Worker Group on Cribl.Cloud + sized for a low-ingest deployment. value: id: goatCloudIanWg name: goatcloudianwg @@ -51356,10 +63695,15 @@ components: onPrem: true UpdateGroupExamplesScaleCloudWorkerGroup: summary: Scale a Cribl.Cloud Worker Group by updating estimated ingest rate + description: Example request body for scaling a Cribl.Cloud Worker Group to + handle higher throughput.

The request body must include a + complete representation of the Group or Fleet that you want to update. + This endpoint does not support partial updates. value: id: goatCloudIanWg name: goatcloudianwg - description: Scaled Worker Group with estimated ingest rate of 4096 (48 MB/s, 21 Worker Processes) for increased capacity + description: Scaled Worker Group with estimated ingest rate of 4096 (48 MB/s, 21 + Worker Processes) for increased capacity cloud: provider: aws region: us-west-2 @@ -51375,6 +63719,10 @@ components: lookupDeployments: [] UpdateGroupExamplesUpdateOnPremWorkerGroup: summary: Update a customer-managed Worker Group + description: Example request body for updating a customer-managed Worker + Group.

The request body must include a complete representation + of the Group or Fleet that you want to update. This endpoint does not + support partial updates. value: id: goatOnPremIanWg name: goatonpremianwg @@ -51389,7 +63737,8 @@ components: lookupDeployments: [] LakeDatasetCreateExamplesJsonDataset: summary: Create a Lake Dataset in JSON format - description: Example request body for creating a Lake Dataset in JSON format with a 90-day retention period. + description: Example request body for creating a Lake Dataset in JSON format + with a 90-day retention period. value: id: web_access_logs description: Web server access logs @@ -51401,7 +63750,8 @@ components: - status LakeDatasetCreateExamplesParquetDataset: summary: Create a Lake Dataset in Parquet format - description: Example request body for creating a Lake Dataset in Parquet format with a 365-day retention period and search configuration. + description: Example request body for creating a Lake Dataset in Parquet format + with a 365-day retention period and search configuration. value: id: security_events description: Security event data in Parquet format @@ -51414,17 +63764,20 @@ components: - crowdstrike_fdr LakeDatasetCreateExamplesMinimalDataset: summary: Create a minimal Lake Dataset - description: Example request body for creating a Lake Dataset with only the required body parameters. + description: Example request body for creating a Lake Dataset with only the + required body parameters. value: id: app_logs LakeDatasetUpdateExamplesUpdateRetention: summary: Update the retention period for a Lake Dataset - description: Example request body for updating the retention period for an existing Lake Dataset. + description: Example request body for updating the retention period for an + existing Lake Dataset. value: retentionPeriodInDays: 180 LakeDatasetUpdateExamplesUpdateDescription: summary: Update description and accelerated fields for a Lake Dataset - description: Example request body for updating the description and accelerated fields for an existing Lake Dataset. + description: Example request body for updating the description and accelerated + fields for an existing Lake Dataset. value: description: Web server access logs with accelerated fields. acceleratedFields: @@ -51474,13 +63827,18 @@ components: status: healthy startTime: 1700000000000 role: primary + overlay: + state: inactive Health420ExamplesShuttingDown: summary: Shutting down (primary) - description: Example response for a server that is acting as primary and is in the process of shutting down. + description: Example response for a server that is acting as primary and is in + the process of shutting down. value: status: shutting down startTime: 1700000000000 role: primary + overlay: + state: inactive Health420ExamplesStandby: summary: Standby description: Example response for a server that is in standby mode. @@ -51488,6 +63846,8 @@ components: status: standby startTime: 1700000000000 role: standby + overlay: + state: inactive PackInstallExamplesPackDispensary: summary: Install from the Pack Dispensary value: @@ -51525,7 +63885,8 @@ components: source: https://github.com/criblpacks/cribl-palo-alto-networks/releases/download/1.1.4/cribl-palo-alto-networks-a3e5a19d-1.1.4.crbl UpdateSystemSettingsExamplesUpdateApiSettings: summary: Update API server settings - description: Example request body for updating the existing Cribl API server settings for host, port, SSL configuration, and Worker Process. + description: Example request body for updating the Cribl API server network and + TLS settings. value: api: host: 0.0.0.0 @@ -51570,12 +63931,14 @@ components: rollbackEnabled: true VersionCommitExamplesCommitAll: summary: Commit all pending changes - description: Example request body for committing all pending changes to the Cribl configuration. + description: Example request body for committing all pending changes to the + Cribl configuration. value: message: Updated pipeline configuration for syslog parsing VersionCommitExamplesCommitSpecificFiles: summary: Commit changes in specific files - description: Example request body for committing a subset of configuration changes by specifying the files to include in the commit. + description: Example request body for committing a subset of configuration + changes to specific files. value: message: Update Route and Pipeline for HTTP Sources effective: true @@ -51589,7 +63952,8 @@ components: commit: a1b2c3d4e5f6 VersionRevertExamplesForceRevertWithMessage: summary: Force revert a commit with a custom message - description: Example request body for force reverting a specific commit that includes a custom message for the revert commit. + description: Example request body for force reverting a specific commit that + includes a custom message for the revert commit. value: commit: a1b2c3d4e5f6 message: Revert commit due to misconfiguration in Pipeline settings @@ -51599,7 +63963,10 @@ security: - clientOauth: [] tags: - name: auth - description: Actions related to authentication. Do not use the /auth endpoints in Cribl.Cloud deployments. Instead, follow the instructions at https://docs.cribl.io/stream/api-tutorials/#criblcloud to authenticate for Cribl.Cloud. + description: Actions related to authentication. Do not use the /auth endpoints + in Cribl.Cloud deployments. Instead, follow the instructions at + https://docs.cribl.io/stream/api-tutorials/#criblcloud to authenticate for + Cribl.Cloud. x-cribl-availability: both - name: collectors description: Actions related to Collectors @@ -51653,220 +64020,51 @@ tags: description: Actions related to Workers x-cribl-availability: both paths: - /lib/database-connections: + /auth/login: post: - operationId: createDatabaseConnectionConfig - tags: - - databaseConnections - x-speakeasy-group: databaseConnections - x-speakeasy-name-override: create - x-cribl-internal: false - x-cribl-availability: both - summary: Create Database Connection - description: Create a new Database Connection. - responses: - "200": - description: The created DatabaseConnectionConfig object in a single-item list. - content: - application/json: - schema: - $ref: "#/components/schemas/CountedDatabaseConnectionConfig" - "401": - description: Authentication failed (missing or invalid credentials or Bearer token). - "500": - description: Unexpected server error. - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - requestBody: - description: DatabaseConnectionConfig object. - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/DatabaseConnectionConfig" - examples: - DatabaseConnectionExamplesMySQLWithConnectionString: - $ref: "#/components/examples/DatabaseConnectionExamplesMySQLWithConnectionString" - DatabaseConnectionExamplesMySQLWithSecret: - $ref: "#/components/examples/DatabaseConnectionExamplesMySQLWithSecret" - DatabaseConnectionExamplesPostgreSQLWithConnectionString: - $ref: "#/components/examples/DatabaseConnectionExamplesPostgreSQLWithConnectionString" - DatabaseConnectionExamplesPostgreSQLWithSecret: - $ref: "#/components/examples/DatabaseConnectionExamplesPostgreSQLWithSecret" - DatabaseConnectionExamplesSQLServerWithConnectionString: - $ref: "#/components/examples/DatabaseConnectionExamplesSQLServerWithConnectionString" - DatabaseConnectionExamplesSQLServerWithSecret: - $ref: "#/components/examples/DatabaseConnectionExamplesSQLServerWithSecret" - DatabaseConnectionExamplesSQLServerWithConfigObject: - $ref: "#/components/examples/DatabaseConnectionExamplesSQLServerWithConfigObject" - DatabaseConnectionExamplesOracleWithConnectionString: - $ref: "#/components/examples/DatabaseConnectionExamplesOracleWithConnectionString" - DatabaseConnectionExamplesOracleWithSecret: - $ref: "#/components/examples/DatabaseConnectionExamplesOracleWithSecret" - DatabaseConnectionExamplesOracleWithCredentialsSecrets: - $ref: "#/components/examples/DatabaseConnectionExamplesOracleWithCredentialsSecrets" - /lib/database-connections/{id}: - delete: - operationId: deleteDatabaseConnectionConfigById - tags: - - databaseConnections - x-speakeasy-group: databaseConnections - x-speakeasy-name-override: delete - x-cribl-internal: false - x-cribl-availability: both - summary: Delete a Database Connection - description: Delete the specified Database Connection. - responses: - "200": - description: The deleted DatabaseConnectionConfig object in a single-item list. - content: - application/json: - schema: - $ref: "#/components/schemas/CountedDatabaseConnectionConfig" - "401": - description: Authentication failed (missing or invalid credentials or Bearer token). - "500": - description: Unexpected server error. - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: id - in: path - required: true - schema: - type: string - description: The id of the Database Connection to delete. - get: - operationId: getDatabaseConnectionConfigById - tags: - - databaseConnections - x-speakeasy-group: databaseConnections - x-speakeasy-name-override: get - x-cribl-internal: false - x-cribl-availability: both - summary: Get a Database Connection - description: Get the specified Database Connection. - responses: - "200": - description: List of DatabaseConnectionConfig objects. - content: - application/json: - schema: - $ref: "#/components/schemas/CountedDatabaseConnectionConfig" - "401": - description: Authentication failed (missing or invalid credentials or Bearer token). - "404": - description: Database Connection not found - "500": - description: Unexpected server error. - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: id - in: path - required: true - schema: - type: string - description: The id of the Database Connection to get. - patch: - operationId: updateDatabaseConnectionConfigById - tags: - - databaseConnections - x-speakeasy-group: databaseConnections - x-speakeasy-name-override: update - x-cribl-internal: false - x-cribl-availability: both - summary: Update a Database Connection - description: Update the specified Database Connection.

Provide a complete representation of the Database Connection that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Database Connection.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Database Connection might not function as expected. - responses: - "200": - description: The updated DatabaseConnectionConfig object in a single-item list. - content: - application/json: - schema: - $ref: "#/components/schemas/CountedDatabaseConnectionConfig" - "401": - description: Authentication failed (missing or invalid credentials or Bearer token). - "500": - description: Unexpected server error. - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - requestBody: - description: DatabaseConnectionConfig object. - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/DatabaseConnectionConfig" - examples: - DatabaseConnectionExamplesMySQLWithConnectionString: - $ref: "#/components/examples/DatabaseConnectionExamplesMySQLWithConnectionString" - DatabaseConnectionExamplesMySQLWithSecret: - $ref: "#/components/examples/DatabaseConnectionExamplesMySQLWithSecret" - DatabaseConnectionExamplesPostgreSQLWithConnectionString: - $ref: "#/components/examples/DatabaseConnectionExamplesPostgreSQLWithConnectionString" - DatabaseConnectionExamplesPostgreSQLWithSecret: - $ref: "#/components/examples/DatabaseConnectionExamplesPostgreSQLWithSecret" - DatabaseConnectionExamplesSQLServerWithConnectionString: - $ref: "#/components/examples/DatabaseConnectionExamplesSQLServerWithConnectionString" - DatabaseConnectionExamplesSQLServerWithSecret: - $ref: "#/components/examples/DatabaseConnectionExamplesSQLServerWithSecret" - DatabaseConnectionExamplesSQLServerWithConfigObject: - $ref: "#/components/examples/DatabaseConnectionExamplesSQLServerWithConfigObject" - DatabaseConnectionExamplesOracleWithConnectionString: - $ref: "#/components/examples/DatabaseConnectionExamplesOracleWithConnectionString" - DatabaseConnectionExamplesOracleWithSecret: - $ref: "#/components/examples/DatabaseConnectionExamplesOracleWithSecret" - DatabaseConnectionExamplesOracleWithCredentialsSecrets: - $ref: "#/components/examples/DatabaseConnectionExamplesOracleWithCredentialsSecrets" - parameters: - - name: id - in: path - required: true - schema: - type: string - description: The id of the Database Connection to update. - /functions/{id}: - get: - operationId: getFunctionsById + operationId: createAuthLogin tags: - - functions - x-speakeasy-group: functions + - auth + x-speakeasy-group: auth.tokens x-speakeasy-name-override: get x-cribl-internal: false x-cribl-availability: both - summary: Get a Function - description: Get the specified Function. + summary: Log in and fetch an authentication token + description: This endpoint is unavailable on Cribl.Cloud. Instead, follow the + instructions at https://docs.cribl.io/stream/api-tutorials/#criblcloud + to get an Auth token for Cribl.Cloud. + security: [] responses: "200": - description: a list of Function objects + description: Authentication token content: application/json: schema: - $ref: "#/components/schemas/CountedFunctionResponse" + $ref: "#/components/schemas/AuthToken" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Invalid credentials or authentication failed + "429": + description: Rate limit exceeded + headers: + retry-after: + description: Number of seconds the client should wait before retrying the + request + schema: + type: integer + example: 60 "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - parameters: - - name: id - in: path - required: true - schema: - type: string - description: The id of the Function to get. + requestBody: + description: LoginInfo object. + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/LoginInfo" /functions: get: operationId: getFunctions @@ -51886,553 +64084,212 @@ paths: schema: $ref: "#/components/schemas/CountedFunctionResponse" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - /system/inputs: + /functions/{id}: get: - operationId: listInput - x-speakeasy-group: sources - x-cribl-internal: false - x-cribl-availability: both - x-speakeasy-name-override: list + operationId: getFunctionsById tags: - - sources - summary: List all Sources - description: Get a list of all Sources. - responses: - "200": - description: a list of Source objects - content: - application/json: - schema: - $ref: "#/components/schemas/CountedInputResponse" - "401": - description: Authentication failed (missing or invalid credentials or Bearer token). - "500": - description: Unexpected server error. - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: type - in: query - required: false - schema: - $ref: "#/components/schemas/SourceType" - description: Type of Source to include in the results. Each request can include only one type parameter; multiple parameters per request are not supported. - post: - operationId: createInput - x-speakeasy-group: sources + - functions + x-speakeasy-group: functions + x-speakeasy-name-override: get x-cribl-internal: false x-cribl-availability: both - x-speakeasy-name-override: create - tags: - - sources - summary: Create a Source - description: Create a new Source. The system-managed provenance field (JSON criblSourceProvenance) must be omitted from the request body. - requestBody: - description: Input object. - required: true - content: - application/json: - schema: - allOf: - - $ref: "#/components/schemas/Input" - - type: object - required: - - id - examples: - InputCreateExamplesAnthropicCompliance: - $ref: "#/components/examples/InputCreateExamplesAnthropicCompliance" - InputCreateExamplesAppleUnifiedLogs: - $ref: "#/components/examples/InputCreateExamplesAppleUnifiedLogs" - InputCreateExamplesAppscope: - $ref: "#/components/examples/InputCreateExamplesAppscope" - InputCreateExamplesAzureBlob: - $ref: "#/components/examples/InputCreateExamplesAzureBlob" - InputCreateExamplesCloudflareHec: - $ref: "#/components/examples/InputCreateExamplesCloudflareHec" - InputCreateExamplesConfluentCloud: - $ref: "#/components/examples/InputCreateExamplesConfluentCloud" - InputCreateExamplesCollection: - $ref: "#/components/examples/InputCreateExamplesCollection" - InputCreateExamplesCriblHttp: - $ref: "#/components/examples/InputCreateExamplesCriblHttp" - InputCreateExamplesCriblLakeHttp: - $ref: "#/components/examples/InputCreateExamplesCriblLakeHttp" - InputCreateExamplesCriblTcp: - $ref: "#/components/examples/InputCreateExamplesCriblTcp" - InputCreateExamplesCrowdstrike: - $ref: "#/components/examples/InputCreateExamplesCrowdstrike" - InputCreateExamplesDatadogAgent: - $ref: "#/components/examples/InputCreateExamplesDatadogAgent" - InputCreateExamplesDatagen: - $ref: "#/components/examples/InputCreateExamplesDatagen" - InputCreateExamplesEdgePrometheus: - $ref: "#/components/examples/InputCreateExamplesEdgePrometheus" - InputCreateExamplesElastic: - $ref: "#/components/examples/InputCreateExamplesElastic" - InputCreateExamplesEventhub: - $ref: "#/components/examples/InputCreateExamplesEventhub" - InputCreateExamplesEventhubAmqp: - $ref: "#/components/examples/InputCreateExamplesEventhubAmqp" - InputCreateExamplesExec: - $ref: "#/components/examples/InputCreateExamplesExec" - InputCreateExamplesFile: - $ref: "#/components/examples/InputCreateExamplesFile" - InputCreateExamplesFirehose: - $ref: "#/components/examples/InputCreateExamplesFirehose" - InputCreateExamplesGrafana: - $ref: "#/components/examples/InputCreateExamplesGrafana" - InputCreateExamplesGooglePubsub: - $ref: "#/components/examples/InputCreateExamplesGooglePubsub" - InputCreateExamplesHttp: - $ref: "#/components/examples/InputCreateExamplesHttp" - InputCreateExamplesHttpRaw: - $ref: "#/components/examples/InputCreateExamplesHttpRaw" - InputCreateExamplesJournalFiles: - $ref: "#/components/examples/InputCreateExamplesJournalFiles" - InputCreateExamplesKafka: - $ref: "#/components/examples/InputCreateExamplesKafka" - InputCreateExamplesKinesis: - $ref: "#/components/examples/InputCreateExamplesKinesis" - InputCreateExamplesKubeEvents: - $ref: "#/components/examples/InputCreateExamplesKubeEvents" - InputCreateExamplesKubeLogs: - $ref: "#/components/examples/InputCreateExamplesKubeLogs" - InputCreateExamplesKubeMetrics: - $ref: "#/components/examples/InputCreateExamplesKubeMetrics" - InputCreateExamplesLoki: - $ref: "#/components/examples/InputCreateExamplesLoki" - InputCreateExamplesMetrics: - $ref: "#/components/examples/InputCreateExamplesMetrics" - InputCreateExamplesModelDrivenTelemetry: - $ref: "#/components/examples/InputCreateExamplesModelDrivenTelemetry" - InputCreateExamplesMsk: - $ref: "#/components/examples/InputCreateExamplesMsk" - InputCreateExamplesNetflow: - $ref: "#/components/examples/InputCreateExamplesNetflow" - InputCreateExamplesOffice365Mgmt: - $ref: "#/components/examples/InputCreateExamplesOffice365Mgmt" - InputCreateExamplesMicrosoftGraph: - $ref: "#/components/examples/InputCreateExamplesMicrosoftGraph" - InputCreateExamplesOffice365MsgTrace: - $ref: "#/components/examples/InputCreateExamplesOffice365MsgTrace" - InputCreateExamplesOffice365Service: - $ref: "#/components/examples/InputCreateExamplesOffice365Service" - InputCreateExamplesOkta: - $ref: "#/components/examples/InputCreateExamplesOkta" - InputCreateExamplesOpenAI: - $ref: "#/components/examples/InputCreateExamplesOpenAI" - InputCreateExamplesOpenAIComplianceLogs: - $ref: "#/components/examples/InputCreateExamplesOpenAIComplianceLogs" - InputCreateExamplesOpenTelemetry: - $ref: "#/components/examples/InputCreateExamplesOpenTelemetry" - InputCreateExamplesPrometheus: - $ref: "#/components/examples/InputCreateExamplesPrometheus" - InputCreateExamplesPrometheusRw: - $ref: "#/components/examples/InputCreateExamplesPrometheusRw" - InputCreateExamplesRawUdp: - $ref: "#/components/examples/InputCreateExamplesRawUdp" - InputCreateExamplesS3: - $ref: "#/components/examples/InputCreateExamplesS3" - InputCreateExamplesS3Inventory: - $ref: "#/components/examples/InputCreateExamplesS3Inventory" - InputCreateExamplesSecurityLake: - $ref: "#/components/examples/InputCreateExamplesSecurityLake" - InputCreateExamplesServiceNowTable: - $ref: "#/components/examples/InputCreateExamplesServiceNowTable" - InputCreateExamplesSnmp: - $ref: "#/components/examples/InputCreateExamplesSnmp" - InputCreateExamplesSplunk: - $ref: "#/components/examples/InputCreateExamplesSplunk" - InputCreateExamplesSplunkHec: - $ref: "#/components/examples/InputCreateExamplesSplunkHec" - InputCreateExamplesSplunkSearch: - $ref: "#/components/examples/InputCreateExamplesSplunkSearch" - InputCreateExamplesSqs: - $ref: "#/components/examples/InputCreateExamplesSqs" - InputCreateExamplesSyslog: - $ref: "#/components/examples/InputCreateExamplesSyslog" - InputCreateExamplesSystemMetrics: - $ref: "#/components/examples/InputCreateExamplesSystemMetrics" - InputCreateExamplesSystemState: - $ref: "#/components/examples/InputCreateExamplesSystemState" - InputCreateExamplesTcp: - $ref: "#/components/examples/InputCreateExamplesTcp" - InputCreateExamplesTcpjson: - $ref: "#/components/examples/InputCreateExamplesTcpjson" - InputCreateExamplesWef: - $ref: "#/components/examples/InputCreateExamplesWef" - InputCreateExamplesWinEventLogs: - $ref: "#/components/examples/InputCreateExamplesWinEventLogs" - InputCreateExamplesWindowsMetrics: - $ref: "#/components/examples/InputCreateExamplesWindowsMetrics" - InputCreateExamplesWiz: - $ref: "#/components/examples/InputCreateExamplesWiz" - InputCreateExamplesWizWebhook: - $ref: "#/components/examples/InputCreateExamplesWizWebhook" - InputCreateExamplesZscalerHec: - $ref: "#/components/examples/InputCreateExamplesZscalerHec" + summary: Get a Function + description: Get the specified Function. responses: "200": - description: the created Source object + description: a list of Function objects content: application/json: schema: - $ref: "#/components/schemas/CountedInputResponse" + $ref: "#/components/schemas/CountedFunctionResponse" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - /system/inputs/{id}: - get: - operationId: getInputById - x-speakeasy-group: sources - x-cribl-internal: false - x-cribl-availability: both - x-speakeasy-name-override: get - tags: - - sources - summary: Get a Source - description: Get the specified Source. parameters: - name: id in: path required: true schema: type: string - description: The id of the Source to get. - responses: - "200": - description: a Source object - content: - application/json: - schema: - $ref: "#/components/schemas/CountedInputResponse" - "401": - description: Authentication failed (missing or invalid credentials or Bearer token). - "500": - description: Unexpected server error. - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - patch: - operationId: updateInputById - x-speakeasy-group: sources + description: The id of the Function to get. + /health: + get: + operationId: getHealth + tags: + - health + x-speakeasy-group: health + x-speakeasy-name-override: get x-cribl-internal: false x-cribl-availability: both - x-speakeasy-name-override: update - tags: - - sources - summary: Update a Source - description: Update the specified Source.

Provide a complete representation of the Source that you want to update in the request body. This endpoint does not support partial updates. Cribl removes omitted fields when updating the Source, except for criblSourceProvenance (its value is preserved when omitted and cannot be overwritten).

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Source might not function as expected. - parameters: - - name: id - in: path - required: true - schema: - type: string - description: The id of the Source to update. - requestBody: - description: Input object. - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/Input" - examples: - InputCreateExamplesAnthropicCompliance: - $ref: "#/components/examples/InputCreateExamplesAnthropicCompliance" - InputCreateExamplesAppleUnifiedLogs: - $ref: "#/components/examples/InputCreateExamplesAppleUnifiedLogs" - InputCreateExamplesAppscope: - $ref: "#/components/examples/InputCreateExamplesAppscope" - InputCreateExamplesAzureBlob: - $ref: "#/components/examples/InputCreateExamplesAzureBlob" - InputCreateExamplesCloudflareHec: - $ref: "#/components/examples/InputCreateExamplesCloudflareHec" - InputCreateExamplesConfluentCloud: - $ref: "#/components/examples/InputCreateExamplesConfluentCloud" - InputCreateExamplesCollection: - $ref: "#/components/examples/InputCreateExamplesCollection" - InputExamplesCribl: - $ref: "#/components/examples/InputExamplesCribl" - InputCreateExamplesCriblHttp: - $ref: "#/components/examples/InputCreateExamplesCriblHttp" - InputCreateExamplesCriblLakeHttp: - $ref: "#/components/examples/InputCreateExamplesCriblLakeHttp" - InputExamplesCriblMetrics: - $ref: "#/components/examples/InputExamplesCriblMetrics" - InputCreateExamplesCriblTcp: - $ref: "#/components/examples/InputCreateExamplesCriblTcp" - InputCreateExamplesCrowdstrike: - $ref: "#/components/examples/InputCreateExamplesCrowdstrike" - InputCreateExamplesDatadogAgent: - $ref: "#/components/examples/InputCreateExamplesDatadogAgent" - InputCreateExamplesDatagen: - $ref: "#/components/examples/InputCreateExamplesDatagen" - InputCreateExamplesEdgePrometheus: - $ref: "#/components/examples/InputCreateExamplesEdgePrometheus" - InputCreateExamplesElastic: - $ref: "#/components/examples/InputCreateExamplesElastic" - InputCreateExamplesEventhub: - $ref: "#/components/examples/InputCreateExamplesEventhub" - InputCreateExamplesEventhubAmqp: - $ref: "#/components/examples/InputCreateExamplesEventhubAmqp" - InputCreateExamplesExec: - $ref: "#/components/examples/InputCreateExamplesExec" - InputCreateExamplesFile: - $ref: "#/components/examples/InputCreateExamplesFile" - InputCreateExamplesFirehose: - $ref: "#/components/examples/InputCreateExamplesFirehose" - InputCreateExamplesGrafana: - $ref: "#/components/examples/InputCreateExamplesGrafana" - InputCreateExamplesGooglePubsub: - $ref: "#/components/examples/InputCreateExamplesGooglePubsub" - InputCreateExamplesHttp: - $ref: "#/components/examples/InputCreateExamplesHttp" - InputCreateExamplesHttpRaw: - $ref: "#/components/examples/InputCreateExamplesHttpRaw" - InputCreateExamplesJournalFiles: - $ref: "#/components/examples/InputCreateExamplesJournalFiles" - InputCreateExamplesKafka: - $ref: "#/components/examples/InputCreateExamplesKafka" - InputCreateExamplesKinesis: - $ref: "#/components/examples/InputCreateExamplesKinesis" - InputCreateExamplesKubeEvents: - $ref: "#/components/examples/InputCreateExamplesKubeEvents" - InputCreateExamplesKubeLogs: - $ref: "#/components/examples/InputCreateExamplesKubeLogs" - InputCreateExamplesKubeMetrics: - $ref: "#/components/examples/InputCreateExamplesKubeMetrics" - InputCreateExamplesLoki: - $ref: "#/components/examples/InputCreateExamplesLoki" - InputCreateExamplesMetrics: - $ref: "#/components/examples/InputCreateExamplesMetrics" - InputCreateExamplesModelDrivenTelemetry: - $ref: "#/components/examples/InputCreateExamplesModelDrivenTelemetry" - InputCreateExamplesMsk: - $ref: "#/components/examples/InputCreateExamplesMsk" - InputCreateExamplesNetflow: - $ref: "#/components/examples/InputCreateExamplesNetflow" - InputCreateExamplesOffice365Mgmt: - $ref: "#/components/examples/InputCreateExamplesOffice365Mgmt" - InputCreateExamplesMicrosoftGraph: - $ref: "#/components/examples/InputCreateExamplesMicrosoftGraph" - InputCreateExamplesOffice365MsgTrace: - $ref: "#/components/examples/InputCreateExamplesOffice365MsgTrace" - InputCreateExamplesOffice365Service: - $ref: "#/components/examples/InputCreateExamplesOffice365Service" - InputCreateExamplesOkta: - $ref: "#/components/examples/InputCreateExamplesOkta" - InputCreateExamplesOpenAI: - $ref: "#/components/examples/InputCreateExamplesOpenAI" - InputCreateExamplesOpenAIComplianceLogs: - $ref: "#/components/examples/InputCreateExamplesOpenAIComplianceLogs" - InputCreateExamplesOpenTelemetry: - $ref: "#/components/examples/InputCreateExamplesOpenTelemetry" - InputCreateExamplesPrometheus: - $ref: "#/components/examples/InputCreateExamplesPrometheus" - InputCreateExamplesPrometheusRw: - $ref: "#/components/examples/InputCreateExamplesPrometheusRw" - InputCreateExamplesRawUdp: - $ref: "#/components/examples/InputCreateExamplesRawUdp" - InputCreateExamplesS3: - $ref: "#/components/examples/InputCreateExamplesS3" - InputCreateExamplesS3Inventory: - $ref: "#/components/examples/InputCreateExamplesS3Inventory" - InputCreateExamplesSecurityLake: - $ref: "#/components/examples/InputCreateExamplesSecurityLake" - InputCreateExamplesServiceNowTable: - $ref: "#/components/examples/InputCreateExamplesServiceNowTable" - InputCreateExamplesSnmp: - $ref: "#/components/examples/InputCreateExamplesSnmp" - InputCreateExamplesSplunk: - $ref: "#/components/examples/InputCreateExamplesSplunk" - InputCreateExamplesSplunkHec: - $ref: "#/components/examples/InputCreateExamplesSplunkHec" - InputCreateExamplesSplunkSearch: - $ref: "#/components/examples/InputCreateExamplesSplunkSearch" - InputCreateExamplesSqs: - $ref: "#/components/examples/InputCreateExamplesSqs" - InputCreateExamplesSyslog: - $ref: "#/components/examples/InputCreateExamplesSyslog" - InputCreateExamplesSystemMetrics: - $ref: "#/components/examples/InputCreateExamplesSystemMetrics" - InputCreateExamplesSystemState: - $ref: "#/components/examples/InputCreateExamplesSystemState" - InputCreateExamplesTcp: - $ref: "#/components/examples/InputCreateExamplesTcp" - InputCreateExamplesTcpjson: - $ref: "#/components/examples/InputCreateExamplesTcpjson" - InputCreateExamplesWef: - $ref: "#/components/examples/InputCreateExamplesWef" - InputCreateExamplesWinEventLogs: - $ref: "#/components/examples/InputCreateExamplesWinEventLogs" - InputCreateExamplesWindowsMetrics: - $ref: "#/components/examples/InputCreateExamplesWindowsMetrics" - InputCreateExamplesWiz: - $ref: "#/components/examples/InputCreateExamplesWiz" - InputCreateExamplesWizWebhook: - $ref: "#/components/examples/InputCreateExamplesWizWebhook" - InputCreateExamplesZscalerHec: - $ref: "#/components/examples/InputCreateExamplesZscalerHec" + summary: Get the health status of the server + description: Get the current health status of the server (Leader or Worker + Node). In Distributed deployments, requests routed to a Worker or Edge + node using the [host + context](https://docs.cribl.io/cribl-as-code/api#base-url-group-fleet-host) + require a Bearer token for + [authentication](https://docs.cribl.io/cribl-as-code/api-auth/). + security: + - {} + - bearerAuth: [] + - clientOauth: [] responses: "200": - description: the updated Source object - content: - application/json: - schema: - $ref: "#/components/schemas/CountedInputResponse" - "401": - description: Authentication failed (missing or invalid credentials or Bearer token). - "500": - description: Unexpected server error. + description: Healthy status content: application/json: schema: - $ref: "#/components/schemas/Error" - delete: - operationId: deleteInputById - x-speakeasy-group: sources - x-cribl-internal: false - x-cribl-availability: both - x-speakeasy-name-override: delete - tags: - - sources - summary: Delete a Source - description: Delete the specified Source. - parameters: - - name: id - in: path - required: true - schema: - type: string - description: The id of the Source to delete. - responses: - "200": - description: the deleted Source object + $ref: "#/components/schemas/HealthServerStatus" + examples: + HealthExamplesHealthyPrimary: + $ref: "#/components/examples/HealthExamplesHealthyPrimary" + "420": + description: Server is shutting down or in standby mode content: application/json: schema: - $ref: "#/components/schemas/CountedInputResponse" - "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + $ref: "#/components/schemas/HealthServerStatus" + examples: + Health420ExamplesShuttingDown: + $ref: "#/components/examples/Health420ExamplesShuttingDown" + Health420ExamplesStandby: + $ref: "#/components/examples/Health420ExamplesStandby" "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - /system/inputs/{id}/hectoken: - post: - operationId: createInputHecTokenById + /lib/database-connections: + get: + operationId: getDatabaseConnectionConfig tags: - - sources - x-speakeasy-group: sources.hecTokens - x-speakeasy-name-override: create + - databaseConnections + x-speakeasy-group: databaseConnections + x-speakeasy-name-override: list x-cribl-internal: false x-cribl-availability: both - summary: Add an HEC token and optional metadata to a Splunk HEC Source - description: Add an HEC token and optional metadata to the specified Splunk HEC Source. + summary: List Database Connections + description: Get a list of all Database Connections. responses: "200": - description: the updated Splunk HEC Source with the new HEC token + description: List of DatabaseConnectionConfig objects. content: application/json: schema: - $ref: "#/components/schemas/CountedInputSplunkHec" + $ref: "#/components/schemas/CountedDatabaseConnectionConfig" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - requestBody: - description: AddHecTokenRequest object. - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/AddHecTokenRequest" - examples: - HecTokenExamplesHecToken: - $ref: "#/components/examples/HecTokenExamplesHecToken" - HecTokenExamplesHecTokenWithIndexAccess: - $ref: "#/components/examples/HecTokenExamplesHecTokenWithIndexAccess" parameters: - - name: id - in: path - required: true + - name: databaseType + in: query + required: false schema: - type: string - description: The id of the Splunk HEC Source. - /system/inputs/{id}/pq: - delete: - operationId: deleteInputPqById + $ref: "#/components/schemas/DatabaseConnectionType" + description: Type of Database Connections to include in the results. + post: + operationId: createDatabaseConnectionConfig tags: - - sources - x-speakeasy-group: sources.pq - x-speakeasy-name-override: clear + - databaseConnections + x-speakeasy-group: databaseConnections + x-speakeasy-name-override: create x-cribl-internal: false x-cribl-availability: both - summary: Clear the persistent queue for a Source - description: Clear the persistent queue (PQ) for the specified Source. + summary: Create Database Connection + description: Create a new Database Connection. responses: - "201": - description: A list of job ids for the background job that clears the persistent queue + "200": + description: The created DatabaseConnectionConfig object in a single-item list. content: application/json: schema: - $ref: "#/components/schemas/CountedString" + $ref: "#/components/schemas/CountedDatabaseConnectionConfig" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - parameters: - - name: id - in: path - required: true - schema: - type: string - description: The id of the Source to clear the PQ for. + requestBody: + description: DatabaseConnectionConfig object. + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/DatabaseConnectionConfig" + examples: + DatabaseConnectionExamplesMySQLWithConnectionString: + $ref: "#/components/examples/DatabaseConnectionExamplesMySQLWithConnectionStrin\ + g" + DatabaseConnectionExamplesMySQLWithSecret: + $ref: "#/components/examples/DatabaseConnectionExamplesMySQLWithSecret" + DatabaseConnectionExamplesPostgreSQLWithConnectionString: + $ref: "#/components/examples/DatabaseConnectionExamplesPostgreSQLWithConnection\ + String" + DatabaseConnectionExamplesPostgreSQLWithSecret: + $ref: "#/components/examples/DatabaseConnectionExamplesPostgreSQLWithSecret" + DatabaseConnectionExamplesSQLServerWithConnectionString: + $ref: "#/components/examples/DatabaseConnectionExamplesSQLServerWithConnectionS\ + tring" + DatabaseConnectionExamplesSQLServerWithSecret: + $ref: "#/components/examples/DatabaseConnectionExamplesSQLServerWithSecret" + DatabaseConnectionExamplesSQLServerWithConfigObject: + $ref: "#/components/examples/DatabaseConnectionExamplesSQLServerWithConfigObjec\ + t" + DatabaseConnectionExamplesOracleWithConnectionString: + $ref: "#/components/examples/DatabaseConnectionExamplesOracleWithConnectionStri\ + ng" + DatabaseConnectionExamplesOracleWithSecret: + $ref: "#/components/examples/DatabaseConnectionExamplesOracleWithSecret" + DatabaseConnectionExamplesOracleWithCredentialsSecrets: + $ref: "#/components/examples/DatabaseConnectionExamplesOracleWithCredentialsSec\ + rets" + /lib/database-connections/{id}: get: - operationId: getInputPqById + operationId: getDatabaseConnectionConfigById tags: - - sources - x-speakeasy-group: sources.pq + - databaseConnections + x-speakeasy-group: databaseConnections x-speakeasy-name-override: get x-cribl-internal: false x-cribl-availability: both - summary: Get information about the latest job to clear the persistent queue for a Source - description: Get information about the latest job to clear the persistent queue (PQ) for the specified Source. + summary: Get a Database Connection + description: Get the specified Database Connection. responses: "200": - description: information about the latest job to clear the PQ for the Source + description: List of DatabaseConnectionConfig objects. content: application/json: schema: - $ref: "#/components/schemas/CountedJobInfo" + $ref: "#/components/schemas/CountedDatabaseConnectionConfig" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). + "404": + description: Database Connection not found "500": description: Unexpected server error. content: @@ -52445,27 +64302,34 @@ paths: required: true schema: type: string - description: The id of the Source to get PQ job information for. - /system/inputs/{id}/hectoken/{token}: + description: The id of the Database Connection to get. patch: - operationId: updateInputHecTokenByIdAndToken + operationId: updateDatabaseConnectionConfigById tags: - - sources - x-speakeasy-group: sources.hecTokens + - databaseConnections + x-speakeasy-group: databaseConnections x-speakeasy-name-override: update x-cribl-internal: false x-cribl-availability: both - summary: Update metadata for an HEC token for a Splunk HEC Source - description: Update the metadata for the specified HEC token for the specified Splunk HEC Source. + summary: Update a Database Connection + description: Update the specified Database Connection.

Provide a + complete representation of the Database Connection that you want to + update in the request body. This endpoint does not support partial + updates. Cribl removes any omitted fields when updating the Database + Connection.

Confirm that the configuration in your request body + is correct before sending the request. If the configuration is + incorrect, the updated Database Connection might not function as + expected. responses: "200": - description: the updated HEC token + description: The updated DatabaseConnectionConfig object in a single-item list. content: application/json: schema: - $ref: "#/components/schemas/CountedInputSplunkHec" + $ref: "#/components/schemas/CountedDatabaseConnectionConfig" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -52473,50 +64337,68 @@ paths: schema: $ref: "#/components/schemas/Error" requestBody: - description: UpdateHecTokenRequest object. + description: DatabaseConnectionConfig object. required: true content: application/json: schema: - $ref: "#/components/schemas/UpdateHecTokenRequest" + $ref: "#/components/schemas/DatabaseConnectionConfig" examples: - HecTokenExamplesHecToken: - $ref: "#/components/examples/HecTokenExamplesHecToken" - HecTokenExamplesHecTokenWithIndexAccess: - $ref: "#/components/examples/HecTokenExamplesHecTokenWithIndexAccess" + UpdateDatabaseConnectionExamplesMySQLWithConnectionString: + $ref: "#/components/examples/UpdateDatabaseConnectionExamplesMySQLWithConnectio\ + nString" + UpdateDatabaseConnectionExamplesMySQLWithSecret: + $ref: "#/components/examples/UpdateDatabaseConnectionExamplesMySQLWithSecret" + UpdateDatabaseConnectionExamplesPostgreSQLWithConnectionString: + $ref: "#/components/examples/UpdateDatabaseConnectionExamplesPostgreSQLWithConn\ + ectionString" + UpdateDatabaseConnectionExamplesPostgreSQLWithSecret: + $ref: "#/components/examples/UpdateDatabaseConnectionExamplesPostgreSQLWithSecr\ + et" + UpdateDatabaseConnectionExamplesSQLServerWithConnectionString: + $ref: "#/components/examples/UpdateDatabaseConnectionExamplesSQLServerWithConne\ + ctionString" + UpdateDatabaseConnectionExamplesSQLServerWithSecret: + $ref: "#/components/examples/UpdateDatabaseConnectionExamplesSQLServerWithSecre\ + t" + UpdateDatabaseConnectionExamplesSQLServerWithConfigObject: + $ref: "#/components/examples/UpdateDatabaseConnectionExamplesSQLServerWithConfi\ + gObject" + UpdateDatabaseConnectionExamplesOracleWithConnectionString: + $ref: "#/components/examples/UpdateDatabaseConnectionExamplesOracleWithConnecti\ + onString" + UpdateDatabaseConnectionExamplesOracleWithSecret: + $ref: "#/components/examples/UpdateDatabaseConnectionExamplesOracleWithSecret" + UpdateDatabaseConnectionExamplesOracleWithCredentialsSecrets: + $ref: "#/components/examples/UpdateDatabaseConnectionExamplesOracleWithCredenti\ + alsSecrets" parameters: - name: id in: path required: true schema: type: string - description: The id of the Splunk HEC Source. - - name: token - in: path - required: true - schema: - type: string - description: The HEC token value to update. - /p/{pack}/system/inputs: - get: - operationId: getInputSystemByPack - x-speakeasy-group: packs.sources + description: The id of the Database Connection to update. + delete: + operationId: deleteDatabaseConnectionConfigById + tags: + - databaseConnections + x-speakeasy-group: databaseConnections + x-speakeasy-name-override: delete x-cribl-internal: false x-cribl-availability: both - x-speakeasy-name-override: list - tags: - - sources - summary: List all Sources within a Pack - description: Get a list of all Sources within the specified Pack. + summary: Delete a Database Connection + description: Delete the specified Database Connection. responses: "200": - description: a list of Source objects + description: The deleted DatabaseConnectionConfig object in a single-item list. content: application/json: schema: - $ref: "#/components/schemas/CountedInputResponse" + $ref: "#/components/schemas/CountedDatabaseConnectionConfig" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -52524,181 +64406,33 @@ paths: schema: $ref: "#/components/schemas/Error" parameters: - - name: type - in: query - required: false - schema: - $ref: "#/components/schemas/SourceType" - description: Type of Source to include in the results. Each request can include only one type parameter; multiple parameters per request are not supported. - - name: pack + - name: id in: path required: true schema: type: string - description: The id of the Pack. - post: - operationId: createInputSystemByPack - x-speakeasy-group: packs.sources + description: The id of the Database Connection to delete. + /lib/jobs: + get: + operationId: getSavedJob + tags: + - collectors + x-speakeasy-group: collectors + x-speakeasy-name-override: list x-cribl-internal: false x-cribl-availability: both - x-speakeasy-name-override: create - tags: - - sources - summary: Create a Source within a Pack - description: Create a new Source. The system-managed provenance field (JSON criblSourceProvenance) must be omitted from the request body within the specified Pack. - requestBody: - description: Input object. - required: true - content: - application/json: - schema: - allOf: - - $ref: "#/components/schemas/Input" - - type: object - required: - - id - examples: - InputCreateExamplesAnthropicCompliance: - $ref: "#/components/examples/InputCreateExamplesAnthropicCompliance" - InputCreateExamplesAppleUnifiedLogs: - $ref: "#/components/examples/InputCreateExamplesAppleUnifiedLogs" - InputCreateExamplesAppscope: - $ref: "#/components/examples/InputCreateExamplesAppscope" - InputCreateExamplesAzureBlob: - $ref: "#/components/examples/InputCreateExamplesAzureBlob" - InputCreateExamplesCloudflareHec: - $ref: "#/components/examples/InputCreateExamplesCloudflareHec" - InputCreateExamplesConfluentCloud: - $ref: "#/components/examples/InputCreateExamplesConfluentCloud" - InputCreateExamplesCollection: - $ref: "#/components/examples/InputCreateExamplesCollection" - InputCreateExamplesCriblHttp: - $ref: "#/components/examples/InputCreateExamplesCriblHttp" - InputCreateExamplesCriblLakeHttp: - $ref: "#/components/examples/InputCreateExamplesCriblLakeHttp" - InputCreateExamplesCriblTcp: - $ref: "#/components/examples/InputCreateExamplesCriblTcp" - InputCreateExamplesCrowdstrike: - $ref: "#/components/examples/InputCreateExamplesCrowdstrike" - InputCreateExamplesDatadogAgent: - $ref: "#/components/examples/InputCreateExamplesDatadogAgent" - InputCreateExamplesDatagen: - $ref: "#/components/examples/InputCreateExamplesDatagen" - InputCreateExamplesEdgePrometheus: - $ref: "#/components/examples/InputCreateExamplesEdgePrometheus" - InputCreateExamplesElastic: - $ref: "#/components/examples/InputCreateExamplesElastic" - InputCreateExamplesEventhub: - $ref: "#/components/examples/InputCreateExamplesEventhub" - InputCreateExamplesEventhubAmqp: - $ref: "#/components/examples/InputCreateExamplesEventhubAmqp" - InputCreateExamplesExec: - $ref: "#/components/examples/InputCreateExamplesExec" - InputCreateExamplesFile: - $ref: "#/components/examples/InputCreateExamplesFile" - InputCreateExamplesFirehose: - $ref: "#/components/examples/InputCreateExamplesFirehose" - InputCreateExamplesGrafana: - $ref: "#/components/examples/InputCreateExamplesGrafana" - InputCreateExamplesGooglePubsub: - $ref: "#/components/examples/InputCreateExamplesGooglePubsub" - InputCreateExamplesHttp: - $ref: "#/components/examples/InputCreateExamplesHttp" - InputCreateExamplesHttpRaw: - $ref: "#/components/examples/InputCreateExamplesHttpRaw" - InputCreateExamplesJournalFiles: - $ref: "#/components/examples/InputCreateExamplesJournalFiles" - InputCreateExamplesKafka: - $ref: "#/components/examples/InputCreateExamplesKafka" - InputCreateExamplesKinesis: - $ref: "#/components/examples/InputCreateExamplesKinesis" - InputCreateExamplesKubeEvents: - $ref: "#/components/examples/InputCreateExamplesKubeEvents" - InputCreateExamplesKubeLogs: - $ref: "#/components/examples/InputCreateExamplesKubeLogs" - InputCreateExamplesKubeMetrics: - $ref: "#/components/examples/InputCreateExamplesKubeMetrics" - InputCreateExamplesLoki: - $ref: "#/components/examples/InputCreateExamplesLoki" - InputCreateExamplesMetrics: - $ref: "#/components/examples/InputCreateExamplesMetrics" - InputCreateExamplesModelDrivenTelemetry: - $ref: "#/components/examples/InputCreateExamplesModelDrivenTelemetry" - InputCreateExamplesMsk: - $ref: "#/components/examples/InputCreateExamplesMsk" - InputCreateExamplesNetflow: - $ref: "#/components/examples/InputCreateExamplesNetflow" - InputCreateExamplesOffice365Mgmt: - $ref: "#/components/examples/InputCreateExamplesOffice365Mgmt" - InputCreateExamplesMicrosoftGraph: - $ref: "#/components/examples/InputCreateExamplesMicrosoftGraph" - InputCreateExamplesOffice365MsgTrace: - $ref: "#/components/examples/InputCreateExamplesOffice365MsgTrace" - InputCreateExamplesOffice365Service: - $ref: "#/components/examples/InputCreateExamplesOffice365Service" - InputCreateExamplesOkta: - $ref: "#/components/examples/InputCreateExamplesOkta" - InputCreateExamplesOpenAI: - $ref: "#/components/examples/InputCreateExamplesOpenAI" - InputCreateExamplesOpenAIComplianceLogs: - $ref: "#/components/examples/InputCreateExamplesOpenAIComplianceLogs" - InputCreateExamplesOpenTelemetry: - $ref: "#/components/examples/InputCreateExamplesOpenTelemetry" - InputCreateExamplesPrometheus: - $ref: "#/components/examples/InputCreateExamplesPrometheus" - InputCreateExamplesPrometheusRw: - $ref: "#/components/examples/InputCreateExamplesPrometheusRw" - InputCreateExamplesRawUdp: - $ref: "#/components/examples/InputCreateExamplesRawUdp" - InputCreateExamplesS3: - $ref: "#/components/examples/InputCreateExamplesS3" - InputCreateExamplesS3Inventory: - $ref: "#/components/examples/InputCreateExamplesS3Inventory" - InputCreateExamplesSecurityLake: - $ref: "#/components/examples/InputCreateExamplesSecurityLake" - InputCreateExamplesServiceNowTable: - $ref: "#/components/examples/InputCreateExamplesServiceNowTable" - InputCreateExamplesSnmp: - $ref: "#/components/examples/InputCreateExamplesSnmp" - InputCreateExamplesSplunk: - $ref: "#/components/examples/InputCreateExamplesSplunk" - InputCreateExamplesSplunkHec: - $ref: "#/components/examples/InputCreateExamplesSplunkHec" - InputCreateExamplesSplunkSearch: - $ref: "#/components/examples/InputCreateExamplesSplunkSearch" - InputCreateExamplesSqs: - $ref: "#/components/examples/InputCreateExamplesSqs" - InputCreateExamplesSyslog: - $ref: "#/components/examples/InputCreateExamplesSyslog" - InputCreateExamplesSystemMetrics: - $ref: "#/components/examples/InputCreateExamplesSystemMetrics" - InputCreateExamplesSystemState: - $ref: "#/components/examples/InputCreateExamplesSystemState" - InputCreateExamplesTcp: - $ref: "#/components/examples/InputCreateExamplesTcp" - InputCreateExamplesTcpjson: - $ref: "#/components/examples/InputCreateExamplesTcpjson" - InputCreateExamplesWef: - $ref: "#/components/examples/InputCreateExamplesWef" - InputCreateExamplesWinEventLogs: - $ref: "#/components/examples/InputCreateExamplesWinEventLogs" - InputCreateExamplesWindowsMetrics: - $ref: "#/components/examples/InputCreateExamplesWindowsMetrics" - InputCreateExamplesWiz: - $ref: "#/components/examples/InputCreateExamplesWiz" - InputCreateExamplesWizWebhook: - $ref: "#/components/examples/InputCreateExamplesWizWebhook" - InputCreateExamplesZscalerHec: - $ref: "#/components/examples/InputCreateExamplesZscalerHec" + summary: List all Collectors + description: Get a list of all Collectors. responses: "200": - description: the created Source object + description: List of SavedJobResponse objects. content: application/json: schema: - $ref: "#/components/schemas/CountedInputResponse" + $ref: "#/components/schemas/CountedSavedJobResponse" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -52706,291 +64440,250 @@ paths: schema: $ref: "#/components/schemas/Error" parameters: - - name: pack - in: path - required: true + - name: collectorType + in: query + required: false schema: - type: string - description: The id of the Pack. - /p/{pack}/system/inputs/{id}: - get: - operationId: getInputSystemByPackAndId - x-speakeasy-group: packs.sources + $ref: "#/components/schemas/CollectorType" + description: Filter by collector type + post: + operationId: createSavedJob + tags: + - collectors + x-speakeasy-group: collectors + x-speakeasy-name-override: create x-cribl-internal: false x-cribl-availability: both - x-speakeasy-name-override: get - tags: - - sources - summary: Get a Source within a Pack - description: Get the specified Source within the specified Pack. - parameters: - - name: id - in: path - required: true - schema: - type: string - description: The id of the Source to get. - - name: pack - in: path - required: true - schema: - type: string - description: The id of the Pack. + summary: Create a Collector + description: Create a new Collector. responses: "200": - description: a Source object + description: The created SavedJobResponse object in a single-item list. content: application/json: schema: - $ref: "#/components/schemas/CountedInputResponse" + $ref: "#/components/schemas/CountedSavedJobResponse" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - patch: - operationId: updateInputSystemByPackAndId - x-speakeasy-group: packs.sources - x-cribl-internal: false - x-cribl-availability: both - x-speakeasy-name-override: update - tags: - - sources - summary: Update a Source within a Pack - description: Update the specified Source.

Provide a complete representation of the Source that you want to update in the request body. This endpoint does not support partial updates. Cribl removes omitted fields when updating the Source, except for criblSourceProvenance (its value is preserved when omitted and cannot be overwritten).

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Source might not function as expected within the specified Pack. - parameters: - - name: id - in: path - required: true - schema: - type: string - description: The id of the Source to update. - - name: pack - in: path - required: true - schema: - type: string - description: The id of the Pack. requestBody: - description: Input object. + description: SavedJob object. required: true content: application/json: schema: - $ref: "#/components/schemas/Input" + $ref: "#/components/schemas/SavedJob" examples: - InputCreateExamplesAnthropicCompliance: - $ref: "#/components/examples/InputCreateExamplesAnthropicCompliance" - InputCreateExamplesAppleUnifiedLogs: - $ref: "#/components/examples/InputCreateExamplesAppleUnifiedLogs" - InputCreateExamplesAppscope: - $ref: "#/components/examples/InputCreateExamplesAppscope" - InputCreateExamplesAzureBlob: - $ref: "#/components/examples/InputCreateExamplesAzureBlob" - InputCreateExamplesCloudflareHec: - $ref: "#/components/examples/InputCreateExamplesCloudflareHec" - InputCreateExamplesConfluentCloud: - $ref: "#/components/examples/InputCreateExamplesConfluentCloud" - InputCreateExamplesCollection: - $ref: "#/components/examples/InputCreateExamplesCollection" - InputExamplesCribl: - $ref: "#/components/examples/InputExamplesCribl" - InputCreateExamplesCriblHttp: - $ref: "#/components/examples/InputCreateExamplesCriblHttp" - InputCreateExamplesCriblLakeHttp: - $ref: "#/components/examples/InputCreateExamplesCriblLakeHttp" - InputExamplesCriblMetrics: - $ref: "#/components/examples/InputExamplesCriblMetrics" - InputCreateExamplesCriblTcp: - $ref: "#/components/examples/InputCreateExamplesCriblTcp" - InputCreateExamplesCrowdstrike: - $ref: "#/components/examples/InputCreateExamplesCrowdstrike" - InputCreateExamplesDatadogAgent: - $ref: "#/components/examples/InputCreateExamplesDatadogAgent" - InputCreateExamplesDatagen: - $ref: "#/components/examples/InputCreateExamplesDatagen" - InputCreateExamplesEdgePrometheus: - $ref: "#/components/examples/InputCreateExamplesEdgePrometheus" - InputCreateExamplesElastic: - $ref: "#/components/examples/InputCreateExamplesElastic" - InputCreateExamplesEventhub: - $ref: "#/components/examples/InputCreateExamplesEventhub" - InputCreateExamplesEventhubAmqp: - $ref: "#/components/examples/InputCreateExamplesEventhubAmqp" - InputCreateExamplesExec: - $ref: "#/components/examples/InputCreateExamplesExec" - InputCreateExamplesFile: - $ref: "#/components/examples/InputCreateExamplesFile" - InputCreateExamplesFirehose: - $ref: "#/components/examples/InputCreateExamplesFirehose" - InputCreateExamplesGrafana: - $ref: "#/components/examples/InputCreateExamplesGrafana" - InputCreateExamplesGooglePubsub: - $ref: "#/components/examples/InputCreateExamplesGooglePubsub" - InputCreateExamplesHttp: - $ref: "#/components/examples/InputCreateExamplesHttp" - InputCreateExamplesHttpRaw: - $ref: "#/components/examples/InputCreateExamplesHttpRaw" - InputCreateExamplesJournalFiles: - $ref: "#/components/examples/InputCreateExamplesJournalFiles" - InputCreateExamplesKafka: - $ref: "#/components/examples/InputCreateExamplesKafka" - InputCreateExamplesKinesis: - $ref: "#/components/examples/InputCreateExamplesKinesis" - InputCreateExamplesKubeEvents: - $ref: "#/components/examples/InputCreateExamplesKubeEvents" - InputCreateExamplesKubeLogs: - $ref: "#/components/examples/InputCreateExamplesKubeLogs" - InputCreateExamplesKubeMetrics: - $ref: "#/components/examples/InputCreateExamplesKubeMetrics" - InputCreateExamplesLoki: - $ref: "#/components/examples/InputCreateExamplesLoki" - InputCreateExamplesMetrics: - $ref: "#/components/examples/InputCreateExamplesMetrics" - InputCreateExamplesModelDrivenTelemetry: - $ref: "#/components/examples/InputCreateExamplesModelDrivenTelemetry" - InputCreateExamplesMsk: - $ref: "#/components/examples/InputCreateExamplesMsk" - InputCreateExamplesNetflow: - $ref: "#/components/examples/InputCreateExamplesNetflow" - InputCreateExamplesOffice365Mgmt: - $ref: "#/components/examples/InputCreateExamplesOffice365Mgmt" - InputCreateExamplesMicrosoftGraph: - $ref: "#/components/examples/InputCreateExamplesMicrosoftGraph" - InputCreateExamplesOffice365MsgTrace: - $ref: "#/components/examples/InputCreateExamplesOffice365MsgTrace" - InputCreateExamplesOffice365Service: - $ref: "#/components/examples/InputCreateExamplesOffice365Service" - InputCreateExamplesOkta: - $ref: "#/components/examples/InputCreateExamplesOkta" - InputCreateExamplesOpenAI: - $ref: "#/components/examples/InputCreateExamplesOpenAI" - InputCreateExamplesOpenAIComplianceLogs: - $ref: "#/components/examples/InputCreateExamplesOpenAIComplianceLogs" - InputCreateExamplesOpenTelemetry: - $ref: "#/components/examples/InputCreateExamplesOpenTelemetry" - InputCreateExamplesPrometheus: - $ref: "#/components/examples/InputCreateExamplesPrometheus" - InputCreateExamplesPrometheusRw: - $ref: "#/components/examples/InputCreateExamplesPrometheusRw" - InputCreateExamplesRawUdp: - $ref: "#/components/examples/InputCreateExamplesRawUdp" - InputCreateExamplesS3: - $ref: "#/components/examples/InputCreateExamplesS3" - InputCreateExamplesS3Inventory: - $ref: "#/components/examples/InputCreateExamplesS3Inventory" - InputCreateExamplesSecurityLake: - $ref: "#/components/examples/InputCreateExamplesSecurityLake" - InputCreateExamplesServiceNowTable: - $ref: "#/components/examples/InputCreateExamplesServiceNowTable" - InputCreateExamplesSnmp: - $ref: "#/components/examples/InputCreateExamplesSnmp" - InputCreateExamplesSplunk: - $ref: "#/components/examples/InputCreateExamplesSplunk" - InputCreateExamplesSplunkHec: - $ref: "#/components/examples/InputCreateExamplesSplunkHec" - InputCreateExamplesSplunkSearch: - $ref: "#/components/examples/InputCreateExamplesSplunkSearch" - InputCreateExamplesSqs: - $ref: "#/components/examples/InputCreateExamplesSqs" - InputCreateExamplesSyslog: - $ref: "#/components/examples/InputCreateExamplesSyslog" - InputCreateExamplesSystemMetrics: - $ref: "#/components/examples/InputCreateExamplesSystemMetrics" - InputCreateExamplesSystemState: - $ref: "#/components/examples/InputCreateExamplesSystemState" - InputCreateExamplesTcp: - $ref: "#/components/examples/InputCreateExamplesTcp" - InputCreateExamplesTcpjson: - $ref: "#/components/examples/InputCreateExamplesTcpjson" - InputCreateExamplesWef: - $ref: "#/components/examples/InputCreateExamplesWef" - InputCreateExamplesWinEventLogs: - $ref: "#/components/examples/InputCreateExamplesWinEventLogs" - InputCreateExamplesWindowsMetrics: - $ref: "#/components/examples/InputCreateExamplesWindowsMetrics" - InputCreateExamplesWiz: - $ref: "#/components/examples/InputCreateExamplesWiz" - InputCreateExamplesWizWebhook: - $ref: "#/components/examples/InputCreateExamplesWizWebhook" - InputCreateExamplesZscalerHec: - $ref: "#/components/examples/InputCreateExamplesZscalerHec" + CollectorExamplesRest: + $ref: "#/components/examples/CollectorExamplesRest" + CollectorExamplesS3: + $ref: "#/components/examples/CollectorExamplesS3" + CollectorExamplesFilesystem: + $ref: "#/components/examples/CollectorExamplesFilesystem" + CollectorExamplesAzureBlob: + $ref: "#/components/examples/CollectorExamplesAzureBlob" + CollectorExamplesGoogleCloudStorage: + $ref: "#/components/examples/CollectorExamplesGoogleCloudStorage" + CollectorExamplesDatabase: + $ref: "#/components/examples/CollectorExamplesDatabase" + CollectorExamplesSplunk: + $ref: "#/components/examples/CollectorExamplesSplunk" + CollectorExamplesScript: + $ref: "#/components/examples/CollectorExamplesScript" + CollectorExamplesCriblLake: + $ref: "#/components/examples/CollectorExamplesCriblLake" + /lib/jobs/{id}: + get: + operationId: getSavedJobById + tags: + - collectors + x-speakeasy-group: collectors + x-speakeasy-name-override: get + x-cribl-internal: false + x-cribl-availability: both + summary: Get a Collector + description: Get the specified Collector. + responses: + "200": + description: List of SavedJobResponse objects. + content: + application/json: + schema: + $ref: "#/components/schemas/CountedSavedJobResponse" + "401": + description: Authentication failed (missing or invalid credentials or Bearer + token). + "500": + description: Unexpected server error. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + parameters: + - name: id + in: path + required: true + schema: + type: string + description: The id of the Collector to get. + patch: + operationId: updateSavedJobById + tags: + - collectors + x-speakeasy-group: collectors + x-speakeasy-name-override: update + x-cribl-internal: false + x-cribl-availability: both + summary: Update a Collector + description: Update the specified Collector.

Provide a complete + representation of the Collector that you want to update in the request + body. This endpoint does not support partial updates. Cribl removes any + omitted fields when updating the Collector.

Confirm that the + configuration in your request body is correct before sending the + request. If the configuration is incorrect, the updated Collector might + not function as expected. responses: "200": - description: the updated Source object + description: The updated SavedJobResponse object in a single-item list. content: application/json: schema: - $ref: "#/components/schemas/CountedInputResponse" + $ref: "#/components/schemas/CountedSavedJobResponse" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - delete: - operationId: deleteInputSystemByPackAndId - x-speakeasy-group: packs.sources - x-cribl-internal: false - x-cribl-availability: both - x-speakeasy-name-override: delete - tags: - - sources - summary: Delete a Source within a Pack - description: Delete the specified Source within the specified Pack. + requestBody: + description: SavedJob object. + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/SavedJob" + examples: + CollectorExamplesRest: + $ref: "#/components/examples/CollectorExamplesRest" + CollectorExamplesS3: + $ref: "#/components/examples/CollectorExamplesS3" + CollectorExamplesFilesystem: + $ref: "#/components/examples/CollectorExamplesFilesystem" + CollectorExamplesAzureBlob: + $ref: "#/components/examples/CollectorExamplesAzureBlob" + CollectorExamplesGoogleCloudStorage: + $ref: "#/components/examples/CollectorExamplesGoogleCloudStorage" + CollectorExamplesDatabase: + $ref: "#/components/examples/CollectorExamplesDatabase" + CollectorExamplesSplunk: + $ref: "#/components/examples/CollectorExamplesSplunk" + CollectorExamplesScript: + $ref: "#/components/examples/CollectorExamplesScript" + CollectorExamplesCriblLake: + $ref: "#/components/examples/CollectorExamplesCriblLake" parameters: - name: id in: path required: true schema: type: string - description: The id of the Source to delete. - - name: pack + description: The id of the Collector to update. + delete: + operationId: deleteSavedJobById + tags: + - collectors + x-speakeasy-group: collectors + x-speakeasy-name-override: delete + x-cribl-internal: false + x-cribl-availability: both + summary: Delete a Collector + description: Delete the specified Collector. + responses: + "200": + description: The deleted SavedJobResponse object in a single-item list. + content: + application/json: + schema: + $ref: "#/components/schemas/CountedSavedJobResponse" + "401": + description: Authentication failed (missing or invalid credentials or Bearer + token). + "500": + description: Unexpected server error. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + parameters: + - name: id in: path required: true schema: type: string - description: The id of the Pack. + description: The id of the Collector to delete. + /p/{pack}/pipelines: + get: + operationId: getPipelinesByPack + tags: + - pipelines + x-speakeasy-group: packs.pipelines + x-speakeasy-name-override: list + x-cribl-internal: false + x-cribl-availability: both + summary: List all Pipelines within a Pack + description: Get a list of all Pipelines within the specified Pack. responses: "200": - description: the deleted Source object + description: a list of Pipeline objects content: application/json: schema: - $ref: "#/components/schemas/CountedInputResponse" + $ref: "#/components/schemas/CountedPipeline" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - /p/{pack}/system/inputs/{id}/hectoken: + parameters: + - name: pack + in: path + required: true + schema: + type: string + description: The id of the Pack. post: - operationId: createInputSystemHecTokenByPackAndId + operationId: createPipelinesByPack tags: - - sources - x-speakeasy-group: packs.sources.hecTokens + - pipelines + x-speakeasy-group: packs.pipelines x-speakeasy-name-override: create x-cribl-internal: false x-cribl-availability: both - summary: Add an HEC token and optional metadata to a Splunk HEC Source within a Pack - description: Add an HEC token and optional metadata to the specified Splunk HEC Source within the specified Pack. + summary: Create a Pipeline within a Pack + description: Create a new Pipeline within the specified Pack. responses: "200": - description: the updated Splunk HEC Source with the new HEC token + description: a list of Pipelines objects content: application/json: schema: - $ref: "#/components/schemas/CountedInputSplunkHec" + $ref: "#/components/schemas/CountedPipeline" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -52998,50 +64691,121 @@ paths: schema: $ref: "#/components/schemas/Error" requestBody: - description: AddHecTokenRequest object. + description: Pipeline object. required: true content: application/json: schema: - $ref: "#/components/schemas/AddHecTokenRequest" + $ref: "#/components/schemas/Pipeline" examples: - HecTokenExamplesHecToken: - $ref: "#/components/examples/HecTokenExamplesHecToken" - HecTokenExamplesHecTokenWithIndexAccess: - $ref: "#/components/examples/HecTokenExamplesHecTokenWithIndexAccess" + PipelineExamplesEmpty: + $ref: "#/components/examples/PipelineExamplesEmpty" + PipelineExamplesAggregations: + $ref: "#/components/examples/PipelineExamplesAggregations" + PipelineExamplesAggregateMetrics: + $ref: "#/components/examples/PipelineExamplesAggregateMetrics" + PipelineExamplesAutoTimestamp: + $ref: "#/components/examples/PipelineExamplesAutoTimestamp" + PipelineExamplesCEFSerializer: + $ref: "#/components/examples/PipelineExamplesCEFSerializer" + PipelineExamplesChain: + $ref: "#/components/examples/PipelineExamplesChain" + PipelineExamplesClone: + $ref: "#/components/examples/PipelineExamplesClone" + PipelineExamplesComment: + $ref: "#/components/examples/PipelineExamplesComment" + PipelineExamplesDNSLookup: + $ref: "#/components/examples/PipelineExamplesDNSLookup" + PipelineExamplesDrop: + $ref: "#/components/examples/PipelineExamplesDrop" + PipelineExamplesDropDimensions: + $ref: "#/components/examples/PipelineExamplesDropDimensions" + PipelineExamplesDynamicSampling: + $ref: "#/components/examples/PipelineExamplesDynamicSampling" + PipelineExamplesEval: + $ref: "#/components/examples/PipelineExamplesEval" + PipelineExamplesEventBreaker: + $ref: "#/components/examples/PipelineExamplesEventBreaker" + PipelineExamplesFlatten: + $ref: "#/components/examples/PipelineExamplesFlatten" + PipelineExamplesFoldKeys: + $ref: "#/components/examples/PipelineExamplesFoldKeys" + PipelineExamplesGeoIP: + $ref: "#/components/examples/PipelineExamplesGeoIP" + PipelineExamplesGrok: + $ref: "#/components/examples/PipelineExamplesGrok" + PipelineExamplesGuard: + $ref: "#/components/examples/PipelineExamplesGuard" + PipelineExamplesJSONUnroll: + $ref: "#/components/examples/PipelineExamplesJSONUnroll" + PipelineExamplesLookup: + $ref: "#/components/examples/PipelineExamplesLookup" + PipelineExamplesMask: + $ref: "#/components/examples/PipelineExamplesMask" + PipelineExamplesNumerify: + $ref: "#/components/examples/PipelineExamplesNumerify" + PipelineExamplesOTLPLogs: + $ref: "#/components/examples/PipelineExamplesOTLPLogs" + PipelineExamplesOTLPMetrics: + $ref: "#/components/examples/PipelineExamplesOTLPMetrics" + PipelineExamplesOTLPTraces: + $ref: "#/components/examples/PipelineExamplesOTLPTraces" + PipelineExamplesParser: + $ref: "#/components/examples/PipelineExamplesParser" + PipelineExamplesPublishMetrics: + $ref: "#/components/examples/PipelineExamplesPublishMetrics" + PipelineExamplesRedis: + $ref: "#/components/examples/PipelineExamplesRedis" + PipelineExamplesRegexExtract: + $ref: "#/components/examples/PipelineExamplesRegexExtract" + PipelineExamplesRegexFilter: + $ref: "#/components/examples/PipelineExamplesRegexFilter" + PipelineExamplesRename: + $ref: "#/components/examples/PipelineExamplesRename" + PipelineExamplesRollupMetrics: + $ref: "#/components/examples/PipelineExamplesRollupMetrics" + PipelineExamplesSampling: + $ref: "#/components/examples/PipelineExamplesSampling" + PipelineExamplesSerialize: + $ref: "#/components/examples/PipelineExamplesSerialize" + PipelineExamplesSNMPTrapSerialize: + $ref: "#/components/examples/PipelineExamplesSNMPTrapSerialize" + PipelineExamplesSuppress: + $ref: "#/components/examples/PipelineExamplesSuppress" + PipelineExamplesTee: + $ref: "#/components/examples/PipelineExamplesTee" + PipelineExamplesUnroll: + $ref: "#/components/examples/PipelineExamplesUnroll" + PipelineExamplesXMLUnroll: + $ref: "#/components/examples/PipelineExamplesXMLUnroll" parameters: - - name: id - in: path - required: true - schema: - type: string - description: The id of the Splunk HEC Source. - name: pack in: path required: true schema: type: string description: The id of the Pack. - /p/{pack}/system/inputs/{id}/pq: - delete: - operationId: deleteInputSystemPqByPackAndId + /p/{pack}/pipelines/{id}: + get: + operationId: getPipelinesByPackAndId tags: - - sources - x-speakeasy-group: packs.sources.pq - x-speakeasy-name-override: clear + - pipelines + x-speakeasy-group: packs.pipelines + x-speakeasy-name-override: get x-cribl-internal: false x-cribl-availability: both - summary: Clear the persistent queue for a Source within a Pack - description: Clear the persistent queue (PQ) for the specified Source within the specified Pack. + summary: Get a Pipeline within a Pack + description: Get the specified Pipeline within the specified Pack. responses: - "201": - description: A list of job ids for the background job that clears the persistent queue + "200": + description: a list of Pipeline objects content: application/json: schema: - $ref: "#/components/schemas/CountedString" + $ref: "#/components/schemas/CountedPipeline" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -53054,128 +64818,206 @@ paths: required: true schema: type: string - description: The id of the Source to clear the PQ for. + description: The id of the Pipeline to get. - name: pack in: path required: true schema: type: string description: The id of the Pack. - get: - operationId: getInputSystemPqByPackAndId + patch: + operationId: updatePipelinesByPackAndId tags: - - sources - x-speakeasy-group: packs.sources.pq - x-speakeasy-name-override: get + - pipelines + x-speakeasy-group: packs.pipelines + x-speakeasy-name-override: update x-cribl-internal: false x-cribl-availability: both - summary: Get information about the latest job to clear the persistent queue for a Source within a Pack - description: Get information about the latest job to clear the persistent queue (PQ) for the specified Source within the specified Pack. + summary: Update a Pipeline within a Pack + description: Update the specified Pipeline within the specified + Pack.

Provide a complete representation of the Pipeline that + you want to update in the request body. This endpoint does not support + partial updates. Cribl removes any omitted fields when updating the + Pipeline.

Confirm that the configuration in your request body + is correct before sending the request. If the configuration is + incorrect, the updated Pipeline might not function as expected. responses: "200": - description: information about the latest job to clear the PQ for the Source + description: a list of Pipeline objects content: application/json: schema: - $ref: "#/components/schemas/CountedJobInfo" + $ref: "#/components/schemas/CountedPipeline" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" + requestBody: + description: Pipeline object. + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/Pipeline" + examples: + UpdatePipelineExamplesEmpty: + $ref: "#/components/examples/UpdatePipelineExamplesEmpty" + UpdatePipelineExamplesAggregations: + $ref: "#/components/examples/UpdatePipelineExamplesAggregations" + UpdatePipelineExamplesAggregateMetrics: + $ref: "#/components/examples/UpdatePipelineExamplesAggregateMetrics" + UpdatePipelineExamplesAutoTimestamp: + $ref: "#/components/examples/UpdatePipelineExamplesAutoTimestamp" + UpdatePipelineExamplesCEFSerializer: + $ref: "#/components/examples/UpdatePipelineExamplesCEFSerializer" + UpdatePipelineExamplesChain: + $ref: "#/components/examples/UpdatePipelineExamplesChain" + UpdatePipelineExamplesClone: + $ref: "#/components/examples/UpdatePipelineExamplesClone" + UpdatePipelineExamplesComment: + $ref: "#/components/examples/UpdatePipelineExamplesComment" + UpdatePipelineExamplesDNSLookup: + $ref: "#/components/examples/UpdatePipelineExamplesDNSLookup" + UpdatePipelineExamplesDrop: + $ref: "#/components/examples/UpdatePipelineExamplesDrop" + UpdatePipelineExamplesDropDimensions: + $ref: "#/components/examples/UpdatePipelineExamplesDropDimensions" + UpdatePipelineExamplesDynamicSampling: + $ref: "#/components/examples/UpdatePipelineExamplesDynamicSampling" + UpdatePipelineExamplesEval: + $ref: "#/components/examples/UpdatePipelineExamplesEval" + UpdatePipelineExamplesEventBreaker: + $ref: "#/components/examples/UpdatePipelineExamplesEventBreaker" + UpdatePipelineExamplesFlatten: + $ref: "#/components/examples/UpdatePipelineExamplesFlatten" + UpdatePipelineExamplesFoldKeys: + $ref: "#/components/examples/UpdatePipelineExamplesFoldKeys" + UpdatePipelineExamplesGeoIP: + $ref: "#/components/examples/UpdatePipelineExamplesGeoIP" + UpdatePipelineExamplesGrok: + $ref: "#/components/examples/UpdatePipelineExamplesGrok" + UpdatePipelineExamplesGuard: + $ref: "#/components/examples/UpdatePipelineExamplesGuard" + UpdatePipelineExamplesJSONUnroll: + $ref: "#/components/examples/UpdatePipelineExamplesJSONUnroll" + UpdatePipelineExamplesLookup: + $ref: "#/components/examples/UpdatePipelineExamplesLookup" + UpdatePipelineExamplesMask: + $ref: "#/components/examples/UpdatePipelineExamplesMask" + UpdatePipelineExamplesNumerify: + $ref: "#/components/examples/UpdatePipelineExamplesNumerify" + UpdatePipelineExamplesOTLPLogs: + $ref: "#/components/examples/UpdatePipelineExamplesOTLPLogs" + UpdatePipelineExamplesOTLPMetrics: + $ref: "#/components/examples/UpdatePipelineExamplesOTLPMetrics" + UpdatePipelineExamplesOTLPTraces: + $ref: "#/components/examples/UpdatePipelineExamplesOTLPTraces" + UpdatePipelineExamplesParser: + $ref: "#/components/examples/UpdatePipelineExamplesParser" + UpdatePipelineExamplesPublishMetrics: + $ref: "#/components/examples/UpdatePipelineExamplesPublishMetrics" + UpdatePipelineExamplesRedis: + $ref: "#/components/examples/UpdatePipelineExamplesRedis" + UpdatePipelineExamplesRegexExtract: + $ref: "#/components/examples/UpdatePipelineExamplesRegexExtract" + UpdatePipelineExamplesRegexFilter: + $ref: "#/components/examples/UpdatePipelineExamplesRegexFilter" + UpdatePipelineExamplesRename: + $ref: "#/components/examples/UpdatePipelineExamplesRename" + UpdatePipelineExamplesRollupMetrics: + $ref: "#/components/examples/UpdatePipelineExamplesRollupMetrics" + UpdatePipelineExamplesSampling: + $ref: "#/components/examples/UpdatePipelineExamplesSampling" + UpdatePipelineExamplesSerialize: + $ref: "#/components/examples/UpdatePipelineExamplesSerialize" + UpdatePipelineExamplesSNMPTrapSerialize: + $ref: "#/components/examples/UpdatePipelineExamplesSNMPTrapSerialize" + UpdatePipelineExamplesSuppress: + $ref: "#/components/examples/UpdatePipelineExamplesSuppress" + UpdatePipelineExamplesTee: + $ref: "#/components/examples/UpdatePipelineExamplesTee" + UpdatePipelineExamplesUnroll: + $ref: "#/components/examples/UpdatePipelineExamplesUnroll" + UpdatePipelineExamplesXMLUnroll: + $ref: "#/components/examples/UpdatePipelineExamplesXMLUnroll" parameters: - name: id in: path required: true schema: type: string - description: The id of the Source to get PQ job information for. + description: The id of the Pipeline to update. - name: pack in: path required: true schema: type: string description: The id of the Pack. - /p/{pack}/system/inputs/{id}/hectoken/{token}: - patch: - operationId: updateInputSystemHecTokenByPackAndIdAndToken + delete: + operationId: deletePipelinesByPackAndId tags: - - sources - x-speakeasy-group: packs.sources.hecTokens - x-speakeasy-name-override: update + - pipelines + x-speakeasy-group: packs.pipelines + x-speakeasy-name-override: delete x-cribl-internal: false x-cribl-availability: both - summary: Update metadata for an HEC token for a Splunk HEC Source within a Pack - description: Update the metadata for the specified HEC token for the specified Splunk HEC Source within the specified Pack. + summary: Delete a Pipeline within a Pack + description: Delete the specified Pipeline within the specified Pack. responses: "200": - description: the updated HEC token + description: a list of Pipeline objects content: application/json: schema: - $ref: "#/components/schemas/CountedInputSplunkHec" + $ref: "#/components/schemas/CountedPipeline" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - requestBody: - description: UpdateHecTokenRequest object. - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/UpdateHecTokenRequest" - examples: - HecTokenExamplesHecToken: - $ref: "#/components/examples/HecTokenExamplesHecToken" - HecTokenExamplesHecTokenWithIndexAccess: - $ref: "#/components/examples/HecTokenExamplesHecTokenWithIndexAccess" parameters: - name: id in: path required: true schema: type: string - description: The id of the Splunk HEC Source. - - name: token - in: path - required: true - schema: - type: string - description: The HEC token value to update. + description: The id of the Pipeline to delete. - name: pack in: path required: true schema: type: string description: The id of the Pack. - /system/outputs: + /p/{pack}/routes: get: - operationId: listOutput - x-speakeasy-group: destinations + operationId: getRoutesByPack + tags: + - routes + x-speakeasy-group: packs.routes + x-speakeasy-name-override: list x-cribl-internal: false x-cribl-availability: both - x-speakeasy-name-override: list - tags: - - destinations - summary: List all Destinations - description: Get a list of all Destinations. + summary: List all Routes within a Pack + description: Get a list of all Routes within the specified Pack. responses: "200": - description: a list of Destination objects + description: a list of Routes objects content: application/json: schema: - $ref: "#/components/schemas/CountedOutputResponse" + $ref: "#/components/schemas/CountedRoutes" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -53183,422 +65025,622 @@ paths: schema: $ref: "#/components/schemas/Error" parameters: - - name: type - in: query - required: false + - name: pack + in: path + required: true schema: - $ref: "#/components/schemas/DestinationType" - description: Type of Destination to include in the results. Each request can include only one type parameter; multiple parameters per request are not supported. - post: - operationId: createOutput - x-speakeasy-group: destinations - x-cribl-internal: false - x-cribl-availability: both - x-speakeasy-name-override: create - tags: - - destinations - summary: Create a Destination - description: Create a new Destination. - requestBody: - description: Output object. - required: true - content: - application/json: - schema: - allOf: - - $ref: "#/components/schemas/Output" - - type: object - required: - - id - examples: - OutputCreateExamplesTcpjson: - $ref: "#/components/examples/OutputCreateExamplesTcpjson" - OutputCreateExamplesSplunk: - $ref: "#/components/examples/OutputCreateExamplesSplunk" - OutputCreateExamplesSplunkLb: - $ref: "#/components/examples/OutputCreateExamplesSplunkLb" - OutputCreateExamplesSplunkHec: - $ref: "#/components/examples/OutputCreateExamplesSplunkHec" - OutputCreateExamplesSyslog: - $ref: "#/components/examples/OutputCreateExamplesSyslog" - OutputCreateExamplesFilesystem: - $ref: "#/components/examples/OutputCreateExamplesFilesystem" - OutputCreateExamplesS3: - $ref: "#/components/examples/OutputCreateExamplesS3" - OutputCreateExamplesNutanixObjects: - $ref: "#/components/examples/OutputCreateExamplesNutanixObjects" - OutputCreateExamplesStorjS3: - $ref: "#/components/examples/OutputCreateExamplesStorjS3" - OutputCreateExamplesAlphasocS3: - $ref: "#/components/examples/OutputCreateExamplesAlphasocS3" - OutputCreateExamplesdellS3: - $ref: "#/components/examples/OutputCreateExamplesdellS3" - OutputCreateExamplescloudianS3: - $ref: "#/components/examples/OutputCreateExamplescloudianS3" - OutputCreateExamplesscalityS3: - $ref: "#/components/examples/OutputCreateExamplesscalityS3" - OutputCreateExamplesalibabaCloudS3: - $ref: "#/components/examples/OutputCreateExamplesalibabaCloudS3" - OutputCreateExamplesAzureBlob: - $ref: "#/components/examples/OutputCreateExamplesAzureBlob" - OutputCreateExamplesAzureDataExplorer: - $ref: "#/components/examples/OutputCreateExamplesAzureDataExplorer" - OutputCreateExamplesSentinel: - $ref: "#/components/examples/OutputCreateExamplesSentinel" - OutputCreateExamplesAzureLogs: - $ref: "#/components/examples/OutputCreateExamplesAzureLogs" - OutputCreateExamplesKafka: - $ref: "#/components/examples/OutputCreateExamplesKafka" - OutputCreateExamplesConfluentCloud: - $ref: "#/components/examples/OutputCreateExamplesConfluentCloud" - OutputCreateExamplesMsk: - $ref: "#/components/examples/OutputCreateExamplesMsk" - OutputCreateExamplesKinesis: - $ref: "#/components/examples/OutputCreateExamplesKinesis" - OutputCreateExamplesElastic: - $ref: "#/components/examples/OutputCreateExamplesElastic" - OutputCreateExamplesElasticCloud: - $ref: "#/components/examples/OutputCreateExamplesElasticCloud" - OutputCreateExamplesMicrosoftFabric: - $ref: "#/components/examples/OutputCreateExamplesMicrosoftFabric" - OutputCreateExamplesCloudflareR2: - $ref: "#/components/examples/OutputCreateExamplesCloudflareR2" - OutputCreateExamplesHoneycomb: - $ref: "#/components/examples/OutputCreateExamplesHoneycomb" - OutputCreateExamplesNewrelic: - $ref: "#/components/examples/OutputCreateExamplesNewrelic" - OutputCreateExamplesNewrelicEvents: - $ref: "#/components/examples/OutputCreateExamplesNewrelicEvents" - OutputCreateExamplesSnmp: - $ref: "#/components/examples/OutputCreateExamplesSnmp" - OutputCreateExamplesInfluxdb: - $ref: "#/components/examples/OutputCreateExamplesInfluxdb" - OutputCreateExamplesMinio: - $ref: "#/components/examples/OutputCreateExamplesMinio" - OutputCreateExamplesCloudwatch: - $ref: "#/components/examples/OutputCreateExamplesCloudwatch" - OutputCreateExamplesAzureEventhub: - $ref: "#/components/examples/OutputCreateExamplesAzureEventhub" - OutputCreateExamplesStatsd: - $ref: "#/components/examples/OutputCreateExamplesStatsd" - OutputCreateExamplesStatsdExt: - $ref: "#/components/examples/OutputCreateExamplesStatsdExt" - OutputCreateExamplesGraphite: - $ref: "#/components/examples/OutputCreateExamplesGraphite" - OutputCreateExamplesWavefront: - $ref: "#/components/examples/OutputCreateExamplesWavefront" - OutputCreateExamplesSignalfx: - $ref: "#/components/examples/OutputCreateExamplesSignalfx" - OutputCreateExamplesSqs: - $ref: "#/components/examples/OutputCreateExamplesSqs" - OutputCreateExamplesGoogleCloudStorage: - $ref: "#/components/examples/OutputCreateExamplesGoogleCloudStorage" - OutputCreateExamplesSumoLogic: - $ref: "#/components/examples/OutputCreateExamplesSumoLogic" - OutputCreateExamplesDatadog: - $ref: "#/components/examples/OutputCreateExamplesDatadog" - OutputCreateExamplesWebhook: - $ref: "#/components/examples/OutputCreateExamplesWebhook" - OutputCreateExamplesPrometheus: - $ref: "#/components/examples/OutputCreateExamplesPrometheus" - OutputCreateExamplesGooglePubsub: - $ref: "#/components/examples/OutputCreateExamplesGooglePubsub" - OutputCreateExamplesGoogleChronicle: - $ref: "#/components/examples/OutputCreateExamplesGoogleChronicle" - OutputCreateExamplesChronicle: - $ref: "#/components/examples/OutputCreateExamplesChronicle" - OutputCreateExamplesGrafanaCloud: - $ref: "#/components/examples/OutputCreateExamplesGrafanaCloud" - OutputCreateExamplesLoki: - $ref: "#/components/examples/OutputCreateExamplesLoki" - OutputCreateExamplesOpenTelemetry: - $ref: "#/components/examples/OutputCreateExamplesOpenTelemetry" - OutputCreateExamplesServiceNow: - $ref: "#/components/examples/OutputCreateExamplesServiceNow" - OutputCreateExamplesDynatraceOtlp: - $ref: "#/components/examples/OutputCreateExamplesDynatraceOtlp" - OutputCreateExamplesSentinelOneAiSiem: - $ref: "#/components/examples/OutputCreateExamplesSentinelOneAiSiem" - OutputCreateExamplesDataset: - $ref: "#/components/examples/OutputCreateExamplesDataset" - OutputCreateExamplesRing: - $ref: "#/components/examples/OutputCreateExamplesRing" - OutputCreateExamplesRouter: - $ref: "#/components/examples/OutputCreateExamplesRouter" - OutputCreateExamplesWizHec: - $ref: "#/components/examples/OutputCreateExamplesWizHec" - OutputCreateExamplesHumioHec: - $ref: "#/components/examples/OutputCreateExamplesHumioHec" - OutputCreateExamplesCrowdstrikeNextGenSiem: - $ref: "#/components/examples/OutputCreateExamplesCrowdstrikeNextGenSiem" - OutputCreateExamplesCriblHttp: - $ref: "#/components/examples/OutputCreateExamplesCriblHttp" - OutputCreateExamplesCriblTcp: - $ref: "#/components/examples/OutputCreateExamplesCriblTcp" - OutputCreateExamplesCriblSearchEngine: - $ref: "#/components/examples/OutputCreateExamplesCriblSearchEngine" - OutputCreateExamplesGoogleCloudLogging: - $ref: "#/components/examples/OutputCreateExamplesGoogleCloudLogging" - OutputCreateExamplesSns: - $ref: "#/components/examples/OutputCreateExamplesSns" - OutputCreateExamplesDlS3: - $ref: "#/components/examples/OutputCreateExamplesDlS3" - OutputCreateExamplesSecurityLake: - $ref: "#/components/examples/OutputCreateExamplesSecurityLake" - OutputCreateExamplesCriblLake: - $ref: "#/components/examples/OutputCreateExamplesCriblLake" - OutputCreateExamplesExabeam: - $ref: "#/components/examples/OutputCreateExamplesExabeam" - OutputCreateExamplesDiskSpool: - $ref: "#/components/examples/OutputCreateExamplesDiskSpool" - OutputCreateExamplesClickHouse: - $ref: "#/components/examples/OutputCreateExamplesClickHouse" - OutputCreateExamplesLocalSearchStorage: - $ref: "#/components/examples/OutputCreateExamplesLocalSearchStorage" - OutputCreateExamplesXsiam: - $ref: "#/components/examples/OutputCreateExamplesXsiam" - OutputCreateExamplesNetflow: - $ref: "#/components/examples/OutputCreateExamplesNetflow" - OutputCreateExamplesDynatraceHttp: - $ref: "#/components/examples/OutputCreateExamplesDynatraceHttp" - OutputCreateExamplesDatabricks: - $ref: "#/components/examples/OutputCreateExamplesDatabricks" + type: string + description: The id of the Pack. + /p/{pack}/routes/{id}: + get: + operationId: getRoutesByPackAndId + tags: + - routes + x-speakeasy-group: packs.routes + x-speakeasy-name-override: get + x-cribl-internal: false + x-cribl-availability: both + summary: Get a Routing table within a Pack + description: Get the specified Routing table within the specified Pack. responses: "200": - description: the created Destination object + description: a list of Routes objects content: application/json: schema: - $ref: "#/components/schemas/CountedOutputResponse" + $ref: "#/components/schemas/CountedRoutes" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - /system/outputs/{id}: - get: - operationId: getOutputById - x-speakeasy-group: destinations + parameters: + - name: id + in: path + required: true + schema: + type: string + description: The id of the Routing table to get. The supported + value is default. + - name: pack + in: path + required: true + schema: + type: string + description: The id of the Pack. + patch: + operationId: updateRoutesByPackAndId + tags: + - routes + x-speakeasy-group: packs.routes + x-speakeasy-name-override: update x-cribl-internal: false x-cribl-availability: both - x-speakeasy-name-override: get - tags: - - destinations - summary: Get a Destination - description: Get the specified Destination. + summary: Update a Route within a Pack + description: Update the specified Route within the specified + Pack.

Provide a complete representation of the Routing table, + including the Route that you want to update, in the request + body.

This endpoint does not support partial updates. Cribl + removes any omitted fields when updating the Routing + table.

Confirm that the configuration in your request body is + correct before sending the request. If the configuration is incorrect, + the updated Routing table might not function as expected.

Cribl + also removes any omitted Routes when updating the Routing table. + responses: + "200": + description: a list of Routes objects + content: + application/json: + schema: + $ref: "#/components/schemas/CountedRoutes" + "401": + description: Authentication failed (missing or invalid credentials or Bearer + token). + "500": + description: Unexpected server error. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + requestBody: + description: RoutesInput object. + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/RoutesInput" + examples: + RoutesUpdateExamplesBasicRoute: + $ref: "#/components/examples/RoutesUpdateExamplesBasicRoute" + RoutesUpdateExamplesMultipleRoutes: + $ref: "#/components/examples/RoutesUpdateExamplesMultipleRoutes" + RoutesUpdateExamplesRouteWithOutputExpression: + $ref: "#/components/examples/RoutesUpdateExamplesRouteWithOutputExpression" + RoutesUpdateExamplesRouteWithDefaults: + $ref: "#/components/examples/RoutesUpdateExamplesRouteWithDefaults" parameters: - name: id in: path required: true schema: type: string - description: The id of the Destination to get. + description: The id of the Routing table that contains the Route to + update. The supported value is default. + - name: pack + in: path + required: true + schema: + type: string + description: The id of the Pack. + /p/{pack}/routes/{id}/append: + post: + operationId: createRoutesAppendByPackAndId + tags: + - routes + x-speakeasy-group: packs.routes + x-speakeasy-name-override: append + x-cribl-internal: false + x-cribl-availability: both + summary: Add a Route to the end of the Routing table within a Pack + description: Add a Route to the end of the specified Routing table within the + specified Pack. responses: "200": - description: a Destination object + description: The created Routes object in a single-item list. content: application/json: schema: - $ref: "#/components/schemas/CountedOutputResponse" + $ref: "#/components/schemas/CountedRoutes" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - patch: - operationId: updateOutputById - x-speakeasy-group: destinations + requestBody: + description: RouteDefinitions object. + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/RouteDefinitions" + examples: + RoutesAppendExamplesSingleRoute: + $ref: "#/components/examples/RoutesAppendExamplesSingleRoute" + RoutesAppendExamplesMultipleRoutes: + $ref: "#/components/examples/RoutesAppendExamplesMultipleRoutes" + RoutesAppendExamplesRouteWithOutputExpression: + $ref: "#/components/examples/RoutesAppendExamplesRouteWithOutputExpression" + RoutesAppendExamplesRouteWithDefaults: + $ref: "#/components/examples/RoutesAppendExamplesRouteWithDefaults" + parameters: + - name: id + in: path + required: true + schema: + type: string + description: The id of the Routing table to add the Route to. The + supported value is default. + - name: pack + in: path + required: true + schema: + type: string + description: The id of the Pack. + /p/{pack}/system/inputs: + get: + operationId: getInputSystemByPack + x-speakeasy-group: packs.sources x-cribl-internal: false x-cribl-availability: both - x-speakeasy-name-override: update + x-speakeasy-name-override: list tags: - - destinations - summary: Update a Destination - description: Update the specified Destination.

Provide a complete representation of the Destination that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Destination.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Destination might not function as expected. + - sources + summary: List all Sources within a Pack + description: Get a list of all Sources within the specified Pack. + responses: + "200": + description: a list of Source objects + content: + application/json: + schema: + $ref: "#/components/schemas/CountedInputResponse" + "401": + description: Authentication failed (missing or invalid credentials or Bearer + token). + "500": + description: Unexpected server error. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" parameters: - - name: id + - name: type + in: query + required: false + schema: + $ref: "#/components/schemas/SourceType" + description: Type of Source to include in the results. Each request can include + only one type parameter; multiple parameters per + request are not supported. + - name: pack in: path required: true schema: type: string - description: The id of the Destination to update. + description: The id of the Pack. + post: + operationId: createInputSystemByPack + x-speakeasy-group: packs.sources + x-cribl-internal: false + x-cribl-availability: both + x-speakeasy-name-override: create + tags: + - sources + summary: Create a Source within a Pack + description: Create a new Source. The system-managed provenance field (JSON + criblSourceProvenance) must be omitted from the request + body within the specified Pack. requestBody: - description: Output object. + description: Input object. required: true content: application/json: schema: - $ref: "#/components/schemas/Output" + allOf: + - $ref: "#/components/schemas/Input" + - type: object + required: + - id examples: - OutputExamplesDefault: - $ref: "#/components/examples/OutputExamplesDefault" - OutputCreateExamplesTcpjson: - $ref: "#/components/examples/OutputCreateExamplesTcpjson" - OutputCreateExamplesSplunk: - $ref: "#/components/examples/OutputCreateExamplesSplunk" - OutputCreateExamplesSplunkLb: - $ref: "#/components/examples/OutputCreateExamplesSplunkLb" - OutputCreateExamplesSplunkHec: - $ref: "#/components/examples/OutputCreateExamplesSplunkHec" - OutputCreateExamplesSyslog: - $ref: "#/components/examples/OutputCreateExamplesSyslog" - OutputCreateExamplesFilesystem: - $ref: "#/components/examples/OutputCreateExamplesFilesystem" - OutputCreateExamplesS3: - $ref: "#/components/examples/OutputCreateExamplesS3" - OutputCreateExamplesNutanixObjects: - $ref: "#/components/examples/OutputCreateExamplesNutanixObjects" - OutputCreateExamplesStorjS3: - $ref: "#/components/examples/OutputCreateExamplesStorjS3" - OutputCreateExamplesAlphasocS3: - $ref: "#/components/examples/OutputCreateExamplesAlphasocS3" - OutputCreateExamplesdellS3: - $ref: "#/components/examples/OutputCreateExamplesdellS3" - OutputCreateExamplescloudianS3: - $ref: "#/components/examples/OutputCreateExamplescloudianS3" - OutputCreateExamplesscalityS3: - $ref: "#/components/examples/OutputCreateExamplesscalityS3" - OutputCreateExamplesalibabaCloudS3: - $ref: "#/components/examples/OutputCreateExamplesalibabaCloudS3" - OutputCreateExamplesAzureBlob: - $ref: "#/components/examples/OutputCreateExamplesAzureBlob" - OutputCreateExamplesAzureDataExplorer: - $ref: "#/components/examples/OutputCreateExamplesAzureDataExplorer" - OutputCreateExamplesSentinel: - $ref: "#/components/examples/OutputCreateExamplesSentinel" - OutputCreateExamplesAzureLogs: - $ref: "#/components/examples/OutputCreateExamplesAzureLogs" - OutputCreateExamplesKafka: - $ref: "#/components/examples/OutputCreateExamplesKafka" - OutputCreateExamplesConfluentCloud: - $ref: "#/components/examples/OutputCreateExamplesConfluentCloud" - OutputCreateExamplesMsk: - $ref: "#/components/examples/OutputCreateExamplesMsk" - OutputCreateExamplesKinesis: - $ref: "#/components/examples/OutputCreateExamplesKinesis" - OutputCreateExamplesElastic: - $ref: "#/components/examples/OutputCreateExamplesElastic" - OutputCreateExamplesElasticCloud: - $ref: "#/components/examples/OutputCreateExamplesElasticCloud" - OutputCreateExamplesMicrosoftFabric: - $ref: "#/components/examples/OutputCreateExamplesMicrosoftFabric" - OutputCreateExamplesCloudflareR2: - $ref: "#/components/examples/OutputCreateExamplesCloudflareR2" - OutputCreateExamplesHoneycomb: - $ref: "#/components/examples/OutputCreateExamplesHoneycomb" - OutputCreateExamplesNewrelic: - $ref: "#/components/examples/OutputCreateExamplesNewrelic" - OutputCreateExamplesNewrelicEvents: - $ref: "#/components/examples/OutputCreateExamplesNewrelicEvents" - OutputCreateExamplesSnmp: - $ref: "#/components/examples/OutputCreateExamplesSnmp" - OutputCreateExamplesInfluxdb: - $ref: "#/components/examples/OutputCreateExamplesInfluxdb" - OutputCreateExamplesMinio: - $ref: "#/components/examples/OutputCreateExamplesMinio" - OutputCreateExamplesCloudwatch: - $ref: "#/components/examples/OutputCreateExamplesCloudwatch" - OutputCreateExamplesAzureEventhub: - $ref: "#/components/examples/OutputCreateExamplesAzureEventhub" - OutputCreateExamplesStatsd: - $ref: "#/components/examples/OutputCreateExamplesStatsd" - OutputCreateExamplesStatsdExt: - $ref: "#/components/examples/OutputCreateExamplesStatsdExt" - OutputCreateExamplesGraphite: - $ref: "#/components/examples/OutputCreateExamplesGraphite" - OutputCreateExamplesWavefront: - $ref: "#/components/examples/OutputCreateExamplesWavefront" - OutputCreateExamplesSignalfx: - $ref: "#/components/examples/OutputCreateExamplesSignalfx" - OutputCreateExamplesSqs: - $ref: "#/components/examples/OutputCreateExamplesSqs" - OutputCreateExamplesGoogleCloudStorage: - $ref: "#/components/examples/OutputCreateExamplesGoogleCloudStorage" - OutputCreateExamplesSumoLogic: - $ref: "#/components/examples/OutputCreateExamplesSumoLogic" - OutputCreateExamplesDatadog: - $ref: "#/components/examples/OutputCreateExamplesDatadog" - OutputCreateExamplesWebhook: - $ref: "#/components/examples/OutputCreateExamplesWebhook" - OutputCreateExamplesPrometheus: - $ref: "#/components/examples/OutputCreateExamplesPrometheus" - OutputCreateExamplesGooglePubsub: - $ref: "#/components/examples/OutputCreateExamplesGooglePubsub" - OutputCreateExamplesGoogleChronicle: - $ref: "#/components/examples/OutputCreateExamplesGoogleChronicle" - OutputCreateExamplesChronicle: - $ref: "#/components/examples/OutputCreateExamplesChronicle" - OutputCreateExamplesGrafanaCloud: - $ref: "#/components/examples/OutputCreateExamplesGrafanaCloud" - OutputCreateExamplesLoki: - $ref: "#/components/examples/OutputCreateExamplesLoki" - OutputCreateExamplesOpenTelemetry: - $ref: "#/components/examples/OutputCreateExamplesOpenTelemetry" - OutputCreateExamplesServiceNow: - $ref: "#/components/examples/OutputCreateExamplesServiceNow" - OutputCreateExamplesDynatraceOtlp: - $ref: "#/components/examples/OutputCreateExamplesDynatraceOtlp" - OutputCreateExamplesSentinelOneAiSiem: - $ref: "#/components/examples/OutputCreateExamplesSentinelOneAiSiem" - OutputCreateExamplesDataset: - $ref: "#/components/examples/OutputCreateExamplesDataset" - OutputCreateExamplesRing: - $ref: "#/components/examples/OutputCreateExamplesRing" - OutputCreateExamplesRouter: - $ref: "#/components/examples/OutputCreateExamplesRouter" - OutputCreateExamplesWizHec: - $ref: "#/components/examples/OutputCreateExamplesWizHec" - OutputCreateExamplesHumioHec: - $ref: "#/components/examples/OutputCreateExamplesHumioHec" - OutputCreateExamplesCrowdstrikeNextGenSiem: - $ref: "#/components/examples/OutputCreateExamplesCrowdstrikeNextGenSiem" - OutputCreateExamplesCriblHttp: - $ref: "#/components/examples/OutputCreateExamplesCriblHttp" - OutputCreateExamplesCriblTcp: - $ref: "#/components/examples/OutputCreateExamplesCriblTcp" - OutputCreateExamplesCriblSearchEngine: - $ref: "#/components/examples/OutputCreateExamplesCriblSearchEngine" - OutputCreateExamplesGoogleCloudLogging: - $ref: "#/components/examples/OutputCreateExamplesGoogleCloudLogging" - OutputCreateExamplesSns: - $ref: "#/components/examples/OutputCreateExamplesSns" - OutputCreateExamplesDlS3: - $ref: "#/components/examples/OutputCreateExamplesDlS3" - OutputCreateExamplesSecurityLake: - $ref: "#/components/examples/OutputCreateExamplesSecurityLake" - OutputCreateExamplesCriblLake: - $ref: "#/components/examples/OutputCreateExamplesCriblLake" - OutputCreateExamplesExabeam: - $ref: "#/components/examples/OutputCreateExamplesExabeam" - OutputCreateExamplesDiskSpool: - $ref: "#/components/examples/OutputCreateExamplesDiskSpool" - OutputCreateExamplesClickHouse: - $ref: "#/components/examples/OutputCreateExamplesClickHouse" - OutputCreateExamplesLocalSearchStorage: - $ref: "#/components/examples/OutputCreateExamplesLocalSearchStorage" - OutputCreateExamplesXsiam: - $ref: "#/components/examples/OutputCreateExamplesXsiam" - OutputCreateExamplesNetflow: - $ref: "#/components/examples/OutputCreateExamplesNetflow" - OutputCreateExamplesDynatraceHttp: - $ref: "#/components/examples/OutputCreateExamplesDynatraceHttp" - OutputCreateExamplesDatabricks: - $ref: "#/components/examples/OutputCreateExamplesDatabricks" + InputCreateExamplesAnthropicCompliance: + $ref: "#/components/examples/InputCreateExamplesAnthropicCompliance" + InputCreateExamplesAppleUnifiedLogs: + $ref: "#/components/examples/InputCreateExamplesAppleUnifiedLogs" + InputCreateExamplesAppscope: + $ref: "#/components/examples/InputCreateExamplesAppscope" + InputCreateExamplesAzureBlob: + $ref: "#/components/examples/InputCreateExamplesAzureBlob" + InputCreateExamplesCloudflareHec: + $ref: "#/components/examples/InputCreateExamplesCloudflareHec" + InputCreateExamplesConfluentCloud: + $ref: "#/components/examples/InputCreateExamplesConfluentCloud" + InputCreateExamplesCollection: + $ref: "#/components/examples/InputCreateExamplesCollection" + InputCreateExamplesCriblHttp: + $ref: "#/components/examples/InputCreateExamplesCriblHttp" + InputCreateExamplesCriblLakeHttp: + $ref: "#/components/examples/InputCreateExamplesCriblLakeHttp" + InputCreateExamplesCriblTcp: + $ref: "#/components/examples/InputCreateExamplesCriblTcp" + InputCreateExamplesCrowdstrike: + $ref: "#/components/examples/InputCreateExamplesCrowdstrike" + InputCreateExamplesDatadogAgent: + $ref: "#/components/examples/InputCreateExamplesDatadogAgent" + InputCreateExamplesDatagen: + $ref: "#/components/examples/InputCreateExamplesDatagen" + InputCreateExamplesEdgePrometheus: + $ref: "#/components/examples/InputCreateExamplesEdgePrometheus" + InputCreateExamplesElastic: + $ref: "#/components/examples/InputCreateExamplesElastic" + InputCreateExamplesEventhub: + $ref: "#/components/examples/InputCreateExamplesEventhub" + InputCreateExamplesEventhubAmqp: + $ref: "#/components/examples/InputCreateExamplesEventhubAmqp" + InputCreateExamplesExec: + $ref: "#/components/examples/InputCreateExamplesExec" + InputCreateExamplesFile: + $ref: "#/components/examples/InputCreateExamplesFile" + InputCreateExamplesFirehose: + $ref: "#/components/examples/InputCreateExamplesFirehose" + InputCreateExamplesGrafana: + $ref: "#/components/examples/InputCreateExamplesGrafana" + InputCreateExamplesGooglePubsub: + $ref: "#/components/examples/InputCreateExamplesGooglePubsub" + InputCreateExamplesHttp: + $ref: "#/components/examples/InputCreateExamplesHttp" + InputCreateExamplesHttpRaw: + $ref: "#/components/examples/InputCreateExamplesHttpRaw" + InputCreateExamplesJournalFiles: + $ref: "#/components/examples/InputCreateExamplesJournalFiles" + InputCreateExamplesKafka: + $ref: "#/components/examples/InputCreateExamplesKafka" + InputCreateExamplesKinesis: + $ref: "#/components/examples/InputCreateExamplesKinesis" + InputCreateExamplesKubeEvents: + $ref: "#/components/examples/InputCreateExamplesKubeEvents" + InputCreateExamplesKubeLogs: + $ref: "#/components/examples/InputCreateExamplesKubeLogs" + InputCreateExamplesKubeMetrics: + $ref: "#/components/examples/InputCreateExamplesKubeMetrics" + InputCreateExamplesLoki: + $ref: "#/components/examples/InputCreateExamplesLoki" + InputCreateExamplesMetrics: + $ref: "#/components/examples/InputCreateExamplesMetrics" + InputCreateExamplesModelDrivenTelemetry: + $ref: "#/components/examples/InputCreateExamplesModelDrivenTelemetry" + InputCreateExamplesMsk: + $ref: "#/components/examples/InputCreateExamplesMsk" + InputCreateExamplesNetflow: + $ref: "#/components/examples/InputCreateExamplesNetflow" + InputCreateExamplesOffice365Mgmt: + $ref: "#/components/examples/InputCreateExamplesOffice365Mgmt" + InputCreateExamplesMicrosoftGraph: + $ref: "#/components/examples/InputCreateExamplesMicrosoftGraph" + InputCreateExamplesOffice365MsgTrace: + $ref: "#/components/examples/InputCreateExamplesOffice365MsgTrace" + InputCreateExamplesOffice365Service: + $ref: "#/components/examples/InputCreateExamplesOffice365Service" + InputCreateExamplesOkta: + $ref: "#/components/examples/InputCreateExamplesOkta" + InputCreateExamplesOpenAI: + $ref: "#/components/examples/InputCreateExamplesOpenAI" + InputCreateExamplesOpenAIComplianceLogs: + $ref: "#/components/examples/InputCreateExamplesOpenAIComplianceLogs" + InputCreateExamplesOpenTelemetry: + $ref: "#/components/examples/InputCreateExamplesOpenTelemetry" + InputCreateExamplesPrometheus: + $ref: "#/components/examples/InputCreateExamplesPrometheus" + InputCreateExamplesPrometheusRw: + $ref: "#/components/examples/InputCreateExamplesPrometheusRw" + InputCreateExamplesRawUdp: + $ref: "#/components/examples/InputCreateExamplesRawUdp" + InputCreateExamplesS3: + $ref: "#/components/examples/InputCreateExamplesS3" + InputCreateExamplesS3Inventory: + $ref: "#/components/examples/InputCreateExamplesS3Inventory" + InputCreateExamplesSecurityLake: + $ref: "#/components/examples/InputCreateExamplesSecurityLake" + InputCreateExamplesServiceNowTable: + $ref: "#/components/examples/InputCreateExamplesServiceNowTable" + InputCreateExamplesSnmp: + $ref: "#/components/examples/InputCreateExamplesSnmp" + InputCreateExamplesSplunk: + $ref: "#/components/examples/InputCreateExamplesSplunk" + InputCreateExamplesSplunkHec: + $ref: "#/components/examples/InputCreateExamplesSplunkHec" + InputCreateExamplesSplunkSearch: + $ref: "#/components/examples/InputCreateExamplesSplunkSearch" + InputCreateExamplesSqs: + $ref: "#/components/examples/InputCreateExamplesSqs" + InputCreateExamplesSyslog: + $ref: "#/components/examples/InputCreateExamplesSyslog" + InputCreateExamplesSystemMetrics: + $ref: "#/components/examples/InputCreateExamplesSystemMetrics" + InputCreateExamplesSystemState: + $ref: "#/components/examples/InputCreateExamplesSystemState" + InputCreateExamplesTcp: + $ref: "#/components/examples/InputCreateExamplesTcp" + InputCreateExamplesTcpjson: + $ref: "#/components/examples/InputCreateExamplesTcpjson" + InputCreateExamplesWef: + $ref: "#/components/examples/InputCreateExamplesWef" + InputCreateExamplesWinEventLogs: + $ref: "#/components/examples/InputCreateExamplesWinEventLogs" + InputCreateExamplesWindowsMetrics: + $ref: "#/components/examples/InputCreateExamplesWindowsMetrics" + InputCreateExamplesWiz: + $ref: "#/components/examples/InputCreateExamplesWiz" + InputCreateExamplesWizWebhook: + $ref: "#/components/examples/InputCreateExamplesWizWebhook" + InputCreateExamplesZscalerHec: + $ref: "#/components/examples/InputCreateExamplesZscalerHec" + responses: + "200": + description: the created Source object + content: + application/json: + schema: + $ref: "#/components/schemas/CountedInputResponse" + "401": + description: Authentication failed (missing or invalid credentials or Bearer + token). + "500": + description: Unexpected server error. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + parameters: + - name: pack + in: path + required: true + schema: + type: string + description: The id of the Pack. + /p/{pack}/system/inputs/{id}: + get: + operationId: getInputSystemByPackAndId + x-speakeasy-group: packs.sources + x-cribl-internal: false + x-cribl-availability: both + x-speakeasy-name-override: get + tags: + - sources + summary: Get a Source within a Pack + description: Get the specified Source within the specified Pack. + parameters: + - name: id + in: path + required: true + schema: + type: string + description: The id of the Source to get. + - name: pack + in: path + required: true + schema: + type: string + description: The id of the Pack. + responses: + "200": + description: a Source object + content: + application/json: + schema: + $ref: "#/components/schemas/CountedInputResponse" + "401": + description: Authentication failed (missing or invalid credentials or Bearer + token). + "500": + description: Unexpected server error. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + patch: + operationId: updateInputSystemByPackAndId + x-speakeasy-group: packs.sources + x-cribl-internal: false + x-cribl-availability: both + x-speakeasy-name-override: update + tags: + - sources + summary: Update a Source within a Pack + description: Update the specified Source.

Provide a complete + representation of the Source that you want to update in the request + body. This endpoint does not support partial updates. Cribl removes any + omitted fields when updating the Source.

Confirm that the + configuration in your request body is correct before sending the + request. If the configuration is incorrect, the updated Source might not + function as expected.

Cribl preserves + criblSourceProvenance when you omit it from the request + body, and you cannot overwrite it through this endpoint within the + specified Pack. + parameters: + - name: id + in: path + required: true + schema: + type: string + description: The id of the Source to update. + - name: pack + in: path + required: true + schema: + type: string + description: The id of the Pack. + requestBody: + description: Input object. + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/Input" + examples: + UpdateInputExamplesAnthropicCompliance: + $ref: "#/components/examples/UpdateInputExamplesAnthropicCompliance" + UpdateInputExamplesAppleUnifiedLogs: + $ref: "#/components/examples/UpdateInputExamplesAppleUnifiedLogs" + UpdateInputExamplesAppscope: + $ref: "#/components/examples/UpdateInputExamplesAppscope" + UpdateInputExamplesAzureBlob: + $ref: "#/components/examples/UpdateInputExamplesAzureBlob" + UpdateInputExamplesCloudflareHec: + $ref: "#/components/examples/UpdateInputExamplesCloudflareHec" + UpdateInputExamplesConfluentCloud: + $ref: "#/components/examples/UpdateInputExamplesConfluentCloud" + UpdateInputExamplesCollection: + $ref: "#/components/examples/UpdateInputExamplesCollection" + UpdateInputExamplesCribl: + $ref: "#/components/examples/UpdateInputExamplesCribl" + UpdateInputExamplesCriblHttp: + $ref: "#/components/examples/UpdateInputExamplesCriblHttp" + UpdateInputExamplesCriblLakeHttp: + $ref: "#/components/examples/UpdateInputExamplesCriblLakeHttp" + UpdateInputExamplesCriblMetrics: + $ref: "#/components/examples/UpdateInputExamplesCriblMetrics" + UpdateInputExamplesCriblTcp: + $ref: "#/components/examples/UpdateInputExamplesCriblTcp" + UpdateInputExamplesCrowdstrike: + $ref: "#/components/examples/UpdateInputExamplesCrowdstrike" + UpdateInputExamplesDatadogAgent: + $ref: "#/components/examples/UpdateInputExamplesDatadogAgent" + UpdateInputExamplesDatagen: + $ref: "#/components/examples/UpdateInputExamplesDatagen" + UpdateInputExamplesEdgePrometheus: + $ref: "#/components/examples/UpdateInputExamplesEdgePrometheus" + UpdateInputExamplesElastic: + $ref: "#/components/examples/UpdateInputExamplesElastic" + UpdateInputExamplesEventhub: + $ref: "#/components/examples/UpdateInputExamplesEventhub" + UpdateInputExamplesEventhubAmqp: + $ref: "#/components/examples/UpdateInputExamplesEventhubAmqp" + UpdateInputExamplesExec: + $ref: "#/components/examples/UpdateInputExamplesExec" + UpdateInputExamplesFile: + $ref: "#/components/examples/UpdateInputExamplesFile" + UpdateInputExamplesFirehose: + $ref: "#/components/examples/UpdateInputExamplesFirehose" + UpdateInputExamplesGrafana: + $ref: "#/components/examples/UpdateInputExamplesGrafana" + UpdateInputExamplesGooglePubsub: + $ref: "#/components/examples/UpdateInputExamplesGooglePubsub" + UpdateInputExamplesHttp: + $ref: "#/components/examples/UpdateInputExamplesHttp" + UpdateInputExamplesHttpRaw: + $ref: "#/components/examples/UpdateInputExamplesHttpRaw" + UpdateInputExamplesJournalFiles: + $ref: "#/components/examples/UpdateInputExamplesJournalFiles" + UpdateInputExamplesKafka: + $ref: "#/components/examples/UpdateInputExamplesKafka" + UpdateInputExamplesKinesis: + $ref: "#/components/examples/UpdateInputExamplesKinesis" + UpdateInputExamplesKubeEvents: + $ref: "#/components/examples/UpdateInputExamplesKubeEvents" + UpdateInputExamplesKubeLogs: + $ref: "#/components/examples/UpdateInputExamplesKubeLogs" + UpdateInputExamplesKubeMetrics: + $ref: "#/components/examples/UpdateInputExamplesKubeMetrics" + UpdateInputExamplesLoki: + $ref: "#/components/examples/UpdateInputExamplesLoki" + UpdateInputExamplesMetrics: + $ref: "#/components/examples/UpdateInputExamplesMetrics" + UpdateInputExamplesModelDrivenTelemetry: + $ref: "#/components/examples/UpdateInputExamplesModelDrivenTelemetry" + UpdateInputExamplesMsk: + $ref: "#/components/examples/UpdateInputExamplesMsk" + UpdateInputExamplesNetflow: + $ref: "#/components/examples/UpdateInputExamplesNetflow" + UpdateInputExamplesOffice365Mgmt: + $ref: "#/components/examples/UpdateInputExamplesOffice365Mgmt" + UpdateInputExamplesMicrosoftGraph: + $ref: "#/components/examples/UpdateInputExamplesMicrosoftGraph" + UpdateInputExamplesOffice365MsgTrace: + $ref: "#/components/examples/UpdateInputExamplesOffice365MsgTrace" + UpdateInputExamplesOffice365Service: + $ref: "#/components/examples/UpdateInputExamplesOffice365Service" + UpdateInputExamplesOkta: + $ref: "#/components/examples/UpdateInputExamplesOkta" + UpdateInputExamplesOpenAI: + $ref: "#/components/examples/UpdateInputExamplesOpenAI" + UpdateInputExamplesOpenAIComplianceLogs: + $ref: "#/components/examples/UpdateInputExamplesOpenAIComplianceLogs" + UpdateInputExamplesOpenTelemetry: + $ref: "#/components/examples/UpdateInputExamplesOpenTelemetry" + UpdateInputExamplesPrometheus: + $ref: "#/components/examples/UpdateInputExamplesPrometheus" + UpdateInputExamplesPrometheusRw: + $ref: "#/components/examples/UpdateInputExamplesPrometheusRw" + UpdateInputExamplesRawUdp: + $ref: "#/components/examples/UpdateInputExamplesRawUdp" + UpdateInputExamplesS3: + $ref: "#/components/examples/UpdateInputExamplesS3" + UpdateInputExamplesS3Inventory: + $ref: "#/components/examples/UpdateInputExamplesS3Inventory" + UpdateInputExamplesSecurityLake: + $ref: "#/components/examples/UpdateInputExamplesSecurityLake" + UpdateInputExamplesServiceNowTable: + $ref: "#/components/examples/UpdateInputExamplesServiceNowTable" + UpdateInputExamplesSnmp: + $ref: "#/components/examples/UpdateInputExamplesSnmp" + UpdateInputExamplesSplunk: + $ref: "#/components/examples/UpdateInputExamplesSplunk" + UpdateInputExamplesSplunkHec: + $ref: "#/components/examples/UpdateInputExamplesSplunkHec" + UpdateInputExamplesSplunkSearch: + $ref: "#/components/examples/UpdateInputExamplesSplunkSearch" + UpdateInputExamplesSqs: + $ref: "#/components/examples/UpdateInputExamplesSqs" + UpdateInputExamplesSyslog: + $ref: "#/components/examples/UpdateInputExamplesSyslog" + UpdateInputExamplesSystemMetrics: + $ref: "#/components/examples/UpdateInputExamplesSystemMetrics" + UpdateInputExamplesSystemState: + $ref: "#/components/examples/UpdateInputExamplesSystemState" + UpdateInputExamplesTcp: + $ref: "#/components/examples/UpdateInputExamplesTcp" + UpdateInputExamplesTcpjson: + $ref: "#/components/examples/UpdateInputExamplesTcpjson" + UpdateInputExamplesWef: + $ref: "#/components/examples/UpdateInputExamplesWef" + UpdateInputExamplesWinEventLogs: + $ref: "#/components/examples/UpdateInputExamplesWinEventLogs" + UpdateInputExamplesWindowsMetrics: + $ref: "#/components/examples/UpdateInputExamplesWindowsMetrics" + UpdateInputExamplesWiz: + $ref: "#/components/examples/UpdateInputExamplesWiz" + UpdateInputExamplesWizWebhook: + $ref: "#/components/examples/UpdateInputExamplesWizWebhook" + UpdateInputExamplesZscalerHec: + $ref: "#/components/examples/UpdateInputExamplesZscalerHec" responses: "200": - description: the updated Destination object + description: the updated Source object content: application/json: schema: - $ref: "#/components/schemas/CountedOutputResponse" + $ref: "#/components/schemas/CountedInputResponse" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -53606,124 +65648,180 @@ paths: schema: $ref: "#/components/schemas/Error" delete: - operationId: deleteOutputById - x-speakeasy-group: destinations + operationId: deleteInputSystemByPackAndId + x-speakeasy-group: packs.sources x-cribl-internal: false x-cribl-availability: both x-speakeasy-name-override: delete tags: - - destinations - summary: Delete a Destination - description: Delete the specified Destination. + - sources + summary: Delete a Source within a Pack + description: Delete the specified Source within the specified Pack. parameters: - name: id in: path required: true schema: type: string - description: The id of the Destination to delete. + description: The id of the Source to delete. + - name: pack + in: path + required: true + schema: + type: string + description: The id of the Pack. responses: "200": - description: the deleted Destination object + description: the deleted Source object content: application/json: schema: - $ref: "#/components/schemas/CountedOutputResponse" + $ref: "#/components/schemas/CountedInputResponse" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - /system/outputs/{id}/pq: - delete: - operationId: deleteOutputPqById + /p/{pack}/system/inputs/{id}/hectoken: + post: + operationId: createInputSystemHecTokenByPackAndId tags: - - destinations - x-speakeasy-group: destinations.pq - x-speakeasy-name-override: clear + - sources + x-speakeasy-group: packs.sources.hecTokens + x-speakeasy-name-override: create x-cribl-internal: false x-cribl-availability: both - summary: Clear the persistent queue for a Destination - description: Clear the persistent queue (PQ) for the specified Destination. + summary: Add an HEC token and optional metadata to a Splunk HEC Source within a + Pack + description: Add an HEC token and optional metadata to the specified Splunk HEC + Source within the specified Pack. responses: - "201": - description: A list of job ids for the background job that clears the persistent queue + "200": + description: the updated Splunk HEC Source with the new HEC token content: application/json: schema: - $ref: "#/components/schemas/CountedString" + $ref: "#/components/schemas/CountedInputSplunkHec" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" + requestBody: + description: AddHecTokenRequest object. + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/AddHecTokenRequest" + examples: + HecTokenExamplesHecToken: + $ref: "#/components/examples/HecTokenExamplesHecToken" + HecTokenExamplesHecTokenWithIndexAccess: + $ref: "#/components/examples/HecTokenExamplesHecTokenWithIndexAccess" parameters: - name: id in: path required: true schema: type: string - description: The id of the Destination to clear the PQ for. - get: - operationId: getOutputPqById + description: The id of the Splunk HEC Source. + - name: pack + in: path + required: true + schema: + type: string + description: The id of the Pack. + /p/{pack}/system/inputs/{id}/hectoken/{token}: + patch: + operationId: updateInputSystemHecTokenByPackAndIdAndToken tags: - - destinations - x-speakeasy-group: destinations.pq - x-speakeasy-name-override: get + - sources + x-speakeasy-group: packs.sources.hecTokens + x-speakeasy-name-override: update x-cribl-internal: false x-cribl-availability: both - summary: Get information about the latest job to clear the persistent queue for a Destination - description: Get information about the latest job to clear the persistent queue (PQ) for the specified Destination. + summary: Update metadata for an HEC token for a Splunk HEC Source within a Pack + description: Update the metadata for the specified HEC token for the specified + Splunk HEC Source within the specified Pack. responses: "200": - description: information about the latest PQ clear job for the Destination + description: the updated HEC token content: application/json: schema: - $ref: "#/components/schemas/CountedJobInfo" + $ref: "#/components/schemas/CountedInputSplunkHec" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" + requestBody: + description: UpdateHecTokenRequest object. + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/UpdateHecTokenRequest" + examples: + HecTokenExamplesHecToken: + $ref: "#/components/examples/HecTokenExamplesHecToken" + HecTokenExamplesHecTokenWithIndexAccess: + $ref: "#/components/examples/HecTokenExamplesHecTokenWithIndexAccess" parameters: - name: id in: path required: true schema: type: string - description: The id of the Destination to get PQ job information for. - /system/outputs/{id}/samples: - get: - operationId: getOutputSamplesById + description: The id of the Splunk HEC Source. + - name: token + in: path + required: true + schema: + type: string + description: The HEC token value to update. + - name: pack + in: path + required: true + schema: + type: string + description: The id of the Pack. + /p/{pack}/system/inputs/{id}/pq: + delete: + operationId: deleteInputSystemPqByPackAndId tags: - - destinations - x-speakeasy-group: destinations.samples - x-speakeasy-name-override: get + - sources + x-speakeasy-group: packs.sources.pq + x-speakeasy-name-override: clear x-cribl-internal: false x-cribl-availability: both - summary: Get sample event data for a Destination - description: Get sample event data for the specified Destination to validate the configuration or test connectivity. + summary: Clear the persistent queue for a Source within a Pack + description: Clear the persistent queue (PQ) for the specified Source within the + specified Pack. responses: - "200": - description: Sample event data for the Destination + "201": + description: A list of job ids for the background job that clears the persistent + queue content: application/json: schema: - $ref: "#/components/schemas/CountedOutputSamplesResponse" - "400": - description: Bad Request — invalid request or Destination error + $ref: "#/components/schemas/CountedString" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -53736,54 +65834,54 @@ paths: required: true schema: type: string - description: The id of the Destination to get sample event data for. - /system/outputs/{id}/test: - post: - operationId: createOutputTestById + description: The id of the Source to clear the PQ for. + - name: pack + in: path + required: true + schema: + type: string + description: The id of the Pack. + get: + operationId: getInputSystemPqByPackAndId tags: - - destinations - x-speakeasy-group: destinations.samples - x-speakeasy-name-override: create + - sources + x-speakeasy-group: packs.sources.pq + x-speakeasy-name-override: get x-cribl-internal: false x-cribl-availability: both - summary: Send sample event data to a Destination - description: Send sample event data to the specified Destination to validate the configuration or test connectivity. + summary: Get information about the latest job to clear the persistent queue for + a Source within a Pack + description: Get information about the latest job to clear the persistent queue + (PQ) for the specified Source within the specified Pack. responses: "200": - description: Destination test result + description: information about the latest job to clear the PQ for the Source content: application/json: schema: - $ref: "#/components/schemas/CountedOutputTestResponse" - "400": - description: Bad Request — missing or invalid events + $ref: "#/components/schemas/CountedJobInfo" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - requestBody: - description: OutputTestRequest object. - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/OutputTestRequest" - examples: - OutputTestExamplesSingleEvent: - $ref: "#/components/examples/OutputTestExamplesSingleEvent" - OutputTestExamplesMultipleEvents: - $ref: "#/components/examples/OutputTestExamplesMultipleEvents" parameters: - name: id in: path required: true schema: type: string - description: The id of the Destination to send sample event data to. + description: The id of the Source to get PQ job information for. + - name: pack + in: path + required: true + schema: + type: string + description: The id of the Pack. /p/{pack}/system/outputs: get: operationId: getOutputSystemByPack @@ -53803,7 +65901,8 @@ paths: schema: $ref: "#/components/schemas/CountedOutputResponse" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -53816,7 +65915,9 @@ paths: required: false schema: $ref: "#/components/schemas/DestinationType" - description: Type of Destination to include in the results. Each request can include only one type parameter; multiple parameters per request are not supported. + description: Type of Destination to include in the results. Each request can + include only one type parameter; multiple parameters + per request are not supported. - name: pack in: path required: true @@ -53951,6 +66052,8 @@ paths: $ref: "#/components/examples/OutputCreateExamplesServiceNow" OutputCreateExamplesDynatraceOtlp: $ref: "#/components/examples/OutputCreateExamplesDynatraceOtlp" + OutputCreateExamplesGoogleCloudObservability: + $ref: "#/components/examples/OutputCreateExamplesGoogleCloudObservability" OutputCreateExamplesSentinelOneAiSiem: $ref: "#/components/examples/OutputCreateExamplesSentinelOneAiSiem" OutputCreateExamplesDataset: @@ -53998,324 +66101,15 @@ paths: OutputCreateExamplesDatabricks: $ref: "#/components/examples/OutputCreateExamplesDatabricks" responses: - "200": - description: the created Destination object - content: - application/json: - schema: - $ref: "#/components/schemas/CountedOutputResponse" - "401": - description: Authentication failed (missing or invalid credentials or Bearer token). - "500": - description: Unexpected server error. - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: pack - in: path - required: true - schema: - type: string - description: The id of the Pack. - /p/{pack}/system/outputs/{id}: - get: - operationId: getOutputSystemByPackAndId - x-speakeasy-group: packs.destinations - x-cribl-internal: false - x-cribl-availability: both - x-speakeasy-name-override: get - tags: - - destinations - summary: Get a Destination within a Pack - description: Get the specified Destination within the specified Pack. - parameters: - - name: id - in: path - required: true - schema: - type: string - description: The id of the Destination to get. - - name: pack - in: path - required: true - schema: - type: string - description: The id of the Pack. - responses: - "200": - description: a Destination object - content: - application/json: - schema: - $ref: "#/components/schemas/CountedOutputResponse" - "401": - description: Authentication failed (missing or invalid credentials or Bearer token). - "500": - description: Unexpected server error. - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - patch: - operationId: updateOutputSystemByPackAndId - x-speakeasy-group: packs.destinations - x-cribl-internal: false - x-cribl-availability: both - x-speakeasy-name-override: update - tags: - - destinations - summary: Update a Destination within a Pack - description: Update the specified Destination.

Provide a complete representation of the Destination that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Destination.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Destination might not function as expected within the specified Pack. - parameters: - - name: id - in: path - required: true - schema: - type: string - description: The id of the Destination to update. - - name: pack - in: path - required: true - schema: - type: string - description: The id of the Pack. - requestBody: - description: Output object. - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/Output" - examples: - OutputExamplesDefault: - $ref: "#/components/examples/OutputExamplesDefault" - OutputCreateExamplesTcpjson: - $ref: "#/components/examples/OutputCreateExamplesTcpjson" - OutputCreateExamplesSplunk: - $ref: "#/components/examples/OutputCreateExamplesSplunk" - OutputCreateExamplesSplunkLb: - $ref: "#/components/examples/OutputCreateExamplesSplunkLb" - OutputCreateExamplesSplunkHec: - $ref: "#/components/examples/OutputCreateExamplesSplunkHec" - OutputCreateExamplesSyslog: - $ref: "#/components/examples/OutputCreateExamplesSyslog" - OutputCreateExamplesFilesystem: - $ref: "#/components/examples/OutputCreateExamplesFilesystem" - OutputCreateExamplesS3: - $ref: "#/components/examples/OutputCreateExamplesS3" - OutputCreateExamplesNutanixObjects: - $ref: "#/components/examples/OutputCreateExamplesNutanixObjects" - OutputCreateExamplesStorjS3: - $ref: "#/components/examples/OutputCreateExamplesStorjS3" - OutputCreateExamplesAlphasocS3: - $ref: "#/components/examples/OutputCreateExamplesAlphasocS3" - OutputCreateExamplesdellS3: - $ref: "#/components/examples/OutputCreateExamplesdellS3" - OutputCreateExamplescloudianS3: - $ref: "#/components/examples/OutputCreateExamplescloudianS3" - OutputCreateExamplesscalityS3: - $ref: "#/components/examples/OutputCreateExamplesscalityS3" - OutputCreateExamplesalibabaCloudS3: - $ref: "#/components/examples/OutputCreateExamplesalibabaCloudS3" - OutputCreateExamplesAzureBlob: - $ref: "#/components/examples/OutputCreateExamplesAzureBlob" - OutputCreateExamplesAzureDataExplorer: - $ref: "#/components/examples/OutputCreateExamplesAzureDataExplorer" - OutputCreateExamplesSentinel: - $ref: "#/components/examples/OutputCreateExamplesSentinel" - OutputCreateExamplesAzureLogs: - $ref: "#/components/examples/OutputCreateExamplesAzureLogs" - OutputCreateExamplesKafka: - $ref: "#/components/examples/OutputCreateExamplesKafka" - OutputCreateExamplesConfluentCloud: - $ref: "#/components/examples/OutputCreateExamplesConfluentCloud" - OutputCreateExamplesMsk: - $ref: "#/components/examples/OutputCreateExamplesMsk" - OutputCreateExamplesKinesis: - $ref: "#/components/examples/OutputCreateExamplesKinesis" - OutputCreateExamplesElastic: - $ref: "#/components/examples/OutputCreateExamplesElastic" - OutputCreateExamplesElasticCloud: - $ref: "#/components/examples/OutputCreateExamplesElasticCloud" - OutputCreateExamplesMicrosoftFabric: - $ref: "#/components/examples/OutputCreateExamplesMicrosoftFabric" - OutputCreateExamplesCloudflareR2: - $ref: "#/components/examples/OutputCreateExamplesCloudflareR2" - OutputCreateExamplesHoneycomb: - $ref: "#/components/examples/OutputCreateExamplesHoneycomb" - OutputCreateExamplesNewrelic: - $ref: "#/components/examples/OutputCreateExamplesNewrelic" - OutputCreateExamplesNewrelicEvents: - $ref: "#/components/examples/OutputCreateExamplesNewrelicEvents" - OutputCreateExamplesSnmp: - $ref: "#/components/examples/OutputCreateExamplesSnmp" - OutputCreateExamplesInfluxdb: - $ref: "#/components/examples/OutputCreateExamplesInfluxdb" - OutputCreateExamplesMinio: - $ref: "#/components/examples/OutputCreateExamplesMinio" - OutputCreateExamplesCloudwatch: - $ref: "#/components/examples/OutputCreateExamplesCloudwatch" - OutputCreateExamplesAzureEventhub: - $ref: "#/components/examples/OutputCreateExamplesAzureEventhub" - OutputCreateExamplesStatsd: - $ref: "#/components/examples/OutputCreateExamplesStatsd" - OutputCreateExamplesStatsdExt: - $ref: "#/components/examples/OutputCreateExamplesStatsdExt" - OutputCreateExamplesGraphite: - $ref: "#/components/examples/OutputCreateExamplesGraphite" - OutputCreateExamplesWavefront: - $ref: "#/components/examples/OutputCreateExamplesWavefront" - OutputCreateExamplesSignalfx: - $ref: "#/components/examples/OutputCreateExamplesSignalfx" - OutputCreateExamplesSqs: - $ref: "#/components/examples/OutputCreateExamplesSqs" - OutputCreateExamplesGoogleCloudStorage: - $ref: "#/components/examples/OutputCreateExamplesGoogleCloudStorage" - OutputCreateExamplesSumoLogic: - $ref: "#/components/examples/OutputCreateExamplesSumoLogic" - OutputCreateExamplesDatadog: - $ref: "#/components/examples/OutputCreateExamplesDatadog" - OutputCreateExamplesWebhook: - $ref: "#/components/examples/OutputCreateExamplesWebhook" - OutputCreateExamplesPrometheus: - $ref: "#/components/examples/OutputCreateExamplesPrometheus" - OutputCreateExamplesGooglePubsub: - $ref: "#/components/examples/OutputCreateExamplesGooglePubsub" - OutputCreateExamplesGoogleChronicle: - $ref: "#/components/examples/OutputCreateExamplesGoogleChronicle" - OutputCreateExamplesChronicle: - $ref: "#/components/examples/OutputCreateExamplesChronicle" - OutputCreateExamplesGrafanaCloud: - $ref: "#/components/examples/OutputCreateExamplesGrafanaCloud" - OutputCreateExamplesLoki: - $ref: "#/components/examples/OutputCreateExamplesLoki" - OutputCreateExamplesOpenTelemetry: - $ref: "#/components/examples/OutputCreateExamplesOpenTelemetry" - OutputCreateExamplesServiceNow: - $ref: "#/components/examples/OutputCreateExamplesServiceNow" - OutputCreateExamplesDynatraceOtlp: - $ref: "#/components/examples/OutputCreateExamplesDynatraceOtlp" - OutputCreateExamplesSentinelOneAiSiem: - $ref: "#/components/examples/OutputCreateExamplesSentinelOneAiSiem" - OutputCreateExamplesDataset: - $ref: "#/components/examples/OutputCreateExamplesDataset" - OutputCreateExamplesRing: - $ref: "#/components/examples/OutputCreateExamplesRing" - OutputCreateExamplesRouter: - $ref: "#/components/examples/OutputCreateExamplesRouter" - OutputCreateExamplesWizHec: - $ref: "#/components/examples/OutputCreateExamplesWizHec" - OutputCreateExamplesHumioHec: - $ref: "#/components/examples/OutputCreateExamplesHumioHec" - OutputCreateExamplesCrowdstrikeNextGenSiem: - $ref: "#/components/examples/OutputCreateExamplesCrowdstrikeNextGenSiem" - OutputCreateExamplesCriblHttp: - $ref: "#/components/examples/OutputCreateExamplesCriblHttp" - OutputCreateExamplesCriblTcp: - $ref: "#/components/examples/OutputCreateExamplesCriblTcp" - OutputCreateExamplesCriblSearchEngine: - $ref: "#/components/examples/OutputCreateExamplesCriblSearchEngine" - OutputCreateExamplesGoogleCloudLogging: - $ref: "#/components/examples/OutputCreateExamplesGoogleCloudLogging" - OutputCreateExamplesSns: - $ref: "#/components/examples/OutputCreateExamplesSns" - OutputCreateExamplesDlS3: - $ref: "#/components/examples/OutputCreateExamplesDlS3" - OutputCreateExamplesSecurityLake: - $ref: "#/components/examples/OutputCreateExamplesSecurityLake" - OutputCreateExamplesCriblLake: - $ref: "#/components/examples/OutputCreateExamplesCriblLake" - OutputCreateExamplesExabeam: - $ref: "#/components/examples/OutputCreateExamplesExabeam" - OutputCreateExamplesDiskSpool: - $ref: "#/components/examples/OutputCreateExamplesDiskSpool" - OutputCreateExamplesClickHouse: - $ref: "#/components/examples/OutputCreateExamplesClickHouse" - OutputCreateExamplesLocalSearchStorage: - $ref: "#/components/examples/OutputCreateExamplesLocalSearchStorage" - OutputCreateExamplesXsiam: - $ref: "#/components/examples/OutputCreateExamplesXsiam" - OutputCreateExamplesNetflow: - $ref: "#/components/examples/OutputCreateExamplesNetflow" - OutputCreateExamplesDynatraceHttp: - $ref: "#/components/examples/OutputCreateExamplesDynatraceHttp" - OutputCreateExamplesDatabricks: - $ref: "#/components/examples/OutputCreateExamplesDatabricks" - responses: - "200": - description: the updated Destination object - content: - application/json: - schema: - $ref: "#/components/schemas/CountedOutputResponse" - "401": - description: Authentication failed (missing or invalid credentials or Bearer token). - "500": - description: Unexpected server error. - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - delete: - operationId: deleteOutputSystemByPackAndId - x-speakeasy-group: packs.destinations - x-cribl-internal: false - x-cribl-availability: both - x-speakeasy-name-override: delete - tags: - - destinations - summary: Delete a Destination within a Pack - description: Delete the specified Destination within the specified Pack. - parameters: - - name: id - in: path - required: true - schema: - type: string - description: The id of the Destination to delete. - - name: pack - in: path - required: true - schema: - type: string - description: The id of the Pack. - responses: - "200": - description: the deleted Destination object - content: - application/json: - schema: - $ref: "#/components/schemas/CountedOutputResponse" - "401": - description: Authentication failed (missing or invalid credentials or Bearer token). - "500": - description: Unexpected server error. - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /p/{pack}/system/outputs/{id}/pq: - delete: - operationId: deleteOutputSystemPqByPackAndId - tags: - - destinations - x-speakeasy-group: packs.destinations.pq - x-speakeasy-name-override: clear - x-cribl-internal: false - x-cribl-availability: both - summary: Clear the persistent queue for a Destination within a Pack - description: Clear the persistent queue (PQ) for the specified Destination within the specified Pack. - responses: - "201": - description: A list of job ids for the background job that clears the persistent queue + "200": + description: the created Destination object content: application/json: schema: - $ref: "#/components/schemas/CountedString" + $ref: "#/components/schemas/CountedOutputResponse" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -54323,309 +66117,323 @@ paths: schema: $ref: "#/components/schemas/Error" parameters: - - name: id - in: path - required: true - schema: - type: string - description: The id of the Destination to clear the PQ for. - name: pack in: path required: true schema: type: string description: The id of the Pack. + /p/{pack}/system/outputs/{id}: get: - operationId: getOutputSystemPqByPackAndId - tags: - - destinations - x-speakeasy-group: packs.destinations.pq - x-speakeasy-name-override: get + operationId: getOutputSystemByPackAndId + x-speakeasy-group: packs.destinations x-cribl-internal: false x-cribl-availability: both - summary: Get information about the latest job to clear the persistent queue for a Destination within a Pack - description: Get information about the latest job to clear the persistent queue (PQ) for the specified Destination within the specified Pack. - responses: - "200": - description: information about the latest PQ clear job for the Destination - content: - application/json: - schema: - $ref: "#/components/schemas/CountedJobInfo" - "401": - description: Authentication failed (missing or invalid credentials or Bearer token). - "500": - description: Unexpected server error. - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + x-speakeasy-name-override: get + tags: + - destinations + summary: Get a Destination within a Pack + description: Get the specified Destination within the specified Pack. parameters: - name: id in: path required: true schema: type: string - description: The id of the Destination to get PQ job information for. + description: The id of the Destination to get. - name: pack in: path required: true schema: type: string description: The id of the Pack. - /p/{pack}/system/outputs/{id}/samples: - get: - operationId: getOutputSystemSamplesByPackAndId - tags: - - destinations - x-speakeasy-group: packs.destinations.samples - x-speakeasy-name-override: get - x-cribl-internal: false - x-cribl-availability: both - summary: Get sample event data for a Destination within a Pack - description: Get sample event data for the specified Destination to validate the configuration or test connectivity within the specified Pack. responses: "200": - description: Sample event data for the Destination + description: a Destination object content: application/json: schema: - $ref: "#/components/schemas/CountedOutputSamplesResponse" - "400": - description: Bad Request — invalid request or Destination error + $ref: "#/components/schemas/CountedOutputResponse" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" + patch: + operationId: updateOutputSystemByPackAndId + x-speakeasy-group: packs.destinations + x-cribl-internal: false + x-cribl-availability: both + x-speakeasy-name-override: update + tags: + - destinations + summary: Update a Destination within a Pack + description: Update the specified Destination.

Provide a complete + representation of the Destination that you want to update in the request + body. This endpoint does not support partial updates. Cribl removes any + omitted fields when updating the Destination.

Confirm that the + configuration in your request body is correct before sending the + request. If the configuration is incorrect, the updated Destination + might not function as expected within the specified Pack. parameters: - name: id in: path required: true schema: type: string - description: The id of the Destination to get sample event data for. + description: The id of the Destination to update. - name: pack in: path required: true schema: type: string description: The id of the Pack. - /p/{pack}/system/outputs/{id}/test: - post: - operationId: createOutputSystemTestByPackAndId - tags: - - destinations - x-speakeasy-group: packs.destinations.samples - x-speakeasy-name-override: create - x-cribl-internal: false - x-cribl-availability: both - summary: Send sample event data to a Destination within a Pack - description: Send sample event data to the specified Destination to validate the configuration or test connectivity within the specified Pack. + requestBody: + description: Output object. + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/Output" + examples: + UpdateOutputExamplesDefault: + $ref: "#/components/examples/UpdateOutputExamplesDefault" + UpdateOutputExamplesTcpjson: + $ref: "#/components/examples/UpdateOutputExamplesTcpjson" + UpdateOutputExamplesSplunk: + $ref: "#/components/examples/UpdateOutputExamplesSplunk" + UpdateOutputExamplesSplunkLb: + $ref: "#/components/examples/UpdateOutputExamplesSplunkLb" + UpdateOutputExamplesSplunkHec: + $ref: "#/components/examples/UpdateOutputExamplesSplunkHec" + UpdateOutputExamplesSyslog: + $ref: "#/components/examples/UpdateOutputExamplesSyslog" + UpdateOutputExamplesFilesystem: + $ref: "#/components/examples/UpdateOutputExamplesFilesystem" + UpdateOutputExamplesS3: + $ref: "#/components/examples/UpdateOutputExamplesS3" + UpdateOutputExamplesNutanixObjects: + $ref: "#/components/examples/UpdateOutputExamplesNutanixObjects" + UpdateOutputExamplesStorjS3: + $ref: "#/components/examples/UpdateOutputExamplesStorjS3" + UpdateOutputExamplesAlphasocS3: + $ref: "#/components/examples/UpdateOutputExamplesAlphasocS3" + UpdateOutputExamplesdellS3: + $ref: "#/components/examples/UpdateOutputExamplesdellS3" + UpdateOutputExamplescloudianS3: + $ref: "#/components/examples/UpdateOutputExamplescloudianS3" + UpdateOutputExamplesscalityS3: + $ref: "#/components/examples/UpdateOutputExamplesscalityS3" + UpdateOutputExamplesalibabaCloudS3: + $ref: "#/components/examples/UpdateOutputExamplesalibabaCloudS3" + UpdateOutputExamplesAzureBlob: + $ref: "#/components/examples/UpdateOutputExamplesAzureBlob" + UpdateOutputExamplesAzureDataExplorer: + $ref: "#/components/examples/UpdateOutputExamplesAzureDataExplorer" + UpdateOutputExamplesSentinel: + $ref: "#/components/examples/UpdateOutputExamplesSentinel" + UpdateOutputExamplesAzureLogs: + $ref: "#/components/examples/UpdateOutputExamplesAzureLogs" + UpdateOutputExamplesKafka: + $ref: "#/components/examples/UpdateOutputExamplesKafka" + UpdateOutputExamplesConfluentCloud: + $ref: "#/components/examples/UpdateOutputExamplesConfluentCloud" + UpdateOutputExamplesMsk: + $ref: "#/components/examples/UpdateOutputExamplesMsk" + UpdateOutputExamplesKinesis: + $ref: "#/components/examples/UpdateOutputExamplesKinesis" + UpdateOutputExamplesElastic: + $ref: "#/components/examples/UpdateOutputExamplesElastic" + UpdateOutputExamplesElasticCloud: + $ref: "#/components/examples/UpdateOutputExamplesElasticCloud" + UpdateOutputExamplesMicrosoftFabric: + $ref: "#/components/examples/UpdateOutputExamplesMicrosoftFabric" + UpdateOutputExamplesCloudflareR2: + $ref: "#/components/examples/UpdateOutputExamplesCloudflareR2" + UpdateOutputExamplesHoneycomb: + $ref: "#/components/examples/UpdateOutputExamplesHoneycomb" + UpdateOutputExamplesNewrelic: + $ref: "#/components/examples/UpdateOutputExamplesNewrelic" + UpdateOutputExamplesNewrelicEvents: + $ref: "#/components/examples/UpdateOutputExamplesNewrelicEvents" + UpdateOutputExamplesSnmp: + $ref: "#/components/examples/UpdateOutputExamplesSnmp" + UpdateOutputExamplesInfluxdb: + $ref: "#/components/examples/UpdateOutputExamplesInfluxdb" + UpdateOutputExamplesMinio: + $ref: "#/components/examples/UpdateOutputExamplesMinio" + UpdateOutputExamplesCloudwatch: + $ref: "#/components/examples/UpdateOutputExamplesCloudwatch" + UpdateOutputExamplesAzureEventhub: + $ref: "#/components/examples/UpdateOutputExamplesAzureEventhub" + UpdateOutputExamplesStatsd: + $ref: "#/components/examples/UpdateOutputExamplesStatsd" + UpdateOutputExamplesStatsdExt: + $ref: "#/components/examples/UpdateOutputExamplesStatsdExt" + UpdateOutputExamplesGraphite: + $ref: "#/components/examples/UpdateOutputExamplesGraphite" + UpdateOutputExamplesWavefront: + $ref: "#/components/examples/UpdateOutputExamplesWavefront" + UpdateOutputExamplesSignalfx: + $ref: "#/components/examples/UpdateOutputExamplesSignalfx" + UpdateOutputExamplesSqs: + $ref: "#/components/examples/UpdateOutputExamplesSqs" + UpdateOutputExamplesGoogleCloudStorage: + $ref: "#/components/examples/UpdateOutputExamplesGoogleCloudStorage" + UpdateOutputExamplesSumoLogic: + $ref: "#/components/examples/UpdateOutputExamplesSumoLogic" + UpdateOutputExamplesDatadog: + $ref: "#/components/examples/UpdateOutputExamplesDatadog" + UpdateOutputExamplesWebhook: + $ref: "#/components/examples/UpdateOutputExamplesWebhook" + UpdateOutputExamplesPrometheus: + $ref: "#/components/examples/UpdateOutputExamplesPrometheus" + UpdateOutputExamplesGooglePubsub: + $ref: "#/components/examples/UpdateOutputExamplesGooglePubsub" + UpdateOutputExamplesGoogleChronicle: + $ref: "#/components/examples/UpdateOutputExamplesGoogleChronicle" + UpdateOutputExamplesChronicle: + $ref: "#/components/examples/UpdateOutputExamplesChronicle" + UpdateOutputExamplesGrafanaCloud: + $ref: "#/components/examples/UpdateOutputExamplesGrafanaCloud" + UpdateOutputExamplesLoki: + $ref: "#/components/examples/UpdateOutputExamplesLoki" + UpdateOutputExamplesOpenTelemetry: + $ref: "#/components/examples/UpdateOutputExamplesOpenTelemetry" + UpdateOutputExamplesServiceNow: + $ref: "#/components/examples/UpdateOutputExamplesServiceNow" + UpdateOutputExamplesDynatraceOtlp: + $ref: "#/components/examples/UpdateOutputExamplesDynatraceOtlp" + UpdateOutputExamplesGoogleCloudObservability: + $ref: "#/components/examples/UpdateOutputExamplesGoogleCloudObservability" + UpdateOutputExamplesSentinelOneAiSiem: + $ref: "#/components/examples/UpdateOutputExamplesSentinelOneAiSiem" + UpdateOutputExamplesDataset: + $ref: "#/components/examples/UpdateOutputExamplesDataset" + UpdateOutputExamplesRing: + $ref: "#/components/examples/UpdateOutputExamplesRing" + UpdateOutputExamplesRouter: + $ref: "#/components/examples/UpdateOutputExamplesRouter" + UpdateOutputExamplesWizHec: + $ref: "#/components/examples/UpdateOutputExamplesWizHec" + UpdateOutputExamplesHumioHec: + $ref: "#/components/examples/UpdateOutputExamplesHumioHec" + UpdateOutputExamplesCrowdstrikeNextGenSiem: + $ref: "#/components/examples/UpdateOutputExamplesCrowdstrikeNextGenSiem" + UpdateOutputExamplesCriblHttp: + $ref: "#/components/examples/UpdateOutputExamplesCriblHttp" + UpdateOutputExamplesCriblTcp: + $ref: "#/components/examples/UpdateOutputExamplesCriblTcp" + UpdateOutputExamplesCriblSearchEngine: + $ref: "#/components/examples/UpdateOutputExamplesCriblSearchEngine" + UpdateOutputExamplesGoogleCloudLogging: + $ref: "#/components/examples/UpdateOutputExamplesGoogleCloudLogging" + UpdateOutputExamplesSns: + $ref: "#/components/examples/UpdateOutputExamplesSns" + UpdateOutputExamplesDlS3: + $ref: "#/components/examples/UpdateOutputExamplesDlS3" + UpdateOutputExamplesSecurityLake: + $ref: "#/components/examples/UpdateOutputExamplesSecurityLake" + UpdateOutputExamplesCriblLake: + $ref: "#/components/examples/UpdateOutputExamplesCriblLake" + UpdateOutputExamplesExabeam: + $ref: "#/components/examples/UpdateOutputExamplesExabeam" + UpdateOutputExamplesDiskSpool: + $ref: "#/components/examples/UpdateOutputExamplesDiskSpool" + UpdateOutputExamplesClickHouse: + $ref: "#/components/examples/UpdateOutputExamplesClickHouse" + UpdateOutputExamplesLocalSearchStorage: + $ref: "#/components/examples/UpdateOutputExamplesLocalSearchStorage" + UpdateOutputExamplesXsiam: + $ref: "#/components/examples/UpdateOutputExamplesXsiam" + UpdateOutputExamplesNetflow: + $ref: "#/components/examples/UpdateOutputExamplesNetflow" + UpdateOutputExamplesDynatraceHttp: + $ref: "#/components/examples/UpdateOutputExamplesDynatraceHttp" + UpdateOutputExamplesDatabricks: + $ref: "#/components/examples/UpdateOutputExamplesDatabricks" responses: "200": - description: Destination test result + description: the updated Destination object content: application/json: schema: - $ref: "#/components/schemas/CountedOutputTestResponse" - "400": - description: Bad Request — missing or invalid events + $ref: "#/components/schemas/CountedOutputResponse" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - requestBody: - description: OutputTestRequest object. - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/OutputTestRequest" - examples: - OutputTestExamplesSingleEvent: - $ref: "#/components/examples/OutputTestExamplesSingleEvent" - OutputTestExamplesMultipleEvents: - $ref: "#/components/examples/OutputTestExamplesMultipleEvents" + delete: + operationId: deleteOutputSystemByPackAndId + x-speakeasy-group: packs.destinations + x-cribl-internal: false + x-cribl-availability: both + x-speakeasy-name-override: delete + tags: + - destinations + summary: Delete a Destination within a Pack + description: Delete the specified Destination within the specified Pack. parameters: - name: id in: path required: true schema: type: string - description: The id of the Destination to send sample event data to. + description: The id of the Destination to delete. - name: pack in: path required: true schema: type: string description: The id of the Pack. - /pipelines: - post: - operationId: createPipelines - tags: - - pipelines - x-speakeasy-group: pipelines - x-speakeasy-name-override: create - x-cribl-internal: false - x-cribl-availability: both - summary: Create a Pipeline - description: Create a new Pipeline. - responses: - "200": - description: a list of Pipelines objects - content: - application/json: - schema: - $ref: "#/components/schemas/CountedPipeline" - "401": - description: Authentication failed (missing or invalid credentials or Bearer token). - "500": - description: Unexpected server error. - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - requestBody: - description: Pipeline object. - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/Pipeline" - examples: - PipelineExamplesEmpty: - $ref: "#/components/examples/PipelineExamplesEmpty" - PipelineExamplesAggregations: - $ref: "#/components/examples/PipelineExamplesAggregations" - PipelineExamplesAggregateMetrics: - $ref: "#/components/examples/PipelineExamplesAggregateMetrics" - PipelineExamplesAutoTimestamp: - $ref: "#/components/examples/PipelineExamplesAutoTimestamp" - PipelineExamplesCEFSerializer: - $ref: "#/components/examples/PipelineExamplesCEFSerializer" - PipelineExamplesChain: - $ref: "#/components/examples/PipelineExamplesChain" - PipelineExamplesClone: - $ref: "#/components/examples/PipelineExamplesClone" - PipelineExamplesComment: - $ref: "#/components/examples/PipelineExamplesComment" - PipelineExamplesDNSLookup: - $ref: "#/components/examples/PipelineExamplesDNSLookup" - PipelineExamplesDrop: - $ref: "#/components/examples/PipelineExamplesDrop" - PipelineExamplesDropDimensions: - $ref: "#/components/examples/PipelineExamplesDropDimensions" - PipelineExamplesDynamicSampling: - $ref: "#/components/examples/PipelineExamplesDynamicSampling" - PipelineExamplesEval: - $ref: "#/components/examples/PipelineExamplesEval" - PipelineExamplesEventBreaker: - $ref: "#/components/examples/PipelineExamplesEventBreaker" - PipelineExamplesFlatten: - $ref: "#/components/examples/PipelineExamplesFlatten" - PipelineExamplesFoldKeys: - $ref: "#/components/examples/PipelineExamplesFoldKeys" - PipelineExamplesGeoIP: - $ref: "#/components/examples/PipelineExamplesGeoIP" - PipelineExamplesGrok: - $ref: "#/components/examples/PipelineExamplesGrok" - PipelineExamplesGuard: - $ref: "#/components/examples/PipelineExamplesGuard" - PipelineExamplesJSONUnroll: - $ref: "#/components/examples/PipelineExamplesJSONUnroll" - PipelineExamplesLookup: - $ref: "#/components/examples/PipelineExamplesLookup" - PipelineExamplesMask: - $ref: "#/components/examples/PipelineExamplesMask" - PipelineExamplesNumerify: - $ref: "#/components/examples/PipelineExamplesNumerify" - PipelineExamplesOTLPLogs: - $ref: "#/components/examples/PipelineExamplesOTLPLogs" - PipelineExamplesOTLPMetrics: - $ref: "#/components/examples/PipelineExamplesOTLPMetrics" - PipelineExamplesOTLPTraces: - $ref: "#/components/examples/PipelineExamplesOTLPTraces" - PipelineExamplesParser: - $ref: "#/components/examples/PipelineExamplesParser" - PipelineExamplesPublishMetrics: - $ref: "#/components/examples/PipelineExamplesPublishMetrics" - PipelineExamplesRedis: - $ref: "#/components/examples/PipelineExamplesRedis" - PipelineExamplesRegexExtract: - $ref: "#/components/examples/PipelineExamplesRegexExtract" - PipelineExamplesRegexFilter: - $ref: "#/components/examples/PipelineExamplesRegexFilter" - PipelineExamplesRename: - $ref: "#/components/examples/PipelineExamplesRename" - PipelineExamplesRollupMetrics: - $ref: "#/components/examples/PipelineExamplesRollupMetrics" - PipelineExamplesSampling: - $ref: "#/components/examples/PipelineExamplesSampling" - PipelineExamplesSerialize: - $ref: "#/components/examples/PipelineExamplesSerialize" - PipelineExamplesSNMPTrapSerialize: - $ref: "#/components/examples/PipelineExamplesSNMPTrapSerialize" - PipelineExamplesSuppress: - $ref: "#/components/examples/PipelineExamplesSuppress" - PipelineExamplesTee: - $ref: "#/components/examples/PipelineExamplesTee" - PipelineExamplesUnroll: - $ref: "#/components/examples/PipelineExamplesUnroll" - PipelineExamplesXMLUnroll: - $ref: "#/components/examples/PipelineExamplesXMLUnroll" - get: - operationId: getPipelines - tags: - - pipelines - x-speakeasy-group: pipelines - x-speakeasy-name-override: list - x-cribl-internal: false - x-cribl-availability: both - summary: List all Pipelines - description: Get a list of all Pipelines. responses: "200": - description: a list of Pipeline objects + description: the deleted Destination object content: application/json: schema: - $ref: "#/components/schemas/CountedPipeline" + $ref: "#/components/schemas/CountedOutputResponse" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - /pipelines/{id}: + /p/{pack}/system/outputs/{id}/pq: delete: - operationId: deletePipelinesById + operationId: deleteOutputSystemPqByPackAndId tags: - - pipelines - x-speakeasy-group: pipelines - x-speakeasy-name-override: delete + - destinations + x-speakeasy-group: packs.destinations.pq + x-speakeasy-name-override: clear x-cribl-internal: false x-cribl-availability: both - summary: Delete a Pipeline - description: Delete the specified Pipeline. + summary: Clear the persistent queue for a Destination within a Pack + description: Clear the persistent queue (PQ) for the specified Destination + within the specified Pack. responses: - "200": - description: a list of Pipeline objects + "201": + description: A list of job ids for the background job that clears the persistent + queue content: application/json: schema: - $ref: "#/components/schemas/CountedPipeline" + $ref: "#/components/schemas/CountedString" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -54638,299 +66446,78 @@ paths: required: true schema: type: string - description: The id of the Pipeline to delete. - get: - operationId: getPipelinesById - tags: - - pipelines - x-speakeasy-group: pipelines - x-speakeasy-name-override: get - x-cribl-internal: false - x-cribl-availability: both - summary: Get a Pipeline - description: Get the specified Pipeline. - responses: - "200": - description: a list of Pipeline objects - content: - application/json: - schema: - $ref: "#/components/schemas/CountedPipeline" - "401": - description: Authentication failed (missing or invalid credentials or Bearer token). - "500": - description: Unexpected server error. - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: id + description: The id of the Destination to clear the PQ for. + - name: pack in: path required: true schema: type: string - description: The id of the Pipeline to get. - patch: - operationId: updatePipelinesById + description: The id of the Pack. + get: + operationId: getOutputSystemPqByPackAndId tags: - - pipelines - x-speakeasy-group: pipelines - x-speakeasy-name-override: update + - destinations + x-speakeasy-group: packs.destinations.pq + x-speakeasy-name-override: get x-cribl-internal: false x-cribl-availability: both - summary: Update a Pipeline - description: Update the specified Pipeline.

Provide a complete representation of the Pipeline that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Pipeline.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Pipeline might not function as expected. + summary: Get information about the latest job to clear the persistent queue for + a Destination within a Pack + description: Get information about the latest job to clear the persistent queue + (PQ) for the specified Destination within the specified Pack. responses: "200": - description: a list of Pipeline objects + description: information about the latest PQ clear job for the Destination content: application/json: schema: - $ref: "#/components/schemas/CountedPipeline" + $ref: "#/components/schemas/CountedJobInfo" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - requestBody: - description: Pipeline object. - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/Pipeline" - examples: - PipelineExamplesEmpty: - $ref: "#/components/examples/PipelineExamplesEmpty" - PipelineExamplesAggregations: - $ref: "#/components/examples/PipelineExamplesAggregations" - PipelineExamplesAggregateMetrics: - $ref: "#/components/examples/PipelineExamplesAggregateMetrics" - PipelineExamplesAutoTimestamp: - $ref: "#/components/examples/PipelineExamplesAutoTimestamp" - PipelineExamplesCEFSerializer: - $ref: "#/components/examples/PipelineExamplesCEFSerializer" - PipelineExamplesChain: - $ref: "#/components/examples/PipelineExamplesChain" - PipelineExamplesClone: - $ref: "#/components/examples/PipelineExamplesClone" - PipelineExamplesComment: - $ref: "#/components/examples/PipelineExamplesComment" - PipelineExamplesDNSLookup: - $ref: "#/components/examples/PipelineExamplesDNSLookup" - PipelineExamplesDrop: - $ref: "#/components/examples/PipelineExamplesDrop" - PipelineExamplesDropDimensions: - $ref: "#/components/examples/PipelineExamplesDropDimensions" - PipelineExamplesDynamicSampling: - $ref: "#/components/examples/PipelineExamplesDynamicSampling" - PipelineExamplesEval: - $ref: "#/components/examples/PipelineExamplesEval" - PipelineExamplesEventBreaker: - $ref: "#/components/examples/PipelineExamplesEventBreaker" - PipelineExamplesFlatten: - $ref: "#/components/examples/PipelineExamplesFlatten" - PipelineExamplesFoldKeys: - $ref: "#/components/examples/PipelineExamplesFoldKeys" - PipelineExamplesGeoIP: - $ref: "#/components/examples/PipelineExamplesGeoIP" - PipelineExamplesGrok: - $ref: "#/components/examples/PipelineExamplesGrok" - PipelineExamplesGuard: - $ref: "#/components/examples/PipelineExamplesGuard" - PipelineExamplesJSONUnroll: - $ref: "#/components/examples/PipelineExamplesJSONUnroll" - PipelineExamplesLookup: - $ref: "#/components/examples/PipelineExamplesLookup" - PipelineExamplesMask: - $ref: "#/components/examples/PipelineExamplesMask" - PipelineExamplesNumerify: - $ref: "#/components/examples/PipelineExamplesNumerify" - PipelineExamplesOTLPLogs: - $ref: "#/components/examples/PipelineExamplesOTLPLogs" - PipelineExamplesOTLPMetrics: - $ref: "#/components/examples/PipelineExamplesOTLPMetrics" - PipelineExamplesOTLPTraces: - $ref: "#/components/examples/PipelineExamplesOTLPTraces" - PipelineExamplesParser: - $ref: "#/components/examples/PipelineExamplesParser" - PipelineExamplesPublishMetrics: - $ref: "#/components/examples/PipelineExamplesPublishMetrics" - PipelineExamplesRedis: - $ref: "#/components/examples/PipelineExamplesRedis" - PipelineExamplesRegexExtract: - $ref: "#/components/examples/PipelineExamplesRegexExtract" - PipelineExamplesRegexFilter: - $ref: "#/components/examples/PipelineExamplesRegexFilter" - PipelineExamplesRename: - $ref: "#/components/examples/PipelineExamplesRename" - PipelineExamplesRollupMetrics: - $ref: "#/components/examples/PipelineExamplesRollupMetrics" - PipelineExamplesSampling: - $ref: "#/components/examples/PipelineExamplesSampling" - PipelineExamplesSerialize: - $ref: "#/components/examples/PipelineExamplesSerialize" - PipelineExamplesSNMPTrapSerialize: - $ref: "#/components/examples/PipelineExamplesSNMPTrapSerialize" - PipelineExamplesSuppress: - $ref: "#/components/examples/PipelineExamplesSuppress" - PipelineExamplesTee: - $ref: "#/components/examples/PipelineExamplesTee" - PipelineExamplesUnroll: - $ref: "#/components/examples/PipelineExamplesUnroll" - PipelineExamplesXMLUnroll: - $ref: "#/components/examples/PipelineExamplesXMLUnroll" parameters: - name: id - in: path - required: true - schema: - type: string - description: The id of the Pipeline to update. - /p/{pack}/pipelines: - post: - operationId: createPipelinesByPack - tags: - - pipelines - x-speakeasy-group: packs.pipelines - x-speakeasy-name-override: create - x-cribl-internal: false - x-cribl-availability: both - summary: Create a Pipeline within a Pack - description: Create a new Pipeline within the specified Pack. - responses: - "200": - description: a list of Pipelines objects - content: - application/json: - schema: - $ref: "#/components/schemas/CountedPipeline" - "401": - description: Authentication failed (missing or invalid credentials or Bearer token). - "500": - description: Unexpected server error. - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - requestBody: - description: Pipeline object. - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/Pipeline" - examples: - PipelineExamplesEmpty: - $ref: "#/components/examples/PipelineExamplesEmpty" - PipelineExamplesAggregations: - $ref: "#/components/examples/PipelineExamplesAggregations" - PipelineExamplesAggregateMetrics: - $ref: "#/components/examples/PipelineExamplesAggregateMetrics" - PipelineExamplesAutoTimestamp: - $ref: "#/components/examples/PipelineExamplesAutoTimestamp" - PipelineExamplesCEFSerializer: - $ref: "#/components/examples/PipelineExamplesCEFSerializer" - PipelineExamplesChain: - $ref: "#/components/examples/PipelineExamplesChain" - PipelineExamplesClone: - $ref: "#/components/examples/PipelineExamplesClone" - PipelineExamplesComment: - $ref: "#/components/examples/PipelineExamplesComment" - PipelineExamplesDNSLookup: - $ref: "#/components/examples/PipelineExamplesDNSLookup" - PipelineExamplesDrop: - $ref: "#/components/examples/PipelineExamplesDrop" - PipelineExamplesDropDimensions: - $ref: "#/components/examples/PipelineExamplesDropDimensions" - PipelineExamplesDynamicSampling: - $ref: "#/components/examples/PipelineExamplesDynamicSampling" - PipelineExamplesEval: - $ref: "#/components/examples/PipelineExamplesEval" - PipelineExamplesEventBreaker: - $ref: "#/components/examples/PipelineExamplesEventBreaker" - PipelineExamplesFlatten: - $ref: "#/components/examples/PipelineExamplesFlatten" - PipelineExamplesFoldKeys: - $ref: "#/components/examples/PipelineExamplesFoldKeys" - PipelineExamplesGeoIP: - $ref: "#/components/examples/PipelineExamplesGeoIP" - PipelineExamplesGrok: - $ref: "#/components/examples/PipelineExamplesGrok" - PipelineExamplesGuard: - $ref: "#/components/examples/PipelineExamplesGuard" - PipelineExamplesJSONUnroll: - $ref: "#/components/examples/PipelineExamplesJSONUnroll" - PipelineExamplesLookup: - $ref: "#/components/examples/PipelineExamplesLookup" - PipelineExamplesMask: - $ref: "#/components/examples/PipelineExamplesMask" - PipelineExamplesNumerify: - $ref: "#/components/examples/PipelineExamplesNumerify" - PipelineExamplesOTLPLogs: - $ref: "#/components/examples/PipelineExamplesOTLPLogs" - PipelineExamplesOTLPMetrics: - $ref: "#/components/examples/PipelineExamplesOTLPMetrics" - PipelineExamplesOTLPTraces: - $ref: "#/components/examples/PipelineExamplesOTLPTraces" - PipelineExamplesParser: - $ref: "#/components/examples/PipelineExamplesParser" - PipelineExamplesPublishMetrics: - $ref: "#/components/examples/PipelineExamplesPublishMetrics" - PipelineExamplesRedis: - $ref: "#/components/examples/PipelineExamplesRedis" - PipelineExamplesRegexExtract: - $ref: "#/components/examples/PipelineExamplesRegexExtract" - PipelineExamplesRegexFilter: - $ref: "#/components/examples/PipelineExamplesRegexFilter" - PipelineExamplesRename: - $ref: "#/components/examples/PipelineExamplesRename" - PipelineExamplesRollupMetrics: - $ref: "#/components/examples/PipelineExamplesRollupMetrics" - PipelineExamplesSampling: - $ref: "#/components/examples/PipelineExamplesSampling" - PipelineExamplesSerialize: - $ref: "#/components/examples/PipelineExamplesSerialize" - PipelineExamplesSNMPTrapSerialize: - $ref: "#/components/examples/PipelineExamplesSNMPTrapSerialize" - PipelineExamplesSuppress: - $ref: "#/components/examples/PipelineExamplesSuppress" - PipelineExamplesTee: - $ref: "#/components/examples/PipelineExamplesTee" - PipelineExamplesUnroll: - $ref: "#/components/examples/PipelineExamplesUnroll" - PipelineExamplesXMLUnroll: - $ref: "#/components/examples/PipelineExamplesXMLUnroll" - parameters: + in: path + required: true + schema: + type: string + description: The id of the Destination to get PQ job information for. - name: pack in: path required: true schema: type: string description: The id of the Pack. + /p/{pack}/system/outputs/{id}/samples: get: - operationId: getPipelinesByPack + operationId: getOutputSystemSamplesByPackAndId tags: - - pipelines - x-speakeasy-group: packs.pipelines - x-speakeasy-name-override: list + - destinations + x-speakeasy-group: packs.destinations.samples + x-speakeasy-name-override: get x-cribl-internal: false x-cribl-availability: both - summary: List all Pipelines within a Pack - description: Get a list of all Pipelines within the specified Pack. + summary: Get sample event data for a Destination within a Pack + description: Get sample event data for the specified Destination to validate the + configuration or test connectivity within the specified Pack. responses: "200": - description: a list of Pipeline objects + description: Sample event data for the Destination content: application/json: schema: - $ref: "#/components/schemas/CountedPipeline" + $ref: "#/components/schemas/CountedOutputSamplesResponse" + "400": + description: Bad Request — invalid request or Destination error "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -54938,70 +66525,173 @@ paths: schema: $ref: "#/components/schemas/Error" parameters: + - name: id + in: path + required: true + schema: + type: string + description: The id of the Destination to get sample event data for. - name: pack in: path required: true schema: type: string description: The id of the Pack. - /p/{pack}/pipelines/{id}: - delete: - operationId: deletePipelinesByPackAndId + /p/{pack}/system/outputs/{id}/test: + post: + operationId: createOutputSystemTestByPackAndId tags: - - pipelines - x-speakeasy-group: packs.pipelines - x-speakeasy-name-override: delete + - destinations + x-speakeasy-group: packs.destinations.samples + x-speakeasy-name-override: create x-cribl-internal: false x-cribl-availability: both - summary: Delete a Pipeline within a Pack - description: Delete the specified Pipeline within the specified Pack. + summary: Send sample event data to a Destination within a Pack + description: Send sample event data to the specified Destination to validate the + configuration or test connectivity within the specified Pack. responses: "200": - description: a list of Pipeline objects + description: Destination test result content: application/json: schema: - $ref: "#/components/schemas/CountedPipeline" + $ref: "#/components/schemas/CountedOutputTestResponse" + "400": + description: Bad Request — missing or invalid events "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" + requestBody: + description: OutputTestRequest object. + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/OutputTestRequest" + examples: + OutputTestExamplesSingleEvent: + $ref: "#/components/examples/OutputTestExamplesSingleEvent" + OutputTestExamplesMultipleEvents: + $ref: "#/components/examples/OutputTestExamplesMultipleEvents" parameters: - name: id in: path required: true schema: type: string - description: The id of the Pipeline to delete. + description: The id of the Destination to send sample event data to. - name: pack in: path required: true schema: type: string description: The id of the Pack. + /p/{pack}/system/status/inputs: get: - operationId: getPipelinesByPackAndId + operationId: getInputStatusSystemInputsByPack tags: - - pipelines - x-speakeasy-group: packs.pipelines + - sources + x-speakeasy-group: packs.sources.statuses + x-speakeasy-name-override: list + x-cribl-internal: false + x-cribl-availability: both + summary: List the status of all Sources within a Pack + description: List status information and optional metrics for all configured + Sources in the Worker Group or Edge Fleet within the specified Pack. + responses: + "200": + description: a list of Source status objects + content: + application/json: + schema: + $ref: "#/components/schemas/CountedInputStatus" + "400": + description: Bad Request + "401": + description: Authentication failed (missing or invalid credentials or Bearer + token). + "500": + description: Unexpected server error. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + parameters: + - name: metrics + in: query + required: false + schema: + type: boolean + description: Set to true to include metrics for each Source. + Otherwise, false (default). + - name: type + in: query + required: false + schema: + type: boolean + description: Set to true to prefix the Source id with + the Source type. Otherwise, false (default). + - name: offset + in: query + required: false + schema: + type: integer + description: Starting point from which to retrieve results for this request. Use + with limit to paginate the response into manageable + batches. + - name: limit + in: query + required: false + schema: + type: integer + description: Maximum number of items to return in the response for this request. + Use with offset to paginate the response into + manageable batches. + - name: pack + in: path + required: true + schema: + type: string + description: The id of the Pack. + x-speakeasy-pagination: + type: offsetLimit + inputs: + - name: offset + in: parameters + type: offset + - name: limit + in: parameters + type: limit + outputs: + results: $.items + /p/{pack}/system/status/inputs/{id}: + get: + operationId: getInputStatusSystemInputsByPackAndId + tags: + - sources + x-speakeasy-group: packs.sources.statuses x-speakeasy-name-override: get x-cribl-internal: false x-cribl-availability: both - summary: Get a Pipeline within a Pack - description: Get the specified Pipeline within the specified Pack. + summary: Get the status of a Source within a Pack + description: Get the status and optional metrics for the specified Source within + the specified Pack. responses: "200": - description: a list of Pipeline objects + description: a Source status object content: application/json: schema: - $ref: "#/components/schemas/CountedPipeline" + $ref: "#/components/schemas/CountedInputStatus" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -55014,159 +66704,128 @@ paths: required: true schema: type: string - description: The id of the Pipeline to get. + description: The id of the Source to get the status for. + - name: metrics + in: query + required: false + schema: + type: boolean + description: Set to true to include metrics for each Source. + Otherwise, false (default). + - name: type + in: query + required: false + schema: + type: boolean + description: Set to true to prefix the Source id with + the Source type. Otherwise, false (default). - name: pack in: path required: true schema: type: string description: The id of the Pack. - patch: - operationId: updatePipelinesByPackAndId + /p/{pack}/system/status/outputs: + get: + operationId: getOutputStatusSystemOutputsByPack tags: - - pipelines - x-speakeasy-group: packs.pipelines - x-speakeasy-name-override: update + - destinations + x-speakeasy-group: packs.destinations.statuses + x-speakeasy-name-override: list x-cribl-internal: false x-cribl-availability: both - summary: Update a Pipeline within a Pack - description: Update the specified Pipeline within the specified Pack.

Provide a complete representation of the Pipeline that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Pipeline.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Pipeline might not function as expected. + summary: List the status of all Destinations within a Pack + description: List status information and optional metrics for all configured + Destinations in the Worker Group or Edge Fleet within the specified + Pack. responses: "200": - description: a list of Pipeline objects + description: a list of Destination status objects content: application/json: schema: - $ref: "#/components/schemas/CountedPipeline" + $ref: "#/components/schemas/CountedOutputStatus" + "400": + description: Bad Request "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - requestBody: - description: Pipeline object. - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/Pipeline" - examples: - PipelineExamplesEmpty: - $ref: "#/components/examples/PipelineExamplesEmpty" - PipelineExamplesAggregations: - $ref: "#/components/examples/PipelineExamplesAggregations" - PipelineExamplesAggregateMetrics: - $ref: "#/components/examples/PipelineExamplesAggregateMetrics" - PipelineExamplesAutoTimestamp: - $ref: "#/components/examples/PipelineExamplesAutoTimestamp" - PipelineExamplesCEFSerializer: - $ref: "#/components/examples/PipelineExamplesCEFSerializer" - PipelineExamplesChain: - $ref: "#/components/examples/PipelineExamplesChain" - PipelineExamplesClone: - $ref: "#/components/examples/PipelineExamplesClone" - PipelineExamplesComment: - $ref: "#/components/examples/PipelineExamplesComment" - PipelineExamplesDNSLookup: - $ref: "#/components/examples/PipelineExamplesDNSLookup" - PipelineExamplesDrop: - $ref: "#/components/examples/PipelineExamplesDrop" - PipelineExamplesDropDimensions: - $ref: "#/components/examples/PipelineExamplesDropDimensions" - PipelineExamplesDynamicSampling: - $ref: "#/components/examples/PipelineExamplesDynamicSampling" - PipelineExamplesEval: - $ref: "#/components/examples/PipelineExamplesEval" - PipelineExamplesEventBreaker: - $ref: "#/components/examples/PipelineExamplesEventBreaker" - PipelineExamplesFlatten: - $ref: "#/components/examples/PipelineExamplesFlatten" - PipelineExamplesFoldKeys: - $ref: "#/components/examples/PipelineExamplesFoldKeys" - PipelineExamplesGeoIP: - $ref: "#/components/examples/PipelineExamplesGeoIP" - PipelineExamplesGrok: - $ref: "#/components/examples/PipelineExamplesGrok" - PipelineExamplesGuard: - $ref: "#/components/examples/PipelineExamplesGuard" - PipelineExamplesJSONUnroll: - $ref: "#/components/examples/PipelineExamplesJSONUnroll" - PipelineExamplesLookup: - $ref: "#/components/examples/PipelineExamplesLookup" - PipelineExamplesMask: - $ref: "#/components/examples/PipelineExamplesMask" - PipelineExamplesNumerify: - $ref: "#/components/examples/PipelineExamplesNumerify" - PipelineExamplesOTLPLogs: - $ref: "#/components/examples/PipelineExamplesOTLPLogs" - PipelineExamplesOTLPMetrics: - $ref: "#/components/examples/PipelineExamplesOTLPMetrics" - PipelineExamplesOTLPTraces: - $ref: "#/components/examples/PipelineExamplesOTLPTraces" - PipelineExamplesParser: - $ref: "#/components/examples/PipelineExamplesParser" - PipelineExamplesPublishMetrics: - $ref: "#/components/examples/PipelineExamplesPublishMetrics" - PipelineExamplesRedis: - $ref: "#/components/examples/PipelineExamplesRedis" - PipelineExamplesRegexExtract: - $ref: "#/components/examples/PipelineExamplesRegexExtract" - PipelineExamplesRegexFilter: - $ref: "#/components/examples/PipelineExamplesRegexFilter" - PipelineExamplesRename: - $ref: "#/components/examples/PipelineExamplesRename" - PipelineExamplesRollupMetrics: - $ref: "#/components/examples/PipelineExamplesRollupMetrics" - PipelineExamplesSampling: - $ref: "#/components/examples/PipelineExamplesSampling" - PipelineExamplesSerialize: - $ref: "#/components/examples/PipelineExamplesSerialize" - PipelineExamplesSNMPTrapSerialize: - $ref: "#/components/examples/PipelineExamplesSNMPTrapSerialize" - PipelineExamplesSuppress: - $ref: "#/components/examples/PipelineExamplesSuppress" - PipelineExamplesTee: - $ref: "#/components/examples/PipelineExamplesTee" - PipelineExamplesUnroll: - $ref: "#/components/examples/PipelineExamplesUnroll" - PipelineExamplesXMLUnroll: - $ref: "#/components/examples/PipelineExamplesXMLUnroll" parameters: - - name: id - in: path - required: true + - name: metrics + in: query + required: false schema: - type: string - description: The id of the Pipeline to update. + type: boolean + description: Set to true to include metrics for each Destination. + Otherwise, false (default). + - name: type + in: query + required: false + schema: + type: boolean + description: Set to true to prefix the Destination id + with the Destination type. Otherwise, false (default). + - name: offset + in: query + required: false + schema: + type: integer + description: Starting point from which to retrieve results for this request. Use + with limit to paginate the response into manageable + batches. + - name: limit + in: query + required: false + schema: + type: integer + description: Maximum number of items to return in the response for this request. + Use with offset to paginate the response into + manageable batches. - name: pack in: path required: true schema: type: string description: The id of the Pack. - /routes/{id}: + x-speakeasy-pagination: + type: offsetLimit + inputs: + - name: offset + in: parameters + type: offset + - name: limit + in: parameters + type: limit + outputs: + results: $.items + /p/{pack}/system/status/outputs/{id}: get: - operationId: getRoutesById + operationId: getOutputStatusSystemOutputsByPackAndId tags: - - routes - x-speakeasy-group: routes + - destinations + x-speakeasy-group: packs.destinations.statuses x-speakeasy-name-override: get x-cribl-internal: false x-cribl-availability: both - summary: Get a Routing table - description: Get the specified Routing table. + summary: Get the status of a Destination within a Pack + description: Get the status and optional metrics for the specified Destination + within the specified Pack. responses: "200": - description: a list of Routes objects + description: Destination status object content: application/json: schema: - $ref: "#/components/schemas/CountedRoutes" + $ref: "#/components/schemas/CountedOutputStatus" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -55179,26 +66838,57 @@ paths: required: true schema: type: string - description: The id of the Routing table to get. The supported value is default. - patch: - operationId: updateRoutesById + description: The id of the Destination to get the status for. + - name: metrics + in: query + required: false + schema: + type: boolean + description: Set to true to include metrics for each Destination. + Otherwise, false (default). + - name: type + in: query + required: false + schema: + type: boolean + description: Set to true to prefix the Destination id + with the Destination type. Otherwise, false (default). + - name: pack + in: path + required: true + schema: + type: string + description: The id of the Pack. + /packs: + post: + operationId: createPacks tags: - - routes - x-speakeasy-group: routes - x-speakeasy-name-override: update + - packs + x-speakeasy-group: packs + x-speakeasy-name-override: install x-cribl-internal: false x-cribl-availability: both - summary: Update a Route - description: Update a Route in the specified Routing table.

Provide a complete representation of the Routing table, including the Route that you want to update, in the request body. This endpoint does not support partial updates. Cribl removes any omitted Routes and fields when updating.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the Routing table might not function as expected. + summary: Install a Pack + description: Install a Pack.

To install an uploaded Pack, provide the + source value from the PUT /packs response as + the source parameter in the request body.

To + install a Pack by importing from a URL, provide the direct URL location + of the .crbl file for the Pack as the source + parameter in the request body.

To install a Pack by importing + from a Git repository, provide git+ as the + source parameter in the request body.

If you do not + include the source parameter in the request body, an empty + Pack is created. responses: "200": - description: a list of Routes objects + description: The created PackInstallInfo object in a single-item list. content: application/json: schema: - $ref: "#/components/schemas/CountedRoutes" + $ref: "#/components/schemas/CountedPackInstallInfo" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -55206,74 +66896,81 @@ paths: schema: $ref: "#/components/schemas/Error" requestBody: - description: RoutesInput object. + description: packRequestBody object. required: true content: application/json: schema: - $ref: "#/components/schemas/RoutesInput" + $ref: "#/components/schemas/PackRequestBody" examples: - RoutesUpdateExamplesBasicRoute: - $ref: "#/components/examples/RoutesUpdateExamplesBasicRoute" - RoutesUpdateExamplesMultipleRoutes: - $ref: "#/components/examples/RoutesUpdateExamplesMultipleRoutes" - RoutesUpdateExamplesRouteWithOutputExpression: - $ref: "#/components/examples/RoutesUpdateExamplesRouteWithOutputExpression" - RoutesUpdateExamplesRouteWithDefaults: - $ref: "#/components/examples/RoutesUpdateExamplesRouteWithDefaults" - parameters: - - name: id - in: path - required: true - schema: - type: string - description: The id of the Routing table that contains the Route to update. The supported value is default. - /routes: + PackInstallExamplesPackDispensary: + $ref: "#/components/examples/PackInstallExamplesPackDispensary" + PackInstallExamplesEmptyPack: + $ref: "#/components/examples/PackInstallExamplesEmptyPack" + PackInstallExamplesUploadedFile: + $ref: "#/components/examples/PackInstallExamplesUploadedFile" + PackInstallExamplesURL: + $ref: "#/components/examples/PackInstallExamplesURL" + PackInstallExamplesGitRepository: + $ref: "#/components/examples/PackInstallExamplesGitRepository" get: - operationId: getRoutes + operationId: getPacks tags: - - routes - x-speakeasy-group: routes + - packs + x-speakeasy-group: packs x-speakeasy-name-override: list x-cribl-internal: false x-cribl-availability: both - summary: List all Routes - description: Get a list of all Routes. + summary: List all Packs + description: Get a list of all Packs. responses: "200": - description: a list of Routes objects + description: List of PackInfo objects. content: application/json: schema: - $ref: "#/components/schemas/CountedRoutes" + $ref: "#/components/schemas/CountedPackInfo" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - /routes/{id}/append: - post: - operationId: createRoutesAppendById + parameters: + - name: with + in: query + required: false + schema: + type: string + description: Comma-separated list of additional properties to include in the + response. When set, the response includes a count of the specified + properties in the Pack. Available values are inputs and + outputs. + put: + operationId: updatePacks tags: - - routes - x-speakeasy-group: routes - x-speakeasy-name-override: append + - packs + x-speakeasy-group: packs + x-speakeasy-name-override: upload x-cribl-internal: false x-cribl-availability: both - summary: Add a Route to the end of the Routing table - description: Add a Route to the end of the specified Routing table. + summary: Upload a Pack file + description: Upload a Pack file. Returns the source ID needed to + install the Pack with POST /packs, which you must call + separately. responses: "200": - description: The created Routes object in a single-item list. + description: Pack file uploaded successfully content: application/json: schema: - $ref: "#/components/schemas/CountedRoutes" + $ref: "#/components/schemas/UploadPackResponse" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -55281,48 +66978,41 @@ paths: schema: $ref: "#/components/schemas/Error" requestBody: - description: RouteDefinitions object. required: true content: - application/json: + application/octet-stream: schema: - $ref: "#/components/schemas/RouteDefinitions" - examples: - RoutesAppendExamplesSingleRoute: - $ref: "#/components/examples/RoutesAppendExamplesSingleRoute" - RoutesAppendExamplesMultipleRoutes: - $ref: "#/components/examples/RoutesAppendExamplesMultipleRoutes" - RoutesAppendExamplesRouteWithOutputExpression: - $ref: "#/components/examples/RoutesAppendExamplesRouteWithOutputExpression" - RoutesAppendExamplesRouteWithDefaults: - $ref: "#/components/examples/RoutesAppendExamplesRouteWithDefaults" + type: string + format: binary + description: Pack file upload parameters: - - name: id - in: path + - name: filename + in: query required: true schema: type: string - description: The id of the Routing table to add the Route to. The supported value is default. - /p/{pack}/routes/{id}: + description: Filename of the Pack file to upload. + /packs/{id}: get: - operationId: getRoutesByPackAndId + operationId: getPacksById tags: - - routes - x-speakeasy-group: packs.routes + - packs + x-speakeasy-group: packs x-speakeasy-name-override: get x-cribl-internal: false x-cribl-availability: both - summary: Get a Routing table within a Pack - description: Get the specified Routing table within the specified Pack. + summary: Get a Pack + description: Get the specified Pack. responses: "200": - description: a list of Routes objects + description: List of PackInfo objects. content: application/json: schema: - $ref: "#/components/schemas/CountedRoutes" + $ref: "#/components/schemas/CountedPackInfo" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -55335,32 +67025,34 @@ paths: required: true schema: type: string - description: The id of the Routing table to get. The supported value is default. - - name: pack - in: path - required: true - schema: - type: string - description: The id of the Pack. + description: The id of the Pack to get. patch: - operationId: updateRoutesByPackAndId + operationId: updatePacksById tags: - - routes - x-speakeasy-group: packs.routes + - packs + x-speakeasy-group: packs x-speakeasy-name-override: update x-cribl-internal: false x-cribl-availability: both - summary: Update a Route within a Pack - description: Update the specified Route within the specified Pack.

Provide a complete representation of the Routing table, including the Route that you want to update, in the request body. This endpoint does not support partial updates. Cribl removes any omitted Routes and fields when updating.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the Routing table might not function as expected. + summary: Upgrade a Pack + description: Upgrade the specified Pack.

If the Pack includes any + user-modified versions of default Cribl Knowledge resources such as + lookups, copy the modified files locally for safekeeping before + upgrading the Pack. Copy the modified files back to the upgraded Pack + after you install it with POST /packs to overwrite the + default versions in the Pack.

After you upgrade the Pack, + update any Routes, Pipelines, Sources, and Destinations that use the + previous Pack version so that they reference the upgraded Pack. responses: "200": - description: a list of Routes objects + description: The updated PackInfo object in a single-item list. content: application/json: schema: - $ref: "#/components/schemas/CountedRoutes" + $ref: "#/components/schemas/CountedPackInfo" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -55368,87 +67060,102 @@ paths: schema: $ref: "#/components/schemas/Error" requestBody: - description: RoutesInput object. + description: PackUpgradeRequest object. required: true content: application/json: schema: - $ref: "#/components/schemas/RoutesInput" + $ref: "#/components/schemas/PackUpgradeRequest" examples: - RoutesUpdateExamplesBasicRoute: - $ref: "#/components/examples/RoutesUpdateExamplesBasicRoute" - RoutesUpdateExamplesMultipleRoutes: - $ref: "#/components/examples/RoutesUpdateExamplesMultipleRoutes" - RoutesUpdateExamplesRouteWithOutputExpression: - $ref: "#/components/examples/RoutesUpdateExamplesRouteWithOutputExpression" - RoutesUpdateExamplesRouteWithDefaults: - $ref: "#/components/examples/RoutesUpdateExamplesRouteWithDefaults" + PackUpgradeExamplesUpgradeFromURL: + $ref: "#/components/examples/PackUpgradeExamplesUpgradeFromURL" + parameters: + - name: id + in: path + required: true + schema: + type: string + description: The id of the Pack to upgrade. + delete: + operationId: deletePacksById + tags: + - packs + x-speakeasy-group: packs + x-speakeasy-name-override: delete + x-cribl-internal: false + x-cribl-availability: both + summary: Uninstall a Pack + description: Uninstall the specified Pack. + responses: + "200": + description: The deleted PackUninstallInfo object in a single-item list. + content: + application/json: + schema: + $ref: "#/components/schemas/CountedPackUninstallInfo" + "401": + description: Authentication failed (missing or invalid credentials or Bearer + token). + "500": + description: Unexpected server error. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" parameters: - name: id in: path required: true schema: type: string - description: The id of the Routing table that contains the Route to update. The supported value is default. - - name: pack - in: path - required: true - schema: - type: string - description: The id of the Pack. - /p/{pack}/routes: + description: The id of the Pack to uninstall. + /pipelines: get: - operationId: getRoutesByPack + operationId: getPipelines tags: - - routes - x-speakeasy-group: packs.routes + - pipelines + x-speakeasy-group: pipelines x-speakeasy-name-override: list x-cribl-internal: false x-cribl-availability: both - summary: List all Routes within a Pack - description: Get a list of all Routes within the specified Pack. + summary: List all Pipelines + description: Get a list of all Pipelines. responses: "200": - description: a list of Routes objects + description: a list of Pipeline objects content: application/json: schema: - $ref: "#/components/schemas/CountedRoutes" + $ref: "#/components/schemas/CountedPipeline" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - parameters: - - name: pack - in: path - required: true - schema: - type: string - description: The id of the Pack. - /p/{pack}/routes/{id}/append: post: - operationId: createRoutesAppendByPackAndId + operationId: createPipelines tags: - - routes - x-speakeasy-group: packs.routes - x-speakeasy-name-override: append + - pipelines + x-speakeasy-group: pipelines + x-speakeasy-name-override: create x-cribl-internal: false x-cribl-availability: both - summary: Add a Route to the end of the Routing table within a Pack - description: Add a Route to the end of the specified Routing table within the specified Pack. + summary: Create a Pipeline + description: Create a new Pipeline. responses: "200": - description: The created Routes object in a single-item list. + description: a list of Pipelines objects content: application/json: schema: - $ref: "#/components/schemas/CountedRoutes" + $ref: "#/components/schemas/CountedPipeline" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -55456,54 +67163,114 @@ paths: schema: $ref: "#/components/schemas/Error" requestBody: - description: RouteDefinitions object. + description: Pipeline object. required: true content: application/json: schema: - $ref: "#/components/schemas/RouteDefinitions" + $ref: "#/components/schemas/Pipeline" examples: - RoutesAppendExamplesSingleRoute: - $ref: "#/components/examples/RoutesAppendExamplesSingleRoute" - RoutesAppendExamplesMultipleRoutes: - $ref: "#/components/examples/RoutesAppendExamplesMultipleRoutes" - RoutesAppendExamplesRouteWithOutputExpression: - $ref: "#/components/examples/RoutesAppendExamplesRouteWithOutputExpression" - RoutesAppendExamplesRouteWithDefaults: - $ref: "#/components/examples/RoutesAppendExamplesRouteWithDefaults" - parameters: - - name: id - in: path - required: true - schema: - type: string - description: The id of the Routing table to add the Route to. The supported value is default. - - name: pack - in: path - required: true - schema: - type: string - description: The id of the Pack. - /system/status/inputs/{id}: - get: - operationId: getInputStatusById + PipelineExamplesEmpty: + $ref: "#/components/examples/PipelineExamplesEmpty" + PipelineExamplesAggregations: + $ref: "#/components/examples/PipelineExamplesAggregations" + PipelineExamplesAggregateMetrics: + $ref: "#/components/examples/PipelineExamplesAggregateMetrics" + PipelineExamplesAutoTimestamp: + $ref: "#/components/examples/PipelineExamplesAutoTimestamp" + PipelineExamplesCEFSerializer: + $ref: "#/components/examples/PipelineExamplesCEFSerializer" + PipelineExamplesChain: + $ref: "#/components/examples/PipelineExamplesChain" + PipelineExamplesClone: + $ref: "#/components/examples/PipelineExamplesClone" + PipelineExamplesComment: + $ref: "#/components/examples/PipelineExamplesComment" + PipelineExamplesDNSLookup: + $ref: "#/components/examples/PipelineExamplesDNSLookup" + PipelineExamplesDrop: + $ref: "#/components/examples/PipelineExamplesDrop" + PipelineExamplesDropDimensions: + $ref: "#/components/examples/PipelineExamplesDropDimensions" + PipelineExamplesDynamicSampling: + $ref: "#/components/examples/PipelineExamplesDynamicSampling" + PipelineExamplesEval: + $ref: "#/components/examples/PipelineExamplesEval" + PipelineExamplesEventBreaker: + $ref: "#/components/examples/PipelineExamplesEventBreaker" + PipelineExamplesFlatten: + $ref: "#/components/examples/PipelineExamplesFlatten" + PipelineExamplesFoldKeys: + $ref: "#/components/examples/PipelineExamplesFoldKeys" + PipelineExamplesGeoIP: + $ref: "#/components/examples/PipelineExamplesGeoIP" + PipelineExamplesGrok: + $ref: "#/components/examples/PipelineExamplesGrok" + PipelineExamplesGuard: + $ref: "#/components/examples/PipelineExamplesGuard" + PipelineExamplesJSONUnroll: + $ref: "#/components/examples/PipelineExamplesJSONUnroll" + PipelineExamplesLookup: + $ref: "#/components/examples/PipelineExamplesLookup" + PipelineExamplesMask: + $ref: "#/components/examples/PipelineExamplesMask" + PipelineExamplesNumerify: + $ref: "#/components/examples/PipelineExamplesNumerify" + PipelineExamplesOTLPLogs: + $ref: "#/components/examples/PipelineExamplesOTLPLogs" + PipelineExamplesOTLPMetrics: + $ref: "#/components/examples/PipelineExamplesOTLPMetrics" + PipelineExamplesOTLPTraces: + $ref: "#/components/examples/PipelineExamplesOTLPTraces" + PipelineExamplesParser: + $ref: "#/components/examples/PipelineExamplesParser" + PipelineExamplesPublishMetrics: + $ref: "#/components/examples/PipelineExamplesPublishMetrics" + PipelineExamplesRedis: + $ref: "#/components/examples/PipelineExamplesRedis" + PipelineExamplesRegexExtract: + $ref: "#/components/examples/PipelineExamplesRegexExtract" + PipelineExamplesRegexFilter: + $ref: "#/components/examples/PipelineExamplesRegexFilter" + PipelineExamplesRename: + $ref: "#/components/examples/PipelineExamplesRename" + PipelineExamplesRollupMetrics: + $ref: "#/components/examples/PipelineExamplesRollupMetrics" + PipelineExamplesSampling: + $ref: "#/components/examples/PipelineExamplesSampling" + PipelineExamplesSerialize: + $ref: "#/components/examples/PipelineExamplesSerialize" + PipelineExamplesSNMPTrapSerialize: + $ref: "#/components/examples/PipelineExamplesSNMPTrapSerialize" + PipelineExamplesSuppress: + $ref: "#/components/examples/PipelineExamplesSuppress" + PipelineExamplesTee: + $ref: "#/components/examples/PipelineExamplesTee" + PipelineExamplesUnroll: + $ref: "#/components/examples/PipelineExamplesUnroll" + PipelineExamplesXMLUnroll: + $ref: "#/components/examples/PipelineExamplesXMLUnroll" + /pipelines/{id}: + delete: + operationId: deletePipelinesById tags: - - sources - x-speakeasy-group: sources.statuses - x-speakeasy-name-override: get + - pipelines + x-speakeasy-group: pipelines + x-speakeasy-name-override: delete x-cribl-internal: false x-cribl-availability: both - summary: Get the status of a Source - description: Get the status and optional metrics for the specified Source. + summary: Delete a Pipeline + description: Delete the specified Pipeline. responses: "200": - description: a Source status object + description: a list of Pipeline objects content: application/json: schema: - $ref: "#/components/schemas/CountedInputStatus" + $ref: "#/components/schemas/CountedPipeline" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -55516,41 +67283,27 @@ paths: required: true schema: type: string - description: The id of the Source to get the status for. - - name: metrics - in: query - required: false - schema: - type: boolean - description: Set to true to include metrics for each Source. Otherwise, false (default). - - name: type - in: query - required: false - schema: - type: boolean - description: Set to true to prefix the Source id with the Source type. Otherwise, false (default). - /system/status/inputs: + description: The id of the Pipeline to delete. get: - operationId: getInputStatus + operationId: getPipelinesById tags: - - sources - x-speakeasy-group: sources.statuses - x-speakeasy-name-override: list + - pipelines + x-speakeasy-group: pipelines + x-speakeasy-name-override: get x-cribl-internal: false x-cribl-availability: both - summary: List the status of all Sources - description: List status information and optional metrics for all configured Sources in the Worker Group or Edge Fleet. + summary: Get a Pipeline + description: Get the specified Pipeline. responses: "200": - description: a list of Source status objects + description: a list of Pipeline objects content: application/json: schema: - $ref: "#/components/schemas/CountedInputStatus" - "400": - description: Bad Request + $ref: "#/components/schemas/CountedPipeline" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -55558,463 +67311,419 @@ paths: schema: $ref: "#/components/schemas/Error" parameters: - - name: metrics - in: query - required: false - schema: - type: boolean - description: Set to true to include metrics for each Source. Otherwise, false (default). - - name: type - in: query - required: false - schema: - type: boolean - description: Set to true to prefix the Source id with the Source type. Otherwise, false (default). - - name: offset - in: query - required: false - schema: - type: integer - description: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. - - name: limit - in: query - required: false + - name: id + in: path + required: true schema: - type: integer - description: Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. - x-speakeasy-pagination: - type: offsetLimit - inputs: - - name: offset - in: parameters - type: offset - - name: limit - in: parameters - type: limit - outputs: - results: $.items - /p/{pack}/system/status/inputs/{id}: - get: - operationId: getInputStatusSystemInputsByPackAndId + type: string + description: The id of the Pipeline to get. + patch: + operationId: updatePipelinesById tags: - - sources - x-speakeasy-group: packs.sources.statuses - x-speakeasy-name-override: get + - pipelines + x-speakeasy-group: pipelines + x-speakeasy-name-override: update x-cribl-internal: false x-cribl-availability: both - summary: Get the status of a Source within a Pack - description: Get the status and optional metrics for the specified Source within the specified Pack. + summary: Update a Pipeline + description: Update the specified Pipeline.

Provide a complete + representation of the Pipeline that you want to update in the request + body. This endpoint does not support partial updates. Cribl removes any + omitted fields when updating the Pipeline.

Confirm that the + configuration in your request body is correct before sending the + request. If the configuration is incorrect, the updated Pipeline might + not function as expected. responses: "200": - description: a Source status object + description: a list of Pipeline objects content: application/json: schema: - $ref: "#/components/schemas/CountedInputStatus" + $ref: "#/components/schemas/CountedPipeline" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" + requestBody: + description: Pipeline object. + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/Pipeline" + examples: + UpdatePipelineExamplesEmpty: + $ref: "#/components/examples/UpdatePipelineExamplesEmpty" + UpdatePipelineExamplesAggregations: + $ref: "#/components/examples/UpdatePipelineExamplesAggregations" + UpdatePipelineExamplesAggregateMetrics: + $ref: "#/components/examples/UpdatePipelineExamplesAggregateMetrics" + UpdatePipelineExamplesAutoTimestamp: + $ref: "#/components/examples/UpdatePipelineExamplesAutoTimestamp" + UpdatePipelineExamplesCEFSerializer: + $ref: "#/components/examples/UpdatePipelineExamplesCEFSerializer" + UpdatePipelineExamplesChain: + $ref: "#/components/examples/UpdatePipelineExamplesChain" + UpdatePipelineExamplesClone: + $ref: "#/components/examples/UpdatePipelineExamplesClone" + UpdatePipelineExamplesComment: + $ref: "#/components/examples/UpdatePipelineExamplesComment" + UpdatePipelineExamplesDNSLookup: + $ref: "#/components/examples/UpdatePipelineExamplesDNSLookup" + UpdatePipelineExamplesDrop: + $ref: "#/components/examples/UpdatePipelineExamplesDrop" + UpdatePipelineExamplesDropDimensions: + $ref: "#/components/examples/UpdatePipelineExamplesDropDimensions" + UpdatePipelineExamplesDynamicSampling: + $ref: "#/components/examples/UpdatePipelineExamplesDynamicSampling" + UpdatePipelineExamplesEval: + $ref: "#/components/examples/UpdatePipelineExamplesEval" + UpdatePipelineExamplesEventBreaker: + $ref: "#/components/examples/UpdatePipelineExamplesEventBreaker" + UpdatePipelineExamplesFlatten: + $ref: "#/components/examples/UpdatePipelineExamplesFlatten" + UpdatePipelineExamplesFoldKeys: + $ref: "#/components/examples/UpdatePipelineExamplesFoldKeys" + UpdatePipelineExamplesGeoIP: + $ref: "#/components/examples/UpdatePipelineExamplesGeoIP" + UpdatePipelineExamplesGrok: + $ref: "#/components/examples/UpdatePipelineExamplesGrok" + UpdatePipelineExamplesGuard: + $ref: "#/components/examples/UpdatePipelineExamplesGuard" + UpdatePipelineExamplesJSONUnroll: + $ref: "#/components/examples/UpdatePipelineExamplesJSONUnroll" + UpdatePipelineExamplesLookup: + $ref: "#/components/examples/UpdatePipelineExamplesLookup" + UpdatePipelineExamplesMask: + $ref: "#/components/examples/UpdatePipelineExamplesMask" + UpdatePipelineExamplesNumerify: + $ref: "#/components/examples/UpdatePipelineExamplesNumerify" + UpdatePipelineExamplesOTLPLogs: + $ref: "#/components/examples/UpdatePipelineExamplesOTLPLogs" + UpdatePipelineExamplesOTLPMetrics: + $ref: "#/components/examples/UpdatePipelineExamplesOTLPMetrics" + UpdatePipelineExamplesOTLPTraces: + $ref: "#/components/examples/UpdatePipelineExamplesOTLPTraces" + UpdatePipelineExamplesParser: + $ref: "#/components/examples/UpdatePipelineExamplesParser" + UpdatePipelineExamplesPublishMetrics: + $ref: "#/components/examples/UpdatePipelineExamplesPublishMetrics" + UpdatePipelineExamplesRedis: + $ref: "#/components/examples/UpdatePipelineExamplesRedis" + UpdatePipelineExamplesRegexExtract: + $ref: "#/components/examples/UpdatePipelineExamplesRegexExtract" + UpdatePipelineExamplesRegexFilter: + $ref: "#/components/examples/UpdatePipelineExamplesRegexFilter" + UpdatePipelineExamplesRename: + $ref: "#/components/examples/UpdatePipelineExamplesRename" + UpdatePipelineExamplesRollupMetrics: + $ref: "#/components/examples/UpdatePipelineExamplesRollupMetrics" + UpdatePipelineExamplesSampling: + $ref: "#/components/examples/UpdatePipelineExamplesSampling" + UpdatePipelineExamplesSerialize: + $ref: "#/components/examples/UpdatePipelineExamplesSerialize" + UpdatePipelineExamplesSNMPTrapSerialize: + $ref: "#/components/examples/UpdatePipelineExamplesSNMPTrapSerialize" + UpdatePipelineExamplesSuppress: + $ref: "#/components/examples/UpdatePipelineExamplesSuppress" + UpdatePipelineExamplesTee: + $ref: "#/components/examples/UpdatePipelineExamplesTee" + UpdatePipelineExamplesUnroll: + $ref: "#/components/examples/UpdatePipelineExamplesUnroll" + UpdatePipelineExamplesXMLUnroll: + $ref: "#/components/examples/UpdatePipelineExamplesXMLUnroll" parameters: - name: id in: path required: true schema: type: string - description: The id of the Source to get the status for. - - name: metrics - in: query - required: false - schema: - type: boolean - description: Set to true to include metrics for each Source. Otherwise, false (default). - - name: type - in: query - required: false - schema: - type: boolean - description: Set to true to prefix the Source id with the Source type. Otherwise, false (default). - - name: pack - in: path - required: true - schema: - type: string - description: The id of the Pack. - /p/{pack}/system/status/inputs: + description: The id of the Pipeline to update. + /products/{product}/groups: get: - operationId: getInputStatusSystemInputsByPack - tags: - - sources - x-speakeasy-group: packs.sources.statuses - x-speakeasy-name-override: list + operationId: listConfigGroupByProduct x-cribl-internal: false x-cribl-availability: both - summary: List the status of all Sources within a Pack - description: List status information and optional metrics for all configured Sources in the Worker Group or Edge Fleet within the specified Pack. + x-speakeasy-name-override: list + tags: + - groups + summary: List all Worker Groups, Outpost Groups, or Edge Fleets for the + specified Cribl product + description: Get a list of all Worker Groups, Outpost Groups, or Edge Fleets for + the specified Cribl product. responses: "200": - description: a list of Source status objects + description: List of ConfigGroup objects. content: application/json: schema: - $ref: "#/components/schemas/CountedInputStatus" - "400": - description: Bad Request + $ref: "#/components/schemas/CountedConfigGroup" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" + x-speakeasy-group: groups parameters: - - name: metrics - in: query - required: false - schema: - type: boolean - description: Set to true to include metrics for each Source. Otherwise, false (default). - - name: type - in: query - required: false - schema: - type: boolean - description: Set to true to prefix the Source id with the Source type. Otherwise, false (default). - - name: offset - in: query - required: false + - name: product + in: path + required: true schema: - type: integer - description: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. - - name: limit + $ref: "#/components/schemas/ProductsCore" + description: Name of the Cribl product to get the Worker Groups, Outpost Groups, + or Edge Fleets for. + - name: fields in: query required: false - schema: - type: integer - description: Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. - - name: pack - in: path - required: true schema: type: string - description: The id of the Pack. - x-speakeasy-pagination: - type: offsetLimit - inputs: - - name: offset - in: parameters - type: offset - - name: limit - in: parameters - type: limit - outputs: - results: $.items - /system/status/outputs/{id}: - get: - operationId: getOutputStatusById - tags: - - destinations - x-speakeasy-group: destinations.statuses - x-speakeasy-name-override: get + description: Comma-separated list of additional properties to include in the + response. Available values are git.commit, + git.localChanges, and git.log. + post: + operationId: createConfigGroupByProduct x-cribl-internal: false x-cribl-availability: both - summary: Get the status of a Destination - description: Get the status and optional metrics for the specified Destination. + x-speakeasy-name-override: create + tags: + - groups + summary: Create a Worker Group, Outpost Group, or Edge Fleet for the specified + Cribl product + description: Create a new Worker Group, Outpost Group, or Edge Fleet for the + specified Cribl product. + requestBody: + description: GroupCreateRequest object. + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/GroupCreateRequest" + examples: + CreateGroupExamplesCloudWg: + $ref: "#/components/examples/CreateGroupExamplesCloudWg" + CreateGroupExamplesOnPremWg: + $ref: "#/components/examples/CreateGroupExamplesOnPremWg" + CreateGroupExamplesCloneWg: + $ref: "#/components/examples/CreateGroupExamplesCloneWg" + CreateGroupExamplesEdgeFleet: + $ref: "#/components/examples/CreateGroupExamplesEdgeFleet" responses: "200": - description: Destination status object + description: The created ConfigGroup object in a single-item list. content: application/json: schema: - $ref: "#/components/schemas/CountedOutputStatus" + $ref: "#/components/schemas/CountedConfigGroup" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" + x-speakeasy-group: groups parameters: - - name: id + - name: product in: path required: true schema: - type: string - description: The id of the Destination to get the status for. - - name: metrics - in: query - required: false - schema: - type: boolean - description: Set to true to include metrics for each Destination. Otherwise, false (default). - - name: type - in: query - required: false - schema: - type: boolean - description: Set to true to prefix the Destination id with the Destination type. Otherwise, false (default). - /system/status/outputs: + $ref: "#/components/schemas/ProductsCore" + description: Name of the Cribl product to add the Worker Group, Outpost Group, + or Edge Fleet to. + /products/{product}/groups/{id}: get: - operationId: getOutputStatus - tags: - - destinations - x-speakeasy-group: destinations.statuses - x-speakeasy-name-override: list + operationId: getConfigGroupByProductAndId x-cribl-internal: false x-cribl-availability: both - summary: List the status of all Destinations - description: List status information and optional metrics for all configured Destinations in the Worker Group or Edge Fleet. - responses: - "200": - description: a list of Destination status objects - content: - application/json: - schema: - $ref: "#/components/schemas/CountedOutputStatus" - "400": - description: Bad Request - "401": - description: Authentication failed (missing or invalid credentials or Bearer token). - "500": - description: Unexpected server error. - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + x-speakeasy-name-override: get + tags: + - groups + summary: Get a Worker Group, Outpost Group, or Edge Fleet + description: Get the specified Worker Group, Outpost Group, or Edge Fleet. parameters: - - name: metrics - in: query - required: false - schema: - type: boolean - description: Set to true to include metrics for each Destination. Otherwise, false (default). - - name: type - in: query - required: false + - name: product + in: path + required: true schema: - type: boolean - description: Set to true to prefix the Destination id with the Destination type. Otherwise, false (default). - - name: offset - in: query - required: false + type: string + $ref: "#/components/schemas/ProductsCore" + description: Name of the Cribl product to get the Worker Groups, Outpost Groups, + or Edge Fleets for. + - name: id + in: path + required: true schema: - type: integer - description: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. - - name: limit + type: string + description: The id of the Worker Group, Outpost Group, or Edge + Fleet to get. + - name: fields in: query required: false schema: - type: integer - description: Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. - x-speakeasy-pagination: - type: offsetLimit - inputs: - - name: offset - in: parameters - type: offset - - name: limit - in: parameters - type: limit - outputs: - results: $.items - /p/{pack}/system/status/outputs/{id}: - get: - operationId: getOutputStatusSystemOutputsByPackAndId - tags: - - destinations - x-speakeasy-group: packs.destinations.statuses - x-speakeasy-name-override: get - x-cribl-internal: false - x-cribl-availability: both - summary: Get the status of a Destination within a Pack - description: Get the status and optional metrics for the specified Destination within the specified Pack. + type: string + description: Comma-separated list of additional properties to include in the + response. Available values are git.commit, + git.localChanges, and git.log. responses: "200": - description: Destination status object + description: List of ConfigGroup objects. content: application/json: schema: - $ref: "#/components/schemas/CountedOutputStatus" + $ref: "#/components/schemas/CountedConfigGroup" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" + x-speakeasy-group: groups + patch: + operationId: updateConfigGroupByProductAndId + x-cribl-internal: false + x-cribl-availability: both + x-speakeasy-name-override: update + tags: + - groups + summary: Update a Worker Group, Outpost Group, or Edge Fleet + description: "Update the specified Worker Group, Outpost Group, or Edge + Fleet.

Provide a complete representation of the Group or Fleet + that you want to update in the request body. This endpoint does not + support partial updates. Cribl removes any omitted fields when updating + the Group or Fleet.

Confirm that the configuration in your + request body is correct before sending the request. If the configuration + is incorrect, the updated Group or Fleet might not function as + expected.

**Warning**: Do not change the values for the + following parameters in the body of PATCH requests. The request body + must include the values as they appear in the GET + /products/{product}/groups/{id} response.
- + configVersion
- deployingWorkerCount
+ - incompatibleWorkerCount
- + workerCount
- lookupDeployments." parameters: - - name: id + - name: product in: path required: true schema: type: string - description: The id of the Destination to get the status for. - - name: metrics - in: query - required: false - schema: - type: boolean - description: Set to true to include metrics for each Destination. Otherwise, false (default). - - name: type - in: query - required: false - schema: - type: boolean - description: Set to true to prefix the Destination id with the Destination type. Otherwise, false (default). - - name: pack + $ref: "#/components/schemas/ProductsCore" + description: Name of the Cribl product to get the Worker Groups, Outpost Groups, + or Edge Fleets for. + - name: id in: path required: true schema: type: string - description: The id of the Pack. - /p/{pack}/system/status/outputs: - get: - operationId: getOutputStatusSystemOutputsByPack - tags: - - destinations - x-speakeasy-group: packs.destinations.statuses - x-speakeasy-name-override: list - x-cribl-internal: false - x-cribl-availability: both - summary: List the status of all Destinations within a Pack - description: List status information and optional metrics for all configured Destinations in the Worker Group or Edge Fleet within the specified Pack. + description: The id of the Worker Group, Outpost Group, or Edge + Fleet to update. + requestBody: + description: ConfigGroup object. + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/ConfigGroup" + examples: + UpdateGroupExamplesScaleCloudWorkerGroup: + $ref: "#/components/examples/UpdateGroupExamplesScaleCloudWorkerGroup" + UpdateGroupExamplesUpdateOnPremWorkerGroup: + $ref: "#/components/examples/UpdateGroupExamplesUpdateOnPremWorkerGroup" responses: "200": - description: a list of Destination status objects + description: The updated ConfigGroup object in a single-item list. content: application/json: schema: - $ref: "#/components/schemas/CountedOutputStatus" - "400": - description: Bad Request + $ref: "#/components/schemas/CountedConfigGroup" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" + x-speakeasy-group: groups + delete: + operationId: deleteConfigGroupByProductAndId + x-cribl-internal: false + x-cribl-availability: both + x-speakeasy-name-override: delete + tags: + - groups + summary: Delete a Worker Group, Outpost Group, or Edge Fleet + description: Delete the specified Worker Group, Outpost Group, or Edge Fleet. parameters: - - name: metrics - in: query - required: false - schema: - type: boolean - description: Set to true to include metrics for each Destination. Otherwise, false (default). - - name: type - in: query - required: false - schema: - type: boolean - description: Set to true to prefix the Destination id with the Destination type. Otherwise, false (default). - - name: offset - in: query - required: false - schema: - type: integer - description: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. - - name: limit - in: query - required: false + - name: product + in: path + required: true schema: - type: integer - description: Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. - - name: pack + type: string + $ref: "#/components/schemas/ProductsCore" + description: Name of the Cribl product to get the Worker Groups, Outpost Groups, + or Edge Fleets for. + - name: id in: path required: true schema: type: string - description: The id of the Pack. - x-speakeasy-pagination: - type: offsetLimit - inputs: - - name: offset - in: parameters - type: offset - - name: limit - in: parameters - type: limit - outputs: - results: $.items - /lib/jobs: - post: - operationId: createSavedJob - tags: - - collectors - x-speakeasy-group: collectors - x-speakeasy-name-override: create - x-cribl-internal: false - x-cribl-availability: both - summary: Create a Collector - description: Create a new Collector. + description: The id of the Worker Group, Outpost Group, or Edge + Fleet to delete. responses: "200": - description: The created SavedJobResponse object in a single-item list. + description: The deleted ConfigGroup object in a single-item list. content: application/json: schema: - $ref: "#/components/schemas/CountedSavedJobResponse" + $ref: "#/components/schemas/CountedConfigGroup" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - requestBody: - description: SavedJob object. - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/SavedJob" - examples: - CollectorExamplesRest: - $ref: "#/components/examples/CollectorExamplesRest" - CollectorExamplesS3: - $ref: "#/components/examples/CollectorExamplesS3" - CollectorExamplesFilesystem: - $ref: "#/components/examples/CollectorExamplesFilesystem" - CollectorExamplesAzureBlob: - $ref: "#/components/examples/CollectorExamplesAzureBlob" - CollectorExamplesGoogleCloudStorage: - $ref: "#/components/examples/CollectorExamplesGoogleCloudStorage" - CollectorExamplesDatabase: - $ref: "#/components/examples/CollectorExamplesDatabase" - CollectorExamplesSplunk: - $ref: "#/components/examples/CollectorExamplesSplunk" - CollectorExamplesScript: - $ref: "#/components/examples/CollectorExamplesScript" - CollectorExamplesCriblLake: - $ref: "#/components/examples/CollectorExamplesCriblLake" + x-speakeasy-group: groups + /products/{product}/groups/{id}/acl: get: - operationId: getSavedJob + operationId: getConfigGroupAclByProductAndId tags: - - collectors - x-speakeasy-group: collectors - x-speakeasy-name-override: list + - groups + x-speakeasy-group: groups.acl + x-speakeasy-name-override: get x-cribl-internal: false x-cribl-availability: both - summary: List all Collectors - description: Get a list of all Collectors. + summary: Get the Access Control List for a Worker Group, Outpost Group, or Edge + Fleet + description: Get the Access Control List (ACL) for the specified Worker Group, + Outpost Group, or Edge Fleet. responses: "200": - description: List of SavedJobResponse objects. + description: List of UserAccessControlList objects. content: application/json: schema: - $ref: "#/components/schemas/CountedSavedJobResponse" + $ref: "#/components/schemas/CountedUserAccessControlList" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -56022,32 +67731,51 @@ paths: schema: $ref: "#/components/schemas/Error" parameters: - - name: collectorType + - name: product + in: path + required: true + schema: + $ref: "#/components/schemas/ProductsCore" + description: Name of the Cribl product to get the Worker Groups or Edge Fleets + for. + - name: id + in: path + required: true + schema: + type: string + description: The id of the Worker Group, Outpost Group, or Edge + Fleet to get the ACL for. + - name: type in: query required: false schema: - type: string - description: Filter by collector type - /lib/jobs/{id}: - delete: - operationId: deleteSavedJobById + $ref: "#/components/schemas/RbacResource" + description: Filter for limiting the response to ACL entries for the specified + RBAC resource type. + /products/{product}/groups/{id}/acl/teams: + get: + operationId: getConfigGroupAclTeamsByProductAndId tags: - - collectors - x-speakeasy-group: collectors - x-speakeasy-name-override: delete + - teams + x-speakeasy-group: groups.acl.teams + x-speakeasy-name-override: get x-cribl-internal: false x-cribl-availability: both - summary: Delete a Collector - description: Delete the specified Collector. + summary: Get the Access Control List for teams with permissions on a Worker + Group, Outpost Group, or Edge Fleet for the specified Cribl product + description: Get the Access Control List (ACL) for teams that have permissions + on a Worker Group, Outpost Group, or Edge Fleet for the specified Cribl + product. responses: "200": - description: The deleted SavedJobResponse object in a single-item list. + description: List of TeamAccessControlList objects. content: application/json: schema: - $ref: "#/components/schemas/CountedSavedJobResponse" + $ref: "#/components/schemas/CountedTeamAccessControlList" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -56055,31 +67783,50 @@ paths: schema: $ref: "#/components/schemas/Error" parameters: + - name: product + in: path + required: true + schema: + $ref: "#/components/schemas/ProductsCore" + description: Name of the Cribl product that contains the Worker Group, Outpost + Group, or Edge Fleet. - name: id in: path required: true schema: type: string - description: The id of the Collector to delete. + description: The id of the Worker Group, Outpost Group, or Edge + Fleet to get the team ACL for. + - name: type + in: query + required: false + schema: + $ref: "#/components/schemas/RbacResource" + description: Filter for limiting the response to ACL entries for the specified + RBAC resource type. + /products/{product}/groups/{id}/configVersion: get: - operationId: getSavedJobById + operationId: getConfigGroupConfigVersionByProductAndId tags: - - collectors - x-speakeasy-group: collectors + - groups + x-speakeasy-group: groups.configs.versions x-speakeasy-name-override: get x-cribl-internal: false x-cribl-availability: both - summary: Get a Collector - description: Get the specified Collector. + summary: Get the configuration version for a Worker Group, Outpost Group, or + Edge Fleet + description: Get the configuration version for the specified Worker Group, + Outpost Group, or Edge Fleet. responses: "200": - description: List of SavedJobResponse objects. + description: List of string objects. content: application/json: schema: - $ref: "#/components/schemas/CountedSavedJobResponse" + $ref: "#/components/schemas/CountedString" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -56087,31 +67834,42 @@ paths: schema: $ref: "#/components/schemas/Error" parameters: + - name: product + in: path + required: true + schema: + $ref: "#/components/schemas/ProductsCore" + description: Name of the Cribl product to get the Worker Groups, Outpost Groups, + or Edge Fleets for. - name: id in: path required: true schema: type: string - description: The id of the Collector to get. + description: The id of the Worker Group, Outpost Group, or Edge + Fleet to get the configuration version for. + /products/{product}/groups/{id}/deploy: patch: - operationId: updateSavedJobById + operationId: updateConfigGroupDeployByProductAndId tags: - - collectors - x-speakeasy-group: collectors - x-speakeasy-name-override: update + - groups + x-speakeasy-group: groups + x-speakeasy-name-override: deploy x-cribl-internal: false x-cribl-availability: both - summary: Update a Collector - description: Update the specified Collector.

Provide a complete representation of the Collector that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Collector.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Collector might not function as expected. + summary: Deploy commits to a Worker Group, Outpost Group, or Edge Fleet + description: Deploy commits to the specified Worker Group, Outpost Group, or + Edge Fleet. responses: "200": - description: The updated SavedJobResponse object in a single-item list. + description: The updated ConfigGroup object in a single-item list. content: application/json: schema: - $ref: "#/components/schemas/CountedSavedJobResponse" + $ref: "#/components/schemas/CountedConfigGroup" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -56119,281 +67877,462 @@ paths: schema: $ref: "#/components/schemas/Error" requestBody: - description: SavedJob object. + description: DeployRequest object. required: true content: application/json: schema: - $ref: "#/components/schemas/SavedJob" - examples: - CollectorExamplesRest: - $ref: "#/components/examples/CollectorExamplesRest" - CollectorExamplesS3: - $ref: "#/components/examples/CollectorExamplesS3" - CollectorExamplesFilesystem: - $ref: "#/components/examples/CollectorExamplesFilesystem" - CollectorExamplesAzureBlob: - $ref: "#/components/examples/CollectorExamplesAzureBlob" - CollectorExamplesGoogleCloudStorage: - $ref: "#/components/examples/CollectorExamplesGoogleCloudStorage" - CollectorExamplesDatabase: - $ref: "#/components/examples/CollectorExamplesDatabase" - CollectorExamplesSplunk: - $ref: "#/components/examples/CollectorExamplesSplunk" - CollectorExamplesScript: - $ref: "#/components/examples/CollectorExamplesScript" - CollectorExamplesCriblLake: - $ref: "#/components/examples/CollectorExamplesCriblLake" + $ref: "#/components/schemas/DeployRequest" parameters: + - name: product + in: path + required: true + schema: + $ref: "#/components/schemas/ProductsCore" + description: Name of the Cribl product to deploy commits to the Worker Groups, + Outpost Groups, or Edge Fleets for. - name: id in: path required: true schema: type: string - description: The id of the Collector to update. - /products/{product}/groups: + description: The id of the target Worker Group, Outpost Group, or + Edge Fleet for commit deployment. + /products/{product}/summary: get: - operationId: listConfigGroupByProduct + operationId: getProductsSummaryByProduct + tags: + - distributed + x-speakeasy-group: nodes.summaries + x-speakeasy-name-override: get x-cribl-internal: false x-cribl-availability: both - x-speakeasy-name-override: list - tags: - - groups - summary: List all Worker Groups, Outpost Groups, or Edge Fleets for the specified Cribl product - description: Get a list of all Worker Groups, Outpost Groups, or Edge Fleets for the specified Cribl product. + summary: Get a summary of the deployment for a specific product. + description: Get a summary of the deployment for the specified Cribl product + (Stream or Edge).

The summary includes a count of Worker Groups + or Edge Fleets and resources such as Pipelines, Routes, Sources, and + Destinations. For Distributed deployments, it also includes a count and + statistics for Worker or Edge Nodes. responses: "200": - description: List of ConfigGroup objects. + description: List of DistributedSummary objects. content: application/json: schema: - $ref: "#/components/schemas/CountedConfigGroup" + $ref: "#/components/schemas/CountedDistributedSummary" + "400": + description: Bad Request if the product is not "stream" or "edge" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). + "403": + description: Forbidden to access product because you don't have permissions "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - x-speakeasy-group: groups parameters: - name: product in: path required: true schema: - $ref: "#/components/schemas/ProductsCore" - description: Name of the Cribl product to get the Worker Groups, Outpost Groups, or Edge Fleets for. - - name: fields - in: query - required: false - schema: - type: string - description: Comma-separated list of additional properties to include in the response. Available values are git.commit, git.localChanges, and git.log. - post: - operationId: createConfigGroupByProduct + $ref: "#/components/schemas/ProductsBase" + description: Name of the Cribl product to get the summary for. + /products/{product}/summary/workers: + get: + operationId: getProductsSummaryWorkersByProduct + tags: + - workers + x-speakeasy-group: nodes + x-speakeasy-name-override: count x-cribl-internal: false x-cribl-availability: both - x-speakeasy-name-override: create - tags: - - groups - summary: Create a Worker Group, Outpost Group, or Edge Fleet for the specified Cribl product - description: Create a new Worker Group, Outpost Group, or Edge Fleet for the specified Cribl product. - requestBody: - description: GroupCreateRequest object. - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/GroupCreateRequest" - examples: - CreateGroupExamplesCloudWg: - $ref: "#/components/examples/CreateGroupExamplesCloudWg" - CreateGroupExamplesOnPremWg: - $ref: "#/components/examples/CreateGroupExamplesOnPremWg" - CreateGroupExamplesCloneWg: - $ref: "#/components/examples/CreateGroupExamplesCloneWg" - CreateGroupExamplesEdgeFleet: - $ref: "#/components/examples/CreateGroupExamplesEdgeFleet" + summary: Get a count of Worker, Edge, or Outpost Nodes + description: Get a count of all Worker, Edge, or Outpost Nodes for the specified + Cribl product. responses: "200": - description: The created ConfigGroup object in a single-item list. + description: List of number objects. content: application/json: schema: - $ref: "#/components/schemas/CountedConfigGroup" + $ref: "#/components/schemas/CountedNumber" + "400": + description: Bad Request if the product is not "stream", "edge", or "outpost" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). + "403": + description: Forbidden to access product because you don't have permissions "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - x-speakeasy-group: groups parameters: - name: product in: path required: true schema: $ref: "#/components/schemas/ProductsCore" - description: Name of the Cribl product to add the Worker Group, Outpost Group, or Edge Fleet to. - /products/{product}/groups/{id}: + description: Name of the Cribl product to get the count of Worker, Edge, or + Outpost Nodes for. + - name: filterExp + in: query + required: false + schema: + type: string + description: Filter expression to evaluate against Nodes for inclusion in the + response. + /products/{product}/workers: get: - operationId: getConfigGroupByProductAndId + operationId: getProductsWorkersByProduct + tags: + - workers + x-speakeasy-group: nodes + x-speakeasy-name-override: list x-cribl-internal: false x-cribl-availability: both - x-speakeasy-name-override: get - tags: - - groups - summary: Get a Worker Group, Outpost Group, or Edge Fleet - description: Get the specified Worker Group, Outpost Group, or Edge Fleet. + summary: Get detailed metadata for Worker, Edge, or Outpost Nodes + description: Get detailed metadata for Worker, Edge, or Outpost Nodes for the + specified Cribl product. + responses: + "200": + description: List of MasterWorkerEntry objects. + content: + application/json: + schema: + $ref: "#/components/schemas/CountedMasterWorkerEntry" + "400": + description: Bad Request if the product is not "stream", "edge", or "outpost" + "401": + description: Authentication failed (missing or invalid credentials or Bearer + token). + "403": + description: Forbidden to access product because you don't have permissions + "500": + description: Unexpected server error. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" parameters: - name: product in: path required: true schema: - type: string $ref: "#/components/schemas/ProductsCore" - description: Name of the Cribl product to get the Worker Groups, Outpost Groups, or Edge Fleets for. - - name: id - in: path - required: true + description: Name of the Cribl product to get Worker, Edge, or Outpost Nodes for. + - name: filterExp + in: query + required: false schema: type: string - description: The id of the Worker Group, Outpost Group, or Edge Fleet to get. - - name: fields + description: Filter expression to evaluate against Nodes for inclusion in the + response. + - name: sortExp + in: query + required: false + schema: + type: string + description: Sorting expression to evaluate against Nodes to specify the sort + order for the response. + - name: filter + in: query + required: false + schema: + type: string + description: JSON-stringified filter object to evaluate against Nodes for + inclusion in the response. + - name: sort in: query required: false schema: type: string - description: Comma-separated list of additional properties to include in the response. Available values are git.commit, git.localChanges, and git.log. + description: JSON-stringified sorting object to evaluate against Nodes to + specify the sort order for the response. + - name: limit + in: query + required: false + schema: + type: integer + description: Maximum number of Nodes to return in the response for this request. + Use with offset to paginate the response into + manageable batches. + - name: offset + in: query + required: false + schema: + type: integer + description: Starting point from which to retrieve results for this request. Use + with limit to paginate the response into manageable + batches. + x-speakeasy-pagination: + type: offsetLimit + inputs: + - name: offset + in: parameters + type: offset + - name: limit + in: parameters + type: limit + outputs: + results: $.items + /products/{product}/workers/{id}: + get: + operationId: getProductsWorkersByProductAndId + tags: + - workers + x-speakeasy-group: nodes + x-speakeasy-name-override: get + x-cribl-internal: false + x-cribl-availability: both + summary: Get detailed metadata for a Worker, Edge, or Outpost Node + description: Get detailed metadata for the specified Worker, Edge, or Outpost + Node for the specified Cribl product. responses: "200": - description: List of ConfigGroup objects. + description: List of MasterWorkerEntry objects. content: application/json: schema: - $ref: "#/components/schemas/CountedConfigGroup" + $ref: "#/components/schemas/CountedMasterWorkerEntry" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). + "403": + description: Forbidden to access product because you don't have permissions "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - x-speakeasy-group: groups - patch: - operationId: updateConfigGroupByProductAndId - x-cribl-internal: false - x-cribl-availability: both - x-speakeasy-name-override: update - tags: - - groups - summary: Update a Worker Group, Outpost Group, or Edge Fleet - description: "Update the specified Worker Group, Outpost Group, or Edge Fleet.

Provide a complete representation of the Group or Fleet that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Group or Fleet.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Group or Fleet might not function as expected.**Warning**: Do not change the values for the following parameters in the body of PATCH requests. The request body must include the values as they appear in the GET /products/{product}/groups/{id} response.
- configVersion
- deployingWorkerCount
- incompatibleWorkerCount
- workerCount
- lookupDeployments." parameters: - name: product in: path required: true schema: - type: string $ref: "#/components/schemas/ProductsCore" - description: Name of the Cribl product to get the Worker Groups, Outpost Groups, or Edge Fleets for. + description: Name of the Cribl product that contains the Node. - name: id in: path required: true schema: type: string - description: The id of the Worker Group, Outpost Group, or Edge Fleet to update. + description: The id of the Node to get the metadata for. + /products/{product}/workers/restart: + patch: + operationId: updateProductsWorkersRestartByProduct + tags: + - workers + x-speakeasy-group: nodes + x-speakeasy-name-override: restart + x-cribl-internal: false + x-cribl-availability: both + summary: Restart Worker, Edge, or Outpost Nodes + description: Restart all Worker, Edge, or Outpost Nodes for the specified Cribl + product. + responses: + "200": + description: The updated RestartResponse object in a single-item list. + content: + application/json: + schema: + $ref: "#/components/schemas/CountedRestartResponse" + "400": + description: Bad Request if the product is not "stream", "edge", or "outpost" + "401": + description: Authentication failed (missing or invalid credentials or Bearer + token). + "403": + description: Forbidden to access product because you don't have permissions + "500": + description: Unexpected server error. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" requestBody: - description: ConfigGroup object. + description: RestartRequest object. required: true content: application/json: schema: - $ref: "#/components/schemas/ConfigGroup" + $ref: "#/components/schemas/RestartRequest" examples: - UpdateGroupExamplesScaleCloudWorkerGroup: - $ref: "#/components/examples/UpdateGroupExamplesScaleCloudWorkerGroup" - UpdateGroupExamplesUpdateOnPremWorkerGroup: - $ref: "#/components/examples/UpdateGroupExamplesUpdateOnPremWorkerGroup" + RestartWorkersExamplesRestartWorkers: + $ref: "#/components/examples/RestartWorkersExamplesRestartWorkers" + parameters: + - name: product + in: path + required: true + schema: + $ref: "#/components/schemas/ProductsCore" + description: Name of the Cribl product whose Worker, Edge, or Outpost Nodes you + want to restart. + /products/lake/lakes/{lakeId}/datasets: + get: + operationId: getCriblLakeDatasetByLakeId + tags: + - lake + x-speakeasy-group: lakes.datasets + x-speakeasy-name-override: list + x-cribl-internal: false + x-cribl-availability: cloud + summary: List all Lake Datasets (Cribl.Cloud only) + description: Get a list of all Lake Datasets in the specified Lake (Cribl.Cloud only). responses: "200": - description: The updated ConfigGroup object in a single-item list. + description: List of CriblLakeDataset objects. content: application/json: schema: - $ref: "#/components/schemas/CountedConfigGroup" + $ref: "#/components/schemas/CountedCriblLakeDataset" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - x-speakeasy-group: groups - delete: - operationId: deleteConfigGroupByProductAndId - x-cribl-internal: false - x-cribl-availability: both - x-speakeasy-name-override: delete - tags: - - groups - summary: Delete a Worker Group, Outpost Group, or Edge Fleet - description: Delete the specified Worker Group, Outpost Group, or Edge Fleet. parameters: - - name: product + - name: lakeId in: path required: true schema: type: string - $ref: "#/components/schemas/ProductsCore" - description: Name of the Cribl product to get the Worker Groups, Outpost Groups, or Edge Fleets for. - - name: id - in: path - required: true + description: The id of the Lake that contains the Lake Datasets to + list. + - name: storageLocationId + in: query + required: false + schema: + type: string + description: Filter datasets by storage location ID. Use default + for default storage location. + - name: format + in: query + required: false schema: type: string - description: The id of the Worker Group, Outpost Group, or Edge Fleet to delete. + enum: + - ddss + x-speakeasy-unknown-values: allow + description: Filter datasets by format. Set to ddss to return only + DDSS datasets. + - name: excludeDDSS + in: query + required: false + schema: + type: boolean + description: Exclude DDSS format datasets from the response. + - name: excludeNetskope + in: query + required: false + schema: + type: boolean + description: Exclude Netskope format datasets from the response. + - name: excludeDeleted + in: query + required: false + schema: + type: boolean + description: Exclude deleted datasets from the response. + - name: excludeInternal + in: query + required: false + schema: + type: boolean + description: Exclude internal datasets (those with IDs starting with + cribl_) from the response. + - name: excludeBYOS + in: query + required: false + schema: + type: boolean + description: Exclude BYOS (Bring Your Own Storage) datasets from the response. + - name: includeMetrics + in: query + required: false + schema: + type: boolean + description: Set to true to include storage metrics for each Lake + Dataset. Otherwise, false (default). Requires a Cribl + Lake metrics license. + post: + operationId: createCriblLakeDatasetByLakeId + tags: + - lake + x-speakeasy-group: lakes.datasets + x-speakeasy-name-override: create + x-cribl-internal: false + x-cribl-availability: cloud + summary: Create a Lake Dataset (Cribl.Cloud only) + description: Create a new Lake Dataset in the specified Lake (Cribl.Cloud only). responses: "200": - description: The deleted ConfigGroup object in a single-item list. + description: The created CriblLakeDataset object in a single-item list. content: application/json: schema: - $ref: "#/components/schemas/CountedConfigGroup" + $ref: "#/components/schemas/CountedCriblLakeDataset" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - x-speakeasy-group: groups - /products/{product}/groups/{id}/configVersion: + requestBody: + description: CriblLakeDataset object. + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/CriblLakeDataset" + examples: + LakeDatasetCreateExamplesJsonDataset: + $ref: "#/components/examples/LakeDatasetCreateExamplesJsonDataset" + LakeDatasetCreateExamplesParquetDataset: + $ref: "#/components/examples/LakeDatasetCreateExamplesParquetDataset" + LakeDatasetCreateExamplesMinimalDataset: + $ref: "#/components/examples/LakeDatasetCreateExamplesMinimalDataset" + parameters: + - name: lakeId + in: path + required: true + schema: + type: string + description: The id of the Lake to create the Lake Dataset in. + /products/lake/lakes/{lakeId}/datasets/{id}: get: - operationId: getConfigGroupConfigVersionByProductAndId + operationId: getCriblLakeDatasetByLakeIdAndId tags: - - groups - x-speakeasy-group: groups.configs.versions + - lake + x-speakeasy-group: lakes.datasets x-speakeasy-name-override: get x-cribl-internal: false - x-cribl-availability: both - summary: Get the configuration version for a Worker Group, Outpost Group, or Edge Fleet - description: Get the configuration version for the specified Worker Group, Outpost Group, or Edge Fleet. + x-cribl-availability: cloud + summary: Get a Lake Dataset (Cribl.Cloud only) + description: Get the specified Lake Dataset in the specified Lake (Cribl.Cloud only). responses: "200": - description: List of string objects. + description: List of CriblLakeDataset objects. content: application/json: schema: - $ref: "#/components/schemas/CountedString" + $ref: "#/components/schemas/CountedCriblLakeDataset" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -56401,38 +68340,48 @@ paths: schema: $ref: "#/components/schemas/Error" parameters: - - name: product + - name: lakeId in: path required: true schema: - $ref: "#/components/schemas/ProductsCore" - description: Name of the Cribl product to get the Worker Groups, Outpost Groups, or Edge Fleets for. + type: string + description: The id of the Lake that contains the Lake Dataset to + get. - name: id in: path required: true schema: type: string - description: The id of the Worker Group, Outpost Group, or Edge Fleet to get the configuration version for. - /products/{product}/groups/{id}/deploy: + description: The id of the Lake Dataset to get. + - name: includeMetrics + in: query + required: false + schema: + type: boolean + description: Set to true to include storage metrics for each Lake + Dataset. Otherwise, false (default). Requires a Cribl + Lake metrics license. patch: - operationId: updateConfigGroupDeployByProductAndId + operationId: updateCriblLakeDatasetByLakeIdAndId tags: - - groups - x-speakeasy-group: groups - x-speakeasy-name-override: deploy + - lake + x-speakeasy-group: lakes.datasets + x-speakeasy-name-override: update x-cribl-internal: false - x-cribl-availability: both - summary: Deploy commits to a Worker Group, Outpost Group, or Edge Fleet - description: Deploy commits to the specified Worker Group, Outpost Group, or Edge Fleet. + x-cribl-availability: cloud + summary: Update a Lake Dataset (Cribl.Cloud only) + description: Update the specified Lake Dataset in the specified Lake + (Cribl.Cloud only). responses: "200": - description: The updated ConfigGroup object in a single-item list. + description: The updated CriblLakeDataset object in a single-item list. content: application/json: schema: - $ref: "#/components/schemas/CountedConfigGroup" + $ref: "#/components/schemas/CountedCriblLakeDataset" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -56440,45 +68389,52 @@ paths: schema: $ref: "#/components/schemas/Error" requestBody: - description: DeployRequest object. + description: CriblLakeDatasetUpdate object. required: true content: application/json: schema: - $ref: "#/components/schemas/DeployRequest" + $ref: "#/components/schemas/CriblLakeDatasetUpdate" + examples: + LakeDatasetUpdateExamplesUpdateRetention: + $ref: "#/components/examples/LakeDatasetUpdateExamplesUpdateRetention" + LakeDatasetUpdateExamplesUpdateDescription: + $ref: "#/components/examples/LakeDatasetUpdateExamplesUpdateDescription" parameters: - - name: product + - name: lakeId in: path required: true schema: - $ref: "#/components/schemas/ProductsCore" - description: Name of the Cribl product to deploy commits to the Worker Groups, Outpost Groups, or Edge Fleets for. + type: string + description: The id of the Lake that contains the Lake Dataset to + update. - name: id in: path required: true schema: type: string - description: The id of the target Worker Group, Outpost Group, or Edge Fleet for commit deployment. - /products/{product}/groups/{id}/acl/teams: - get: - operationId: getConfigGroupAclTeamsByProductAndId + description: The id of the Lake Dataset to update. + delete: + operationId: deleteCriblLakeDatasetByLakeIdAndId tags: - - teams - x-speakeasy-group: groups.acl.teams - x-speakeasy-name-override: get + - lake + x-speakeasy-group: lakes.datasets + x-speakeasy-name-override: delete x-cribl-internal: false - x-cribl-availability: both - summary: Get the Access Control List for teams with permissions on a Worker Group, Outpost Group, or Edge Fleet for the specified Cribl product - description: Get the Access Control List (ACL) for teams that have permissions on a Worker Group, Outpost Group, or Edge Fleet for the specified Cribl product. + x-cribl-availability: cloud + summary: Delete a Lake Dataset (Cribl.Cloud only) + description: Delete the specified Lake Dataset in the specified Lake + (Cribl.Cloud only). responses: "200": - description: List of TeamAccessControlList objects. + description: The deleted CriblLakeDataset object in a single-item list. content: application/json: schema: - $ref: "#/components/schemas/CountedTeamAccessControlList" + $ref: "#/components/schemas/CountedCriblLakeDataset" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -56486,44 +68442,67 @@ paths: schema: $ref: "#/components/schemas/Error" parameters: - - name: product + - name: lakeId in: path required: true schema: - $ref: "#/components/schemas/ProductsCore" - description: Name of the Cribl product that contains the Worker Group, Outpost Group, or Edge Fleet. + type: string + description: The id of the Lake that contains the Lake Dataset to + delete. - name: id in: path required: true schema: type: string - description: The id of the Worker Group, Outpost Group, or Edge Fleet to get the team ACL for. - - name: type - in: query - required: false - schema: - $ref: "#/components/schemas/RbacResource" - description: Filter for limiting the response to ACL entries for the specified RBAC resource type. - /products/{product}/groups/{id}/acl: + description: The id of the Lake Dataset to delete. + /routes: get: - operationId: getConfigGroupAclByProductAndId + operationId: getRoutes tags: - - groups - x-speakeasy-group: groups.acl + - routes + x-speakeasy-group: routes + x-speakeasy-name-override: list + x-cribl-internal: false + x-cribl-availability: both + summary: List all Routes + description: Get a list of all Routes. + responses: + "200": + description: a list of Routes objects + content: + application/json: + schema: + $ref: "#/components/schemas/CountedRoutes" + "401": + description: Authentication failed (missing or invalid credentials or Bearer + token). + "500": + description: Unexpected server error. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + /routes/{id}: + get: + operationId: getRoutesById + tags: + - routes + x-speakeasy-group: routes x-speakeasy-name-override: get x-cribl-internal: false x-cribl-availability: both - summary: Get the Access Control List for a Worker Group, Outpost Group, or Edge Fleet - description: Get the Access Control List (ACL) for the specified Worker Group, Outpost Group, or Edge Fleet. + summary: Get a Routing table + description: Get the specified Routing table. responses: "200": - description: List of UserAccessControlList objects. + description: a list of Routes objects content: application/json: schema: - $ref: "#/components/schemas/CountedUserAccessControlList" + $ref: "#/components/schemas/CountedRoutes" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -56531,44 +68510,39 @@ paths: schema: $ref: "#/components/schemas/Error" parameters: - - name: product - in: path - required: true - schema: - $ref: "#/components/schemas/ProductsCore" - description: Name of the Cribl product to get the Worker Groups or Edge Fleets for. - name: id in: path required: true schema: type: string - description: The id of the Worker Group, Outpost Group, or Edge Fleet to get the ACL for. - - name: type - in: query - required: false - schema: - $ref: "#/components/schemas/RbacResource" - description: Filter for limiting the response to ACL entries for the specified RBAC resource type. - /products/lake/lakes/{lakeId}/datasets: - post: - operationId: createCriblLakeDatasetByLakeId + description: The id of the Routing table to get. The supported + value is default. + patch: + operationId: updateRoutesById tags: - - lake - x-speakeasy-group: lakes.datasets - x-speakeasy-name-override: create + - routes + x-speakeasy-group: routes + x-speakeasy-name-override: update x-cribl-internal: false - x-cribl-availability: cloud - summary: Create a Lake Dataset (Cribl.Cloud only) - description: Create a new Lake Dataset in the specified Lake (Cribl.Cloud only). + x-cribl-availability: both + summary: Update a Route + description: Update a Route in the specified Routing table.

\1 This + endpoint does not support partial updates. Cribl removes any omitted + fields when updating the Routing table.

Confirm that the + configuration in your request body is correct before sending the + request. If the configuration is incorrect, the updated Routing table + might not function as expected.

Cribl also removes any omitted + Routes when updating the Routing table. responses: "200": - description: The created CriblLakeDataset object in a single-item list. + description: a list of Routes objects content: application/json: schema: - $ref: "#/components/schemas/CountedCriblLakeDataset" + $ref: "#/components/schemas/CountedRoutes" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -56576,114 +68550,148 @@ paths: schema: $ref: "#/components/schemas/Error" requestBody: - description: CriblLakeDataset object. + description: RoutesInput object. required: true content: application/json: schema: - $ref: "#/components/schemas/CriblLakeDataset" + $ref: "#/components/schemas/RoutesInput" examples: - LakeDatasetCreateExamplesJsonDataset: - $ref: "#/components/examples/LakeDatasetCreateExamplesJsonDataset" - LakeDatasetCreateExamplesParquetDataset: - $ref: "#/components/examples/LakeDatasetCreateExamplesParquetDataset" - LakeDatasetCreateExamplesMinimalDataset: - $ref: "#/components/examples/LakeDatasetCreateExamplesMinimalDataset" + RoutesUpdateExamplesBasicRoute: + $ref: "#/components/examples/RoutesUpdateExamplesBasicRoute" + RoutesUpdateExamplesMultipleRoutes: + $ref: "#/components/examples/RoutesUpdateExamplesMultipleRoutes" + RoutesUpdateExamplesRouteWithOutputExpression: + $ref: "#/components/examples/RoutesUpdateExamplesRouteWithOutputExpression" + RoutesUpdateExamplesRouteWithDefaults: + $ref: "#/components/examples/RoutesUpdateExamplesRouteWithDefaults" parameters: - - name: lakeId + - name: id in: path required: true schema: type: string - description: The id of the Lake to create the Lake Dataset in. - get: - operationId: getCriblLakeDatasetByLakeId + description: The id of the Routing table that contains the Route to + update. The supported value is default. + /routes/{id}/append: + post: + operationId: createRoutesAppendById tags: - - lake - x-speakeasy-group: lakes.datasets - x-speakeasy-name-override: list + - routes + x-speakeasy-group: routes + x-speakeasy-name-override: append x-cribl-internal: false - x-cribl-availability: cloud - summary: List all Lake Datasets (Cribl.Cloud only) - description: Get a list of all Lake Datasets in the specified Lake (Cribl.Cloud only). + x-cribl-availability: both + summary: Add a Route to the end of the Routing table + description: Add a Route to the end of the specified Routing table. responses: "200": - description: List of CriblLakeDataset objects. + description: The created Routes object in a single-item list. content: application/json: schema: - $ref: "#/components/schemas/CountedCriblLakeDataset" + $ref: "#/components/schemas/CountedRoutes" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" + requestBody: + description: RouteDefinitions object. + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/RouteDefinitions" + examples: + RoutesAppendExamplesSingleRoute: + $ref: "#/components/examples/RoutesAppendExamplesSingleRoute" + RoutesAppendExamplesMultipleRoutes: + $ref: "#/components/examples/RoutesAppendExamplesMultipleRoutes" + RoutesAppendExamplesRouteWithOutputExpression: + $ref: "#/components/examples/RoutesAppendExamplesRouteWithOutputExpression" + RoutesAppendExamplesRouteWithDefaults: + $ref: "#/components/examples/RoutesAppendExamplesRouteWithDefaults" parameters: - - name: lakeId + - name: id in: path required: true schema: type: string - description: The id of the Lake that contains the Lake Datasets to list. - - name: storageLocationId - in: query - required: false - schema: - type: string - description: Filter datasets by storage location ID. Use default for default storage location. - - name: format - in: query - required: false - schema: - type: string - description: Filter datasets by format. Set to ddss to return only DDSS datasets. - - name: excludeDDSS - in: query - required: false - schema: - type: boolean - description: Exclude DDSS format datasets from the response. - - name: excludeDeleted - in: query - required: false - schema: - type: boolean - description: Exclude deleted datasets from the response. - - name: excludeInternal - in: query - required: false - schema: - type: boolean - description: Exclude internal datasets (those with IDs starting with cribl_) from the response. - - name: excludeBYOS - in: query - required: false - schema: - type: boolean - description: Exclude BYOS (Bring Your Own Storage) datasets from the response. - /products/lake/lakes/{lakeId}/datasets/{id}: - delete: - operationId: deleteCriblLakeDatasetByLakeIdAndId + description: The id of the Routing table to add the Route to. The + supported value is default. + /system/capture: + post: + operationId: createSystemCapture tags: - - lake - x-speakeasy-group: lakes.datasets - x-speakeasy-name-override: delete + - preview + x-speakeasy-group: system.captures + x-speakeasy-name-override: create x-cribl-internal: false - x-cribl-availability: cloud - summary: Delete a Lake Dataset (Cribl.Cloud only) - description: Delete the specified Lake Dataset in the specified Lake (Cribl.Cloud only). + x-cribl-availability: both + summary: Capture live data + description: Initiate a live data capture from Cribl Workers. Returns a stream + of captured events in NDJSON format that match the parameters specified + in the request body. responses: "200": - description: The deleted CriblLakeDataset object in a single-item list. + description: Stream of captured events. + content: + application/x-ndjson: + schema: + $ref: "#/components/schemas/CapturedEvent" + "400": + description: No worker nodes are connected to this worker group. + "401": + description: Authentication failed (missing or invalid credentials or Bearer + token). + "500": + description: Unexpected server error. content: application/json: schema: - $ref: "#/components/schemas/CountedCriblLakeDataset" + $ref: "#/components/schemas/Error" + requestBody: + description: CaptureParamsReq object. + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/CaptureParamsReq" + examples: + CaptureExamplesSimpleExpression: + $ref: "#/components/examples/CaptureExamplesSimpleExpression" + CaptureExamplesCompoundAndExpression: + $ref: "#/components/examples/CaptureExamplesCompoundAndExpression" + CaptureExamplesNestedFieldAccess: + $ref: "#/components/examples/CaptureExamplesNestedFieldAccess" + CaptureExamplesComplexFilter: + $ref: "#/components/examples/CaptureExamplesComplexFilter" + /system/inputs: + get: + operationId: listInput + x-speakeasy-group: sources + x-cribl-internal: false + x-cribl-availability: both + x-speakeasy-name-override: list + tags: + - sources + summary: List all Sources + description: Get a list of all Sources. + responses: + "200": + description: a list of Source objects + content: + application/json: + schema: + $ref: "#/components/schemas/CountedInputResponse" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -56691,170 +68699,460 @@ paths: schema: $ref: "#/components/schemas/Error" parameters: - - name: lakeId - in: path - required: true - schema: - type: string - description: The id of the Lake that contains the Lake Dataset to delete. - - name: id - in: path - required: true + - name: type + in: query + required: false schema: - type: string - description: The id of the Lake Dataset to delete. - get: - operationId: getCriblLakeDatasetByLakeIdAndId - tags: - - lake - x-speakeasy-group: lakes.datasets - x-speakeasy-name-override: get + $ref: "#/components/schemas/SourceType" + description: Type of Source to include in the results. Each request can include + only one type parameter; multiple parameters per + request are not supported. + post: + operationId: createInput + x-speakeasy-group: sources x-cribl-internal: false - x-cribl-availability: cloud - summary: Get a Lake Dataset (Cribl.Cloud only) - description: Get the specified Lake Dataset in the specified Lake (Cribl.Cloud only). + x-cribl-availability: both + x-speakeasy-name-override: create + tags: + - sources + summary: Create a Source + description: Create a new Source. The system-managed provenance field (JSON + criblSourceProvenance) must be omitted from the request + body. + requestBody: + description: Input object. + required: true + content: + application/json: + schema: + allOf: + - $ref: "#/components/schemas/Input" + - type: object + required: + - id + examples: + InputCreateExamplesAnthropicCompliance: + $ref: "#/components/examples/InputCreateExamplesAnthropicCompliance" + InputCreateExamplesAppleUnifiedLogs: + $ref: "#/components/examples/InputCreateExamplesAppleUnifiedLogs" + InputCreateExamplesAppscope: + $ref: "#/components/examples/InputCreateExamplesAppscope" + InputCreateExamplesAzureBlob: + $ref: "#/components/examples/InputCreateExamplesAzureBlob" + InputCreateExamplesCloudflareHec: + $ref: "#/components/examples/InputCreateExamplesCloudflareHec" + InputCreateExamplesConfluentCloud: + $ref: "#/components/examples/InputCreateExamplesConfluentCloud" + InputCreateExamplesCollection: + $ref: "#/components/examples/InputCreateExamplesCollection" + InputCreateExamplesCriblHttp: + $ref: "#/components/examples/InputCreateExamplesCriblHttp" + InputCreateExamplesCriblLakeHttp: + $ref: "#/components/examples/InputCreateExamplesCriblLakeHttp" + InputCreateExamplesCriblTcp: + $ref: "#/components/examples/InputCreateExamplesCriblTcp" + InputCreateExamplesCrowdstrike: + $ref: "#/components/examples/InputCreateExamplesCrowdstrike" + InputCreateExamplesDatadogAgent: + $ref: "#/components/examples/InputCreateExamplesDatadogAgent" + InputCreateExamplesDatagen: + $ref: "#/components/examples/InputCreateExamplesDatagen" + InputCreateExamplesEdgePrometheus: + $ref: "#/components/examples/InputCreateExamplesEdgePrometheus" + InputCreateExamplesElastic: + $ref: "#/components/examples/InputCreateExamplesElastic" + InputCreateExamplesEventhub: + $ref: "#/components/examples/InputCreateExamplesEventhub" + InputCreateExamplesEventhubAmqp: + $ref: "#/components/examples/InputCreateExamplesEventhubAmqp" + InputCreateExamplesExec: + $ref: "#/components/examples/InputCreateExamplesExec" + InputCreateExamplesFile: + $ref: "#/components/examples/InputCreateExamplesFile" + InputCreateExamplesFirehose: + $ref: "#/components/examples/InputCreateExamplesFirehose" + InputCreateExamplesGrafana: + $ref: "#/components/examples/InputCreateExamplesGrafana" + InputCreateExamplesGooglePubsub: + $ref: "#/components/examples/InputCreateExamplesGooglePubsub" + InputCreateExamplesHttp: + $ref: "#/components/examples/InputCreateExamplesHttp" + InputCreateExamplesHttpRaw: + $ref: "#/components/examples/InputCreateExamplesHttpRaw" + InputCreateExamplesJournalFiles: + $ref: "#/components/examples/InputCreateExamplesJournalFiles" + InputCreateExamplesKafka: + $ref: "#/components/examples/InputCreateExamplesKafka" + InputCreateExamplesKinesis: + $ref: "#/components/examples/InputCreateExamplesKinesis" + InputCreateExamplesKubeEvents: + $ref: "#/components/examples/InputCreateExamplesKubeEvents" + InputCreateExamplesKubeLogs: + $ref: "#/components/examples/InputCreateExamplesKubeLogs" + InputCreateExamplesKubeMetrics: + $ref: "#/components/examples/InputCreateExamplesKubeMetrics" + InputCreateExamplesLoki: + $ref: "#/components/examples/InputCreateExamplesLoki" + InputCreateExamplesMetrics: + $ref: "#/components/examples/InputCreateExamplesMetrics" + InputCreateExamplesModelDrivenTelemetry: + $ref: "#/components/examples/InputCreateExamplesModelDrivenTelemetry" + InputCreateExamplesMsk: + $ref: "#/components/examples/InputCreateExamplesMsk" + InputCreateExamplesNetflow: + $ref: "#/components/examples/InputCreateExamplesNetflow" + InputCreateExamplesOffice365Mgmt: + $ref: "#/components/examples/InputCreateExamplesOffice365Mgmt" + InputCreateExamplesMicrosoftGraph: + $ref: "#/components/examples/InputCreateExamplesMicrosoftGraph" + InputCreateExamplesOffice365MsgTrace: + $ref: "#/components/examples/InputCreateExamplesOffice365MsgTrace" + InputCreateExamplesOffice365Service: + $ref: "#/components/examples/InputCreateExamplesOffice365Service" + InputCreateExamplesOkta: + $ref: "#/components/examples/InputCreateExamplesOkta" + InputCreateExamplesOpenAI: + $ref: "#/components/examples/InputCreateExamplesOpenAI" + InputCreateExamplesOpenAIComplianceLogs: + $ref: "#/components/examples/InputCreateExamplesOpenAIComplianceLogs" + InputCreateExamplesOpenTelemetry: + $ref: "#/components/examples/InputCreateExamplesOpenTelemetry" + InputCreateExamplesPrometheus: + $ref: "#/components/examples/InputCreateExamplesPrometheus" + InputCreateExamplesPrometheusRw: + $ref: "#/components/examples/InputCreateExamplesPrometheusRw" + InputCreateExamplesRawUdp: + $ref: "#/components/examples/InputCreateExamplesRawUdp" + InputCreateExamplesS3: + $ref: "#/components/examples/InputCreateExamplesS3" + InputCreateExamplesS3Inventory: + $ref: "#/components/examples/InputCreateExamplesS3Inventory" + InputCreateExamplesSecurityLake: + $ref: "#/components/examples/InputCreateExamplesSecurityLake" + InputCreateExamplesServiceNowTable: + $ref: "#/components/examples/InputCreateExamplesServiceNowTable" + InputCreateExamplesSnmp: + $ref: "#/components/examples/InputCreateExamplesSnmp" + InputCreateExamplesSplunk: + $ref: "#/components/examples/InputCreateExamplesSplunk" + InputCreateExamplesSplunkHec: + $ref: "#/components/examples/InputCreateExamplesSplunkHec" + InputCreateExamplesSplunkSearch: + $ref: "#/components/examples/InputCreateExamplesSplunkSearch" + InputCreateExamplesSqs: + $ref: "#/components/examples/InputCreateExamplesSqs" + InputCreateExamplesSyslog: + $ref: "#/components/examples/InputCreateExamplesSyslog" + InputCreateExamplesSystemMetrics: + $ref: "#/components/examples/InputCreateExamplesSystemMetrics" + InputCreateExamplesSystemState: + $ref: "#/components/examples/InputCreateExamplesSystemState" + InputCreateExamplesTcp: + $ref: "#/components/examples/InputCreateExamplesTcp" + InputCreateExamplesTcpjson: + $ref: "#/components/examples/InputCreateExamplesTcpjson" + InputCreateExamplesWef: + $ref: "#/components/examples/InputCreateExamplesWef" + InputCreateExamplesWinEventLogs: + $ref: "#/components/examples/InputCreateExamplesWinEventLogs" + InputCreateExamplesWindowsMetrics: + $ref: "#/components/examples/InputCreateExamplesWindowsMetrics" + InputCreateExamplesWiz: + $ref: "#/components/examples/InputCreateExamplesWiz" + InputCreateExamplesWizWebhook: + $ref: "#/components/examples/InputCreateExamplesWizWebhook" + InputCreateExamplesZscalerHec: + $ref: "#/components/examples/InputCreateExamplesZscalerHec" responses: "200": - description: List of CriblLakeDataset objects. + description: the created Source object content: application/json: schema: - $ref: "#/components/schemas/CountedCriblLakeDataset" + $ref: "#/components/schemas/CountedInputResponse" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" + /system/inputs/{id}: + get: + operationId: getInputById + x-speakeasy-group: sources + x-cribl-internal: false + x-cribl-availability: both + x-speakeasy-name-override: get + tags: + - sources + summary: Get a Source + description: Get the specified Source. parameters: - - name: lakeId - in: path - required: true - schema: - type: string - description: The id of the Lake that contains the Lake Dataset to get. - name: id in: path required: true schema: type: string - description: The id of the Lake Dataset to get. - patch: - operationId: updateCriblLakeDatasetByLakeIdAndId - tags: - - lake - x-speakeasy-group: lakes.datasets - x-speakeasy-name-override: update - x-cribl-internal: false - x-cribl-availability: cloud - summary: Update a Lake Dataset (Cribl.Cloud only) - description: Update the specified Lake Dataset in the specified Lake (Cribl.Cloud only). + description: The id of the Source to get. responses: "200": - description: The updated CriblLakeDataset object in a single-item list. + description: a Source object content: application/json: schema: - $ref: "#/components/schemas/CountedCriblLakeDataset" + $ref: "#/components/schemas/CountedInputResponse" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" + patch: + operationId: updateInputById + x-speakeasy-group: sources + x-cribl-internal: false + x-cribl-availability: both + x-speakeasy-name-override: update + tags: + - sources + summary: Update a Source + description: Update the specified Source.

Provide a complete + representation of the Source that you want to update in the request + body. This endpoint does not support partial updates. Cribl removes any + omitted fields when updating the Source.

Confirm that the + configuration in your request body is correct before sending the + request. If the configuration is incorrect, the updated Source might not + function as expected.

Cribl preserves + criblSourceProvenance when you omit it from the request + body, and you cannot overwrite it through this endpoint. + parameters: + - name: id + in: path + required: true + schema: + type: string + description: The id of the Source to update. requestBody: - description: CriblLakeDatasetUpdate object. + description: Input object. required: true content: application/json: schema: - $ref: "#/components/schemas/CriblLakeDatasetUpdate" + $ref: "#/components/schemas/Input" examples: - LakeDatasetUpdateExamplesUpdateRetention: - $ref: "#/components/examples/LakeDatasetUpdateExamplesUpdateRetention" - LakeDatasetUpdateExamplesUpdateDescription: - $ref: "#/components/examples/LakeDatasetUpdateExamplesUpdateDescription" + UpdateInputExamplesAnthropicCompliance: + $ref: "#/components/examples/UpdateInputExamplesAnthropicCompliance" + UpdateInputExamplesAppleUnifiedLogs: + $ref: "#/components/examples/UpdateInputExamplesAppleUnifiedLogs" + UpdateInputExamplesAppscope: + $ref: "#/components/examples/UpdateInputExamplesAppscope" + UpdateInputExamplesAzureBlob: + $ref: "#/components/examples/UpdateInputExamplesAzureBlob" + UpdateInputExamplesCloudflareHec: + $ref: "#/components/examples/UpdateInputExamplesCloudflareHec" + UpdateInputExamplesConfluentCloud: + $ref: "#/components/examples/UpdateInputExamplesConfluentCloud" + UpdateInputExamplesCollection: + $ref: "#/components/examples/UpdateInputExamplesCollection" + UpdateInputExamplesCribl: + $ref: "#/components/examples/UpdateInputExamplesCribl" + UpdateInputExamplesCriblHttp: + $ref: "#/components/examples/UpdateInputExamplesCriblHttp" + UpdateInputExamplesCriblLakeHttp: + $ref: "#/components/examples/UpdateInputExamplesCriblLakeHttp" + UpdateInputExamplesCriblMetrics: + $ref: "#/components/examples/UpdateInputExamplesCriblMetrics" + UpdateInputExamplesCriblTcp: + $ref: "#/components/examples/UpdateInputExamplesCriblTcp" + UpdateInputExamplesCrowdstrike: + $ref: "#/components/examples/UpdateInputExamplesCrowdstrike" + UpdateInputExamplesDatadogAgent: + $ref: "#/components/examples/UpdateInputExamplesDatadogAgent" + UpdateInputExamplesDatagen: + $ref: "#/components/examples/UpdateInputExamplesDatagen" + UpdateInputExamplesEdgePrometheus: + $ref: "#/components/examples/UpdateInputExamplesEdgePrometheus" + UpdateInputExamplesElastic: + $ref: "#/components/examples/UpdateInputExamplesElastic" + UpdateInputExamplesEventhub: + $ref: "#/components/examples/UpdateInputExamplesEventhub" + UpdateInputExamplesEventhubAmqp: + $ref: "#/components/examples/UpdateInputExamplesEventhubAmqp" + UpdateInputExamplesExec: + $ref: "#/components/examples/UpdateInputExamplesExec" + UpdateInputExamplesFile: + $ref: "#/components/examples/UpdateInputExamplesFile" + UpdateInputExamplesFirehose: + $ref: "#/components/examples/UpdateInputExamplesFirehose" + UpdateInputExamplesGrafana: + $ref: "#/components/examples/UpdateInputExamplesGrafana" + UpdateInputExamplesGooglePubsub: + $ref: "#/components/examples/UpdateInputExamplesGooglePubsub" + UpdateInputExamplesHttp: + $ref: "#/components/examples/UpdateInputExamplesHttp" + UpdateInputExamplesHttpRaw: + $ref: "#/components/examples/UpdateInputExamplesHttpRaw" + UpdateInputExamplesJournalFiles: + $ref: "#/components/examples/UpdateInputExamplesJournalFiles" + UpdateInputExamplesKafka: + $ref: "#/components/examples/UpdateInputExamplesKafka" + UpdateInputExamplesKinesis: + $ref: "#/components/examples/UpdateInputExamplesKinesis" + UpdateInputExamplesKubeEvents: + $ref: "#/components/examples/UpdateInputExamplesKubeEvents" + UpdateInputExamplesKubeLogs: + $ref: "#/components/examples/UpdateInputExamplesKubeLogs" + UpdateInputExamplesKubeMetrics: + $ref: "#/components/examples/UpdateInputExamplesKubeMetrics" + UpdateInputExamplesLoki: + $ref: "#/components/examples/UpdateInputExamplesLoki" + UpdateInputExamplesMetrics: + $ref: "#/components/examples/UpdateInputExamplesMetrics" + UpdateInputExamplesModelDrivenTelemetry: + $ref: "#/components/examples/UpdateInputExamplesModelDrivenTelemetry" + UpdateInputExamplesMsk: + $ref: "#/components/examples/UpdateInputExamplesMsk" + UpdateInputExamplesNetflow: + $ref: "#/components/examples/UpdateInputExamplesNetflow" + UpdateInputExamplesOffice365Mgmt: + $ref: "#/components/examples/UpdateInputExamplesOffice365Mgmt" + UpdateInputExamplesMicrosoftGraph: + $ref: "#/components/examples/UpdateInputExamplesMicrosoftGraph" + UpdateInputExamplesOffice365MsgTrace: + $ref: "#/components/examples/UpdateInputExamplesOffice365MsgTrace" + UpdateInputExamplesOffice365Service: + $ref: "#/components/examples/UpdateInputExamplesOffice365Service" + UpdateInputExamplesOkta: + $ref: "#/components/examples/UpdateInputExamplesOkta" + UpdateInputExamplesOpenAI: + $ref: "#/components/examples/UpdateInputExamplesOpenAI" + UpdateInputExamplesOpenAIComplianceLogs: + $ref: "#/components/examples/UpdateInputExamplesOpenAIComplianceLogs" + UpdateInputExamplesOpenTelemetry: + $ref: "#/components/examples/UpdateInputExamplesOpenTelemetry" + UpdateInputExamplesPrometheus: + $ref: "#/components/examples/UpdateInputExamplesPrometheus" + UpdateInputExamplesPrometheusRw: + $ref: "#/components/examples/UpdateInputExamplesPrometheusRw" + UpdateInputExamplesRawUdp: + $ref: "#/components/examples/UpdateInputExamplesRawUdp" + UpdateInputExamplesS3: + $ref: "#/components/examples/UpdateInputExamplesS3" + UpdateInputExamplesS3Inventory: + $ref: "#/components/examples/UpdateInputExamplesS3Inventory" + UpdateInputExamplesSecurityLake: + $ref: "#/components/examples/UpdateInputExamplesSecurityLake" + UpdateInputExamplesServiceNowTable: + $ref: "#/components/examples/UpdateInputExamplesServiceNowTable" + UpdateInputExamplesSnmp: + $ref: "#/components/examples/UpdateInputExamplesSnmp" + UpdateInputExamplesSplunk: + $ref: "#/components/examples/UpdateInputExamplesSplunk" + UpdateInputExamplesSplunkHec: + $ref: "#/components/examples/UpdateInputExamplesSplunkHec" + UpdateInputExamplesSplunkSearch: + $ref: "#/components/examples/UpdateInputExamplesSplunkSearch" + UpdateInputExamplesSqs: + $ref: "#/components/examples/UpdateInputExamplesSqs" + UpdateInputExamplesSyslog: + $ref: "#/components/examples/UpdateInputExamplesSyslog" + UpdateInputExamplesSystemMetrics: + $ref: "#/components/examples/UpdateInputExamplesSystemMetrics" + UpdateInputExamplesSystemState: + $ref: "#/components/examples/UpdateInputExamplesSystemState" + UpdateInputExamplesTcp: + $ref: "#/components/examples/UpdateInputExamplesTcp" + UpdateInputExamplesTcpjson: + $ref: "#/components/examples/UpdateInputExamplesTcpjson" + UpdateInputExamplesWef: + $ref: "#/components/examples/UpdateInputExamplesWef" + UpdateInputExamplesWinEventLogs: + $ref: "#/components/examples/UpdateInputExamplesWinEventLogs" + UpdateInputExamplesWindowsMetrics: + $ref: "#/components/examples/UpdateInputExamplesWindowsMetrics" + UpdateInputExamplesWiz: + $ref: "#/components/examples/UpdateInputExamplesWiz" + UpdateInputExamplesWizWebhook: + $ref: "#/components/examples/UpdateInputExamplesWizWebhook" + UpdateInputExamplesZscalerHec: + $ref: "#/components/examples/UpdateInputExamplesZscalerHec" + responses: + "200": + description: the updated Source object + content: + application/json: + schema: + $ref: "#/components/schemas/CountedInputResponse" + "401": + description: Authentication failed (missing or invalid credentials or Bearer + token). + "500": + description: Unexpected server error. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + delete: + operationId: deleteInputById + x-speakeasy-group: sources + x-cribl-internal: false + x-cribl-availability: both + x-speakeasy-name-override: delete + tags: + - sources + summary: Delete a Source + description: Delete the specified Source. parameters: - - name: lakeId - in: path - required: true - schema: - type: string - description: The id of the Lake that contains the Lake Dataset to update. - name: id in: path required: true schema: type: string - description: The id of the Lake Dataset to update. - /auth/login: - post: - operationId: createAuthLogin - tags: - - auth - x-speakeasy-group: auth.tokens - x-speakeasy-name-override: get - x-cribl-internal: false - x-cribl-availability: both - summary: Log in and fetch an authentication token - description: This endpoint is unavailable on Cribl.Cloud.Instead, follow the instructions at https://docs.cribl.io/stream/api-tutorials/#criblcloud to get an Auth token for Cribl.Cloud. - security: [] + description: The id of the Source to delete. responses: "200": - description: Authentication token + description: the deleted Source object content: application/json: schema: - $ref: "#/components/schemas/AuthToken" + $ref: "#/components/schemas/CountedInputResponse" "401": - description: Invalid credentials or authentication failed - "429": - description: Rate limit exceeded - headers: - retry-after: - description: Number of seconds the client should wait before retrying the request - schema: - type: integer - example: 60 + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - requestBody: - description: LoginInfo object. - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/LoginInfo" - /system/capture: + /system/inputs/{id}/hectoken: post: - operationId: createSystemCapture + operationId: createInputHecTokenById tags: - - preview - x-speakeasy-group: system.captures + - sources + x-speakeasy-group: sources.hecTokens x-speakeasy-name-override: create x-cribl-internal: false x-cribl-availability: both - summary: Capture live incoming data - description: Initiate a live data capture from Cribl Workers.Returns a stream of captured events in NDJSON format that match the parameters specified in the request body. + summary: Add an HEC token and optional metadata to a Splunk HEC Source + description: Add an HEC token and optional metadata to the specified Splunk HEC + Source. responses: "200": - description: Stream of captured events. + description: the updated Splunk HEC Source with the new HEC token content: - application/x-ndjson: + application/json: schema: - $ref: "#/components/schemas/CapturedEvent" - "400": - description: No worker nodes are connected to this worker group. + $ref: "#/components/schemas/CountedInputSplunkHec" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -56862,86 +69160,100 @@ paths: schema: $ref: "#/components/schemas/Error" requestBody: - description: CaptureParamsReq object. + description: AddHecTokenRequest object. required: true content: application/json: schema: - $ref: "#/components/schemas/CaptureParamsReq" + $ref: "#/components/schemas/AddHecTokenRequest" examples: - CaptureExamplesSimpleExpression: - $ref: "#/components/examples/CaptureExamplesSimpleExpression" - CaptureExamplesCompoundAndExpression: - $ref: "#/components/examples/CaptureExamplesCompoundAndExpression" - CaptureExamplesNestedFieldAccess: - $ref: "#/components/examples/CaptureExamplesNestedFieldAccess" - CaptureExamplesComplexFilter: - $ref: "#/components/examples/CaptureExamplesComplexFilter" - /products/{product}/summary/workers: - get: - operationId: getProductsSummaryWorkersByProduct + HecTokenExamplesHecToken: + $ref: "#/components/examples/HecTokenExamplesHecToken" + HecTokenExamplesHecTokenWithIndexAccess: + $ref: "#/components/examples/HecTokenExamplesHecTokenWithIndexAccess" + parameters: + - name: id + in: path + required: true + schema: + type: string + description: The id of the Splunk HEC Source. + /system/inputs/{id}/hectoken/{token}: + patch: + operationId: updateInputHecTokenByIdAndToken tags: - - workers - x-speakeasy-group: nodes - x-speakeasy-name-override: count + - sources + x-speakeasy-group: sources.hecTokens + x-speakeasy-name-override: update x-cribl-internal: false x-cribl-availability: both - summary: Get a count of Worker, Edge, or Outpost Nodes - description: Get a count of all Worker, Edge, or Outpost Nodes for the specified Cribl product. + summary: Update metadata for an HEC token for a Splunk HEC Source + description: Update the metadata for the specified HEC token for the specified + Splunk HEC Source. responses: "200": - description: List of number objects. + description: the updated HEC token content: application/json: schema: - $ref: "#/components/schemas/CountedNumber" - "400": - description: Bad Request if the product is not "stream", "edge", or "outpost" + $ref: "#/components/schemas/CountedInputSplunkHec" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). - "403": - description: Forbidden to access product because you don't have permissions + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" + requestBody: + description: UpdateHecTokenRequest object. + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/UpdateHecTokenRequest" + examples: + HecTokenExamplesHecToken: + $ref: "#/components/examples/HecTokenExamplesHecToken" + HecTokenExamplesHecTokenWithIndexAccess: + $ref: "#/components/examples/HecTokenExamplesHecTokenWithIndexAccess" parameters: - - name: product + - name: id in: path required: true schema: - $ref: "#/components/schemas/ProductsCore" - description: Name of the Cribl product to get the count of Worker, Edge, or Outpost Nodes for. - - name: filterExp - in: query - required: false + type: string + description: The id of the Splunk HEC Source. + - name: token + in: path + required: true schema: type: string - description: Filter expression to evaluate against Nodes for inclusion in the response. - /products/{product}/workers/{id}: + description: The HEC token value to update. + /system/inputs/{id}/pq: get: - operationId: getProductsWorkersByProductAndId + operationId: getInputPqById tags: - - workers - x-speakeasy-group: nodes + - sources + x-speakeasy-group: sources.pq x-speakeasy-name-override: get x-cribl-internal: false x-cribl-availability: both - summary: Get detailed metadata for a Worker, Edge, or Outpost Node - description: Get detailed metadata for the specified Worker, Edge, or Outpost Node for the specified Cribl product. + summary: Get information about the latest job to clear the persistent queue for + a Source + description: Get information about the latest job to clear the persistent queue + (PQ) for the specified Source. responses: "200": - description: List of MasterWorkerEntry objects. + description: information about the latest job to clear the PQ for the Source content: application/json: schema: - $ref: "#/components/schemas/CountedMasterWorkerEntry" + $ref: "#/components/schemas/CountedJobInfo" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). - "403": - description: Forbidden to access product because you don't have permissions + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -56949,42 +69261,33 @@ paths: schema: $ref: "#/components/schemas/Error" parameters: - - name: product - in: path - required: true - schema: - $ref: "#/components/schemas/ProductsCore" - description: Name of the Cribl product that contains the Node. - name: id in: path required: true schema: type: string - description: The id of the Node to get the metadata for. - /products/{product}/workers: - get: - operationId: getProductsWorkersByProduct + description: The id of the Source to get PQ job information for. + delete: + operationId: deleteInputPqById tags: - - workers - x-speakeasy-group: nodes - x-speakeasy-name-override: list + - sources + x-speakeasy-group: sources.pq + x-speakeasy-name-override: clear x-cribl-internal: false x-cribl-availability: both - summary: Get detailed metadata for Worker, Edge, or Outpost Nodes - description: Get detailed metadata for Worker, Edge, or Outpost Nodes for the specified Cribl product. + summary: Clear the persistent queue for a Source + description: Clear the persistent queue (PQ) for the specified Source. responses: - "200": - description: List of MasterWorkerEntry objects. + "201": + description: A list of job ids for the background job that clears the persistent + queue content: application/json: schema: - $ref: "#/components/schemas/CountedMasterWorkerEntry" - "400": - description: Bad Request if the product is not "stream", "edge", or "outpost" + $ref: "#/components/schemas/CountedString" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). - "403": - description: Forbidden to access product because you don't have permissions + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -56992,321 +69295,567 @@ paths: schema: $ref: "#/components/schemas/Error" parameters: - - name: product + - name: id in: path required: true - schema: - $ref: "#/components/schemas/ProductsCore" - description: Name of the Cribl product to get Worker, Edge, or Outpost Nodes for. - - name: filterExp - in: query - required: false - schema: - type: string - description: Filter expression to evaluate against Nodes for inclusion in the response. - - name: sortExp - in: query - required: false - schema: - type: string - description: Sorting expression to evaluate against Nodes to specify the sort order for the response. - - name: filter - in: query - required: false schema: type: string - description: JSON-stringified filter object to evaluate against Nodes for inclusion in the response. - - name: sort - in: query - required: false - schema: - type: string - description: JSON-stringified sorting object to evaluate against Nodes to specify the sort order for the response. - - name: limit - in: query - required: false - schema: - type: integer - description: Maximum number of Nodes to return in the response for this request. Use with offset to paginate the response into manageable batches. - - name: offset - in: query - required: false - schema: - type: integer - description: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. - x-speakeasy-pagination: - type: offsetLimit - inputs: - - name: offset - in: parameters - type: offset - - name: limit - in: parameters - type: limit - outputs: - results: $.items - /products/{product}/workers/restart: - patch: - operationId: updateProductsWorkersRestartByProduct - tags: - - workers - x-speakeasy-group: nodes - x-speakeasy-name-override: restart + description: The id of the Source to clear the PQ for. + /system/outputs: + get: + operationId: listOutput + x-speakeasy-group: destinations x-cribl-internal: false x-cribl-availability: both - summary: Restart Worker, Edge, or Outpost Nodes - description: Restart all Worker, Edge, or Outpost Nodes for the specified Cribl product. + x-speakeasy-name-override: list + tags: + - destinations + summary: List all Destinations + description: Get a list of all Destinations. responses: "200": - description: The updated RestartResponse object in a single-item list. + description: a list of Destination objects content: application/json: schema: - $ref: "#/components/schemas/CountedRestartResponse" - "400": - description: Bad Request if the product is not "stream", "edge", or "outpost" + $ref: "#/components/schemas/CountedOutputResponse" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). - "403": - description: Forbidden to access product because you don't have permissions + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" + parameters: + - name: type + in: query + required: false + schema: + $ref: "#/components/schemas/DestinationType" + description: Type of Destination to include in the results. Each request can + include only one type parameter; multiple parameters + per request are not supported. + post: + operationId: createOutput + x-speakeasy-group: destinations + x-cribl-internal: false + x-cribl-availability: both + x-speakeasy-name-override: create + tags: + - destinations + summary: Create a Destination + description: Create a new Destination. requestBody: - description: RestartRequest object. + description: Output object. required: true content: application/json: schema: - $ref: "#/components/schemas/RestartRequest" + allOf: + - $ref: "#/components/schemas/Output" + - type: object + required: + - id examples: - RestartWorkersExamplesRestartWorkers: - $ref: "#/components/examples/RestartWorkersExamplesRestartWorkers" - parameters: - - name: product - in: path - required: true - schema: - $ref: "#/components/schemas/ProductsCore" - description: Name of the Cribl product whose Worker, Edge, or Outpost Nodes you want to restart. - /products/{product}/summary: - get: - operationId: getProductsSummaryByProduct - tags: - - distributed - x-speakeasy-group: nodes.summaries - x-speakeasy-name-override: get - x-cribl-internal: false - x-cribl-availability: both - summary: Get a summary of the deployment for a specific product. - description: Get a summary of the deployment for the specified Cribl product (Stream or Edge).

The summary includes a count of Worker Groups or Edge Fleets and resources such as Pipelines, Routes, Sources, and Destinations. For Distributed deployments, it also includes a count and statistics for Worker or Edge Nodes. + OutputCreateExamplesTcpjson: + $ref: "#/components/examples/OutputCreateExamplesTcpjson" + OutputCreateExamplesSplunk: + $ref: "#/components/examples/OutputCreateExamplesSplunk" + OutputCreateExamplesSplunkLb: + $ref: "#/components/examples/OutputCreateExamplesSplunkLb" + OutputCreateExamplesSplunkHec: + $ref: "#/components/examples/OutputCreateExamplesSplunkHec" + OutputCreateExamplesSyslog: + $ref: "#/components/examples/OutputCreateExamplesSyslog" + OutputCreateExamplesFilesystem: + $ref: "#/components/examples/OutputCreateExamplesFilesystem" + OutputCreateExamplesS3: + $ref: "#/components/examples/OutputCreateExamplesS3" + OutputCreateExamplesNutanixObjects: + $ref: "#/components/examples/OutputCreateExamplesNutanixObjects" + OutputCreateExamplesStorjS3: + $ref: "#/components/examples/OutputCreateExamplesStorjS3" + OutputCreateExamplesAlphasocS3: + $ref: "#/components/examples/OutputCreateExamplesAlphasocS3" + OutputCreateExamplesdellS3: + $ref: "#/components/examples/OutputCreateExamplesdellS3" + OutputCreateExamplescloudianS3: + $ref: "#/components/examples/OutputCreateExamplescloudianS3" + OutputCreateExamplesscalityS3: + $ref: "#/components/examples/OutputCreateExamplesscalityS3" + OutputCreateExamplesalibabaCloudS3: + $ref: "#/components/examples/OutputCreateExamplesalibabaCloudS3" + OutputCreateExamplesAzureBlob: + $ref: "#/components/examples/OutputCreateExamplesAzureBlob" + OutputCreateExamplesAzureDataExplorer: + $ref: "#/components/examples/OutputCreateExamplesAzureDataExplorer" + OutputCreateExamplesSentinel: + $ref: "#/components/examples/OutputCreateExamplesSentinel" + OutputCreateExamplesAzureLogs: + $ref: "#/components/examples/OutputCreateExamplesAzureLogs" + OutputCreateExamplesKafka: + $ref: "#/components/examples/OutputCreateExamplesKafka" + OutputCreateExamplesConfluentCloud: + $ref: "#/components/examples/OutputCreateExamplesConfluentCloud" + OutputCreateExamplesMsk: + $ref: "#/components/examples/OutputCreateExamplesMsk" + OutputCreateExamplesKinesis: + $ref: "#/components/examples/OutputCreateExamplesKinesis" + OutputCreateExamplesElastic: + $ref: "#/components/examples/OutputCreateExamplesElastic" + OutputCreateExamplesElasticCloud: + $ref: "#/components/examples/OutputCreateExamplesElasticCloud" + OutputCreateExamplesMicrosoftFabric: + $ref: "#/components/examples/OutputCreateExamplesMicrosoftFabric" + OutputCreateExamplesCloudflareR2: + $ref: "#/components/examples/OutputCreateExamplesCloudflareR2" + OutputCreateExamplesHoneycomb: + $ref: "#/components/examples/OutputCreateExamplesHoneycomb" + OutputCreateExamplesNewrelic: + $ref: "#/components/examples/OutputCreateExamplesNewrelic" + OutputCreateExamplesNewrelicEvents: + $ref: "#/components/examples/OutputCreateExamplesNewrelicEvents" + OutputCreateExamplesSnmp: + $ref: "#/components/examples/OutputCreateExamplesSnmp" + OutputCreateExamplesInfluxdb: + $ref: "#/components/examples/OutputCreateExamplesInfluxdb" + OutputCreateExamplesMinio: + $ref: "#/components/examples/OutputCreateExamplesMinio" + OutputCreateExamplesCloudwatch: + $ref: "#/components/examples/OutputCreateExamplesCloudwatch" + OutputCreateExamplesAzureEventhub: + $ref: "#/components/examples/OutputCreateExamplesAzureEventhub" + OutputCreateExamplesStatsd: + $ref: "#/components/examples/OutputCreateExamplesStatsd" + OutputCreateExamplesStatsdExt: + $ref: "#/components/examples/OutputCreateExamplesStatsdExt" + OutputCreateExamplesGraphite: + $ref: "#/components/examples/OutputCreateExamplesGraphite" + OutputCreateExamplesWavefront: + $ref: "#/components/examples/OutputCreateExamplesWavefront" + OutputCreateExamplesSignalfx: + $ref: "#/components/examples/OutputCreateExamplesSignalfx" + OutputCreateExamplesSqs: + $ref: "#/components/examples/OutputCreateExamplesSqs" + OutputCreateExamplesGoogleCloudStorage: + $ref: "#/components/examples/OutputCreateExamplesGoogleCloudStorage" + OutputCreateExamplesSumoLogic: + $ref: "#/components/examples/OutputCreateExamplesSumoLogic" + OutputCreateExamplesDatadog: + $ref: "#/components/examples/OutputCreateExamplesDatadog" + OutputCreateExamplesWebhook: + $ref: "#/components/examples/OutputCreateExamplesWebhook" + OutputCreateExamplesPrometheus: + $ref: "#/components/examples/OutputCreateExamplesPrometheus" + OutputCreateExamplesGooglePubsub: + $ref: "#/components/examples/OutputCreateExamplesGooglePubsub" + OutputCreateExamplesGoogleChronicle: + $ref: "#/components/examples/OutputCreateExamplesGoogleChronicle" + OutputCreateExamplesChronicle: + $ref: "#/components/examples/OutputCreateExamplesChronicle" + OutputCreateExamplesGrafanaCloud: + $ref: "#/components/examples/OutputCreateExamplesGrafanaCloud" + OutputCreateExamplesLoki: + $ref: "#/components/examples/OutputCreateExamplesLoki" + OutputCreateExamplesOpenTelemetry: + $ref: "#/components/examples/OutputCreateExamplesOpenTelemetry" + OutputCreateExamplesServiceNow: + $ref: "#/components/examples/OutputCreateExamplesServiceNow" + OutputCreateExamplesDynatraceOtlp: + $ref: "#/components/examples/OutputCreateExamplesDynatraceOtlp" + OutputCreateExamplesGoogleCloudObservability: + $ref: "#/components/examples/OutputCreateExamplesGoogleCloudObservability" + OutputCreateExamplesSentinelOneAiSiem: + $ref: "#/components/examples/OutputCreateExamplesSentinelOneAiSiem" + OutputCreateExamplesDataset: + $ref: "#/components/examples/OutputCreateExamplesDataset" + OutputCreateExamplesRing: + $ref: "#/components/examples/OutputCreateExamplesRing" + OutputCreateExamplesRouter: + $ref: "#/components/examples/OutputCreateExamplesRouter" + OutputCreateExamplesWizHec: + $ref: "#/components/examples/OutputCreateExamplesWizHec" + OutputCreateExamplesHumioHec: + $ref: "#/components/examples/OutputCreateExamplesHumioHec" + OutputCreateExamplesCrowdstrikeNextGenSiem: + $ref: "#/components/examples/OutputCreateExamplesCrowdstrikeNextGenSiem" + OutputCreateExamplesCriblHttp: + $ref: "#/components/examples/OutputCreateExamplesCriblHttp" + OutputCreateExamplesCriblTcp: + $ref: "#/components/examples/OutputCreateExamplesCriblTcp" + OutputCreateExamplesCriblSearchEngine: + $ref: "#/components/examples/OutputCreateExamplesCriblSearchEngine" + OutputCreateExamplesGoogleCloudLogging: + $ref: "#/components/examples/OutputCreateExamplesGoogleCloudLogging" + OutputCreateExamplesSns: + $ref: "#/components/examples/OutputCreateExamplesSns" + OutputCreateExamplesDlS3: + $ref: "#/components/examples/OutputCreateExamplesDlS3" + OutputCreateExamplesSecurityLake: + $ref: "#/components/examples/OutputCreateExamplesSecurityLake" + OutputCreateExamplesCriblLake: + $ref: "#/components/examples/OutputCreateExamplesCriblLake" + OutputCreateExamplesExabeam: + $ref: "#/components/examples/OutputCreateExamplesExabeam" + OutputCreateExamplesDiskSpool: + $ref: "#/components/examples/OutputCreateExamplesDiskSpool" + OutputCreateExamplesClickHouse: + $ref: "#/components/examples/OutputCreateExamplesClickHouse" + OutputCreateExamplesLocalSearchStorage: + $ref: "#/components/examples/OutputCreateExamplesLocalSearchStorage" + OutputCreateExamplesXsiam: + $ref: "#/components/examples/OutputCreateExamplesXsiam" + OutputCreateExamplesNetflow: + $ref: "#/components/examples/OutputCreateExamplesNetflow" + OutputCreateExamplesDynatraceHttp: + $ref: "#/components/examples/OutputCreateExamplesDynatraceHttp" + OutputCreateExamplesDatabricks: + $ref: "#/components/examples/OutputCreateExamplesDatabricks" responses: "200": - description: List of DistributedSummary objects. + description: the created Destination object content: application/json: schema: - $ref: "#/components/schemas/CountedDistributedSummary" - "400": - description: Bad Request if the product is not "stream" or "edge" + $ref: "#/components/schemas/CountedOutputResponse" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). - "403": - description: Forbidden to access product because you don't have permissions + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" + /system/outputs/{id}: + get: + operationId: getOutputById + x-speakeasy-group: destinations + x-cribl-internal: false + x-cribl-availability: both + x-speakeasy-name-override: get + tags: + - destinations + summary: Get a Destination + description: Get the specified Destination. parameters: - - name: product + - name: id in: path required: true schema: - $ref: "#/components/schemas/ProductsBase" - description: Name of the Cribl product to get the summary for. - /health: - get: - operationId: getHealth - tags: - - health - x-speakeasy-group: health - x-speakeasy-name-override: get - x-cribl-internal: false - x-cribl-availability: both - summary: Get the health status of the server - description: Get the current health status of the server (Leader or Worker Node). In Distributed deployments, requests routed to a Worker or Edge node using the [host context](https://docs.cribl.io/cribl-as-code/api#base-url-group-fleet-host) require a Bearer token for [authentication](https://docs.cribl.io/cribl-as-code/api-auth/). - security: - - {} - - bearerAuth: [] - - clientOauth: [] + type: string + description: The id of the Destination to get. responses: "200": - description: Healthy status - content: - application/json: - schema: - $ref: "#/components/schemas/HealthServerStatus" - examples: - HealthExamplesHealthyPrimary: - $ref: "#/components/examples/HealthExamplesHealthyPrimary" - "420": - description: Server is shutting down or in standby mode + description: a Destination object content: application/json: schema: - $ref: "#/components/schemas/HealthServerStatus" - examples: - Health420ExamplesShuttingDown: - $ref: "#/components/examples/Health420ExamplesShuttingDown" - Health420ExamplesStandby: - $ref: "#/components/examples/Health420ExamplesStandby" + $ref: "#/components/schemas/CountedOutputResponse" + "401": + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - /packs: - post: - operationId: createPacks - tags: - - packs - x-speakeasy-group: packs - x-speakeasy-name-override: install + patch: + operationId: updateOutputById + x-speakeasy-group: destinations x-cribl-internal: false x-cribl-availability: both - summary: Install a Pack - description: Install a Pack.

To install an uploaded Pack, provide the source value from the PUT /packs response as the source parameter in the request body.

To install a Pack by importing from a URL, provide the direct URL location of the .crbl file for the Pack as the source parameter in the request body.

To install a Pack by importing from a Git repository, provide git+ as the source parameter in the request body.

If you do not include the source parameter in the request body, an empty Pack is created. + x-speakeasy-name-override: update + tags: + - destinations + summary: Update a Destination + description: Update the specified Destination.

Provide a complete + representation of the Destination that you want to update in the request + body. This endpoint does not support partial updates. Cribl removes any + omitted fields when updating the Destination.

Confirm that the + configuration in your request body is correct before sending the + request. If the configuration is incorrect, the updated Destination + might not function as expected. + parameters: + - name: id + in: path + required: true + schema: + type: string + description: The id of the Destination to update. + requestBody: + description: Output object. + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/Output" + examples: + UpdateOutputExamplesDefault: + $ref: "#/components/examples/UpdateOutputExamplesDefault" + UpdateOutputExamplesTcpjson: + $ref: "#/components/examples/UpdateOutputExamplesTcpjson" + UpdateOutputExamplesSplunk: + $ref: "#/components/examples/UpdateOutputExamplesSplunk" + UpdateOutputExamplesSplunkLb: + $ref: "#/components/examples/UpdateOutputExamplesSplunkLb" + UpdateOutputExamplesSplunkHec: + $ref: "#/components/examples/UpdateOutputExamplesSplunkHec" + UpdateOutputExamplesSyslog: + $ref: "#/components/examples/UpdateOutputExamplesSyslog" + UpdateOutputExamplesFilesystem: + $ref: "#/components/examples/UpdateOutputExamplesFilesystem" + UpdateOutputExamplesS3: + $ref: "#/components/examples/UpdateOutputExamplesS3" + UpdateOutputExamplesNutanixObjects: + $ref: "#/components/examples/UpdateOutputExamplesNutanixObjects" + UpdateOutputExamplesStorjS3: + $ref: "#/components/examples/UpdateOutputExamplesStorjS3" + UpdateOutputExamplesAlphasocS3: + $ref: "#/components/examples/UpdateOutputExamplesAlphasocS3" + UpdateOutputExamplesdellS3: + $ref: "#/components/examples/UpdateOutputExamplesdellS3" + UpdateOutputExamplescloudianS3: + $ref: "#/components/examples/UpdateOutputExamplescloudianS3" + UpdateOutputExamplesscalityS3: + $ref: "#/components/examples/UpdateOutputExamplesscalityS3" + UpdateOutputExamplesalibabaCloudS3: + $ref: "#/components/examples/UpdateOutputExamplesalibabaCloudS3" + UpdateOutputExamplesAzureBlob: + $ref: "#/components/examples/UpdateOutputExamplesAzureBlob" + UpdateOutputExamplesAzureDataExplorer: + $ref: "#/components/examples/UpdateOutputExamplesAzureDataExplorer" + UpdateOutputExamplesSentinel: + $ref: "#/components/examples/UpdateOutputExamplesSentinel" + UpdateOutputExamplesAzureLogs: + $ref: "#/components/examples/UpdateOutputExamplesAzureLogs" + UpdateOutputExamplesKafka: + $ref: "#/components/examples/UpdateOutputExamplesKafka" + UpdateOutputExamplesConfluentCloud: + $ref: "#/components/examples/UpdateOutputExamplesConfluentCloud" + UpdateOutputExamplesMsk: + $ref: "#/components/examples/UpdateOutputExamplesMsk" + UpdateOutputExamplesKinesis: + $ref: "#/components/examples/UpdateOutputExamplesKinesis" + UpdateOutputExamplesElastic: + $ref: "#/components/examples/UpdateOutputExamplesElastic" + UpdateOutputExamplesElasticCloud: + $ref: "#/components/examples/UpdateOutputExamplesElasticCloud" + UpdateOutputExamplesMicrosoftFabric: + $ref: "#/components/examples/UpdateOutputExamplesMicrosoftFabric" + UpdateOutputExamplesCloudflareR2: + $ref: "#/components/examples/UpdateOutputExamplesCloudflareR2" + UpdateOutputExamplesHoneycomb: + $ref: "#/components/examples/UpdateOutputExamplesHoneycomb" + UpdateOutputExamplesNewrelic: + $ref: "#/components/examples/UpdateOutputExamplesNewrelic" + UpdateOutputExamplesNewrelicEvents: + $ref: "#/components/examples/UpdateOutputExamplesNewrelicEvents" + UpdateOutputExamplesSnmp: + $ref: "#/components/examples/UpdateOutputExamplesSnmp" + UpdateOutputExamplesInfluxdb: + $ref: "#/components/examples/UpdateOutputExamplesInfluxdb" + UpdateOutputExamplesMinio: + $ref: "#/components/examples/UpdateOutputExamplesMinio" + UpdateOutputExamplesCloudwatch: + $ref: "#/components/examples/UpdateOutputExamplesCloudwatch" + UpdateOutputExamplesAzureEventhub: + $ref: "#/components/examples/UpdateOutputExamplesAzureEventhub" + UpdateOutputExamplesStatsd: + $ref: "#/components/examples/UpdateOutputExamplesStatsd" + UpdateOutputExamplesStatsdExt: + $ref: "#/components/examples/UpdateOutputExamplesStatsdExt" + UpdateOutputExamplesGraphite: + $ref: "#/components/examples/UpdateOutputExamplesGraphite" + UpdateOutputExamplesWavefront: + $ref: "#/components/examples/UpdateOutputExamplesWavefront" + UpdateOutputExamplesSignalfx: + $ref: "#/components/examples/UpdateOutputExamplesSignalfx" + UpdateOutputExamplesSqs: + $ref: "#/components/examples/UpdateOutputExamplesSqs" + UpdateOutputExamplesGoogleCloudStorage: + $ref: "#/components/examples/UpdateOutputExamplesGoogleCloudStorage" + UpdateOutputExamplesSumoLogic: + $ref: "#/components/examples/UpdateOutputExamplesSumoLogic" + UpdateOutputExamplesDatadog: + $ref: "#/components/examples/UpdateOutputExamplesDatadog" + UpdateOutputExamplesWebhook: + $ref: "#/components/examples/UpdateOutputExamplesWebhook" + UpdateOutputExamplesPrometheus: + $ref: "#/components/examples/UpdateOutputExamplesPrometheus" + UpdateOutputExamplesGooglePubsub: + $ref: "#/components/examples/UpdateOutputExamplesGooglePubsub" + UpdateOutputExamplesGoogleChronicle: + $ref: "#/components/examples/UpdateOutputExamplesGoogleChronicle" + UpdateOutputExamplesChronicle: + $ref: "#/components/examples/UpdateOutputExamplesChronicle" + UpdateOutputExamplesGrafanaCloud: + $ref: "#/components/examples/UpdateOutputExamplesGrafanaCloud" + UpdateOutputExamplesLoki: + $ref: "#/components/examples/UpdateOutputExamplesLoki" + UpdateOutputExamplesOpenTelemetry: + $ref: "#/components/examples/UpdateOutputExamplesOpenTelemetry" + UpdateOutputExamplesServiceNow: + $ref: "#/components/examples/UpdateOutputExamplesServiceNow" + UpdateOutputExamplesDynatraceOtlp: + $ref: "#/components/examples/UpdateOutputExamplesDynatraceOtlp" + UpdateOutputExamplesGoogleCloudObservability: + $ref: "#/components/examples/UpdateOutputExamplesGoogleCloudObservability" + UpdateOutputExamplesSentinelOneAiSiem: + $ref: "#/components/examples/UpdateOutputExamplesSentinelOneAiSiem" + UpdateOutputExamplesDataset: + $ref: "#/components/examples/UpdateOutputExamplesDataset" + UpdateOutputExamplesRing: + $ref: "#/components/examples/UpdateOutputExamplesRing" + UpdateOutputExamplesRouter: + $ref: "#/components/examples/UpdateOutputExamplesRouter" + UpdateOutputExamplesWizHec: + $ref: "#/components/examples/UpdateOutputExamplesWizHec" + UpdateOutputExamplesHumioHec: + $ref: "#/components/examples/UpdateOutputExamplesHumioHec" + UpdateOutputExamplesCrowdstrikeNextGenSiem: + $ref: "#/components/examples/UpdateOutputExamplesCrowdstrikeNextGenSiem" + UpdateOutputExamplesCriblHttp: + $ref: "#/components/examples/UpdateOutputExamplesCriblHttp" + UpdateOutputExamplesCriblTcp: + $ref: "#/components/examples/UpdateOutputExamplesCriblTcp" + UpdateOutputExamplesCriblSearchEngine: + $ref: "#/components/examples/UpdateOutputExamplesCriblSearchEngine" + UpdateOutputExamplesGoogleCloudLogging: + $ref: "#/components/examples/UpdateOutputExamplesGoogleCloudLogging" + UpdateOutputExamplesSns: + $ref: "#/components/examples/UpdateOutputExamplesSns" + UpdateOutputExamplesDlS3: + $ref: "#/components/examples/UpdateOutputExamplesDlS3" + UpdateOutputExamplesSecurityLake: + $ref: "#/components/examples/UpdateOutputExamplesSecurityLake" + UpdateOutputExamplesCriblLake: + $ref: "#/components/examples/UpdateOutputExamplesCriblLake" + UpdateOutputExamplesExabeam: + $ref: "#/components/examples/UpdateOutputExamplesExabeam" + UpdateOutputExamplesDiskSpool: + $ref: "#/components/examples/UpdateOutputExamplesDiskSpool" + UpdateOutputExamplesClickHouse: + $ref: "#/components/examples/UpdateOutputExamplesClickHouse" + UpdateOutputExamplesLocalSearchStorage: + $ref: "#/components/examples/UpdateOutputExamplesLocalSearchStorage" + UpdateOutputExamplesXsiam: + $ref: "#/components/examples/UpdateOutputExamplesXsiam" + UpdateOutputExamplesNetflow: + $ref: "#/components/examples/UpdateOutputExamplesNetflow" + UpdateOutputExamplesDynatraceHttp: + $ref: "#/components/examples/UpdateOutputExamplesDynatraceHttp" + UpdateOutputExamplesDatabricks: + $ref: "#/components/examples/UpdateOutputExamplesDatabricks" responses: "200": - description: The created PackInstallInfo object in a single-item list. + description: the updated Destination object content: application/json: schema: - $ref: "#/components/schemas/CountedPackInstallInfo" + $ref: "#/components/schemas/CountedOutputResponse" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - requestBody: - description: packRequestBody object. - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/PackRequestBody" - examples: - PackInstallExamplesPackDispensary: - $ref: "#/components/examples/PackInstallExamplesPackDispensary" - PackInstallExamplesEmptyPack: - $ref: "#/components/examples/PackInstallExamplesEmptyPack" - PackInstallExamplesUploadedFile: - $ref: "#/components/examples/PackInstallExamplesUploadedFile" - PackInstallExamplesURL: - $ref: "#/components/examples/PackInstallExamplesURL" - PackInstallExamplesGitRepository: - $ref: "#/components/examples/PackInstallExamplesGitRepository" - get: - operationId: getPacks - tags: - - packs - x-speakeasy-group: packs - x-speakeasy-name-override: list + delete: + operationId: deleteOutputById + x-speakeasy-group: destinations x-cribl-internal: false x-cribl-availability: both - summary: List all Packs - description: Get a list of all Packs. + x-speakeasy-name-override: delete + tags: + - destinations + summary: Delete a Destination + description: Delete the specified Destination. + parameters: + - name: id + in: path + required: true + schema: + type: string + description: The id of the Destination to delete. responses: "200": - description: List of PackInfo objects. + description: the deleted Destination object content: application/json: schema: - $ref: "#/components/schemas/CountedPackInfo" + $ref: "#/components/schemas/CountedOutputResponse" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - parameters: - - name: with - in: query - required: false - schema: - type: string - description: Comma-separated list of additional properties to include in the response. When set, the response includes a count of the specified properties in the Pack. Available values are inputs and outputs. - put: - operationId: updatePacks + /system/outputs/{id}/pq: + delete: + operationId: deleteOutputPqById tags: - - packs - x-speakeasy-group: packs - x-speakeasy-name-override: upload + - destinations + x-speakeasy-group: destinations.pq + x-speakeasy-name-override: clear x-cribl-internal: false x-cribl-availability: both - summary: Upload a Pack file - description: Upload a Pack file. Returns the source ID needed to install the Pack with POST /packs, which you must call separately. + summary: Clear the persistent queue for a Destination + description: Clear the persistent queue (PQ) for the specified Destination. responses: - "200": - description: Pack file uploaded successfully + "201": + description: A list of job ids for the background job that clears the persistent + queue content: application/json: schema: - $ref: "#/components/schemas/UploadPackResponse" + $ref: "#/components/schemas/CountedString" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - requestBody: - required: true - content: - application/octet-stream: - schema: - type: string - format: binary - description: Pack file upload parameters: - - name: filename - in: query + - name: id + in: path required: true schema: type: string - description: Filename of the Pack file to upload. - /packs/{id}: - delete: - operationId: deletePacksById + description: The id of the Destination to clear the PQ for. + get: + operationId: getOutputPqById tags: - - packs - x-speakeasy-group: packs - x-speakeasy-name-override: delete + - destinations + x-speakeasy-group: destinations.pq + x-speakeasy-name-override: get x-cribl-internal: false x-cribl-availability: both - summary: Uninstall a Pack - description: Uninstall the specified Pack. + summary: Get information about the latest job to clear the persistent queue for + a Destination + description: Get information about the latest job to clear the persistent queue + (PQ) for the specified Destination. responses: "200": - description: The deleted PackUninstallInfo object in a single-item list. + description: information about the latest PQ clear job for the Destination content: application/json: schema: - $ref: "#/components/schemas/CountedPackUninstallInfo" + $ref: "#/components/schemas/CountedJobInfo" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -57319,26 +69868,31 @@ paths: required: true schema: type: string - description: The id of the Pack to uninstall. + description: The id of the Destination to get PQ job information for. + /system/outputs/{id}/samples: get: - operationId: getPacksById + operationId: getOutputSamplesById tags: - - packs - x-speakeasy-group: packs + - destinations + x-speakeasy-group: destinations.samples x-speakeasy-name-override: get x-cribl-internal: false x-cribl-availability: both - summary: Get a Pack - description: Get the specified Pack. + summary: Get sample event data for a Destination + description: Get sample event data for the specified Destination to validate the + configuration or test connectivity. responses: "200": - description: List of PackInfo objects. + description: Sample event data for the Destination content: application/json: schema: - $ref: "#/components/schemas/CountedPackInfo" + $ref: "#/components/schemas/CountedOutputSamplesResponse" + "400": + description: Bad Request — invalid request or Destination error "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -57351,26 +69905,31 @@ paths: required: true schema: type: string - description: The id of the Pack to get. - patch: - operationId: updatePacksById + description: The id of the Destination to get sample event data for. + /system/outputs/{id}/test: + post: + operationId: createOutputTestById tags: - - packs - x-speakeasy-group: packs - x-speakeasy-name-override: update + - destinations + x-speakeasy-group: destinations.samples + x-speakeasy-name-override: create x-cribl-internal: false x-cribl-availability: both - summary: Upgrade a Pack - description: Upgrade the specified Pack.

If the Pack includes any user-modified versions of default Cribl Knowledge resources such as lookups, copy the modified files locally for safekeeping before upgrading the Pack.Copy the modified files back to the upgraded Pack after you install it with POST /packs to overwrite the default versions in the Pack.

After you upgrade the Pack, update any Routes, Pipelines, Sources, and Destinations that use the previous Pack version so that they reference the upgraded Pack. + summary: Send sample event data to a Destination + description: Send sample event data to the specified Destination to validate the + configuration or test connectivity. responses: "200": - description: The updated PackInfo object in a single-item list. + description: Destination test result content: application/json: schema: - $ref: "#/components/schemas/CountedPackInfo" + $ref: "#/components/schemas/CountedOutputTestResponse" + "400": + description: Bad Request — missing or invalid events "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -57378,22 +69937,24 @@ paths: schema: $ref: "#/components/schemas/Error" requestBody: - description: PackUpgradeRequest object. + description: OutputTestRequest object. required: true content: application/json: schema: - $ref: "#/components/schemas/PackUpgradeRequest" + $ref: "#/components/schemas/OutputTestRequest" examples: - PackUpgradeExamplesUpgradeFromURL: - $ref: "#/components/examples/PackUpgradeExamplesUpgradeFromURL" + OutputTestExamplesSingleEvent: + $ref: "#/components/examples/OutputTestExamplesSingleEvent" + OutputTestExamplesMultipleEvents: + $ref: "#/components/examples/OutputTestExamplesMultipleEvents" parameters: - name: id in: path required: true schema: type: string - description: The id of the Pack to upgrade. + description: The id of the Destination to send sample event data to. /system/settings/conf: get: operationId: getSystemSettingsConf @@ -57403,7 +69964,7 @@ paths: x-speakeasy-name-override: list x-cribl-internal: false x-cribl-availability: both - summary: Get Cribl system settings + summary: Get system settings description: Get Cribl system settings. responses: "200": @@ -57413,7 +69974,8 @@ paths: schema: $ref: "#/components/schemas/CountedSystemSettingsConf" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -57438,7 +70000,8 @@ paths: schema: $ref: "#/components/schemas/CountedSystemSettingsConf" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -57465,7 +70028,9 @@ paths: x-cribl-internal: false x-cribl-availability: both summary: Restart the Cribl server - description: Restart the Cribl server.Useful for applying configuration changes that require a full process restart, such as changes to system-level settings that cannot be applied by reloading. + description: Restart the Cribl server. Useful for applying configuration changes + that require a full process restart, such as changes to system-level + settings that cannot be applied by reloading. responses: "200": description: Success @@ -57474,13 +70039,290 @@ paths: schema: $ref: "#/components/schemas/CountedSystemRestartResponse" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). + "500": + description: Unexpected server error. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + /system/status/inputs: + get: + operationId: getInputStatus + tags: + - sources + x-speakeasy-group: sources.statuses + x-speakeasy-name-override: list + x-cribl-internal: false + x-cribl-availability: both + summary: List the status of all Sources + description: List status information and optional metrics for all configured + Sources in the Worker Group or Edge Fleet. + responses: + "200": + description: a list of Source status objects + content: + application/json: + schema: + $ref: "#/components/schemas/CountedInputStatus" + "400": + description: Bad Request + "401": + description: Authentication failed (missing or invalid credentials or Bearer + token). + "500": + description: Unexpected server error. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + parameters: + - name: metrics + in: query + required: false + schema: + type: boolean + description: Set to true to include metrics for each Source. + Otherwise, false (default). + - name: type + in: query + required: false + schema: + type: boolean + description: Set to true to prefix the Source id with + the Source type. Otherwise, false (default). + - name: offset + in: query + required: false + schema: + type: integer + description: Starting point from which to retrieve results for this request. Use + with limit to paginate the response into manageable + batches. + - name: limit + in: query + required: false + schema: + type: integer + description: Maximum number of items to return in the response for this request. + Use with offset to paginate the response into + manageable batches. + x-speakeasy-pagination: + type: offsetLimit + inputs: + - name: offset + in: parameters + type: offset + - name: limit + in: parameters + type: limit + outputs: + results: $.items + /system/status/inputs/{id}: + get: + operationId: getInputStatusById + tags: + - sources + x-speakeasy-group: sources.statuses + x-speakeasy-name-override: get + x-cribl-internal: false + x-cribl-availability: both + summary: Get the status of a Source + description: Get the status and optional metrics for the specified Source. + responses: + "200": + description: a Source status object + content: + application/json: + schema: + $ref: "#/components/schemas/CountedInputStatus" + "401": + description: Authentication failed (missing or invalid credentials or Bearer + token). + "500": + description: Unexpected server error. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + parameters: + - name: id + in: path + required: true + schema: + type: string + description: The id of the Source to get the status for. + - name: metrics + in: query + required: false + schema: + type: boolean + description: Set to true to include metrics for each Source. + Otherwise, false (default). + - name: type + in: query + required: false + schema: + type: boolean + description: Set to true to prefix the Source id with + the Source type. Otherwise, false (default). + /system/status/outputs: + get: + operationId: getOutputStatus + tags: + - destinations + x-speakeasy-group: destinations.statuses + x-speakeasy-name-override: list + x-cribl-internal: false + x-cribl-availability: both + summary: List the status of all Destinations + description: List status information and optional metrics for all configured + Destinations in the Worker Group or Edge Fleet. + responses: + "200": + description: a list of Destination status objects + content: + application/json: + schema: + $ref: "#/components/schemas/CountedOutputStatus" + "400": + description: Bad Request + "401": + description: Authentication failed (missing or invalid credentials or Bearer + token). + "500": + description: Unexpected server error. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + parameters: + - name: metrics + in: query + required: false + schema: + type: boolean + description: Set to true to include metrics for each Destination. + Otherwise, false (default). + - name: type + in: query + required: false + schema: + type: boolean + description: Set to true to prefix the Destination id + with the Destination type. Otherwise, false (default). + - name: offset + in: query + required: false + schema: + type: integer + description: Starting point from which to retrieve results for this request. Use + with limit to paginate the response into manageable + batches. + - name: limit + in: query + required: false + schema: + type: integer + description: Maximum number of items to return in the response for this request. + Use with offset to paginate the response into + manageable batches. + x-speakeasy-pagination: + type: offsetLimit + inputs: + - name: offset + in: parameters + type: offset + - name: limit + in: parameters + type: limit + outputs: + results: $.items + /system/status/outputs/{id}: + get: + operationId: getOutputStatusById + tags: + - destinations + x-speakeasy-group: destinations.statuses + x-speakeasy-name-override: get + x-cribl-internal: false + x-cribl-availability: both + summary: Get the status of a Destination + description: Get the status and optional metrics for the specified Destination. + responses: + "200": + description: Destination status object + content: + application/json: + schema: + $ref: "#/components/schemas/CountedOutputStatus" + "401": + description: Authentication failed (missing or invalid credentials or Bearer + token). + "500": + description: Unexpected server error. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + parameters: + - name: id + in: path + required: true + schema: + type: string + description: The id of the Destination to get the status for. + - name: metrics + in: query + required: false + schema: + type: boolean + description: Set to true to include metrics for each Destination. + Otherwise, false (default). + - name: type + in: query + required: false + schema: + type: boolean + description: Set to true to prefix the Destination id + with the Destination type. Otherwise, false (default). + /version: + get: + operationId: getVersion + tags: + - versioning + x-speakeasy-group: versions.commits + x-speakeasy-name-override: list + x-cribl-internal: false + x-cribl-availability: both + summary: List the commit history + description: List the commit history.

Analogous to git + log for the Cribl configuration, allowing you to audit and review + changes over time. + responses: + "200": + description: List of GitLogResult objects. + content: + application/json: + schema: + $ref: "#/components/schemas/CountedGitLogResult" + "401": + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" + parameters: + - name: count + in: query + required: false + schema: + type: integer + description: Maximum number of commits to return in the response for this request. /version/branch: get: operationId: getVersionBranch @@ -57491,7 +70333,8 @@ paths: x-cribl-internal: false x-cribl-availability: both summary: List all branches in the Git repository used for Cribl configuration - description: Get a list of all branches in the Git repository used for Cribl configuration. + description: Get a list of all branches in the Git repository used for Cribl + configuration. responses: "200": description: List of BranchInfo objects. @@ -57500,7 +70343,8 @@ paths: schema: $ref: "#/components/schemas/CountedBranchInfo" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -57517,7 +70361,10 @@ paths: x-cribl-internal: false x-cribl-availability: both summary: Create a new commit for pending changes to the Cribl configuration - description: Create a new commit for pending changes to the Cribl configuration. Any merge conflicts indicated in the response must be resolved using Git.

To commit only a subset of configuration changes, specify the files to include in the commit in the files array. + description: Create a new commit for pending changes to the Cribl configuration. + Any merge conflicts indicated in the response must be resolved using + Git.

To commit only a subset of configuration changes, specify + the files to include in the commit in the files array. responses: "200": description: The created GitCommitSummary object in a single-item list. @@ -57526,7 +70373,8 @@ paths: schema: $ref: "#/components/schemas/CountedGitCommitSummary" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -57555,7 +70403,8 @@ paths: x-cribl-internal: false x-cribl-availability: both summary: Get a count of files that changed since a commit - description: Get a count of the files that changed since a commit. Default is the latest commit (HEAD). + description: Get a count of the files that changed since a commit. Default is + the latest commit (HEAD). responses: "200": description: List of GitCountResult objects. @@ -57564,7 +70413,8 @@ paths: schema: $ref: "#/components/schemas/CountedGitCountResult" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -57587,8 +70437,10 @@ paths: x-speakeasy-name-override: get x-cribl-internal: false x-cribl-availability: both - summary: Get the name of the Git branch that the Cribl configuration is checked out to - description: Get the name of the Git branch that the Cribl configuration is checked out to. Useful for verifying the active configuration branch. + summary: Get the name of the Git branch that the Cribl configuration is checked + out to + description: Get the name of the Git branch that the Cribl configuration is + checked out to. Useful for verifying the active configuration branch. responses: "200": description: The requested CurrentBranchResult object. @@ -57597,7 +70449,8 @@ paths: schema: $ref: "#/components/schemas/CurrentBranchResult" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -57623,7 +70476,8 @@ paths: schema: $ref: "#/components/schemas/CountedGitDiffResult" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -57648,7 +70502,9 @@ paths: required: false schema: type: integer - description: Number of lines of the diff to return. Default is 1000. Set to 0 to return the full diff, regardless of the number of lines. + description: Number of lines of the diff to return. Default is 1000. Set to + 0 to return the full diff, regardless of the number of + lines. /version/files: get: operationId: getVersionFiles @@ -57659,7 +70515,8 @@ paths: x-cribl-internal: false x-cribl-availability: both summary: Get the names and statuses of files that changed since a commit - description: Get the names and statuses of files that changed since a commit. Default is the latest commit (HEAD). + description: Get the names and statuses of files that changed since a commit. + Default is the latest commit (HEAD). responses: "200": description: List of GitFilesResponse objects. @@ -57668,7 +70525,8 @@ paths: schema: $ref: "#/components/schemas/CountedGitFilesResponse" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -57692,7 +70550,8 @@ paths: x-cribl-internal: false x-cribl-availability: both summary: Get the configuration and status for the Git integration - description: Get the configuration and versioning status for the Git integration for the Cribl configuration. + description: Get the configuration and versioning status for the Git integration + for the Cribl configuration. responses: "200": description: List of GitInfo objects. @@ -57701,46 +70560,14 @@ paths: schema: $ref: "#/components/schemas/CountedGitInfo" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). - "500": - description: Unexpected server error. - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /version: - get: - operationId: getVersion - tags: - - versioning - x-speakeasy-group: versions.commits - x-speakeasy-name-override: list - x-cribl-internal: false - x-cribl-availability: both - summary: List the commit history - description: List the commit history.

Analogous to git log for the Cribl configuration, allowing you to audit and review changes over time. - responses: - "200": - description: List of GitLogResult objects. - content: - application/json: - schema: - $ref: "#/components/schemas/CountedGitLogResult" - "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: application/json: schema: $ref: "#/components/schemas/Error" - parameters: - - name: count - in: query - required: false - schema: - type: integer - description: Maximum number of commits to return in the response for this request. /version/push: post: operationId: createVersionPush @@ -57751,7 +70578,8 @@ paths: x-cribl-internal: false x-cribl-availability: both summary: Push local commits to the remote repository - description: Push all local commits from the local repository to the remote repository. + description: Push all local commits from the local repository to the remote + repository. responses: "200": description: The created string object in a single-item list. @@ -57760,7 +70588,8 @@ paths: schema: $ref: "#/components/schemas/CountedString" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -57786,7 +70615,8 @@ paths: schema: $ref: "#/components/schemas/CountedGitRevertResult" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -57815,7 +70645,8 @@ paths: x-cribl-internal: false x-cribl-availability: both summary: Get the diff and log message for a commit - description: Get the diff and log message for a commit. Default is the latest commit (HEAD). + description: Get the diff and log message for a commit. Default is the latest + commit (HEAD). responses: "200": description: List of GitShowResult objects. @@ -57824,7 +70655,8 @@ paths: schema: $ref: "#/components/schemas/CountedGitShowResult" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -57849,7 +70681,9 @@ paths: required: false schema: type: integer - description: Number of lines of the diff to return. Default is 1000. Set to 0 to return the full diff, regardless of the number of lines. + description: Number of lines of the diff to return. Default is 1000. Set to + 0 to return the full diff, regardless of the number of + lines. /version/status: get: operationId: getVersionStatus @@ -57860,7 +70694,10 @@ paths: x-cribl-internal: false x-cribl-availability: both summary: Get the status of the current working tree - description: Get the status of the current working tree of the Git repository used for Cribl configuration. The response includes details about modified, staged, untracked, and conflicted files, as well as branch and remote tracking information. + description: Get the status of the current working tree of the Git repository + used for Cribl configuration. The response includes details about + modified, staged, untracked, and conflicted files, as well as branch and + remote tracking information. responses: "200": description: List of GitStatusResult objects. @@ -57869,7 +70706,8 @@ paths: schema: $ref: "#/components/schemas/CountedGitStatusResult" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: @@ -57886,7 +70724,9 @@ paths: x-cribl-internal: false x-cribl-availability: both summary: Discard uncommitted (staged) changes - description: Discard all uncommitted (staged) configuration changes, resetting the working directory to the last committed state. Use only if you are certain that you do not need to preserve your local changes. + description: Discard all uncommitted (staged) configuration changes, resetting + the working directory to the last committed state. Use only if you are + certain that you do not need to preserve your local changes. responses: "200": description: The created boolean object in a single-item list. @@ -57895,7 +70735,8 @@ paths: schema: $ref: "#/components/schemas/CountedBoolean" "401": - description: Authentication failed (missing or invalid credentials or Bearer token). + description: Authentication failed (missing or invalid credentials or Bearer + token). "500": description: Unexpected server error. content: diff --git a/.speakeasy/workflow.lock b/.speakeasy/workflow.lock index 06bd318cf..1a2e4b78f 100644 --- a/.speakeasy/workflow.lock +++ b/.speakeasy/workflow.lock @@ -1,23 +1,23 @@ -speakeasyVersion: 1.764.0 +speakeasyVersion: 1.784.0 sources: Cribl API Reference: sourceNamespace: cribl-api-reference - sourceRevisionDigest: sha256:2285e1da4eb22e187a97684a38b3208074a56ec8e08454d80599ce38360942eb - sourceBlobDigest: sha256:98e511ead4e90616b9c3ad19fc225f9d298668b7d9ef02a7fdf33220a8980186 + sourceRevisionDigest: sha256:249de9535b9eeb5f528e1270b3a3458bf64cca16312442d776762bbac8f38bad + sourceBlobDigest: sha256:97a237d16becc47926318a4645c69c913ff8a0e597e37686dc5d5ac0087e899e tags: - latest - - 4.18.1-37206a7f + - 4.18.2-fd1f0d2f targets: cribl-control-plane: source: Cribl API Reference sourceNamespace: cribl-api-reference - sourceRevisionDigest: sha256:2285e1da4eb22e187a97684a38b3208074a56ec8e08454d80599ce38360942eb - sourceBlobDigest: sha256:98e511ead4e90616b9c3ad19fc225f9d298668b7d9ef02a7fdf33220a8980186 + sourceRevisionDigest: sha256:249de9535b9eeb5f528e1270b3a3458bf64cca16312442d776762bbac8f38bad + sourceBlobDigest: sha256:97a237d16becc47926318a4645c69c913ff8a0e597e37686dc5d5ac0087e899e codeSamplesNamespace: cribl-api-reference-python-code-samples - codeSamplesRevisionDigest: sha256:c6dbd88ed6ea559aa7681d840a58118232a3418270e8461125b86f99ed6e233a + codeSamplesRevisionDigest: sha256:cf203998f17bb3505966181661e012b83c4e6a8c72f3f6db2983a204dd8479db workflow: workflowVersion: 1.0.0 - speakeasyVersion: 1.764.0 + speakeasyVersion: 1.784.0 sources: Cribl API Reference: inputs: diff --git a/README-PYPI.md b/README-PYPI.md index f438bd952..c1c362e80 100644 --- a/README-PYPI.md +++ b/README-PYPI.md @@ -222,18 +222,19 @@ The [On-Prem Authentication Example](https://github.com/criblio/cribl_control_pl ### [Collectors](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/collectorssdk/README.md) -* [create](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/collectorssdk/README.md#create) - Create a Collector * [list](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/collectorssdk/README.md#list) - List all Collectors -* [delete](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/collectorssdk/README.md#delete) - Delete a Collector +* [create](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/collectorssdk/README.md#create) - Create a Collector * [get](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/collectorssdk/README.md#get) - Get a Collector * [update](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/collectorssdk/README.md#update) - Update a Collector +* [delete](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/collectorssdk/README.md#delete) - Delete a Collector ### [DatabaseConnections](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/databaseconnections/README.md) +* [list](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/databaseconnections/README.md#list) - List Database Connections * [create](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/databaseconnections/README.md#create) - Create Database Connection -* [delete](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/databaseconnections/README.md#delete) - Delete a Database Connection * [get](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/databaseconnections/README.md#get) - Get a Database Connection * [update](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/databaseconnections/README.md#update) - Update a Database Connection +* [delete](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/databaseconnections/README.md#delete) - Delete a Database Connection ### [Destinations](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/destinations/README.md) @@ -255,13 +256,13 @@ The [On-Prem Authentication Example](https://github.com/criblio/cribl_control_pl #### [Destinations.Statuses](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/destinationsstatuses/README.md) -* [get](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/destinationsstatuses/README.md#get) - Get the status of a Destination * [list](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/destinationsstatuses/README.md#list) - List the status of all Destinations +* [get](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/destinationsstatuses/README.md#get) - Get the status of a Destination ### [Functions](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/functions/README.md) -* [get](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/functions/README.md#get) - Get a Function * [list](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/functions/README.md#list) - List all Functions +* [get](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/functions/README.md#get) - Get a Function ### [Groups](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/groupssdk/README.md) @@ -290,17 +291,17 @@ The [On-Prem Authentication Example](https://github.com/criblio/cribl_control_pl ### [Lakes.Datasets](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/datasets/README.md) -* [create](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/datasets/README.md#create) - Create a Lake Dataset (Cribl.Cloud only) * [list](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/datasets/README.md#list) - List all Lake Datasets (Cribl.Cloud only) -* [delete](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/datasets/README.md#delete) - Delete a Lake Dataset (Cribl.Cloud only) +* [create](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/datasets/README.md#create) - Create a Lake Dataset (Cribl.Cloud only) * [get](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/datasets/README.md#get) - Get a Lake Dataset (Cribl.Cloud only) * [update](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/datasets/README.md#update) - Update a Lake Dataset (Cribl.Cloud only) +* [delete](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/datasets/README.md#delete) - Delete a Lake Dataset (Cribl.Cloud only) ### [Nodes](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/nodes/README.md) * [count](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/nodes/README.md#count) - Get a count of Worker, Edge, or Outpost Nodes -* [get](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/nodes/README.md#get) - Get detailed metadata for a Worker, Edge, or Outpost Node * [list](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/nodes/README.md#list) - Get detailed metadata for Worker, Edge, or Outpost Nodes +* [get](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/nodes/README.md#get) - Get detailed metadata for a Worker, Edge, or Outpost Node * [restart](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/nodes/README.md#restart) - Restart Worker, Edge, or Outpost Nodes #### [Nodes.Summaries](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/summaries/README.md) @@ -312,9 +313,9 @@ The [On-Prem Authentication Example](https://github.com/criblio/cribl_control_pl * [install](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packs/README.md#install) - Install a Pack * [list](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packs/README.md#list) - List all Packs * [upload](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packs/README.md#upload) - Upload a Pack file -* [delete](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packs/README.md#delete) - Uninstall a Pack * [get](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packs/README.md#get) - Get a Pack * [update](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packs/README.md#update) - Upgrade a Pack +* [delete](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packs/README.md#delete) - Uninstall a Pack #### [Packs.Destinations](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packsdestinations/README.md) @@ -336,22 +337,22 @@ The [On-Prem Authentication Example](https://github.com/criblio/cribl_control_pl ##### [Packs.Destinations.Statuses](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packsdestinationsstatuses/README.md) -* [get](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packsdestinationsstatuses/README.md#get) - Get the status of a Destination within a Pack * [list](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packsdestinationsstatuses/README.md#list) - List the status of all Destinations within a Pack +* [get](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packsdestinationsstatuses/README.md#get) - Get the status of a Destination within a Pack #### [Packs.Pipelines](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packspipelines/README.md) -* [create](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packspipelines/README.md#create) - Create a Pipeline within a Pack * [list](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packspipelines/README.md#list) - List all Pipelines within a Pack -* [delete](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packspipelines/README.md#delete) - Delete a Pipeline within a Pack +* [create](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packspipelines/README.md#create) - Create a Pipeline within a Pack * [get](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packspipelines/README.md#get) - Get a Pipeline within a Pack * [update](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packspipelines/README.md#update) - Update a Pipeline within a Pack +* [delete](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packspipelines/README.md#delete) - Delete a Pipeline within a Pack #### [Packs.Routes](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packsroutes/README.md) +* [list](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packsroutes/README.md#list) - List all Routes within a Pack * [get](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packsroutes/README.md#get) - Get a Routing table within a Pack * [update](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packsroutes/README.md#update) - Update a Route within a Pack -* [list](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packsroutes/README.md#list) - List all Routes within a Pack * [append](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packsroutes/README.md#append) - Add a Route to the end of the Routing table within a Pack #### [Packs.Sources](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packssources/README.md) @@ -374,22 +375,22 @@ The [On-Prem Authentication Example](https://github.com/criblio/cribl_control_pl ##### [Packs.Sources.Statuses](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packssourcesstatuses/README.md) -* [get](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packssourcesstatuses/README.md#get) - Get the status of a Source within a Pack * [list](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packssourcesstatuses/README.md#list) - List the status of all Sources within a Pack +* [get](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/packssourcesstatuses/README.md#get) - Get the status of a Source within a Pack ### [Pipelines](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/pipelines/README.md) -* [create](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/pipelines/README.md#create) - Create a Pipeline * [list](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/pipelines/README.md#list) - List all Pipelines +* [create](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/pipelines/README.md#create) - Create a Pipeline * [delete](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/pipelines/README.md#delete) - Delete a Pipeline * [get](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/pipelines/README.md#get) - Get a Pipeline * [update](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/pipelines/README.md#update) - Update a Pipeline ### [Routes](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/routessdk/README.md) +* [list](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/routessdk/README.md#list) - List all Routes * [get](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/routessdk/README.md#get) - Get a Routing table * [update](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/routessdk/README.md#update) - Update a Route -* [list](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/routessdk/README.md#list) - List all Routes * [append](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/routessdk/README.md#append) - Add a Route to the end of the Routing table ### [Sources](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/sources/README.md) @@ -407,17 +408,17 @@ The [On-Prem Authentication Example](https://github.com/criblio/cribl_control_pl #### [Sources.Pq](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/sourcespq/README.md) -* [clear](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/sourcespq/README.md#clear) - Clear the persistent queue for a Source * [get](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/sourcespq/README.md#get) - Get information about the latest job to clear the persistent queue for a Source +* [clear](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/sourcespq/README.md#clear) - Clear the persistent queue for a Source #### [Sources.Statuses](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/sourcesstatuses/README.md) -* [get](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/sourcesstatuses/README.md#get) - Get the status of a Source * [list](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/sourcesstatuses/README.md#list) - List the status of all Sources +* [get](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/sourcesstatuses/README.md#get) - Get the status of a Source ### [System.Captures](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/captures/README.md) -* [create](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/captures/README.md#create) - Capture live incoming data +* [create](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/captures/README.md#create) - Capture live data ### [System.Settings](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/settings/README.md) @@ -425,7 +426,7 @@ The [On-Prem Authentication Example](https://github.com/criblio/cribl_control_pl #### [System.Settings.Cribl](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/cribl/README.md) -* [list](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/cribl/README.md#list) - Get Cribl system settings +* [list](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/cribl/README.md#list) - Get system settings * [update](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/cribl/README.md#update) - Update system settings ### [Versions.Branches](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/branches/README.md) @@ -435,9 +436,9 @@ The [On-Prem Authentication Example](https://github.com/criblio/cribl_control_pl ### [Versions.Commits](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/commits/README.md) +* [list](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/commits/README.md#list) - List the commit history * [create](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/commits/README.md#create) - Create a new commit for pending changes to the Cribl configuration * [diff](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/commits/README.md#diff) - Get the diff for a commit -* [list](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/commits/README.md#list) - List the commit history * [push](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/commits/README.md#push) - Push local commits to the remote repository * [revert](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/commits/README.md#revert) - Revert a commit in the local repository * [get](https://github.com/criblio/cribl_control_plane_sdk_python/blob/master/docs/sdks/commits/README.md#get) - Get the diff and log message for a commit @@ -517,7 +518,7 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.sources.statuses.list() + res = ccp_client.packs.sources.statuses.list(pack="") while res is not None: # Handle items @@ -750,15 +751,11 @@ The `CriblControlPlane` class implements the context manager protocol and regist [context-manager]: https://docs.python.org/3/reference/datamodel.html#context-managers ```python -from cribl_control_plane import CriblControlPlane, models -import os +from cribl_control_plane import CriblControlPlane def main(): with CriblControlPlane( "https://api.example.com", - security=models.Security( - bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), - ), ) as ccp_client: # Rest of application here... @@ -768,9 +765,6 @@ async def amain(): async with CriblControlPlane( "https://api.example.com", - security=models.Security( - bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), - ), ) as ccp_client: # Rest of application here... ``` diff --git a/README.md b/README.md index 6f52fd689..b9b56528f 100644 --- a/README.md +++ b/README.md @@ -222,18 +222,19 @@ The [On-Prem Authentication Example](https://github.com/criblio/cribl_control_pl ### [Collectors](docs/sdks/collectorssdk/README.md) -* [create](docs/sdks/collectorssdk/README.md#create) - Create a Collector * [list](docs/sdks/collectorssdk/README.md#list) - List all Collectors -* [delete](docs/sdks/collectorssdk/README.md#delete) - Delete a Collector +* [create](docs/sdks/collectorssdk/README.md#create) - Create a Collector * [get](docs/sdks/collectorssdk/README.md#get) - Get a Collector * [update](docs/sdks/collectorssdk/README.md#update) - Update a Collector +* [delete](docs/sdks/collectorssdk/README.md#delete) - Delete a Collector ### [DatabaseConnections](docs/sdks/databaseconnections/README.md) +* [list](docs/sdks/databaseconnections/README.md#list) - List Database Connections * [create](docs/sdks/databaseconnections/README.md#create) - Create Database Connection -* [delete](docs/sdks/databaseconnections/README.md#delete) - Delete a Database Connection * [get](docs/sdks/databaseconnections/README.md#get) - Get a Database Connection * [update](docs/sdks/databaseconnections/README.md#update) - Update a Database Connection +* [delete](docs/sdks/databaseconnections/README.md#delete) - Delete a Database Connection ### [Destinations](docs/sdks/destinations/README.md) @@ -255,13 +256,13 @@ The [On-Prem Authentication Example](https://github.com/criblio/cribl_control_pl #### [Destinations.Statuses](docs/sdks/destinationsstatuses/README.md) -* [get](docs/sdks/destinationsstatuses/README.md#get) - Get the status of a Destination * [list](docs/sdks/destinationsstatuses/README.md#list) - List the status of all Destinations +* [get](docs/sdks/destinationsstatuses/README.md#get) - Get the status of a Destination ### [Functions](docs/sdks/functions/README.md) -* [get](docs/sdks/functions/README.md#get) - Get a Function * [list](docs/sdks/functions/README.md#list) - List all Functions +* [get](docs/sdks/functions/README.md#get) - Get a Function ### [Groups](docs/sdks/groupssdk/README.md) @@ -290,17 +291,17 @@ The [On-Prem Authentication Example](https://github.com/criblio/cribl_control_pl ### [Lakes.Datasets](docs/sdks/datasets/README.md) -* [create](docs/sdks/datasets/README.md#create) - Create a Lake Dataset (Cribl.Cloud only) * [list](docs/sdks/datasets/README.md#list) - List all Lake Datasets (Cribl.Cloud only) -* [delete](docs/sdks/datasets/README.md#delete) - Delete a Lake Dataset (Cribl.Cloud only) +* [create](docs/sdks/datasets/README.md#create) - Create a Lake Dataset (Cribl.Cloud only) * [get](docs/sdks/datasets/README.md#get) - Get a Lake Dataset (Cribl.Cloud only) * [update](docs/sdks/datasets/README.md#update) - Update a Lake Dataset (Cribl.Cloud only) +* [delete](docs/sdks/datasets/README.md#delete) - Delete a Lake Dataset (Cribl.Cloud only) ### [Nodes](docs/sdks/nodes/README.md) * [count](docs/sdks/nodes/README.md#count) - Get a count of Worker, Edge, or Outpost Nodes -* [get](docs/sdks/nodes/README.md#get) - Get detailed metadata for a Worker, Edge, or Outpost Node * [list](docs/sdks/nodes/README.md#list) - Get detailed metadata for Worker, Edge, or Outpost Nodes +* [get](docs/sdks/nodes/README.md#get) - Get detailed metadata for a Worker, Edge, or Outpost Node * [restart](docs/sdks/nodes/README.md#restart) - Restart Worker, Edge, or Outpost Nodes #### [Nodes.Summaries](docs/sdks/summaries/README.md) @@ -312,9 +313,9 @@ The [On-Prem Authentication Example](https://github.com/criblio/cribl_control_pl * [install](docs/sdks/packs/README.md#install) - Install a Pack * [list](docs/sdks/packs/README.md#list) - List all Packs * [upload](docs/sdks/packs/README.md#upload) - Upload a Pack file -* [delete](docs/sdks/packs/README.md#delete) - Uninstall a Pack * [get](docs/sdks/packs/README.md#get) - Get a Pack * [update](docs/sdks/packs/README.md#update) - Upgrade a Pack +* [delete](docs/sdks/packs/README.md#delete) - Uninstall a Pack #### [Packs.Destinations](docs/sdks/packsdestinations/README.md) @@ -336,22 +337,22 @@ The [On-Prem Authentication Example](https://github.com/criblio/cribl_control_pl ##### [Packs.Destinations.Statuses](docs/sdks/packsdestinationsstatuses/README.md) -* [get](docs/sdks/packsdestinationsstatuses/README.md#get) - Get the status of a Destination within a Pack * [list](docs/sdks/packsdestinationsstatuses/README.md#list) - List the status of all Destinations within a Pack +* [get](docs/sdks/packsdestinationsstatuses/README.md#get) - Get the status of a Destination within a Pack #### [Packs.Pipelines](docs/sdks/packspipelines/README.md) -* [create](docs/sdks/packspipelines/README.md#create) - Create a Pipeline within a Pack * [list](docs/sdks/packspipelines/README.md#list) - List all Pipelines within a Pack -* [delete](docs/sdks/packspipelines/README.md#delete) - Delete a Pipeline within a Pack +* [create](docs/sdks/packspipelines/README.md#create) - Create a Pipeline within a Pack * [get](docs/sdks/packspipelines/README.md#get) - Get a Pipeline within a Pack * [update](docs/sdks/packspipelines/README.md#update) - Update a Pipeline within a Pack +* [delete](docs/sdks/packspipelines/README.md#delete) - Delete a Pipeline within a Pack #### [Packs.Routes](docs/sdks/packsroutes/README.md) +* [list](docs/sdks/packsroutes/README.md#list) - List all Routes within a Pack * [get](docs/sdks/packsroutes/README.md#get) - Get a Routing table within a Pack * [update](docs/sdks/packsroutes/README.md#update) - Update a Route within a Pack -* [list](docs/sdks/packsroutes/README.md#list) - List all Routes within a Pack * [append](docs/sdks/packsroutes/README.md#append) - Add a Route to the end of the Routing table within a Pack #### [Packs.Sources](docs/sdks/packssources/README.md) @@ -374,22 +375,22 @@ The [On-Prem Authentication Example](https://github.com/criblio/cribl_control_pl ##### [Packs.Sources.Statuses](docs/sdks/packssourcesstatuses/README.md) -* [get](docs/sdks/packssourcesstatuses/README.md#get) - Get the status of a Source within a Pack * [list](docs/sdks/packssourcesstatuses/README.md#list) - List the status of all Sources within a Pack +* [get](docs/sdks/packssourcesstatuses/README.md#get) - Get the status of a Source within a Pack ### [Pipelines](docs/sdks/pipelines/README.md) -* [create](docs/sdks/pipelines/README.md#create) - Create a Pipeline * [list](docs/sdks/pipelines/README.md#list) - List all Pipelines +* [create](docs/sdks/pipelines/README.md#create) - Create a Pipeline * [delete](docs/sdks/pipelines/README.md#delete) - Delete a Pipeline * [get](docs/sdks/pipelines/README.md#get) - Get a Pipeline * [update](docs/sdks/pipelines/README.md#update) - Update a Pipeline ### [Routes](docs/sdks/routessdk/README.md) +* [list](docs/sdks/routessdk/README.md#list) - List all Routes * [get](docs/sdks/routessdk/README.md#get) - Get a Routing table * [update](docs/sdks/routessdk/README.md#update) - Update a Route -* [list](docs/sdks/routessdk/README.md#list) - List all Routes * [append](docs/sdks/routessdk/README.md#append) - Add a Route to the end of the Routing table ### [Sources](docs/sdks/sources/README.md) @@ -407,17 +408,17 @@ The [On-Prem Authentication Example](https://github.com/criblio/cribl_control_pl #### [Sources.Pq](docs/sdks/sourcespq/README.md) -* [clear](docs/sdks/sourcespq/README.md#clear) - Clear the persistent queue for a Source * [get](docs/sdks/sourcespq/README.md#get) - Get information about the latest job to clear the persistent queue for a Source +* [clear](docs/sdks/sourcespq/README.md#clear) - Clear the persistent queue for a Source #### [Sources.Statuses](docs/sdks/sourcesstatuses/README.md) -* [get](docs/sdks/sourcesstatuses/README.md#get) - Get the status of a Source * [list](docs/sdks/sourcesstatuses/README.md#list) - List the status of all Sources +* [get](docs/sdks/sourcesstatuses/README.md#get) - Get the status of a Source ### [System.Captures](docs/sdks/captures/README.md) -* [create](docs/sdks/captures/README.md#create) - Capture live incoming data +* [create](docs/sdks/captures/README.md#create) - Capture live data ### [System.Settings](docs/sdks/settings/README.md) @@ -425,7 +426,7 @@ The [On-Prem Authentication Example](https://github.com/criblio/cribl_control_pl #### [System.Settings.Cribl](docs/sdks/cribl/README.md) -* [list](docs/sdks/cribl/README.md#list) - Get Cribl system settings +* [list](docs/sdks/cribl/README.md#list) - Get system settings * [update](docs/sdks/cribl/README.md#update) - Update system settings ### [Versions.Branches](docs/sdks/branches/README.md) @@ -435,9 +436,9 @@ The [On-Prem Authentication Example](https://github.com/criblio/cribl_control_pl ### [Versions.Commits](docs/sdks/commits/README.md) +* [list](docs/sdks/commits/README.md#list) - List the commit history * [create](docs/sdks/commits/README.md#create) - Create a new commit for pending changes to the Cribl configuration * [diff](docs/sdks/commits/README.md#diff) - Get the diff for a commit -* [list](docs/sdks/commits/README.md#list) - List the commit history * [push](docs/sdks/commits/README.md#push) - Push local commits to the remote repository * [revert](docs/sdks/commits/README.md#revert) - Revert a commit in the local repository * [get](docs/sdks/commits/README.md#get) - Get the diff and log message for a commit @@ -517,7 +518,7 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.sources.statuses.list() + res = ccp_client.packs.sources.statuses.list(pack="") while res is not None: # Handle items @@ -750,15 +751,11 @@ The `CriblControlPlane` class implements the context manager protocol and regist [context-manager]: https://docs.python.org/3/reference/datamodel.html#context-managers ```python -from cribl_control_plane import CriblControlPlane, models -import os +from cribl_control_plane import CriblControlPlane def main(): with CriblControlPlane( "https://api.example.com", - security=models.Security( - bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), - ), ) as ccp_client: # Rest of application here... @@ -768,9 +765,6 @@ async def amain(): async with CriblControlPlane( "https://api.example.com", - security=models.Security( - bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), - ), ) as ccp_client: # Rest of application here... ``` diff --git a/RELEASES.md b/RELEASES.md index 274cdba8c..0132bc233 100644 --- a/RELEASES.md +++ b/RELEASES.md @@ -678,4 +678,14 @@ Based on: ### Generated - [python v0.8.1] . ### Releases -- [PyPI v0.8.1] https://pypi.org/project/cribl-control-plane/0.8.1 - . \ No newline at end of file +- [PyPI v0.8.1] https://pypi.org/project/cribl-control-plane/0.8.1 - . + +## 2026-06-24 02:14:17 +### Changes +Based on: +- OpenAPI Doc +- Speakeasy CLI 1.784.0 (2.911.0) https://github.com/speakeasy-api/speakeasy +### Generated +- [python v0.9.0] . +### Releases +- [PyPI v0.9.0] https://pypi.org/project/cribl-control-plane/0.9.0 - . \ No newline at end of file diff --git a/USAGE.md b/USAGE.md index 1c19260d3..8cc9e84bc 100644 --- a/USAGE.md +++ b/USAGE.md @@ -1,18 +1,14 @@ ```python # Synchronous Example -from cribl_control_plane import CriblControlPlane, models -import os +from cribl_control_plane import CriblControlPlane with CriblControlPlane( "https://api.example.com", - security=models.Security( - bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), - ), ) as ccp_client: - res = ccp_client.database_connections.create(auth_type="connectionString", database_type=models.DatabaseConnectionType.MYSQL, description="Production MySQL database for customer data", id="mysql-prod-db", connection_string="mysql://admin:password123@mysql.example.com:3306/production?ssl=true", connection_timeout=10000, tags="production,mysql,customer-data") + res = ccp_client.auth.tokens.get(password="6j50J9421x29IhO", username="Lilly_Weissnat") # Handle response print(res) @@ -25,19 +21,15 @@ The same SDK client can also be used to make asynchronous requests by importing ```python # Asynchronous Example import asyncio -from cribl_control_plane import CriblControlPlane, models -import os +from cribl_control_plane import CriblControlPlane async def main(): async with CriblControlPlane( "https://api.example.com", - security=models.Security( - bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), - ), ) as ccp_client: - res = await ccp_client.database_connections.create_async(auth_type="connectionString", database_type=models.DatabaseConnectionType.MYSQL, description="Production MySQL database for customer data", id="mysql-prod-db", connection_string="mysql://admin:password123@mysql.example.com:3306/production?ssl=true", connection_timeout=10000, tags="production,mysql,customer-data") + res = await ccp_client.auth.tokens.get_async(password="6j50J9421x29IhO", username="Lilly_Weissnat") # Handle response print(res) diff --git a/docs/errors/healthserverstatuserror.md b/docs/errors/healthserverstatuserror.md index 3f82df233..69f80e979 100644 --- a/docs/errors/healthserverstatuserror.md +++ b/docs/errors/healthserverstatuserror.md @@ -7,6 +7,7 @@ Health status of the Leader or Worker Node. | Field | Type | Required | Description | | ---------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------- | +| `overlay` | [models.HealthOverlayStatus](../models/healthoverlaystatus.md) | :heavy_check_mark: | N/A | | `role` | [Optional[models.Role]](../models/role.md) | :heavy_minus_sign: | Leader Node role: primary or standby. | | `start_time` | *int* | :heavy_check_mark: | Timestamp (in Unix time) when the Cribl process started. | | `status` | [models.HealthServerStatusStatus](../models/healthserverstatusstatus.md) | :heavy_check_mark: | Health state: healthy, standby, or shutting down. | \ No newline at end of file diff --git a/docs/models/activehealthoverlaystatus.md b/docs/models/activehealthoverlaystatus.md new file mode 100644 index 000000000..3d327a60a --- /dev/null +++ b/docs/models/activehealthoverlaystatus.md @@ -0,0 +1,10 @@ +# ActiveHealthOverlayStatus + + +## Fields + +| Field | Type | Required | Description | Example | +| ---------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------- | +| `binary_version` | *str* | :heavy_check_mark: | Binary version targeted by the active overlay. | 4.12.0 | +| `overlay_id` | *str* | :heavy_check_mark: | Active overlay identifier. | **Example 1:** patch.0
**Example 2:** sideload.a1b2c3d | +| `state` | *Literal["active"]* | :heavy_check_mark: | Current overlay state. | active | \ No newline at end of file diff --git a/docs/models/authrequestheaderconfhealthcheckauthenticationoauth.md b/docs/models/authrequestheaderconfhealthcheckauthenticationoauth.md deleted file mode 100644 index 75dc5f7a5..000000000 --- a/docs/models/authrequestheaderconfhealthcheckauthenticationoauth.md +++ /dev/null @@ -1,9 +0,0 @@ -# AuthRequestHeaderConfHealthCheckAuthenticationOauth - - -## Fields - -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| `name` | *str* | :heavy_check_mark: | Header name. | -| `value` | *str* | :heavy_check_mark: | JavaScript expression to compute the header's value, normally enclosed in backticks (e.g., `${earliest}`). If a constant, use single quotes (e.g., 'earliest'). Values without delimiters (e.g., earliest) are evaluated as strings. | \ No newline at end of file diff --git a/docs/models/authtype.md b/docs/models/authtype.md index ef6e886ab..eec9db67c 100644 --- a/docs/models/authtype.md +++ b/docs/models/authtype.md @@ -1,11 +1,23 @@ # AuthType -Credentials to use when authenticating with the schema registry using basic HTTP authentication +Credentials to use when authenticating with the schema registry ## Fields -| Field | Type | Required | Description | -| ---------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------- | -| `disabled` | *bool* | :heavy_check_mark: | N/A | -| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a secret that references your credentials | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `disabled` | *bool* | :heavy_check_mark: | N/A | +| `oauth_enabled` | *Optional[bool]* | :heavy_minus_sign: | Authenticate with the schema registry using OAuth instead of basic HTTP authentication | +| `token_url` | *Optional[str]* | :heavy_minus_sign: | URL of the token endpoint to use for OAuth authentication | +| `client_id` | *Optional[str]* | :heavy_minus_sign: | Client ID to use for OAuth authentication | +| `oauth_secret_type` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `client_text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | +| `oauth_params` | List[[models.OauthParamConfInputKafka](../models/oauthparamconfinputkafka.md)] | :heavy_minus_sign: | Additional fields to send to the token endpoint, such as scope or audience | +| `identity_pool_id` | *Optional[str]* | :heavy_minus_sign: | Confluent Cloud identity pool ID. Sent as the `Confluent-Identity-Pool-Id` header on requests to the schema registry. | +| `logical_cluster` | *Optional[str]* | :heavy_minus_sign: | Confluent Cloud Schema Registry logical cluster ID. Sent as the `target-sr-cluster` header on requests to the schema registry. | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a secret that references your credentials | +| `template_token_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'tokenUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenUrl' at runtime. | +| `template_client_id` | *Optional[str]* | :heavy_minus_sign: | Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime. | +| `template_identity_pool_id` | *Optional[str]* | :heavy_minus_sign: | Binds 'identityPoolId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'identityPoolId' at runtime. | +| `template_logical_cluster` | *Optional[str]* | :heavy_minus_sign: | Binds 'logicalCluster' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logicalCluster' at runtime. | \ No newline at end of file diff --git a/docs/models/azureblobauthtypeclientcert.md b/docs/models/azureblobauthtypeclientcert.md index 2c891e870..37cdd1be2 100644 --- a/docs/models/azureblobauthtypeclientcert.md +++ b/docs/models/azureblobauthtypeclientcert.md @@ -20,10 +20,17 @@ | `include_metadata` | *Optional[bool]* | :heavy_minus_sign: | Include Azure Blob metadata in collected events. In each event, metadata will be located at: __collectible.metadata. | | `include_tags` | *Optional[bool]* | :heavy_minus_sign: | Include Azure Blob tags in collected events. In each event, tags will be located at: __collectible.tags. Disable this feature when using a Shared Access Signature Connection String, to prevent errors. | | `max_batch_size` | *Optional[float]* | :heavy_minus_sign: | Maximum number of metadata objects to batch before recording as results | +| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | | `parquet_chunk_size_mb` | *Optional[float]* | :heavy_minus_sign: | Maximum file size for each Parquet chunk | | `parquet_chunk_download_timeout` | *Optional[float]* | :heavy_minus_sign: | The maximum time allowed for downloading a Parquet chunk. Processing will abort if a chunk cannot be downloaded within the time specified. | | `connection_string` | *Optional[str]* | :heavy_minus_sign: | Enter your Azure storage account Connection String. If left blank, Cribl Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING. | +| `template_connection_string` | *Optional[str]* | :heavy_minus_sign: | Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime. | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Text secret | +| `template_storage_account_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime. | +| `template_tenant_id` | *Optional[str]* | :heavy_minus_sign: | Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime. | +| `template_client_id` | *Optional[str]* | :heavy_minus_sign: | Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime. | | `client_text_secret` | *Optional[str]* | :heavy_minus_sign: | Text secret containing the client secret | +| `template_endpoint_suffix` | *Optional[str]* | :heavy_minus_sign: | Binds 'endpointSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpointSuffix' at runtime. | +| `template_azure_cloud` | *Optional[str]* | :heavy_minus_sign: | Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime. | | `template_container_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'containerName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'containerName' at runtime. | | `template_path` | *Optional[str]* | :heavy_minus_sign: | Binds 'path' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'path' at runtime. | \ No newline at end of file diff --git a/docs/models/azureblobauthtypeclientsecret.md b/docs/models/azureblobauthtypeclientsecret.md index 7bc20d01c..3054d2c9d 100644 --- a/docs/models/azureblobauthtypeclientsecret.md +++ b/docs/models/azureblobauthtypeclientsecret.md @@ -12,6 +12,11 @@ | `client_text_secret` | *str* | :heavy_check_mark: | Text secret containing the client secret | | `endpoint_suffix` | *Optional[str]* | :heavy_minus_sign: | The endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net. | | `azure_cloud` | *Optional[str]* | :heavy_minus_sign: | The Azure cloud to use. Defaults to Azure Public Cloud. | +| `template_storage_account_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime. | +| `template_tenant_id` | *Optional[str]* | :heavy_minus_sign: | Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime. | +| `template_client_id` | *Optional[str]* | :heavy_minus_sign: | Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime. | +| `template_endpoint_suffix` | *Optional[str]* | :heavy_minus_sign: | Binds 'endpointSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpointSuffix' at runtime. | +| `template_azure_cloud` | *Optional[str]* | :heavy_minus_sign: | Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime. | | `output_name` | *Optional[str]* | :heavy_minus_sign: | An optional predefined Destination that will be used to auto-populate Collector settings | | `container_name` | *str* | :heavy_check_mark: | Container to collect from. This value can be a constant, or a JavaScript expression that can only be evaluated at init time. Example referencing a Global Variable: myBucket-${C.vars.myVar} | | `path` | *Optional[str]* | :heavy_minus_sign: | The directory from which to collect data. Templating is supported, such as myDir/${datacenter}/${host}/${app}/. Time-based tokens are supported, such as myOtherDir/${_time:%Y}/${_time:%m}/${_time:%d}/. | @@ -20,9 +25,11 @@ | `include_metadata` | *Optional[bool]* | :heavy_minus_sign: | Include Azure Blob metadata in collected events. In each event, metadata will be located at: __collectible.metadata. | | `include_tags` | *Optional[bool]* | :heavy_minus_sign: | Include Azure Blob tags in collected events. In each event, tags will be located at: __collectible.tags. Disable this feature when using a Shared Access Signature Connection String, to prevent errors. | | `max_batch_size` | *Optional[float]* | :heavy_minus_sign: | Maximum number of metadata objects to batch before recording as results | +| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | | `parquet_chunk_size_mb` | *Optional[float]* | :heavy_minus_sign: | Maximum file size for each Parquet chunk | | `parquet_chunk_download_timeout` | *Optional[float]* | :heavy_minus_sign: | The maximum time allowed for downloading a Parquet chunk. Processing will abort if a chunk cannot be downloaded within the time specified. | | `connection_string` | *Optional[str]* | :heavy_minus_sign: | Enter your Azure storage account Connection String. If left blank, Cribl Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING. | +| `template_connection_string` | *Optional[str]* | :heavy_minus_sign: | Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime. | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Text secret | | `certificate` | [Optional[models.CertificateTypeAzureBlobAuthTypeClientCert]](../models/certificatetypeazureblobauthtypeclientcert.md) | :heavy_minus_sign: | N/A | | `template_container_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'containerName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'containerName' at runtime. | diff --git a/docs/models/azureblobauthtypemanual.md b/docs/models/azureblobauthtypemanual.md index 29ebc16eb..ff40da17c 100644 --- a/docs/models/azureblobauthtypemanual.md +++ b/docs/models/azureblobauthtypemanual.md @@ -7,6 +7,7 @@ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `auth_type` | [Optional[models.AzureBlobAuthTypeManualAuthenticationMethod]](../models/azureblobauthtypemanualauthenticationmethod.md) | :heavy_minus_sign: | Enter authentication data directly, or select a secret referencing your auth data | | `connection_string` | *str* | :heavy_check_mark: | Enter your Azure storage account Connection String. If left blank, Cribl Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING. | +| `template_connection_string` | *Optional[str]* | :heavy_minus_sign: | Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime. | | `output_name` | *Optional[str]* | :heavy_minus_sign: | An optional predefined Destination that will be used to auto-populate Collector settings | | `container_name` | *str* | :heavy_check_mark: | Container to collect from. This value can be a constant, or a JavaScript expression that can only be evaluated at init time. Example referencing a Global Variable: myBucket-${C.vars.myVar} | | `path` | *Optional[str]* | :heavy_minus_sign: | The directory from which to collect data. Templating is supported, such as myDir/${datacenter}/${host}/${app}/. Time-based tokens are supported, such as myOtherDir/${_time:%Y}/${_time:%m}/${_time:%d}/. | @@ -15,10 +16,21 @@ | `include_metadata` | *Optional[bool]* | :heavy_minus_sign: | Include Azure Blob metadata in collected events. In each event, metadata will be located at: __collectible.metadata. | | `include_tags` | *Optional[bool]* | :heavy_minus_sign: | Include Azure Blob tags in collected events. In each event, tags will be located at: __collectible.tags. Disable this feature when using a Shared Access Signature Connection String, to prevent errors. | | `max_batch_size` | *Optional[float]* | :heavy_minus_sign: | Maximum number of metadata objects to batch before recording as results | +| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | | `parquet_chunk_size_mb` | *Optional[float]* | :heavy_minus_sign: | Maximum file size for each Parquet chunk | | `parquet_chunk_download_timeout` | *Optional[float]* | :heavy_minus_sign: | The maximum time allowed for downloading a Parquet chunk. Processing will abort if a chunk cannot be downloaded within the time specified. | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Text secret | +| `storage_account_name` | *Optional[str]* | :heavy_minus_sign: | The name of your Azure storage account | +| `template_storage_account_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime. | +| `tenant_id` | *Optional[str]* | :heavy_minus_sign: | The service principal's tenant ID | +| `template_tenant_id` | *Optional[str]* | :heavy_minus_sign: | Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime. | +| `client_id` | *Optional[str]* | :heavy_minus_sign: | The service principal's client ID | +| `template_client_id` | *Optional[str]* | :heavy_minus_sign: | Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime. | | `client_text_secret` | *Optional[str]* | :heavy_minus_sign: | Text secret containing the client secret | +| `endpoint_suffix` | *Optional[str]* | :heavy_minus_sign: | The endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net. | +| `template_endpoint_suffix` | *Optional[str]* | :heavy_minus_sign: | Binds 'endpointSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpointSuffix' at runtime. | +| `azure_cloud` | *Optional[str]* | :heavy_minus_sign: | The Azure cloud to use. Defaults to Azure Public Cloud. | +| `template_azure_cloud` | *Optional[str]* | :heavy_minus_sign: | Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime. | | `certificate` | [Optional[models.CertificateTypeAzureBlobAuthTypeClientCert]](../models/certificatetypeazureblobauthtypeclientcert.md) | :heavy_minus_sign: | N/A | | `template_container_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'containerName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'containerName' at runtime. | | `template_path` | *Optional[str]* | :heavy_minus_sign: | Binds 'path' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'path' at runtime. | \ No newline at end of file diff --git a/docs/models/azureblobauthtypesecret.md b/docs/models/azureblobauthtypesecret.md index aaecce7ea..ffcd646c4 100644 --- a/docs/models/azureblobauthtypesecret.md +++ b/docs/models/azureblobauthtypesecret.md @@ -15,10 +15,22 @@ | `include_metadata` | *Optional[bool]* | :heavy_minus_sign: | Include Azure Blob metadata in collected events. In each event, metadata will be located at: __collectible.metadata. | | `include_tags` | *Optional[bool]* | :heavy_minus_sign: | Include Azure Blob tags in collected events. In each event, tags will be located at: __collectible.tags. Disable this feature when using a Shared Access Signature Connection String, to prevent errors. | | `max_batch_size` | *Optional[float]* | :heavy_minus_sign: | Maximum number of metadata objects to batch before recording as results | +| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | | `parquet_chunk_size_mb` | *Optional[float]* | :heavy_minus_sign: | Maximum file size for each Parquet chunk | | `parquet_chunk_download_timeout` | *Optional[float]* | :heavy_minus_sign: | The maximum time allowed for downloading a Parquet chunk. Processing will abort if a chunk cannot be downloaded within the time specified. | | `connection_string` | *Optional[str]* | :heavy_minus_sign: | Enter your Azure storage account Connection String. If left blank, Cribl Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING. | +| `template_connection_string` | *Optional[str]* | :heavy_minus_sign: | Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime. | +| `storage_account_name` | *Optional[str]* | :heavy_minus_sign: | The name of your Azure storage account | +| `template_storage_account_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime. | +| `tenant_id` | *Optional[str]* | :heavy_minus_sign: | The service principal's tenant ID | +| `template_tenant_id` | *Optional[str]* | :heavy_minus_sign: | Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime. | +| `client_id` | *Optional[str]* | :heavy_minus_sign: | The service principal's client ID | +| `template_client_id` | *Optional[str]* | :heavy_minus_sign: | Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime. | | `client_text_secret` | *Optional[str]* | :heavy_minus_sign: | Text secret containing the client secret | +| `endpoint_suffix` | *Optional[str]* | :heavy_minus_sign: | The endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net. | +| `template_endpoint_suffix` | *Optional[str]* | :heavy_minus_sign: | Binds 'endpointSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpointSuffix' at runtime. | +| `azure_cloud` | *Optional[str]* | :heavy_minus_sign: | The Azure cloud to use. Defaults to Azure Public Cloud. | +| `template_azure_cloud` | *Optional[str]* | :heavy_minus_sign: | Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime. | | `certificate` | [Optional[models.CertificateTypeAzureBlobAuthTypeClientCert]](../models/certificatetypeazureblobauthtypeclientcert.md) | :heavy_minus_sign: | N/A | | `template_container_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'containerName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'containerName' at runtime. | | `template_path` | *Optional[str]* | :heavy_minus_sign: | Binds 'path' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'path' at runtime. | \ No newline at end of file diff --git a/docs/models/branchinfo.md b/docs/models/branchinfo.md index d3867656c..4457d94ba 100644 --- a/docs/models/branchinfo.md +++ b/docs/models/branchinfo.md @@ -5,4 +5,4 @@ | Field | Type | Required | Description | | ------------------ | ------------------ | ------------------ | ------------------ | -| `id` | *str* | :heavy_check_mark: | N/A | \ No newline at end of file +| `id` | *str* | :heavy_check_mark: | Unique identifier. | \ No newline at end of file diff --git a/docs/models/cacheconnection.md b/docs/models/cacheconnection.md index 80bd7e302..f041a9df6 100644 --- a/docs/models/cacheconnection.md +++ b/docs/models/cacheconnection.md @@ -3,12 +3,12 @@ ## Fields -| Field | Type | Required | Description | -| ---------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------- | -| `accelerated_fields` | List[*str*] | :heavy_minus_sign: | Accelerated fields (materialized columns) for the cache connection. | -| `backfill_status` | [Optional[models.CacheConnectionBackfillStatus]](../models/cacheconnectionbackfillstatus.md) | :heavy_minus_sign: | N/A | -| `cache_ref` | *str* | :heavy_check_mark: | Identifier of the Lakehouse cache referenced by the Dataset. | -| `created_at` | *float* | :heavy_check_mark: | Timestamp when the continuous data feed to the Lakehouse cache started, in Unix time (milliseconds). | -| `lakehouse_connection_type` | [Optional[models.LakehouseConnectionType]](../models/lakehouseconnectiontype.md) | :heavy_minus_sign: | N/A | -| `migration_query_id` | *Optional[str]* | :heavy_minus_sign: | Query identifier of the active Lakehouse migration. Omitted if no migration is in progress. | -| `retention_in_days` | *float* | :heavy_check_mark: | Retention period for the Lakehouse cache connection, in days. | \ No newline at end of file +| Field | Type | Required | Description | +| ------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------- | +| `accelerated_fields` | List[*str*] | :heavy_minus_sign: | Accelerated fields (materialized columns) for the cache connection. | +| `backfill_status` | [Optional[models.CacheConnectionBackfillStatus]](../models/cacheconnectionbackfillstatus.md) | :heavy_minus_sign: | N/A | +| `cache_ref` | *str* | :heavy_check_mark: | Unique identifier for the Lakehouse cache referenced by the Dataset. | +| `created_at` | *float* | :heavy_check_mark: | Timestamp (in Unix time) when the continuous data feed to the Lakehouse cache started, in milliseconds. | +| `lakehouse_connection_type` | [Optional[models.LakehouseConnectionType]](../models/lakehouseconnectiontype.md) | :heavy_minus_sign: | N/A | +| `migration_query_id` | *Optional[str]* | :heavy_minus_sign: | Unique identifier for the active Lakehouse migration query. Omitted if no migration is in progress. | +| `retention_in_days` | *float* | :heavy_check_mark: | Retention period for the Lakehouse cache connection, in days. | \ No newline at end of file diff --git a/docs/models/collectortype.md b/docs/models/collectortype.md new file mode 100644 index 000000000..73b8ba091 --- /dev/null +++ b/docs/models/collectortype.md @@ -0,0 +1,27 @@ +# CollectorType + +## Example Usage + +```python +from cribl_control_plane.models import CollectorType + +value = CollectorType.AZURE_BLOB + +# Open enum: unrecognized values are captured as UnrecognizedStr +``` + + +## Values + +| Name | Value | +| ---------------------- | ---------------------- | +| `AZURE_BLOB` | azure_blob | +| `CRIBL_LAKE` | cribl_lake | +| `DATABASE` | database | +| `FILESYSTEM` | filesystem | +| `GOOGLE_CLOUD_STORAGE` | google_cloud_storage | +| `HEALTH_CHECK` | health_check | +| `REST` | rest | +| `S3` | s3 | +| `SCRIPT` | script | +| `SPLUNK` | splunk | \ No newline at end of file diff --git a/docs/models/configgroup.md b/docs/models/configgroup.md index 2bdd9d906..b82fd1256 100644 --- a/docs/models/configgroup.md +++ b/docs/models/configgroup.md @@ -11,7 +11,7 @@ | `description` | *Optional[str]* | :heavy_minus_sign: | Brief description of the Worker Group, Outpost Group, or Edge Fleet. | | | `estimated_ingest_rate` | [Optional[models.EstimatedIngestRateOptionsConfigGroup]](../models/estimatedingestrateoptionsconfiggroup.md) | :heavy_minus_sign: | Estimated ingest rate for a Cribl.Cloud Worker Group, in GB/sec. | 4096 | | `git` | [Optional[models.Git]](../models/git.md) | :heavy_minus_sign: | Git status of the Worker Group, Outpost Group, or Edge Fleet configuration. Automatically populated and returned in responses. | | -| `id` | *str* | :heavy_check_mark: | N/A | | +| `id` | *str* | :heavy_check_mark: | Unique identifier. | | | `incompatible_worker_count` | *Optional[int]* | :heavy_minus_sign: | Number of Workers or Nodes running a Cribl version that is incompatible with the current upgrade target.

**Warning**: Do not change the value of incompatibleWorkerCount in the body of PATCH requests. The PATCH request body must include the value as it appears in the GET /products/{product}/groups/{id} response. | | | `inherits` | *Optional[str]* | :heavy_minus_sign: | The id of the parent Edge Fleet. If provided, this Fleet inherits configuration from the specified parent Fleet. Applies only to Edge Fleets. | | | ~~`is_fleet`~~ | *Optional[bool]* | :heavy_minus_sign: | : warning: ** DEPRECATED **: This will be removed in a future release, please migrate away from it as soon as possible.

Indicates whether this is an Edge Fleet. Deprecated. Use to identify Edge Fleets. | | diff --git a/docs/models/countedboolean.md b/docs/models/countedboolean.md index 12463d107..50aca8bea 100644 --- a/docs/models/countedboolean.md +++ b/docs/models/countedboolean.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ------------------------------------------ | ------------------------------------------ | ------------------------------------------ | ------------------------------------------ | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[*bool*] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[*bool*] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedbranchinfo.md b/docs/models/countedbranchinfo.md index 292f4ec35..ecd2ddc00 100644 --- a/docs/models/countedbranchinfo.md +++ b/docs/models/countedbranchinfo.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | -------------------------------------------------- | -------------------------------------------------- | -------------------------------------------------- | -------------------------------------------------- | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.BranchInfo](../models/branchinfo.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.BranchInfo](../models/branchinfo.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedconfiggroup.md b/docs/models/countedconfiggroup.md index 062686e00..cc89fb4a2 100644 --- a/docs/models/countedconfiggroup.md +++ b/docs/models/countedconfiggroup.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ---------------------------------------------------- | ---------------------------------------------------- | ---------------------------------------------------- | ---------------------------------------------------- | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.ConfigGroup](../models/configgroup.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.ConfigGroup](../models/configgroup.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedcribllakedataset.md b/docs/models/countedcribllakedataset.md index e8836c70e..75467c42e 100644 --- a/docs/models/countedcribllakedataset.md +++ b/docs/models/countedcribllakedataset.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | -------------------------------------------------------------- | -------------------------------------------------------------- | -------------------------------------------------------------- | -------------------------------------------------------------- | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.CriblLakeDataset](../models/cribllakedataset.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.CriblLakeDataset](../models/cribllakedataset.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/counteddatabaseconnectionconfig.md b/docs/models/counteddatabaseconnectionconfig.md index 35aa35cdb..0be6a8734 100644 --- a/docs/models/counteddatabaseconnectionconfig.md +++ b/docs/models/counteddatabaseconnectionconfig.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ------------------------------------------------------------------------------ | ------------------------------------------------------------------------------ | ------------------------------------------------------------------------------ | ------------------------------------------------------------------------------ | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.DatabaseConnectionConfig](../models/databaseconnectionconfig.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.DatabaseConnectionConfig](../models/databaseconnectionconfig.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/counteddistributedsummary.md b/docs/models/counteddistributedsummary.md index 2f1222848..22168af94 100644 --- a/docs/models/counteddistributedsummary.md +++ b/docs/models/counteddistributedsummary.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ------------------------------------------------------------------ | ------------------------------------------------------------------ | ------------------------------------------------------------------ | ------------------------------------------------------------------ | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.DistributedSummary](../models/distributedsummary.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.DistributedSummary](../models/distributedsummary.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedfunctionresponse.md b/docs/models/countedfunctionresponse.md index 7b2ab1a28..d60dcaca9 100644 --- a/docs/models/countedfunctionresponse.md +++ b/docs/models/countedfunctionresponse.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | -------------------------------------------------------------- | -------------------------------------------------------------- | -------------------------------------------------------------- | -------------------------------------------------------------- | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.FunctionResponse](../models/functionresponse.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.FunctionResponse](../models/functionresponse.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedgitcommitsummary.md b/docs/models/countedgitcommitsummary.md index 0a20e22c9..7e97927e4 100644 --- a/docs/models/countedgitcommitsummary.md +++ b/docs/models/countedgitcommitsummary.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | -------------------------------------------------------------- | -------------------------------------------------------------- | -------------------------------------------------------------- | -------------------------------------------------------------- | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.GitCommitSummary](../models/gitcommitsummary.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.GitCommitSummary](../models/gitcommitsummary.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedgitcountresult.md b/docs/models/countedgitcountresult.md index ed814c70d..fc4f3ea59 100644 --- a/docs/models/countedgitcountresult.md +++ b/docs/models/countedgitcountresult.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ---------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------- | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.GitCountResult](../models/gitcountresult.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.GitCountResult](../models/gitcountresult.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedgitdiffresult.md b/docs/models/countedgitdiffresult.md index 8a04d1a68..bcd0855ab 100644 --- a/docs/models/countedgitdiffresult.md +++ b/docs/models/countedgitdiffresult.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | -------------------------------------------------------- | -------------------------------------------------------- | -------------------------------------------------------- | -------------------------------------------------------- | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.GitDiffResult](../models/gitdiffresult.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.GitDiffResult](../models/gitdiffresult.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedgitfilesresponse.md b/docs/models/countedgitfilesresponse.md index 36a647fc1..3762208b8 100644 --- a/docs/models/countedgitfilesresponse.md +++ b/docs/models/countedgitfilesresponse.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | -------------------------------------------------------------- | -------------------------------------------------------------- | -------------------------------------------------------------- | -------------------------------------------------------------- | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.GitFilesResponse](../models/gitfilesresponse.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.GitFilesResponse](../models/gitfilesresponse.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedgitinfo.md b/docs/models/countedgitinfo.md index 701c0c865..61794b022 100644 --- a/docs/models/countedgitinfo.md +++ b/docs/models/countedgitinfo.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | -------------------------------------------- | -------------------------------------------- | -------------------------------------------- | -------------------------------------------- | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.GitInfo](../models/gitinfo.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.GitInfo](../models/gitinfo.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedgitlogresult.md b/docs/models/countedgitlogresult.md index 0baf15fbe..635d3950d 100644 --- a/docs/models/countedgitlogresult.md +++ b/docs/models/countedgitlogresult.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ------------------------------------------------------ | ------------------------------------------------------ | ------------------------------------------------------ | ------------------------------------------------------ | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.GitLogResult](../models/gitlogresult.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.GitLogResult](../models/gitlogresult.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedgitrevertresult.md b/docs/models/countedgitrevertresult.md index a24987130..c47782fd2 100644 --- a/docs/models/countedgitrevertresult.md +++ b/docs/models/countedgitrevertresult.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ------------------------------------------------------------ | ------------------------------------------------------------ | ------------------------------------------------------------ | ------------------------------------------------------------ | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.GitRevertResult](../models/gitrevertresult.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.GitRevertResult](../models/gitrevertresult.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedgitshowresult.md b/docs/models/countedgitshowresult.md index dec357e8a..3b1c3bfb5 100644 --- a/docs/models/countedgitshowresult.md +++ b/docs/models/countedgitshowresult.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | -------------------------------------------------------- | -------------------------------------------------------- | -------------------------------------------------------- | -------------------------------------------------------- | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.GitShowResult](../models/gitshowresult.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.GitShowResult](../models/gitshowresult.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedgitstatusresult.md b/docs/models/countedgitstatusresult.md index 34dbdfec5..579c90084 100644 --- a/docs/models/countedgitstatusresult.md +++ b/docs/models/countedgitstatusresult.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ------------------------------------------------------------ | ------------------------------------------------------------ | ------------------------------------------------------------ | ------------------------------------------------------------ | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.GitStatusResult](../models/gitstatusresult.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.GitStatusResult](../models/gitstatusresult.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedinputresponse.md b/docs/models/countedinputresponse.md index a250cb07b..f72ac15be 100644 --- a/docs/models/countedinputresponse.md +++ b/docs/models/countedinputresponse.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | -------------------------------------------------------- | -------------------------------------------------------- | -------------------------------------------------------- | -------------------------------------------------------- | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.InputResponse](../models/inputresponse.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.InputResponse](../models/inputresponse.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedinputsplunkhec.md b/docs/models/countedinputsplunkhec.md index dc2098278..20b9691be 100644 --- a/docs/models/countedinputsplunkhec.md +++ b/docs/models/countedinputsplunkhec.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ---------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------- | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.InputSplunkHec](../models/inputsplunkhec.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.InputSplunkHec](../models/inputsplunkhec.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedinputstatus.md b/docs/models/countedinputstatus.md index 9ee221ade..4bb34f01a 100644 --- a/docs/models/countedinputstatus.md +++ b/docs/models/countedinputstatus.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ---------------------------------------------------- | ---------------------------------------------------- | ---------------------------------------------------- | ---------------------------------------------------- | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.InputStatus](../models/inputstatus.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.InputStatus](../models/inputstatus.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedjobinfo.md b/docs/models/countedjobinfo.md index ec7333aaf..1bda344fa 100644 --- a/docs/models/countedjobinfo.md +++ b/docs/models/countedjobinfo.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | -------------------------------------------- | -------------------------------------------- | -------------------------------------------- | -------------------------------------------- | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.JobInfo](../models/jobinfo.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.JobInfo](../models/jobinfo.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedmasterworkerentry.md b/docs/models/countedmasterworkerentry.md index fbb488383..a66c51e71 100644 --- a/docs/models/countedmasterworkerentry.md +++ b/docs/models/countedmasterworkerentry.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ---------------------------------------------------------------- | ---------------------------------------------------------------- | ---------------------------------------------------------------- | ---------------------------------------------------------------- | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.MasterWorkerEntry](../models/masterworkerentry.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.MasterWorkerEntry](../models/masterworkerentry.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countednumber.md b/docs/models/countednumber.md index 9cb72729d..5920353a3 100644 --- a/docs/models/countednumber.md +++ b/docs/models/countednumber.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ------------------------------------------ | ------------------------------------------ | ------------------------------------------ | ------------------------------------------ | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[*float*] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[*float*] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedoutputresponse.md b/docs/models/countedoutputresponse.md index 212ddf13e..0105474d7 100644 --- a/docs/models/countedoutputresponse.md +++ b/docs/models/countedoutputresponse.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ---------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------- | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.OutputResponse](../models/outputresponse.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.OutputResponse](../models/outputresponse.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedoutputsamplesresponse.md b/docs/models/countedoutputsamplesresponse.md index 69c589722..907c63851 100644 --- a/docs/models/countedoutputsamplesresponse.md +++ b/docs/models/countedoutputsamplesresponse.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ------------------------------------------------------------------------ | ------------------------------------------------------------------------ | ------------------------------------------------------------------------ | ------------------------------------------------------------------------ | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.OutputSamplesResponse](../models/outputsamplesresponse.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.OutputSamplesResponse](../models/outputsamplesresponse.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedoutputstatus.md b/docs/models/countedoutputstatus.md index 73e8fa0cb..37128975d 100644 --- a/docs/models/countedoutputstatus.md +++ b/docs/models/countedoutputstatus.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ------------------------------------------------------ | ------------------------------------------------------ | ------------------------------------------------------ | ------------------------------------------------------ | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.OutputStatus](../models/outputstatus.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.OutputStatus](../models/outputstatus.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedoutputtestresponse.md b/docs/models/countedoutputtestresponse.md index 8fd742726..d9b215265 100644 --- a/docs/models/countedoutputtestresponse.md +++ b/docs/models/countedoutputtestresponse.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ------------------------------------------------------------------ | ------------------------------------------------------------------ | ------------------------------------------------------------------ | ------------------------------------------------------------------ | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.OutputTestResponse](../models/outputtestresponse.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.OutputTestResponse](../models/outputtestresponse.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedpackinfo.md b/docs/models/countedpackinfo.md index 72f327591..0cacb92d7 100644 --- a/docs/models/countedpackinfo.md +++ b/docs/models/countedpackinfo.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ---------------------------------------------- | ---------------------------------------------- | ---------------------------------------------- | ---------------------------------------------- | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.PackInfo](../models/packinfo.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.PackInfo](../models/packinfo.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedpackinstallinfo.md b/docs/models/countedpackinstallinfo.md index 396e3a781..77fb086f8 100644 --- a/docs/models/countedpackinstallinfo.md +++ b/docs/models/countedpackinstallinfo.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ------------------------------------------------------------ | ------------------------------------------------------------ | ------------------------------------------------------------ | ------------------------------------------------------------ | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.PackInstallInfo](../models/packinstallinfo.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.PackInstallInfo](../models/packinstallinfo.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedpackuninstallinfo.md b/docs/models/countedpackuninstallinfo.md index 02d3d0041..aea684986 100644 --- a/docs/models/countedpackuninstallinfo.md +++ b/docs/models/countedpackuninstallinfo.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ---------------------------------------------------------------- | ---------------------------------------------------------------- | ---------------------------------------------------------------- | ---------------------------------------------------------------- | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.PackUninstallInfo](../models/packuninstallinfo.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.PackUninstallInfo](../models/packuninstallinfo.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedpipeline.md b/docs/models/countedpipeline.md index e0cb8f114..923622331 100644 --- a/docs/models/countedpipeline.md +++ b/docs/models/countedpipeline.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ---------------------------------------------- | ---------------------------------------------- | ---------------------------------------------- | ---------------------------------------------- | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.Pipeline](../models/pipeline.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.Pipeline](../models/pipeline.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedrestartresponse.md b/docs/models/countedrestartresponse.md index 0ae1988c0..8bd8544a7 100644 --- a/docs/models/countedrestartresponse.md +++ b/docs/models/countedrestartresponse.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ------------------------------------------------------------ | ------------------------------------------------------------ | ------------------------------------------------------------ | ------------------------------------------------------------ | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.RestartResponse](../models/restartresponse.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.RestartResponse](../models/restartresponse.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedroutes.md b/docs/models/countedroutes.md index b21e7b876..9204b9a0f 100644 --- a/docs/models/countedroutes.md +++ b/docs/models/countedroutes.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ------------------------------------------ | ------------------------------------------ | ------------------------------------------ | ------------------------------------------ | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.Routes](../models/routes.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.Routes](../models/routes.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedsavedjobresponse.md b/docs/models/countedsavedjobresponse.md index 409fd138a..8727652bf 100644 --- a/docs/models/countedsavedjobresponse.md +++ b/docs/models/countedsavedjobresponse.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | -------------------------------------------------------------- | -------------------------------------------------------------- | -------------------------------------------------------------- | -------------------------------------------------------------- | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.SavedJobResponse](../models/savedjobresponse.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.SavedJobResponse](../models/savedjobresponse.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedstring.md b/docs/models/countedstring.md index 2fece5987..acf48782a 100644 --- a/docs/models/countedstring.md +++ b/docs/models/countedstring.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ------------------------------------------ | ------------------------------------------ | ------------------------------------------ | ------------------------------------------ | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[*str*] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[*str*] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedsystemrestartresponse.md b/docs/models/countedsystemrestartresponse.md index ff539cde7..f1a91bf1c 100644 --- a/docs/models/countedsystemrestartresponse.md +++ b/docs/models/countedsystemrestartresponse.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ------------------------------------------------------------------------ | ------------------------------------------------------------------------ | ------------------------------------------------------------------------ | ------------------------------------------------------------------------ | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.SystemRestartResponse](../models/systemrestartresponse.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.SystemRestartResponse](../models/systemrestartresponse.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedsystemsettingsconf.md b/docs/models/countedsystemsettingsconf.md index e37ce5ae9..b1e274a58 100644 --- a/docs/models/countedsystemsettingsconf.md +++ b/docs/models/countedsystemsettingsconf.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ------------------------------------------------------------------ | ------------------------------------------------------------------ | ------------------------------------------------------------------ | ------------------------------------------------------------------ | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.SystemSettingsConf](../models/systemsettingsconf.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.SystemSettingsConf](../models/systemsettingsconf.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/countedteamaccesscontrollist.md b/docs/models/countedteamaccesscontrollist.md index 507b4d535..a3c05a7b5 100644 --- a/docs/models/countedteamaccesscontrollist.md +++ b/docs/models/countedteamaccesscontrollist.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ------------------------------------------------------------------------ | ------------------------------------------------------------------------ | ------------------------------------------------------------------------ | ------------------------------------------------------------------------ | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.TeamAccessControlList](../models/teamaccesscontrollist.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.TeamAccessControlList](../models/teamaccesscontrollist.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/counteduseraccesscontrollist.md b/docs/models/counteduseraccesscontrollist.md index fd500225b..11537d361 100644 --- a/docs/models/counteduseraccesscontrollist.md +++ b/docs/models/counteduseraccesscontrollist.md @@ -6,4 +6,4 @@ | Field | Type | Required | Description | | ------------------------------------------------------------------------ | ------------------------------------------------------------------------ | ------------------------------------------------------------------------ | ------------------------------------------------------------------------ | | `count` | *Optional[int]* | :heavy_minus_sign: | number of items present in the items array | -| `items` | List[[models.UserAccessControlList](../models/useraccesscontrollist.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file +| `items` | List[[models.UserAccessControlList](../models/useraccesscontrollist.md)] | :heavy_minus_sign: | List of items in this response. | \ No newline at end of file diff --git a/docs/models/createinputauth.md b/docs/models/createinputauth.md index 494f65567..74de67c9c 100644 --- a/docs/models/createinputauth.md +++ b/docs/models/createinputauth.md @@ -9,7 +9,7 @@ | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | | `client_secret_auth_type` | [Optional[models.AuthenticationMethodOptionsAuth]](../models/authenticationmethodoptionsauth.md) | :heavy_minus_sign: | N/A | | `client_text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | -| `certificate` | [Optional[models.CertificateTypeAzureBlobAuthTypeClientCert]](../models/certificatetypeazureblobauthtypeclientcert.md) | :heavy_minus_sign: | N/A | +| `certificate` | [Optional[models.CreateInputCertificate]](../models/createinputcertificate.md) | :heavy_minus_sign: | N/A | | `oauth_endpoint` | [Optional[models.MicrosoftEntraIDAuthenticationEndpointOptionsSasl]](../models/microsoftentraidauthenticationendpointoptionssasl.md) | :heavy_minus_sign: | Endpoint used to acquire authentication tokens from Azure | | `client_id` | *Optional[str]* | :heavy_minus_sign: | client_id to pass in the OAuth request parameter | | `tenant_id` | *Optional[str]* | :heavy_minus_sign: | Directory ID (tenant identifier) in Azure Active Directory | diff --git a/docs/models/createinputauthtokencloudflarehec.md b/docs/models/createinputauthtokencloudflarehec.md index f322586d7..c7e14a79a 100644 --- a/docs/models/createinputauthtokencloudflarehec.md +++ b/docs/models/createinputauthtokencloudflarehec.md @@ -7,6 +7,7 @@ | ---------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | | `auth_type` | [Optional[models.CreateInputAuthenticationMethodCloudflareHec]](../models/createinputauthenticationmethodcloudflarehec.md) | :heavy_minus_sign: | Select Secret to use a text secret to authenticate | | `token_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | +| `token` | *Optional[str]* | :heavy_minus_sign: | Shared secret to be provided by any client (Authorization: ) | | `enabled` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `description` | *Optional[str]* | :heavy_minus_sign: | N/A | | `allowed_indexes_at_token` | List[*str*] | :heavy_minus_sign: | Enter the values you want to allow in the HEC event index field at the token level. Supports wildcards. To skip validation, leave blank. | diff --git a/docs/models/createinputcertificate.md b/docs/models/createinputcertificate.md new file mode 100644 index 000000000..622fb9631 --- /dev/null +++ b/docs/models/createinputcertificate.md @@ -0,0 +1,11 @@ +# CreateInputCertificate + + +## Fields + +| Field | Type | Required | Description | +| -------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------- | +| `certificate_name` | *str* | :heavy_check_mark: | The certificate you registered as credentials for your app in the Azure portal | +| `cert_path` | *str* | :heavy_check_mark: | Path on server containing certificates to use. PEM format. Can reference $ENV_VARS. | +| `priv_key_path` | *str* | :heavy_check_mark: | Path on server containing the private key to use. PEM format. Can reference $ENV_VARS. | +| `passphrase` | *Optional[str]* | :heavy_minus_sign: | Passphrase to use to decrypt private key | \ No newline at end of file diff --git a/docs/models/createinputcontentconfiginput.md b/docs/models/createinputcontentconfiginput.md index 5a7da32f9..e2a480082 100644 --- a/docs/models/createinputcontentconfiginput.md +++ b/docs/models/createinputcontentconfiginput.md @@ -10,7 +10,7 @@ | `state_update_expression` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression that defines how to update the state from an event | | `state_merge_expression` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression that defines which state to keep when merging task state | | `manage_state` | [Optional[models.CreateInputManageStateOpenai]](../models/createinputmanagestateopenai.md) | :heavy_minus_sign: | N/A | -| `request_params` | List[[models.RequestParamConfInputOpenai](../models/requestparamconfinputopenai.md)] | :heavy_check_mark: | Query-string parameters to send with this endpoint | +| `request_params` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_check_mark: | Query-string parameters to send with this endpoint | | `pagination_type` | [models.CreateInputPaginationType](../models/createinputpaginationtype.md) | :heavy_check_mark: | N/A | | `pagination_attribute` | List[*str*] | :heavy_minus_sign: | N/A | | `pagination_last_page_expr` | *Optional[str]* | :heavy_minus_sign: | N/A | diff --git a/docs/models/createinputdiscoverytypeedgeprometheus.md b/docs/models/createinputdiscoverytypeedgeprometheus.md index e7462eee2..9385ad86f 100644 --- a/docs/models/createinputdiscoverytypeedgeprometheus.md +++ b/docs/models/createinputdiscoverytypeedgeprometheus.md @@ -22,4 +22,5 @@ value = CreateInputDiscoveryTypeEdgePrometheus.STATIC | `EC2` | ec2 | | `K8S_NODE` | k8s-node | | `K8S_PODS` | k8s-pods | -| `K8S_SERVICE_MONITOR` | k8s-service-monitor | \ No newline at end of file +| `K8S_SERVICE_MONITOR` | k8s-service-monitor | +| `HTTP_SD` | http_sd | \ No newline at end of file diff --git a/docs/models/createinputdiscoverytypeprometheus.md b/docs/models/createinputdiscoverytypeprometheus.md index 27576d155..66d0ad3a1 100644 --- a/docs/models/createinputdiscoverytypeprometheus.md +++ b/docs/models/createinputdiscoverytypeprometheus.md @@ -15,8 +15,9 @@ value = CreateInputDiscoveryTypePrometheus.STATIC ## Values -| Name | Value | -| -------- | -------- | -| `STATIC` | static | -| `DNS` | dns | -| `EC2` | ec2 | \ No newline at end of file +| Name | Value | +| --------- | --------- | +| `STATIC` | static | +| `DNS` | dns | +| `EC2` | ec2 | +| `HTTP_SD` | http_sd | \ No newline at end of file diff --git a/docs/models/createinputinputappleunifiedlogs.md b/docs/models/createinputinputappleunifiedlogs.md index 2ae8c1d92..273cc699b 100644 --- a/docs/models/createinputinputappleunifiedlogs.md +++ b/docs/models/createinputinputappleunifiedlogs.md @@ -3,21 +3,21 @@ ## Fields -| Field | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `id` | *str* | :heavy_check_mark: | Unique ID for this input | -| `type` | [models.CreateInputTypeAppleUnifiedLogs](../models/createinputtypeappleunifiedlogs.md) | :heavy_check_mark: | N/A | -| `disabled` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `pipeline` | *Optional[str]* | :heavy_minus_sign: | Pipeline to process data from this Source before sending it through the Routes | -| `send_to_routes` | *Optional[bool]* | :heavy_minus_sign: | Select whether to send data to Routes, or directly to Destinations. | -| `environment` | *Optional[str]* | :heavy_minus_sign: | Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. | -| `pq_enabled` | *Optional[bool]* | :heavy_minus_sign: | Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). | -| `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | -| `connections` | List[[models.ConnectionConfInputCollection](../models/connectionconfinputcollection.md)] | :heavy_minus_sign: | Direct connections to Destinations, and optionally via a Pipeline or a Pack | -| `pq` | [Optional[models.PqType]](../models/pqtype.md) | :heavy_minus_sign: | N/A | -| `predicate` | *str* | :heavy_check_mark: | String to filter log entries, in NSPredicate format (e.g., subsystem == "com.apple.security" or process == "kernel"). See [Predicate format reference](https://developer.apple.com/library/archive/documentation/Cocoa/Conceptual/Predicates/AdditionalChapters/Introduction.html) for more information. | -| `read_mode` | [Optional[models.CreateInputReadModeAppleUnifiedLogs]](../models/createinputreadmodeappleunifiedlogs.md) | :heavy_minus_sign: | Read all log entries (historical and upcoming), or only upcoming, from the last entry | -| `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | -| `description` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `template_environment` | *Optional[str]* | :heavy_minus_sign: | Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. | -| `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `id` | *str* | :heavy_check_mark: | Unique ID for this input | +| `type` | [models.CreateInputTypeAppleUnifiedLogs](../models/createinputtypeappleunifiedlogs.md) | :heavy_check_mark: | N/A | +| `disabled` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `pipeline` | *Optional[str]* | :heavy_minus_sign: | Pipeline to process data from this Source before sending it through the Routes | +| `send_to_routes` | *Optional[bool]* | :heavy_minus_sign: | Select whether to send data to Routes, or directly to Destinations. | +| `environment` | *Optional[str]* | :heavy_minus_sign: | Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. | +| `pq_enabled` | *Optional[bool]* | :heavy_minus_sign: | Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). | +| `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | +| `connections` | List[[models.ConnectionConfInputCollection](../models/connectionconfinputcollection.md)] | :heavy_minus_sign: | Direct connections to Destinations, and optionally via a Pipeline or a Pack | +| `pq` | [Optional[models.PqType]](../models/pqtype.md) | :heavy_minus_sign: | N/A | +| `predicate` | *str* | :heavy_check_mark: | String to filter log entries, in NSPredicate format (e.g., subsystem == "com.apple.security" or process == "kernel"). See [Common Log Types and Predicates](https://docs.cribl.io/edge/sources-apple-unified-logs/#examples) for more information. | +| `read_mode` | [Optional[models.CreateInputReadModeAppleUnifiedLogs]](../models/createinputreadmodeappleunifiedlogs.md) | :heavy_minus_sign: | Read all log entries (historical and upcoming), or only upcoming, from the last entry | +| `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | +| `description` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_environment` | *Optional[str]* | :heavy_minus_sign: | Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. | +| `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | \ No newline at end of file diff --git a/docs/models/createinputinputconfluentcloud.md b/docs/models/createinputinputconfluentcloud.md index a566efeeb..2e9f31dfa 100644 --- a/docs/models/createinputinputconfluentcloud.md +++ b/docs/models/createinputinputconfluentcloud.md @@ -31,8 +31,8 @@ | `reauthentication_threshold` | *Optional[float]* | :heavy_minus_sign: | Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire. | | `sasl` | [Optional[models.AuthenticationType]](../models/authenticationtype.md) | :heavy_minus_sign: | Authentication parameters to use when connecting to brokers. Using TLS is highly recommended. | | `session_timeout` | *Optional[float]* | :heavy_minus_sign: |
Timeout used to detect client failures when using Kafka's group-management facilities.
If the client sends no heartbeats to the broker before the timeout expires,
the broker will remove the client from the group and initiate a rebalance.
Value must be between the broker's configured group.min.session.timeout.ms and group.max.session.timeout.ms.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. | -| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum allowed time for each worker to join the group after a rebalance begins.
If the timeout is exceeded, the coordinator broker will remove the worker from the group.
See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | -| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: | Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities.
Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | +| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: |
Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | +| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: |
Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | | `auto_commit_interval` | *Optional[float]* | :heavy_minus_sign: | How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | | `auto_commit_threshold` | *Optional[float]* | :heavy_minus_sign: | How many events are needed to trigger an offset commit. If both this and Offset commit interval are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | | `max_bytes_per_partition` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of data that Kafka will return per partition, per fetch request. Must equal or exceed the maximum message size (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, @{product} can get stuck trying to retrieve messages. Defaults to 1048576 (1 MB). | diff --git a/docs/models/createinputinputedgeprometheus.md b/docs/models/createinputinputedgeprometheus.md index 495918489..8001d82da 100644 --- a/docs/models/createinputinputedgeprometheus.md +++ b/docs/models/createinputinputedgeprometheus.md @@ -48,7 +48,11 @@ | `scrape_protocol_expr` | *Optional[str]* | :heavy_minus_sign: | Protocol to use when collecting metrics | | `scrape_port_expr` | *Optional[str]* | :heavy_minus_sign: | The port number in the metrics URL for discovered targets. | | `scrape_path_expr` | *Optional[str]* | :heavy_minus_sign: | Path to use when collecting metrics from discovered targets | -| `pod_filter` | List[[models.CreateInputPodFilter](../models/createinputpodfilter.md)] | :heavy_minus_sign: | Add rules to decide which pods to discover for metrics.
Pods are searched if no rules are given or of all the rules'
expressions evaluate to true.
| +| `pod_filter` | List[[models.CreateInputPodFilter](../models/createinputpodfilter.md)] | :heavy_minus_sign: |
Add rules to decide which pods to discover for metrics.
Pods are searched if no rules are given or of all the rules'
expressions evaluate to true.
| +| `http_discovery_url` | *Optional[str]* | :heavy_minus_sign: | URL to fetch target groups from (must be http or https) | +| `http_discovery_headers` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_minus_sign: | Extra headers to send with the discovery request | +| `http_discovery_reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified. | +| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB. | | `username` | *Optional[str]* | :heavy_minus_sign: | Username for Prometheus Basic authentication | | `password` | *Optional[str]* | :heavy_minus_sign: | Password for Prometheus Basic authentication | | `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a secret that references your credentials | diff --git a/docs/models/createinputinputeventhub.md b/docs/models/createinputinputeventhub.md index dba81b7b3..0e1f3300d 100644 --- a/docs/models/createinputinputeventhub.md +++ b/docs/models/createinputinputeventhub.md @@ -3,45 +3,45 @@ ## Fields -| Field | Type | Required | Description | -| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `id` | *str* | :heavy_check_mark: | Unique ID for this input | -| `type` | [models.CreateInputTypeEventhub](../models/createinputtypeeventhub.md) | :heavy_check_mark: | N/A | -| `disabled` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `pipeline` | *Optional[str]* | :heavy_minus_sign: | Pipeline to process data from this Source before sending it through the Routes | -| `send_to_routes` | *Optional[bool]* | :heavy_minus_sign: | Select whether to send data to Routes, or directly to Destinations. | -| `environment` | *Optional[str]* | :heavy_minus_sign: | Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. | -| `pq_enabled` | *Optional[bool]* | :heavy_minus_sign: | Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). | -| `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | -| `connections` | List[[models.ConnectionConfInputCollection](../models/connectionconfinputcollection.md)] | :heavy_minus_sign: | Direct connections to Destinations, and optionally via a Pipeline or a Pack | -| `pq` | [Optional[models.PqType]](../models/pqtype.md) | :heavy_minus_sign: | N/A | -| `brokers` | List[*str*] | :heavy_check_mark: | List of Event Hubs Kafka brokers to connect to (example: yourdomain.servicebus.windows.net:9093). The hostname can be found in the host portion of the primary or secondary connection string in Shared Access Policies. | -| `topics` | List[*str*] | :heavy_check_mark: | The name of the Event Hub (Kafka topic) to subscribe to. Warning: To optimize performance, Cribl suggests subscribing each Event Hubs Source to only a single topic. | -| `group_id` | *Optional[str]* | :heavy_minus_sign: | The consumer group this instance belongs to. Default is 'Cribl'. | -| `from_beginning` | *Optional[bool]* | :heavy_minus_sign: | Start reading from earliest available data; relevant only during initial subscription | -| `connection_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for a connection to complete successfully | -| `request_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for Kafka to respond to a request | -| `max_retries` | *Optional[float]* | :heavy_minus_sign: | If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data | -| `max_back_off` | *Optional[float]* | :heavy_minus_sign: | The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds). | -| `initial_backoff` | *Optional[float]* | :heavy_minus_sign: | Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes). | -| `backoff_rate` | *Optional[float]* | :heavy_minus_sign: | Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details. | -| `authentication_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for Kafka to respond to an authentication request | -| `reauthentication_threshold` | *Optional[float]* | :heavy_minus_sign: | Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire. | -| `sasl` | [Optional[models.AuthenticationTypeUse]](../models/authenticationtypeuse.md) | :heavy_minus_sign: | Authentication parameters to use when connecting to brokers. Using TLS is highly recommended. | -| `tls` | [Optional[models.TLSSettingsClientSideType]](../models/tlssettingsclientsidetype.md) | :heavy_minus_sign: | N/A | -| `session_timeout` | *Optional[float]* | :heavy_minus_sign: | Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities.
If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance.
Value must be lower than rebalanceTimeout.
See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | -| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins.
If the timeout is exceeded, the coordinator broker will remove the worker from the group.
See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | -| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: | Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities.
Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value.
See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | -| `auto_commit_interval` | *Optional[float]* | :heavy_minus_sign: | How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | -| `auto_commit_threshold` | *Optional[float]* | :heavy_minus_sign: | How many events are needed to trigger an offset commit. If both this and Offset commit interval are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | -| `max_bytes_per_partition` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of data that Kafka will return per partition, per fetch request. Must equal or exceed the maximum message size (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, @{product} can get stuck trying to retrieve messages. Defaults to 1048576 (1 MB). | -| `max_bytes` | *Optional[float]* | :heavy_minus_sign: | Maximum number of bytes that Kafka will return per fetch request. Defaults to 10485760 (10 MB). | -| `max_socket_errors` | *Optional[float]* | :heavy_minus_sign: | Maximum number of network errors before the consumer re-creates a socket | -| `minimize_duplicates` | *Optional[bool]* | :heavy_minus_sign: | Minimize duplicate events by starting only one consumer for each topic partition | -| `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | -| `description` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `template_environment` | *Optional[str]* | :heavy_minus_sign: | Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. | -| `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | -| `template_brokers` | *Optional[str]* | :heavy_minus_sign: | Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime. | -| `template_topics` | *Optional[str]* | :heavy_minus_sign: | Binds 'topics' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topics' at runtime. | -| `template_group_id` | *Optional[str]* | :heavy_minus_sign: | Binds 'groupId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'groupId' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| `id` | *str* | :heavy_check_mark: | Unique ID for this input | +| `type` | [models.CreateInputTypeEventhub](../models/createinputtypeeventhub.md) | :heavy_check_mark: | N/A | +| `disabled` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `pipeline` | *Optional[str]* | :heavy_minus_sign: | Pipeline to process data from this Source before sending it through the Routes | +| `send_to_routes` | *Optional[bool]* | :heavy_minus_sign: | Select whether to send data to Routes, or directly to Destinations. | +| `environment` | *Optional[str]* | :heavy_minus_sign: | Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. | +| `pq_enabled` | *Optional[bool]* | :heavy_minus_sign: | Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). | +| `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | +| `connections` | List[[models.ConnectionConfInputCollection](../models/connectionconfinputcollection.md)] | :heavy_minus_sign: | Direct connections to Destinations, and optionally via a Pipeline or a Pack | +| `pq` | [Optional[models.PqType]](../models/pqtype.md) | :heavy_minus_sign: | N/A | +| `brokers` | List[*str*] | :heavy_check_mark: | List of Event Hubs Kafka brokers to connect to (example: yourdomain.servicebus.windows.net:9093). The hostname can be found in the host portion of the primary or secondary connection string in Shared Access Policies. | +| `topics` | List[*str*] | :heavy_check_mark: | The name of the Event Hub (Kafka topic) to subscribe to. Warning: To optimize performance, Cribl suggests subscribing each Event Hubs Source to only a single topic. | +| `group_id` | *Optional[str]* | :heavy_minus_sign: | The consumer group this instance belongs to. Default is 'Cribl'. | +| `from_beginning` | *Optional[bool]* | :heavy_minus_sign: | Start reading from earliest available data; relevant only during initial subscription | +| `connection_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for a connection to complete successfully | +| `request_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for Kafka to respond to a request | +| `max_retries` | *Optional[float]* | :heavy_minus_sign: | If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data | +| `max_back_off` | *Optional[float]* | :heavy_minus_sign: | The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds). | +| `initial_backoff` | *Optional[float]* | :heavy_minus_sign: | Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes). | +| `backoff_rate` | *Optional[float]* | :heavy_minus_sign: | Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details. | +| `authentication_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for Kafka to respond to an authentication request | +| `reauthentication_threshold` | *Optional[float]* | :heavy_minus_sign: | Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire. | +| `sasl` | [Optional[models.AuthenticationTypeUse]](../models/authenticationtypeuse.md) | :heavy_minus_sign: | Authentication parameters to use when connecting to brokers. Using TLS is highly recommended. | +| `tls` | [Optional[models.TLSSettingsClientSideType]](../models/tlssettingsclientsidetype.md) | :heavy_minus_sign: | N/A | +| `session_timeout` | *Optional[float]* | :heavy_minus_sign: |
Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities. If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance. Value must be lower than rebalanceTimeout. See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | +| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: |
Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | +| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: |
Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | +| `auto_commit_interval` | *Optional[float]* | :heavy_minus_sign: | How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | +| `auto_commit_threshold` | *Optional[float]* | :heavy_minus_sign: | How many events are needed to trigger an offset commit. If both this and Offset commit interval are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | +| `max_bytes_per_partition` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of data that Kafka will return per partition, per fetch request. Must equal or exceed the maximum message size (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, @{product} can get stuck trying to retrieve messages. Defaults to 1048576 (1 MB). | +| `max_bytes` | *Optional[float]* | :heavy_minus_sign: | Maximum number of bytes that Kafka will return per fetch request. Defaults to 10485760 (10 MB). | +| `max_socket_errors` | *Optional[float]* | :heavy_minus_sign: | Maximum number of network errors before the consumer re-creates a socket | +| `minimize_duplicates` | *Optional[bool]* | :heavy_minus_sign: | Minimize duplicate events by starting only one consumer for each topic partition | +| `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | +| `description` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_environment` | *Optional[str]* | :heavy_minus_sign: | Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. | +| `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | +| `template_brokers` | *Optional[str]* | :heavy_minus_sign: | Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime. | +| `template_topics` | *Optional[str]* | :heavy_minus_sign: | Binds 'topics' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topics' at runtime. | +| `template_group_id` | *Optional[str]* | :heavy_minus_sign: | Binds 'groupId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'groupId' at runtime. | \ No newline at end of file diff --git a/docs/models/createinputinputjournalfiles.md b/docs/models/createinputinputjournalfiles.md index 28e4baaad..1eb6457a3 100644 --- a/docs/models/createinputinputjournalfiles.md +++ b/docs/models/createinputinputjournalfiles.md @@ -19,7 +19,7 @@ | `interval` | *Optional[float]* | :heavy_minus_sign: | Time, in seconds, between scanning for journals. | | `journals` | List[*str*] | :heavy_check_mark: | The full path of discovered journals are matched against this wildcard list. | | `rules` | List[[models.CreateInputInputJournalFilesRule](../models/createinputinputjournalfilesrule.md)] | :heavy_minus_sign: | Add rules to decide which journal objects to allow. Events are generated if no rules are given or if all the rules' expressions evaluate to true. | -| `current_boot` | *Optional[bool]* | :heavy_minus_sign: | Skip log messages that are not part of the current boot session. | +| `current_boot` | *Optional[bool]* | :heavy_minus_sign: | Skip log messages that are not part of the current boot session | | `max_age_dur` | *Optional[str]* | :heavy_minus_sign: | The maximum log message age, in duration form (e.g,: 60s, 4h, 3d, 1w). Default of no value will apply no max age filters. | | `suppress_missing_path_errors` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | diff --git a/docs/models/createinputinputkafka.md b/docs/models/createinputinputkafka.md index 11ba90ffe..f7d09f724 100644 --- a/docs/models/createinputinputkafka.md +++ b/docs/models/createinputinputkafka.md @@ -31,8 +31,8 @@ | `sasl` | [Optional[models.AuthenticationType]](../models/authenticationtype.md) | :heavy_minus_sign: | Authentication parameters to use when connecting to brokers. Using TLS is highly recommended. | | `tls` | [Optional[models.TLSSettingsClientSideTypeCaPathCertPath]](../models/tlssettingsclientsidetypecapathcertpath.md) | :heavy_minus_sign: | N/A | | `session_timeout` | *Optional[float]* | :heavy_minus_sign: |
Timeout used to detect client failures when using Kafka's group-management facilities.
If the client sends no heartbeats to the broker before the timeout expires,
the broker will remove the client from the group and initiate a rebalance.
Value must be between the broker's configured group.min.session.timeout.ms and group.max.session.timeout.ms.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. | -| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum allowed time for each worker to join the group after a rebalance begins.
If the timeout is exceeded, the coordinator broker will remove the worker from the group.
See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | -| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: | Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities.
Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | +| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: |
Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | +| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: |
Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | | `auto_commit_interval` | *Optional[float]* | :heavy_minus_sign: | How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | | `auto_commit_threshold` | *Optional[float]* | :heavy_minus_sign: | How many events are needed to trigger an offset commit. If both this and Offset commit interval are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | | `max_bytes_per_partition` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of data that Kafka will return per partition, per fetch request. Must equal or exceed the maximum message size (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, @{product} can get stuck trying to retrieve messages. Defaults to 1048576 (1 MB). | diff --git a/docs/models/createinputinputkubelogs.md b/docs/models/createinputinputkubelogs.md index 8281ede17..b3726aef8 100644 --- a/docs/models/createinputinputkubelogs.md +++ b/docs/models/createinputinputkubelogs.md @@ -18,6 +18,8 @@ | `interval` | *Optional[float]* | :heavy_minus_sign: | Time, in seconds, between checks for new containers. Default is 15 secs. | | `rules` | List[[models.CreateInputRuleKubeLogs](../models/createinputrulekubelogs.md)] | :heavy_minus_sign: | Add rules to decide which Pods to collect logs from. Logs are collected if no rules are given or if all the rules' expressions evaluate to true. | | `timestamps` | *Optional[bool]* | :heavy_minus_sign: | For use when containers do not emit a timestamp, prefix each line of output with a timestamp. If you enable this setting, you can use the Kubernetes Logs Event Breaker and the kubernetes_logs Pre-processing Pipeline to remove them from the events after the timestamps are extracted. | +| `line_buffer_limit` | *Optional[float]* | :heavy_minus_sign: | Maximum bytes to buffer while reassembling a single log line. A line that exceeds this size is flushed as-is, either whole or partially. The default is 1048576 (1 MB). | +| `lb_disable_assembly` | *Optional[bool]* | :heavy_minus_sign: | Internal flag to disable LB worker payload reassembly. | | `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | | `persistence` | [Optional[models.DiskSpoolingType]](../models/diskspoolingtype.md) | :heavy_minus_sign: | N/A | | `breaker_rulesets` | List[*str*] | :heavy_minus_sign: | A list of event-breaking rulesets that will be applied, in order, to the input data stream | diff --git a/docs/models/createinputinputmsk.md b/docs/models/createinputinputmsk.md index ee3242eb9..9c7ae020e 100644 --- a/docs/models/createinputinputmsk.md +++ b/docs/models/createinputinputmsk.md @@ -20,8 +20,8 @@ | `group_id` | *Optional[str]* | :heavy_minus_sign: | The consumer group to which this instance belongs. Defaults to 'Cribl'. | | `from_beginning` | *Optional[bool]* | :heavy_minus_sign: | Leave enabled if you want the Source, upon first subscribing to a topic, to read starting with the earliest available message | | `session_timeout` | *Optional[float]* | :heavy_minus_sign: |
Timeout used to detect client failures when using Kafka's group-management facilities.
If the client sends no heartbeats to the broker before the timeout expires,
the broker will remove the client from the group and initiate a rebalance.
Value must be between the broker's configured group.min.session.timeout.ms and group.max.session.timeout.ms.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. | -| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum allowed time for each worker to join the group after a rebalance begins.
If the timeout is exceeded, the coordinator broker will remove the worker from the group.
See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | -| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: | Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities.
Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | +| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: |
Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | +| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: |
Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | | `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | | `kafka_schema_registry` | [Optional[models.KafkaSchemaRegistryAuthenticationType]](../models/kafkaschemaregistryauthenticationtype.md) | :heavy_minus_sign: | N/A | | `connection_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for a connection to complete successfully | diff --git a/docs/models/createinputinputprometheus.md b/docs/models/createinputinputprometheus.md index e9d9d8cf9..63b6c9be7 100644 --- a/docs/models/createinputinputprometheus.md +++ b/docs/models/createinputinputprometheus.md @@ -49,6 +49,10 @@ | `assume_role_arn` | *Optional[str]* | :heavy_minus_sign: | Amazon Resource Name (ARN) of the role to assume | | `assume_role_external_id` | *Optional[str]* | :heavy_minus_sign: | External ID to use when assuming role | | `duration_seconds` | *Optional[float]* | :heavy_minus_sign: | Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). | +| `http_discovery_url` | *Optional[str]* | :heavy_minus_sign: | URL to fetch target groups from (must be http or https) | +| `http_discovery_headers` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_minus_sign: | Extra headers to send with the discovery request | +| `http_discovery_reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified. | +| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB. | | `username` | *Optional[str]* | :heavy_minus_sign: | Username for Prometheus Basic authentication | | `password` | *Optional[str]* | :heavy_minus_sign: | Password for Prometheus Basic authentication | | `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a secret that references your credentials | diff --git a/docs/models/createinputsystembypackauth.md b/docs/models/createinputsystembypackauth.md index fb0531cfc..ab7fe057c 100644 --- a/docs/models/createinputsystembypackauth.md +++ b/docs/models/createinputsystembypackauth.md @@ -9,7 +9,7 @@ | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | | `client_secret_auth_type` | [Optional[models.AuthenticationMethodOptionsAuth]](../models/authenticationmethodoptionsauth.md) | :heavy_minus_sign: | N/A | | `client_text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | -| `certificate` | [Optional[models.CertificateTypeAzureBlobAuthTypeClientCert]](../models/certificatetypeazureblobauthtypeclientcert.md) | :heavy_minus_sign: | N/A | +| `certificate` | [Optional[models.CreateInputSystemByPackCertificate]](../models/createinputsystembypackcertificate.md) | :heavy_minus_sign: | N/A | | `oauth_endpoint` | [Optional[models.MicrosoftEntraIDAuthenticationEndpointOptionsSasl]](../models/microsoftentraidauthenticationendpointoptionssasl.md) | :heavy_minus_sign: | Endpoint used to acquire authentication tokens from Azure | | `client_id` | *Optional[str]* | :heavy_minus_sign: | client_id to pass in the OAuth request parameter | | `tenant_id` | *Optional[str]* | :heavy_minus_sign: | Directory ID (tenant identifier) in Azure Active Directory | diff --git a/docs/models/createinputsystembypackauthtokencloudflarehec.md b/docs/models/createinputsystembypackauthtokencloudflarehec.md index 055b376c0..1ec9fe1e0 100644 --- a/docs/models/createinputsystembypackauthtokencloudflarehec.md +++ b/docs/models/createinputsystembypackauthtokencloudflarehec.md @@ -7,6 +7,7 @@ | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | | `auth_type` | [Optional[models.CreateInputSystemByPackAuthenticationMethodCloudflareHec]](../models/createinputsystembypackauthenticationmethodcloudflarehec.md) | :heavy_minus_sign: | Select Secret to use a text secret to authenticate | | `token_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | +| `token` | *Optional[str]* | :heavy_minus_sign: | Shared secret to be provided by any client (Authorization: ) | | `enabled` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `description` | *Optional[str]* | :heavy_minus_sign: | N/A | | `allowed_indexes_at_token` | List[*str*] | :heavy_minus_sign: | Enter the values you want to allow in the HEC event index field at the token level. Supports wildcards. To skip validation, leave blank. | diff --git a/docs/models/createinputsystembypackcertificate.md b/docs/models/createinputsystembypackcertificate.md new file mode 100644 index 000000000..d71f3f6f5 --- /dev/null +++ b/docs/models/createinputsystembypackcertificate.md @@ -0,0 +1,11 @@ +# CreateInputSystemByPackCertificate + + +## Fields + +| Field | Type | Required | Description | +| -------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------- | +| `certificate_name` | *str* | :heavy_check_mark: | The certificate you registered as credentials for your app in the Azure portal | +| `cert_path` | *str* | :heavy_check_mark: | Path on server containing certificates to use. PEM format. Can reference $ENV_VARS. | +| `priv_key_path` | *str* | :heavy_check_mark: | Path on server containing the private key to use. PEM format. Can reference $ENV_VARS. | +| `passphrase` | *Optional[str]* | :heavy_minus_sign: | Passphrase to use to decrypt private key | \ No newline at end of file diff --git a/docs/models/createinputsystembypackcontentconfiginput.md b/docs/models/createinputsystembypackcontentconfiginput.md index 2dc250937..255dfe49c 100644 --- a/docs/models/createinputsystembypackcontentconfiginput.md +++ b/docs/models/createinputsystembypackcontentconfiginput.md @@ -10,7 +10,7 @@ | `state_update_expression` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression that defines how to update the state from an event | | `state_merge_expression` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression that defines which state to keep when merging task state | | `manage_state` | [Optional[models.CreateInputSystemByPackManageStateOpenai]](../models/createinputsystembypackmanagestateopenai.md) | :heavy_minus_sign: | N/A | -| `request_params` | List[[models.RequestParamConfInputOpenai](../models/requestparamconfinputopenai.md)] | :heavy_check_mark: | Query-string parameters to send with this endpoint | +| `request_params` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_check_mark: | Query-string parameters to send with this endpoint | | `pagination_type` | [models.CreateInputSystemByPackPaginationType](../models/createinputsystembypackpaginationtype.md) | :heavy_check_mark: | N/A | | `pagination_attribute` | List[*str*] | :heavy_minus_sign: | N/A | | `pagination_last_page_expr` | *Optional[str]* | :heavy_minus_sign: | N/A | diff --git a/docs/models/createinputsystembypackdiscoverytypeedgeprometheus.md b/docs/models/createinputsystembypackdiscoverytypeedgeprometheus.md index bac78f545..079e6abdf 100644 --- a/docs/models/createinputsystembypackdiscoverytypeedgeprometheus.md +++ b/docs/models/createinputsystembypackdiscoverytypeedgeprometheus.md @@ -22,4 +22,5 @@ value = CreateInputSystemByPackDiscoveryTypeEdgePrometheus.STATIC | `EC2` | ec2 | | `K8S_NODE` | k8s-node | | `K8S_PODS` | k8s-pods | -| `K8S_SERVICE_MONITOR` | k8s-service-monitor | \ No newline at end of file +| `K8S_SERVICE_MONITOR` | k8s-service-monitor | +| `HTTP_SD` | http_sd | \ No newline at end of file diff --git a/docs/models/createinputsystembypackdiscoverytypeprometheus.md b/docs/models/createinputsystembypackdiscoverytypeprometheus.md index 309835c03..4e28f7c9f 100644 --- a/docs/models/createinputsystembypackdiscoverytypeprometheus.md +++ b/docs/models/createinputsystembypackdiscoverytypeprometheus.md @@ -15,8 +15,9 @@ value = CreateInputSystemByPackDiscoveryTypePrometheus.STATIC ## Values -| Name | Value | -| -------- | -------- | -| `STATIC` | static | -| `DNS` | dns | -| `EC2` | ec2 | \ No newline at end of file +| Name | Value | +| --------- | --------- | +| `STATIC` | static | +| `DNS` | dns | +| `EC2` | ec2 | +| `HTTP_SD` | http_sd | \ No newline at end of file diff --git a/docs/models/createinputsystembypackinputappleunifiedlogs.md b/docs/models/createinputsystembypackinputappleunifiedlogs.md index e6608594c..b478bce3e 100644 --- a/docs/models/createinputsystembypackinputappleunifiedlogs.md +++ b/docs/models/createinputsystembypackinputappleunifiedlogs.md @@ -3,21 +3,21 @@ ## Fields -| Field | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `id` | *str* | :heavy_check_mark: | Unique ID for this input | -| `type` | [models.CreateInputSystemByPackTypeAppleUnifiedLogs](../models/createinputsystembypacktypeappleunifiedlogs.md) | :heavy_check_mark: | N/A | -| `disabled` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `pipeline` | *Optional[str]* | :heavy_minus_sign: | Pipeline to process data from this Source before sending it through the Routes | -| `send_to_routes` | *Optional[bool]* | :heavy_minus_sign: | Select whether to send data to Routes, or directly to Destinations. | -| `environment` | *Optional[str]* | :heavy_minus_sign: | Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. | -| `pq_enabled` | *Optional[bool]* | :heavy_minus_sign: | Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). | -| `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | -| `connections` | List[[models.ConnectionConfInputCollection](../models/connectionconfinputcollection.md)] | :heavy_minus_sign: | Direct connections to Destinations, and optionally via a Pipeline or a Pack | -| `pq` | [Optional[models.PqType]](../models/pqtype.md) | :heavy_minus_sign: | N/A | -| `predicate` | *str* | :heavy_check_mark: | String to filter log entries, in NSPredicate format (e.g., subsystem == "com.apple.security" or process == "kernel"). See [Predicate format reference](https://developer.apple.com/library/archive/documentation/Cocoa/Conceptual/Predicates/AdditionalChapters/Introduction.html) for more information. | -| `read_mode` | [Optional[models.CreateInputSystemByPackReadModeAppleUnifiedLogs]](../models/createinputsystembypackreadmodeappleunifiedlogs.md) | :heavy_minus_sign: | Read all log entries (historical and upcoming), or only upcoming, from the last entry | -| `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | -| `description` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `template_environment` | *Optional[str]* | :heavy_minus_sign: | Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. | -| `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `id` | *str* | :heavy_check_mark: | Unique ID for this input | +| `type` | [models.CreateInputSystemByPackTypeAppleUnifiedLogs](../models/createinputsystembypacktypeappleunifiedlogs.md) | :heavy_check_mark: | N/A | +| `disabled` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `pipeline` | *Optional[str]* | :heavy_minus_sign: | Pipeline to process data from this Source before sending it through the Routes | +| `send_to_routes` | *Optional[bool]* | :heavy_minus_sign: | Select whether to send data to Routes, or directly to Destinations. | +| `environment` | *Optional[str]* | :heavy_minus_sign: | Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. | +| `pq_enabled` | *Optional[bool]* | :heavy_minus_sign: | Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). | +| `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | +| `connections` | List[[models.ConnectionConfInputCollection](../models/connectionconfinputcollection.md)] | :heavy_minus_sign: | Direct connections to Destinations, and optionally via a Pipeline or a Pack | +| `pq` | [Optional[models.PqType]](../models/pqtype.md) | :heavy_minus_sign: | N/A | +| `predicate` | *str* | :heavy_check_mark: | String to filter log entries, in NSPredicate format (e.g., subsystem == "com.apple.security" or process == "kernel"). See [Common Log Types and Predicates](https://docs.cribl.io/edge/sources-apple-unified-logs/#examples) for more information. | +| `read_mode` | [Optional[models.CreateInputSystemByPackReadModeAppleUnifiedLogs]](../models/createinputsystembypackreadmodeappleunifiedlogs.md) | :heavy_minus_sign: | Read all log entries (historical and upcoming), or only upcoming, from the last entry | +| `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | +| `description` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_environment` | *Optional[str]* | :heavy_minus_sign: | Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. | +| `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | \ No newline at end of file diff --git a/docs/models/createinputsystembypackinputconfluentcloud.md b/docs/models/createinputsystembypackinputconfluentcloud.md index 710cd56ff..bea850ff5 100644 --- a/docs/models/createinputsystembypackinputconfluentcloud.md +++ b/docs/models/createinputsystembypackinputconfluentcloud.md @@ -31,8 +31,8 @@ | `reauthentication_threshold` | *Optional[float]* | :heavy_minus_sign: | Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire. | | `sasl` | [Optional[models.AuthenticationType]](../models/authenticationtype.md) | :heavy_minus_sign: | Authentication parameters to use when connecting to brokers. Using TLS is highly recommended. | | `session_timeout` | *Optional[float]* | :heavy_minus_sign: |
Timeout used to detect client failures when using Kafka's group-management facilities.
If the client sends no heartbeats to the broker before the timeout expires,
the broker will remove the client from the group and initiate a rebalance.
Value must be between the broker's configured group.min.session.timeout.ms and group.max.session.timeout.ms.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. | -| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum allowed time for each worker to join the group after a rebalance begins.
If the timeout is exceeded, the coordinator broker will remove the worker from the group.
See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | -| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: | Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities.
Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | +| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: |
Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | +| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: |
Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | | `auto_commit_interval` | *Optional[float]* | :heavy_minus_sign: | How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | | `auto_commit_threshold` | *Optional[float]* | :heavy_minus_sign: | How many events are needed to trigger an offset commit. If both this and Offset commit interval are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | | `max_bytes_per_partition` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of data that Kafka will return per partition, per fetch request. Must equal or exceed the maximum message size (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, @{product} can get stuck trying to retrieve messages. Defaults to 1048576 (1 MB). | diff --git a/docs/models/createinputsystembypackinputedgeprometheus.md b/docs/models/createinputsystembypackinputedgeprometheus.md index 7adbac44e..dc63efa5b 100644 --- a/docs/models/createinputsystembypackinputedgeprometheus.md +++ b/docs/models/createinputsystembypackinputedgeprometheus.md @@ -48,7 +48,11 @@ | `scrape_protocol_expr` | *Optional[str]* | :heavy_minus_sign: | Protocol to use when collecting metrics | | `scrape_port_expr` | *Optional[str]* | :heavy_minus_sign: | The port number in the metrics URL for discovered targets. | | `scrape_path_expr` | *Optional[str]* | :heavy_minus_sign: | Path to use when collecting metrics from discovered targets | -| `pod_filter` | List[[models.CreateInputSystemByPackPodFilter](../models/createinputsystembypackpodfilter.md)] | :heavy_minus_sign: | Add rules to decide which pods to discover for metrics.
Pods are searched if no rules are given or of all the rules'
expressions evaluate to true.
| +| `pod_filter` | List[[models.CreateInputSystemByPackPodFilter](../models/createinputsystembypackpodfilter.md)] | :heavy_minus_sign: |
Add rules to decide which pods to discover for metrics.
Pods are searched if no rules are given or of all the rules'
expressions evaluate to true.
| +| `http_discovery_url` | *Optional[str]* | :heavy_minus_sign: | URL to fetch target groups from (must be http or https) | +| `http_discovery_headers` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_minus_sign: | Extra headers to send with the discovery request | +| `http_discovery_reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified. | +| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB. | | `username` | *Optional[str]* | :heavy_minus_sign: | Username for Prometheus Basic authentication | | `password` | *Optional[str]* | :heavy_minus_sign: | Password for Prometheus Basic authentication | | `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a secret that references your credentials | diff --git a/docs/models/createinputsystembypackinputeventhub.md b/docs/models/createinputsystembypackinputeventhub.md index b3335bf0a..096f7c162 100644 --- a/docs/models/createinputsystembypackinputeventhub.md +++ b/docs/models/createinputsystembypackinputeventhub.md @@ -3,45 +3,45 @@ ## Fields -| Field | Type | Required | Description | -| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `id` | *str* | :heavy_check_mark: | Unique ID for this input | -| `type` | [models.CreateInputSystemByPackTypeEventhub](../models/createinputsystembypacktypeeventhub.md) | :heavy_check_mark: | N/A | -| `disabled` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `pipeline` | *Optional[str]* | :heavy_minus_sign: | Pipeline to process data from this Source before sending it through the Routes | -| `send_to_routes` | *Optional[bool]* | :heavy_minus_sign: | Select whether to send data to Routes, or directly to Destinations. | -| `environment` | *Optional[str]* | :heavy_minus_sign: | Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. | -| `pq_enabled` | *Optional[bool]* | :heavy_minus_sign: | Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). | -| `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | -| `connections` | List[[models.ConnectionConfInputCollection](../models/connectionconfinputcollection.md)] | :heavy_minus_sign: | Direct connections to Destinations, and optionally via a Pipeline or a Pack | -| `pq` | [Optional[models.PqType]](../models/pqtype.md) | :heavy_minus_sign: | N/A | -| `brokers` | List[*str*] | :heavy_check_mark: | List of Event Hubs Kafka brokers to connect to (example: yourdomain.servicebus.windows.net:9093). The hostname can be found in the host portion of the primary or secondary connection string in Shared Access Policies. | -| `topics` | List[*str*] | :heavy_check_mark: | The name of the Event Hub (Kafka topic) to subscribe to. Warning: To optimize performance, Cribl suggests subscribing each Event Hubs Source to only a single topic. | -| `group_id` | *Optional[str]* | :heavy_minus_sign: | The consumer group this instance belongs to. Default is 'Cribl'. | -| `from_beginning` | *Optional[bool]* | :heavy_minus_sign: | Start reading from earliest available data; relevant only during initial subscription | -| `connection_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for a connection to complete successfully | -| `request_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for Kafka to respond to a request | -| `max_retries` | *Optional[float]* | :heavy_minus_sign: | If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data | -| `max_back_off` | *Optional[float]* | :heavy_minus_sign: | The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds). | -| `initial_backoff` | *Optional[float]* | :heavy_minus_sign: | Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes). | -| `backoff_rate` | *Optional[float]* | :heavy_minus_sign: | Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details. | -| `authentication_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for Kafka to respond to an authentication request | -| `reauthentication_threshold` | *Optional[float]* | :heavy_minus_sign: | Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire. | -| `sasl` | [Optional[models.AuthenticationTypeUse]](../models/authenticationtypeuse.md) | :heavy_minus_sign: | Authentication parameters to use when connecting to brokers. Using TLS is highly recommended. | -| `tls` | [Optional[models.TLSSettingsClientSideType]](../models/tlssettingsclientsidetype.md) | :heavy_minus_sign: | N/A | -| `session_timeout` | *Optional[float]* | :heavy_minus_sign: | Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities.
If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance.
Value must be lower than rebalanceTimeout.
See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | -| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins.
If the timeout is exceeded, the coordinator broker will remove the worker from the group.
See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | -| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: | Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities.
Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value.
See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | -| `auto_commit_interval` | *Optional[float]* | :heavy_minus_sign: | How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | -| `auto_commit_threshold` | *Optional[float]* | :heavy_minus_sign: | How many events are needed to trigger an offset commit. If both this and Offset commit interval are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | -| `max_bytes_per_partition` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of data that Kafka will return per partition, per fetch request. Must equal or exceed the maximum message size (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, @{product} can get stuck trying to retrieve messages. Defaults to 1048576 (1 MB). | -| `max_bytes` | *Optional[float]* | :heavy_minus_sign: | Maximum number of bytes that Kafka will return per fetch request. Defaults to 10485760 (10 MB). | -| `max_socket_errors` | *Optional[float]* | :heavy_minus_sign: | Maximum number of network errors before the consumer re-creates a socket | -| `minimize_duplicates` | *Optional[bool]* | :heavy_minus_sign: | Minimize duplicate events by starting only one consumer for each topic partition | -| `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | -| `description` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `template_environment` | *Optional[str]* | :heavy_minus_sign: | Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. | -| `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | -| `template_brokers` | *Optional[str]* | :heavy_minus_sign: | Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime. | -| `template_topics` | *Optional[str]* | :heavy_minus_sign: | Binds 'topics' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topics' at runtime. | -| `template_group_id` | *Optional[str]* | :heavy_minus_sign: | Binds 'groupId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'groupId' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| `id` | *str* | :heavy_check_mark: | Unique ID for this input | +| `type` | [models.CreateInputSystemByPackTypeEventhub](../models/createinputsystembypacktypeeventhub.md) | :heavy_check_mark: | N/A | +| `disabled` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `pipeline` | *Optional[str]* | :heavy_minus_sign: | Pipeline to process data from this Source before sending it through the Routes | +| `send_to_routes` | *Optional[bool]* | :heavy_minus_sign: | Select whether to send data to Routes, or directly to Destinations. | +| `environment` | *Optional[str]* | :heavy_minus_sign: | Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. | +| `pq_enabled` | *Optional[bool]* | :heavy_minus_sign: | Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). | +| `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | +| `connections` | List[[models.ConnectionConfInputCollection](../models/connectionconfinputcollection.md)] | :heavy_minus_sign: | Direct connections to Destinations, and optionally via a Pipeline or a Pack | +| `pq` | [Optional[models.PqType]](../models/pqtype.md) | :heavy_minus_sign: | N/A | +| `brokers` | List[*str*] | :heavy_check_mark: | List of Event Hubs Kafka brokers to connect to (example: yourdomain.servicebus.windows.net:9093). The hostname can be found in the host portion of the primary or secondary connection string in Shared Access Policies. | +| `topics` | List[*str*] | :heavy_check_mark: | The name of the Event Hub (Kafka topic) to subscribe to. Warning: To optimize performance, Cribl suggests subscribing each Event Hubs Source to only a single topic. | +| `group_id` | *Optional[str]* | :heavy_minus_sign: | The consumer group this instance belongs to. Default is 'Cribl'. | +| `from_beginning` | *Optional[bool]* | :heavy_minus_sign: | Start reading from earliest available data; relevant only during initial subscription | +| `connection_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for a connection to complete successfully | +| `request_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for Kafka to respond to a request | +| `max_retries` | *Optional[float]* | :heavy_minus_sign: | If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data | +| `max_back_off` | *Optional[float]* | :heavy_minus_sign: | The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds). | +| `initial_backoff` | *Optional[float]* | :heavy_minus_sign: | Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes). | +| `backoff_rate` | *Optional[float]* | :heavy_minus_sign: | Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details. | +| `authentication_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for Kafka to respond to an authentication request | +| `reauthentication_threshold` | *Optional[float]* | :heavy_minus_sign: | Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire. | +| `sasl` | [Optional[models.AuthenticationTypeUse]](../models/authenticationtypeuse.md) | :heavy_minus_sign: | Authentication parameters to use when connecting to brokers. Using TLS is highly recommended. | +| `tls` | [Optional[models.TLSSettingsClientSideType]](../models/tlssettingsclientsidetype.md) | :heavy_minus_sign: | N/A | +| `session_timeout` | *Optional[float]* | :heavy_minus_sign: |
Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities. If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance. Value must be lower than rebalanceTimeout. See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | +| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: |
Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | +| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: |
Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | +| `auto_commit_interval` | *Optional[float]* | :heavy_minus_sign: | How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | +| `auto_commit_threshold` | *Optional[float]* | :heavy_minus_sign: | How many events are needed to trigger an offset commit. If both this and Offset commit interval are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | +| `max_bytes_per_partition` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of data that Kafka will return per partition, per fetch request. Must equal or exceed the maximum message size (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, @{product} can get stuck trying to retrieve messages. Defaults to 1048576 (1 MB). | +| `max_bytes` | *Optional[float]* | :heavy_minus_sign: | Maximum number of bytes that Kafka will return per fetch request. Defaults to 10485760 (10 MB). | +| `max_socket_errors` | *Optional[float]* | :heavy_minus_sign: | Maximum number of network errors before the consumer re-creates a socket | +| `minimize_duplicates` | *Optional[bool]* | :heavy_minus_sign: | Minimize duplicate events by starting only one consumer for each topic partition | +| `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | +| `description` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_environment` | *Optional[str]* | :heavy_minus_sign: | Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. | +| `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | +| `template_brokers` | *Optional[str]* | :heavy_minus_sign: | Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime. | +| `template_topics` | *Optional[str]* | :heavy_minus_sign: | Binds 'topics' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topics' at runtime. | +| `template_group_id` | *Optional[str]* | :heavy_minus_sign: | Binds 'groupId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'groupId' at runtime. | \ No newline at end of file diff --git a/docs/models/createinputsystembypackinputjournalfiles.md b/docs/models/createinputsystembypackinputjournalfiles.md index f4129e4a5..0cc25f5ce 100644 --- a/docs/models/createinputsystembypackinputjournalfiles.md +++ b/docs/models/createinputsystembypackinputjournalfiles.md @@ -19,7 +19,7 @@ | `interval` | *Optional[float]* | :heavy_minus_sign: | Time, in seconds, between scanning for journals. | | `journals` | List[*str*] | :heavy_check_mark: | The full path of discovered journals are matched against this wildcard list. | | `rules` | List[[models.CreateInputSystemByPackInputJournalFilesRule](../models/createinputsystembypackinputjournalfilesrule.md)] | :heavy_minus_sign: | Add rules to decide which journal objects to allow. Events are generated if no rules are given or if all the rules' expressions evaluate to true. | -| `current_boot` | *Optional[bool]* | :heavy_minus_sign: | Skip log messages that are not part of the current boot session. | +| `current_boot` | *Optional[bool]* | :heavy_minus_sign: | Skip log messages that are not part of the current boot session | | `max_age_dur` | *Optional[str]* | :heavy_minus_sign: | The maximum log message age, in duration form (e.g,: 60s, 4h, 3d, 1w). Default of no value will apply no max age filters. | | `suppress_missing_path_errors` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | diff --git a/docs/models/createinputsystembypackinputkafka.md b/docs/models/createinputsystembypackinputkafka.md index 254609d7f..1373f8415 100644 --- a/docs/models/createinputsystembypackinputkafka.md +++ b/docs/models/createinputsystembypackinputkafka.md @@ -31,8 +31,8 @@ | `sasl` | [Optional[models.AuthenticationType]](../models/authenticationtype.md) | :heavy_minus_sign: | Authentication parameters to use when connecting to brokers. Using TLS is highly recommended. | | `tls` | [Optional[models.TLSSettingsClientSideTypeCaPathCertPath]](../models/tlssettingsclientsidetypecapathcertpath.md) | :heavy_minus_sign: | N/A | | `session_timeout` | *Optional[float]* | :heavy_minus_sign: |
Timeout used to detect client failures when using Kafka's group-management facilities.
If the client sends no heartbeats to the broker before the timeout expires,
the broker will remove the client from the group and initiate a rebalance.
Value must be between the broker's configured group.min.session.timeout.ms and group.max.session.timeout.ms.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. | -| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum allowed time for each worker to join the group after a rebalance begins.
If the timeout is exceeded, the coordinator broker will remove the worker from the group.
See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | -| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: | Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities.
Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | +| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: |
Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | +| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: |
Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | | `auto_commit_interval` | *Optional[float]* | :heavy_minus_sign: | How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | | `auto_commit_threshold` | *Optional[float]* | :heavy_minus_sign: | How many events are needed to trigger an offset commit. If both this and Offset commit interval are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | | `max_bytes_per_partition` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of data that Kafka will return per partition, per fetch request. Must equal or exceed the maximum message size (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, @{product} can get stuck trying to retrieve messages. Defaults to 1048576 (1 MB). | diff --git a/docs/models/createinputsystembypackinputkubelogs.md b/docs/models/createinputsystembypackinputkubelogs.md index 4323a3122..ee71df8c5 100644 --- a/docs/models/createinputsystembypackinputkubelogs.md +++ b/docs/models/createinputsystembypackinputkubelogs.md @@ -18,6 +18,8 @@ | `interval` | *Optional[float]* | :heavy_minus_sign: | Time, in seconds, between checks for new containers. Default is 15 secs. | | `rules` | List[[models.CreateInputSystemByPackRuleKubeLogs](../models/createinputsystembypackrulekubelogs.md)] | :heavy_minus_sign: | Add rules to decide which Pods to collect logs from. Logs are collected if no rules are given or if all the rules' expressions evaluate to true. | | `timestamps` | *Optional[bool]* | :heavy_minus_sign: | For use when containers do not emit a timestamp, prefix each line of output with a timestamp. If you enable this setting, you can use the Kubernetes Logs Event Breaker and the kubernetes_logs Pre-processing Pipeline to remove them from the events after the timestamps are extracted. | +| `line_buffer_limit` | *Optional[float]* | :heavy_minus_sign: | Maximum bytes to buffer while reassembling a single log line. A line that exceeds this size is flushed as-is, either whole or partially. The default is 1048576 (1 MB). | +| `lb_disable_assembly` | *Optional[bool]* | :heavy_minus_sign: | Internal flag to disable LB worker payload reassembly. | | `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | | `persistence` | [Optional[models.DiskSpoolingType]](../models/diskspoolingtype.md) | :heavy_minus_sign: | N/A | | `breaker_rulesets` | List[*str*] | :heavy_minus_sign: | A list of event-breaking rulesets that will be applied, in order, to the input data stream | diff --git a/docs/models/createinputsystembypackinputmsk.md b/docs/models/createinputsystembypackinputmsk.md index 306588b8c..e0f998502 100644 --- a/docs/models/createinputsystembypackinputmsk.md +++ b/docs/models/createinputsystembypackinputmsk.md @@ -20,8 +20,8 @@ | `group_id` | *Optional[str]* | :heavy_minus_sign: | The consumer group to which this instance belongs. Defaults to 'Cribl'. | | `from_beginning` | *Optional[bool]* | :heavy_minus_sign: | Leave enabled if you want the Source, upon first subscribing to a topic, to read starting with the earliest available message | | `session_timeout` | *Optional[float]* | :heavy_minus_sign: |
Timeout used to detect client failures when using Kafka's group-management facilities.
If the client sends no heartbeats to the broker before the timeout expires,
the broker will remove the client from the group and initiate a rebalance.
Value must be between the broker's configured group.min.session.timeout.ms and group.max.session.timeout.ms.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. | -| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum allowed time for each worker to join the group after a rebalance begins.
If the timeout is exceeded, the coordinator broker will remove the worker from the group.
See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | -| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: | Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities.
Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | +| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: |
Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | +| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: |
Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | | `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | | `kafka_schema_registry` | [Optional[models.KafkaSchemaRegistryAuthenticationType]](../models/kafkaschemaregistryauthenticationtype.md) | :heavy_minus_sign: | N/A | | `connection_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for a connection to complete successfully | diff --git a/docs/models/createinputsystembypackinputprometheus.md b/docs/models/createinputsystembypackinputprometheus.md index 755a7209b..ccea691b7 100644 --- a/docs/models/createinputsystembypackinputprometheus.md +++ b/docs/models/createinputsystembypackinputprometheus.md @@ -49,6 +49,10 @@ | `assume_role_arn` | *Optional[str]* | :heavy_minus_sign: | Amazon Resource Name (ARN) of the role to assume | | `assume_role_external_id` | *Optional[str]* | :heavy_minus_sign: | External ID to use when assuming role | | `duration_seconds` | *Optional[float]* | :heavy_minus_sign: | Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). | +| `http_discovery_url` | *Optional[str]* | :heavy_minus_sign: | URL to fetch target groups from (must be http or https) | +| `http_discovery_headers` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_minus_sign: | Extra headers to send with the discovery request | +| `http_discovery_reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified. | +| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB. | | `username` | *Optional[str]* | :heavy_minus_sign: | Username for Prometheus Basic authentication | | `password` | *Optional[str]* | :heavy_minus_sign: | Password for Prometheus Basic authentication | | `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a secret that references your credentials | diff --git a/docs/models/outputresponseendpoint.md b/docs/models/createoutputendpointdynatracehttp.md similarity index 64% rename from docs/models/outputresponseendpoint.md rename to docs/models/createoutputendpointdynatracehttp.md index a4d01cb74..e8cec37e5 100644 --- a/docs/models/outputresponseendpoint.md +++ b/docs/models/createoutputendpointdynatracehttp.md @@ -1,11 +1,11 @@ -# OutputResponseEndpoint +# CreateOutputEndpointDynatraceHTTP ## Example Usage ```python -from cribl_control_plane.models import OutputResponseEndpoint +from cribl_control_plane.models import CreateOutputEndpointDynatraceHTTP -value = OutputResponseEndpoint.CLOUD +value = CreateOutputEndpointDynatraceHTTP.CLOUD # Open enum: unrecognized values are captured as UnrecognizedStr ``` diff --git a/docs/models/createoutputendpointgooglecloudobservability.md b/docs/models/createoutputendpointgooglecloudobservability.md new file mode 100644 index 000000000..df075d4c1 --- /dev/null +++ b/docs/models/createoutputendpointgooglecloudobservability.md @@ -0,0 +1,20 @@ +# CreateOutputEndpointGoogleCloudObservability + +Fixed Google Cloud Observability gRPC endpoint. All three signals share this transport; the OTLP service path determines whether the call lands on traces, metrics, or logs. + +## Example Usage + +```python +from cribl_control_plane.models import CreateOutputEndpointGoogleCloudObservability + +value = CreateOutputEndpointGoogleCloudObservability.TELEMETRY_GOOGLEAPIS_COM_443 + +# Open enum: unrecognized values are captured as UnrecognizedStr +``` + + +## Values + +| Name | Value | +| ------------------------------ | ------------------------------ | +| `TELEMETRY_GOOGLEAPIS_COM_443` | telemetry.googleapis.com:443 | \ No newline at end of file diff --git a/docs/models/createoutputformatcribllake.md b/docs/models/createoutputformatcribllake.md index eab7022d4..944ce29dd 100644 --- a/docs/models/createoutputformatcribllake.md +++ b/docs/models/createoutputformatcribllake.md @@ -13,8 +13,9 @@ value = CreateOutputFormatCriblLake.JSON ## Values -| Name | Value | -| --------- | --------- | -| `JSON` | json | -| `PARQUET` | parquet | -| `DDSS` | ddss | \ No newline at end of file +| Name | Value | +| ---------- | ---------- | +| `JSON` | json | +| `PARQUET` | parquet | +| `DDSS` | ddss | +| `NETSKOPE` | netskope | \ No newline at end of file diff --git a/docs/models/createoutputgoogleauthenticationmethod.md b/docs/models/createoutputgoogleauthenticationmethod.md new file mode 100644 index 000000000..4cba5db6b --- /dev/null +++ b/docs/models/createoutputgoogleauthenticationmethod.md @@ -0,0 +1,21 @@ +# CreateOutputGoogleAuthenticationMethod + +Choose Auto to use Google Application Default Credentials (ADC). Choose Secret to select or create a stored secret that references Google service account credentials. + +## Example Usage + +```python +from cribl_control_plane.models import CreateOutputGoogleAuthenticationMethod + +value = CreateOutputGoogleAuthenticationMethod.AUTO + +# Open enum: unrecognized values are captured as UnrecognizedStr +``` + + +## Values + +| Name | Value | +| -------- | -------- | +| `AUTO` | auto | +| `SECRET` | secret | \ No newline at end of file diff --git a/docs/models/createoutputotlpversiongooglecloudobservability.md b/docs/models/createoutputotlpversiongooglecloudobservability.md new file mode 100644 index 000000000..b260d994b --- /dev/null +++ b/docs/models/createoutputotlpversiongooglecloudobservability.md @@ -0,0 +1,18 @@ +# CreateOutputOtlpVersionGoogleCloudObservability + +## Example Usage + +```python +from cribl_control_plane.models import CreateOutputOtlpVersionGoogleCloudObservability + +value = CreateOutputOtlpVersionGoogleCloudObservability.ONE_DOT_3_DOT_1 + +# Open enum: unrecognized values are captured as UnrecognizedStr +``` + + +## Values + +| Name | Value | +| ----------------- | ----------------- | +| `ONE_DOT_3_DOT_1` | 1.3.1 | \ No newline at end of file diff --git a/docs/models/createoutputotlpversion.md b/docs/models/createoutputotlpversionopentelemetry.md similarity index 67% rename from docs/models/createoutputotlpversion.md rename to docs/models/createoutputotlpversionopentelemetry.md index 5abdfb0f4..2c4a20b7e 100644 --- a/docs/models/createoutputotlpversion.md +++ b/docs/models/createoutputotlpversionopentelemetry.md @@ -1,13 +1,13 @@ -# CreateOutputOTLPVersion +# CreateOutputOTLPVersionOpenTelemetry The version of OTLP Protobuf definitions to use when structuring data to send ## Example Usage ```python -from cribl_control_plane.models import CreateOutputOTLPVersion +from cribl_control_plane.models import CreateOutputOTLPVersionOpenTelemetry -value = CreateOutputOTLPVersion.ZERO_DOT_10_DOT_0 +value = CreateOutputOTLPVersionOpenTelemetry.ZERO_DOT_10_DOT_0 # Open enum: unrecognized values are captured as UnrecognizedStr ``` diff --git a/docs/models/createoutputoutputazuredataexplorer.md b/docs/models/createoutputoutputazuredataexplorer.md index 75ff341cf..d8eae0c13 100644 --- a/docs/models/createoutputoutputazuredataexplorer.md +++ b/docs/models/createoutputoutputazuredataexplorer.md @@ -89,7 +89,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsAzureDataExplorer]](../models/createoutputpqcontrolsazuredataexplorer.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_cluster_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'clusterUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clusterUrl' at runtime. | diff --git a/docs/models/createoutputoutputazureeventhub.md b/docs/models/createoutputoutputazureeventhub.md index 3f68452ed..bac5a6259 100644 --- a/docs/models/createoutputoutputazureeventhub.md +++ b/docs/models/createoutputoutputazureeventhub.md @@ -40,7 +40,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsAzureEventhub]](../models/createoutputpqcontrolsazureeventhub.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_brokers` | *Optional[str]* | :heavy_minus_sign: | Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime. | diff --git a/docs/models/createoutputoutputazurelogs.md b/docs/models/createoutputoutputazurelogs.md index be1c2a448..9d60b9ba1 100644 --- a/docs/models/createoutputoutputazurelogs.md +++ b/docs/models/createoutputoutputazurelogs.md @@ -41,7 +41,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsAzureLogs]](../models/createoutputpqcontrolsazurelogs.md) | :heavy_minus_sign: | N/A | | `workspace_id` | *Optional[str]* | :heavy_minus_sign: | Azure Log Analytics Workspace ID. See Azure Dashboard Workspace > Advanced settings. | | `workspace_key` | *Optional[str]* | :heavy_minus_sign: | Azure Log Analytics Workspace Primary or Secondary Shared Key. See Azure Dashboard Workspace > Advanced settings. | diff --git a/docs/models/createoutputoutputchronicle.md b/docs/models/createoutputoutputchronicle.md index 510bcb646..6018cdf2f 100644 --- a/docs/models/createoutputoutputchronicle.md +++ b/docs/models/createoutputoutputchronicle.md @@ -51,7 +51,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsChronicle]](../models/createoutputpqcontrolschronicle.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_region` | *Optional[str]* | :heavy_minus_sign: | Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. | diff --git a/docs/models/createoutputoutputclickhouse.md b/docs/models/createoutputoutputclickhouse.md index 0ffad1f95..68837caf9 100644 --- a/docs/models/createoutputoutputclickhouse.md +++ b/docs/models/createoutputoutputclickhouse.md @@ -33,6 +33,7 @@ | `response_retry_settings` | List[[models.ResponseRetrySettingConfOutputWebhook](../models/responseretrysettingconfoutputwebhook.md)] | :heavy_minus_sign: | Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) | | `timeout_retry_settings` | [Optional[models.TimeoutRetrySettingsType]](../models/timeoutretrysettingstype.md) | :heavy_minus_sign: | N/A | | `response_honor_retry_after_header` | *Optional[bool]* | :heavy_minus_sign: | Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. | +| `workload` | *Optional[str]* | :heavy_minus_sign: | Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification. | | `dump_format_errors_to_disk` | *Optional[bool]* | :heavy_minus_sign: | Log the most recent event that fails to match the table schema | | `on_backpressure` | [Optional[models.BackpressureBehaviorOptions]](../models/backpressurebehavioroptions.md) | :heavy_minus_sign: | How to handle events when all receivers are exerting backpressure | | `description` | *Optional[str]* | :heavy_minus_sign: | N/A | @@ -54,7 +55,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsClickHouse]](../models/createoutputpqcontrolsclickhouse.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/createoutputoutputcloudwatch.md b/docs/models/createoutputoutputcloudwatch.md index b3fd414c2..6b100c41f 100644 --- a/docs/models/createoutputoutputcloudwatch.md +++ b/docs/models/createoutputoutputcloudwatch.md @@ -40,7 +40,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsCloudwatch]](../models/createoutputpqcontrolscloudwatch.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_log_group_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'logGroupName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logGroupName' at runtime. | diff --git a/docs/models/createoutputoutputconfluentcloud.md b/docs/models/createoutputoutputconfluentcloud.md index 2591a338b..256238b8a 100644 --- a/docs/models/createoutputoutputconfluentcloud.md +++ b/docs/models/createoutputoutputconfluentcloud.md @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsConfluentCloud]](../models/createoutputpqcontrolsconfluentcloud.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_brokers` | *Optional[str]* | :heavy_minus_sign: | Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime. | diff --git a/docs/models/createoutputoutputcriblhttp.md b/docs/models/createoutputoutputcriblhttp.md index 4aa47cfb0..05b897c1c 100644 --- a/docs/models/createoutputoutputcriblhttp.md +++ b/docs/models/createoutputoutputcriblhttp.md @@ -48,7 +48,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsCriblHTTP]](../models/createoutputpqcontrolscriblhttp.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/createoutputoutputcriblsearchengine.md b/docs/models/createoutputoutputcriblsearchengine.md index cc0ebe20b..0d5a19fbd 100644 --- a/docs/models/createoutputoutputcriblsearchengine.md +++ b/docs/models/createoutputoutputcriblsearchengine.md @@ -48,7 +48,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsCriblSearchEngine]](../models/createoutputpqcontrolscriblsearchengine.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/createoutputoutputcribltcp.md b/docs/models/createoutputoutputcribltcp.md index 413a8de24..9db253e37 100644 --- a/docs/models/createoutputoutputcribltcp.md +++ b/docs/models/createoutputoutputcribltcp.md @@ -40,7 +40,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsCriblTCP]](../models/createoutputpqcontrolscribltcp.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_on_backpressure` | *Optional[str]* | :heavy_minus_sign: | Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. | diff --git a/docs/models/createoutputoutputcrowdstrikenextgensiem.md b/docs/models/createoutputoutputcrowdstrikenextgensiem.md index 03eafd55c..3ef4a2eeb 100644 --- a/docs/models/createoutputoutputcrowdstrikenextgensiem.md +++ b/docs/models/createoutputoutputcrowdstrikenextgensiem.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsCrowdstrikeNextGenSiem]](../models/createoutputpqcontrolscrowdstrikenextgensiem.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/createoutputoutputdatadog.md b/docs/models/createoutputoutputdatadog.md index 637e3c3fe..c95ab1f73 100644 --- a/docs/models/createoutputoutputdatadog.md +++ b/docs/models/createoutputoutputdatadog.md @@ -51,7 +51,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsDatadog]](../models/createoutputpqcontrolsdatadog.md) | :heavy_minus_sign: | N/A | | `api_key` | *Optional[str]* | :heavy_minus_sign: | Organization's API key in Datadog | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/createoutputoutputdataset.md b/docs/models/createoutputoutputdataset.md index f3cc6421d..658f68288 100644 --- a/docs/models/createoutputoutputdataset.md +++ b/docs/models/createoutputoutputdataset.md @@ -46,7 +46,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsDataset]](../models/createoutputpqcontrolsdataset.md) | :heavy_minus_sign: | N/A | | `api_key` | *Optional[str]* | :heavy_minus_sign: | A 'Log Write Access' API key for the DataSet account | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/createoutputoutputdynatracehttp.md b/docs/models/createoutputoutputdynatracehttp.md index e52cede4c..0f3ef1038 100644 --- a/docs/models/createoutputoutputdynatracehttp.md +++ b/docs/models/createoutputoutputdynatracehttp.md @@ -30,7 +30,7 @@ | `on_backpressure` | [Optional[models.BackpressureBehaviorOptions]](../models/backpressurebehavioroptions.md) | :heavy_minus_sign: | How to handle events when all receivers are exerting backpressure | | `auth_type` | [Optional[models.CreateOutputAuthenticationTypeDynatraceHTTP]](../models/createoutputauthenticationtypedynatracehttp.md) | :heavy_minus_sign: | N/A | | `format_` | [models.CreateOutputFormatDynatraceHTTP](../models/createoutputformatdynatracehttp.md) | :heavy_check_mark: | How to format events before sending. Defaults to JSON. Plaintext is not currently supported. | -| `endpoint` | [models.CreateOutputEndpoint](../models/createoutputendpoint.md) | :heavy_check_mark: | N/A | +| `endpoint` | [models.CreateOutputEndpointDynatraceHTTP](../models/createoutputendpointdynatracehttp.md) | :heavy_check_mark: | N/A | | `telemetry_type` | [models.CreateOutputTelemetryType](../models/createoutputtelemetrytype.md) | :heavy_check_mark: | N/A | | `total_memory_limit_kb` | *Optional[float]* | :heavy_minus_sign: | Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced. | | `description` | *Optional[str]* | :heavy_minus_sign: | N/A | @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsDynatraceHTTP]](../models/createoutputpqcontrolsdynatracehttp.md) | :heavy_minus_sign: | N/A | | `token` | *Optional[str]* | :heavy_minus_sign: | Bearer token to include in the authorization header | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/createoutputoutputdynatraceotlp.md b/docs/models/createoutputoutputdynatraceotlp.md index 569121adf..b1ef4ef5b 100644 --- a/docs/models/createoutputoutputdynatraceotlp.md +++ b/docs/models/createoutputoutputdynatraceotlp.md @@ -52,7 +52,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsDynatraceOtlp]](../models/createoutputpqcontrolsdynatraceotlp.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/createoutputoutputelastic.md b/docs/models/createoutputoutputelastic.md index 94511182e..1721b69d4 100644 --- a/docs/models/createoutputoutputelastic.md +++ b/docs/models/createoutputoutputelastic.md @@ -52,7 +52,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsElastic]](../models/createoutputpqcontrolselastic.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_index` | *Optional[str]* | :heavy_minus_sign: | Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime. | diff --git a/docs/models/createoutputoutputelasticcloud.md b/docs/models/createoutputoutputelasticcloud.md index d73eacdd5..b9ce3dff4 100644 --- a/docs/models/createoutputoutputelasticcloud.md +++ b/docs/models/createoutputoutputelasticcloud.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsElasticCloud]](../models/createoutputpqcontrolselasticcloud.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/createoutputoutputgooglechronicle.md b/docs/models/createoutputoutputgooglechronicle.md index bbcb92abe..b4cda50ae 100644 --- a/docs/models/createoutputoutputgooglechronicle.md +++ b/docs/models/createoutputoutputgooglechronicle.md @@ -53,7 +53,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsGoogleChronicle]](../models/createoutputpqcontrolsgooglechronicle.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_api_version` | *Optional[str]* | :heavy_minus_sign: | Binds 'apiVersion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'apiVersion' at runtime. | diff --git a/docs/models/createoutputoutputgooglecloudlogging.md b/docs/models/createoutputoutputgooglecloudlogging.md index 7803715cc..5c83aec99 100644 --- a/docs/models/createoutputoutputgooglecloudlogging.md +++ b/docs/models/createoutputoutputgooglecloudlogging.md @@ -73,7 +73,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsGoogleCloudLogging]](../models/createoutputpqcontrolsgooglecloudlogging.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_log_location_type` | *Optional[str]* | :heavy_minus_sign: | Binds 'logLocationType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationType' at runtime. | diff --git a/docs/models/createoutputoutputgooglecloudobservability.md b/docs/models/createoutputoutputgooglecloudobservability.md new file mode 100644 index 000000000..356282020 --- /dev/null +++ b/docs/models/createoutputoutputgooglecloudobservability.md @@ -0,0 +1,47 @@ +# CreateOutputOutputGoogleCloudObservability + + +## Fields + +| Field | Type | Required | Description | +| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `id` | *str* | :heavy_check_mark: | Unique ID for this output | +| `type` | [models.CreateOutputTypeGoogleCloudObservability](../models/createoutputtypegooglecloudobservability.md) | :heavy_check_mark: | N/A | +| `pipeline` | *Optional[str]* | :heavy_minus_sign: | Pipeline to process data before sending out to this output | +| `system_fields` | List[*str*] | :heavy_minus_sign: | Fields to automatically add to events, such as cribl_pipe. Supports wildcards. | +| `environment` | *Optional[str]* | :heavy_minus_sign: | Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. | +| `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | +| `protocol` | [Optional[models.CreateOutputProtocolGoogleCloudObservability]](../models/createoutputprotocolgooglecloudobservability.md) | :heavy_minus_sign: | N/A | +| `otlp_version` | [Optional[models.CreateOutputOtlpVersionGoogleCloudObservability]](../models/createoutputotlpversiongooglecloudobservability.md) | :heavy_minus_sign: | N/A | +| `endpoint` | [Optional[models.CreateOutputEndpointGoogleCloudObservability]](../models/createoutputendpointgooglecloudobservability.md) | :heavy_minus_sign: | Fixed Google Cloud Observability gRPC endpoint. All three signals share this transport; the OTLP service path determines whether the call lands on traces, metrics, or logs. | +| `google_auth_method` | [models.CreateOutputGoogleAuthenticationMethod](../models/createoutputgoogleauthenticationmethod.md) | :heavy_check_mark: | Choose Auto to use Google Application Default Credentials (ADC). Choose Secret to select or create a stored secret that references Google service account credentials. | +| `metadata` | List[[models.KeyValueMetadataConfOutputFilesystem](../models/keyvaluemetadataconfoutputfilesystem.md)] | :heavy_minus_sign: | List of key-value pairs to send with each gRPC request. Value supports JavaScript expressions that are evaluated just once, when the destination gets started. To pass credentials as metadata, use 'C.Secret'. | +| `dynamic_headers_enabled` | *Optional[bool]* | :heavy_minus_sign: | Batch event data upon dynamic metadata (whether presented or not) | +| `dynamic_headers_field` | *Optional[str]* | :heavy_minus_sign: | When presented, this field which contains metadata, will be injected into the Destination metadata and used to batch events. | +| `concurrency` | *Optional[float]* | :heavy_minus_sign: | Maximum number of ongoing requests before blocking | +| `max_payload_size_kb` | *Optional[float]* | :heavy_minus_sign: | Maximum size, in KB, of the request body sent to Google Cloud Observability | +| `timeout_sec` | *Optional[float]* | :heavy_minus_sign: | Amount of time, in seconds, to wait for a request to complete before canceling it | +| `flush_period_sec` | *Optional[float]* | :heavy_minus_sign: | Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. | +| `failed_request_logging_mode` | [Optional[models.FailedRequestLoggingModeOptions]](../models/failedrequestloggingmodeoptions.md) | :heavy_minus_sign: | Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below. | +| `connection_timeout` | *Optional[float]* | :heavy_minus_sign: | Amount of time (milliseconds) to wait for the connection to establish before retrying | +| `keep_alive_time` | *Optional[float]* | :heavy_minus_sign: | How often the sender should ping the peer to keep the connection open | +| `tls` | [Optional[models.TLSSettingsClientSideTypeExtended]](../models/tlssettingsclientsidetypeextended.md) | :heavy_minus_sign: | N/A | +| `max_payload_events` | *Optional[float]* | :heavy_minus_sign: | Max number of events to include in the request body. Default is 0 (unlimited). Use to keep outgoing data points within GCO request limits. For metrics, combine with the OTLP Metrics function batchSize. | +| `on_backpressure` | [Optional[models.BackpressureBehaviorOptions]](../models/backpressurebehavioroptions.md) | :heavy_minus_sign: | How to handle events when all receivers are exerting backpressure | +| `description` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | +| `pq_strict_ordering` | *Optional[bool]* | :heavy_minus_sign: | Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. | +| `pq_rate_per_sec` | *Optional[float]* | :heavy_minus_sign: | Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. | +| `pq_mode` | [Optional[models.ModeOptions]](../models/modeoptions.md) | :heavy_minus_sign: | In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem. | +| `pq_max_buffer_size` | *Optional[float]* | :heavy_minus_sign: | Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. | +| `pq_max_backpressure_sec` | *Optional[float]* | :heavy_minus_sign: | How long (in seconds) to wait for backpressure to resolve before engaging the queue | +| `pq_max_file_size` | *Optional[str]* | :heavy_minus_sign: | The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) | +| `pq_max_size` | *Optional[str]* | :heavy_minus_sign: | The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. | +| `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | +| `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | +| `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | +| `pq_controls` | [Optional[models.CreateOutputPqControlsGoogleCloudObservability]](../models/createoutputpqcontrolsgooglecloudobservability.md) | :heavy_minus_sign: | N/A | +| `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | +| `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | +| `template_on_backpressure` | *Optional[str]* | :heavy_minus_sign: | Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. | \ No newline at end of file diff --git a/docs/models/createoutputoutputgooglepubsub.md b/docs/models/createoutputoutputgooglepubsub.md index a0298faca..0d9d82088 100644 --- a/docs/models/createoutputoutputgooglepubsub.md +++ b/docs/models/createoutputoutputgooglepubsub.md @@ -36,7 +36,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsGooglePubsub]](../models/createoutputpqcontrolsgooglepubsub.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_topic_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'topicName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicName' at runtime. | diff --git a/docs/models/createoutputoutputgrafanacloudgrafanacloud1.md b/docs/models/createoutputoutputgrafanacloudgrafanacloud1.md index 14b985279..d90465260 100644 --- a/docs/models/createoutputoutputgrafanacloudgrafanacloud1.md +++ b/docs/models/createoutputoutputgrafanacloudgrafanacloud1.md @@ -15,7 +15,7 @@ | `prometheus_url` | *Optional[str]* | :heavy_minus_sign: | The remote_write endpoint to send Prometheus metrics to, such as https://prometheus-blocks-prod-us-central1.grafana.net/api/prom/push | | `message` | *Optional[str]* | :heavy_minus_sign: | Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event. | | `message_format` | [Optional[models.MessageFormatOptions]](../models/messageformatoptions.md) | :heavy_minus_sign: | Format to use when sending logs to Loki (Protobuf or JSON) | -| `labels` | List[[models.RequestParamConfInputOpenai](../models/requestparamconfinputopenai.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | +| `labels` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | | `metric_rename_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression that can be used to rename metrics. For example, name.replace(/\./g, '_') will replace all '.' characters in a metric's name with the supported '_' character. Use the 'name' global variable to access the metric's name. You can access event fields' values via __e.. | | `prometheus_auth` | [Optional[models.PrometheusAuthType]](../models/prometheusauthtype.md) | :heavy_minus_sign: | N/A | | `loki_auth` | [Optional[models.PrometheusAuthType]](../models/prometheusauthtype.md) | :heavy_minus_sign: | N/A | @@ -45,7 +45,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputOutputGrafanaCloudPqControls1]](../models/createoutputoutputgrafanacloudpqcontrols1.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_loki_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'lokiUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'lokiUrl' at runtime. | diff --git a/docs/models/createoutputoutputgrafanacloudgrafanacloud2.md b/docs/models/createoutputoutputgrafanacloudgrafanacloud2.md index b3592b4ac..bffe52c90 100644 --- a/docs/models/createoutputoutputgrafanacloudgrafanacloud2.md +++ b/docs/models/createoutputoutputgrafanacloudgrafanacloud2.md @@ -15,7 +15,7 @@ | `prometheus_url` | *str* | :heavy_check_mark: | The remote_write endpoint to send Prometheus metrics to, such as https://prometheus-blocks-prod-us-central1.grafana.net/api/prom/push | | `message` | *Optional[str]* | :heavy_minus_sign: | Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event. | | `message_format` | [Optional[models.MessageFormatOptions]](../models/messageformatoptions.md) | :heavy_minus_sign: | Format to use when sending logs to Loki (Protobuf or JSON) | -| `labels` | List[[models.RequestParamConfInputOpenai](../models/requestparamconfinputopenai.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | +| `labels` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | | `metric_rename_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression that can be used to rename metrics. For example, name.replace(/\./g, '_') will replace all '.' characters in a metric's name with the supported '_' character. Use the 'name' global variable to access the metric's name. You can access event fields' values via __e.. | | `prometheus_auth` | [Optional[models.PrometheusAuthType]](../models/prometheusauthtype.md) | :heavy_minus_sign: | N/A | | `loki_auth` | [Optional[models.PrometheusAuthType]](../models/prometheusauthtype.md) | :heavy_minus_sign: | N/A | @@ -45,7 +45,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputOutputGrafanaCloudPqControls2]](../models/createoutputoutputgrafanacloudpqcontrols2.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_loki_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'lokiUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'lokiUrl' at runtime. | diff --git a/docs/models/createoutputoutputgraphite.md b/docs/models/createoutputoutputgraphite.md index fc170f2b2..995ffa712 100644 --- a/docs/models/createoutputoutputgraphite.md +++ b/docs/models/createoutputoutputgraphite.md @@ -32,7 +32,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsGraphite]](../models/createoutputpqcontrolsgraphite.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_on_backpressure` | *Optional[str]* | :heavy_minus_sign: | Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. | \ No newline at end of file diff --git a/docs/models/createoutputoutputhoneycomb.md b/docs/models/createoutputoutputhoneycomb.md index 85e1de900..49e57e957 100644 --- a/docs/models/createoutputoutputhoneycomb.md +++ b/docs/models/createoutputoutputhoneycomb.md @@ -39,7 +39,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsHoneycomb]](../models/createoutputpqcontrolshoneycomb.md) | :heavy_minus_sign: | N/A | | `team` | *Optional[str]* | :heavy_minus_sign: | Team API key where the dataset belongs | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/createoutputoutputhumiohec.md b/docs/models/createoutputoutputhumiohec.md index c8d4a08e3..b98d1eb0d 100644 --- a/docs/models/createoutputoutputhumiohec.md +++ b/docs/models/createoutputoutputhumiohec.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsHumioHec]](../models/createoutputpqcontrolshumiohec.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/createoutputoutputinfluxdb.md b/docs/models/createoutputoutputinfluxdb.md index d9e039e9c..7fcd88078 100644 --- a/docs/models/createoutputoutputinfluxdb.md +++ b/docs/models/createoutputoutputinfluxdb.md @@ -46,7 +46,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsInfluxdb]](../models/createoutputpqcontrolsinfluxdb.md) | :heavy_minus_sign: | N/A | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | | `password` | *Optional[str]* | :heavy_minus_sign: | N/A | diff --git a/docs/models/createoutputoutputkafka.md b/docs/models/createoutputoutputkafka.md index 67c717a6a..e429aef24 100644 --- a/docs/models/createoutputoutputkafka.md +++ b/docs/models/createoutputoutputkafka.md @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsKafka]](../models/createoutputpqcontrolskafka.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_topic` | *Optional[str]* | :heavy_minus_sign: | Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime. | diff --git a/docs/models/createoutputoutputkinesis.md b/docs/models/createoutputoutputkinesis.md index 8389c5cbc..30c6f4bae 100644 --- a/docs/models/createoutputoutputkinesis.md +++ b/docs/models/createoutputoutputkinesis.md @@ -43,7 +43,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsKinesis]](../models/createoutputpqcontrolskinesis.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_stream_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime. | diff --git a/docs/models/createoutputoutputlocalsearchstorage.md b/docs/models/createoutputoutputlocalsearchstorage.md index 079d96764..e62735fdc 100644 --- a/docs/models/createoutputoutputlocalsearchstorage.md +++ b/docs/models/createoutputoutputlocalsearchstorage.md @@ -33,6 +33,7 @@ | `response_retry_settings` | List[[models.ResponseRetrySettingConfOutputWebhook](../models/responseretrysettingconfoutputwebhook.md)] | :heavy_minus_sign: | Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) | | `timeout_retry_settings` | [Optional[models.TimeoutRetrySettingsType]](../models/timeoutretrysettingstype.md) | :heavy_minus_sign: | N/A | | `response_honor_retry_after_header` | *Optional[bool]* | :heavy_minus_sign: | Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. | +| `workload` | *Optional[str]* | :heavy_minus_sign: | Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification. | | `dump_format_errors_to_disk` | *Optional[bool]* | :heavy_minus_sign: | Log the most recent event that fails to match the table schema | | `on_backpressure` | [Optional[models.BackpressureBehaviorOptions]](../models/backpressurebehavioroptions.md) | :heavy_minus_sign: | How to handle events when all receivers are exerting backpressure | | `stats_destination` | [Optional[models.CreateOutputStatsDestination]](../models/createoutputstatsdestination.md) | :heavy_minus_sign: | N/A | @@ -55,7 +56,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsLocalSearchStorage]](../models/createoutputpqcontrolslocalsearchstorage.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/createoutputoutputloki.md b/docs/models/createoutputoutputloki.md index 7abe0500f..6af101592 100644 --- a/docs/models/createoutputoutputloki.md +++ b/docs/models/createoutputoutputloki.md @@ -14,7 +14,7 @@ | `url` | *str* | :heavy_check_mark: | The endpoint to send logs to | | `message` | *Optional[str]* | :heavy_minus_sign: | Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event. | | `message_format` | [Optional[models.MessageFormatOptions]](../models/messageformatoptions.md) | :heavy_minus_sign: | Format to use when sending logs to Loki (Protobuf or JSON) | -| `labels` | List[[models.RequestParamConfInputOpenai](../models/requestparamconfinputopenai.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | +| `labels` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | | `auth_type` | [Optional[models.AuthenticationTypeOptionsPrometheusAuthBasicCredentialsSecret]](../models/authenticationtypeoptionsprometheusauthbasiccredentialssecret.md) | :heavy_minus_sign: | N/A | | `concurrency` | *Optional[float]* | :heavy_minus_sign: | Maximum number of ongoing requests before blocking. Warning: Setting this value > 1 can cause Loki to complain about entries being delivered out of order. | | `max_payload_size_kb` | *Optional[float]* | :heavy_minus_sign: | Maximum size, in KB, of the request body. Warning: Setting this too low can increase the number of ongoing requests (depending on the value of 'Request concurrency'); this can cause Loki to complain about entries being delivered out of order. | @@ -49,7 +49,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsLoki]](../models/createoutputpqcontrolsloki.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/createoutputoutputmicrosoftfabric.md b/docs/models/createoutputoutputmicrosoftfabric.md index 074c615a8..76b855f9d 100644 --- a/docs/models/createoutputoutputmicrosoftfabric.md +++ b/docs/models/createoutputoutputmicrosoftfabric.md @@ -40,7 +40,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsMicrosoftFabric]](../models/createoutputpqcontrolsmicrosoftfabric.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_topic` | *Optional[str]* | :heavy_minus_sign: | Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime. | diff --git a/docs/models/createoutputoutputmsk.md b/docs/models/createoutputoutputmsk.md index 6162a632d..523393601 100644 --- a/docs/models/createoutputoutputmsk.md +++ b/docs/models/createoutputoutputmsk.md @@ -55,7 +55,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsMsk]](../models/createoutputpqcontrolsmsk.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_topic` | *Optional[str]* | :heavy_minus_sign: | Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime. | diff --git a/docs/models/createoutputoutputnewrelic.md b/docs/models/createoutputoutputnewrelic.md index 3c4547df2..a8200a7ed 100644 --- a/docs/models/createoutputoutputnewrelic.md +++ b/docs/models/createoutputoutputnewrelic.md @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsNewrelic]](../models/createoutputpqcontrolsnewrelic.md) | :heavy_minus_sign: | N/A | | `api_key` | *Optional[str]* | :heavy_minus_sign: | New Relic API key. Can be overridden using __newRelic_apiKey field. | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/createoutputoutputnewrelicevents.md b/docs/models/createoutputoutputnewrelicevents.md index a241e85a8..2d4502ffd 100644 --- a/docs/models/createoutputoutputnewrelicevents.md +++ b/docs/models/createoutputoutputnewrelicevents.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsNewrelicEvents]](../models/createoutputpqcontrolsnewrelicevents.md) | :heavy_minus_sign: | N/A | | `api_key` | *Optional[str]* | :heavy_minus_sign: | New Relic API key. Can be overridden using __newRelic_apiKey field. | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/createoutputoutputopentelemetry.md b/docs/models/createoutputoutputopentelemetry.md index 2ffc167f1..3c58232fa 100644 --- a/docs/models/createoutputoutputopentelemetry.md +++ b/docs/models/createoutputoutputopentelemetry.md @@ -13,7 +13,7 @@ | `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | | `protocol` | [Optional[models.ProtocolOptions]](../models/protocoloptions.md) | :heavy_minus_sign: | Select a transport option for OpenTelemetry | | `endpoint` | *str* | :heavy_check_mark: | The endpoint where OTel events will be sent. Enter any valid URL or an IP address (IPv4 or IPv6; enclose IPv6 addresses in square brackets). Unspecified ports will default to 4317, unless the endpoint is an HTTPS-based URL or TLS is enabled, in which case 443 will be used. | -| `otlp_version` | [Optional[models.CreateOutputOTLPVersion]](../models/createoutputotlpversion.md) | :heavy_minus_sign: | The version of OTLP Protobuf definitions to use when structuring data to send | +| `otlp_version` | [Optional[models.CreateOutputOTLPVersionOpenTelemetry]](../models/createoutputotlpversionopentelemetry.md) | :heavy_minus_sign: | The version of OTLP Protobuf definitions to use when structuring data to send | | `compress` | [Optional[models.CompressionOptionsDeflateGzip]](../models/compressionoptionsdeflategzip.md) | :heavy_minus_sign: | Type of compression to apply to messages sent to the OpenTelemetry endpoint | | `http_compress` | [Optional[models.CompressionOptionsMessages]](../models/compressionoptionsmessages.md) | :heavy_minus_sign: | Type of compression to apply to messages sent to the OpenTelemetry endpoint | | `auth_type` | [Optional[models.CreateOutputAuthenticationTypeOpenTelemetry]](../models/createoutputauthenticationtypeopentelemetry.md) | :heavy_minus_sign: | N/A | @@ -64,7 +64,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsOpenTelemetry]](../models/createoutputpqcontrolsopentelemetry.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/createoutputoutputprometheus.md b/docs/models/createoutputoutputprometheus.md index d11b1dda9..41f2b4cb7 100644 --- a/docs/models/createoutputoutputprometheus.md +++ b/docs/models/createoutputoutputprometheus.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsPrometheus]](../models/createoutputpqcontrolsprometheus.md) | :heavy_minus_sign: | N/A | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | | `password` | *Optional[str]* | :heavy_minus_sign: | N/A | diff --git a/docs/models/createoutputoutputsentinel.md b/docs/models/createoutputoutputsentinel.md index c8423ddc8..8b7c09f08 100644 --- a/docs/models/createoutputoutputsentinel.md +++ b/docs/models/createoutputoutputsentinel.md @@ -54,7 +54,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsSentinel]](../models/createoutputpqcontrolssentinel.md) | :heavy_minus_sign: | N/A | | `url` | *Optional[str]* | :heavy_minus_sign: | URL to send events to. Can be overwritten by an event's __url field. | | `dcr_id` | *Optional[str]* | :heavy_minus_sign: | Immutable ID for the Data Collection Rule (DCR) | diff --git a/docs/models/createoutputoutputsentineloneaisiem.md b/docs/models/createoutputoutputsentineloneaisiem.md index 059106c6b..90e064e85 100644 --- a/docs/models/createoutputoutputsentineloneaisiem.md +++ b/docs/models/createoutputoutputsentineloneaisiem.md @@ -56,7 +56,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsSentinelOneAiSiem]](../models/createoutputpqcontrolssentineloneaisiem.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/createoutputoutputservicenow.md b/docs/models/createoutputoutputservicenow.md index 5aa5fea69..cb5bbbe35 100644 --- a/docs/models/createoutputoutputservicenow.md +++ b/docs/models/createoutputoutputservicenow.md @@ -52,7 +52,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsServiceNow]](../models/createoutputpqcontrolsservicenow.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/createoutputoutputsignalfx.md b/docs/models/createoutputoutputsignalfx.md index b1ce86e77..21bf4df80 100644 --- a/docs/models/createoutputoutputsignalfx.md +++ b/docs/models/createoutputoutputsignalfx.md @@ -41,7 +41,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsSignalfx]](../models/createoutputpqcontrolssignalfx.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/createoutputoutputsns.md b/docs/models/createoutputoutputsns.md index 268f80a56..958348ebd 100644 --- a/docs/models/createoutputoutputsns.md +++ b/docs/models/createoutputoutputsns.md @@ -38,7 +38,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsSns]](../models/createoutputpqcontrolssns.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_topic_arn` | *Optional[str]* | :heavy_minus_sign: | Binds 'topicArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicArn' at runtime. | diff --git a/docs/models/createoutputoutputsplunk.md b/docs/models/createoutputoutputsplunk.md index e4dfa85f7..262ac0464 100644 --- a/docs/models/createoutputoutputsplunk.md +++ b/docs/models/createoutputoutputsplunk.md @@ -37,7 +37,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsSplunk]](../models/createoutputpqcontrolssplunk.md) | :heavy_minus_sign: | N/A | | `auth_token` | *Optional[str]* | :heavy_minus_sign: | Shared secret token to use when establishing a connection to a Splunk indexer. | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/createoutputoutputsplunkhec.md b/docs/models/createoutputoutputsplunkhec.md index f8216dd90..5cc7c78c2 100644 --- a/docs/models/createoutputoutputsplunkhec.md +++ b/docs/models/createoutputoutputsplunkhec.md @@ -50,7 +50,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsSplunkHec]](../models/createoutputpqcontrolssplunkhec.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/createoutputoutputsplunklb.md b/docs/models/createoutputoutputsplunklb.md index bd29dd442..00f72321a 100644 --- a/docs/models/createoutputoutputsplunklb.md +++ b/docs/models/createoutputoutputsplunklb.md @@ -43,7 +43,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsSplunkLb]](../models/createoutputpqcontrolssplunklb.md) | :heavy_minus_sign: | N/A | | `auth_token` | *Optional[str]* | :heavy_minus_sign: | Shared secret token to use when establishing a connection to a Splunk indexer. | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/createoutputoutputsqs.md b/docs/models/createoutputoutputsqs.md index 558a00606..7c9cf0143 100644 --- a/docs/models/createoutputoutputsqs.md +++ b/docs/models/createoutputoutputsqs.md @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsSqs]](../models/createoutputpqcontrolssqs.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_queue_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'queueName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'queueName' at runtime. | diff --git a/docs/models/createoutputoutputstatsd.md b/docs/models/createoutputoutputstatsd.md index 8993769c8..9dacbcff8 100644 --- a/docs/models/createoutputoutputstatsd.md +++ b/docs/models/createoutputoutputstatsd.md @@ -32,7 +32,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsStatsd]](../models/createoutputpqcontrolsstatsd.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_on_backpressure` | *Optional[str]* | :heavy_minus_sign: | Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. | \ No newline at end of file diff --git a/docs/models/createoutputoutputstatsdext.md b/docs/models/createoutputoutputstatsdext.md index 88c3cee1b..489363089 100644 --- a/docs/models/createoutputoutputstatsdext.md +++ b/docs/models/createoutputoutputstatsdext.md @@ -32,7 +32,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsStatsdExt]](../models/createoutputpqcontrolsstatsdext.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_on_backpressure` | *Optional[str]* | :heavy_minus_sign: | Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. | \ No newline at end of file diff --git a/docs/models/createoutputoutputsumologic.md b/docs/models/createoutputoutputsumologic.md index 806b84a40..bb4da5c36 100644 --- a/docs/models/createoutputoutputsumologic.md +++ b/docs/models/createoutputoutputsumologic.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsSumoLogic]](../models/createoutputpqcontrolssumologic.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/createoutputoutputsyslog.md b/docs/models/createoutputoutputsyslog.md index c411dbae8..dd1fa8652 100644 --- a/docs/models/createoutputoutputsyslog.md +++ b/docs/models/createoutputoutputsyslog.md @@ -46,7 +46,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsSyslog]](../models/createoutputpqcontrolssyslog.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_host` | *Optional[str]* | :heavy_minus_sign: | Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. | diff --git a/docs/models/createoutputoutputtcpjson.md b/docs/models/createoutputoutputtcpjson.md index 6dd582cb1..ea3cca70d 100644 --- a/docs/models/createoutputoutputtcpjson.md +++ b/docs/models/createoutputoutputtcpjson.md @@ -40,7 +40,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsTcpjson]](../models/createoutputpqcontrolstcpjson.md) | :heavy_minus_sign: | N/A | | `auth_token` | *Optional[str]* | :heavy_minus_sign: | Optional authentication token to include as part of the connection header | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/createoutputoutputwavefront.md b/docs/models/createoutputoutputwavefront.md index ae2465d4d..4ffb45477 100644 --- a/docs/models/createoutputoutputwavefront.md +++ b/docs/models/createoutputoutputwavefront.md @@ -41,7 +41,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsWavefront]](../models/createoutputpqcontrolswavefront.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/createoutputoutputwebhookwebhook1.md b/docs/models/createoutputoutputwebhookwebhook1.md index e50ebaa4e..1d1a3fe06 100644 --- a/docs/models/createoutputoutputwebhookwebhook1.md +++ b/docs/models/createoutputoutputwebhookwebhook1.md @@ -52,7 +52,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputOutputWebhookPqControls1]](../models/createoutputoutputwebhookpqcontrols1.md) | :heavy_minus_sign: | N/A | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | | `password` | *Optional[str]* | :heavy_minus_sign: | N/A | diff --git a/docs/models/createoutputoutputwebhookwebhook2.md b/docs/models/createoutputoutputwebhookwebhook2.md index 0262b8665..8356c7cd2 100644 --- a/docs/models/createoutputoutputwebhookwebhook2.md +++ b/docs/models/createoutputoutputwebhookwebhook2.md @@ -52,7 +52,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputOutputWebhookPqControls2]](../models/createoutputoutputwebhookpqcontrols2.md) | :heavy_minus_sign: | N/A | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | | `password` | *Optional[str]* | :heavy_minus_sign: | N/A | diff --git a/docs/models/createoutputoutputwizhec.md b/docs/models/createoutputoutputwizhec.md index b86a3105f..d6312d67d 100644 --- a/docs/models/createoutputoutputwizhec.md +++ b/docs/models/createoutputoutputwizhec.md @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsWizHec]](../models/createoutputpqcontrolswizhec.md) | :heavy_minus_sign: | N/A | | `token` | *Optional[str]* | :heavy_minus_sign: | Wiz Defend Auth token | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/createoutputoutputxsiam.md b/docs/models/createoutputoutputxsiam.md index 76ffe35cc..4d62b5715 100644 --- a/docs/models/createoutputoutputxsiam.md +++ b/docs/models/createoutputoutputxsiam.md @@ -48,7 +48,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputPqControlsXsiam]](../models/createoutputpqcontrolsxsiam.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/createoutputpqcontrolsgooglecloudobservability.md b/docs/models/createoutputpqcontrolsgooglecloudobservability.md new file mode 100644 index 000000000..300b9dfd3 --- /dev/null +++ b/docs/models/createoutputpqcontrolsgooglecloudobservability.md @@ -0,0 +1,7 @@ +# CreateOutputPqControlsGoogleCloudObservability + + +## Fields + +| Field | Type | Required | Description | +| ----------- | ----------- | ----------- | ----------- | \ No newline at end of file diff --git a/docs/models/createoutputprotocolgooglecloudobservability.md b/docs/models/createoutputprotocolgooglecloudobservability.md new file mode 100644 index 000000000..e7538512b --- /dev/null +++ b/docs/models/createoutputprotocolgooglecloudobservability.md @@ -0,0 +1,18 @@ +# CreateOutputProtocolGoogleCloudObservability + +## Example Usage + +```python +from cribl_control_plane.models import CreateOutputProtocolGoogleCloudObservability + +value = CreateOutputProtocolGoogleCloudObservability.GRPC + +# Open enum: unrecognized values are captured as UnrecognizedStr +``` + + +## Values + +| Name | Value | +| ------ | ------ | +| `GRPC` | grpc | \ No newline at end of file diff --git a/docs/models/createoutputrequest.md b/docs/models/createoutputrequest.md index dc80cbd10..e848a06cb 100644 --- a/docs/models/createoutputrequest.md +++ b/docs/models/createoutputrequest.md @@ -143,6 +143,12 @@ value: models.CreateOutputOutputGoogleCloudStorage = /* values here */ value: models.CreateOutputOutputGoogleCloudLogging = /* values here */ ``` +### `models.CreateOutputOutputGoogleCloudObservability` + +```python +value: models.CreateOutputOutputGoogleCloudObservability = /* values here */ +``` + ### `models.CreateOutputOutputGooglePubsub` ```python diff --git a/docs/models/createoutputstatsdestination.md b/docs/models/createoutputstatsdestination.md index 29458c85b..271274dd7 100644 --- a/docs/models/createoutputstatsdestination.md +++ b/docs/models/createoutputstatsdestination.md @@ -3,12 +3,14 @@ ## Fields -| Field | Type | Required | Description | -| ------------------ | ------------------ | ------------------ | ------------------ | -| `url` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `database` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `table_name` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `auth_type` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `username` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `sql_username` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `password` | *Optional[str]* | :heavy_minus_sign: | N/A | \ No newline at end of file +| Field | Type | Required | Description | +| ------------------------ | ------------------------ | ------------------------ | ------------------------ | +| `url` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `database` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `table_name` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `auth_type` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `sql_username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `password` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `wait_for_async_inserts` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `concurrency` | *Optional[float]* | :heavy_minus_sign: | N/A | \ No newline at end of file diff --git a/docs/models/createoutputsystembypackendpoint.md b/docs/models/createoutputsystembypackendpointdynatracehttp.md similarity index 72% rename from docs/models/createoutputsystembypackendpoint.md rename to docs/models/createoutputsystembypackendpointdynatracehttp.md index dc5384d86..a3ccdf857 100644 --- a/docs/models/createoutputsystembypackendpoint.md +++ b/docs/models/createoutputsystembypackendpointdynatracehttp.md @@ -1,11 +1,11 @@ -# CreateOutputSystemByPackEndpoint +# CreateOutputSystemByPackEndpointDynatraceHTTP ## Example Usage ```python -from cribl_control_plane.models import CreateOutputSystemByPackEndpoint +from cribl_control_plane.models import CreateOutputSystemByPackEndpointDynatraceHTTP -value = CreateOutputSystemByPackEndpoint.CLOUD +value = CreateOutputSystemByPackEndpointDynatraceHTTP.CLOUD # Open enum: unrecognized values are captured as UnrecognizedStr ``` diff --git a/docs/models/createoutputsystembypackendpointgooglecloudobservability.md b/docs/models/createoutputsystembypackendpointgooglecloudobservability.md new file mode 100644 index 000000000..6e308b6ec --- /dev/null +++ b/docs/models/createoutputsystembypackendpointgooglecloudobservability.md @@ -0,0 +1,20 @@ +# CreateOutputSystemByPackEndpointGoogleCloudObservability + +Fixed Google Cloud Observability gRPC endpoint. All three signals share this transport; the OTLP service path determines whether the call lands on traces, metrics, or logs. + +## Example Usage + +```python +from cribl_control_plane.models import CreateOutputSystemByPackEndpointGoogleCloudObservability + +value = CreateOutputSystemByPackEndpointGoogleCloudObservability.TELEMETRY_GOOGLEAPIS_COM_443 + +# Open enum: unrecognized values are captured as UnrecognizedStr +``` + + +## Values + +| Name | Value | +| ------------------------------ | ------------------------------ | +| `TELEMETRY_GOOGLEAPIS_COM_443` | telemetry.googleapis.com:443 | \ No newline at end of file diff --git a/docs/models/createoutputsystembypackformatcribllake.md b/docs/models/createoutputsystembypackformatcribllake.md index 8bc5098a1..ca53a919d 100644 --- a/docs/models/createoutputsystembypackformatcribllake.md +++ b/docs/models/createoutputsystembypackformatcribllake.md @@ -13,8 +13,9 @@ value = CreateOutputSystemByPackFormatCriblLake.JSON ## Values -| Name | Value | -| --------- | --------- | -| `JSON` | json | -| `PARQUET` | parquet | -| `DDSS` | ddss | \ No newline at end of file +| Name | Value | +| ---------- | ---------- | +| `JSON` | json | +| `PARQUET` | parquet | +| `DDSS` | ddss | +| `NETSKOPE` | netskope | \ No newline at end of file diff --git a/docs/models/createoutputsystembypackgoogleauthenticationmethod.md b/docs/models/createoutputsystembypackgoogleauthenticationmethod.md new file mode 100644 index 000000000..02be43010 --- /dev/null +++ b/docs/models/createoutputsystembypackgoogleauthenticationmethod.md @@ -0,0 +1,21 @@ +# CreateOutputSystemByPackGoogleAuthenticationMethod + +Choose Auto to use Google Application Default Credentials (ADC). Choose Secret to select or create a stored secret that references Google service account credentials. + +## Example Usage + +```python +from cribl_control_plane.models import CreateOutputSystemByPackGoogleAuthenticationMethod + +value = CreateOutputSystemByPackGoogleAuthenticationMethod.AUTO + +# Open enum: unrecognized values are captured as UnrecognizedStr +``` + + +## Values + +| Name | Value | +| -------- | -------- | +| `AUTO` | auto | +| `SECRET` | secret | \ No newline at end of file diff --git a/docs/models/createoutputsystembypackotlpversiongooglecloudobservability.md b/docs/models/createoutputsystembypackotlpversiongooglecloudobservability.md new file mode 100644 index 000000000..6fbe6e353 --- /dev/null +++ b/docs/models/createoutputsystembypackotlpversiongooglecloudobservability.md @@ -0,0 +1,18 @@ +# CreateOutputSystemByPackOtlpVersionGoogleCloudObservability + +## Example Usage + +```python +from cribl_control_plane.models import CreateOutputSystemByPackOtlpVersionGoogleCloudObservability + +value = CreateOutputSystemByPackOtlpVersionGoogleCloudObservability.ONE_DOT_3_DOT_1 + +# Open enum: unrecognized values are captured as UnrecognizedStr +``` + + +## Values + +| Name | Value | +| ----------------- | ----------------- | +| `ONE_DOT_3_DOT_1` | 1.3.1 | \ No newline at end of file diff --git a/docs/models/createoutputsystembypackotlpversion.md b/docs/models/createoutputsystembypackotlpversionopentelemetry.md similarity index 74% rename from docs/models/createoutputsystembypackotlpversion.md rename to docs/models/createoutputsystembypackotlpversionopentelemetry.md index c444838a1..96d82c595 100644 --- a/docs/models/createoutputsystembypackotlpversion.md +++ b/docs/models/createoutputsystembypackotlpversionopentelemetry.md @@ -1,13 +1,13 @@ -# CreateOutputSystemByPackOTLPVersion +# CreateOutputSystemByPackOTLPVersionOpenTelemetry The version of OTLP Protobuf definitions to use when structuring data to send ## Example Usage ```python -from cribl_control_plane.models import CreateOutputSystemByPackOTLPVersion +from cribl_control_plane.models import CreateOutputSystemByPackOTLPVersionOpenTelemetry -value = CreateOutputSystemByPackOTLPVersion.ZERO_DOT_10_DOT_0 +value = CreateOutputSystemByPackOTLPVersionOpenTelemetry.ZERO_DOT_10_DOT_0 # Open enum: unrecognized values are captured as UnrecognizedStr ``` diff --git a/docs/models/createoutputsystembypackoutputazuredataexplorer.md b/docs/models/createoutputsystembypackoutputazuredataexplorer.md index 5b677e111..e8167427b 100644 --- a/docs/models/createoutputsystembypackoutputazuredataexplorer.md +++ b/docs/models/createoutputsystembypackoutputazuredataexplorer.md @@ -89,7 +89,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsAzureDataExplorer]](../models/createoutputsystembypackpqcontrolsazuredataexplorer.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_cluster_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'clusterUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clusterUrl' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputazureeventhub.md b/docs/models/createoutputsystembypackoutputazureeventhub.md index 8c83c4a41..5aa3cc0a0 100644 --- a/docs/models/createoutputsystembypackoutputazureeventhub.md +++ b/docs/models/createoutputsystembypackoutputazureeventhub.md @@ -40,7 +40,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsAzureEventhub]](../models/createoutputsystembypackpqcontrolsazureeventhub.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_brokers` | *Optional[str]* | :heavy_minus_sign: | Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputazurelogs.md b/docs/models/createoutputsystembypackoutputazurelogs.md index 76b6e0e07..05dde4989 100644 --- a/docs/models/createoutputsystembypackoutputazurelogs.md +++ b/docs/models/createoutputsystembypackoutputazurelogs.md @@ -41,7 +41,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsAzureLogs]](../models/createoutputsystembypackpqcontrolsazurelogs.md) | :heavy_minus_sign: | N/A | | `workspace_id` | *Optional[str]* | :heavy_minus_sign: | Azure Log Analytics Workspace ID. See Azure Dashboard Workspace > Advanced settings. | | `workspace_key` | *Optional[str]* | :heavy_minus_sign: | Azure Log Analytics Workspace Primary or Secondary Shared Key. See Azure Dashboard Workspace > Advanced settings. | diff --git a/docs/models/createoutputsystembypackoutputchronicle.md b/docs/models/createoutputsystembypackoutputchronicle.md index 8b65268b1..ec22e5812 100644 --- a/docs/models/createoutputsystembypackoutputchronicle.md +++ b/docs/models/createoutputsystembypackoutputchronicle.md @@ -51,7 +51,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsChronicle]](../models/createoutputsystembypackpqcontrolschronicle.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_region` | *Optional[str]* | :heavy_minus_sign: | Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputclickhouse.md b/docs/models/createoutputsystembypackoutputclickhouse.md index 6bb558d45..973b094d5 100644 --- a/docs/models/createoutputsystembypackoutputclickhouse.md +++ b/docs/models/createoutputsystembypackoutputclickhouse.md @@ -33,6 +33,7 @@ | `response_retry_settings` | List[[models.ResponseRetrySettingConfOutputWebhook](../models/responseretrysettingconfoutputwebhook.md)] | :heavy_minus_sign: | Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) | | `timeout_retry_settings` | [Optional[models.TimeoutRetrySettingsType]](../models/timeoutretrysettingstype.md) | :heavy_minus_sign: | N/A | | `response_honor_retry_after_header` | *Optional[bool]* | :heavy_minus_sign: | Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. | +| `workload` | *Optional[str]* | :heavy_minus_sign: | Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification. | | `dump_format_errors_to_disk` | *Optional[bool]* | :heavy_minus_sign: | Log the most recent event that fails to match the table schema | | `on_backpressure` | [Optional[models.BackpressureBehaviorOptions]](../models/backpressurebehavioroptions.md) | :heavy_minus_sign: | How to handle events when all receivers are exerting backpressure | | `description` | *Optional[str]* | :heavy_minus_sign: | N/A | @@ -54,7 +55,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsClickHouse]](../models/createoutputsystembypackpqcontrolsclickhouse.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputcloudwatch.md b/docs/models/createoutputsystembypackoutputcloudwatch.md index 0df12686e..044c2f189 100644 --- a/docs/models/createoutputsystembypackoutputcloudwatch.md +++ b/docs/models/createoutputsystembypackoutputcloudwatch.md @@ -40,7 +40,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsCloudwatch]](../models/createoutputsystembypackpqcontrolscloudwatch.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_log_group_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'logGroupName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logGroupName' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputconfluentcloud.md b/docs/models/createoutputsystembypackoutputconfluentcloud.md index ae2c18f60..386e1a64b 100644 --- a/docs/models/createoutputsystembypackoutputconfluentcloud.md +++ b/docs/models/createoutputsystembypackoutputconfluentcloud.md @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsConfluentCloud]](../models/createoutputsystembypackpqcontrolsconfluentcloud.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_brokers` | *Optional[str]* | :heavy_minus_sign: | Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputcriblhttp.md b/docs/models/createoutputsystembypackoutputcriblhttp.md index 28d8591d4..792203ef9 100644 --- a/docs/models/createoutputsystembypackoutputcriblhttp.md +++ b/docs/models/createoutputsystembypackoutputcriblhttp.md @@ -48,7 +48,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsCriblHTTP]](../models/createoutputsystembypackpqcontrolscriblhttp.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputcriblsearchengine.md b/docs/models/createoutputsystembypackoutputcriblsearchengine.md index 957a931eb..15f4e205f 100644 --- a/docs/models/createoutputsystembypackoutputcriblsearchengine.md +++ b/docs/models/createoutputsystembypackoutputcriblsearchengine.md @@ -48,7 +48,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsCriblSearchEngine]](../models/createoutputsystembypackpqcontrolscriblsearchengine.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputcribltcp.md b/docs/models/createoutputsystembypackoutputcribltcp.md index 8c17b82c3..5aebc0ed3 100644 --- a/docs/models/createoutputsystembypackoutputcribltcp.md +++ b/docs/models/createoutputsystembypackoutputcribltcp.md @@ -40,7 +40,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsCriblTCP]](../models/createoutputsystembypackpqcontrolscribltcp.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_on_backpressure` | *Optional[str]* | :heavy_minus_sign: | Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputcrowdstrikenextgensiem.md b/docs/models/createoutputsystembypackoutputcrowdstrikenextgensiem.md index e3d6c4e30..c078d0138 100644 --- a/docs/models/createoutputsystembypackoutputcrowdstrikenextgensiem.md +++ b/docs/models/createoutputsystembypackoutputcrowdstrikenextgensiem.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsCrowdstrikeNextGenSiem]](../models/createoutputsystembypackpqcontrolscrowdstrikenextgensiem.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputdatadog.md b/docs/models/createoutputsystembypackoutputdatadog.md index 0d89cf2ea..d2a8c78f4 100644 --- a/docs/models/createoutputsystembypackoutputdatadog.md +++ b/docs/models/createoutputsystembypackoutputdatadog.md @@ -51,7 +51,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsDatadog]](../models/createoutputsystembypackpqcontrolsdatadog.md) | :heavy_minus_sign: | N/A | | `api_key` | *Optional[str]* | :heavy_minus_sign: | Organization's API key in Datadog | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/createoutputsystembypackoutputdataset.md b/docs/models/createoutputsystembypackoutputdataset.md index 83cbd755d..5c1b0d93b 100644 --- a/docs/models/createoutputsystembypackoutputdataset.md +++ b/docs/models/createoutputsystembypackoutputdataset.md @@ -46,7 +46,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsDataset]](../models/createoutputsystembypackpqcontrolsdataset.md) | :heavy_minus_sign: | N/A | | `api_key` | *Optional[str]* | :heavy_minus_sign: | A 'Log Write Access' API key for the DataSet account | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/createoutputsystembypackoutputdynatracehttp.md b/docs/models/createoutputsystembypackoutputdynatracehttp.md index 1fb7d0b26..cb5f40e1d 100644 --- a/docs/models/createoutputsystembypackoutputdynatracehttp.md +++ b/docs/models/createoutputsystembypackoutputdynatracehttp.md @@ -30,7 +30,7 @@ | `on_backpressure` | [Optional[models.BackpressureBehaviorOptions]](../models/backpressurebehavioroptions.md) | :heavy_minus_sign: | How to handle events when all receivers are exerting backpressure | | `auth_type` | [Optional[models.CreateOutputSystemByPackAuthenticationTypeDynatraceHTTP]](../models/createoutputsystembypackauthenticationtypedynatracehttp.md) | :heavy_minus_sign: | N/A | | `format_` | [models.CreateOutputSystemByPackFormatDynatraceHTTP](../models/createoutputsystembypackformatdynatracehttp.md) | :heavy_check_mark: | How to format events before sending. Defaults to JSON. Plaintext is not currently supported. | -| `endpoint` | [models.CreateOutputSystemByPackEndpoint](../models/createoutputsystembypackendpoint.md) | :heavy_check_mark: | N/A | +| `endpoint` | [models.CreateOutputSystemByPackEndpointDynatraceHTTP](../models/createoutputsystembypackendpointdynatracehttp.md) | :heavy_check_mark: | N/A | | `telemetry_type` | [models.CreateOutputSystemByPackTelemetryType](../models/createoutputsystembypacktelemetrytype.md) | :heavy_check_mark: | N/A | | `total_memory_limit_kb` | *Optional[float]* | :heavy_minus_sign: | Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced. | | `description` | *Optional[str]* | :heavy_minus_sign: | N/A | @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsDynatraceHTTP]](../models/createoutputsystembypackpqcontrolsdynatracehttp.md) | :heavy_minus_sign: | N/A | | `token` | *Optional[str]* | :heavy_minus_sign: | Bearer token to include in the authorization header | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/createoutputsystembypackoutputdynatraceotlp.md b/docs/models/createoutputsystembypackoutputdynatraceotlp.md index 05349b8db..5077afb6c 100644 --- a/docs/models/createoutputsystembypackoutputdynatraceotlp.md +++ b/docs/models/createoutputsystembypackoutputdynatraceotlp.md @@ -52,7 +52,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsDynatraceOtlp]](../models/createoutputsystembypackpqcontrolsdynatraceotlp.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputelastic.md b/docs/models/createoutputsystembypackoutputelastic.md index a89887a4a..4d5f97a5a 100644 --- a/docs/models/createoutputsystembypackoutputelastic.md +++ b/docs/models/createoutputsystembypackoutputelastic.md @@ -52,7 +52,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsElastic]](../models/createoutputsystembypackpqcontrolselastic.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_index` | *Optional[str]* | :heavy_minus_sign: | Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputelasticcloud.md b/docs/models/createoutputsystembypackoutputelasticcloud.md index b9a841f88..cc50614ad 100644 --- a/docs/models/createoutputsystembypackoutputelasticcloud.md +++ b/docs/models/createoutputsystembypackoutputelasticcloud.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsElasticCloud]](../models/createoutputsystembypackpqcontrolselasticcloud.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputgooglechronicle.md b/docs/models/createoutputsystembypackoutputgooglechronicle.md index f06b07c9d..4116dbc87 100644 --- a/docs/models/createoutputsystembypackoutputgooglechronicle.md +++ b/docs/models/createoutputsystembypackoutputgooglechronicle.md @@ -53,7 +53,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsGoogleChronicle]](../models/createoutputsystembypackpqcontrolsgooglechronicle.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_api_version` | *Optional[str]* | :heavy_minus_sign: | Binds 'apiVersion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'apiVersion' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputgooglecloudlogging.md b/docs/models/createoutputsystembypackoutputgooglecloudlogging.md index 72a28572e..7c56eaa73 100644 --- a/docs/models/createoutputsystembypackoutputgooglecloudlogging.md +++ b/docs/models/createoutputsystembypackoutputgooglecloudlogging.md @@ -73,7 +73,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsGoogleCloudLogging]](../models/createoutputsystembypackpqcontrolsgooglecloudlogging.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_log_location_type` | *Optional[str]* | :heavy_minus_sign: | Binds 'logLocationType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationType' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputgooglecloudobservability.md b/docs/models/createoutputsystembypackoutputgooglecloudobservability.md new file mode 100644 index 000000000..f6caff8c1 --- /dev/null +++ b/docs/models/createoutputsystembypackoutputgooglecloudobservability.md @@ -0,0 +1,47 @@ +# CreateOutputSystemByPackOutputGoogleCloudObservability + + +## Fields + +| Field | Type | Required | Description | +| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `id` | *str* | :heavy_check_mark: | Unique ID for this output | +| `type` | [models.CreateOutputSystemByPackTypeGoogleCloudObservability](../models/createoutputsystembypacktypegooglecloudobservability.md) | :heavy_check_mark: | N/A | +| `pipeline` | *Optional[str]* | :heavy_minus_sign: | Pipeline to process data before sending out to this output | +| `system_fields` | List[*str*] | :heavy_minus_sign: | Fields to automatically add to events, such as cribl_pipe. Supports wildcards. | +| `environment` | *Optional[str]* | :heavy_minus_sign: | Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. | +| `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | +| `protocol` | [Optional[models.CreateOutputSystemByPackProtocolGoogleCloudObservability]](../models/createoutputsystembypackprotocolgooglecloudobservability.md) | :heavy_minus_sign: | N/A | +| `otlp_version` | [Optional[models.CreateOutputSystemByPackOtlpVersionGoogleCloudObservability]](../models/createoutputsystembypackotlpversiongooglecloudobservability.md) | :heavy_minus_sign: | N/A | +| `endpoint` | [Optional[models.CreateOutputSystemByPackEndpointGoogleCloudObservability]](../models/createoutputsystembypackendpointgooglecloudobservability.md) | :heavy_minus_sign: | Fixed Google Cloud Observability gRPC endpoint. All three signals share this transport; the OTLP service path determines whether the call lands on traces, metrics, or logs. | +| `google_auth_method` | [models.CreateOutputSystemByPackGoogleAuthenticationMethod](../models/createoutputsystembypackgoogleauthenticationmethod.md) | :heavy_check_mark: | Choose Auto to use Google Application Default Credentials (ADC). Choose Secret to select or create a stored secret that references Google service account credentials. | +| `metadata` | List[[models.KeyValueMetadataConfOutputFilesystem](../models/keyvaluemetadataconfoutputfilesystem.md)] | :heavy_minus_sign: | List of key-value pairs to send with each gRPC request. Value supports JavaScript expressions that are evaluated just once, when the destination gets started. To pass credentials as metadata, use 'C.Secret'. | +| `dynamic_headers_enabled` | *Optional[bool]* | :heavy_minus_sign: | Batch event data upon dynamic metadata (whether presented or not) | +| `dynamic_headers_field` | *Optional[str]* | :heavy_minus_sign: | When presented, this field which contains metadata, will be injected into the Destination metadata and used to batch events. | +| `concurrency` | *Optional[float]* | :heavy_minus_sign: | Maximum number of ongoing requests before blocking | +| `max_payload_size_kb` | *Optional[float]* | :heavy_minus_sign: | Maximum size, in KB, of the request body sent to Google Cloud Observability | +| `timeout_sec` | *Optional[float]* | :heavy_minus_sign: | Amount of time, in seconds, to wait for a request to complete before canceling it | +| `flush_period_sec` | *Optional[float]* | :heavy_minus_sign: | Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. | +| `failed_request_logging_mode` | [Optional[models.FailedRequestLoggingModeOptions]](../models/failedrequestloggingmodeoptions.md) | :heavy_minus_sign: | Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below. | +| `connection_timeout` | *Optional[float]* | :heavy_minus_sign: | Amount of time (milliseconds) to wait for the connection to establish before retrying | +| `keep_alive_time` | *Optional[float]* | :heavy_minus_sign: | How often the sender should ping the peer to keep the connection open | +| `tls` | [Optional[models.TLSSettingsClientSideTypeExtended]](../models/tlssettingsclientsidetypeextended.md) | :heavy_minus_sign: | N/A | +| `max_payload_events` | *Optional[float]* | :heavy_minus_sign: | Max number of events to include in the request body. Default is 0 (unlimited). Use to keep outgoing data points within GCO request limits. For metrics, combine with the OTLP Metrics function batchSize. | +| `on_backpressure` | [Optional[models.BackpressureBehaviorOptions]](../models/backpressurebehavioroptions.md) | :heavy_minus_sign: | How to handle events when all receivers are exerting backpressure | +| `description` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | +| `pq_strict_ordering` | *Optional[bool]* | :heavy_minus_sign: | Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. | +| `pq_rate_per_sec` | *Optional[float]* | :heavy_minus_sign: | Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. | +| `pq_mode` | [Optional[models.ModeOptions]](../models/modeoptions.md) | :heavy_minus_sign: | In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem. | +| `pq_max_buffer_size` | *Optional[float]* | :heavy_minus_sign: | Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. | +| `pq_max_backpressure_sec` | *Optional[float]* | :heavy_minus_sign: | How long (in seconds) to wait for backpressure to resolve before engaging the queue | +| `pq_max_file_size` | *Optional[str]* | :heavy_minus_sign: | The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) | +| `pq_max_size` | *Optional[str]* | :heavy_minus_sign: | The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. | +| `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | +| `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | +| `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | +| `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsGoogleCloudObservability]](../models/createoutputsystembypackpqcontrolsgooglecloudobservability.md) | :heavy_minus_sign: | N/A | +| `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | +| `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | +| `template_on_backpressure` | *Optional[str]* | :heavy_minus_sign: | Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. | \ No newline at end of file diff --git a/docs/models/createoutputsystembypackoutputgooglepubsub.md b/docs/models/createoutputsystembypackoutputgooglepubsub.md index 282dcd711..b7b665883 100644 --- a/docs/models/createoutputsystembypackoutputgooglepubsub.md +++ b/docs/models/createoutputsystembypackoutputgooglepubsub.md @@ -36,7 +36,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsGooglePubsub]](../models/createoutputsystembypackpqcontrolsgooglepubsub.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_topic_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'topicName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicName' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputgrafanacloudgrafanacloud1.md b/docs/models/createoutputsystembypackoutputgrafanacloudgrafanacloud1.md index 64732f5ac..fa172d499 100644 --- a/docs/models/createoutputsystembypackoutputgrafanacloudgrafanacloud1.md +++ b/docs/models/createoutputsystembypackoutputgrafanacloudgrafanacloud1.md @@ -15,7 +15,7 @@ | `prometheus_url` | *Optional[str]* | :heavy_minus_sign: | The remote_write endpoint to send Prometheus metrics to, such as https://prometheus-blocks-prod-us-central1.grafana.net/api/prom/push | | `message` | *Optional[str]* | :heavy_minus_sign: | Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event. | | `message_format` | [Optional[models.MessageFormatOptions]](../models/messageformatoptions.md) | :heavy_minus_sign: | Format to use when sending logs to Loki (Protobuf or JSON) | -| `labels` | List[[models.RequestParamConfInputOpenai](../models/requestparamconfinputopenai.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | +| `labels` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | | `metric_rename_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression that can be used to rename metrics. For example, name.replace(/\./g, '_') will replace all '.' characters in a metric's name with the supported '_' character. Use the 'name' global variable to access the metric's name. You can access event fields' values via __e.. | | `prometheus_auth` | [Optional[models.PrometheusAuthType]](../models/prometheusauthtype.md) | :heavy_minus_sign: | N/A | | `loki_auth` | [Optional[models.PrometheusAuthType]](../models/prometheusauthtype.md) | :heavy_minus_sign: | N/A | @@ -45,7 +45,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackOutputGrafanaCloudPqControls1]](../models/createoutputsystembypackoutputgrafanacloudpqcontrols1.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_loki_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'lokiUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'lokiUrl' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputgrafanacloudgrafanacloud2.md b/docs/models/createoutputsystembypackoutputgrafanacloudgrafanacloud2.md index 31efc110c..5f69685c6 100644 --- a/docs/models/createoutputsystembypackoutputgrafanacloudgrafanacloud2.md +++ b/docs/models/createoutputsystembypackoutputgrafanacloudgrafanacloud2.md @@ -15,7 +15,7 @@ | `prometheus_url` | *str* | :heavy_check_mark: | The remote_write endpoint to send Prometheus metrics to, such as https://prometheus-blocks-prod-us-central1.grafana.net/api/prom/push | | `message` | *Optional[str]* | :heavy_minus_sign: | Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event. | | `message_format` | [Optional[models.MessageFormatOptions]](../models/messageformatoptions.md) | :heavy_minus_sign: | Format to use when sending logs to Loki (Protobuf or JSON) | -| `labels` | List[[models.RequestParamConfInputOpenai](../models/requestparamconfinputopenai.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | +| `labels` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | | `metric_rename_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression that can be used to rename metrics. For example, name.replace(/\./g, '_') will replace all '.' characters in a metric's name with the supported '_' character. Use the 'name' global variable to access the metric's name. You can access event fields' values via __e.. | | `prometheus_auth` | [Optional[models.PrometheusAuthType]](../models/prometheusauthtype.md) | :heavy_minus_sign: | N/A | | `loki_auth` | [Optional[models.PrometheusAuthType]](../models/prometheusauthtype.md) | :heavy_minus_sign: | N/A | @@ -45,7 +45,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackOutputGrafanaCloudPqControls2]](../models/createoutputsystembypackoutputgrafanacloudpqcontrols2.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_loki_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'lokiUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'lokiUrl' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputgraphite.md b/docs/models/createoutputsystembypackoutputgraphite.md index 95b2ae4bd..28110a0dd 100644 --- a/docs/models/createoutputsystembypackoutputgraphite.md +++ b/docs/models/createoutputsystembypackoutputgraphite.md @@ -32,7 +32,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsGraphite]](../models/createoutputsystembypackpqcontrolsgraphite.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_on_backpressure` | *Optional[str]* | :heavy_minus_sign: | Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. | \ No newline at end of file diff --git a/docs/models/createoutputsystembypackoutputhoneycomb.md b/docs/models/createoutputsystembypackoutputhoneycomb.md index e783cee36..4b54b05d1 100644 --- a/docs/models/createoutputsystembypackoutputhoneycomb.md +++ b/docs/models/createoutputsystembypackoutputhoneycomb.md @@ -39,7 +39,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsHoneycomb]](../models/createoutputsystembypackpqcontrolshoneycomb.md) | :heavy_minus_sign: | N/A | | `team` | *Optional[str]* | :heavy_minus_sign: | Team API key where the dataset belongs | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/createoutputsystembypackoutputhumiohec.md b/docs/models/createoutputsystembypackoutputhumiohec.md index 7129f30d0..00b1a7ba9 100644 --- a/docs/models/createoutputsystembypackoutputhumiohec.md +++ b/docs/models/createoutputsystembypackoutputhumiohec.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsHumioHec]](../models/createoutputsystembypackpqcontrolshumiohec.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputinfluxdb.md b/docs/models/createoutputsystembypackoutputinfluxdb.md index 9f7d7d725..a261e2b2f 100644 --- a/docs/models/createoutputsystembypackoutputinfluxdb.md +++ b/docs/models/createoutputsystembypackoutputinfluxdb.md @@ -46,7 +46,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsInfluxdb]](../models/createoutputsystembypackpqcontrolsinfluxdb.md) | :heavy_minus_sign: | N/A | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | | `password` | *Optional[str]* | :heavy_minus_sign: | N/A | diff --git a/docs/models/createoutputsystembypackoutputkafka.md b/docs/models/createoutputsystembypackoutputkafka.md index bd5408c8d..366ed0fcb 100644 --- a/docs/models/createoutputsystembypackoutputkafka.md +++ b/docs/models/createoutputsystembypackoutputkafka.md @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsKafka]](../models/createoutputsystembypackpqcontrolskafka.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_topic` | *Optional[str]* | :heavy_minus_sign: | Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputkinesis.md b/docs/models/createoutputsystembypackoutputkinesis.md index 8e3d19499..ccfa27883 100644 --- a/docs/models/createoutputsystembypackoutputkinesis.md +++ b/docs/models/createoutputsystembypackoutputkinesis.md @@ -43,7 +43,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsKinesis]](../models/createoutputsystembypackpqcontrolskinesis.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_stream_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputlocalsearchstorage.md b/docs/models/createoutputsystembypackoutputlocalsearchstorage.md index fd58d2044..37f86efc3 100644 --- a/docs/models/createoutputsystembypackoutputlocalsearchstorage.md +++ b/docs/models/createoutputsystembypackoutputlocalsearchstorage.md @@ -33,6 +33,7 @@ | `response_retry_settings` | List[[models.ResponseRetrySettingConfOutputWebhook](../models/responseretrysettingconfoutputwebhook.md)] | :heavy_minus_sign: | Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) | | `timeout_retry_settings` | [Optional[models.TimeoutRetrySettingsType]](../models/timeoutretrysettingstype.md) | :heavy_minus_sign: | N/A | | `response_honor_retry_after_header` | *Optional[bool]* | :heavy_minus_sign: | Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. | +| `workload` | *Optional[str]* | :heavy_minus_sign: | Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification. | | `dump_format_errors_to_disk` | *Optional[bool]* | :heavy_minus_sign: | Log the most recent event that fails to match the table schema | | `on_backpressure` | [Optional[models.BackpressureBehaviorOptions]](../models/backpressurebehavioroptions.md) | :heavy_minus_sign: | How to handle events when all receivers are exerting backpressure | | `stats_destination` | [Optional[models.CreateOutputSystemByPackStatsDestination]](../models/createoutputsystembypackstatsdestination.md) | :heavy_minus_sign: | N/A | @@ -55,7 +56,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsLocalSearchStorage]](../models/createoutputsystembypackpqcontrolslocalsearchstorage.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputloki.md b/docs/models/createoutputsystembypackoutputloki.md index 6054daed2..2637270c9 100644 --- a/docs/models/createoutputsystembypackoutputloki.md +++ b/docs/models/createoutputsystembypackoutputloki.md @@ -14,7 +14,7 @@ | `url` | *str* | :heavy_check_mark: | The endpoint to send logs to | | `message` | *Optional[str]* | :heavy_minus_sign: | Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event. | | `message_format` | [Optional[models.MessageFormatOptions]](../models/messageformatoptions.md) | :heavy_minus_sign: | Format to use when sending logs to Loki (Protobuf or JSON) | -| `labels` | List[[models.RequestParamConfInputOpenai](../models/requestparamconfinputopenai.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | +| `labels` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | | `auth_type` | [Optional[models.AuthenticationTypeOptionsPrometheusAuthBasicCredentialsSecret]](../models/authenticationtypeoptionsprometheusauthbasiccredentialssecret.md) | :heavy_minus_sign: | N/A | | `concurrency` | *Optional[float]* | :heavy_minus_sign: | Maximum number of ongoing requests before blocking. Warning: Setting this value > 1 can cause Loki to complain about entries being delivered out of order. | | `max_payload_size_kb` | *Optional[float]* | :heavy_minus_sign: | Maximum size, in KB, of the request body. Warning: Setting this too low can increase the number of ongoing requests (depending on the value of 'Request concurrency'); this can cause Loki to complain about entries being delivered out of order. | @@ -49,7 +49,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsLoki]](../models/createoutputsystembypackpqcontrolsloki.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputmicrosoftfabric.md b/docs/models/createoutputsystembypackoutputmicrosoftfabric.md index 8e86b35fe..7d160fd7f 100644 --- a/docs/models/createoutputsystembypackoutputmicrosoftfabric.md +++ b/docs/models/createoutputsystembypackoutputmicrosoftfabric.md @@ -40,7 +40,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsMicrosoftFabric]](../models/createoutputsystembypackpqcontrolsmicrosoftfabric.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_topic` | *Optional[str]* | :heavy_minus_sign: | Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputmsk.md b/docs/models/createoutputsystembypackoutputmsk.md index 9c75af012..8730b3281 100644 --- a/docs/models/createoutputsystembypackoutputmsk.md +++ b/docs/models/createoutputsystembypackoutputmsk.md @@ -55,7 +55,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsMsk]](../models/createoutputsystembypackpqcontrolsmsk.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_topic` | *Optional[str]* | :heavy_minus_sign: | Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputnewrelic.md b/docs/models/createoutputsystembypackoutputnewrelic.md index b6ab4d78c..721bb6b19 100644 --- a/docs/models/createoutputsystembypackoutputnewrelic.md +++ b/docs/models/createoutputsystembypackoutputnewrelic.md @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsNewrelic]](../models/createoutputsystembypackpqcontrolsnewrelic.md) | :heavy_minus_sign: | N/A | | `api_key` | *Optional[str]* | :heavy_minus_sign: | New Relic API key. Can be overridden using __newRelic_apiKey field. | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/createoutputsystembypackoutputnewrelicevents.md b/docs/models/createoutputsystembypackoutputnewrelicevents.md index 3d39461ba..6bd56b6e0 100644 --- a/docs/models/createoutputsystembypackoutputnewrelicevents.md +++ b/docs/models/createoutputsystembypackoutputnewrelicevents.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsNewrelicEvents]](../models/createoutputsystembypackpqcontrolsnewrelicevents.md) | :heavy_minus_sign: | N/A | | `api_key` | *Optional[str]* | :heavy_minus_sign: | New Relic API key. Can be overridden using __newRelic_apiKey field. | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/createoutputsystembypackoutputopentelemetry.md b/docs/models/createoutputsystembypackoutputopentelemetry.md index d308b2ce6..c3a24ca54 100644 --- a/docs/models/createoutputsystembypackoutputopentelemetry.md +++ b/docs/models/createoutputsystembypackoutputopentelemetry.md @@ -13,7 +13,7 @@ | `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | | `protocol` | [Optional[models.ProtocolOptions]](../models/protocoloptions.md) | :heavy_minus_sign: | Select a transport option for OpenTelemetry | | `endpoint` | *str* | :heavy_check_mark: | The endpoint where OTel events will be sent. Enter any valid URL or an IP address (IPv4 or IPv6; enclose IPv6 addresses in square brackets). Unspecified ports will default to 4317, unless the endpoint is an HTTPS-based URL or TLS is enabled, in which case 443 will be used. | -| `otlp_version` | [Optional[models.CreateOutputSystemByPackOTLPVersion]](../models/createoutputsystembypackotlpversion.md) | :heavy_minus_sign: | The version of OTLP Protobuf definitions to use when structuring data to send | +| `otlp_version` | [Optional[models.CreateOutputSystemByPackOTLPVersionOpenTelemetry]](../models/createoutputsystembypackotlpversionopentelemetry.md) | :heavy_minus_sign: | The version of OTLP Protobuf definitions to use when structuring data to send | | `compress` | [Optional[models.CompressionOptionsDeflateGzip]](../models/compressionoptionsdeflategzip.md) | :heavy_minus_sign: | Type of compression to apply to messages sent to the OpenTelemetry endpoint | | `http_compress` | [Optional[models.CompressionOptionsMessages]](../models/compressionoptionsmessages.md) | :heavy_minus_sign: | Type of compression to apply to messages sent to the OpenTelemetry endpoint | | `auth_type` | [Optional[models.CreateOutputSystemByPackAuthenticationTypeOpenTelemetry]](../models/createoutputsystembypackauthenticationtypeopentelemetry.md) | :heavy_minus_sign: | N/A | @@ -64,7 +64,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsOpenTelemetry]](../models/createoutputsystembypackpqcontrolsopentelemetry.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputprometheus.md b/docs/models/createoutputsystembypackoutputprometheus.md index 8286b6189..9d0f750ba 100644 --- a/docs/models/createoutputsystembypackoutputprometheus.md +++ b/docs/models/createoutputsystembypackoutputprometheus.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsPrometheus]](../models/createoutputsystembypackpqcontrolsprometheus.md) | :heavy_minus_sign: | N/A | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | | `password` | *Optional[str]* | :heavy_minus_sign: | N/A | diff --git a/docs/models/createoutputsystembypackoutputsentinel.md b/docs/models/createoutputsystembypackoutputsentinel.md index 7bb359003..b469c84e5 100644 --- a/docs/models/createoutputsystembypackoutputsentinel.md +++ b/docs/models/createoutputsystembypackoutputsentinel.md @@ -54,7 +54,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsSentinel]](../models/createoutputsystembypackpqcontrolssentinel.md) | :heavy_minus_sign: | N/A | | `url` | *Optional[str]* | :heavy_minus_sign: | URL to send events to. Can be overwritten by an event's __url field. | | `dcr_id` | *Optional[str]* | :heavy_minus_sign: | Immutable ID for the Data Collection Rule (DCR) | diff --git a/docs/models/createoutputsystembypackoutputsentineloneaisiem.md b/docs/models/createoutputsystembypackoutputsentineloneaisiem.md index 843f69f27..974c1a286 100644 --- a/docs/models/createoutputsystembypackoutputsentineloneaisiem.md +++ b/docs/models/createoutputsystembypackoutputsentineloneaisiem.md @@ -56,7 +56,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsSentinelOneAiSiem]](../models/createoutputsystembypackpqcontrolssentineloneaisiem.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputservicenow.md b/docs/models/createoutputsystembypackoutputservicenow.md index 3e64edf23..0df3a1363 100644 --- a/docs/models/createoutputsystembypackoutputservicenow.md +++ b/docs/models/createoutputsystembypackoutputservicenow.md @@ -52,7 +52,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsServiceNow]](../models/createoutputsystembypackpqcontrolsservicenow.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputsignalfx.md b/docs/models/createoutputsystembypackoutputsignalfx.md index a207f0c89..30aebec23 100644 --- a/docs/models/createoutputsystembypackoutputsignalfx.md +++ b/docs/models/createoutputsystembypackoutputsignalfx.md @@ -41,7 +41,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsSignalfx]](../models/createoutputsystembypackpqcontrolssignalfx.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputsns.md b/docs/models/createoutputsystembypackoutputsns.md index 4b5ed88be..5d6d4bb73 100644 --- a/docs/models/createoutputsystembypackoutputsns.md +++ b/docs/models/createoutputsystembypackoutputsns.md @@ -38,7 +38,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsSns]](../models/createoutputsystembypackpqcontrolssns.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_topic_arn` | *Optional[str]* | :heavy_minus_sign: | Binds 'topicArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicArn' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputsplunk.md b/docs/models/createoutputsystembypackoutputsplunk.md index 5235e0b86..bb263be66 100644 --- a/docs/models/createoutputsystembypackoutputsplunk.md +++ b/docs/models/createoutputsystembypackoutputsplunk.md @@ -37,7 +37,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsSplunk]](../models/createoutputsystembypackpqcontrolssplunk.md) | :heavy_minus_sign: | N/A | | `auth_token` | *Optional[str]* | :heavy_minus_sign: | Shared secret token to use when establishing a connection to a Splunk indexer. | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/createoutputsystembypackoutputsplunkhec.md b/docs/models/createoutputsystembypackoutputsplunkhec.md index 2b64639ea..a8ee0853f 100644 --- a/docs/models/createoutputsystembypackoutputsplunkhec.md +++ b/docs/models/createoutputsystembypackoutputsplunkhec.md @@ -50,7 +50,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsSplunkHec]](../models/createoutputsystembypackpqcontrolssplunkhec.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputsplunklb.md b/docs/models/createoutputsystembypackoutputsplunklb.md index fffedd624..1ad5904b2 100644 --- a/docs/models/createoutputsystembypackoutputsplunklb.md +++ b/docs/models/createoutputsystembypackoutputsplunklb.md @@ -43,7 +43,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsSplunkLb]](../models/createoutputsystembypackpqcontrolssplunklb.md) | :heavy_minus_sign: | N/A | | `auth_token` | *Optional[str]* | :heavy_minus_sign: | Shared secret token to use when establishing a connection to a Splunk indexer. | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/createoutputsystembypackoutputsqs.md b/docs/models/createoutputsystembypackoutputsqs.md index 006eabf13..a8e9401c6 100644 --- a/docs/models/createoutputsystembypackoutputsqs.md +++ b/docs/models/createoutputsystembypackoutputsqs.md @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsSqs]](../models/createoutputsystembypackpqcontrolssqs.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_queue_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'queueName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'queueName' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputstatsd.md b/docs/models/createoutputsystembypackoutputstatsd.md index 41f017a9e..430171861 100644 --- a/docs/models/createoutputsystembypackoutputstatsd.md +++ b/docs/models/createoutputsystembypackoutputstatsd.md @@ -32,7 +32,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsStatsd]](../models/createoutputsystembypackpqcontrolsstatsd.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_on_backpressure` | *Optional[str]* | :heavy_minus_sign: | Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. | \ No newline at end of file diff --git a/docs/models/createoutputsystembypackoutputstatsdext.md b/docs/models/createoutputsystembypackoutputstatsdext.md index 7a1f9e90f..e9b21132a 100644 --- a/docs/models/createoutputsystembypackoutputstatsdext.md +++ b/docs/models/createoutputsystembypackoutputstatsdext.md @@ -32,7 +32,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsStatsdExt]](../models/createoutputsystembypackpqcontrolsstatsdext.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_on_backpressure` | *Optional[str]* | :heavy_minus_sign: | Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. | \ No newline at end of file diff --git a/docs/models/createoutputsystembypackoutputsumologic.md b/docs/models/createoutputsystembypackoutputsumologic.md index b5123ae1d..0fe8c4225 100644 --- a/docs/models/createoutputsystembypackoutputsumologic.md +++ b/docs/models/createoutputsystembypackoutputsumologic.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsSumoLogic]](../models/createoutputsystembypackpqcontrolssumologic.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputsyslog.md b/docs/models/createoutputsystembypackoutputsyslog.md index 89426eaf5..2f3ab66e2 100644 --- a/docs/models/createoutputsystembypackoutputsyslog.md +++ b/docs/models/createoutputsystembypackoutputsyslog.md @@ -46,7 +46,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsSyslog]](../models/createoutputsystembypackpqcontrolssyslog.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_host` | *Optional[str]* | :heavy_minus_sign: | Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputtcpjson.md b/docs/models/createoutputsystembypackoutputtcpjson.md index 1245de5a3..2f27fb79c 100644 --- a/docs/models/createoutputsystembypackoutputtcpjson.md +++ b/docs/models/createoutputsystembypackoutputtcpjson.md @@ -40,7 +40,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsTcpjson]](../models/createoutputsystembypackpqcontrolstcpjson.md) | :heavy_minus_sign: | N/A | | `auth_token` | *Optional[str]* | :heavy_minus_sign: | Optional authentication token to include as part of the connection header | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/createoutputsystembypackoutputwavefront.md b/docs/models/createoutputsystembypackoutputwavefront.md index b9c04b440..51bdc2e56 100644 --- a/docs/models/createoutputsystembypackoutputwavefront.md +++ b/docs/models/createoutputsystembypackoutputwavefront.md @@ -41,7 +41,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsWavefront]](../models/createoutputsystembypackpqcontrolswavefront.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/createoutputsystembypackoutputwebhookwebhook1.md b/docs/models/createoutputsystembypackoutputwebhookwebhook1.md index a0ccebb9c..3b4878caa 100644 --- a/docs/models/createoutputsystembypackoutputwebhookwebhook1.md +++ b/docs/models/createoutputsystembypackoutputwebhookwebhook1.md @@ -52,7 +52,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackOutputWebhookPqControls1]](../models/createoutputsystembypackoutputwebhookpqcontrols1.md) | :heavy_minus_sign: | N/A | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | | `password` | *Optional[str]* | :heavy_minus_sign: | N/A | diff --git a/docs/models/createoutputsystembypackoutputwebhookwebhook2.md b/docs/models/createoutputsystembypackoutputwebhookwebhook2.md index dcb9878fe..44e6558de 100644 --- a/docs/models/createoutputsystembypackoutputwebhookwebhook2.md +++ b/docs/models/createoutputsystembypackoutputwebhookwebhook2.md @@ -52,7 +52,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackOutputWebhookPqControls2]](../models/createoutputsystembypackoutputwebhookpqcontrols2.md) | :heavy_minus_sign: | N/A | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | | `password` | *Optional[str]* | :heavy_minus_sign: | N/A | diff --git a/docs/models/createoutputsystembypackoutputwizhec.md b/docs/models/createoutputsystembypackoutputwizhec.md index 3a6d29817..5022c4a45 100644 --- a/docs/models/createoutputsystembypackoutputwizhec.md +++ b/docs/models/createoutputsystembypackoutputwizhec.md @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsWizHec]](../models/createoutputsystembypackpqcontrolswizhec.md) | :heavy_minus_sign: | N/A | | `token` | *Optional[str]* | :heavy_minus_sign: | Wiz Defend Auth token | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/createoutputsystembypackoutputxsiam.md b/docs/models/createoutputsystembypackoutputxsiam.md index bc2b8a3c2..83f18abc1 100644 --- a/docs/models/createoutputsystembypackoutputxsiam.md +++ b/docs/models/createoutputsystembypackoutputxsiam.md @@ -48,7 +48,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.CreateOutputSystemByPackPqControlsXsiam]](../models/createoutputsystembypackpqcontrolsxsiam.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/createoutputsystembypackpqcontrolsgooglecloudobservability.md b/docs/models/createoutputsystembypackpqcontrolsgooglecloudobservability.md new file mode 100644 index 000000000..4ece09945 --- /dev/null +++ b/docs/models/createoutputsystembypackpqcontrolsgooglecloudobservability.md @@ -0,0 +1,7 @@ +# CreateOutputSystemByPackPqControlsGoogleCloudObservability + + +## Fields + +| Field | Type | Required | Description | +| ----------- | ----------- | ----------- | ----------- | \ No newline at end of file diff --git a/docs/models/createoutputsystembypackprotocolgooglecloudobservability.md b/docs/models/createoutputsystembypackprotocolgooglecloudobservability.md new file mode 100644 index 000000000..d940a2cbd --- /dev/null +++ b/docs/models/createoutputsystembypackprotocolgooglecloudobservability.md @@ -0,0 +1,18 @@ +# CreateOutputSystemByPackProtocolGoogleCloudObservability + +## Example Usage + +```python +from cribl_control_plane.models import CreateOutputSystemByPackProtocolGoogleCloudObservability + +value = CreateOutputSystemByPackProtocolGoogleCloudObservability.GRPC + +# Open enum: unrecognized values are captured as UnrecognizedStr +``` + + +## Values + +| Name | Value | +| ------ | ------ | +| `GRPC` | grpc | \ No newline at end of file diff --git a/docs/models/createoutputsystembypackrequestbody.md b/docs/models/createoutputsystembypackrequestbody.md index 4adf275b8..6160c6d99 100644 --- a/docs/models/createoutputsystembypackrequestbody.md +++ b/docs/models/createoutputsystembypackrequestbody.md @@ -143,6 +143,12 @@ value: models.CreateOutputSystemByPackOutputGoogleCloudStorage = /* values here value: models.CreateOutputSystemByPackOutputGoogleCloudLogging = /* values here */ ``` +### `models.CreateOutputSystemByPackOutputGoogleCloudObservability` + +```python +value: models.CreateOutputSystemByPackOutputGoogleCloudObservability = /* values here */ +``` + ### `models.CreateOutputSystemByPackOutputGooglePubsub` ```python diff --git a/docs/models/createoutputsystembypackstatsdestination.md b/docs/models/createoutputsystembypackstatsdestination.md index c8b05907e..608845afe 100644 --- a/docs/models/createoutputsystembypackstatsdestination.md +++ b/docs/models/createoutputsystembypackstatsdestination.md @@ -3,12 +3,14 @@ ## Fields -| Field | Type | Required | Description | -| ------------------ | ------------------ | ------------------ | ------------------ | -| `url` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `database` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `table_name` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `auth_type` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `username` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `sql_username` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `password` | *Optional[str]* | :heavy_minus_sign: | N/A | \ No newline at end of file +| Field | Type | Required | Description | +| ------------------------ | ------------------------ | ------------------------ | ------------------------ | +| `url` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `database` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `table_name` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `auth_type` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `sql_username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `password` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `wait_for_async_inserts` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `concurrency` | *Optional[float]* | :heavy_minus_sign: | N/A | \ No newline at end of file diff --git a/docs/models/createoutputsystembypacktypegooglecloudobservability.md b/docs/models/createoutputsystembypacktypegooglecloudobservability.md new file mode 100644 index 000000000..c78590a94 --- /dev/null +++ b/docs/models/createoutputsystembypacktypegooglecloudobservability.md @@ -0,0 +1,16 @@ +# CreateOutputSystemByPackTypeGoogleCloudObservability + +## Example Usage + +```python +from cribl_control_plane.models import CreateOutputSystemByPackTypeGoogleCloudObservability + +value = CreateOutputSystemByPackTypeGoogleCloudObservability.GOOGLE_CLOUD_OBSERVABILITY +``` + + +## Values + +| Name | Value | +| ---------------------------- | ---------------------------- | +| `GOOGLE_CLOUD_OBSERVABILITY` | google_cloud_observability | \ No newline at end of file diff --git a/docs/models/createoutputtypegooglecloudobservability.md b/docs/models/createoutputtypegooglecloudobservability.md new file mode 100644 index 000000000..309f31b31 --- /dev/null +++ b/docs/models/createoutputtypegooglecloudobservability.md @@ -0,0 +1,16 @@ +# CreateOutputTypeGoogleCloudObservability + +## Example Usage + +```python +from cribl_control_plane.models import CreateOutputTypeGoogleCloudObservability + +value = CreateOutputTypeGoogleCloudObservability.GOOGLE_CLOUD_OBSERVABILITY +``` + + +## Values + +| Name | Value | +| ---------------------------- | ---------------------------- | +| `GOOGLE_CLOUD_OBSERVABILITY` | google_cloud_observability | \ No newline at end of file diff --git a/docs/models/cribllakedataset.md b/docs/models/cribllakedataset.md index e2d3229d5..14c480c46 100644 --- a/docs/models/cribllakedataset.md +++ b/docs/models/cribllakedataset.md @@ -11,11 +11,11 @@ | `deletion_started_at` | *Optional[float]* | :heavy_minus_sign: | Timestamp (in Unix time) when Dataset deletion was initiated, in milliseconds. | | `description` | *Optional[str]* | :heavy_minus_sign: | Brief description of the Dataset. | | `format_` | [Optional[models.FormatOptionsCriblLakeDataset]](../models/formatoptionscribllakedataset.md) | :heavy_minus_sign: | Storage format used for data persisted in the Dataset. | -| `http_da_used` | *Optional[bool]* | :heavy_minus_sign: | If true, the Dataset is used by Direct Access HTTP. | +| `http_da_used` | *Optional[bool]* | :heavy_minus_sign: | If true, the Dataset is used by Direct Access HTTP. Otherwise, false. | | `id` | *str* | :heavy_check_mark: | Unique identifier for the Dataset. | | `metrics` | [Optional[models.LakeDatasetMetrics]](../models/lakedatasetmetrics.md) | :heavy_minus_sign: | N/A | | `retention_period_in_days` | *Optional[int]* | :heavy_minus_sign: | Dataset retention period, in days. | | `search_config` | [Optional[models.LakeDatasetSearchConfig]](../models/lakedatasetsearchconfig.md) | :heavy_minus_sign: | N/A | | `storage_class` | [Optional[models.StorageClassOptionsCriblLakeDataset]](../models/storageclassoptionscribllakedataset.md) | :heavy_minus_sign: | Storage class used for objects written to the Dataset. | -| `storage_location_id` | *Optional[str]* | :heavy_minus_sign: | Identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName. | +| `storage_location_id` | *Optional[str]* | :heavy_minus_sign: | Unique identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName. | | `view_name` | *Optional[str]* | :heavy_minus_sign: | Name of the ClickHouse view for the Dataset on the Lakehouse. | \ No newline at end of file diff --git a/docs/models/cribllakedatasetupdate.md b/docs/models/cribllakedatasetupdate.md index d80fb3db4..2d2611c06 100644 --- a/docs/models/cribllakedatasetupdate.md +++ b/docs/models/cribllakedatasetupdate.md @@ -11,11 +11,11 @@ | `deletion_started_at` | *Optional[float]* | :heavy_minus_sign: | Timestamp (in Unix time) when Dataset deletion was initiated, in milliseconds. | | `description` | *Optional[str]* | :heavy_minus_sign: | Brief description of the Dataset. | | `format_` | [Optional[models.FormatOptionsCriblLakeDataset]](../models/formatoptionscribllakedataset.md) | :heavy_minus_sign: | Storage format used for data persisted in the Dataset. | -| `http_da_used` | *Optional[bool]* | :heavy_minus_sign: | If true, the Dataset is used by Direct Access HTTP. | -| `id` | *Optional[str]* | :heavy_minus_sign: | Dataset identifier. Optional; the path parameter id is authoritative. | +| `http_da_used` | *Optional[bool]* | :heavy_minus_sign: | If true, the Dataset is used by Direct Access HTTP. Otherwise, false. | +| `id` | *Optional[str]* | :heavy_minus_sign: | Unique identifier for the Dataset. Optional; the path parameter id is authoritative. | | `metrics` | [Optional[models.LakeDatasetMetrics]](../models/lakedatasetmetrics.md) | :heavy_minus_sign: | N/A | | `retention_period_in_days` | *Optional[int]* | :heavy_minus_sign: | Dataset retention period, in days. | | `search_config` | [Optional[models.LakeDatasetSearchConfig]](../models/lakedatasetsearchconfig.md) | :heavy_minus_sign: | N/A | | `storage_class` | [Optional[models.StorageClassOptionsCriblLakeDataset]](../models/storageclassoptionscribllakedataset.md) | :heavy_minus_sign: | Storage class used for objects written to the Dataset. | -| `storage_location_id` | *Optional[str]* | :heavy_minus_sign: | Identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName. | +| `storage_location_id` | *Optional[str]* | :heavy_minus_sign: | Unique identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName. | | `view_name` | *Optional[str]* | :heavy_minus_sign: | Name of the ClickHouse view for the Dataset on the Lakehouse. | \ No newline at end of file diff --git a/docs/models/datasetmetadata.md b/docs/models/datasetmetadata.md index a6d1e2c4d..dfc1f25e9 100644 --- a/docs/models/datasetmetadata.md +++ b/docs/models/datasetmetadata.md @@ -6,7 +6,7 @@ | Field | Type | Required | Description | Example | | -------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | | `earliest` | *str* | :heavy_check_mark: | Rolling time window that defines how far back acceleration scans. | -30d | -| `enable_acceleration` | *bool* | :heavy_check_mark: | If true, the system automatically backfills and refreshes Dataset metadata. | | +| `enable_acceleration` | *bool* | :heavy_check_mark: | If true, the system automatically backfills and refreshes Dataset metadata. Otherwise, false. | | | `field_list` | List[*str*] | :heavy_check_mark: | Fields for which acceleration gathers statistics. Required when scan mode is detailed. | | | `latest_run_info` | [Optional[models.DatasetMetadataRunInfo]](../models/datasetmetadataruninfo.md) | :heavy_minus_sign: | N/A | | | `scan_mode` | [models.ScanMode](../models/scanmode.md) | :heavy_check_mark: | Acceleration scan mode. quick collects object-level metadata; detailed also collects field-level statistics. | | \ No newline at end of file diff --git a/docs/models/destinationtype.md b/docs/models/destinationtype.md index 47860aaee..8a7c029b3 100644 --- a/docs/models/destinationtype.md +++ b/docs/models/destinationtype.md @@ -13,83 +13,84 @@ value = DestinationType.DEFAULT ## Values -| Name | Value | -| --------------------------- | --------------------------- | -| `DEFAULT` | default | -| `ROUTER` | router | -| `TCPJSON` | tcpjson | -| `SPLUNK` | splunk | -| `SPLUNK_LB` | splunk_lb | -| `SPLUNK_HEC` | splunk_hec | -| `SYSLOG` | syslog | -| `FILESYSTEM` | filesystem | -| `S3` | s3 | -| `AZURE_BLOB` | azure_blob | -| `AZURE_DATA_EXPLORER` | azure_data_explorer | -| `SENTINEL` | sentinel | -| `AZURE_LOGS` | azure_logs | -| `KAFKA` | kafka | -| `CONFLUENT_CLOUD` | confluent_cloud | -| `MSK` | msk | -| `KINESIS` | kinesis | -| `ELASTIC` | elastic | -| `ELASTIC_CLOUD` | elastic_cloud | -| `MICROSOFT_FABRIC` | microsoft_fabric | -| `CLOUDFLARE_R2` | cloudflare_r2 | -| `HONEYCOMB` | honeycomb | -| `NEWRELIC` | newrelic | -| `NEWRELIC_EVENTS` | newrelic_events | -| `SNMP` | snmp | -| `INFLUXDB` | influxdb | -| `MINIO` | minio | -| `DEVNULL` | devnull | -| `CLOUDWATCH` | cloudwatch | -| `AZURE_EVENTHUB` | azure_eventhub | -| `STATSD` | statsd | -| `STATSD_EXT` | statsd_ext | -| `GRAPHITE` | graphite | -| `WAVEFRONT` | wavefront | -| `SIGNALFX` | signalfx | -| `SQS` | sqs | -| `GOOGLE_CLOUD_STORAGE` | google_cloud_storage | -| `SUMO_LOGIC` | sumo_logic | -| `DATADOG` | datadog | -| `WEBHOOK` | webhook | -| `PROMETHEUS` | prometheus | -| `GOOGLE_PUBSUB` | google_pubsub | -| `GOOGLE_CHRONICLE` | google_chronicle | -| `CHRONICLE` | chronicle | -| `GRAFANA_CLOUD` | grafana_cloud | -| `LOKI` | loki | -| `OPEN_TELEMETRY` | open_telemetry | -| `SERVICE_NOW` | service_now | -| `DYNATRACE_OTLP` | dynatrace_otlp | -| `SENTINEL_ONE_AI_SIEM` | sentinel_one_ai_siem | -| `DATASET` | dataset | -| `RING` | ring | -| `HUMIO_HEC` | humio_hec | -| `CROWDSTRIKE_NEXT_GEN_SIEM` | crowdstrike_next_gen_siem | -| `CRIBL_HTTP` | cribl_http | -| `CRIBL_TCP` | cribl_tcp | -| `CRIBL_SEARCH_ENGINE` | cribl_search_engine | -| `GOOGLE_CLOUD_LOGGING` | google_cloud_logging | -| `SNS` | sns | -| `DL_S3` | dl_s3 | -| `SECURITY_LAKE` | security_lake | -| `CRIBL_LAKE` | cribl_lake | -| `EXABEAM` | exabeam | -| `DISK_SPOOL` | disk_spool | -| `CLICK_HOUSE` | click_house | -| `LOCAL_SEARCH_STORAGE` | local_search_storage | -| `XSIAM` | xsiam | -| `NETFLOW` | netflow | -| `DYNATRACE_HTTP` | dynatrace_http | -| `DATABRICKS` | databricks | -| `WIZ_HEC` | wiz_hec | -| `NUTANIX_OBJECTS` | nutanix_objects | -| `STORJ_S3` | storj_s3 | -| `ALPHASOC_S3` | alphasoc_s3 | -| `DELL_S3` | dell_s3 | -| `CLOUDIAN_S3` | cloudian_s3 | -| `SCALITY_S3` | scality_s3 | -| `ALIBABA_CLOUD_S3` | alibaba_cloud_s3 | \ No newline at end of file +| Name | Value | +| ---------------------------- | ---------------------------- | +| `DEFAULT` | default | +| `ROUTER` | router | +| `TCPJSON` | tcpjson | +| `SPLUNK` | splunk | +| `SPLUNK_LB` | splunk_lb | +| `SPLUNK_HEC` | splunk_hec | +| `SYSLOG` | syslog | +| `FILESYSTEM` | filesystem | +| `S3` | s3 | +| `AZURE_BLOB` | azure_blob | +| `AZURE_DATA_EXPLORER` | azure_data_explorer | +| `SENTINEL` | sentinel | +| `AZURE_LOGS` | azure_logs | +| `KAFKA` | kafka | +| `CONFLUENT_CLOUD` | confluent_cloud | +| `MSK` | msk | +| `KINESIS` | kinesis | +| `ELASTIC` | elastic | +| `ELASTIC_CLOUD` | elastic_cloud | +| `MICROSOFT_FABRIC` | microsoft_fabric | +| `CLOUDFLARE_R2` | cloudflare_r2 | +| `HONEYCOMB` | honeycomb | +| `NEWRELIC` | newrelic | +| `NEWRELIC_EVENTS` | newrelic_events | +| `SNMP` | snmp | +| `INFLUXDB` | influxdb | +| `MINIO` | minio | +| `DEVNULL` | devnull | +| `CLOUDWATCH` | cloudwatch | +| `AZURE_EVENTHUB` | azure_eventhub | +| `STATSD` | statsd | +| `STATSD_EXT` | statsd_ext | +| `GRAPHITE` | graphite | +| `WAVEFRONT` | wavefront | +| `SIGNALFX` | signalfx | +| `SQS` | sqs | +| `GOOGLE_CLOUD_STORAGE` | google_cloud_storage | +| `SUMO_LOGIC` | sumo_logic | +| `DATADOG` | datadog | +| `WEBHOOK` | webhook | +| `PROMETHEUS` | prometheus | +| `GOOGLE_PUBSUB` | google_pubsub | +| `GOOGLE_CHRONICLE` | google_chronicle | +| `CHRONICLE` | chronicle | +| `GOOGLE_CLOUD_OBSERVABILITY` | google_cloud_observability | +| `GRAFANA_CLOUD` | grafana_cloud | +| `LOKI` | loki | +| `OPEN_TELEMETRY` | open_telemetry | +| `SERVICE_NOW` | service_now | +| `DYNATRACE_OTLP` | dynatrace_otlp | +| `SENTINEL_ONE_AI_SIEM` | sentinel_one_ai_siem | +| `DATASET` | dataset | +| `RING` | ring | +| `HUMIO_HEC` | humio_hec | +| `CROWDSTRIKE_NEXT_GEN_SIEM` | crowdstrike_next_gen_siem | +| `CRIBL_HTTP` | cribl_http | +| `CRIBL_TCP` | cribl_tcp | +| `CRIBL_SEARCH_ENGINE` | cribl_search_engine | +| `GOOGLE_CLOUD_LOGGING` | google_cloud_logging | +| `SNS` | sns | +| `DL_S3` | dl_s3 | +| `SECURITY_LAKE` | security_lake | +| `CRIBL_LAKE` | cribl_lake | +| `EXABEAM` | exabeam | +| `DISK_SPOOL` | disk_spool | +| `CLICK_HOUSE` | click_house | +| `LOCAL_SEARCH_STORAGE` | local_search_storage | +| `XSIAM` | xsiam | +| `NETFLOW` | netflow | +| `DYNATRACE_HTTP` | dynatrace_http | +| `DATABRICKS` | databricks | +| `WIZ_HEC` | wiz_hec | +| `NUTANIX_OBJECTS` | nutanix_objects | +| `STORJ_S3` | storj_s3 | +| `ALPHASOC_S3` | alphasoc_s3 | +| `DELL_S3` | dell_s3 | +| `CLOUDIAN_S3` | cloudian_s3 | +| `SCALITY_S3` | scality_s3 | +| `ALIBABA_CLOUD_S3` | alibaba_cloud_s3 | \ No newline at end of file diff --git a/docs/models/formatoptionscribllakedataset.md b/docs/models/formatoptionscribllakedataset.md index 9bd1e9908..12f41b4e3 100644 --- a/docs/models/formatoptionscribllakedataset.md +++ b/docs/models/formatoptionscribllakedataset.md @@ -15,8 +15,9 @@ value = FormatOptionsCriblLakeDataset.DDSS ## Values -| Name | Value | -| --------- | --------- | -| `DDSS` | ddss | -| `JSON` | json | -| `PARQUET` | parquet | \ No newline at end of file +| Name | Value | +| ---------- | ---------- | +| `DDSS` | ddss | +| `JSON` | json | +| `NETSKOPE` | netskope | +| `PARQUET` | parquet | \ No newline at end of file diff --git a/docs/models/getcribllakedatasetbylakeidandidrequest.md b/docs/models/getcribllakedatasetbylakeidandidrequest.md index 79207f0af..4047a6363 100644 --- a/docs/models/getcribllakedatasetbylakeidandidrequest.md +++ b/docs/models/getcribllakedatasetbylakeidandidrequest.md @@ -3,7 +3,8 @@ ## Fields -| Field | Type | Required | Description | -| ---------------------------------------------------------------------- | ---------------------------------------------------------------------- | ---------------------------------------------------------------------- | ---------------------------------------------------------------------- | -| `lake_id` | *str* | :heavy_check_mark: | The id of the Lake that contains the Lake Dataset to get. | -| `id` | *str* | :heavy_check_mark: | The id of the Lake Dataset to get. | \ No newline at end of file +| Field | Type | Required | Description | +| ---------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `lake_id` | *str* | :heavy_check_mark: | The id of the Lake that contains the Lake Dataset to get. | +| `id` | *str* | :heavy_check_mark: | The id of the Lake Dataset to get. | +| `include_metrics` | *Optional[bool]* | :heavy_minus_sign: | Set to true to include storage metrics for each Lake Dataset. Otherwise, false (default). Requires a Cribl Lake metrics license. | \ No newline at end of file diff --git a/docs/models/getcribllakedatasetbylakeidformat.md b/docs/models/getcribllakedatasetbylakeidformat.md new file mode 100644 index 000000000..b044ab51b --- /dev/null +++ b/docs/models/getcribllakedatasetbylakeidformat.md @@ -0,0 +1,20 @@ +# GetCriblLakeDatasetByLakeIDFormat + +Filter datasets by format. Set to ddss to return only DDSS datasets. + +## Example Usage + +```python +from cribl_control_plane.models import GetCriblLakeDatasetByLakeIDFormat + +value = GetCriblLakeDatasetByLakeIDFormat.DDSS + +# Open enum: unrecognized values are captured as UnrecognizedStr +``` + + +## Values + +| Name | Value | +| ------ | ------ | +| `DDSS` | ddss | \ No newline at end of file diff --git a/docs/models/getcribllakedatasetbylakeidrequest.md b/docs/models/getcribllakedatasetbylakeidrequest.md index e03ed488b..2674648d9 100644 --- a/docs/models/getcribllakedatasetbylakeidrequest.md +++ b/docs/models/getcribllakedatasetbylakeidrequest.md @@ -3,12 +3,14 @@ ## Fields -| Field | Type | Required | Description | -| ----------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------- | -| `lake_id` | *str* | :heavy_check_mark: | The id of the Lake that contains the Lake Datasets to list. | -| `storage_location_id` | *Optional[str]* | :heavy_minus_sign: | Filter datasets by storage location ID. Use default for default storage location. | -| `format_` | *Optional[str]* | :heavy_minus_sign: | Filter datasets by format. Set to ddss to return only DDSS datasets. | -| `exclude_ddss` | *Optional[bool]* | :heavy_minus_sign: | Exclude DDSS format datasets from the response. | -| `exclude_deleted` | *Optional[bool]* | :heavy_minus_sign: | Exclude deleted datasets from the response. | -| `exclude_internal` | *Optional[bool]* | :heavy_minus_sign: | Exclude internal datasets (those with IDs starting with cribl_) from the response. | -| `exclude_byos` | *Optional[bool]* | :heavy_minus_sign: | Exclude BYOS (Bring Your Own Storage) datasets from the response. | \ No newline at end of file +| Field | Type | Required | Description | +| ---------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `lake_id` | *str* | :heavy_check_mark: | The id of the Lake that contains the Lake Datasets to list. | +| `storage_location_id` | *Optional[str]* | :heavy_minus_sign: | Filter datasets by storage location ID. Use default for default storage location. | +| `format_` | [Optional[models.GetCriblLakeDatasetByLakeIDFormat]](../models/getcribllakedatasetbylakeidformat.md) | :heavy_minus_sign: | Filter datasets by format. Set to ddss to return only DDSS datasets. | +| `exclude_ddss` | *Optional[bool]* | :heavy_minus_sign: | Exclude DDSS format datasets from the response. | +| `exclude_netskope` | *Optional[bool]* | :heavy_minus_sign: | Exclude Netskope format datasets from the response. | +| `exclude_deleted` | *Optional[bool]* | :heavy_minus_sign: | Exclude deleted datasets from the response. | +| `exclude_internal` | *Optional[bool]* | :heavy_minus_sign: | Exclude internal datasets (those with IDs starting with cribl_) from the response. | +| `exclude_byos` | *Optional[bool]* | :heavy_minus_sign: | Exclude BYOS (Bring Your Own Storage) datasets from the response. | +| `include_metrics` | *Optional[bool]* | :heavy_minus_sign: | Set to true to include storage metrics for each Lake Dataset. Otherwise, false (default). Requires a Cribl Lake metrics license. | \ No newline at end of file diff --git a/docs/models/getdatabaseconnectionconfigrequest.md b/docs/models/getdatabaseconnectionconfigrequest.md new file mode 100644 index 000000000..702102eb0 --- /dev/null +++ b/docs/models/getdatabaseconnectionconfigrequest.md @@ -0,0 +1,8 @@ +# GetDatabaseConnectionConfigRequest + + +## Fields + +| Field | Type | Required | Description | +| ------------------------------------------------------------------------------ | ------------------------------------------------------------------------------ | ------------------------------------------------------------------------------ | ------------------------------------------------------------------------------ | +| `database_type` | [Optional[models.DatabaseConnectionType]](../models/databaseconnectiontype.md) | :heavy_minus_sign: | Type of Database Connections to include in the results. | \ No newline at end of file diff --git a/docs/models/getsavedjobrequest.md b/docs/models/getsavedjobrequest.md index fe50e348d..1ef533464 100644 --- a/docs/models/getsavedjobrequest.md +++ b/docs/models/getsavedjobrequest.md @@ -3,6 +3,6 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------ | ------------------------ | ------------------------ | ------------------------ | -| `collector_type` | *Optional[str]* | :heavy_minus_sign: | Filter by collector type | \ No newline at end of file +| Field | Type | Required | Description | +| ------------------------------------------------------------ | ------------------------------------------------------------ | ------------------------------------------------------------ | ------------------------------------------------------------ | +| `collector_type` | [Optional[models.CollectorType]](../models/collectortype.md) | :heavy_minus_sign: | Filter by collector type | \ No newline at end of file diff --git a/docs/models/groupcreaterequest.md b/docs/models/groupcreaterequest.md index 194d394c8..67b11bf4d 100644 --- a/docs/models/groupcreaterequest.md +++ b/docs/models/groupcreaterequest.md @@ -8,7 +8,7 @@ | `cloud` | [Optional[models.ConfigGroupCloud]](../models/configgroupcloud.md) | :heavy_minus_sign: | N/A | | | `description` | *Optional[str]* | :heavy_minus_sign: | Brief description of the Worker Group, Outpost Group, or Edge Fleet. | | | `estimated_ingest_rate` | [Optional[models.EstimatedIngestRateOptionsConfigGroup]](../models/estimatedingestrateoptionsconfiggroup.md) | :heavy_minus_sign: | Estimated ingest rate for a Cribl.Cloud Worker Group, in GB/sec. | 4096 | -| `id` | *str* | :heavy_check_mark: | N/A | | +| `id` | *str* | :heavy_check_mark: | Unique identifier. | | | `inherits` | *Optional[str]* | :heavy_minus_sign: | The id of the parent Edge Fleet. If provided, this Fleet inherits configuration from the specified parent Fleet. Applies only to Edge Fleets. | | | ~~`is_fleet`~~ | *Optional[bool]* | :heavy_minus_sign: | : warning: ** DEPRECATED **: This will be removed in a future release, please migrate away from it as soon as possible.

Indicates whether this is an Edge Fleet. Deprecated. Use to identify Edge Fleets. | | | ~~`is_search`~~ | *Optional[bool]* | :heavy_minus_sign: | : warning: ** DEPRECATED **: This will be removed in a future release, please migrate away from it as soon as possible.

Indicates whether this is an internal Search Group. Deprecated. Use to identify Search Groups. | | diff --git a/docs/models/hbcriblinfo.md b/docs/models/hbcriblinfo.md index 683b28953..63fc86921 100644 --- a/docs/models/hbcriblinfo.md +++ b/docs/models/hbcriblinfo.md @@ -15,6 +15,7 @@ | `install_type` | *Optional[str]* | :heavy_minus_sign: | Value of the CRIBL_INSTALL_TYPE environment variable, relayed for upgrade decisions (since 4.5.0). | | | `lookup_versions` | Dict[str, Dict[str, *str*]] | :heavy_minus_sign: | Objects that map Lookup files to deployment versions. | | | `master` | [Optional[models.HBLeaderInfo]](../models/hbleaderinfo.md) | :heavy_minus_sign: | Connection parameters for the Leader Node, as reported in a Worker heartbeat. | | +| `overlay_id` | *Optional[str]* | :heavy_minus_sign: | N/A | | | `pid` | *Optional[int]* | :heavy_minus_sign: | The process ID. | | | `socks_enabled` | *Optional[bool]* | :heavy_minus_sign: | If true, SOCKS proxy connectivity is enabled for the node. | | | `start_time` | *int* | :heavy_check_mark: | Timestamp (in Unix time) when the Cribl server process started, in milliseconds. | | diff --git a/docs/models/healthcheckauthenticationbasic.md b/docs/models/healthcheckauthenticationbasic.md index c8c9edd27..2ee3f44b2 100644 --- a/docs/models/healthcheckauthenticationbasic.md +++ b/docs/models/healthcheckauthenticationbasic.md @@ -3,21 +3,33 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `authentication` | [models.HealthCheckAuthenticationBasicAuthentication](../models/healthcheckauthenticationbasicauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers. | -| `username` | *str* | :heavy_check_mark: | Basic authentication username | -| `password` | *str* | :heavy_check_mark: | Basic authentication password | -| `discovery` | [Optional[models.HealthCheckAuthenticationBasicDiscovery]](../models/healthcheckauthenticationbasicdiscovery.md) | :heavy_minus_sign: | N/A | -| `collect_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the health check operation (can be a constant). | -| `collect_method` | [models.HealthCheckAuthenticationBasicHealthCheckMethod](../models/healthcheckauthenticationbasichealthcheckmethod.md) | :heavy_check_mark: | Health check HTTP method. | -| `collect_request_headers` | List[[models.HealthCheckAuthenticationBasicCollectRequestHeader](../models/healthcheckauthenticationbasiccollectrequestheader.md)] | :heavy_minus_sign: | Optional health check request headers. | -| `authenticate_collect` | *Optional[bool]* | :heavy_minus_sign: | Enable to make auth health check call. | -| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout, use 0 to disable | -| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Whether to reject certificates that cannot be verified against a valid CA (e.g., self-signed certificates). | -| `default_breakers` | [Optional[models.HiddenDefaultBreakersOptionsDatabaseCollectorConf]](../models/hiddendefaultbreakersoptionsdatabasecollectorconf.md) | :heavy_minus_sign: | N/A | -| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text. | -| `retry_rules` | [Optional[models.HealthCheckAuthenticationBasicRetryRules]](../models/healthcheckauthenticationbasicretryrules.md) | :heavy_minus_sign: | N/A | -| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters | -| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value. | -| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `authentication` | [models.HealthCheckAuthenticationBasicAuthentication](../models/healthcheckauthenticationbasicauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers. | +| `username` | *str* | :heavy_check_mark: | Basic authentication username | +| `password` | *str* | :heavy_check_mark: | Basic authentication password | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `discovery` | [Optional[models.HealthCheckAuthenticationBasicDiscovery]](../models/healthcheckauthenticationbasicdiscovery.md) | :heavy_minus_sign: | N/A | +| `collect_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the health check operation (can be a constant). | +| `collect_method` | [models.HealthCheckAuthenticationBasicHealthCheckMethod](../models/healthcheckauthenticationbasichealthcheckmethod.md) | :heavy_check_mark: | Health check HTTP method. | +| `collect_request_headers` | List[[models.HealthCheckAuthenticationBasicCollectRequestHeader](../models/healthcheckauthenticationbasiccollectrequestheader.md)] | :heavy_minus_sign: | Optional health check request headers. | +| `authenticate_collect` | *Optional[bool]* | :heavy_minus_sign: | Enable to make auth health check call. | +| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout, use 0 to disable | +| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Whether to reject certificates that cannot be verified against a valid CA (e.g., self-signed certificates). | +| `default_breakers` | [Optional[models.HiddenDefaultBreakersOptionsDatabaseCollectorConf]](../models/hiddendefaultbreakersoptionsdatabasecollectorconf.md) | :heavy_minus_sign: | N/A | +| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text. | +| `retry_rules` | [Optional[models.HealthCheckAuthenticationBasicRetryRules]](../models/healthcheckauthenticationbasicretryrules.md) | :heavy_minus_sign: | N/A | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | +| `login_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for login API call. This call is expected to be a POST. | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `template_token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime. | +| `auth_header_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. | +| `auth_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional authentication request headers. | +| `client_secret_param_name` | *Optional[str]* | :heavy_minus_sign: | Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters. | +| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters | +| `auth_request_params` | List[[models.AuthRequestParamConfHealthCheckAuthenticationOauth](../models/authrequestparamconfhealthcheckauthenticationoauth.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value. | +| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypehttpdiscovermethodget.md index 571669596..20ea174ae 100644 --- a/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypehttpdiscovermethodget.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md index ec3d2ce91..2fc6f0184 100644 --- a/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index 9889dc21c..91b981d2e 100644 --- a/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypejson.md b/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypejson.md index 3e978fba1..be0c59b0c 100644 --- a/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypejson.md +++ b/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypejson.md @@ -7,8 +7,10 @@ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `discover_type` | [models.HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeJSONDiscoverType](../models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypelist.md b/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypelist.md index f0cbd069d..05a0f44b2 100644 --- a/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypelist.md +++ b/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypelist.md @@ -8,6 +8,9 @@ | `discover_type` | [models.HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeListDiscoverType](../models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypenone.md b/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypenone.md index 802bdf66d..c784620ed 100644 --- a/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypenone.md +++ b/docs/models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypenone.md @@ -7,7 +7,10 @@ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `discover_type` | [models.HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeNoneDiscoverType](../models/healthcheckauthenticationbasichealthcheckdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationbasicsecret.md b/docs/models/healthcheckauthenticationbasicsecret.md index 95004eae1..ce7b6ee0b 100644 --- a/docs/models/healthcheckauthenticationbasicsecret.md +++ b/docs/models/healthcheckauthenticationbasicsecret.md @@ -3,20 +3,33 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `authentication` | [models.HealthCheckAuthenticationBasicSecretAuthentication](../models/healthcheckauthenticationbasicsecretauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers. | -| `credentials_secret` | *str* | :heavy_check_mark: | Select or create a stored secret that references your credentials | -| `discovery` | [Optional[models.HealthCheckAuthenticationBasicSecretDiscovery]](../models/healthcheckauthenticationbasicsecretdiscovery.md) | :heavy_minus_sign: | N/A | -| `collect_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the health check operation (can be a constant). | -| `collect_method` | [models.HealthCheckAuthenticationBasicSecretHealthCheckMethod](../models/healthcheckauthenticationbasicsecrethealthcheckmethod.md) | :heavy_check_mark: | Health check HTTP method. | -| `collect_request_headers` | List[[models.HealthCheckAuthenticationBasicSecretCollectRequestHeader](../models/healthcheckauthenticationbasicsecretcollectrequestheader.md)] | :heavy_minus_sign: | Optional health check request headers. | -| `authenticate_collect` | *Optional[bool]* | :heavy_minus_sign: | Enable to make auth health check call. | -| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout, use 0 to disable | -| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Whether to reject certificates that cannot be verified against a valid CA (e.g., self-signed certificates). | -| `default_breakers` | [Optional[models.HiddenDefaultBreakersOptionsDatabaseCollectorConf]](../models/hiddendefaultbreakersoptionsdatabasecollectorconf.md) | :heavy_minus_sign: | N/A | -| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text. | -| `retry_rules` | [Optional[models.HealthCheckAuthenticationBasicSecretRetryRules]](../models/healthcheckauthenticationbasicsecretretryrules.md) | :heavy_minus_sign: | N/A | -| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters | -| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value. | -| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `authentication` | [models.HealthCheckAuthenticationBasicSecretAuthentication](../models/healthcheckauthenticationbasicsecretauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers. | +| `credentials_secret` | *str* | :heavy_check_mark: | Select or create a stored secret that references your credentials | +| `discovery` | [Optional[models.HealthCheckAuthenticationBasicSecretDiscovery]](../models/healthcheckauthenticationbasicsecretdiscovery.md) | :heavy_minus_sign: | N/A | +| `collect_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the health check operation (can be a constant). | +| `collect_method` | [models.HealthCheckAuthenticationBasicSecretHealthCheckMethod](../models/healthcheckauthenticationbasicsecrethealthcheckmethod.md) | :heavy_check_mark: | Health check HTTP method. | +| `collect_request_headers` | List[[models.HealthCheckAuthenticationBasicSecretCollectRequestHeader](../models/healthcheckauthenticationbasicsecretcollectrequestheader.md)] | :heavy_minus_sign: | Optional health check request headers. | +| `authenticate_collect` | *Optional[bool]* | :heavy_minus_sign: | Enable to make auth health check call. | +| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout, use 0 to disable | +| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Whether to reject certificates that cannot be verified against a valid CA (e.g., self-signed certificates). | +| `default_breakers` | [Optional[models.HiddenDefaultBreakersOptionsDatabaseCollectorConf]](../models/hiddendefaultbreakersoptionsdatabasecollectorconf.md) | :heavy_minus_sign: | N/A | +| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text. | +| `retry_rules` | [Optional[models.HealthCheckAuthenticationBasicSecretRetryRules]](../models/healthcheckauthenticationbasicsecretretryrules.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | Basic authentication username | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `password` | *Optional[str]* | :heavy_minus_sign: | Basic authentication password | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `login_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for login API call. This call is expected to be a POST. | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `template_token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime. | +| `auth_header_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. | +| `auth_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional authentication request headers. | +| `client_secret_param_name` | *Optional[str]* | :heavy_minus_sign: | Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters. | +| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters | +| `auth_request_params` | List[[models.AuthRequestParamConfHealthCheckAuthenticationOauth](../models/authrequestparamconfhealthcheckauthenticationoauth.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value. | +| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodget.md index 4441af695..9abab5a9a 100644 --- a/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodget.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md index 246d3b0d3..658638b9c 100644 --- a/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index 510325708..0402c4c22 100644 --- a/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypejson.md b/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypejson.md index 1970cdf66..7dfcf5511 100644 --- a/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypejson.md +++ b/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypejson.md @@ -7,8 +7,10 @@ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `discover_type` | [models.HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeJSONDiscoverType](../models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypelist.md b/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypelist.md index bb0075f30..10fdba27c 100644 --- a/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypelist.md +++ b/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypelist.md @@ -8,6 +8,9 @@ | `discover_type` | [models.HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeListDiscoverType](../models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypenone.md b/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypenone.md index d2b8eee47..ca48a1515 100644 --- a/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypenone.md +++ b/docs/models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypenone.md @@ -7,7 +7,10 @@ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `discover_type` | [models.HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeNoneDiscoverType](../models/healthcheckauthenticationbasicsecrethealthcheckdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationlogin.md b/docs/models/healthcheckauthenticationlogin.md index 28ab4b925..01f977bad 100644 --- a/docs/models/healthcheckauthenticationlogin.md +++ b/docs/models/healthcheckauthenticationlogin.md @@ -3,26 +3,33 @@ ## Fields -| Field | Type | Required | Description | -| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `authentication` | [models.HealthCheckAuthenticationLoginAuthentication](../models/healthcheckauthenticationloginauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers. | -| `login_url` | *str* | :heavy_check_mark: | URL to use for login API call. This call is expected to be a POST. | -| `username` | *str* | :heavy_check_mark: | Login username | -| `password` | *str* | :heavy_check_mark: | Login password | -| `login_body` | *str* | :heavy_check_mark: | Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message | -| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | -| `auth_header_expr` | *str* | :heavy_check_mark: | JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. | -| `auth_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional authentication request headers. | -| `discovery` | [Optional[models.HealthCheckAuthenticationLoginDiscovery]](../models/healthcheckauthenticationlogindiscovery.md) | :heavy_minus_sign: | N/A | -| `collect_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the health check operation (can be a constant). | -| `collect_method` | [models.HealthCheckAuthenticationLoginHealthCheckMethod](../models/healthcheckauthenticationloginhealthcheckmethod.md) | :heavy_check_mark: | Health check HTTP method. | -| `collect_request_headers` | List[[models.HealthCheckAuthenticationLoginCollectRequestHeader](../models/healthcheckauthenticationlogincollectrequestheader.md)] | :heavy_minus_sign: | Optional health check request headers. | -| `authenticate_collect` | *Optional[bool]* | :heavy_minus_sign: | Enable to make auth health check call. | -| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout, use 0 to disable | -| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Whether to reject certificates that cannot be verified against a valid CA (e.g., self-signed certificates). | -| `default_breakers` | [Optional[models.HiddenDefaultBreakersOptionsDatabaseCollectorConf]](../models/hiddendefaultbreakersoptionsdatabasecollectorconf.md) | :heavy_minus_sign: | N/A | -| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text. | -| `retry_rules` | [Optional[models.HealthCheckAuthenticationLoginRetryRules]](../models/healthcheckauthenticationloginretryrules.md) | :heavy_minus_sign: | N/A | -| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters | -| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value. | -| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `authentication` | [models.HealthCheckAuthenticationLoginAuthentication](../models/healthcheckauthenticationloginauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers. | +| `login_url` | *str* | :heavy_check_mark: | URL to use for login API call. This call is expected to be a POST. | +| `username` | *str* | :heavy_check_mark: | Basic authentication username | +| `password` | *str* | :heavy_check_mark: | Basic authentication password | +| `login_body` | *str* | :heavy_check_mark: | Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `auth_header_expr` | *str* | :heavy_check_mark: | JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. | +| `auth_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional authentication request headers. | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `template_token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime. | +| `discovery` | [Optional[models.HealthCheckAuthenticationLoginDiscovery]](../models/healthcheckauthenticationlogindiscovery.md) | :heavy_minus_sign: | N/A | +| `collect_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the health check operation (can be a constant). | +| `collect_method` | [models.HealthCheckAuthenticationLoginHealthCheckMethod](../models/healthcheckauthenticationloginhealthcheckmethod.md) | :heavy_check_mark: | Health check HTTP method. | +| `collect_request_headers` | List[[models.HealthCheckAuthenticationLoginCollectRequestHeader](../models/healthcheckauthenticationlogincollectrequestheader.md)] | :heavy_minus_sign: | Optional health check request headers. | +| `authenticate_collect` | *Optional[bool]* | :heavy_minus_sign: | Enable to make auth health check call. | +| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout, use 0 to disable | +| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Whether to reject certificates that cannot be verified against a valid CA (e.g., self-signed certificates). | +| `default_breakers` | [Optional[models.HiddenDefaultBreakersOptionsDatabaseCollectorConf]](../models/hiddendefaultbreakersoptionsdatabasecollectorconf.md) | :heavy_minus_sign: | N/A | +| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text. | +| `retry_rules` | [Optional[models.HealthCheckAuthenticationLoginRetryRules]](../models/healthcheckauthenticationloginretryrules.md) | :heavy_minus_sign: | N/A | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | +| `client_secret_param_name` | *Optional[str]* | :heavy_minus_sign: | Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters. | +| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters | +| `auth_request_params` | List[[models.AuthRequestParamConfHealthCheckAuthenticationOauth](../models/authrequestparamconfhealthcheckauthenticationoauth.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value. | +| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypehttpdiscovermethodget.md index b5c3b86b9..438414694 100644 --- a/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypehttpdiscovermethodget.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md index 31db53b10..6d241f644 100644 --- a/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index 28aafd907..14d9d0f5e 100644 --- a/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypejson.md b/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypejson.md index 5ac89bb56..ffa06fba4 100644 --- a/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypejson.md +++ b/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypejson.md @@ -7,8 +7,10 @@ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `discover_type` | [models.HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeJSONDiscoverType](../models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypelist.md b/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypelist.md index c5c1e90b7..f7e641b1e 100644 --- a/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypelist.md +++ b/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypelist.md @@ -8,6 +8,9 @@ | `discover_type` | [models.HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeListDiscoverType](../models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypenone.md b/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypenone.md index 31d2361aa..18c0478d8 100644 --- a/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypenone.md +++ b/docs/models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypenone.md @@ -7,7 +7,10 @@ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `discover_type` | [models.HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeNoneDiscoverType](../models/healthcheckauthenticationloginhealthcheckdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationloginsecret.md b/docs/models/healthcheckauthenticationloginsecret.md index e3053e79d..a42187dcf 100644 --- a/docs/models/healthcheckauthenticationloginsecret.md +++ b/docs/models/healthcheckauthenticationloginsecret.md @@ -3,25 +3,33 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `authentication` | [models.HealthCheckAuthenticationLoginSecretAuthentication](../models/healthcheckauthenticationloginsecretauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers. | -| `login_url` | *str* | :heavy_check_mark: | URL to use for login API call, this call is expected to be a POST. | -| `credentials_secret` | *str* | :heavy_check_mark: | Select or create a stored secret that references your login credentials | -| `login_body` | *str* | :heavy_check_mark: | Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message | -| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. If left blank, the entire response body will be used to derive the authorization header. | -| `auth_header_expr` | *str* | :heavy_check_mark: | JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. | -| `auth_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional authentication request headers. | -| `discovery` | [Optional[models.HealthCheckAuthenticationLoginSecretDiscovery]](../models/healthcheckauthenticationloginsecretdiscovery.md) | :heavy_minus_sign: | N/A | -| `collect_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the health check operation (can be a constant). | -| `collect_method` | [models.HealthCheckAuthenticationLoginSecretHealthCheckMethod](../models/healthcheckauthenticationloginsecrethealthcheckmethod.md) | :heavy_check_mark: | Health check HTTP method. | -| `collect_request_headers` | List[[models.HealthCheckAuthenticationLoginSecretCollectRequestHeader](../models/healthcheckauthenticationloginsecretcollectrequestheader.md)] | :heavy_minus_sign: | Optional health check request headers. | -| `authenticate_collect` | *Optional[bool]* | :heavy_minus_sign: | Enable to make auth health check call. | -| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout, use 0 to disable | -| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Whether to reject certificates that cannot be verified against a valid CA (e.g., self-signed certificates). | -| `default_breakers` | [Optional[models.HiddenDefaultBreakersOptionsDatabaseCollectorConf]](../models/hiddendefaultbreakersoptionsdatabasecollectorconf.md) | :heavy_minus_sign: | N/A | -| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text. | -| `retry_rules` | [Optional[models.HealthCheckAuthenticationLoginSecretRetryRules]](../models/healthcheckauthenticationloginsecretretryrules.md) | :heavy_minus_sign: | N/A | -| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters | -| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value. | -| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `authentication` | [models.HealthCheckAuthenticationLoginSecretAuthentication](../models/healthcheckauthenticationloginsecretauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers. | +| `login_url` | *str* | :heavy_check_mark: | URL to use for login API call. This call is expected to be a POST. | +| `credentials_secret` | *str* | :heavy_check_mark: | Select or create a stored secret that references your credentials | +| `login_body` | *str* | :heavy_check_mark: | Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `auth_header_expr` | *str* | :heavy_check_mark: | JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. | +| `auth_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional authentication request headers. | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `template_token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime. | +| `discovery` | [Optional[models.HealthCheckAuthenticationLoginSecretDiscovery]](../models/healthcheckauthenticationloginsecretdiscovery.md) | :heavy_minus_sign: | N/A | +| `collect_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the health check operation (can be a constant). | +| `collect_method` | [models.HealthCheckAuthenticationLoginSecretHealthCheckMethod](../models/healthcheckauthenticationloginsecrethealthcheckmethod.md) | :heavy_check_mark: | Health check HTTP method. | +| `collect_request_headers` | List[[models.HealthCheckAuthenticationLoginSecretCollectRequestHeader](../models/healthcheckauthenticationloginsecretcollectrequestheader.md)] | :heavy_minus_sign: | Optional health check request headers. | +| `authenticate_collect` | *Optional[bool]* | :heavy_minus_sign: | Enable to make auth health check call. | +| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout, use 0 to disable | +| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Whether to reject certificates that cannot be verified against a valid CA (e.g., self-signed certificates). | +| `default_breakers` | [Optional[models.HiddenDefaultBreakersOptionsDatabaseCollectorConf]](../models/hiddendefaultbreakersoptionsdatabasecollectorconf.md) | :heavy_minus_sign: | N/A | +| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text. | +| `retry_rules` | [Optional[models.HealthCheckAuthenticationLoginSecretRetryRules]](../models/healthcheckauthenticationloginsecretretryrules.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | Basic authentication username | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `password` | *Optional[str]* | :heavy_minus_sign: | Basic authentication password | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `client_secret_param_name` | *Optional[str]* | :heavy_minus_sign: | Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters. | +| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters | +| `auth_request_params` | List[[models.AuthRequestParamConfHealthCheckAuthenticationOauth](../models/authrequestparamconfhealthcheckauthenticationoauth.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value. | +| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodget.md index 4e32d69a5..9ca376c84 100644 --- a/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodget.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md index 04505dfa6..2e341887e 100644 --- a/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index 25bfd88e4..63cdb6163 100644 --- a/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypejson.md b/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypejson.md index b729d8b5a..e91d2c451 100644 --- a/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypejson.md +++ b/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypejson.md @@ -7,8 +7,10 @@ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `discover_type` | [models.HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeJSONDiscoverType](../models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypelist.md b/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypelist.md index 25bde0f18..603a0936b 100644 --- a/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypelist.md +++ b/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypelist.md @@ -8,6 +8,9 @@ | `discover_type` | [models.HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeListDiscoverType](../models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypenone.md b/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypenone.md index e2cdc7f21..1b41689ef 100644 --- a/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypenone.md +++ b/docs/models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypenone.md @@ -7,7 +7,10 @@ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `discover_type` | [models.HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeNoneDiscoverType](../models/healthcheckauthenticationloginsecrethealthcheckdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationnone.md b/docs/models/healthcheckauthenticationnone.md index 245f9f7ef..06cf2e1f7 100644 --- a/docs/models/healthcheckauthenticationnone.md +++ b/docs/models/healthcheckauthenticationnone.md @@ -3,19 +3,33 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `authentication` | [models.HealthCheckAuthenticationNoneAuthentication](../models/healthcheckauthenticationnoneauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers. | -| `discovery` | [Optional[models.HealthCheckAuthenticationNoneDiscovery]](../models/healthcheckauthenticationnonediscovery.md) | :heavy_minus_sign: | N/A | -| `collect_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the health check operation (can be a constant). | -| `collect_method` | [models.HealthCheckAuthenticationNoneHealthCheckMethod](../models/healthcheckauthenticationnonehealthcheckmethod.md) | :heavy_check_mark: | Health check HTTP method. | -| `collect_request_headers` | List[[models.HealthCheckAuthenticationNoneCollectRequestHeader](../models/healthcheckauthenticationnonecollectrequestheader.md)] | :heavy_minus_sign: | Optional health check request headers. | -| `authenticate_collect` | *Optional[bool]* | :heavy_minus_sign: | Enable to make auth health check call. | -| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout, use 0 to disable | -| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Whether to reject certificates that cannot be verified against a valid CA (e.g., self-signed certificates). | -| `default_breakers` | [Optional[models.HiddenDefaultBreakersOptionsDatabaseCollectorConf]](../models/hiddendefaultbreakersoptionsdatabasecollectorconf.md) | :heavy_minus_sign: | N/A | -| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text. | -| `retry_rules` | [Optional[models.HealthCheckAuthenticationNoneRetryRules]](../models/healthcheckauthenticationnoneretryrules.md) | :heavy_minus_sign: | N/A | -| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters | -| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value. | -| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `authentication` | [models.HealthCheckAuthenticationNoneAuthentication](../models/healthcheckauthenticationnoneauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers. | +| `discovery` | [Optional[models.HealthCheckAuthenticationNoneDiscovery]](../models/healthcheckauthenticationnonediscovery.md) | :heavy_minus_sign: | N/A | +| `collect_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the health check operation (can be a constant). | +| `collect_method` | [models.HealthCheckAuthenticationNoneHealthCheckMethod](../models/healthcheckauthenticationnonehealthcheckmethod.md) | :heavy_check_mark: | Health check HTTP method. | +| `collect_request_headers` | List[[models.HealthCheckAuthenticationNoneCollectRequestHeader](../models/healthcheckauthenticationnonecollectrequestheader.md)] | :heavy_minus_sign: | Optional health check request headers. | +| `authenticate_collect` | *Optional[bool]* | :heavy_minus_sign: | Enable to make auth health check call. | +| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout, use 0 to disable | +| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Whether to reject certificates that cannot be verified against a valid CA (e.g., self-signed certificates). | +| `default_breakers` | [Optional[models.HiddenDefaultBreakersOptionsDatabaseCollectorConf]](../models/hiddendefaultbreakersoptionsdatabasecollectorconf.md) | :heavy_minus_sign: | N/A | +| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text. | +| `retry_rules` | [Optional[models.HealthCheckAuthenticationNoneRetryRules]](../models/healthcheckauthenticationnoneretryrules.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | Basic authentication username | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `password` | *Optional[str]* | :heavy_minus_sign: | Basic authentication password | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | +| `login_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for login API call. This call is expected to be a POST. | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `template_token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime. | +| `auth_header_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. | +| `auth_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional authentication request headers. | +| `client_secret_param_name` | *Optional[str]* | :heavy_minus_sign: | Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters. | +| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters | +| `auth_request_params` | List[[models.AuthRequestParamConfHealthCheckAuthenticationOauth](../models/authrequestparamconfhealthcheckauthenticationoauth.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value. | +| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypehttpdiscovermethodget.md index d08eef842..3ce57be61 100644 --- a/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypehttpdiscovermethodget.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md index f488943a5..f29b870ec 100644 --- a/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index b8a4b0c99..2fb38d759 100644 --- a/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypejson.md b/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypejson.md index 8bc8e549d..8a10316a7 100644 --- a/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypejson.md +++ b/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypejson.md @@ -7,8 +7,10 @@ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `discover_type` | [models.HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeJSONDiscoverType](../models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypelist.md b/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypelist.md index 5d5de4cc5..2cdadfb37 100644 --- a/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypelist.md +++ b/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypelist.md @@ -8,6 +8,9 @@ | `discover_type` | [models.HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeListDiscoverType](../models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypenone.md b/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypenone.md index 04cb392a0..0e61676f5 100644 --- a/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypenone.md +++ b/docs/models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypenone.md @@ -7,7 +7,10 @@ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `discover_type` | [models.HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeNoneDiscoverType](../models/healthcheckauthenticationnonehealthcheckdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationoauth.md b/docs/models/healthcheckauthenticationoauth.md index 09c417fa1..7e042c6ea 100644 --- a/docs/models/healthcheckauthenticationoauth.md +++ b/docs/models/healthcheckauthenticationoauth.md @@ -3,25 +3,33 @@ ## Fields -| Field | Type | Required | Description | -| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `authentication` | [models.HealthCheckAuthenticationOauthAuthentication](../models/healthcheckauthenticationoauthauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers. | -| `login_url` | *str* | :heavy_check_mark: | URL to use for the OAuth API call. This call is expected to be a POST. | -| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | -| `auth_header_expr` | *str* | :heavy_check_mark: | JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. | -| `client_secret_param_name` | *str* | :heavy_check_mark: | Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters. | -| `client_secret_param_value` | *str* | :heavy_check_mark: | Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters | -| `auth_request_params` | List[[models.AuthRequestParamConfHealthCheckAuthenticationOauth](../models/authrequestparamconfhealthcheckauthenticationoauth.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | -| `auth_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationOauth](../models/authrequestheaderconfhealthcheckauthenticationoauth.md)] | :heavy_minus_sign: | Optional authentication request headers. | -| `discovery` | [Optional[models.HealthCheckAuthenticationOauthDiscovery]](../models/healthcheckauthenticationoauthdiscovery.md) | :heavy_minus_sign: | N/A | -| `collect_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the health check operation (can be a constant). | -| `collect_method` | [models.HealthCheckAuthenticationOauthHealthCheckMethod](../models/healthcheckauthenticationoauthhealthcheckmethod.md) | :heavy_check_mark: | Health check HTTP method. | -| `collect_request_headers` | List[[models.HealthCheckAuthenticationOauthCollectRequestHeader](../models/healthcheckauthenticationoauthcollectrequestheader.md)] | :heavy_minus_sign: | Optional health check request headers. | -| `authenticate_collect` | *Optional[bool]* | :heavy_minus_sign: | Enable to make auth health check call. | -| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout, use 0 to disable | -| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Whether to reject certificates that cannot be verified against a valid CA (e.g., self-signed certificates). | -| `default_breakers` | [Optional[models.HiddenDefaultBreakersOptionsDatabaseCollectorConf]](../models/hiddendefaultbreakersoptionsdatabasecollectorconf.md) | :heavy_minus_sign: | N/A | -| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text. | -| `retry_rules` | [Optional[models.HealthCheckAuthenticationOauthRetryRules]](../models/healthcheckauthenticationoauthretryrules.md) | :heavy_minus_sign: | N/A | -| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value. | -| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `authentication` | [models.HealthCheckAuthenticationOauthAuthentication](../models/healthcheckauthenticationoauthauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers. | +| `login_url` | *str* | :heavy_check_mark: | URL to use for login API call. This call is expected to be a POST. | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `auth_header_expr` | *str* | :heavy_check_mark: | JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. | +| `client_secret_param_name` | *str* | :heavy_check_mark: | Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters. | +| `client_secret_param_value` | *str* | :heavy_check_mark: | Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters | +| `auth_request_params` | List[[models.AuthRequestParamConfHealthCheckAuthenticationOauth](../models/authrequestparamconfhealthcheckauthenticationoauth.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `auth_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional authentication request headers. | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `template_token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime. | +| `discovery` | [Optional[models.HealthCheckAuthenticationOauthDiscovery]](../models/healthcheckauthenticationoauthdiscovery.md) | :heavy_minus_sign: | N/A | +| `collect_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the health check operation (can be a constant). | +| `collect_method` | [models.HealthCheckAuthenticationOauthHealthCheckMethod](../models/healthcheckauthenticationoauthhealthcheckmethod.md) | :heavy_check_mark: | Health check HTTP method. | +| `collect_request_headers` | List[[models.HealthCheckAuthenticationOauthCollectRequestHeader](../models/healthcheckauthenticationoauthcollectrequestheader.md)] | :heavy_minus_sign: | Optional health check request headers. | +| `authenticate_collect` | *Optional[bool]* | :heavy_minus_sign: | Enable to make auth health check call. | +| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout, use 0 to disable | +| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Whether to reject certificates that cannot be verified against a valid CA (e.g., self-signed certificates). | +| `default_breakers` | [Optional[models.HiddenDefaultBreakersOptionsDatabaseCollectorConf]](../models/hiddendefaultbreakersoptionsdatabasecollectorconf.md) | :heavy_minus_sign: | N/A | +| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text. | +| `retry_rules` | [Optional[models.HealthCheckAuthenticationOauthRetryRules]](../models/healthcheckauthenticationoauthretryrules.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | Basic authentication username | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `password` | *Optional[str]* | :heavy_minus_sign: | Basic authentication password | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message | +| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value. | +| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypehttpdiscovermethodget.md index fe6707ea4..6a1a751d6 100644 --- a/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypehttpdiscovermethodget.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md index 247748554..293ee1fbd 100644 --- a/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index d7e38b49f..fb80c8250 100644 --- a/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypejson.md b/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypejson.md index d0fc621de..e7baee27a 100644 --- a/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypejson.md +++ b/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypejson.md @@ -7,8 +7,10 @@ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `discover_type` | [models.HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeJSONDiscoverType](../models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypelist.md b/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypelist.md index 93f23b7fa..e755afb7b 100644 --- a/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypelist.md +++ b/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypelist.md @@ -8,6 +8,9 @@ | `discover_type` | [models.HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeListDiscoverType](../models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypenone.md b/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypenone.md index 915fbeb60..e43caa2d8 100644 --- a/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypenone.md +++ b/docs/models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypenone.md @@ -7,7 +7,10 @@ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `discover_type` | [models.HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeNoneDiscoverType](../models/healthcheckauthenticationoauthhealthcheckdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationoauthsecret.md b/docs/models/healthcheckauthenticationoauthsecret.md index d4ec02eaf..e29df92b0 100644 --- a/docs/models/healthcheckauthenticationoauthsecret.md +++ b/docs/models/healthcheckauthenticationoauthsecret.md @@ -3,25 +3,33 @@ ## Fields -| Field | Type | Required | Description | -| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `authentication` | [models.HealthCheckAuthenticationOauthSecretAuthentication](../models/healthcheckauthenticationoauthsecretauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers. | -| `login_url` | *str* | :heavy_check_mark: | URL to use for the OAuth API call. This call is expected to be a POST. | -| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | -| `auth_header_expr` | *str* | :heavy_check_mark: | JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. | -| `client_secret_param_name` | *str* | :heavy_check_mark: | Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters. | -| `text_secret` | *str* | :heavy_check_mark: | Select or create a text secret that contains the client secret's value. | -| `auth_request_params` | List[[models.AuthRequestParamConfHealthCheckAuthenticationOauth](../models/authrequestparamconfhealthcheckauthenticationoauth.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | -| `auth_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationOauth](../models/authrequestheaderconfhealthcheckauthenticationoauth.md)] | :heavy_minus_sign: | Optional authentication request headers. | -| `discovery` | [Optional[models.HealthCheckAuthenticationOauthSecretDiscovery]](../models/healthcheckauthenticationoauthsecretdiscovery.md) | :heavy_minus_sign: | N/A | -| `collect_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the health check operation (can be a constant). | -| `collect_method` | [models.HealthCheckAuthenticationOauthSecretHealthCheckMethod](../models/healthcheckauthenticationoauthsecrethealthcheckmethod.md) | :heavy_check_mark: | Health check HTTP method. | -| `collect_request_headers` | List[[models.HealthCheckAuthenticationOauthSecretCollectRequestHeader](../models/healthcheckauthenticationoauthsecretcollectrequestheader.md)] | :heavy_minus_sign: | Optional health check request headers. | -| `authenticate_collect` | *Optional[bool]* | :heavy_minus_sign: | Enable to make auth health check call. | -| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout, use 0 to disable | -| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Whether to reject certificates that cannot be verified against a valid CA (e.g., self-signed certificates). | -| `default_breakers` | [Optional[models.HiddenDefaultBreakersOptionsDatabaseCollectorConf]](../models/hiddendefaultbreakersoptionsdatabasecollectorconf.md) | :heavy_minus_sign: | N/A | -| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text. | -| `retry_rules` | [Optional[models.HealthCheckAuthenticationOauthSecretRetryRules]](../models/healthcheckauthenticationoauthsecretretryrules.md) | :heavy_minus_sign: | N/A | -| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters | -| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `authentication` | [models.HealthCheckAuthenticationOauthSecretAuthentication](../models/healthcheckauthenticationoauthsecretauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers. | +| `login_url` | *str* | :heavy_check_mark: | URL to use for login API call. This call is expected to be a POST. | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `auth_header_expr` | *str* | :heavy_check_mark: | JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. | +| `client_secret_param_name` | *str* | :heavy_check_mark: | Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters. | +| `text_secret` | *str* | :heavy_check_mark: | Select or create a text secret that contains the client secret's value. | +| `auth_request_params` | List[[models.AuthRequestParamConfHealthCheckAuthenticationOauth](../models/authrequestparamconfhealthcheckauthenticationoauth.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `auth_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional authentication request headers. | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `template_token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime. | +| `discovery` | [Optional[models.HealthCheckAuthenticationOauthSecretDiscovery]](../models/healthcheckauthenticationoauthsecretdiscovery.md) | :heavy_minus_sign: | N/A | +| `collect_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the health check operation (can be a constant). | +| `collect_method` | [models.HealthCheckAuthenticationOauthSecretHealthCheckMethod](../models/healthcheckauthenticationoauthsecrethealthcheckmethod.md) | :heavy_check_mark: | Health check HTTP method. | +| `collect_request_headers` | List[[models.HealthCheckAuthenticationOauthSecretCollectRequestHeader](../models/healthcheckauthenticationoauthsecretcollectrequestheader.md)] | :heavy_minus_sign: | Optional health check request headers. | +| `authenticate_collect` | *Optional[bool]* | :heavy_minus_sign: | Enable to make auth health check call. | +| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout, use 0 to disable | +| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Whether to reject certificates that cannot be verified against a valid CA (e.g., self-signed certificates). | +| `default_breakers` | [Optional[models.HiddenDefaultBreakersOptionsDatabaseCollectorConf]](../models/hiddendefaultbreakersoptionsdatabasecollectorconf.md) | :heavy_minus_sign: | N/A | +| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text. | +| `retry_rules` | [Optional[models.HealthCheckAuthenticationOauthSecretRetryRules]](../models/healthcheckauthenticationoauthsecretretryrules.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | Basic authentication username | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `password` | *Optional[str]* | :heavy_minus_sign: | Basic authentication password | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message | +| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters | +| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodget.md index 13f52ada8..e4cc1a488 100644 --- a/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodget.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md index 5cfa74a63..901762925 100644 --- a/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index a1ba8fd62..08d0fb2c4 100644 --- a/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypejson.md b/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypejson.md index 5e8487f54..5ed64788d 100644 --- a/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypejson.md +++ b/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypejson.md @@ -7,8 +7,10 @@ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `discover_type` | [models.HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeJSONDiscoverType](../models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypelist.md b/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypelist.md index 79057f73d..e9ef5b9bb 100644 --- a/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypelist.md +++ b/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypelist.md @@ -8,6 +8,9 @@ | `discover_type` | [models.HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeListDiscoverType](../models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | \ No newline at end of file diff --git a/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypenone.md b/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypenone.md index 16c8c9fd3..0641f1065 100644 --- a/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypenone.md +++ b/docs/models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypenone.md @@ -7,7 +7,10 @@ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `discover_type` | [models.HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeNoneDiscoverType](../models/healthcheckauthenticationoauthsecrethealthcheckdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckcollectmethodget.md b/docs/models/healthcheckcollectmethodget.md index f234dbb9f..a2c87c3e6 100644 --- a/docs/models/healthcheckcollectmethodget.md +++ b/docs/models/healthcheckcollectmethodget.md @@ -3,20 +3,34 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `collect_method` | [models.HealthCheckCollectMethodGetHealthCheckMethod](../models/healthcheckcollectmethodgethealthcheckmethod.md) | :heavy_check_mark: | Health check HTTP method. | -| `collect_request_params` | List[[models.HealthCheckCollectMethodGetCollectRequestParam](../models/healthcheckcollectmethodgetcollectrequestparam.md)] | :heavy_minus_sign: | Optional health check request parameters. | -| `discovery` | [Optional[models.HealthCheckCollectMethodGetDiscovery]](../models/healthcheckcollectmethodgetdiscovery.md) | :heavy_minus_sign: | N/A | -| `collect_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the health check operation (can be a constant). | -| `collect_request_headers` | List[[models.HealthCheckCollectMethodGetCollectRequestHeader](../models/healthcheckcollectmethodgetcollectrequestheader.md)] | :heavy_minus_sign: | Optional health check request headers. | -| `authenticate_collect` | *Optional[bool]* | :heavy_minus_sign: | Enable to make auth health check call. | -| `authentication` | [models.HealthCheckCollectMethodGetAuthentication](../models/healthcheckcollectmethodgetauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers. | -| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout, use 0 to disable | -| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Whether to reject certificates that cannot be verified against a valid CA (e.g., self-signed certificates). | -| `default_breakers` | [Optional[models.HiddenDefaultBreakersOptionsDatabaseCollectorConf]](../models/hiddendefaultbreakersoptionsdatabasecollectorconf.md) | :heavy_minus_sign: | N/A | -| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text. | -| `retry_rules` | [Optional[models.HealthCheckCollectMethodGetRetryRules]](../models/healthcheckcollectmethodgetretryrules.md) | :heavy_minus_sign: | N/A | -| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters | -| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value. | -| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `collect_method` | [models.HealthCheckCollectMethodGetHealthCheckMethod](../models/healthcheckcollectmethodgethealthcheckmethod.md) | :heavy_check_mark: | Health check HTTP method. | +| `collect_request_params` | List[[models.HealthCheckCollectMethodGetCollectRequestParam](../models/healthcheckcollectmethodgetcollectrequestparam.md)] | :heavy_minus_sign: | Optional health check request parameters. | +| `discovery` | [Optional[models.HealthCheckCollectMethodGetDiscovery]](../models/healthcheckcollectmethodgetdiscovery.md) | :heavy_minus_sign: | N/A | +| `collect_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the health check operation (can be a constant). | +| `collect_request_headers` | List[[models.HealthCheckCollectMethodGetCollectRequestHeader](../models/healthcheckcollectmethodgetcollectrequestheader.md)] | :heavy_minus_sign: | Optional health check request headers. | +| `authenticate_collect` | *Optional[bool]* | :heavy_minus_sign: | Enable to make auth health check call. | +| `authentication` | [models.HealthCheckCollectMethodGetAuthentication](../models/healthcheckcollectmethodgetauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers. | +| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout, use 0 to disable | +| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Whether to reject certificates that cannot be verified against a valid CA (e.g., self-signed certificates). | +| `default_breakers` | [Optional[models.HiddenDefaultBreakersOptionsDatabaseCollectorConf]](../models/hiddendefaultbreakersoptionsdatabasecollectorconf.md) | :heavy_minus_sign: | N/A | +| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text. | +| `retry_rules` | [Optional[models.HealthCheckCollectMethodGetRetryRules]](../models/healthcheckcollectmethodgetretryrules.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | Basic authentication username | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `password` | *Optional[str]* | :heavy_minus_sign: | Basic authentication password | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | +| `login_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for login API call. This call is expected to be a POST. | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `template_token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime. | +| `auth_header_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. | +| `auth_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional authentication request headers. | +| `client_secret_param_name` | *Optional[str]* | :heavy_minus_sign: | Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters. | +| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters | +| `auth_request_params` | List[[models.AuthRequestParamConfHealthCheckAuthenticationOauth](../models/authrequestparamconfhealthcheckauthenticationoauth.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value. | +| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypehttpdiscovermethodget.md index 667af958a..a140bf8a9 100644 --- a/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypehttpdiscovermethodget.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md index bf497de31..7b9719878 100644 --- a/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index 9fa0d687c..441cfa20d 100644 --- a/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypejson.md b/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypejson.md index d8bb50a99..ae61fb06a 100644 --- a/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypejson.md +++ b/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypejson.md @@ -7,8 +7,10 @@ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `discover_type` | [models.HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeJSONDiscoverType](../models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypelist.md b/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypelist.md index c1bfca211..66ae71ddb 100644 --- a/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypelist.md +++ b/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypelist.md @@ -8,6 +8,9 @@ | `discover_type` | [models.HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeListDiscoverType](../models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | \ No newline at end of file diff --git a/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypenone.md b/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypenone.md index be8a78159..e8cec4d3f 100644 --- a/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypenone.md +++ b/docs/models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypenone.md @@ -7,7 +7,10 @@ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `discover_type` | [models.HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeNoneDiscoverType](../models/healthcheckcollectmethodgethealthcheckdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckcollectmethodpost.md b/docs/models/healthcheckcollectmethodpost.md index d1f8f5167..de418b502 100644 --- a/docs/models/healthcheckcollectmethodpost.md +++ b/docs/models/healthcheckcollectmethodpost.md @@ -3,20 +3,34 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `collect_method` | [models.HealthCheckCollectMethodPostHealthCheckMethod](../models/healthcheckcollectmethodposthealthcheckmethod.md) | :heavy_check_mark: | Health check HTTP method. | -| `collect_request_params` | List[[models.CollectRequestParamConfHealthCheckCollectMethodPost](../models/collectrequestparamconfhealthcheckcollectmethodpost.md)] | :heavy_minus_sign: | Optional health check request parameters. | -| `discovery` | [Optional[models.HealthCheckCollectMethodPostDiscovery]](../models/healthcheckcollectmethodpostdiscovery.md) | :heavy_minus_sign: | N/A | -| `collect_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the health check operation (can be a constant). | -| `collect_request_headers` | List[[models.HealthCheckCollectMethodPostCollectRequestHeader](../models/healthcheckcollectmethodpostcollectrequestheader.md)] | :heavy_minus_sign: | Optional health check request headers. | -| `authenticate_collect` | *Optional[bool]* | :heavy_minus_sign: | Enable to make auth health check call. | -| `authentication` | [models.HealthCheckCollectMethodPostAuthentication](../models/healthcheckcollectmethodpostauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers. | -| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout, use 0 to disable | -| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Whether to reject certificates that cannot be verified against a valid CA (e.g., self-signed certificates). | -| `default_breakers` | [Optional[models.HiddenDefaultBreakersOptionsDatabaseCollectorConf]](../models/hiddendefaultbreakersoptionsdatabasecollectorconf.md) | :heavy_minus_sign: | N/A | -| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text. | -| `retry_rules` | [Optional[models.HealthCheckCollectMethodPostRetryRules]](../models/healthcheckcollectmethodpostretryrules.md) | :heavy_minus_sign: | N/A | -| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters | -| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value. | -| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `collect_method` | [models.HealthCheckCollectMethodPostHealthCheckMethod](../models/healthcheckcollectmethodposthealthcheckmethod.md) | :heavy_check_mark: | Health check HTTP method. | +| `collect_request_params` | List[[models.CollectRequestParamConfHealthCheckCollectMethodPost](../models/collectrequestparamconfhealthcheckcollectmethodpost.md)] | :heavy_minus_sign: | Optional health check request parameters. | +| `discovery` | [Optional[models.HealthCheckCollectMethodPostDiscovery]](../models/healthcheckcollectmethodpostdiscovery.md) | :heavy_minus_sign: | N/A | +| `collect_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the health check operation (can be a constant). | +| `collect_request_headers` | List[[models.HealthCheckCollectMethodPostCollectRequestHeader](../models/healthcheckcollectmethodpostcollectrequestheader.md)] | :heavy_minus_sign: | Optional health check request headers. | +| `authenticate_collect` | *Optional[bool]* | :heavy_minus_sign: | Enable to make auth health check call. | +| `authentication` | [models.HealthCheckCollectMethodPostAuthentication](../models/healthcheckcollectmethodpostauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers. | +| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout, use 0 to disable | +| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Whether to reject certificates that cannot be verified against a valid CA (e.g., self-signed certificates). | +| `default_breakers` | [Optional[models.HiddenDefaultBreakersOptionsDatabaseCollectorConf]](../models/hiddendefaultbreakersoptionsdatabasecollectorconf.md) | :heavy_minus_sign: | N/A | +| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text. | +| `retry_rules` | [Optional[models.HealthCheckCollectMethodPostRetryRules]](../models/healthcheckcollectmethodpostretryrules.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | Basic authentication username | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `password` | *Optional[str]* | :heavy_minus_sign: | Basic authentication password | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | +| `login_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for login API call. This call is expected to be a POST. | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `template_token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime. | +| `auth_header_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. | +| `auth_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional authentication request headers. | +| `client_secret_param_name` | *Optional[str]* | :heavy_minus_sign: | Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters. | +| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters | +| `auth_request_params` | List[[models.AuthRequestParamConfHealthCheckAuthenticationOauth](../models/authrequestparamconfhealthcheckauthenticationoauth.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value. | +| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypehttpdiscovermethodget.md index 366d3f89e..c62c4d0d9 100644 --- a/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypehttpdiscovermethodget.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md index 9f2509132..bcb417264 100644 --- a/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index 7fe66d008..313cd9a7d 100644 --- a/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypejson.md b/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypejson.md index 20e020d7e..1eaea6633 100644 --- a/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypejson.md +++ b/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypejson.md @@ -7,8 +7,10 @@ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `discover_type` | [models.HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeJSONDiscoverType](../models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypelist.md b/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypelist.md index ea01cc93c..ce4f429eb 100644 --- a/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypelist.md +++ b/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypelist.md @@ -8,6 +8,9 @@ | `discover_type` | [models.HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeListDiscoverType](../models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | \ No newline at end of file diff --git a/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypenone.md b/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypenone.md index 1be5a466d..50c512004 100644 --- a/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypenone.md +++ b/docs/models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypenone.md @@ -7,7 +7,10 @@ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `discover_type` | [models.HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeNoneDiscoverType](../models/healthcheckcollectmethodposthealthcheckdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckcollectmethodpostwithbody.md b/docs/models/healthcheckcollectmethodpostwithbody.md index c056fc24e..b28347ebb 100644 --- a/docs/models/healthcheckcollectmethodpostwithbody.md +++ b/docs/models/healthcheckcollectmethodpostwithbody.md @@ -3,20 +3,34 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `collect_method` | [models.HealthCheckCollectMethodPostWithBodyHealthCheckMethod](../models/healthcheckcollectmethodpostwithbodyhealthcheckmethod.md) | :heavy_check_mark: | Health check HTTP method. | -| `collect_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with the health check request. You can reference parameters from the Discover response, using template params of the form: ${variable}. | -| `discovery` | [Optional[models.HealthCheckCollectMethodPostWithBodyDiscovery]](../models/healthcheckcollectmethodpostwithbodydiscovery.md) | :heavy_minus_sign: | N/A | -| `collect_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the health check operation (can be a constant). | -| `collect_request_headers` | List[[models.HealthCheckCollectMethodPostWithBodyCollectRequestHeader](../models/healthcheckcollectmethodpostwithbodycollectrequestheader.md)] | :heavy_minus_sign: | Optional health check request headers. | -| `authenticate_collect` | *Optional[bool]* | :heavy_minus_sign: | Enable to make auth health check call. | -| `authentication` | [models.HealthCheckCollectMethodPostWithBodyAuthentication](../models/healthcheckcollectmethodpostwithbodyauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers. | -| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout, use 0 to disable | -| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Whether to reject certificates that cannot be verified against a valid CA (e.g., self-signed certificates). | -| `default_breakers` | [Optional[models.HiddenDefaultBreakersOptionsDatabaseCollectorConf]](../models/hiddendefaultbreakersoptionsdatabasecollectorconf.md) | :heavy_minus_sign: | N/A | -| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text. | -| `retry_rules` | [Optional[models.HealthCheckCollectMethodPostWithBodyRetryRules]](../models/healthcheckcollectmethodpostwithbodyretryrules.md) | :heavy_minus_sign: | N/A | -| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters | -| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value. | -| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `collect_method` | [models.HealthCheckCollectMethodPostWithBodyHealthCheckMethod](../models/healthcheckcollectmethodpostwithbodyhealthcheckmethod.md) | :heavy_check_mark: | Health check HTTP method. | +| `collect_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with the health check request. You can reference parameters from the Discover response, using template params of the form: ${variable}. | +| `discovery` | [Optional[models.HealthCheckCollectMethodPostWithBodyDiscovery]](../models/healthcheckcollectmethodpostwithbodydiscovery.md) | :heavy_minus_sign: | N/A | +| `collect_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the health check operation (can be a constant). | +| `collect_request_headers` | List[[models.HealthCheckCollectMethodPostWithBodyCollectRequestHeader](../models/healthcheckcollectmethodpostwithbodycollectrequestheader.md)] | :heavy_minus_sign: | Optional health check request headers. | +| `authenticate_collect` | *Optional[bool]* | :heavy_minus_sign: | Enable to make auth health check call. | +| `authentication` | [models.HealthCheckCollectMethodPostWithBodyAuthentication](../models/healthcheckcollectmethodpostwithbodyauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers. | +| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout, use 0 to disable | +| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Whether to reject certificates that cannot be verified against a valid CA (e.g., self-signed certificates). | +| `default_breakers` | [Optional[models.HiddenDefaultBreakersOptionsDatabaseCollectorConf]](../models/hiddendefaultbreakersoptionsdatabasecollectorconf.md) | :heavy_minus_sign: | N/A | +| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text. | +| `retry_rules` | [Optional[models.HealthCheckCollectMethodPostWithBodyRetryRules]](../models/healthcheckcollectmethodpostwithbodyretryrules.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | Basic authentication username | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `password` | *Optional[str]* | :heavy_minus_sign: | Basic authentication password | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | +| `login_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for login API call. This call is expected to be a POST. | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `template_token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime. | +| `auth_header_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. | +| `auth_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional authentication request headers. | +| `client_secret_param_name` | *Optional[str]* | :heavy_minus_sign: | Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters. | +| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters | +| `auth_request_params` | List[[models.AuthRequestParamConfHealthCheckAuthenticationOauth](../models/authrequestparamconfhealthcheckauthenticationoauth.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value. | +| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypehttpdiscovermethodget.md index c3b2da3ed..4fbc02d9f 100644 --- a/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypehttpdiscovermethodget.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md index a00f0e799..245af925b 100644 --- a/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypehttpdiscovermethodpost.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index b46a2adee..8bfe44c11 100644 --- a/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -11,5 +11,7 @@ | `discover_url` | *str* | :heavy_check_mark: | Expression to derive URL to use for the Discover operation (can be a constant). | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | | `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypejson.md b/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypejson.md index b53f1e889..bb0d859fb 100644 --- a/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypejson.md +++ b/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypejson.md @@ -7,8 +7,10 @@ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `discover_type` | [models.HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeJSONDiscoverType](../models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypelist.md b/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypelist.md index 611c1551d..e2736e699 100644 --- a/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypelist.md +++ b/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypelist.md @@ -8,6 +8,9 @@ | `discover_type` | [models.HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeListDiscoverType](../models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | \ No newline at end of file diff --git a/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypenone.md b/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypenone.md index 32ebbc7c4..1e435fece 100644 --- a/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypenone.md +++ b/docs/models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypenone.md @@ -7,7 +7,10 @@ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `discover_type` | [models.HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeNoneDiscoverType](../models/healthcheckcollectmethodpostwithbodyhealthcheckdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task. | | `discover_url` | *Optional[str]* | :heavy_minus_sign: | Expression to derive URL to use for the Discover operation (can be a constant). | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `discover_method` | [Optional[models.DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionshealthcheckdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | Discover HTTP method. | | `discover_request_headers` | List[[models.AuthRequestHeaderConfHealthCheckAuthenticationLogin](../models/authrequestheaderconfhealthcheckauthenticationlogin.md)] | :heavy_minus_sign: | Optional discover request headers. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array. | +| `template_discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/healthoverlaystatus.md b/docs/models/healthoverlaystatus.md new file mode 100644 index 000000000..3e53c8cde --- /dev/null +++ b/docs/models/healthoverlaystatus.md @@ -0,0 +1,17 @@ +# HealthOverlayStatus + + +## Supported Types + +### `models.ActiveHealthOverlayStatus` + +```python +value: models.ActiveHealthOverlayStatus = /* values here */ +``` + +### `models.NoActiveHealthOverlayStatus` + +```python +value: models.NoActiveHealthOverlayStatus = /* values here */ +``` + diff --git a/docs/models/healthserverstatus.md b/docs/models/healthserverstatus.md index d33b3577d..8f347a619 100644 --- a/docs/models/healthserverstatus.md +++ b/docs/models/healthserverstatus.md @@ -7,6 +7,7 @@ Health status of the Leader or Worker Node. | Field | Type | Required | Description | | ---------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------- | +| `overlay` | [models.HealthOverlayStatus](../models/healthoverlaystatus.md) | :heavy_check_mark: | N/A | | `role` | [Optional[models.Role]](../models/role.md) | :heavy_minus_sign: | Leader Node role: primary or standby. | | `start_time` | *int* | :heavy_check_mark: | Timestamp (in Unix time) when the Cribl process started. | | `status` | [models.HealthServerStatusStatus](../models/healthserverstatusstatus.md) | :heavy_check_mark: | Health state: healthy, standby, or shutting down. | \ No newline at end of file diff --git a/docs/models/requestparamconfinputopenai.md b/docs/models/httpdiscoveryheaderconfinputprometheus.md similarity index 89% rename from docs/models/requestparamconfinputopenai.md rename to docs/models/httpdiscoveryheaderconfinputprometheus.md index 8ac0da18f..8cb8a5a73 100644 --- a/docs/models/requestparamconfinputopenai.md +++ b/docs/models/httpdiscoveryheaderconfinputprometheus.md @@ -1,4 +1,4 @@ -# RequestParamConfInputOpenai +# HTTPDiscoveryHeaderConfInputPrometheus ## Fields diff --git a/docs/models/inputappleunifiedlogsinput.md b/docs/models/inputappleunifiedlogsinput.md index d83dcdecb..58ebcc34f 100644 --- a/docs/models/inputappleunifiedlogsinput.md +++ b/docs/models/inputappleunifiedlogsinput.md @@ -3,21 +3,21 @@ ## Fields -| Field | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `id` | *Optional[str]* | :heavy_minus_sign: | Unique ID for this input | -| `type` | [models.InputAppleUnifiedLogsType](../models/inputappleunifiedlogstype.md) | :heavy_check_mark: | N/A | -| `disabled` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `pipeline` | *Optional[str]* | :heavy_minus_sign: | Pipeline to process data from this Source before sending it through the Routes | -| `send_to_routes` | *Optional[bool]* | :heavy_minus_sign: | Select whether to send data to Routes, or directly to Destinations. | -| `environment` | *Optional[str]* | :heavy_minus_sign: | Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. | -| `pq_enabled` | *Optional[bool]* | :heavy_minus_sign: | Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). | -| `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | -| `connections` | List[[models.ConnectionConfInputCollection](../models/connectionconfinputcollection.md)] | :heavy_minus_sign: | Direct connections to Destinations, and optionally via a Pipeline or a Pack | -| `pq` | [Optional[models.PqType]](../models/pqtype.md) | :heavy_minus_sign: | N/A | -| `predicate` | *str* | :heavy_check_mark: | String to filter log entries, in NSPredicate format (e.g., subsystem == "com.apple.security" or process == "kernel"). See [Predicate format reference](https://developer.apple.com/library/archive/documentation/Cocoa/Conceptual/Predicates/AdditionalChapters/Introduction.html) for more information. | -| `read_mode` | [Optional[models.InputAppleUnifiedLogsReadMode]](../models/inputappleunifiedlogsreadmode.md) | :heavy_minus_sign: | Read all log entries (historical and upcoming), or only upcoming, from the last entry | -| `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | -| `description` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `template_environment` | *Optional[str]* | :heavy_minus_sign: | Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. | -| `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `id` | *Optional[str]* | :heavy_minus_sign: | Unique ID for this input | +| `type` | [models.InputAppleUnifiedLogsType](../models/inputappleunifiedlogstype.md) | :heavy_check_mark: | N/A | +| `disabled` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `pipeline` | *Optional[str]* | :heavy_minus_sign: | Pipeline to process data from this Source before sending it through the Routes | +| `send_to_routes` | *Optional[bool]* | :heavy_minus_sign: | Select whether to send data to Routes, or directly to Destinations. | +| `environment` | *Optional[str]* | :heavy_minus_sign: | Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. | +| `pq_enabled` | *Optional[bool]* | :heavy_minus_sign: | Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). | +| `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | +| `connections` | List[[models.ConnectionConfInputCollection](../models/connectionconfinputcollection.md)] | :heavy_minus_sign: | Direct connections to Destinations, and optionally via a Pipeline or a Pack | +| `pq` | [Optional[models.PqType]](../models/pqtype.md) | :heavy_minus_sign: | N/A | +| `predicate` | *str* | :heavy_check_mark: | String to filter log entries, in NSPredicate format (e.g., subsystem == "com.apple.security" or process == "kernel"). See [Common Log Types and Predicates](https://docs.cribl.io/edge/sources-apple-unified-logs/#examples) for more information. | +| `read_mode` | [Optional[models.InputAppleUnifiedLogsReadMode]](../models/inputappleunifiedlogsreadmode.md) | :heavy_minus_sign: | Read all log entries (historical and upcoming), or only upcoming, from the last entry | +| `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | +| `description` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_environment` | *Optional[str]* | :heavy_minus_sign: | Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. | +| `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | \ No newline at end of file diff --git a/docs/models/inputcloudflarehecauthtoken.md b/docs/models/inputcloudflarehecauthtoken.md index 039b7b907..3046ed575 100644 --- a/docs/models/inputcloudflarehecauthtoken.md +++ b/docs/models/inputcloudflarehecauthtoken.md @@ -7,6 +7,7 @@ | ---------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | | `auth_type` | [Optional[models.InputCloudflareHecAuthenticationMethod]](../models/inputcloudflarehecauthenticationmethod.md) | :heavy_minus_sign: | Select Secret to use a text secret to authenticate | | `token_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | +| `token` | *Optional[str]* | :heavy_minus_sign: | Shared secret to be provided by any client (Authorization: ) | | `enabled` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `description` | *Optional[str]* | :heavy_minus_sign: | N/A | | `allowed_indexes_at_token` | List[*str*] | :heavy_minus_sign: | Enter the values you want to allow in the HEC event index field at the token level. Supports wildcards. To skip validation, leave blank. | diff --git a/docs/models/inputconfluentcloudinput.md b/docs/models/inputconfluentcloudinput.md index 942c8e2c2..6c2236ede 100644 --- a/docs/models/inputconfluentcloudinput.md +++ b/docs/models/inputconfluentcloudinput.md @@ -31,8 +31,8 @@ | `reauthentication_threshold` | *Optional[float]* | :heavy_minus_sign: | Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire. | | `sasl` | [Optional[models.AuthenticationType]](../models/authenticationtype.md) | :heavy_minus_sign: | Authentication parameters to use when connecting to brokers. Using TLS is highly recommended. | | `session_timeout` | *Optional[float]* | :heavy_minus_sign: |
Timeout used to detect client failures when using Kafka's group-management facilities.
If the client sends no heartbeats to the broker before the timeout expires,
the broker will remove the client from the group and initiate a rebalance.
Value must be between the broker's configured group.min.session.timeout.ms and group.max.session.timeout.ms.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. | -| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum allowed time for each worker to join the group after a rebalance begins.
If the timeout is exceeded, the coordinator broker will remove the worker from the group.
See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | -| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: | Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities.
Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | +| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: |
Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | +| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: |
Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | | `auto_commit_interval` | *Optional[float]* | :heavy_minus_sign: | How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | | `auto_commit_threshold` | *Optional[float]* | :heavy_minus_sign: | How many events are needed to trigger an offset commit. If both this and Offset commit interval are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | | `max_bytes_per_partition` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of data that Kafka will return per partition, per fetch request. Must equal or exceed the maximum message size (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, @{product} can get stuck trying to retrieve messages. Defaults to 1048576 (1 MB). | diff --git a/docs/models/inputedgeprometheusdiscoverytype.md b/docs/models/inputedgeprometheusdiscoverytype.md index fe9ad3790..0368a8aef 100644 --- a/docs/models/inputedgeprometheusdiscoverytype.md +++ b/docs/models/inputedgeprometheusdiscoverytype.md @@ -22,4 +22,5 @@ value = InputEdgePrometheusDiscoveryType.STATIC | `EC2` | ec2 | | `K8S_NODE` | k8s-node | | `K8S_PODS` | k8s-pods | -| `K8S_SERVICE_MONITOR` | k8s-service-monitor | \ No newline at end of file +| `K8S_SERVICE_MONITOR` | k8s-service-monitor | +| `HTTP_SD` | http_sd | \ No newline at end of file diff --git a/docs/models/inputedgeprometheusinput.md b/docs/models/inputedgeprometheusinput.md index a78c2d8bf..7a718dcd4 100644 --- a/docs/models/inputedgeprometheusinput.md +++ b/docs/models/inputedgeprometheusinput.md @@ -48,7 +48,11 @@ | `scrape_protocol_expr` | *Optional[str]* | :heavy_minus_sign: | Protocol to use when collecting metrics | | `scrape_port_expr` | *Optional[str]* | :heavy_minus_sign: | The port number in the metrics URL for discovered targets. | | `scrape_path_expr` | *Optional[str]* | :heavy_minus_sign: | Path to use when collecting metrics from discovered targets | -| `pod_filter` | List[[models.InputEdgePrometheusPodFilter](../models/inputedgeprometheuspodfilter.md)] | :heavy_minus_sign: | Add rules to decide which pods to discover for metrics.
Pods are searched if no rules are given or of all the rules'
expressions evaluate to true.
| +| `pod_filter` | List[[models.InputEdgePrometheusPodFilter](../models/inputedgeprometheuspodfilter.md)] | :heavy_minus_sign: |
Add rules to decide which pods to discover for metrics.
Pods are searched if no rules are given or of all the rules'
expressions evaluate to true.
| +| `http_discovery_url` | *Optional[str]* | :heavy_minus_sign: | URL to fetch target groups from (must be http or https) | +| `http_discovery_headers` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_minus_sign: | Extra headers to send with the discovery request | +| `http_discovery_reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified. | +| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB. | | `username` | *Optional[str]* | :heavy_minus_sign: | Username for Prometheus Basic authentication | | `password` | *Optional[str]* | :heavy_minus_sign: | Password for Prometheus Basic authentication | | `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a secret that references your credentials | diff --git a/docs/models/inputeventhubamqpauth.md b/docs/models/inputeventhubamqpauth.md index 1e6c48874..ae910561d 100644 --- a/docs/models/inputeventhubamqpauth.md +++ b/docs/models/inputeventhubamqpauth.md @@ -9,7 +9,7 @@ | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | | `client_secret_auth_type` | [Optional[models.AuthenticationMethodOptionsAuth]](../models/authenticationmethodoptionsauth.md) | :heavy_minus_sign: | N/A | | `client_text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | -| `certificate` | [Optional[models.CertificateTypeAzureBlobAuthTypeClientCert]](../models/certificatetypeazureblobauthtypeclientcert.md) | :heavy_minus_sign: | N/A | +| `certificate` | [Optional[models.InputEventhubAmqpCertificate]](../models/inputeventhubamqpcertificate.md) | :heavy_minus_sign: | N/A | | `oauth_endpoint` | [Optional[models.MicrosoftEntraIDAuthenticationEndpointOptionsSasl]](../models/microsoftentraidauthenticationendpointoptionssasl.md) | :heavy_minus_sign: | Endpoint used to acquire authentication tokens from Azure | | `client_id` | *Optional[str]* | :heavy_minus_sign: | client_id to pass in the OAuth request parameter | | `tenant_id` | *Optional[str]* | :heavy_minus_sign: | Directory ID (tenant identifier) in Azure Active Directory | diff --git a/docs/models/inputeventhubamqpcertificate.md b/docs/models/inputeventhubamqpcertificate.md new file mode 100644 index 000000000..e9bc74b88 --- /dev/null +++ b/docs/models/inputeventhubamqpcertificate.md @@ -0,0 +1,11 @@ +# InputEventhubAmqpCertificate + + +## Fields + +| Field | Type | Required | Description | +| -------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------- | +| `certificate_name` | *str* | :heavy_check_mark: | The certificate you registered as credentials for your app in the Azure portal | +| `cert_path` | *str* | :heavy_check_mark: | Path on server containing certificates to use. PEM format. Can reference $ENV_VARS. | +| `priv_key_path` | *str* | :heavy_check_mark: | Path on server containing the private key to use. PEM format. Can reference $ENV_VARS. | +| `passphrase` | *Optional[str]* | :heavy_minus_sign: | Passphrase to use to decrypt private key | \ No newline at end of file diff --git a/docs/models/inputeventhubinput.md b/docs/models/inputeventhubinput.md index 09b28cbc8..1f103e96f 100644 --- a/docs/models/inputeventhubinput.md +++ b/docs/models/inputeventhubinput.md @@ -3,45 +3,45 @@ ## Fields -| Field | Type | Required | Description | -| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `id` | *Optional[str]* | :heavy_minus_sign: | Unique ID for this input | -| `type` | [models.InputEventhubType](../models/inputeventhubtype.md) | :heavy_check_mark: | N/A | -| `disabled` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `pipeline` | *Optional[str]* | :heavy_minus_sign: | Pipeline to process data from this Source before sending it through the Routes | -| `send_to_routes` | *Optional[bool]* | :heavy_minus_sign: | Select whether to send data to Routes, or directly to Destinations. | -| `environment` | *Optional[str]* | :heavy_minus_sign: | Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. | -| `pq_enabled` | *Optional[bool]* | :heavy_minus_sign: | Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). | -| `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | -| `connections` | List[[models.ConnectionConfInputCollection](../models/connectionconfinputcollection.md)] | :heavy_minus_sign: | Direct connections to Destinations, and optionally via a Pipeline or a Pack | -| `pq` | [Optional[models.PqType]](../models/pqtype.md) | :heavy_minus_sign: | N/A | -| `brokers` | List[*str*] | :heavy_check_mark: | List of Event Hubs Kafka brokers to connect to (example: yourdomain.servicebus.windows.net:9093). The hostname can be found in the host portion of the primary or secondary connection string in Shared Access Policies. | -| `topics` | List[*str*] | :heavy_check_mark: | The name of the Event Hub (Kafka topic) to subscribe to. Warning: To optimize performance, Cribl suggests subscribing each Event Hubs Source to only a single topic. | -| `group_id` | *Optional[str]* | :heavy_minus_sign: | The consumer group this instance belongs to. Default is 'Cribl'. | -| `from_beginning` | *Optional[bool]* | :heavy_minus_sign: | Start reading from earliest available data; relevant only during initial subscription | -| `connection_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for a connection to complete successfully | -| `request_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for Kafka to respond to a request | -| `max_retries` | *Optional[float]* | :heavy_minus_sign: | If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data | -| `max_back_off` | *Optional[float]* | :heavy_minus_sign: | The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds). | -| `initial_backoff` | *Optional[float]* | :heavy_minus_sign: | Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes). | -| `backoff_rate` | *Optional[float]* | :heavy_minus_sign: | Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details. | -| `authentication_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for Kafka to respond to an authentication request | -| `reauthentication_threshold` | *Optional[float]* | :heavy_minus_sign: | Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire. | -| `sasl` | [Optional[models.AuthenticationTypeUse]](../models/authenticationtypeuse.md) | :heavy_minus_sign: | Authentication parameters to use when connecting to brokers. Using TLS is highly recommended. | -| `tls` | [Optional[models.TLSSettingsClientSideType]](../models/tlssettingsclientsidetype.md) | :heavy_minus_sign: | N/A | -| `session_timeout` | *Optional[float]* | :heavy_minus_sign: | Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities.
If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance.
Value must be lower than rebalanceTimeout.
See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | -| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins.
If the timeout is exceeded, the coordinator broker will remove the worker from the group.
See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | -| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: | Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities.
Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value.
See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | -| `auto_commit_interval` | *Optional[float]* | :heavy_minus_sign: | How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | -| `auto_commit_threshold` | *Optional[float]* | :heavy_minus_sign: | How many events are needed to trigger an offset commit. If both this and Offset commit interval are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | -| `max_bytes_per_partition` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of data that Kafka will return per partition, per fetch request. Must equal or exceed the maximum message size (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, @{product} can get stuck trying to retrieve messages. Defaults to 1048576 (1 MB). | -| `max_bytes` | *Optional[float]* | :heavy_minus_sign: | Maximum number of bytes that Kafka will return per fetch request. Defaults to 10485760 (10 MB). | -| `max_socket_errors` | *Optional[float]* | :heavy_minus_sign: | Maximum number of network errors before the consumer re-creates a socket | -| `minimize_duplicates` | *Optional[bool]* | :heavy_minus_sign: | Minimize duplicate events by starting only one consumer for each topic partition | -| `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | -| `description` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `template_environment` | *Optional[str]* | :heavy_minus_sign: | Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. | -| `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | -| `template_brokers` | *Optional[str]* | :heavy_minus_sign: | Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime. | -| `template_topics` | *Optional[str]* | :heavy_minus_sign: | Binds 'topics' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topics' at runtime. | -| `template_group_id` | *Optional[str]* | :heavy_minus_sign: | Binds 'groupId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'groupId' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| `id` | *Optional[str]* | :heavy_minus_sign: | Unique ID for this input | +| `type` | [models.InputEventhubType](../models/inputeventhubtype.md) | :heavy_check_mark: | N/A | +| `disabled` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `pipeline` | *Optional[str]* | :heavy_minus_sign: | Pipeline to process data from this Source before sending it through the Routes | +| `send_to_routes` | *Optional[bool]* | :heavy_minus_sign: | Select whether to send data to Routes, or directly to Destinations. | +| `environment` | *Optional[str]* | :heavy_minus_sign: | Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. | +| `pq_enabled` | *Optional[bool]* | :heavy_minus_sign: | Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). | +| `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | +| `connections` | List[[models.ConnectionConfInputCollection](../models/connectionconfinputcollection.md)] | :heavy_minus_sign: | Direct connections to Destinations, and optionally via a Pipeline or a Pack | +| `pq` | [Optional[models.PqType]](../models/pqtype.md) | :heavy_minus_sign: | N/A | +| `brokers` | List[*str*] | :heavy_check_mark: | List of Event Hubs Kafka brokers to connect to (example: yourdomain.servicebus.windows.net:9093). The hostname can be found in the host portion of the primary or secondary connection string in Shared Access Policies. | +| `topics` | List[*str*] | :heavy_check_mark: | The name of the Event Hub (Kafka topic) to subscribe to. Warning: To optimize performance, Cribl suggests subscribing each Event Hubs Source to only a single topic. | +| `group_id` | *Optional[str]* | :heavy_minus_sign: | The consumer group this instance belongs to. Default is 'Cribl'. | +| `from_beginning` | *Optional[bool]* | :heavy_minus_sign: | Start reading from earliest available data; relevant only during initial subscription | +| `connection_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for a connection to complete successfully | +| `request_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for Kafka to respond to a request | +| `max_retries` | *Optional[float]* | :heavy_minus_sign: | If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data | +| `max_back_off` | *Optional[float]* | :heavy_minus_sign: | The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds). | +| `initial_backoff` | *Optional[float]* | :heavy_minus_sign: | Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes). | +| `backoff_rate` | *Optional[float]* | :heavy_minus_sign: | Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details. | +| `authentication_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for Kafka to respond to an authentication request | +| `reauthentication_threshold` | *Optional[float]* | :heavy_minus_sign: | Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire. | +| `sasl` | [Optional[models.AuthenticationTypeUse]](../models/authenticationtypeuse.md) | :heavy_minus_sign: | Authentication parameters to use when connecting to brokers. Using TLS is highly recommended. | +| `tls` | [Optional[models.TLSSettingsClientSideType]](../models/tlssettingsclientsidetype.md) | :heavy_minus_sign: | N/A | +| `session_timeout` | *Optional[float]* | :heavy_minus_sign: |
Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities. If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance. Value must be lower than rebalanceTimeout. See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | +| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: |
Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | +| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: |
Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | +| `auto_commit_interval` | *Optional[float]* | :heavy_minus_sign: | How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | +| `auto_commit_threshold` | *Optional[float]* | :heavy_minus_sign: | How many events are needed to trigger an offset commit. If both this and Offset commit interval are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | +| `max_bytes_per_partition` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of data that Kafka will return per partition, per fetch request. Must equal or exceed the maximum message size (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, @{product} can get stuck trying to retrieve messages. Defaults to 1048576 (1 MB). | +| `max_bytes` | *Optional[float]* | :heavy_minus_sign: | Maximum number of bytes that Kafka will return per fetch request. Defaults to 10485760 (10 MB). | +| `max_socket_errors` | *Optional[float]* | :heavy_minus_sign: | Maximum number of network errors before the consumer re-creates a socket | +| `minimize_duplicates` | *Optional[bool]* | :heavy_minus_sign: | Minimize duplicate events by starting only one consumer for each topic partition | +| `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | +| `description` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_environment` | *Optional[str]* | :heavy_minus_sign: | Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. | +| `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | +| `template_brokers` | *Optional[str]* | :heavy_minus_sign: | Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime. | +| `template_topics` | *Optional[str]* | :heavy_minus_sign: | Binds 'topics' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topics' at runtime. | +| `template_group_id` | *Optional[str]* | :heavy_minus_sign: | Binds 'groupId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'groupId' at runtime. | \ No newline at end of file diff --git a/docs/models/inputjournalfilesinput.md b/docs/models/inputjournalfilesinput.md index 6d21971bd..bca6c02eb 100644 --- a/docs/models/inputjournalfilesinput.md +++ b/docs/models/inputjournalfilesinput.md @@ -19,7 +19,7 @@ | `interval` | *Optional[float]* | :heavy_minus_sign: | Time, in seconds, between scanning for journals. | | `journals` | List[*str*] | :heavy_check_mark: | The full path of discovered journals are matched against this wildcard list. | | `rules` | List[[models.InputJournalFilesRule](../models/inputjournalfilesrule.md)] | :heavy_minus_sign: | Add rules to decide which journal objects to allow. Events are generated if no rules are given or if all the rules' expressions evaluate to true. | -| `current_boot` | *Optional[bool]* | :heavy_minus_sign: | Skip log messages that are not part of the current boot session. | +| `current_boot` | *Optional[bool]* | :heavy_minus_sign: | Skip log messages that are not part of the current boot session | | `max_age_dur` | *Optional[str]* | :heavy_minus_sign: | The maximum log message age, in duration form (e.g,: 60s, 4h, 3d, 1w). Default of no value will apply no max age filters. | | `suppress_missing_path_errors` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | diff --git a/docs/models/inputkafkainput.md b/docs/models/inputkafkainput.md index b2ec44cea..75e3f6717 100644 --- a/docs/models/inputkafkainput.md +++ b/docs/models/inputkafkainput.md @@ -31,8 +31,8 @@ | `sasl` | [Optional[models.AuthenticationType]](../models/authenticationtype.md) | :heavy_minus_sign: | Authentication parameters to use when connecting to brokers. Using TLS is highly recommended. | | `tls` | [Optional[models.TLSSettingsClientSideTypeCaPathCertPath]](../models/tlssettingsclientsidetypecapathcertpath.md) | :heavy_minus_sign: | N/A | | `session_timeout` | *Optional[float]* | :heavy_minus_sign: |
Timeout used to detect client failures when using Kafka's group-management facilities.
If the client sends no heartbeats to the broker before the timeout expires,
the broker will remove the client from the group and initiate a rebalance.
Value must be between the broker's configured group.min.session.timeout.ms and group.max.session.timeout.ms.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. | -| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum allowed time for each worker to join the group after a rebalance begins.
If the timeout is exceeded, the coordinator broker will remove the worker from the group.
See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | -| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: | Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities.
Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | +| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: |
Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | +| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: |
Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | | `auto_commit_interval` | *Optional[float]* | :heavy_minus_sign: | How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | | `auto_commit_threshold` | *Optional[float]* | :heavy_minus_sign: | How many events are needed to trigger an offset commit. If both this and Offset commit interval are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | | `max_bytes_per_partition` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of data that Kafka will return per partition, per fetch request. Must equal or exceed the maximum message size (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, @{product} can get stuck trying to retrieve messages. Defaults to 1048576 (1 MB). | diff --git a/docs/models/inputkubelogsinput.md b/docs/models/inputkubelogsinput.md index 48ee5367d..c28e4d544 100644 --- a/docs/models/inputkubelogsinput.md +++ b/docs/models/inputkubelogsinput.md @@ -18,6 +18,8 @@ | `interval` | *Optional[float]* | :heavy_minus_sign: | Time, in seconds, between checks for new containers. Default is 15 secs. | | `rules` | List[[models.InputKubeLogsRule](../models/inputkubelogsrule.md)] | :heavy_minus_sign: | Add rules to decide which Pods to collect logs from. Logs are collected if no rules are given or if all the rules' expressions evaluate to true. | | `timestamps` | *Optional[bool]* | :heavy_minus_sign: | For use when containers do not emit a timestamp, prefix each line of output with a timestamp. If you enable this setting, you can use the Kubernetes Logs Event Breaker and the kubernetes_logs Pre-processing Pipeline to remove them from the events after the timestamps are extracted. | +| `line_buffer_limit` | *Optional[float]* | :heavy_minus_sign: | Maximum bytes to buffer while reassembling a single log line. A line that exceeds this size is flushed as-is, either whole or partially. The default is 1048576 (1 MB). | +| `lb_disable_assembly` | *Optional[bool]* | :heavy_minus_sign: | Internal flag to disable LB worker payload reassembly. | | `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | | `persistence` | [Optional[models.DiskSpoolingType]](../models/diskspoolingtype.md) | :heavy_minus_sign: | N/A | | `breaker_rulesets` | List[*str*] | :heavy_minus_sign: | A list of event-breaking rulesets that will be applied, in order, to the input data stream | diff --git a/docs/models/inputmskinput.md b/docs/models/inputmskinput.md index 45b96e2f6..b69915992 100644 --- a/docs/models/inputmskinput.md +++ b/docs/models/inputmskinput.md @@ -20,8 +20,8 @@ | `group_id` | *Optional[str]* | :heavy_minus_sign: | The consumer group to which this instance belongs. Defaults to 'Cribl'. | | `from_beginning` | *Optional[bool]* | :heavy_minus_sign: | Leave enabled if you want the Source, upon first subscribing to a topic, to read starting with the earliest available message | | `session_timeout` | *Optional[float]* | :heavy_minus_sign: |
Timeout used to detect client failures when using Kafka's group-management facilities.
If the client sends no heartbeats to the broker before the timeout expires,
the broker will remove the client from the group and initiate a rebalance.
Value must be between the broker's configured group.min.session.timeout.ms and group.max.session.timeout.ms.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. | -| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum allowed time for each worker to join the group after a rebalance begins.
If the timeout is exceeded, the coordinator broker will remove the worker from the group.
See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | -| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: | Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities.
Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | +| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: |
Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | +| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: |
Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | | `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | | `kafka_schema_registry` | [Optional[models.KafkaSchemaRegistryAuthenticationType]](../models/kafkaschemaregistryauthenticationtype.md) | :heavy_minus_sign: | N/A | | `connection_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for a connection to complete successfully | diff --git a/docs/models/inputopenaicontentconfig.md b/docs/models/inputopenaicontentconfig.md index b14b00567..646224125 100644 --- a/docs/models/inputopenaicontentconfig.md +++ b/docs/models/inputopenaicontentconfig.md @@ -10,7 +10,7 @@ | `state_update_expression` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression that defines how to update the state from an event | | `state_merge_expression` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression that defines which state to keep when merging task state | | `manage_state` | [Optional[models.InputOpenaiManageState]](../models/inputopenaimanagestate.md) | :heavy_minus_sign: | N/A | -| `request_params` | List[[models.RequestParamConfInputOpenai](../models/requestparamconfinputopenai.md)] | :heavy_check_mark: | Query-string parameters to send with this endpoint | +| `request_params` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_check_mark: | Query-string parameters to send with this endpoint | | `pagination_type` | [models.InputOpenaiPaginationType](../models/inputopenaipaginationtype.md) | :heavy_check_mark: | N/A | | `pagination_attribute` | List[*str*] | :heavy_minus_sign: | N/A | | `pagination_last_page_expr` | *Optional[str]* | :heavy_minus_sign: | N/A | diff --git a/docs/models/inputprometheusdiscoverytype.md b/docs/models/inputprometheusdiscoverytype.md index 8fbbaaf1c..8daa9348a 100644 --- a/docs/models/inputprometheusdiscoverytype.md +++ b/docs/models/inputprometheusdiscoverytype.md @@ -15,8 +15,9 @@ value = InputPrometheusDiscoveryType.STATIC ## Values -| Name | Value | -| -------- | -------- | -| `STATIC` | static | -| `DNS` | dns | -| `EC2` | ec2 | \ No newline at end of file +| Name | Value | +| --------- | --------- | +| `STATIC` | static | +| `DNS` | dns | +| `EC2` | ec2 | +| `HTTP_SD` | http_sd | \ No newline at end of file diff --git a/docs/models/inputprometheusinput.md b/docs/models/inputprometheusinput.md index 6c44ebabf..76e9ce987 100644 --- a/docs/models/inputprometheusinput.md +++ b/docs/models/inputprometheusinput.md @@ -49,6 +49,10 @@ | `assume_role_arn` | *Optional[str]* | :heavy_minus_sign: | Amazon Resource Name (ARN) of the role to assume | | `assume_role_external_id` | *Optional[str]* | :heavy_minus_sign: | External ID to use when assuming role | | `duration_seconds` | *Optional[float]* | :heavy_minus_sign: | Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). | +| `http_discovery_url` | *Optional[str]* | :heavy_minus_sign: | URL to fetch target groups from (must be http or https) | +| `http_discovery_headers` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_minus_sign: | Extra headers to send with the discovery request | +| `http_discovery_reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified. | +| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB. | | `username` | *Optional[str]* | :heavy_minus_sign: | Username for Prometheus Basic authentication | | `password` | *Optional[str]* | :heavy_minus_sign: | Password for Prometheus Basic authentication | | `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a secret that references your credentials | diff --git a/docs/models/inputresponseauth.md b/docs/models/inputresponseauth.md index c4eadd92d..8e7839451 100644 --- a/docs/models/inputresponseauth.md +++ b/docs/models/inputresponseauth.md @@ -9,7 +9,7 @@ | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | | `client_secret_auth_type` | [Optional[models.AuthenticationMethodOptionsAuth]](../models/authenticationmethodoptionsauth.md) | :heavy_minus_sign: | N/A | | `client_text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | -| `certificate` | [Optional[models.CertificateTypeAzureBlobAuthTypeClientCert]](../models/certificatetypeazureblobauthtypeclientcert.md) | :heavy_minus_sign: | N/A | +| `certificate` | [Optional[models.InputResponseCertificate]](../models/inputresponsecertificate.md) | :heavy_minus_sign: | N/A | | `oauth_endpoint` | [Optional[models.MicrosoftEntraIDAuthenticationEndpointOptionsSasl]](../models/microsoftentraidauthenticationendpointoptionssasl.md) | :heavy_minus_sign: | Endpoint used to acquire authentication tokens from Azure | | `client_id` | *Optional[str]* | :heavy_minus_sign: | client_id to pass in the OAuth request parameter | | `tenant_id` | *Optional[str]* | :heavy_minus_sign: | Directory ID (tenant identifier) in Azure Active Directory | diff --git a/docs/models/inputresponseauthtokencloudflarehec.md b/docs/models/inputresponseauthtokencloudflarehec.md index 6d0f54da9..6f8d1890f 100644 --- a/docs/models/inputresponseauthtokencloudflarehec.md +++ b/docs/models/inputresponseauthtokencloudflarehec.md @@ -7,6 +7,7 @@ | ---------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | | `auth_type` | [Optional[models.InputResponseAuthenticationMethodCloudflareHec]](../models/inputresponseauthenticationmethodcloudflarehec.md) | :heavy_minus_sign: | Select Secret to use a text secret to authenticate | | `token_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | +| `token` | *Optional[str]* | :heavy_minus_sign: | Shared secret to be provided by any client (Authorization: ) | | `enabled` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `description` | *Optional[str]* | :heavy_minus_sign: | N/A | | `allowed_indexes_at_token` | List[*str*] | :heavy_minus_sign: | Enter the values you want to allow in the HEC event index field at the token level. Supports wildcards. To skip validation, leave blank. | diff --git a/docs/models/inputresponsecertificate.md b/docs/models/inputresponsecertificate.md new file mode 100644 index 000000000..37d6d8718 --- /dev/null +++ b/docs/models/inputresponsecertificate.md @@ -0,0 +1,11 @@ +# InputResponseCertificate + + +## Fields + +| Field | Type | Required | Description | +| -------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------- | +| `certificate_name` | *str* | :heavy_check_mark: | The certificate you registered as credentials for your app in the Azure portal | +| `cert_path` | *str* | :heavy_check_mark: | Path on server containing certificates to use. PEM format. Can reference $ENV_VARS. | +| `priv_key_path` | *str* | :heavy_check_mark: | Path on server containing the private key to use. PEM format. Can reference $ENV_VARS. | +| `passphrase` | *Optional[str]* | :heavy_minus_sign: | Passphrase to use to decrypt private key | \ No newline at end of file diff --git a/docs/models/inputresponsecontentconfigopenai.md b/docs/models/inputresponsecontentconfigopenai.md index 611385ef1..40b2360b7 100644 --- a/docs/models/inputresponsecontentconfigopenai.md +++ b/docs/models/inputresponsecontentconfigopenai.md @@ -14,7 +14,7 @@ | `state_update_expression` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression that defines how to update the state from an event | | `state_merge_expression` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression that defines which state to keep when merging task state | | `manage_state` | [Optional[models.InputResponseManageStateOpenai]](../models/inputresponsemanagestateopenai.md) | :heavy_minus_sign: | N/A | -| `request_params` | List[[models.RequestParamConfInputOpenai](../models/requestparamconfinputopenai.md)] | :heavy_check_mark: | Query-string parameters to send with this endpoint | +| `request_params` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_check_mark: | Query-string parameters to send with this endpoint | | `pagination_type` | [models.InputResponsePaginationType](../models/inputresponsepaginationtype.md) | :heavy_check_mark: | N/A | | `pagination_attribute` | List[*str*] | :heavy_minus_sign: | N/A | | `pagination_last_page_expr` | *Optional[str]* | :heavy_minus_sign: | N/A | diff --git a/docs/models/inputresponsediscoverytypeedgeprometheus.md b/docs/models/inputresponsediscoverytypeedgeprometheus.md index cca6ea656..397d64fe5 100644 --- a/docs/models/inputresponsediscoverytypeedgeprometheus.md +++ b/docs/models/inputresponsediscoverytypeedgeprometheus.md @@ -22,4 +22,5 @@ value = InputResponseDiscoveryTypeEdgePrometheus.STATIC | `EC2` | ec2 | | `K8S_NODE` | k8s-node | | `K8S_PODS` | k8s-pods | -| `K8S_SERVICE_MONITOR` | k8s-service-monitor | \ No newline at end of file +| `K8S_SERVICE_MONITOR` | k8s-service-monitor | +| `HTTP_SD` | http_sd | \ No newline at end of file diff --git a/docs/models/inputresponsediscoverytypeprometheus.md b/docs/models/inputresponsediscoverytypeprometheus.md index 0c4aaec64..bb98c4de2 100644 --- a/docs/models/inputresponsediscoverytypeprometheus.md +++ b/docs/models/inputresponsediscoverytypeprometheus.md @@ -15,8 +15,9 @@ value = InputResponseDiscoveryTypePrometheus.STATIC ## Values -| Name | Value | -| -------- | -------- | -| `STATIC` | static | -| `DNS` | dns | -| `EC2` | ec2 | \ No newline at end of file +| Name | Value | +| --------- | --------- | +| `STATIC` | static | +| `DNS` | dns | +| `EC2` | ec2 | +| `HTTP_SD` | http_sd | \ No newline at end of file diff --git a/docs/models/inputresponseinputappleunifiedlogs.md b/docs/models/inputresponseinputappleunifiedlogs.md index 21354b351..309dcd311 100644 --- a/docs/models/inputresponseinputappleunifiedlogs.md +++ b/docs/models/inputresponseinputappleunifiedlogs.md @@ -3,24 +3,24 @@ ## Fields -| Field | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `id` | *Optional[str]* | :heavy_minus_sign: | Unique ID for this input | -| `type` | [models.InputResponseTypeAppleUnifiedLogs](../models/inputresponsetypeappleunifiedlogs.md) | :heavy_check_mark: | N/A | -| `disabled` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `pipeline` | *Optional[str]* | :heavy_minus_sign: | Pipeline to process data from this Source before sending it through the Routes | -| `send_to_routes` | *Optional[bool]* | :heavy_minus_sign: | Select whether to send data to Routes, or directly to Destinations. | -| `environment` | *Optional[str]* | :heavy_minus_sign: | Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. | -| `pq_enabled` | *Optional[bool]* | :heavy_minus_sign: | Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). | -| `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | -| `cribl_source_provenance` | [Optional[models.InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint]](../models/inputcollectionorigindatasourcediscoverywithdestinationarnconstraint.md) | :heavy_minus_sign: | Read-only metadata that records how the Source was created. Preserved on update when omitted from the request body. Cannot be set on create. | -| `connections` | List[[models.ConnectionConfInputCollection](../models/connectionconfinputcollection.md)] | :heavy_minus_sign: | Direct connections to Destinations, and optionally via a Pipeline or a Pack | -| `pq` | [Optional[models.PqType]](../models/pqtype.md) | :heavy_minus_sign: | N/A | -| `predicate` | *str* | :heavy_check_mark: | String to filter log entries, in NSPredicate format (e.g., subsystem == "com.apple.security" or process == "kernel"). See [Predicate format reference](https://developer.apple.com/library/archive/documentation/Cocoa/Conceptual/Predicates/AdditionalChapters/Introduction.html) for more information. | -| `read_mode` | [Optional[models.InputResponseReadModeAppleUnifiedLogs]](../models/inputresponsereadmodeappleunifiedlogs.md) | :heavy_minus_sign: | Read all log entries (historical and upcoming), or only upcoming, from the last entry | -| `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | -| `description` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `template_environment` | *Optional[str]* | :heavy_minus_sign: | Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. | -| `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | -| `notifications` | List[[models.NotificationUnion](../models/notificationunion.md)] | :heavy_minus_sign: | Notifications attached to the Source. | -| `status` | [Optional[models.StatusType]](../models/statustype.md) | :heavy_minus_sign: | Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable. | \ No newline at end of file +| Field | Type | Required | Description | +| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `id` | *Optional[str]* | :heavy_minus_sign: | Unique ID for this input | +| `type` | [models.InputResponseTypeAppleUnifiedLogs](../models/inputresponsetypeappleunifiedlogs.md) | :heavy_check_mark: | N/A | +| `disabled` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `pipeline` | *Optional[str]* | :heavy_minus_sign: | Pipeline to process data from this Source before sending it through the Routes | +| `send_to_routes` | *Optional[bool]* | :heavy_minus_sign: | Select whether to send data to Routes, or directly to Destinations. | +| `environment` | *Optional[str]* | :heavy_minus_sign: | Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. | +| `pq_enabled` | *Optional[bool]* | :heavy_minus_sign: | Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). | +| `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | +| `cribl_source_provenance` | [Optional[models.InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint]](../models/inputcollectionorigindatasourcediscoverywithdestinationarnconstraint.md) | :heavy_minus_sign: | Read-only metadata that records how the Source was created. Preserved on update when omitted from the request body. Cannot be set on create. | +| `connections` | List[[models.ConnectionConfInputCollection](../models/connectionconfinputcollection.md)] | :heavy_minus_sign: | Direct connections to Destinations, and optionally via a Pipeline or a Pack | +| `pq` | [Optional[models.PqType]](../models/pqtype.md) | :heavy_minus_sign: | N/A | +| `predicate` | *str* | :heavy_check_mark: | String to filter log entries, in NSPredicate format (e.g., subsystem == "com.apple.security" or process == "kernel"). See [Common Log Types and Predicates](https://docs.cribl.io/edge/sources-apple-unified-logs/#examples) for more information. | +| `read_mode` | [Optional[models.InputResponseReadModeAppleUnifiedLogs]](../models/inputresponsereadmodeappleunifiedlogs.md) | :heavy_minus_sign: | Read all log entries (historical and upcoming), or only upcoming, from the last entry | +| `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | +| `description` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_environment` | *Optional[str]* | :heavy_minus_sign: | Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. | +| `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | +| `notifications` | List[[models.NotificationUnion](../models/notificationunion.md)] | :heavy_minus_sign: | Notifications attached to the Source. | +| `status` | [Optional[models.StatusType]](../models/statustype.md) | :heavy_minus_sign: | Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable. | \ No newline at end of file diff --git a/docs/models/inputresponseinputconfluentcloud.md b/docs/models/inputresponseinputconfluentcloud.md index 50e682ae9..73880f01d 100644 --- a/docs/models/inputresponseinputconfluentcloud.md +++ b/docs/models/inputresponseinputconfluentcloud.md @@ -32,8 +32,8 @@ | `reauthentication_threshold` | *Optional[float]* | :heavy_minus_sign: | Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire. | | `sasl` | [Optional[models.AuthenticationType]](../models/authenticationtype.md) | :heavy_minus_sign: | Authentication parameters to use when connecting to brokers. Using TLS is highly recommended. | | `session_timeout` | *Optional[float]* | :heavy_minus_sign: |
Timeout used to detect client failures when using Kafka's group-management facilities.
If the client sends no heartbeats to the broker before the timeout expires,
the broker will remove the client from the group and initiate a rebalance.
Value must be between the broker's configured group.min.session.timeout.ms and group.max.session.timeout.ms.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. | -| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum allowed time for each worker to join the group after a rebalance begins.
If the timeout is exceeded, the coordinator broker will remove the worker from the group.
See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | -| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: | Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities.
Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | +| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: |
Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | +| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: |
Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | | `auto_commit_interval` | *Optional[float]* | :heavy_minus_sign: | How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | | `auto_commit_threshold` | *Optional[float]* | :heavy_minus_sign: | How many events are needed to trigger an offset commit. If both this and Offset commit interval are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | | `max_bytes_per_partition` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of data that Kafka will return per partition, per fetch request. Must equal or exceed the maximum message size (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, @{product} can get stuck trying to retrieve messages. Defaults to 1048576 (1 MB). | diff --git a/docs/models/inputresponseinputedgeprometheus.md b/docs/models/inputresponseinputedgeprometheus.md index 6c6e526af..6f9a785bd 100644 --- a/docs/models/inputresponseinputedgeprometheus.md +++ b/docs/models/inputresponseinputedgeprometheus.md @@ -49,7 +49,11 @@ | `scrape_protocol_expr` | *Optional[str]* | :heavy_minus_sign: | Protocol to use when collecting metrics | | `scrape_port_expr` | *Optional[str]* | :heavy_minus_sign: | The port number in the metrics URL for discovered targets. | | `scrape_path_expr` | *Optional[str]* | :heavy_minus_sign: | Path to use when collecting metrics from discovered targets | -| `pod_filter` | List[[models.InputResponsePodFilter](../models/inputresponsepodfilter.md)] | :heavy_minus_sign: | Add rules to decide which pods to discover for metrics.
Pods are searched if no rules are given or of all the rules'
expressions evaluate to true.
| +| `pod_filter` | List[[models.InputResponsePodFilter](../models/inputresponsepodfilter.md)] | :heavy_minus_sign: |
Add rules to decide which pods to discover for metrics.
Pods are searched if no rules are given or of all the rules'
expressions evaluate to true.
| +| `http_discovery_url` | *Optional[str]* | :heavy_minus_sign: | URL to fetch target groups from (must be http or https) | +| `http_discovery_headers` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_minus_sign: | Extra headers to send with the discovery request | +| `http_discovery_reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified. | +| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB. | | `username` | *Optional[str]* | :heavy_minus_sign: | Username for Prometheus Basic authentication | | `password` | *Optional[str]* | :heavy_minus_sign: | Password for Prometheus Basic authentication | | `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a secret that references your credentials | diff --git a/docs/models/inputresponseinputeventhub.md b/docs/models/inputresponseinputeventhub.md index 410c28b39..a126b8a4a 100644 --- a/docs/models/inputresponseinputeventhub.md +++ b/docs/models/inputresponseinputeventhub.md @@ -3,48 +3,48 @@ ## Fields -| Field | Type | Required | Description | -| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `id` | *Optional[str]* | :heavy_minus_sign: | Unique ID for this input | -| `type` | [models.InputResponseTypeEventhub](../models/inputresponsetypeeventhub.md) | :heavy_check_mark: | N/A | -| `disabled` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `pipeline` | *Optional[str]* | :heavy_minus_sign: | Pipeline to process data from this Source before sending it through the Routes | -| `send_to_routes` | *Optional[bool]* | :heavy_minus_sign: | Select whether to send data to Routes, or directly to Destinations. | -| `environment` | *Optional[str]* | :heavy_minus_sign: | Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. | -| `pq_enabled` | *Optional[bool]* | :heavy_minus_sign: | Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). | -| `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | -| `cribl_source_provenance` | [Optional[models.InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint]](../models/inputcollectionorigindatasourcediscoverywithdestinationarnconstraint.md) | :heavy_minus_sign: | Read-only metadata that records how the Source was created. Preserved on update when omitted from the request body. Cannot be set on create. | -| `connections` | List[[models.ConnectionConfInputCollection](../models/connectionconfinputcollection.md)] | :heavy_minus_sign: | Direct connections to Destinations, and optionally via a Pipeline or a Pack | -| `pq` | [Optional[models.PqType]](../models/pqtype.md) | :heavy_minus_sign: | N/A | -| `brokers` | List[*str*] | :heavy_check_mark: | List of Event Hubs Kafka brokers to connect to (example: yourdomain.servicebus.windows.net:9093). The hostname can be found in the host portion of the primary or secondary connection string in Shared Access Policies. | -| `topics` | List[*str*] | :heavy_check_mark: | The name of the Event Hub (Kafka topic) to subscribe to. Warning: To optimize performance, Cribl suggests subscribing each Event Hubs Source to only a single topic. | -| `group_id` | *Optional[str]* | :heavy_minus_sign: | The consumer group this instance belongs to. Default is 'Cribl'. | -| `from_beginning` | *Optional[bool]* | :heavy_minus_sign: | Start reading from earliest available data; relevant only during initial subscription | -| `connection_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for a connection to complete successfully | -| `request_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for Kafka to respond to a request | -| `max_retries` | *Optional[float]* | :heavy_minus_sign: | If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data | -| `max_back_off` | *Optional[float]* | :heavy_minus_sign: | The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds). | -| `initial_backoff` | *Optional[float]* | :heavy_minus_sign: | Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes). | -| `backoff_rate` | *Optional[float]* | :heavy_minus_sign: | Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details. | -| `authentication_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for Kafka to respond to an authentication request | -| `reauthentication_threshold` | *Optional[float]* | :heavy_minus_sign: | Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire. | -| `sasl` | [Optional[models.AuthenticationTypeUse]](../models/authenticationtypeuse.md) | :heavy_minus_sign: | Authentication parameters to use when connecting to brokers. Using TLS is highly recommended. | -| `tls` | [Optional[models.TLSSettingsClientSideType]](../models/tlssettingsclientsidetype.md) | :heavy_minus_sign: | N/A | -| `session_timeout` | *Optional[float]* | :heavy_minus_sign: | Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities.
If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance.
Value must be lower than rebalanceTimeout.
See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | -| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins.
If the timeout is exceeded, the coordinator broker will remove the worker from the group.
See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | -| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: | Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities.
Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value.
See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | -| `auto_commit_interval` | *Optional[float]* | :heavy_minus_sign: | How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | -| `auto_commit_threshold` | *Optional[float]* | :heavy_minus_sign: | How many events are needed to trigger an offset commit. If both this and Offset commit interval are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | -| `max_bytes_per_partition` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of data that Kafka will return per partition, per fetch request. Must equal or exceed the maximum message size (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, @{product} can get stuck trying to retrieve messages. Defaults to 1048576 (1 MB). | -| `max_bytes` | *Optional[float]* | :heavy_minus_sign: | Maximum number of bytes that Kafka will return per fetch request. Defaults to 10485760 (10 MB). | -| `max_socket_errors` | *Optional[float]* | :heavy_minus_sign: | Maximum number of network errors before the consumer re-creates a socket | -| `minimize_duplicates` | *Optional[bool]* | :heavy_minus_sign: | Minimize duplicate events by starting only one consumer for each topic partition | -| `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | -| `description` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `template_environment` | *Optional[str]* | :heavy_minus_sign: | Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. | -| `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | -| `template_brokers` | *Optional[str]* | :heavy_minus_sign: | Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime. | -| `template_topics` | *Optional[str]* | :heavy_minus_sign: | Binds 'topics' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topics' at runtime. | -| `template_group_id` | *Optional[str]* | :heavy_minus_sign: | Binds 'groupId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'groupId' at runtime. | -| `notifications` | List[[models.NotificationUnion](../models/notificationunion.md)] | :heavy_minus_sign: | Notifications attached to the Source. | -| `status` | [Optional[models.StatusType]](../models/statustype.md) | :heavy_minus_sign: | Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable. | \ No newline at end of file +| Field | Type | Required | Description | +| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| `id` | *Optional[str]* | :heavy_minus_sign: | Unique ID for this input | +| `type` | [models.InputResponseTypeEventhub](../models/inputresponsetypeeventhub.md) | :heavy_check_mark: | N/A | +| `disabled` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `pipeline` | *Optional[str]* | :heavy_minus_sign: | Pipeline to process data from this Source before sending it through the Routes | +| `send_to_routes` | *Optional[bool]* | :heavy_minus_sign: | Select whether to send data to Routes, or directly to Destinations. | +| `environment` | *Optional[str]* | :heavy_minus_sign: | Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. | +| `pq_enabled` | *Optional[bool]* | :heavy_minus_sign: | Use a disk queue to minimize data loss when connected services block. See [Cribl Docs](https://docs.cribl.io/stream/persistent-queues) for PQ defaults (Cribl-managed Cloud Workers) and configuration options (on-prem and hybrid Workers). | +| `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | +| `cribl_source_provenance` | [Optional[models.InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint]](../models/inputcollectionorigindatasourcediscoverywithdestinationarnconstraint.md) | :heavy_minus_sign: | Read-only metadata that records how the Source was created. Preserved on update when omitted from the request body. Cannot be set on create. | +| `connections` | List[[models.ConnectionConfInputCollection](../models/connectionconfinputcollection.md)] | :heavy_minus_sign: | Direct connections to Destinations, and optionally via a Pipeline or a Pack | +| `pq` | [Optional[models.PqType]](../models/pqtype.md) | :heavy_minus_sign: | N/A | +| `brokers` | List[*str*] | :heavy_check_mark: | List of Event Hubs Kafka brokers to connect to (example: yourdomain.servicebus.windows.net:9093). The hostname can be found in the host portion of the primary or secondary connection string in Shared Access Policies. | +| `topics` | List[*str*] | :heavy_check_mark: | The name of the Event Hub (Kafka topic) to subscribe to. Warning: To optimize performance, Cribl suggests subscribing each Event Hubs Source to only a single topic. | +| `group_id` | *Optional[str]* | :heavy_minus_sign: | The consumer group this instance belongs to. Default is 'Cribl'. | +| `from_beginning` | *Optional[bool]* | :heavy_minus_sign: | Start reading from earliest available data; relevant only during initial subscription | +| `connection_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for a connection to complete successfully | +| `request_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for Kafka to respond to a request | +| `max_retries` | *Optional[float]* | :heavy_minus_sign: | If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data | +| `max_back_off` | *Optional[float]* | :heavy_minus_sign: | The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds). | +| `initial_backoff` | *Optional[float]* | :heavy_minus_sign: | Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes). | +| `backoff_rate` | *Optional[float]* | :heavy_minus_sign: | Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details. | +| `authentication_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for Kafka to respond to an authentication request | +| `reauthentication_threshold` | *Optional[float]* | :heavy_minus_sign: | Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire. | +| `sasl` | [Optional[models.AuthenticationTypeUse]](../models/authenticationtypeuse.md) | :heavy_minus_sign: | Authentication parameters to use when connecting to brokers. Using TLS is highly recommended. | +| `tls` | [Optional[models.TLSSettingsClientSideType]](../models/tlssettingsclientsidetype.md) | :heavy_minus_sign: | N/A | +| `session_timeout` | *Optional[float]* | :heavy_minus_sign: |
Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities. If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance. Value must be lower than rebalanceTimeout. See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | +| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: |
Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | +| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: |
Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). | +| `auto_commit_interval` | *Optional[float]* | :heavy_minus_sign: | How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | +| `auto_commit_threshold` | *Optional[float]* | :heavy_minus_sign: | How many events are needed to trigger an offset commit. If both this and Offset commit interval are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | +| `max_bytes_per_partition` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of data that Kafka will return per partition, per fetch request. Must equal or exceed the maximum message size (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, @{product} can get stuck trying to retrieve messages. Defaults to 1048576 (1 MB). | +| `max_bytes` | *Optional[float]* | :heavy_minus_sign: | Maximum number of bytes that Kafka will return per fetch request. Defaults to 10485760 (10 MB). | +| `max_socket_errors` | *Optional[float]* | :heavy_minus_sign: | Maximum number of network errors before the consumer re-creates a socket | +| `minimize_duplicates` | *Optional[bool]* | :heavy_minus_sign: | Minimize duplicate events by starting only one consumer for each topic partition | +| `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | +| `description` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_environment` | *Optional[str]* | :heavy_minus_sign: | Binds 'environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'environment' at runtime. | +| `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | +| `template_brokers` | *Optional[str]* | :heavy_minus_sign: | Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime. | +| `template_topics` | *Optional[str]* | :heavy_minus_sign: | Binds 'topics' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topics' at runtime. | +| `template_group_id` | *Optional[str]* | :heavy_minus_sign: | Binds 'groupId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'groupId' at runtime. | +| `notifications` | List[[models.NotificationUnion](../models/notificationunion.md)] | :heavy_minus_sign: | Notifications attached to the Source. | +| `status` | [Optional[models.StatusType]](../models/statustype.md) | :heavy_minus_sign: | Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable. | \ No newline at end of file diff --git a/docs/models/inputresponseinputjournalfiles.md b/docs/models/inputresponseinputjournalfiles.md index 75a45877d..b64ca0119 100644 --- a/docs/models/inputresponseinputjournalfiles.md +++ b/docs/models/inputresponseinputjournalfiles.md @@ -20,7 +20,7 @@ | `interval` | *Optional[float]* | :heavy_minus_sign: | Time, in seconds, between scanning for journals. | | `journals` | List[*str*] | :heavy_check_mark: | The full path of discovered journals are matched against this wildcard list. | | `rules` | List[[models.InputResponseInputJournalFilesRule](../models/inputresponseinputjournalfilesrule.md)] | :heavy_minus_sign: | Add rules to decide which journal objects to allow. Events are generated if no rules are given or if all the rules' expressions evaluate to true. | -| `current_boot` | *Optional[bool]* | :heavy_minus_sign: | Skip log messages that are not part of the current boot session. | +| `current_boot` | *Optional[bool]* | :heavy_minus_sign: | Skip log messages that are not part of the current boot session | | `max_age_dur` | *Optional[str]* | :heavy_minus_sign: | The maximum log message age, in duration form (e.g,: 60s, 4h, 3d, 1w). Default of no value will apply no max age filters. | | `suppress_missing_path_errors` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | diff --git a/docs/models/inputresponseinputkafka.md b/docs/models/inputresponseinputkafka.md index 59c0578d3..a63c64bb6 100644 --- a/docs/models/inputresponseinputkafka.md +++ b/docs/models/inputresponseinputkafka.md @@ -32,8 +32,8 @@ | `sasl` | [Optional[models.AuthenticationType]](../models/authenticationtype.md) | :heavy_minus_sign: | Authentication parameters to use when connecting to brokers. Using TLS is highly recommended. | | `tls` | [Optional[models.TLSSettingsClientSideTypeCaPathCertPath]](../models/tlssettingsclientsidetypecapathcertpath.md) | :heavy_minus_sign: | N/A | | `session_timeout` | *Optional[float]* | :heavy_minus_sign: |
Timeout used to detect client failures when using Kafka's group-management facilities.
If the client sends no heartbeats to the broker before the timeout expires,
the broker will remove the client from the group and initiate a rebalance.
Value must be between the broker's configured group.min.session.timeout.ms and group.max.session.timeout.ms.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. | -| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum allowed time for each worker to join the group after a rebalance begins.
If the timeout is exceeded, the coordinator broker will remove the worker from the group.
See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | -| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: | Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities.
Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | +| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: |
Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | +| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: |
Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | | `auto_commit_interval` | *Optional[float]* | :heavy_minus_sign: | How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | | `auto_commit_threshold` | *Optional[float]* | :heavy_minus_sign: | How many events are needed to trigger an offset commit. If both this and Offset commit interval are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch. | | `max_bytes_per_partition` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of data that Kafka will return per partition, per fetch request. Must equal or exceed the maximum message size (maxBytesPerPartition) that Kafka is configured to allow. Otherwise, @{product} can get stuck trying to retrieve messages. Defaults to 1048576 (1 MB). | diff --git a/docs/models/inputresponseinputkubelogs.md b/docs/models/inputresponseinputkubelogs.md index c9a3cc231..afec39eb8 100644 --- a/docs/models/inputresponseinputkubelogs.md +++ b/docs/models/inputresponseinputkubelogs.md @@ -19,6 +19,8 @@ | `interval` | *Optional[float]* | :heavy_minus_sign: | Time, in seconds, between checks for new containers. Default is 15 secs. | | `rules` | List[[models.InputResponseRuleKubeLogs](../models/inputresponserulekubelogs.md)] | :heavy_minus_sign: | Add rules to decide which Pods to collect logs from. Logs are collected if no rules are given or if all the rules' expressions evaluate to true. | | `timestamps` | *Optional[bool]* | :heavy_minus_sign: | For use when containers do not emit a timestamp, prefix each line of output with a timestamp. If you enable this setting, you can use the Kubernetes Logs Event Breaker and the kubernetes_logs Pre-processing Pipeline to remove them from the events after the timestamps are extracted. | +| `line_buffer_limit` | *Optional[float]* | :heavy_minus_sign: | Maximum bytes to buffer while reassembling a single log line. A line that exceeds this size is flushed as-is, either whole or partially. The default is 1048576 (1 MB). | +| `lb_disable_assembly` | *Optional[bool]* | :heavy_minus_sign: | Internal flag to disable LB worker payload reassembly. | | `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | | `persistence` | [Optional[models.DiskSpoolingType]](../models/diskspoolingtype.md) | :heavy_minus_sign: | N/A | | `breaker_rulesets` | List[*str*] | :heavy_minus_sign: | A list of event-breaking rulesets that will be applied, in order, to the input data stream | diff --git a/docs/models/inputresponseinputmsk.md b/docs/models/inputresponseinputmsk.md index a5155be3f..3a97c0c73 100644 --- a/docs/models/inputresponseinputmsk.md +++ b/docs/models/inputresponseinputmsk.md @@ -21,8 +21,8 @@ | `group_id` | *Optional[str]* | :heavy_minus_sign: | The consumer group to which this instance belongs. Defaults to 'Cribl'. | | `from_beginning` | *Optional[bool]* | :heavy_minus_sign: | Leave enabled if you want the Source, upon first subscribing to a topic, to read starting with the earliest available message | | `session_timeout` | *Optional[float]* | :heavy_minus_sign: |
Timeout used to detect client failures when using Kafka's group-management facilities.
If the client sends no heartbeats to the broker before the timeout expires,
the broker will remove the client from the group and initiate a rebalance.
Value must be between the broker's configured group.min.session.timeout.ms and group.max.session.timeout.ms.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. | -| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum allowed time for each worker to join the group after a rebalance begins.
If the timeout is exceeded, the coordinator broker will remove the worker from the group.
See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | -| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: | Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities.
Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value.
See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | +| `rebalance_timeout` | *Optional[float]* | :heavy_minus_sign: |
Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. | +| `heartbeat_interval` | *Optional[float]* | :heavy_minus_sign: |
Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. | | `metadata` | List[[models.MetadataConfInputCollection](../models/metadataconfinputcollection.md)] | :heavy_minus_sign: | Fields to add to events from this input | | `kafka_schema_registry` | [Optional[models.KafkaSchemaRegistryAuthenticationType]](../models/kafkaschemaregistryauthenticationtype.md) | :heavy_minus_sign: | N/A | | `connection_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for a connection to complete successfully | diff --git a/docs/models/inputresponseinputprometheus.md b/docs/models/inputresponseinputprometheus.md index 5c30996a5..7a68b0ec0 100644 --- a/docs/models/inputresponseinputprometheus.md +++ b/docs/models/inputresponseinputprometheus.md @@ -50,6 +50,10 @@ | `assume_role_arn` | *Optional[str]* | :heavy_minus_sign: | Amazon Resource Name (ARN) of the role to assume | | `assume_role_external_id` | *Optional[str]* | :heavy_minus_sign: | External ID to use when assuming role | | `duration_seconds` | *Optional[float]* | :heavy_minus_sign: | Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours). | +| `http_discovery_url` | *Optional[str]* | :heavy_minus_sign: | URL to fetch target groups from (must be http or https) | +| `http_discovery_headers` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_minus_sign: | Extra headers to send with the discovery request | +| `http_discovery_reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified. | +| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB. | | `username` | *Optional[str]* | :heavy_minus_sign: | Username for Prometheus Basic authentication | | `password` | *Optional[str]* | :heavy_minus_sign: | Password for Prometheus Basic authentication | | `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a secret that references your credentials | diff --git a/docs/models/kafkaschemaregistryauthenticationtype.md b/docs/models/kafkaschemaregistryauthenticationtype.md index 659c6da0d..d1c98c4e8 100644 --- a/docs/models/kafkaschemaregistryauthenticationtype.md +++ b/docs/models/kafkaschemaregistryauthenticationtype.md @@ -10,6 +10,6 @@ | `connection_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for a Schema Registry connection to complete successfully | | `request_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for the Schema Registry to respond to a request | | `max_retries` | *Optional[float]* | :heavy_minus_sign: | Maximum number of times to try fetching schemas from the Schema Registry | -| `auth` | [Optional[models.AuthType]](../models/authtype.md) | :heavy_minus_sign: | Credentials to use when authenticating with the schema registry using basic HTTP authentication | +| `auth` | [Optional[models.AuthType]](../models/authtype.md) | :heavy_minus_sign: | Credentials to use when authenticating with the schema registry | | `tls` | [Optional[models.TLSSettingsClientSideTypeCaPathCertPath]](../models/tlssettingsclientsidetypecapathcertpath.md) | :heavy_minus_sign: | N/A | | `template_schema_registry_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'schemaRegistryURL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'schemaRegistryURL' at runtime. | \ No newline at end of file diff --git a/docs/models/kafkaschemaregistryauthenticationtypetemplateschemaregistryurlauth.md b/docs/models/kafkaschemaregistryauthenticationtypetemplateschemaregistryurlauth.md index 2c7696f73..158ddaad5 100644 --- a/docs/models/kafkaschemaregistryauthenticationtypetemplateschemaregistryurlauth.md +++ b/docs/models/kafkaschemaregistryauthenticationtypetemplateschemaregistryurlauth.md @@ -10,7 +10,7 @@ | `connection_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for a Schema Registry connection to complete successfully | | `request_timeout` | *Optional[float]* | :heavy_minus_sign: | Maximum time to wait for the Schema Registry to respond to a request | | `max_retries` | *Optional[float]* | :heavy_minus_sign: | Maximum number of times to try fetching schemas from the Schema Registry | -| `auth` | [Optional[models.AuthType]](../models/authtype.md) | :heavy_minus_sign: | Credentials to use when authenticating with the schema registry using basic HTTP authentication | +| `auth` | [Optional[models.AuthType]](../models/authtype.md) | :heavy_minus_sign: | Credentials to use when authenticating with the schema registry | | `tls` | [Optional[models.TLSSettingsClientSideTypeCaPathCertPath]](../models/tlssettingsclientsidetypecapathcertpath.md) | :heavy_minus_sign: | N/A | | `default_key_schema_id` | *Optional[float]* | :heavy_minus_sign: | Used when __keySchemaIdOut is not present, to transform key values, leave blank if key transformation is not required by default. | | `default_value_schema_id` | *Optional[float]* | :heavy_minus_sign: | Used when __valueSchemaIdOut is not present, to transform _raw, leave blank if value transformation is not required by default. | diff --git a/docs/models/lakedatasetmetrics.md b/docs/models/lakedatasetmetrics.md index d6c6c2232..b1e550633 100644 --- a/docs/models/lakedatasetmetrics.md +++ b/docs/models/lakedatasetmetrics.md @@ -3,7 +3,7 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------- | ------------------------------------------------------------- | ------------------------------------------------------------- | ------------------------------------------------------------- | -| `current_size_bytes` | *float* | :heavy_check_mark: | Total current logical size of the Dataset, in bytes. | -| `metrics_date` | *str* | :heavy_check_mark: | Timestamp (ISO 8601) when the metrics snapshot was generated. | \ No newline at end of file +| Field | Type | Required | Description | +| ------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------ | +| `current_size_bytes` | *float* | :heavy_check_mark: | Total current logical size of the Dataset, in bytes. | +| `metrics_date` | *str* | :heavy_check_mark: | Timestamp (in Unix time) when the metrics snapshot was generated, as a YYYY-MM-DD calendar date. | \ No newline at end of file diff --git a/docs/models/lakedatasetsearchconfig.md b/docs/models/lakedatasetsearchconfig.md index d59331858..fe8282380 100644 --- a/docs/models/lakedatasetsearchconfig.md +++ b/docs/models/lakedatasetsearchconfig.md @@ -6,7 +6,7 @@ | Field | Type | Required | Description | | -------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------- | | `datatypes` | List[*str*] | :heavy_minus_sign: | Datatype identifiers assigned to the Dataset for search-time event classification. | -| `description` | *Optional[str]* | :heavy_minus_sign: | Brief description of Dataset search configuration. | +| `description` | *Optional[str]* | :heavy_minus_sign: | Brief description of the Dataset search configuration. | | `metadata` | [Optional[models.DatasetMetadata]](../models/datasetmetadata.md) | :heavy_minus_sign: | N/A | | `path_filters` | List[[models.ObjectStorageFilter](../models/objectstoragefilter.md)] | :heavy_minus_sign: | Glob-to-Datatype mappings for the Lake bucket path. Used only for search execution v2. | | `search_version` | [Optional[models.SearchVersion]](../models/searchversion.md) | :heavy_minus_sign: | N/A | diff --git a/docs/models/noactivehealthoverlaystatus.md b/docs/models/noactivehealthoverlaystatus.md new file mode 100644 index 000000000..acb0b9ddd --- /dev/null +++ b/docs/models/noactivehealthoverlaystatus.md @@ -0,0 +1,8 @@ +# NoActiveHealthOverlayStatus + + +## Fields + +| Field | Type | Required | Description | Example | +| ---------------------- | ---------------------- | ---------------------- | ---------------------- | ---------------------- | +| `state` | *Literal["inactive"]* | :heavy_check_mark: | Current overlay state. | inactive | \ No newline at end of file diff --git a/docs/models/objectstoragefilter.md b/docs/models/objectstoragefilter.md index 2f01cc937..653dd7af9 100644 --- a/docs/models/objectstoragefilter.md +++ b/docs/models/objectstoragefilter.md @@ -3,8 +3,9 @@ ## Fields -| Field | Type | Required | Description | -| -------------------------------------------------------------------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------- | -| `data_path_format` | [Optional[models.PathFilterDataFormat]](../models/pathfilterdataformat.md) | :heavy_minus_sign: | N/A | -| `data_type_id` | *str* | :heavy_check_mark: | Datatype identifier that maps filtered objects to a data type definition. | -| `filter_` | *str* | :heavy_check_mark: | Glob pattern for selecting files within the storage path. | \ No newline at end of file +| Field | Type | Required | Description | +| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `data_path_format` | [Optional[models.PathFilterDataFormat]](../models/pathfilterdataformat.md) | :heavy_minus_sign: | N/A | +| `data_type_id` | *str* | :heavy_check_mark: | Datatype identifier that maps filtered objects to a data type definition. | +| `filter_` | *str* | :heavy_check_mark: | Glob pattern for selecting files within the storage path. | +| `preprocess_outer_json` | *Optional[bool]* | :heavy_minus_sign: | When true, instructs the C++ reader to unwrap the outer JSON envelope before applying the user datatype to the nested _raw field. Set for Cribl Lake NDJSON filters only. | \ No newline at end of file diff --git a/docs/models/output.md b/docs/models/output.md index a2fbaf4ac..b4d04fd97 100644 --- a/docs/models/output.md +++ b/docs/models/output.md @@ -141,6 +141,12 @@ value: models.OutputGoogleCloudStorage = /* values here */ value: models.OutputGoogleCloudLogging = /* values here */ ``` +### `models.OutputGoogleCloudObservability` + +```python +value: models.OutputGoogleCloudObservability = /* values here */ +``` + ### `models.OutputGooglePubsub` ```python diff --git a/docs/models/outputazuredataexplorer.md b/docs/models/outputazuredataexplorer.md index 1ab3fbafd..4c6eadc19 100644 --- a/docs/models/outputazuredataexplorer.md +++ b/docs/models/outputazuredataexplorer.md @@ -89,7 +89,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputAzureDataExplorerPqControls]](../models/outputazuredataexplorerpqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_cluster_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'clusterUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clusterUrl' at runtime. | diff --git a/docs/models/outputazureeventhub.md b/docs/models/outputazureeventhub.md index a77fbf5e7..94b150304 100644 --- a/docs/models/outputazureeventhub.md +++ b/docs/models/outputazureeventhub.md @@ -40,7 +40,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputAzureEventhubPqControls]](../models/outputazureeventhubpqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_brokers` | *Optional[str]* | :heavy_minus_sign: | Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime. | diff --git a/docs/models/outputazurelogs.md b/docs/models/outputazurelogs.md index d16afc1a0..c18ac5628 100644 --- a/docs/models/outputazurelogs.md +++ b/docs/models/outputazurelogs.md @@ -41,7 +41,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputAzureLogsPqControls]](../models/outputazurelogspqcontrols.md) | :heavy_minus_sign: | N/A | | `workspace_id` | *Optional[str]* | :heavy_minus_sign: | Azure Log Analytics Workspace ID. See Azure Dashboard Workspace > Advanced settings. | | `workspace_key` | *Optional[str]* | :heavy_minus_sign: | Azure Log Analytics Workspace Primary or Secondary Shared Key. See Azure Dashboard Workspace > Advanced settings. | diff --git a/docs/models/outputchronicle.md b/docs/models/outputchronicle.md index a3b8b8295..4f88f9b13 100644 --- a/docs/models/outputchronicle.md +++ b/docs/models/outputchronicle.md @@ -51,7 +51,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputChroniclePqControls]](../models/outputchroniclepqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_region` | *Optional[str]* | :heavy_minus_sign: | Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. | diff --git a/docs/models/outputclickhouse.md b/docs/models/outputclickhouse.md index ca6429585..b138a95eb 100644 --- a/docs/models/outputclickhouse.md +++ b/docs/models/outputclickhouse.md @@ -33,6 +33,7 @@ | `response_retry_settings` | List[[models.ResponseRetrySettingConfOutputWebhook](../models/responseretrysettingconfoutputwebhook.md)] | :heavy_minus_sign: | Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) | | `timeout_retry_settings` | [Optional[models.TimeoutRetrySettingsType]](../models/timeoutretrysettingstype.md) | :heavy_minus_sign: | N/A | | `response_honor_retry_after_header` | *Optional[bool]* | :heavy_minus_sign: | Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. | +| `workload` | *Optional[str]* | :heavy_minus_sign: | Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification. | | `dump_format_errors_to_disk` | *Optional[bool]* | :heavy_minus_sign: | Log the most recent event that fails to match the table schema | | `on_backpressure` | [Optional[models.BackpressureBehaviorOptions]](../models/backpressurebehavioroptions.md) | :heavy_minus_sign: | How to handle events when all receivers are exerting backpressure | | `description` | *Optional[str]* | :heavy_minus_sign: | N/A | @@ -54,7 +55,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputClickHousePqControls]](../models/outputclickhousepqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/outputcloudwatch.md b/docs/models/outputcloudwatch.md index bd3b09c06..a94b91510 100644 --- a/docs/models/outputcloudwatch.md +++ b/docs/models/outputcloudwatch.md @@ -40,7 +40,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputCloudwatchPqControls]](../models/outputcloudwatchpqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_log_group_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'logGroupName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logGroupName' at runtime. | diff --git a/docs/models/outputconfluentcloud.md b/docs/models/outputconfluentcloud.md index d458c221f..0b313c008 100644 --- a/docs/models/outputconfluentcloud.md +++ b/docs/models/outputconfluentcloud.md @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputConfluentCloudPqControls]](../models/outputconfluentcloudpqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_brokers` | *Optional[str]* | :heavy_minus_sign: | Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime. | diff --git a/docs/models/outputcriblhttp.md b/docs/models/outputcriblhttp.md index e4062382c..01570bfa3 100644 --- a/docs/models/outputcriblhttp.md +++ b/docs/models/outputcriblhttp.md @@ -48,7 +48,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputCriblHTTPPqControls]](../models/outputcriblhttppqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/outputcribllakeformat.md b/docs/models/outputcribllakeformat.md index 34a09edca..d0d65f537 100644 --- a/docs/models/outputcribllakeformat.md +++ b/docs/models/outputcribllakeformat.md @@ -13,8 +13,9 @@ value = OutputCriblLakeFormat.JSON ## Values -| Name | Value | -| --------- | --------- | -| `JSON` | json | -| `PARQUET` | parquet | -| `DDSS` | ddss | \ No newline at end of file +| Name | Value | +| ---------- | ---------- | +| `JSON` | json | +| `PARQUET` | parquet | +| `DDSS` | ddss | +| `NETSKOPE` | netskope | \ No newline at end of file diff --git a/docs/models/outputcriblsearchengine.md b/docs/models/outputcriblsearchengine.md index e3514ef22..b9dd340e7 100644 --- a/docs/models/outputcriblsearchengine.md +++ b/docs/models/outputcriblsearchengine.md @@ -48,7 +48,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputCriblSearchEnginePqControls]](../models/outputcriblsearchenginepqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/outputcribltcp.md b/docs/models/outputcribltcp.md index 549beb1b9..b31e36d34 100644 --- a/docs/models/outputcribltcp.md +++ b/docs/models/outputcribltcp.md @@ -40,7 +40,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputCriblTCPPqControls]](../models/outputcribltcppqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_on_backpressure` | *Optional[str]* | :heavy_minus_sign: | Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. | diff --git a/docs/models/outputcrowdstrikenextgensiem.md b/docs/models/outputcrowdstrikenextgensiem.md index 1d594fd2b..5625708ea 100644 --- a/docs/models/outputcrowdstrikenextgensiem.md +++ b/docs/models/outputcrowdstrikenextgensiem.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputCrowdstrikeNextGenSiemPqControls]](../models/outputcrowdstrikenextgensiempqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/outputdatadog.md b/docs/models/outputdatadog.md index 7692aea60..352310261 100644 --- a/docs/models/outputdatadog.md +++ b/docs/models/outputdatadog.md @@ -51,7 +51,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputDatadogPqControls]](../models/outputdatadogpqcontrols.md) | :heavy_minus_sign: | N/A | | `api_key` | *Optional[str]* | :heavy_minus_sign: | Organization's API key in Datadog | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/outputdataset.md b/docs/models/outputdataset.md index cdd216563..a3f381d5a 100644 --- a/docs/models/outputdataset.md +++ b/docs/models/outputdataset.md @@ -46,7 +46,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputDatasetPqControls]](../models/outputdatasetpqcontrols.md) | :heavy_minus_sign: | N/A | | `api_key` | *Optional[str]* | :heavy_minus_sign: | A 'Log Write Access' API key for the DataSet account | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/outputdynatracehttp.md b/docs/models/outputdynatracehttp.md index 1961734ff..64f18e83d 100644 --- a/docs/models/outputdynatracehttp.md +++ b/docs/models/outputdynatracehttp.md @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputDynatraceHTTPPqControls]](../models/outputdynatracehttppqcontrols.md) | :heavy_minus_sign: | N/A | | `token` | *Optional[str]* | :heavy_minus_sign: | Bearer token to include in the authorization header | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/outputdynatraceotlp.md b/docs/models/outputdynatraceotlp.md index 64dd5d101..bc09339a0 100644 --- a/docs/models/outputdynatraceotlp.md +++ b/docs/models/outputdynatraceotlp.md @@ -52,7 +52,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputDynatraceOtlpPqControls]](../models/outputdynatraceotlppqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/outputelastic.md b/docs/models/outputelastic.md index 04f6a6da8..817614f43 100644 --- a/docs/models/outputelastic.md +++ b/docs/models/outputelastic.md @@ -52,7 +52,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputElasticPqControls]](../models/outputelasticpqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_index` | *Optional[str]* | :heavy_minus_sign: | Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime. | diff --git a/docs/models/outputelasticcloud.md b/docs/models/outputelasticcloud.md index fd4a59db1..c45e27f1e 100644 --- a/docs/models/outputelasticcloud.md +++ b/docs/models/outputelasticcloud.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputElasticCloudPqControls]](../models/outputelasticcloudpqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/outputgooglechronicle.md b/docs/models/outputgooglechronicle.md index 972c7e82e..806d027ef 100644 --- a/docs/models/outputgooglechronicle.md +++ b/docs/models/outputgooglechronicle.md @@ -53,7 +53,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputGoogleChroniclePqControls]](../models/outputgooglechroniclepqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_api_version` | *Optional[str]* | :heavy_minus_sign: | Binds 'apiVersion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'apiVersion' at runtime. | diff --git a/docs/models/outputgooglecloudlogging.md b/docs/models/outputgooglecloudlogging.md index ef51b3f0f..4a4de6a52 100644 --- a/docs/models/outputgooglecloudlogging.md +++ b/docs/models/outputgooglecloudlogging.md @@ -73,7 +73,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputGoogleCloudLoggingPqControls]](../models/outputgooglecloudloggingpqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_log_location_type` | *Optional[str]* | :heavy_minus_sign: | Binds 'logLocationType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationType' at runtime. | diff --git a/docs/models/outputgooglecloudobservability.md b/docs/models/outputgooglecloudobservability.md new file mode 100644 index 000000000..da269cf79 --- /dev/null +++ b/docs/models/outputgooglecloudobservability.md @@ -0,0 +1,47 @@ +# OutputGoogleCloudObservability + + +## Fields + +| Field | Type | Required | Description | +| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `id` | *Optional[str]* | :heavy_minus_sign: | Unique ID for this output | +| `type` | [models.OutputGoogleCloudObservabilityType](../models/outputgooglecloudobservabilitytype.md) | :heavy_check_mark: | N/A | +| `pipeline` | *Optional[str]* | :heavy_minus_sign: | Pipeline to process data before sending out to this output | +| `system_fields` | List[*str*] | :heavy_minus_sign: | Fields to automatically add to events, such as cribl_pipe. Supports wildcards. | +| `environment` | *Optional[str]* | :heavy_minus_sign: | Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. | +| `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | +| `protocol` | [Optional[models.OutputGoogleCloudObservabilityProtocol]](../models/outputgooglecloudobservabilityprotocol.md) | :heavy_minus_sign: | N/A | +| `otlp_version` | [Optional[models.OutputGoogleCloudObservabilityOtlpVersion]](../models/outputgooglecloudobservabilityotlpversion.md) | :heavy_minus_sign: | N/A | +| `endpoint` | [Optional[models.OutputGoogleCloudObservabilityEndpoint]](../models/outputgooglecloudobservabilityendpoint.md) | :heavy_minus_sign: | Fixed Google Cloud Observability gRPC endpoint. All three signals share this transport; the OTLP service path determines whether the call lands on traces, metrics, or logs. | +| `google_auth_method` | [models.OutputGoogleCloudObservabilityGoogleAuthenticationMethod](../models/outputgooglecloudobservabilitygoogleauthenticationmethod.md) | :heavy_check_mark: | Choose Auto to use Google Application Default Credentials (ADC). Choose Secret to select or create a stored secret that references Google service account credentials. | +| `metadata` | List[[models.KeyValueMetadataConfOutputFilesystem](../models/keyvaluemetadataconfoutputfilesystem.md)] | :heavy_minus_sign: | List of key-value pairs to send with each gRPC request. Value supports JavaScript expressions that are evaluated just once, when the destination gets started. To pass credentials as metadata, use 'C.Secret'. | +| `dynamic_headers_enabled` | *Optional[bool]* | :heavy_minus_sign: | Batch event data upon dynamic metadata (whether presented or not) | +| `dynamic_headers_field` | *Optional[str]* | :heavy_minus_sign: | When presented, this field which contains metadata, will be injected into the Destination metadata and used to batch events. | +| `concurrency` | *Optional[float]* | :heavy_minus_sign: | Maximum number of ongoing requests before blocking | +| `max_payload_size_kb` | *Optional[float]* | :heavy_minus_sign: | Maximum size, in KB, of the request body sent to Google Cloud Observability | +| `timeout_sec` | *Optional[float]* | :heavy_minus_sign: | Amount of time, in seconds, to wait for a request to complete before canceling it | +| `flush_period_sec` | *Optional[float]* | :heavy_minus_sign: | Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. | +| `failed_request_logging_mode` | [Optional[models.FailedRequestLoggingModeOptions]](../models/failedrequestloggingmodeoptions.md) | :heavy_minus_sign: | Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below. | +| `connection_timeout` | *Optional[float]* | :heavy_minus_sign: | Amount of time (milliseconds) to wait for the connection to establish before retrying | +| `keep_alive_time` | *Optional[float]* | :heavy_minus_sign: | How often the sender should ping the peer to keep the connection open | +| `tls` | [Optional[models.TLSSettingsClientSideTypeExtended]](../models/tlssettingsclientsidetypeextended.md) | :heavy_minus_sign: | N/A | +| `max_payload_events` | *Optional[float]* | :heavy_minus_sign: | Max number of events to include in the request body. Default is 0 (unlimited). Use to keep outgoing data points within GCO request limits. For metrics, combine with the OTLP Metrics function batchSize. | +| `on_backpressure` | [Optional[models.BackpressureBehaviorOptions]](../models/backpressurebehavioroptions.md) | :heavy_minus_sign: | How to handle events when all receivers are exerting backpressure | +| `description` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | +| `pq_strict_ordering` | *Optional[bool]* | :heavy_minus_sign: | Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. | +| `pq_rate_per_sec` | *Optional[float]* | :heavy_minus_sign: | Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. | +| `pq_mode` | [Optional[models.ModeOptions]](../models/modeoptions.md) | :heavy_minus_sign: | In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem. | +| `pq_max_buffer_size` | *Optional[float]* | :heavy_minus_sign: | Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. | +| `pq_max_backpressure_sec` | *Optional[float]* | :heavy_minus_sign: | How long (in seconds) to wait for backpressure to resolve before engaging the queue | +| `pq_max_file_size` | *Optional[str]* | :heavy_minus_sign: | The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) | +| `pq_max_size` | *Optional[str]* | :heavy_minus_sign: | The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. | +| `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | +| `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | +| `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | +| `pq_controls` | [Optional[models.OutputGoogleCloudObservabilityPqControls]](../models/outputgooglecloudobservabilitypqcontrols.md) | :heavy_minus_sign: | N/A | +| `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | +| `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | +| `template_on_backpressure` | *Optional[str]* | :heavy_minus_sign: | Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. | \ No newline at end of file diff --git a/docs/models/outputgooglecloudobservabilityendpoint.md b/docs/models/outputgooglecloudobservabilityendpoint.md new file mode 100644 index 000000000..49e4160e1 --- /dev/null +++ b/docs/models/outputgooglecloudobservabilityendpoint.md @@ -0,0 +1,20 @@ +# OutputGoogleCloudObservabilityEndpoint + +Fixed Google Cloud Observability gRPC endpoint. All three signals share this transport; the OTLP service path determines whether the call lands on traces, metrics, or logs. + +## Example Usage + +```python +from cribl_control_plane.models import OutputGoogleCloudObservabilityEndpoint + +value = OutputGoogleCloudObservabilityEndpoint.TELEMETRY_GOOGLEAPIS_COM_443 + +# Open enum: unrecognized values are captured as UnrecognizedStr +``` + + +## Values + +| Name | Value | +| ------------------------------ | ------------------------------ | +| `TELEMETRY_GOOGLEAPIS_COM_443` | telemetry.googleapis.com:443 | \ No newline at end of file diff --git a/docs/models/outputgooglecloudobservabilitygoogleauthenticationmethod.md b/docs/models/outputgooglecloudobservabilitygoogleauthenticationmethod.md new file mode 100644 index 000000000..7402471fb --- /dev/null +++ b/docs/models/outputgooglecloudobservabilitygoogleauthenticationmethod.md @@ -0,0 +1,21 @@ +# OutputGoogleCloudObservabilityGoogleAuthenticationMethod + +Choose Auto to use Google Application Default Credentials (ADC). Choose Secret to select or create a stored secret that references Google service account credentials. + +## Example Usage + +```python +from cribl_control_plane.models import OutputGoogleCloudObservabilityGoogleAuthenticationMethod + +value = OutputGoogleCloudObservabilityGoogleAuthenticationMethod.AUTO + +# Open enum: unrecognized values are captured as UnrecognizedStr +``` + + +## Values + +| Name | Value | +| -------- | -------- | +| `AUTO` | auto | +| `SECRET` | secret | \ No newline at end of file diff --git a/docs/models/outputgooglecloudobservabilityotlpversion.md b/docs/models/outputgooglecloudobservabilityotlpversion.md new file mode 100644 index 000000000..b05c4dd75 --- /dev/null +++ b/docs/models/outputgooglecloudobservabilityotlpversion.md @@ -0,0 +1,18 @@ +# OutputGoogleCloudObservabilityOtlpVersion + +## Example Usage + +```python +from cribl_control_plane.models import OutputGoogleCloudObservabilityOtlpVersion + +value = OutputGoogleCloudObservabilityOtlpVersion.ONE_DOT_3_DOT_1 + +# Open enum: unrecognized values are captured as UnrecognizedStr +``` + + +## Values + +| Name | Value | +| ----------------- | ----------------- | +| `ONE_DOT_3_DOT_1` | 1.3.1 | \ No newline at end of file diff --git a/docs/models/outputgooglecloudobservabilitypqcontrols.md b/docs/models/outputgooglecloudobservabilitypqcontrols.md new file mode 100644 index 000000000..80ad6c5e5 --- /dev/null +++ b/docs/models/outputgooglecloudobservabilitypqcontrols.md @@ -0,0 +1,7 @@ +# OutputGoogleCloudObservabilityPqControls + + +## Fields + +| Field | Type | Required | Description | +| ----------- | ----------- | ----------- | ----------- | \ No newline at end of file diff --git a/docs/models/outputgooglecloudobservabilityprotocol.md b/docs/models/outputgooglecloudobservabilityprotocol.md new file mode 100644 index 000000000..a1d99c675 --- /dev/null +++ b/docs/models/outputgooglecloudobservabilityprotocol.md @@ -0,0 +1,18 @@ +# OutputGoogleCloudObservabilityProtocol + +## Example Usage + +```python +from cribl_control_plane.models import OutputGoogleCloudObservabilityProtocol + +value = OutputGoogleCloudObservabilityProtocol.GRPC + +# Open enum: unrecognized values are captured as UnrecognizedStr +``` + + +## Values + +| Name | Value | +| ------ | ------ | +| `GRPC` | grpc | \ No newline at end of file diff --git a/docs/models/outputgooglecloudobservabilitytype.md b/docs/models/outputgooglecloudobservabilitytype.md new file mode 100644 index 000000000..8bf74322f --- /dev/null +++ b/docs/models/outputgooglecloudobservabilitytype.md @@ -0,0 +1,16 @@ +# OutputGoogleCloudObservabilityType + +## Example Usage + +```python +from cribl_control_plane.models import OutputGoogleCloudObservabilityType + +value = OutputGoogleCloudObservabilityType.GOOGLE_CLOUD_OBSERVABILITY +``` + + +## Values + +| Name | Value | +| ---------------------------- | ---------------------------- | +| `GOOGLE_CLOUD_OBSERVABILITY` | google_cloud_observability | \ No newline at end of file diff --git a/docs/models/outputgooglepubsub.md b/docs/models/outputgooglepubsub.md index a33e8946d..6a571d074 100644 --- a/docs/models/outputgooglepubsub.md +++ b/docs/models/outputgooglepubsub.md @@ -36,7 +36,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputGooglePubsubPqControls]](../models/outputgooglepubsubpqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_topic_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'topicName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicName' at runtime. | diff --git a/docs/models/outputgrafanacloudgrafanacloud1.md b/docs/models/outputgrafanacloudgrafanacloud1.md index d888cae40..7775d864e 100644 --- a/docs/models/outputgrafanacloudgrafanacloud1.md +++ b/docs/models/outputgrafanacloudgrafanacloud1.md @@ -15,7 +15,7 @@ | `prometheus_url` | *Optional[str]* | :heavy_minus_sign: | The remote_write endpoint to send Prometheus metrics to, such as https://prometheus-blocks-prod-us-central1.grafana.net/api/prom/push | | `message` | *Optional[str]* | :heavy_minus_sign: | Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event. | | `message_format` | [Optional[models.MessageFormatOptions]](../models/messageformatoptions.md) | :heavy_minus_sign: | Format to use when sending logs to Loki (Protobuf or JSON) | -| `labels` | List[[models.RequestParamConfInputOpenai](../models/requestparamconfinputopenai.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | +| `labels` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | | `metric_rename_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression that can be used to rename metrics. For example, name.replace(/\./g, '_') will replace all '.' characters in a metric's name with the supported '_' character. Use the 'name' global variable to access the metric's name. You can access event fields' values via __e.. | | `prometheus_auth` | [Optional[models.PrometheusAuthType]](../models/prometheusauthtype.md) | :heavy_minus_sign: | N/A | | `loki_auth` | [Optional[models.PrometheusAuthType]](../models/prometheusauthtype.md) | :heavy_minus_sign: | N/A | @@ -45,7 +45,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputGrafanaCloudPqControls1]](../models/outputgrafanacloudpqcontrols1.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_loki_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'lokiUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'lokiUrl' at runtime. | diff --git a/docs/models/outputgrafanacloudgrafanacloud2.md b/docs/models/outputgrafanacloudgrafanacloud2.md index 91662b964..0c6041931 100644 --- a/docs/models/outputgrafanacloudgrafanacloud2.md +++ b/docs/models/outputgrafanacloudgrafanacloud2.md @@ -15,7 +15,7 @@ | `prometheus_url` | *str* | :heavy_check_mark: | The remote_write endpoint to send Prometheus metrics to, such as https://prometheus-blocks-prod-us-central1.grafana.net/api/prom/push | | `message` | *Optional[str]* | :heavy_minus_sign: | Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event. | | `message_format` | [Optional[models.MessageFormatOptions]](../models/messageformatoptions.md) | :heavy_minus_sign: | Format to use when sending logs to Loki (Protobuf or JSON) | -| `labels` | List[[models.RequestParamConfInputOpenai](../models/requestparamconfinputopenai.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | +| `labels` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | | `metric_rename_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression that can be used to rename metrics. For example, name.replace(/\./g, '_') will replace all '.' characters in a metric's name with the supported '_' character. Use the 'name' global variable to access the metric's name. You can access event fields' values via __e.. | | `prometheus_auth` | [Optional[models.PrometheusAuthType]](../models/prometheusauthtype.md) | :heavy_minus_sign: | N/A | | `loki_auth` | [Optional[models.PrometheusAuthType]](../models/prometheusauthtype.md) | :heavy_minus_sign: | N/A | @@ -45,7 +45,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputGrafanaCloudPqControls2]](../models/outputgrafanacloudpqcontrols2.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_loki_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'lokiUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'lokiUrl' at runtime. | diff --git a/docs/models/outputgraphite.md b/docs/models/outputgraphite.md index d9e7794c5..bf1a3b148 100644 --- a/docs/models/outputgraphite.md +++ b/docs/models/outputgraphite.md @@ -32,7 +32,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputGraphitePqControls]](../models/outputgraphitepqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_on_backpressure` | *Optional[str]* | :heavy_minus_sign: | Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. | \ No newline at end of file diff --git a/docs/models/outputhoneycomb.md b/docs/models/outputhoneycomb.md index 8ce989b4a..3d38c3ef7 100644 --- a/docs/models/outputhoneycomb.md +++ b/docs/models/outputhoneycomb.md @@ -39,7 +39,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputHoneycombPqControls]](../models/outputhoneycombpqcontrols.md) | :heavy_minus_sign: | N/A | | `team` | *Optional[str]* | :heavy_minus_sign: | Team API key where the dataset belongs | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/outputhumiohec.md b/docs/models/outputhumiohec.md index 9adbee40a..013ec5659 100644 --- a/docs/models/outputhumiohec.md +++ b/docs/models/outputhumiohec.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputHumioHecPqControls]](../models/outputhumiohecpqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/outputinfluxdb.md b/docs/models/outputinfluxdb.md index 566614c7c..32c56b658 100644 --- a/docs/models/outputinfluxdb.md +++ b/docs/models/outputinfluxdb.md @@ -46,7 +46,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputInfluxdbPqControls]](../models/outputinfluxdbpqcontrols.md) | :heavy_minus_sign: | N/A | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | | `password` | *Optional[str]* | :heavy_minus_sign: | N/A | diff --git a/docs/models/outputkafka.md b/docs/models/outputkafka.md index 35c6148a7..413c3e703 100644 --- a/docs/models/outputkafka.md +++ b/docs/models/outputkafka.md @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputKafkaPqControls]](../models/outputkafkapqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_topic` | *Optional[str]* | :heavy_minus_sign: | Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime. | diff --git a/docs/models/outputkinesis.md b/docs/models/outputkinesis.md index c291c36b0..2a0231012 100644 --- a/docs/models/outputkinesis.md +++ b/docs/models/outputkinesis.md @@ -43,7 +43,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputKinesisPqControls]](../models/outputkinesispqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_stream_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime. | diff --git a/docs/models/outputlocalsearchstorage.md b/docs/models/outputlocalsearchstorage.md index e0369f8ac..760c0837c 100644 --- a/docs/models/outputlocalsearchstorage.md +++ b/docs/models/outputlocalsearchstorage.md @@ -33,6 +33,7 @@ | `response_retry_settings` | List[[models.ResponseRetrySettingConfOutputWebhook](../models/responseretrysettingconfoutputwebhook.md)] | :heavy_minus_sign: | Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) | | `timeout_retry_settings` | [Optional[models.TimeoutRetrySettingsType]](../models/timeoutretrysettingstype.md) | :heavy_minus_sign: | N/A | | `response_honor_retry_after_header` | *Optional[bool]* | :heavy_minus_sign: | Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. | +| `workload` | *Optional[str]* | :heavy_minus_sign: | Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification. | | `dump_format_errors_to_disk` | *Optional[bool]* | :heavy_minus_sign: | Log the most recent event that fails to match the table schema | | `on_backpressure` | [Optional[models.BackpressureBehaviorOptions]](../models/backpressurebehavioroptions.md) | :heavy_minus_sign: | How to handle events when all receivers are exerting backpressure | | `stats_destination` | [Optional[models.OutputLocalSearchStorageStatsDestination]](../models/outputlocalsearchstoragestatsdestination.md) | :heavy_minus_sign: | N/A | @@ -55,7 +56,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputLocalSearchStoragePqControls]](../models/outputlocalsearchstoragepqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/outputlocalsearchstoragestatsdestination.md b/docs/models/outputlocalsearchstoragestatsdestination.md index e4c18b1af..d6835438d 100644 --- a/docs/models/outputlocalsearchstoragestatsdestination.md +++ b/docs/models/outputlocalsearchstoragestatsdestination.md @@ -3,12 +3,14 @@ ## Fields -| Field | Type | Required | Description | -| ------------------ | ------------------ | ------------------ | ------------------ | -| `url` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `database` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `table_name` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `auth_type` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `username` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `sql_username` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `password` | *Optional[str]* | :heavy_minus_sign: | N/A | \ No newline at end of file +| Field | Type | Required | Description | +| ------------------------ | ------------------------ | ------------------------ | ------------------------ | +| `url` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `database` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `table_name` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `auth_type` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `sql_username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `password` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `wait_for_async_inserts` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `concurrency` | *Optional[float]* | :heavy_minus_sign: | N/A | \ No newline at end of file diff --git a/docs/models/outputloki.md b/docs/models/outputloki.md index 5feaf7d5f..cefce9124 100644 --- a/docs/models/outputloki.md +++ b/docs/models/outputloki.md @@ -14,7 +14,7 @@ | `url` | *str* | :heavy_check_mark: | The endpoint to send logs to | | `message` | *Optional[str]* | :heavy_minus_sign: | Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event. | | `message_format` | [Optional[models.MessageFormatOptions]](../models/messageformatoptions.md) | :heavy_minus_sign: | Format to use when sending logs to Loki (Protobuf or JSON) | -| `labels` | List[[models.RequestParamConfInputOpenai](../models/requestparamconfinputopenai.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | +| `labels` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | | `auth_type` | [Optional[models.AuthenticationTypeOptionsPrometheusAuthBasicCredentialsSecret]](../models/authenticationtypeoptionsprometheusauthbasiccredentialssecret.md) | :heavy_minus_sign: | N/A | | `concurrency` | *Optional[float]* | :heavy_minus_sign: | Maximum number of ongoing requests before blocking. Warning: Setting this value > 1 can cause Loki to complain about entries being delivered out of order. | | `max_payload_size_kb` | *Optional[float]* | :heavy_minus_sign: | Maximum size, in KB, of the request body. Warning: Setting this too low can increase the number of ongoing requests (depending on the value of 'Request concurrency'); this can cause Loki to complain about entries being delivered out of order. | @@ -49,7 +49,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputLokiPqControls]](../models/outputlokipqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/outputmicrosoftfabric.md b/docs/models/outputmicrosoftfabric.md index 062a185e1..e24ecc4ca 100644 --- a/docs/models/outputmicrosoftfabric.md +++ b/docs/models/outputmicrosoftfabric.md @@ -40,7 +40,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputMicrosoftFabricPqControls]](../models/outputmicrosoftfabricpqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_topic` | *Optional[str]* | :heavy_minus_sign: | Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime. | diff --git a/docs/models/outputmsk.md b/docs/models/outputmsk.md index b45d5a645..a82465f2e 100644 --- a/docs/models/outputmsk.md +++ b/docs/models/outputmsk.md @@ -55,7 +55,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputMskPqControls]](../models/outputmskpqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_topic` | *Optional[str]* | :heavy_minus_sign: | Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime. | diff --git a/docs/models/outputnewrelic.md b/docs/models/outputnewrelic.md index 2cb304309..07a485185 100644 --- a/docs/models/outputnewrelic.md +++ b/docs/models/outputnewrelic.md @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputNewrelicPqControls]](../models/outputnewrelicpqcontrols.md) | :heavy_minus_sign: | N/A | | `api_key` | *Optional[str]* | :heavy_minus_sign: | New Relic API key. Can be overridden using __newRelic_apiKey field. | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/outputnewrelicevents.md b/docs/models/outputnewrelicevents.md index c62cfe1fa..5fc4447c0 100644 --- a/docs/models/outputnewrelicevents.md +++ b/docs/models/outputnewrelicevents.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputNewrelicEventsPqControls]](../models/outputnewreliceventspqcontrols.md) | :heavy_minus_sign: | N/A | | `api_key` | *Optional[str]* | :heavy_minus_sign: | New Relic API key. Can be overridden using __newRelic_apiKey field. | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/outputopentelemetry.md b/docs/models/outputopentelemetry.md index af1ec5133..4720024d8 100644 --- a/docs/models/outputopentelemetry.md +++ b/docs/models/outputopentelemetry.md @@ -64,7 +64,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputOpenTelemetryPqControls]](../models/outputopentelemetrypqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/outputprometheus.md b/docs/models/outputprometheus.md index 5abd3ff59..4319fc6aa 100644 --- a/docs/models/outputprometheus.md +++ b/docs/models/outputprometheus.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputPrometheusPqControls]](../models/outputprometheuspqcontrols.md) | :heavy_minus_sign: | N/A | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | | `password` | *Optional[str]* | :heavy_minus_sign: | N/A | diff --git a/docs/models/outputresponse.md b/docs/models/outputresponse.md index f448adbf2..e0b847ba8 100644 --- a/docs/models/outputresponse.md +++ b/docs/models/outputresponse.md @@ -143,6 +143,12 @@ value: models.OutputResponseOutputGoogleCloudStorage = /* values here */ value: models.OutputResponseOutputGoogleCloudLogging = /* values here */ ``` +### `models.OutputResponseOutputGoogleCloudObservability` + +```python +value: models.OutputResponseOutputGoogleCloudObservability = /* values here */ +``` + ### `models.OutputResponseOutputGooglePubsub` ```python diff --git a/docs/models/createoutputendpoint.md b/docs/models/outputresponseendpointdynatracehttp.md similarity index 63% rename from docs/models/createoutputendpoint.md rename to docs/models/outputresponseendpointdynatracehttp.md index 76d02127f..457043554 100644 --- a/docs/models/createoutputendpoint.md +++ b/docs/models/outputresponseendpointdynatracehttp.md @@ -1,11 +1,11 @@ -# CreateOutputEndpoint +# OutputResponseEndpointDynatraceHTTP ## Example Usage ```python -from cribl_control_plane.models import CreateOutputEndpoint +from cribl_control_plane.models import OutputResponseEndpointDynatraceHTTP -value = CreateOutputEndpoint.CLOUD +value = OutputResponseEndpointDynatraceHTTP.CLOUD # Open enum: unrecognized values are captured as UnrecognizedStr ``` diff --git a/docs/models/outputresponseendpointgooglecloudobservability.md b/docs/models/outputresponseendpointgooglecloudobservability.md new file mode 100644 index 000000000..805328bef --- /dev/null +++ b/docs/models/outputresponseendpointgooglecloudobservability.md @@ -0,0 +1,20 @@ +# OutputResponseEndpointGoogleCloudObservability + +Fixed Google Cloud Observability gRPC endpoint. All three signals share this transport; the OTLP service path determines whether the call lands on traces, metrics, or logs. + +## Example Usage + +```python +from cribl_control_plane.models import OutputResponseEndpointGoogleCloudObservability + +value = OutputResponseEndpointGoogleCloudObservability.TELEMETRY_GOOGLEAPIS_COM_443 + +# Open enum: unrecognized values are captured as UnrecognizedStr +``` + + +## Values + +| Name | Value | +| ------------------------------ | ------------------------------ | +| `TELEMETRY_GOOGLEAPIS_COM_443` | telemetry.googleapis.com:443 | \ No newline at end of file diff --git a/docs/models/outputresponseformatcribllake.md b/docs/models/outputresponseformatcribllake.md index 4763f3f37..15ceac097 100644 --- a/docs/models/outputresponseformatcribllake.md +++ b/docs/models/outputresponseformatcribllake.md @@ -13,8 +13,9 @@ value = OutputResponseFormatCriblLake.JSON ## Values -| Name | Value | -| --------- | --------- | -| `JSON` | json | -| `PARQUET` | parquet | -| `DDSS` | ddss | \ No newline at end of file +| Name | Value | +| ---------- | ---------- | +| `JSON` | json | +| `PARQUET` | parquet | +| `DDSS` | ddss | +| `NETSKOPE` | netskope | \ No newline at end of file diff --git a/docs/models/outputresponsegoogleauthenticationmethod.md b/docs/models/outputresponsegoogleauthenticationmethod.md new file mode 100644 index 000000000..d3de0ad67 --- /dev/null +++ b/docs/models/outputresponsegoogleauthenticationmethod.md @@ -0,0 +1,21 @@ +# OutputResponseGoogleAuthenticationMethod + +Choose Auto to use Google Application Default Credentials (ADC). Choose Secret to select or create a stored secret that references Google service account credentials. + +## Example Usage + +```python +from cribl_control_plane.models import OutputResponseGoogleAuthenticationMethod + +value = OutputResponseGoogleAuthenticationMethod.AUTO + +# Open enum: unrecognized values are captured as UnrecognizedStr +``` + + +## Values + +| Name | Value | +| -------- | -------- | +| `AUTO` | auto | +| `SECRET` | secret | \ No newline at end of file diff --git a/docs/models/outputresponseotlpversiongooglecloudobservability.md b/docs/models/outputresponseotlpversiongooglecloudobservability.md new file mode 100644 index 000000000..664f1579f --- /dev/null +++ b/docs/models/outputresponseotlpversiongooglecloudobservability.md @@ -0,0 +1,18 @@ +# OutputResponseOtlpVersionGoogleCloudObservability + +## Example Usage + +```python +from cribl_control_plane.models import OutputResponseOtlpVersionGoogleCloudObservability + +value = OutputResponseOtlpVersionGoogleCloudObservability.ONE_DOT_3_DOT_1 + +# Open enum: unrecognized values are captured as UnrecognizedStr +``` + + +## Values + +| Name | Value | +| ----------------- | ----------------- | +| `ONE_DOT_3_DOT_1` | 1.3.1 | \ No newline at end of file diff --git a/docs/models/outputresponseotlpversion.md b/docs/models/outputresponseotlpversionopentelemetry.md similarity index 78% rename from docs/models/outputresponseotlpversion.md rename to docs/models/outputresponseotlpversionopentelemetry.md index f58bf837f..57096bfc0 100644 --- a/docs/models/outputresponseotlpversion.md +++ b/docs/models/outputresponseotlpversionopentelemetry.md @@ -1,13 +1,13 @@ -# OutputResponseOTLPVersion +# OutputResponseOTLPVersionOpenTelemetry The version of OTLP Protobuf definitions to use when structuring data to send ## Example Usage ```python -from cribl_control_plane.models import OutputResponseOTLPVersion +from cribl_control_plane.models import OutputResponseOTLPVersionOpenTelemetry -value = OutputResponseOTLPVersion.ZERO_DOT_10_DOT_0 +value = OutputResponseOTLPVersionOpenTelemetry.ZERO_DOT_10_DOT_0 # Open enum: unrecognized values are captured as UnrecognizedStr ``` diff --git a/docs/models/outputresponseoutputazuredataexplorer.md b/docs/models/outputresponseoutputazuredataexplorer.md index bec92ecaa..dad46f3f4 100644 --- a/docs/models/outputresponseoutputazuredataexplorer.md +++ b/docs/models/outputresponseoutputazuredataexplorer.md @@ -89,7 +89,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsAzureDataExplorer]](../models/outputresponsepqcontrolsazuredataexplorer.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_cluster_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'clusterUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clusterUrl' at runtime. | diff --git a/docs/models/outputresponseoutputazureeventhub.md b/docs/models/outputresponseoutputazureeventhub.md index e7ca87336..487289571 100644 --- a/docs/models/outputresponseoutputazureeventhub.md +++ b/docs/models/outputresponseoutputazureeventhub.md @@ -40,7 +40,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsAzureEventhub]](../models/outputresponsepqcontrolsazureeventhub.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_brokers` | *Optional[str]* | :heavy_minus_sign: | Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime. | diff --git a/docs/models/outputresponseoutputazurelogs.md b/docs/models/outputresponseoutputazurelogs.md index b0cae51e4..a212e7281 100644 --- a/docs/models/outputresponseoutputazurelogs.md +++ b/docs/models/outputresponseoutputazurelogs.md @@ -41,7 +41,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsAzureLogs]](../models/outputresponsepqcontrolsazurelogs.md) | :heavy_minus_sign: | N/A | | `workspace_id` | *Optional[str]* | :heavy_minus_sign: | Azure Log Analytics Workspace ID. See Azure Dashboard Workspace > Advanced settings. | | `workspace_key` | *Optional[str]* | :heavy_minus_sign: | Azure Log Analytics Workspace Primary or Secondary Shared Key. See Azure Dashboard Workspace > Advanced settings. | diff --git a/docs/models/outputresponseoutputchronicle.md b/docs/models/outputresponseoutputchronicle.md index 4894bd548..aa4f35015 100644 --- a/docs/models/outputresponseoutputchronicle.md +++ b/docs/models/outputresponseoutputchronicle.md @@ -51,7 +51,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsChronicle]](../models/outputresponsepqcontrolschronicle.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_region` | *Optional[str]* | :heavy_minus_sign: | Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime. | diff --git a/docs/models/outputresponseoutputclickhouse.md b/docs/models/outputresponseoutputclickhouse.md index 11dada65c..d16a76eb8 100644 --- a/docs/models/outputresponseoutputclickhouse.md +++ b/docs/models/outputresponseoutputclickhouse.md @@ -33,6 +33,7 @@ | `response_retry_settings` | List[[models.ResponseRetrySettingConfOutputWebhook](../models/responseretrysettingconfoutputwebhook.md)] | :heavy_minus_sign: | Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) | | `timeout_retry_settings` | [Optional[models.TimeoutRetrySettingsType]](../models/timeoutretrysettingstype.md) | :heavy_minus_sign: | N/A | | `response_honor_retry_after_header` | *Optional[bool]* | :heavy_minus_sign: | Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. | +| `workload` | *Optional[str]* | :heavy_minus_sign: | Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification. | | `dump_format_errors_to_disk` | *Optional[bool]* | :heavy_minus_sign: | Log the most recent event that fails to match the table schema | | `on_backpressure` | [Optional[models.BackpressureBehaviorOptions]](../models/backpressurebehavioroptions.md) | :heavy_minus_sign: | How to handle events when all receivers are exerting backpressure | | `description` | *Optional[str]* | :heavy_minus_sign: | N/A | @@ -54,7 +55,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsClickHouse]](../models/outputresponsepqcontrolsclickhouse.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/outputresponseoutputcloudwatch.md b/docs/models/outputresponseoutputcloudwatch.md index dc3eec502..208bdde9d 100644 --- a/docs/models/outputresponseoutputcloudwatch.md +++ b/docs/models/outputresponseoutputcloudwatch.md @@ -40,7 +40,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsCloudwatch]](../models/outputresponsepqcontrolscloudwatch.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_log_group_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'logGroupName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logGroupName' at runtime. | diff --git a/docs/models/outputresponseoutputconfluentcloud.md b/docs/models/outputresponseoutputconfluentcloud.md index 00c35636c..bc43b9a35 100644 --- a/docs/models/outputresponseoutputconfluentcloud.md +++ b/docs/models/outputresponseoutputconfluentcloud.md @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsConfluentCloud]](../models/outputresponsepqcontrolsconfluentcloud.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_brokers` | *Optional[str]* | :heavy_minus_sign: | Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime. | diff --git a/docs/models/outputresponseoutputcriblhttp.md b/docs/models/outputresponseoutputcriblhttp.md index 4582826df..26cebfe7f 100644 --- a/docs/models/outputresponseoutputcriblhttp.md +++ b/docs/models/outputresponseoutputcriblhttp.md @@ -48,7 +48,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsCriblHTTP]](../models/outputresponsepqcontrolscriblhttp.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/outputresponseoutputcriblsearchengine.md b/docs/models/outputresponseoutputcriblsearchengine.md index 96119247e..8de290935 100644 --- a/docs/models/outputresponseoutputcriblsearchengine.md +++ b/docs/models/outputresponseoutputcriblsearchengine.md @@ -48,7 +48,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsCriblSearchEngine]](../models/outputresponsepqcontrolscriblsearchengine.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/outputresponseoutputcribltcp.md b/docs/models/outputresponseoutputcribltcp.md index 18d6acdd5..e0761bb33 100644 --- a/docs/models/outputresponseoutputcribltcp.md +++ b/docs/models/outputresponseoutputcribltcp.md @@ -40,7 +40,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsCriblTCP]](../models/outputresponsepqcontrolscribltcp.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_on_backpressure` | *Optional[str]* | :heavy_minus_sign: | Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. | diff --git a/docs/models/outputresponseoutputcrowdstrikenextgensiem.md b/docs/models/outputresponseoutputcrowdstrikenextgensiem.md index 3dbca64ab..2e7c2f83f 100644 --- a/docs/models/outputresponseoutputcrowdstrikenextgensiem.md +++ b/docs/models/outputresponseoutputcrowdstrikenextgensiem.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsCrowdstrikeNextGenSiem]](../models/outputresponsepqcontrolscrowdstrikenextgensiem.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/outputresponseoutputdatadog.md b/docs/models/outputresponseoutputdatadog.md index 91ffb40ec..d0a92cdd7 100644 --- a/docs/models/outputresponseoutputdatadog.md +++ b/docs/models/outputresponseoutputdatadog.md @@ -51,7 +51,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsDatadog]](../models/outputresponsepqcontrolsdatadog.md) | :heavy_minus_sign: | N/A | | `api_key` | *Optional[str]* | :heavy_minus_sign: | Organization's API key in Datadog | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/outputresponseoutputdataset.md b/docs/models/outputresponseoutputdataset.md index 14c1c8847..f17374b21 100644 --- a/docs/models/outputresponseoutputdataset.md +++ b/docs/models/outputresponseoutputdataset.md @@ -46,7 +46,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsDataset]](../models/outputresponsepqcontrolsdataset.md) | :heavy_minus_sign: | N/A | | `api_key` | *Optional[str]* | :heavy_minus_sign: | A 'Log Write Access' API key for the DataSet account | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/outputresponseoutputdynatracehttp.md b/docs/models/outputresponseoutputdynatracehttp.md index 66a1ff6b8..9333b4f96 100644 --- a/docs/models/outputresponseoutputdynatracehttp.md +++ b/docs/models/outputresponseoutputdynatracehttp.md @@ -30,7 +30,7 @@ | `on_backpressure` | [Optional[models.BackpressureBehaviorOptions]](../models/backpressurebehavioroptions.md) | :heavy_minus_sign: | How to handle events when all receivers are exerting backpressure | | `auth_type` | [Optional[models.OutputResponseAuthenticationTypeDynatraceHTTP]](../models/outputresponseauthenticationtypedynatracehttp.md) | :heavy_minus_sign: | N/A | | `format_` | [models.OutputResponseFormatDynatraceHTTP](../models/outputresponseformatdynatracehttp.md) | :heavy_check_mark: | How to format events before sending. Defaults to JSON. Plaintext is not currently supported. | -| `endpoint` | [models.OutputResponseEndpoint](../models/outputresponseendpoint.md) | :heavy_check_mark: | N/A | +| `endpoint` | [models.OutputResponseEndpointDynatraceHTTP](../models/outputresponseendpointdynatracehttp.md) | :heavy_check_mark: | N/A | | `telemetry_type` | [models.OutputResponseTelemetryType](../models/outputresponsetelemetrytype.md) | :heavy_check_mark: | N/A | | `total_memory_limit_kb` | *Optional[float]* | :heavy_minus_sign: | Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced. | | `description` | *Optional[str]* | :heavy_minus_sign: | N/A | @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsDynatraceHTTP]](../models/outputresponsepqcontrolsdynatracehttp.md) | :heavy_minus_sign: | N/A | | `token` | *Optional[str]* | :heavy_minus_sign: | Bearer token to include in the authorization header | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/outputresponseoutputdynatraceotlp.md b/docs/models/outputresponseoutputdynatraceotlp.md index 2715a3023..d12ea8b91 100644 --- a/docs/models/outputresponseoutputdynatraceotlp.md +++ b/docs/models/outputresponseoutputdynatraceotlp.md @@ -52,7 +52,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsDynatraceOtlp]](../models/outputresponsepqcontrolsdynatraceotlp.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/outputresponseoutputelastic.md b/docs/models/outputresponseoutputelastic.md index b71adef89..bcc0f506f 100644 --- a/docs/models/outputresponseoutputelastic.md +++ b/docs/models/outputresponseoutputelastic.md @@ -52,7 +52,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsElastic]](../models/outputresponsepqcontrolselastic.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_index` | *Optional[str]* | :heavy_minus_sign: | Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime. | diff --git a/docs/models/outputresponseoutputelasticcloud.md b/docs/models/outputresponseoutputelasticcloud.md index b91fb995e..721a555c5 100644 --- a/docs/models/outputresponseoutputelasticcloud.md +++ b/docs/models/outputresponseoutputelasticcloud.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsElasticCloud]](../models/outputresponsepqcontrolselasticcloud.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/outputresponseoutputgooglechronicle.md b/docs/models/outputresponseoutputgooglechronicle.md index a648b988b..298fb39d0 100644 --- a/docs/models/outputresponseoutputgooglechronicle.md +++ b/docs/models/outputresponseoutputgooglechronicle.md @@ -53,7 +53,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsGoogleChronicle]](../models/outputresponsepqcontrolsgooglechronicle.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_api_version` | *Optional[str]* | :heavy_minus_sign: | Binds 'apiVersion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'apiVersion' at runtime. | diff --git a/docs/models/outputresponseoutputgooglecloudlogging.md b/docs/models/outputresponseoutputgooglecloudlogging.md index 70c034cd7..0712cdd3d 100644 --- a/docs/models/outputresponseoutputgooglecloudlogging.md +++ b/docs/models/outputresponseoutputgooglecloudlogging.md @@ -73,7 +73,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsGoogleCloudLogging]](../models/outputresponsepqcontrolsgooglecloudlogging.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_log_location_type` | *Optional[str]* | :heavy_minus_sign: | Binds 'logLocationType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationType' at runtime. | diff --git a/docs/models/outputresponseoutputgooglecloudobservability.md b/docs/models/outputresponseoutputgooglecloudobservability.md new file mode 100644 index 000000000..c4485dc3a --- /dev/null +++ b/docs/models/outputresponseoutputgooglecloudobservability.md @@ -0,0 +1,49 @@ +# OutputResponseOutputGoogleCloudObservability + + +## Fields + +| Field | Type | Required | Description | +| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `id` | *Optional[str]* | :heavy_minus_sign: | Unique ID for this output | +| `type` | [models.OutputResponseTypeGoogleCloudObservability](../models/outputresponsetypegooglecloudobservability.md) | :heavy_check_mark: | N/A | +| `pipeline` | *Optional[str]* | :heavy_minus_sign: | Pipeline to process data before sending out to this output | +| `system_fields` | List[*str*] | :heavy_minus_sign: | Fields to automatically add to events, such as cribl_pipe. Supports wildcards. | +| `environment` | *Optional[str]* | :heavy_minus_sign: | Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere. | +| `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | +| `protocol` | [Optional[models.OutputResponseProtocolGoogleCloudObservability]](../models/outputresponseprotocolgooglecloudobservability.md) | :heavy_minus_sign: | N/A | +| `otlp_version` | [Optional[models.OutputResponseOtlpVersionGoogleCloudObservability]](../models/outputresponseotlpversiongooglecloudobservability.md) | :heavy_minus_sign: | N/A | +| `endpoint` | [Optional[models.OutputResponseEndpointGoogleCloudObservability]](../models/outputresponseendpointgooglecloudobservability.md) | :heavy_minus_sign: | Fixed Google Cloud Observability gRPC endpoint. All three signals share this transport; the OTLP service path determines whether the call lands on traces, metrics, or logs. | +| `google_auth_method` | [models.OutputResponseGoogleAuthenticationMethod](../models/outputresponsegoogleauthenticationmethod.md) | :heavy_check_mark: | Choose Auto to use Google Application Default Credentials (ADC). Choose Secret to select or create a stored secret that references Google service account credentials. | +| `metadata` | List[[models.KeyValueMetadataConfOutputFilesystem](../models/keyvaluemetadataconfoutputfilesystem.md)] | :heavy_minus_sign: | List of key-value pairs to send with each gRPC request. Value supports JavaScript expressions that are evaluated just once, when the destination gets started. To pass credentials as metadata, use 'C.Secret'. | +| `dynamic_headers_enabled` | *Optional[bool]* | :heavy_minus_sign: | Batch event data upon dynamic metadata (whether presented or not) | +| `dynamic_headers_field` | *Optional[str]* | :heavy_minus_sign: | When presented, this field which contains metadata, will be injected into the Destination metadata and used to batch events. | +| `concurrency` | *Optional[float]* | :heavy_minus_sign: | Maximum number of ongoing requests before blocking | +| `max_payload_size_kb` | *Optional[float]* | :heavy_minus_sign: | Maximum size, in KB, of the request body sent to Google Cloud Observability | +| `timeout_sec` | *Optional[float]* | :heavy_minus_sign: | Amount of time, in seconds, to wait for a request to complete before canceling it | +| `flush_period_sec` | *Optional[float]* | :heavy_minus_sign: | Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit. | +| `failed_request_logging_mode` | [Optional[models.FailedRequestLoggingModeOptions]](../models/failedrequestloggingmodeoptions.md) | :heavy_minus_sign: | Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below. | +| `connection_timeout` | *Optional[float]* | :heavy_minus_sign: | Amount of time (milliseconds) to wait for the connection to establish before retrying | +| `keep_alive_time` | *Optional[float]* | :heavy_minus_sign: | How often the sender should ping the peer to keep the connection open | +| `tls` | [Optional[models.TLSSettingsClientSideTypeExtended]](../models/tlssettingsclientsidetypeextended.md) | :heavy_minus_sign: | N/A | +| `max_payload_events` | *Optional[float]* | :heavy_minus_sign: | Max number of events to include in the request body. Default is 0 (unlimited). Use to keep outgoing data points within GCO request limits. For metrics, combine with the OTLP Metrics function batchSize. | +| `on_backpressure` | [Optional[models.BackpressureBehaviorOptions]](../models/backpressurebehavioroptions.md) | :heavy_minus_sign: | How to handle events when all receivers are exerting backpressure | +| `description` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | +| `pq_strict_ordering` | *Optional[bool]* | :heavy_minus_sign: | Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed. | +| `pq_rate_per_sec` | *Optional[float]* | :heavy_minus_sign: | Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling. | +| `pq_mode` | [Optional[models.ModeOptions]](../models/modeoptions.md) | :heavy_minus_sign: | In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem. | +| `pq_max_buffer_size` | *Optional[float]* | :heavy_minus_sign: | Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead. | +| `pq_max_backpressure_sec` | *Optional[float]* | :heavy_minus_sign: | How long (in seconds) to wait for backpressure to resolve before engaging the queue | +| `pq_max_file_size` | *Optional[str]* | :heavy_minus_sign: | The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.) | +| `pq_max_size` | *Optional[str]* | :heavy_minus_sign: | The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc. | +| `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | +| `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | +| `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | +| `pq_controls` | [Optional[models.OutputResponsePqControlsGoogleCloudObservability]](../models/outputresponsepqcontrolsgooglecloudobservability.md) | :heavy_minus_sign: | N/A | +| `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | +| `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | +| `template_on_backpressure` | *Optional[str]* | :heavy_minus_sign: | Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. | +| `notifications` | List[[models.NotificationUnion](../models/notificationunion.md)] | :heavy_minus_sign: | Notifications attached to the Destination. | +| `status` | [Optional[models.StatusType]](../models/statustype.md) | :heavy_minus_sign: | Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable. | \ No newline at end of file diff --git a/docs/models/outputresponseoutputgooglepubsub.md b/docs/models/outputresponseoutputgooglepubsub.md index b5a97c255..d1e1544a6 100644 --- a/docs/models/outputresponseoutputgooglepubsub.md +++ b/docs/models/outputresponseoutputgooglepubsub.md @@ -36,7 +36,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsGooglePubsub]](../models/outputresponsepqcontrolsgooglepubsub.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_topic_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'topicName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicName' at runtime. | diff --git a/docs/models/outputresponseoutputgrafanacloudgrafanacloud1.md b/docs/models/outputresponseoutputgrafanacloudgrafanacloud1.md index 56f4da7eb..fb891e82b 100644 --- a/docs/models/outputresponseoutputgrafanacloudgrafanacloud1.md +++ b/docs/models/outputresponseoutputgrafanacloudgrafanacloud1.md @@ -15,7 +15,7 @@ | `prometheus_url` | *Optional[str]* | :heavy_minus_sign: | The remote_write endpoint to send Prometheus metrics to, such as https://prometheus-blocks-prod-us-central1.grafana.net/api/prom/push | | `message` | *Optional[str]* | :heavy_minus_sign: | Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event. | | `message_format` | [Optional[models.MessageFormatOptions]](../models/messageformatoptions.md) | :heavy_minus_sign: | Format to use when sending logs to Loki (Protobuf or JSON) | -| `labels` | List[[models.RequestParamConfInputOpenai](../models/requestparamconfinputopenai.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | +| `labels` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | | `metric_rename_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression that can be used to rename metrics. For example, name.replace(/\./g, '_') will replace all '.' characters in a metric's name with the supported '_' character. Use the 'name' global variable to access the metric's name. You can access event fields' values via __e.. | | `prometheus_auth` | [Optional[models.PrometheusAuthType]](../models/prometheusauthtype.md) | :heavy_minus_sign: | N/A | | `loki_auth` | [Optional[models.PrometheusAuthType]](../models/prometheusauthtype.md) | :heavy_minus_sign: | N/A | @@ -45,7 +45,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponseOutputGrafanaCloudPqControls1]](../models/outputresponseoutputgrafanacloudpqcontrols1.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_loki_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'lokiUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'lokiUrl' at runtime. | diff --git a/docs/models/outputresponseoutputgrafanacloudgrafanacloud2.md b/docs/models/outputresponseoutputgrafanacloudgrafanacloud2.md index 5eb88d2fb..10df618a5 100644 --- a/docs/models/outputresponseoutputgrafanacloudgrafanacloud2.md +++ b/docs/models/outputresponseoutputgrafanacloudgrafanacloud2.md @@ -15,7 +15,7 @@ | `prometheus_url` | *str* | :heavy_check_mark: | The remote_write endpoint to send Prometheus metrics to, such as https://prometheus-blocks-prod-us-central1.grafana.net/api/prom/push | | `message` | *Optional[str]* | :heavy_minus_sign: | Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event. | | `message_format` | [Optional[models.MessageFormatOptions]](../models/messageformatoptions.md) | :heavy_minus_sign: | Format to use when sending logs to Loki (Protobuf or JSON) | -| `labels` | List[[models.RequestParamConfInputOpenai](../models/requestparamconfinputopenai.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | +| `labels` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | | `metric_rename_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression that can be used to rename metrics. For example, name.replace(/\./g, '_') will replace all '.' characters in a metric's name with the supported '_' character. Use the 'name' global variable to access the metric's name. You can access event fields' values via __e.. | | `prometheus_auth` | [Optional[models.PrometheusAuthType]](../models/prometheusauthtype.md) | :heavy_minus_sign: | N/A | | `loki_auth` | [Optional[models.PrometheusAuthType]](../models/prometheusauthtype.md) | :heavy_minus_sign: | N/A | @@ -45,7 +45,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponseOutputGrafanaCloudPqControls2]](../models/outputresponseoutputgrafanacloudpqcontrols2.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_loki_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'lokiUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'lokiUrl' at runtime. | diff --git a/docs/models/outputresponseoutputgraphite.md b/docs/models/outputresponseoutputgraphite.md index da616d16a..0b4403ecf 100644 --- a/docs/models/outputresponseoutputgraphite.md +++ b/docs/models/outputresponseoutputgraphite.md @@ -32,7 +32,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsGraphite]](../models/outputresponsepqcontrolsgraphite.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_on_backpressure` | *Optional[str]* | :heavy_minus_sign: | Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. | diff --git a/docs/models/outputresponseoutputhoneycomb.md b/docs/models/outputresponseoutputhoneycomb.md index f05145228..a3ab96cb7 100644 --- a/docs/models/outputresponseoutputhoneycomb.md +++ b/docs/models/outputresponseoutputhoneycomb.md @@ -39,7 +39,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsHoneycomb]](../models/outputresponsepqcontrolshoneycomb.md) | :heavy_minus_sign: | N/A | | `team` | *Optional[str]* | :heavy_minus_sign: | Team API key where the dataset belongs | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/outputresponseoutputhumiohec.md b/docs/models/outputresponseoutputhumiohec.md index bd689410d..8ebdbc254 100644 --- a/docs/models/outputresponseoutputhumiohec.md +++ b/docs/models/outputresponseoutputhumiohec.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsHumioHec]](../models/outputresponsepqcontrolshumiohec.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/outputresponseoutputinfluxdb.md b/docs/models/outputresponseoutputinfluxdb.md index de907bb35..fb59d4c42 100644 --- a/docs/models/outputresponseoutputinfluxdb.md +++ b/docs/models/outputresponseoutputinfluxdb.md @@ -46,7 +46,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsInfluxdb]](../models/outputresponsepqcontrolsinfluxdb.md) | :heavy_minus_sign: | N/A | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | | `password` | *Optional[str]* | :heavy_minus_sign: | N/A | diff --git a/docs/models/outputresponseoutputkafka.md b/docs/models/outputresponseoutputkafka.md index 88dd788be..d30389832 100644 --- a/docs/models/outputresponseoutputkafka.md +++ b/docs/models/outputresponseoutputkafka.md @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsKafka]](../models/outputresponsepqcontrolskafka.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_topic` | *Optional[str]* | :heavy_minus_sign: | Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime. | diff --git a/docs/models/outputresponseoutputkinesis.md b/docs/models/outputresponseoutputkinesis.md index 9cb077905..1fd005c5d 100644 --- a/docs/models/outputresponseoutputkinesis.md +++ b/docs/models/outputresponseoutputkinesis.md @@ -43,7 +43,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsKinesis]](../models/outputresponsepqcontrolskinesis.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_stream_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime. | diff --git a/docs/models/outputresponseoutputlocalsearchstorage.md b/docs/models/outputresponseoutputlocalsearchstorage.md index 6853eb121..7b8ae60ae 100644 --- a/docs/models/outputresponseoutputlocalsearchstorage.md +++ b/docs/models/outputresponseoutputlocalsearchstorage.md @@ -33,6 +33,7 @@ | `response_retry_settings` | List[[models.ResponseRetrySettingConfOutputWebhook](../models/responseretrysettingconfoutputwebhook.md)] | :heavy_minus_sign: | Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable) | | `timeout_retry_settings` | [Optional[models.TimeoutRetrySettingsType]](../models/timeoutretrysettingstype.md) | :heavy_minus_sign: | N/A | | `response_honor_retry_after_header` | *Optional[bool]* | :heavy_minus_sign: | Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored. | +| `workload` | *Optional[str]* | :heavy_minus_sign: | Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification. | | `dump_format_errors_to_disk` | *Optional[bool]* | :heavy_minus_sign: | Log the most recent event that fails to match the table schema | | `on_backpressure` | [Optional[models.BackpressureBehaviorOptions]](../models/backpressurebehavioroptions.md) | :heavy_minus_sign: | How to handle events when all receivers are exerting backpressure | | `stats_destination` | [Optional[models.OutputResponseStatsDestination]](../models/outputresponsestatsdestination.md) | :heavy_minus_sign: | N/A | @@ -55,7 +56,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsLocalSearchStorage]](../models/outputresponsepqcontrolslocalsearchstorage.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/outputresponseoutputloki.md b/docs/models/outputresponseoutputloki.md index cf94421d1..5a75364e3 100644 --- a/docs/models/outputresponseoutputloki.md +++ b/docs/models/outputresponseoutputloki.md @@ -14,7 +14,7 @@ | `url` | *str* | :heavy_check_mark: | The endpoint to send logs to | | `message` | *Optional[str]* | :heavy_minus_sign: | Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event. | | `message_format` | [Optional[models.MessageFormatOptions]](../models/messageformatoptions.md) | :heavy_minus_sign: | Format to use when sending logs to Loki (Protobuf or JSON) | -| `labels` | List[[models.RequestParamConfInputOpenai](../models/requestparamconfinputopenai.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | +| `labels` | List[[models.HTTPDiscoveryHeaderConfInputPrometheus](../models/httpdiscoveryheaderconfinputprometheus.md)] | :heavy_minus_sign: | List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: "cribl.io", level: "error"}' | | `auth_type` | [Optional[models.AuthenticationTypeOptionsPrometheusAuthBasicCredentialsSecret]](../models/authenticationtypeoptionsprometheusauthbasiccredentialssecret.md) | :heavy_minus_sign: | N/A | | `concurrency` | *Optional[float]* | :heavy_minus_sign: | Maximum number of ongoing requests before blocking. Warning: Setting this value > 1 can cause Loki to complain about entries being delivered out of order. | | `max_payload_size_kb` | *Optional[float]* | :heavy_minus_sign: | Maximum size, in KB, of the request body. Warning: Setting this too low can increase the number of ongoing requests (depending on the value of 'Request concurrency'); this can cause Loki to complain about entries being delivered out of order. | @@ -49,7 +49,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsLoki]](../models/outputresponsepqcontrolsloki.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/outputresponseoutputmicrosoftfabric.md b/docs/models/outputresponseoutputmicrosoftfabric.md index b5dbd9fb6..afbd9d6de 100644 --- a/docs/models/outputresponseoutputmicrosoftfabric.md +++ b/docs/models/outputresponseoutputmicrosoftfabric.md @@ -40,7 +40,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsMicrosoftFabric]](../models/outputresponsepqcontrolsmicrosoftfabric.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_topic` | *Optional[str]* | :heavy_minus_sign: | Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime. | diff --git a/docs/models/outputresponseoutputmsk.md b/docs/models/outputresponseoutputmsk.md index 07f162364..37e5ea57b 100644 --- a/docs/models/outputresponseoutputmsk.md +++ b/docs/models/outputresponseoutputmsk.md @@ -55,7 +55,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsMsk]](../models/outputresponsepqcontrolsmsk.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_topic` | *Optional[str]* | :heavy_minus_sign: | Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime. | diff --git a/docs/models/outputresponseoutputnewrelic.md b/docs/models/outputresponseoutputnewrelic.md index 7bfd1de1f..5ee53bf25 100644 --- a/docs/models/outputresponseoutputnewrelic.md +++ b/docs/models/outputresponseoutputnewrelic.md @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsNewrelic]](../models/outputresponsepqcontrolsnewrelic.md) | :heavy_minus_sign: | N/A | | `api_key` | *Optional[str]* | :heavy_minus_sign: | New Relic API key. Can be overridden using __newRelic_apiKey field. | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/outputresponseoutputnewrelicevents.md b/docs/models/outputresponseoutputnewrelicevents.md index 28544b778..a0e68c02d 100644 --- a/docs/models/outputresponseoutputnewrelicevents.md +++ b/docs/models/outputresponseoutputnewrelicevents.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsNewrelicEvents]](../models/outputresponsepqcontrolsnewrelicevents.md) | :heavy_minus_sign: | N/A | | `api_key` | *Optional[str]* | :heavy_minus_sign: | New Relic API key. Can be overridden using __newRelic_apiKey field. | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/outputresponseoutputopentelemetry.md b/docs/models/outputresponseoutputopentelemetry.md index db25e5a50..11775ec67 100644 --- a/docs/models/outputresponseoutputopentelemetry.md +++ b/docs/models/outputresponseoutputopentelemetry.md @@ -13,7 +13,7 @@ | `streamtags` | List[*str*] | :heavy_minus_sign: | Tags for filtering and grouping in @{product} | | `protocol` | [Optional[models.ProtocolOptions]](../models/protocoloptions.md) | :heavy_minus_sign: | Select a transport option for OpenTelemetry | | `endpoint` | *str* | :heavy_check_mark: | The endpoint where OTel events will be sent. Enter any valid URL or an IP address (IPv4 or IPv6; enclose IPv6 addresses in square brackets). Unspecified ports will default to 4317, unless the endpoint is an HTTPS-based URL or TLS is enabled, in which case 443 will be used. | -| `otlp_version` | [Optional[models.OutputResponseOTLPVersion]](../models/outputresponseotlpversion.md) | :heavy_minus_sign: | The version of OTLP Protobuf definitions to use when structuring data to send | +| `otlp_version` | [Optional[models.OutputResponseOTLPVersionOpenTelemetry]](../models/outputresponseotlpversionopentelemetry.md) | :heavy_minus_sign: | The version of OTLP Protobuf definitions to use when structuring data to send | | `compress` | [Optional[models.CompressionOptionsDeflateGzip]](../models/compressionoptionsdeflategzip.md) | :heavy_minus_sign: | Type of compression to apply to messages sent to the OpenTelemetry endpoint | | `http_compress` | [Optional[models.CompressionOptionsMessages]](../models/compressionoptionsmessages.md) | :heavy_minus_sign: | Type of compression to apply to messages sent to the OpenTelemetry endpoint | | `auth_type` | [Optional[models.OutputResponseAuthenticationTypeOpenTelemetry]](../models/outputresponseauthenticationtypeopentelemetry.md) | :heavy_minus_sign: | N/A | @@ -64,7 +64,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsOpenTelemetry]](../models/outputresponsepqcontrolsopentelemetry.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/outputresponseoutputprometheus.md b/docs/models/outputresponseoutputprometheus.md index cdaf2eed6..99e354ab0 100644 --- a/docs/models/outputresponseoutputprometheus.md +++ b/docs/models/outputresponseoutputprometheus.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsPrometheus]](../models/outputresponsepqcontrolsprometheus.md) | :heavy_minus_sign: | N/A | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | | `password` | *Optional[str]* | :heavy_minus_sign: | N/A | diff --git a/docs/models/outputresponseoutputsentinel.md b/docs/models/outputresponseoutputsentinel.md index 03581a783..218d50267 100644 --- a/docs/models/outputresponseoutputsentinel.md +++ b/docs/models/outputresponseoutputsentinel.md @@ -54,7 +54,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsSentinel]](../models/outputresponsepqcontrolssentinel.md) | :heavy_minus_sign: | N/A | | `url` | *Optional[str]* | :heavy_minus_sign: | URL to send events to. Can be overwritten by an event's __url field. | | `dcr_id` | *Optional[str]* | :heavy_minus_sign: | Immutable ID for the Data Collection Rule (DCR) | diff --git a/docs/models/outputresponseoutputsentineloneaisiem.md b/docs/models/outputresponseoutputsentineloneaisiem.md index fe8aedf29..17f98d241 100644 --- a/docs/models/outputresponseoutputsentineloneaisiem.md +++ b/docs/models/outputresponseoutputsentineloneaisiem.md @@ -56,7 +56,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsSentinelOneAiSiem]](../models/outputresponsepqcontrolssentineloneaisiem.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/outputresponseoutputservicenow.md b/docs/models/outputresponseoutputservicenow.md index 048caa378..3086da83b 100644 --- a/docs/models/outputresponseoutputservicenow.md +++ b/docs/models/outputresponseoutputservicenow.md @@ -52,7 +52,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsServiceNow]](../models/outputresponsepqcontrolsservicenow.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/outputresponseoutputsignalfx.md b/docs/models/outputresponseoutputsignalfx.md index 06a2885de..8688946e4 100644 --- a/docs/models/outputresponseoutputsignalfx.md +++ b/docs/models/outputresponseoutputsignalfx.md @@ -41,7 +41,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsSignalfx]](../models/outputresponsepqcontrolssignalfx.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/outputresponseoutputsns.md b/docs/models/outputresponseoutputsns.md index 82625ca81..1c1a30690 100644 --- a/docs/models/outputresponseoutputsns.md +++ b/docs/models/outputresponseoutputsns.md @@ -38,7 +38,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsSns]](../models/outputresponsepqcontrolssns.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_topic_arn` | *Optional[str]* | :heavy_minus_sign: | Binds 'topicArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicArn' at runtime. | diff --git a/docs/models/outputresponseoutputsplunk.md b/docs/models/outputresponseoutputsplunk.md index 54b1b8174..3e6e95384 100644 --- a/docs/models/outputresponseoutputsplunk.md +++ b/docs/models/outputresponseoutputsplunk.md @@ -37,7 +37,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsSplunk]](../models/outputresponsepqcontrolssplunk.md) | :heavy_minus_sign: | N/A | | `auth_token` | *Optional[str]* | :heavy_minus_sign: | Shared secret token to use when establishing a connection to a Splunk indexer. | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/outputresponseoutputsplunkhec.md b/docs/models/outputresponseoutputsplunkhec.md index 7b7584771..426b83947 100644 --- a/docs/models/outputresponseoutputsplunkhec.md +++ b/docs/models/outputresponseoutputsplunkhec.md @@ -50,7 +50,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsSplunkHec]](../models/outputresponsepqcontrolssplunkhec.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/outputresponseoutputsplunklb.md b/docs/models/outputresponseoutputsplunklb.md index 0a923ddba..6d6c80ddd 100644 --- a/docs/models/outputresponseoutputsplunklb.md +++ b/docs/models/outputresponseoutputsplunklb.md @@ -43,7 +43,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsSplunkLb]](../models/outputresponsepqcontrolssplunklb.md) | :heavy_minus_sign: | N/A | | `auth_token` | *Optional[str]* | :heavy_minus_sign: | Shared secret token to use when establishing a connection to a Splunk indexer. | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/outputresponseoutputsqs.md b/docs/models/outputresponseoutputsqs.md index 3aa627e9f..32b679bb2 100644 --- a/docs/models/outputresponseoutputsqs.md +++ b/docs/models/outputresponseoutputsqs.md @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsSqs]](../models/outputresponsepqcontrolssqs.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_queue_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'queueName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'queueName' at runtime. | diff --git a/docs/models/outputresponseoutputstatsd.md b/docs/models/outputresponseoutputstatsd.md index babbd4cd3..e09ddf7eb 100644 --- a/docs/models/outputresponseoutputstatsd.md +++ b/docs/models/outputresponseoutputstatsd.md @@ -32,7 +32,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsStatsd]](../models/outputresponsepqcontrolsstatsd.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_on_backpressure` | *Optional[str]* | :heavy_minus_sign: | Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. | diff --git a/docs/models/outputresponseoutputstatsdext.md b/docs/models/outputresponseoutputstatsdext.md index 94ddb821f..906961fb7 100644 --- a/docs/models/outputresponseoutputstatsdext.md +++ b/docs/models/outputresponseoutputstatsdext.md @@ -32,7 +32,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsStatsdExt]](../models/outputresponsepqcontrolsstatsdext.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_on_backpressure` | *Optional[str]* | :heavy_minus_sign: | Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. | diff --git a/docs/models/outputresponseoutputsumologic.md b/docs/models/outputresponseoutputsumologic.md index aeb149234..a83916c3f 100644 --- a/docs/models/outputresponseoutputsumologic.md +++ b/docs/models/outputresponseoutputsumologic.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsSumoLogic]](../models/outputresponsepqcontrolssumologic.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/outputresponseoutputsyslog.md b/docs/models/outputresponseoutputsyslog.md index a2fcb552c..10a1c6d2e 100644 --- a/docs/models/outputresponseoutputsyslog.md +++ b/docs/models/outputresponseoutputsyslog.md @@ -46,7 +46,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsSyslog]](../models/outputresponsepqcontrolssyslog.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_host` | *Optional[str]* | :heavy_minus_sign: | Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. | diff --git a/docs/models/outputresponseoutputtcpjson.md b/docs/models/outputresponseoutputtcpjson.md index c4436801d..90c4f0021 100644 --- a/docs/models/outputresponseoutputtcpjson.md +++ b/docs/models/outputresponseoutputtcpjson.md @@ -40,7 +40,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsTcpjson]](../models/outputresponsepqcontrolstcpjson.md) | :heavy_minus_sign: | N/A | | `auth_token` | *Optional[str]* | :heavy_minus_sign: | Optional authentication token to include as part of the connection header | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/outputresponseoutputwavefront.md b/docs/models/outputresponseoutputwavefront.md index 211715a96..1c3a5176b 100644 --- a/docs/models/outputresponseoutputwavefront.md +++ b/docs/models/outputresponseoutputwavefront.md @@ -41,7 +41,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsWavefront]](../models/outputresponsepqcontrolswavefront.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/outputresponseoutputwebhookwebhook1.md b/docs/models/outputresponseoutputwebhookwebhook1.md index fe2ea4720..0ffe9751e 100644 --- a/docs/models/outputresponseoutputwebhookwebhook1.md +++ b/docs/models/outputresponseoutputwebhookwebhook1.md @@ -52,7 +52,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponseOutputWebhookPqControls1]](../models/outputresponseoutputwebhookpqcontrols1.md) | :heavy_minus_sign: | N/A | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | | `password` | *Optional[str]* | :heavy_minus_sign: | N/A | diff --git a/docs/models/outputresponseoutputwebhookwebhook2.md b/docs/models/outputresponseoutputwebhookwebhook2.md index 8d0f9b8d0..f084c48d4 100644 --- a/docs/models/outputresponseoutputwebhookwebhook2.md +++ b/docs/models/outputresponseoutputwebhookwebhook2.md @@ -52,7 +52,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponseOutputWebhookPqControls2]](../models/outputresponseoutputwebhookpqcontrols2.md) | :heavy_minus_sign: | N/A | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | | `password` | *Optional[str]* | :heavy_minus_sign: | N/A | diff --git a/docs/models/outputresponseoutputwizhec.md b/docs/models/outputresponseoutputwizhec.md index eb2257c0d..777bfe1cf 100644 --- a/docs/models/outputresponseoutputwizhec.md +++ b/docs/models/outputresponseoutputwizhec.md @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsWizHec]](../models/outputresponsepqcontrolswizhec.md) | :heavy_minus_sign: | N/A | | `token` | *Optional[str]* | :heavy_minus_sign: | Wiz Defend Auth token | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/outputresponseoutputxsiam.md b/docs/models/outputresponseoutputxsiam.md index 61315f652..ca0782568 100644 --- a/docs/models/outputresponseoutputxsiam.md +++ b/docs/models/outputresponseoutputxsiam.md @@ -48,7 +48,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputResponsePqControlsXsiam]](../models/outputresponsepqcontrolsxsiam.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/outputresponsepqcontrolsgooglecloudobservability.md b/docs/models/outputresponsepqcontrolsgooglecloudobservability.md new file mode 100644 index 000000000..c78010b2c --- /dev/null +++ b/docs/models/outputresponsepqcontrolsgooglecloudobservability.md @@ -0,0 +1,7 @@ +# OutputResponsePqControlsGoogleCloudObservability + + +## Fields + +| Field | Type | Required | Description | +| ----------- | ----------- | ----------- | ----------- | \ No newline at end of file diff --git a/docs/models/outputresponseprotocolgooglecloudobservability.md b/docs/models/outputresponseprotocolgooglecloudobservability.md new file mode 100644 index 000000000..b85ff7357 --- /dev/null +++ b/docs/models/outputresponseprotocolgooglecloudobservability.md @@ -0,0 +1,18 @@ +# OutputResponseProtocolGoogleCloudObservability + +## Example Usage + +```python +from cribl_control_plane.models import OutputResponseProtocolGoogleCloudObservability + +value = OutputResponseProtocolGoogleCloudObservability.GRPC + +# Open enum: unrecognized values are captured as UnrecognizedStr +``` + + +## Values + +| Name | Value | +| ------ | ------ | +| `GRPC` | grpc | \ No newline at end of file diff --git a/docs/models/outputresponsestatsdestination.md b/docs/models/outputresponsestatsdestination.md index 7f07836f2..afbe59411 100644 --- a/docs/models/outputresponsestatsdestination.md +++ b/docs/models/outputresponsestatsdestination.md @@ -3,12 +3,14 @@ ## Fields -| Field | Type | Required | Description | -| ------------------ | ------------------ | ------------------ | ------------------ | -| `url` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `database` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `table_name` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `auth_type` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `username` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `sql_username` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `password` | *Optional[str]* | :heavy_minus_sign: | N/A | \ No newline at end of file +| Field | Type | Required | Description | +| ------------------------ | ------------------------ | ------------------------ | ------------------------ | +| `url` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `database` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `table_name` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `auth_type` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `sql_username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `password` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `wait_for_async_inserts` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `concurrency` | *Optional[float]* | :heavy_minus_sign: | N/A | \ No newline at end of file diff --git a/docs/models/outputresponsetypegooglecloudobservability.md b/docs/models/outputresponsetypegooglecloudobservability.md new file mode 100644 index 000000000..4f5cca0b4 --- /dev/null +++ b/docs/models/outputresponsetypegooglecloudobservability.md @@ -0,0 +1,16 @@ +# OutputResponseTypeGoogleCloudObservability + +## Example Usage + +```python +from cribl_control_plane.models import OutputResponseTypeGoogleCloudObservability + +value = OutputResponseTypeGoogleCloudObservability.GOOGLE_CLOUD_OBSERVABILITY +``` + + +## Values + +| Name | Value | +| ---------------------------- | ---------------------------- | +| `GOOGLE_CLOUD_OBSERVABILITY` | google_cloud_observability | \ No newline at end of file diff --git a/docs/models/outputsentinel.md b/docs/models/outputsentinel.md index 752a2fae2..078ab218a 100644 --- a/docs/models/outputsentinel.md +++ b/docs/models/outputsentinel.md @@ -54,7 +54,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputSentinelPqControls]](../models/outputsentinelpqcontrols.md) | :heavy_minus_sign: | N/A | | `url` | *Optional[str]* | :heavy_minus_sign: | URL to send events to. Can be overwritten by an event's __url field. | | `dcr_id` | *Optional[str]* | :heavy_minus_sign: | Immutable ID for the Data Collection Rule (DCR) | diff --git a/docs/models/outputsentineloneaisiem.md b/docs/models/outputsentineloneaisiem.md index ad9bba0de..1cdef647d 100644 --- a/docs/models/outputsentineloneaisiem.md +++ b/docs/models/outputsentineloneaisiem.md @@ -56,7 +56,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputSentinelOneAiSiemPqControls]](../models/outputsentineloneaisiempqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/outputservicenow.md b/docs/models/outputservicenow.md index 65b5a07b8..34a3126c3 100644 --- a/docs/models/outputservicenow.md +++ b/docs/models/outputservicenow.md @@ -52,7 +52,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputServiceNowPqControls]](../models/outputservicenowpqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/outputsignalfx.md b/docs/models/outputsignalfx.md index f244f2b5a..a313a93c1 100644 --- a/docs/models/outputsignalfx.md +++ b/docs/models/outputsignalfx.md @@ -41,7 +41,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputSignalfxPqControls]](../models/outputsignalfxpqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/outputsns.md b/docs/models/outputsns.md index d99e2979c..d22f03e41 100644 --- a/docs/models/outputsns.md +++ b/docs/models/outputsns.md @@ -38,7 +38,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputSnsPqControls]](../models/outputsnspqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_topic_arn` | *Optional[str]* | :heavy_minus_sign: | Binds 'topicArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicArn' at runtime. | diff --git a/docs/models/outputsplunk.md b/docs/models/outputsplunk.md index 7522cd01f..31e7bcfb9 100644 --- a/docs/models/outputsplunk.md +++ b/docs/models/outputsplunk.md @@ -37,7 +37,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputSplunkPqControls]](../models/outputsplunkpqcontrols.md) | :heavy_minus_sign: | N/A | | `auth_token` | *Optional[str]* | :heavy_minus_sign: | Shared secret token to use when establishing a connection to a Splunk indexer. | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/outputsplunkhec.md b/docs/models/outputsplunkhec.md index df4d82c7d..aa89a52ff 100644 --- a/docs/models/outputsplunkhec.md +++ b/docs/models/outputsplunkhec.md @@ -50,7 +50,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputSplunkHecPqControls]](../models/outputsplunkhecpqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/outputsplunklb.md b/docs/models/outputsplunklb.md index d0e05aadb..67f391805 100644 --- a/docs/models/outputsplunklb.md +++ b/docs/models/outputsplunklb.md @@ -43,7 +43,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputSplunkLbPqControls]](../models/outputsplunklbpqcontrols.md) | :heavy_minus_sign: | N/A | | `auth_token` | *Optional[str]* | :heavy_minus_sign: | Shared secret token to use when establishing a connection to a Splunk indexer. | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/outputsqs.md b/docs/models/outputsqs.md index 5236cbcd8..1d3f84bfa 100644 --- a/docs/models/outputsqs.md +++ b/docs/models/outputsqs.md @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputSqsPqControls]](../models/outputsqspqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_queue_name` | *Optional[str]* | :heavy_minus_sign: | Binds 'queueName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'queueName' at runtime. | diff --git a/docs/models/outputstatsd.md b/docs/models/outputstatsd.md index d79fe9600..7412c6459 100644 --- a/docs/models/outputstatsd.md +++ b/docs/models/outputstatsd.md @@ -32,7 +32,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputStatsdPqControls]](../models/outputstatsdpqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_on_backpressure` | *Optional[str]* | :heavy_minus_sign: | Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. | \ No newline at end of file diff --git a/docs/models/outputstatsdext.md b/docs/models/outputstatsdext.md index 640dc7ea4..b052b76aa 100644 --- a/docs/models/outputstatsdext.md +++ b/docs/models/outputstatsdext.md @@ -32,7 +32,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputStatsdExtPqControls]](../models/outputstatsdextpqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_on_backpressure` | *Optional[str]* | :heavy_minus_sign: | Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime. | \ No newline at end of file diff --git a/docs/models/outputsumologic.md b/docs/models/outputsumologic.md index ec54e31e3..8456d3d4e 100644 --- a/docs/models/outputsumologic.md +++ b/docs/models/outputsumologic.md @@ -42,7 +42,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputSumoLogicPqControls]](../models/outputsumologicpqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | diff --git a/docs/models/outputsyslog.md b/docs/models/outputsyslog.md index 4699edcba..107d1d805 100644 --- a/docs/models/outputsyslog.md +++ b/docs/models/outputsyslog.md @@ -46,7 +46,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputSyslogPqControls]](../models/outputsyslogpqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_host` | *Optional[str]* | :heavy_minus_sign: | Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime. | diff --git a/docs/models/outputtcpjson.md b/docs/models/outputtcpjson.md index 810e43c53..0c7c6669e 100644 --- a/docs/models/outputtcpjson.md +++ b/docs/models/outputtcpjson.md @@ -40,7 +40,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputTcpjsonPqControls]](../models/outputtcpjsonpqcontrols.md) | :heavy_minus_sign: | N/A | | `auth_token` | *Optional[str]* | :heavy_minus_sign: | Optional authentication token to include as part of the connection header | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/outputwavefront.md b/docs/models/outputwavefront.md index 3ef8c5e9a..22511fe58 100644 --- a/docs/models/outputwavefront.md +++ b/docs/models/outputwavefront.md @@ -41,7 +41,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputWavefrontPqControls]](../models/outputwavefrontpqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/outputwebhookwebhook1.md b/docs/models/outputwebhookwebhook1.md index b67c88a4e..dd3612bde 100644 --- a/docs/models/outputwebhookwebhook1.md +++ b/docs/models/outputwebhookwebhook1.md @@ -52,7 +52,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputWebhookPqControls1]](../models/outputwebhookpqcontrols1.md) | :heavy_minus_sign: | N/A | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | | `password` | *Optional[str]* | :heavy_minus_sign: | N/A | diff --git a/docs/models/outputwebhookwebhook2.md b/docs/models/outputwebhookwebhook2.md index e1028d42c..32bd5f04d 100644 --- a/docs/models/outputwebhookwebhook2.md +++ b/docs/models/outputwebhookwebhook2.md @@ -52,7 +52,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputWebhookPqControls2]](../models/outputwebhookpqcontrols2.md) | :heavy_minus_sign: | N/A | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | | `password` | *Optional[str]* | :heavy_minus_sign: | N/A | diff --git a/docs/models/outputwizhec.md b/docs/models/outputwizhec.md index e545f55cc..1c91ad145 100644 --- a/docs/models/outputwizhec.md +++ b/docs/models/outputwizhec.md @@ -44,7 +44,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputWizHecPqControls]](../models/outputwizhecpqcontrols.md) | :heavy_minus_sign: | N/A | | `token` | *Optional[str]* | :heavy_minus_sign: | Wiz Defend Auth token | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored text secret | diff --git a/docs/models/outputxsiam.md b/docs/models/outputxsiam.md index 7bb711793..d76018f7c 100644 --- a/docs/models/outputxsiam.md +++ b/docs/models/outputxsiam.md @@ -48,7 +48,7 @@ | `pq_path` | *Optional[str]* | :heavy_minus_sign: | The location for the persistent queue files. To this field's value, the system will append: //. | | `pq_compress` | [Optional[models.CompressionOptionsPq]](../models/compressionoptionspq.md) | :heavy_minus_sign: | Codec to use to compress the persisted data | | `pq_on_backpressure` | [Optional[models.QueueFullBehaviorOptions]](../models/queuefullbehavioroptions.md) | :heavy_minus_sign: | How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged. | -| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `pq_max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `pq_controls` | [Optional[models.OutputXsiamPqControls]](../models/outputxsiampqcontrols.md) | :heavy_minus_sign: | N/A | | `template_streamtags` | *Optional[str]* | :heavy_minus_sign: | Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime. | | `template_failed_request_logging_mode` | *Optional[str]* | :heavy_minus_sign: | Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime. | diff --git a/docs/models/packinfo.md b/docs/models/packinfo.md index f787ae9ca..7b4651324 100644 --- a/docs/models/packinfo.md +++ b/docs/models/packinfo.md @@ -11,7 +11,7 @@ | `description` | *Optional[str]* | :heavy_minus_sign: | N/A | | `display_name` | *Optional[str]* | :heavy_minus_sign: | N/A | | `exports` | List[*str*] | :heavy_minus_sign: | N/A | -| `id` | *str* | :heavy_check_mark: | N/A | +| `id` | *str* | :heavy_check_mark: | Unique identifier. | | `inputs` | *Optional[float]* | :heavy_minus_sign: | N/A | | `is_disabled` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `min_log_stream_version` | *Optional[str]* | :heavy_minus_sign: | N/A | diff --git a/docs/models/packinstallinfo.md b/docs/models/packinstallinfo.md index cbcea9f7b..66dad3480 100644 --- a/docs/models/packinstallinfo.md +++ b/docs/models/packinstallinfo.md @@ -11,7 +11,7 @@ | `description` | *Optional[str]* | :heavy_minus_sign: | N/A | | `display_name` | *Optional[str]* | :heavy_minus_sign: | N/A | | `exports` | List[*str*] | :heavy_minus_sign: | N/A | -| `id` | *str* | :heavy_check_mark: | N/A | +| `id` | *str* | :heavy_check_mark: | Unique identifier. | | `inputs` | *Optional[float]* | :heavy_minus_sign: | N/A | | `is_disabled` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `min_log_stream_version` | *Optional[str]* | :heavy_minus_sign: | N/A | diff --git a/docs/models/pqtype.md b/docs/models/pqtype.md index 326dc05c2..4122dfa95 100644 --- a/docs/models/pqtype.md +++ b/docs/models/pqtype.md @@ -6,7 +6,7 @@ | Field | Type | Required | Description | | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `mode` | [Optional[models.ModeOptionsPq]](../models/modeoptionspq.md) | :heavy_minus_sign: | With Smart mode, PQ will write events to the filesystem only when it detects backpressure from the processing engine. With Always On mode, PQ will always write events directly to the queue before forwarding them to the processing engine. | -| `max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB. | +| `max_buffer_size_bytes` | *Optional[str]* | :heavy_minus_sign: | The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB. | | `max_buffer_size` | *Optional[float]* | :heavy_minus_sign: | Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use maxBufferSizeBytes instead. | | `commit_frequency` | *Optional[float]* | :heavy_minus_sign: | The number of events to send downstream before committing that Stream has read them | | `max_file_size` | *Optional[str]* | :heavy_minus_sign: | The maximum size to store in each queue file before closing and optionally compressing. Enter a numeral with units of KB, MB, etc. | diff --git a/docs/models/rbacresource.md b/docs/models/rbacresource.md index 3331ee505..1e83722e0 100644 --- a/docs/models/rbacresource.md +++ b/docs/models/rbacresource.md @@ -22,4 +22,5 @@ value = RbacResource.GROUPS | `DASHBOARDS` | dashboards | | `MACROS` | macros | | `NOTEBOOKS` | notebooks | -| `NOTEBOOK_TEMPLATES` | notebook-templates | \ No newline at end of file +| `NOTEBOOK_TEMPLATES` | notebook-templates | +| `APPS` | apps | \ No newline at end of file diff --git a/docs/models/redisauthtypecredentialssecret.md b/docs/models/redisauthtypecredentialssecret.md index 797fe942c..a8683fbd6 100644 --- a/docs/models/redisauthtypecredentialssecret.md +++ b/docs/models/redisauthtypecredentialssecret.md @@ -12,9 +12,14 @@ | `max_block_secs` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of time (seconds) to wait before assuming that Redis is down and passing events through. Use 0 to disable. | | `enable_client_side_caching` | *Optional[bool]* | :heavy_minus_sign: | Enable client-side cache. Redundant when using Redis write operations. See more options at Settings > General > Limits > Redis Cache. | | `url` | *Optional[str]* | :heavy_minus_sign: | Redis URL to connect to. Format: redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-number[&password=bar[&option=value]]]. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}` | +| `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | | `tls_options` | [Optional[models.TLSOptionsTypeRedisDeploymentTypeStandalone]](../models/tlsoptionstyperedisdeploymenttypestandalone.md) | :heavy_minus_sign: | N/A | +| `root_nodes` | List[[models.RootNodeConfRedisDeploymentTypeCluster](../models/rootnodeconfredisdeploymenttypecluster.md)] | :heavy_minus_sign: | Root nodes to which the cluster connection should be initiated | +| `tls` | *Optional[bool]* | :heavy_minus_sign: | Use TLS for connections to this cluster | | `scale_reads` | [Optional[models.ScaleReadsOptionsRedisDeploymentTypeCluster]](../models/scalereadsoptionsredisdeploymenttypecluster.md) | :heavy_minus_sign: | Which nodes read commands should be sent to | | `master_name` | *Optional[str]* | :heavy_minus_sign: | N/A | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | | `password` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Secret that references Redis admin password | \ No newline at end of file diff --git a/docs/models/redisauthtypemanual.md b/docs/models/redisauthtypemanual.md index 02e0ad39a..13df8cf3e 100644 --- a/docs/models/redisauthtypemanual.md +++ b/docs/models/redisauthtypemanual.md @@ -8,12 +8,17 @@ | `auth_type` | [Optional[models.RedisAuthTypeManualAuthenticationMethod]](../models/redisauthtypemanualauthenticationmethod.md) | :heavy_minus_sign: | N/A | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | | `password` | *str* | :heavy_check_mark: | N/A | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | | `commands` | List[[models.RedisAuthTypeManualCommand](../models/redisauthtypemanualcommand.md)] | :heavy_check_mark: | N/A | | `deployment_type` | [Optional[models.RedisAuthTypeManualDeploymentType]](../models/redisauthtypemanualdeploymenttype.md) | :heavy_minus_sign: | How the Redis server is configured. Defaults to Standalone | | `max_block_secs` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of time (seconds) to wait before assuming that Redis is down and passing events through. Use 0 to disable. | | `enable_client_side_caching` | *Optional[bool]* | :heavy_minus_sign: | Enable client-side cache. Redundant when using Redis write operations. See more options at Settings > General > Limits > Redis Cache. | | `url` | *Optional[str]* | :heavy_minus_sign: | Redis URL to connect to. Format: redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-number[&password=bar[&option=value]]]. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}` | +| `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | | `tls_options` | [Optional[models.TLSOptionsTypeRedisDeploymentTypeStandalone]](../models/tlsoptionstyperedisdeploymenttypestandalone.md) | :heavy_minus_sign: | N/A | +| `root_nodes` | List[[models.RootNodeConfRedisDeploymentTypeCluster](../models/rootnodeconfredisdeploymenttypecluster.md)] | :heavy_minus_sign: | Root nodes to which the cluster connection should be initiated | +| `tls` | *Optional[bool]* | :heavy_minus_sign: | Use TLS for connections to this cluster | | `scale_reads` | [Optional[models.ScaleReadsOptionsRedisDeploymentTypeCluster]](../models/scalereadsoptionsredisdeploymenttypecluster.md) | :heavy_minus_sign: | Which nodes read commands should be sent to | | `master_name` | *Optional[str]* | :heavy_minus_sign: | N/A | | `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Secret that references Redis username and password | diff --git a/docs/models/redisauthtypenone.md b/docs/models/redisauthtypenone.md index 03d2eeb95..76ff1a9ad 100644 --- a/docs/models/redisauthtypenone.md +++ b/docs/models/redisauthtypenone.md @@ -11,10 +11,15 @@ | `max_block_secs` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of time (seconds) to wait before assuming that Redis is down and passing events through. Use 0 to disable. | | `enable_client_side_caching` | *Optional[bool]* | :heavy_minus_sign: | Enable client-side cache. Redundant when using Redis write operations. See more options at Settings > General > Limits > Redis Cache. | | `url` | *Optional[str]* | :heavy_minus_sign: | Redis URL to connect to. Format: redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-number[&password=bar[&option=value]]]. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}` | +| `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | | `tls_options` | [Optional[models.TLSOptionsTypeRedisDeploymentTypeStandalone]](../models/tlsoptionstyperedisdeploymenttypestandalone.md) | :heavy_minus_sign: | N/A | +| `root_nodes` | List[[models.RootNodeConfRedisDeploymentTypeCluster](../models/rootnodeconfredisdeploymenttypecluster.md)] | :heavy_minus_sign: | Root nodes to which the cluster connection should be initiated | +| `tls` | *Optional[bool]* | :heavy_minus_sign: | Use TLS for connections to this cluster | | `scale_reads` | [Optional[models.ScaleReadsOptionsRedisDeploymentTypeCluster]](../models/scalereadsoptionsredisdeploymenttypecluster.md) | :heavy_minus_sign: | Which nodes read commands should be sent to | | `master_name` | *Optional[str]* | :heavy_minus_sign: | N/A | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | | `password` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | | `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Secret that references Redis username and password | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Secret that references Redis admin password | \ No newline at end of file diff --git a/docs/models/redisauthtypetextsecret.md b/docs/models/redisauthtypetextsecret.md index 4c353eac7..d905c3a41 100644 --- a/docs/models/redisauthtypetextsecret.md +++ b/docs/models/redisauthtypetextsecret.md @@ -12,9 +12,14 @@ | `max_block_secs` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of time (seconds) to wait before assuming that Redis is down and passing events through. Use 0 to disable. | | `enable_client_side_caching` | *Optional[bool]* | :heavy_minus_sign: | Enable client-side cache. Redundant when using Redis write operations. See more options at Settings > General > Limits > Redis Cache. | | `url` | *Optional[str]* | :heavy_minus_sign: | Redis URL to connect to. Format: redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-number[&password=bar[&option=value]]]. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}` | +| `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | | `tls_options` | [Optional[models.TLSOptionsTypeRedisDeploymentTypeStandalone]](../models/tlsoptionstyperedisdeploymenttypestandalone.md) | :heavy_minus_sign: | N/A | +| `root_nodes` | List[[models.RootNodeConfRedisDeploymentTypeCluster](../models/rootnodeconfredisdeploymenttypecluster.md)] | :heavy_minus_sign: | Root nodes to which the cluster connection should be initiated | +| `tls` | *Optional[bool]* | :heavy_minus_sign: | Use TLS for connections to this cluster | | `scale_reads` | [Optional[models.ScaleReadsOptionsRedisDeploymentTypeCluster]](../models/scalereadsoptionsredisdeploymenttypecluster.md) | :heavy_minus_sign: | Which nodes read commands should be sent to | | `master_name` | *Optional[str]* | :heavy_minus_sign: | N/A | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | | `password` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | | `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Secret that references Redis username and password | \ No newline at end of file diff --git a/docs/models/redisdeploymenttypecluster.md b/docs/models/redisdeploymenttypecluster.md index fd4c360d0..472f52016 100644 --- a/docs/models/redisdeploymenttypecluster.md +++ b/docs/models/redisdeploymenttypecluster.md @@ -6,7 +6,7 @@ | Field | Type | Required | Description | | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `deployment_type` | [Optional[models.RedisDeploymentTypeClusterDeploymentType]](../models/redisdeploymenttypeclusterdeploymenttype.md) | :heavy_minus_sign: | How the Redis server is configured. Defaults to Standalone | -| `root_nodes` | List[[models.RedisDeploymentTypeClusterRootNode](../models/redisdeploymenttypeclusterrootnode.md)] | :heavy_minus_sign: | Root nodes to which the cluster connection should be initiated | +| `root_nodes` | List[[models.RootNodeConfRedisDeploymentTypeCluster](../models/rootnodeconfredisdeploymenttypecluster.md)] | :heavy_minus_sign: | Root nodes to which the cluster connection should be initiated | | `tls` | *Optional[bool]* | :heavy_minus_sign: | Use TLS for connections to this cluster | | `scale_reads` | [Optional[models.ScaleReadsOptionsRedisDeploymentTypeCluster]](../models/scalereadsoptionsredisdeploymenttypecluster.md) | :heavy_minus_sign: | Which nodes read commands should be sent to | | `tls_options` | [Optional[models.TLSOptionsTypeRedisDeploymentTypeStandalone]](../models/tlsoptionstyperedisdeploymenttypestandalone.md) | :heavy_minus_sign: | N/A | @@ -15,8 +15,11 @@ | `max_block_secs` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of time (seconds) to wait before assuming that Redis is down and passing events through. Use 0 to disable. | | `enable_client_side_caching` | *Optional[bool]* | :heavy_minus_sign: | Enable client-side cache. Redundant when using Redis write operations. See more options at Settings > General > Limits > Redis Cache. | | `url` | *Optional[str]* | :heavy_minus_sign: | Redis URL to connect to. Format: redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-number[&password=bar[&option=value]]]. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}` | +| `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | | `master_name` | *Optional[str]* | :heavy_minus_sign: | N/A | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | | `password` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | | `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Secret that references Redis username and password | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Secret that references Redis admin password | \ No newline at end of file diff --git a/docs/models/redisdeploymenttypesentinel.md b/docs/models/redisdeploymenttypesentinel.md index 833c1a789..ad2818e72 100644 --- a/docs/models/redisdeploymenttypesentinel.md +++ b/docs/models/redisdeploymenttypesentinel.md @@ -7,7 +7,7 @@ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `deployment_type` | [Optional[models.RedisDeploymentTypeSentinelDeploymentType]](../models/redisdeploymenttypesentineldeploymenttype.md) | :heavy_minus_sign: | How the Redis server is configured. Defaults to Standalone | | `master_name` | *str* | :heavy_check_mark: | N/A | -| `root_nodes` | List[[models.RedisDeploymentTypeSentinelRootNode](../models/redisdeploymenttypesentinelrootnode.md)] | :heavy_minus_sign: | List of sentinels to be used | +| `root_nodes` | List[[models.RootNodeConfRedisDeploymentTypeCluster](../models/rootnodeconfredisdeploymenttypecluster.md)] | :heavy_minus_sign: | Root nodes to which the cluster connection should be initiated | | `tls` | *Optional[bool]* | :heavy_minus_sign: | Use TLS for connections to this cluster | | `tls_options` | [Optional[models.TLSOptionsTypeRedisDeploymentTypeStandalone]](../models/tlsoptionstyperedisdeploymenttypestandalone.md) | :heavy_minus_sign: | N/A | | `commands` | List[[models.RedisDeploymentTypeSentinelCommand](../models/redisdeploymenttypesentinelcommand.md)] | :heavy_check_mark: | N/A | @@ -15,8 +15,11 @@ | `max_block_secs` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of time (seconds) to wait before assuming that Redis is down and passing events through. Use 0 to disable. | | `enable_client_side_caching` | *Optional[bool]* | :heavy_minus_sign: | Enable client-side cache. Redundant when using Redis write operations. See more options at Settings > General > Limits > Redis Cache. | | `url` | *Optional[str]* | :heavy_minus_sign: | Redis URL to connect to. Format: redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-number[&password=bar[&option=value]]]. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}` | +| `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | | `scale_reads` | [Optional[models.ScaleReadsOptionsRedisDeploymentTypeCluster]](../models/scalereadsoptionsredisdeploymenttypecluster.md) | :heavy_minus_sign: | Which nodes read commands should be sent to | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | | `password` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | | `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Secret that references Redis username and password | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Secret that references Redis admin password | \ No newline at end of file diff --git a/docs/models/redisdeploymenttypesentinelrootnode.md b/docs/models/redisdeploymenttypesentinelrootnode.md deleted file mode 100644 index 289d1619b..000000000 --- a/docs/models/redisdeploymenttypesentinelrootnode.md +++ /dev/null @@ -1,9 +0,0 @@ -# RedisDeploymentTypeSentinelRootNode - - -## Fields - -| Field | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `host` | *str* | :heavy_check_mark: | Hostname of sentinel node. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`. | -| `port` | *float* | :heavy_check_mark: | Port of sentinel node | \ No newline at end of file diff --git a/docs/models/redisdeploymenttypestandalone.md b/docs/models/redisdeploymenttypestandalone.md index c40a7e2aa..ac3d13b45 100644 --- a/docs/models/redisdeploymenttypestandalone.md +++ b/docs/models/redisdeploymenttypestandalone.md @@ -8,13 +8,18 @@ | `deployment_type` | [Optional[models.RedisDeploymentTypeStandaloneDeploymentType]](../models/redisdeploymenttypestandalonedeploymenttype.md) | :heavy_minus_sign: | How the Redis server is configured. Defaults to Standalone | | `url` | *str* | :heavy_check_mark: | Redis URL to connect to. Format: redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-number[&password=bar[&option=value]]]. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}` | | `tls_options` | [Optional[models.TLSOptionsTypeRedisDeploymentTypeStandalone]](../models/tlsoptionstyperedisdeploymenttypestandalone.md) | :heavy_minus_sign: | N/A | +| `template_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime. | | `commands` | List[[models.RedisDeploymentTypeStandaloneCommand](../models/redisdeploymenttypestandalonecommand.md)] | :heavy_check_mark: | N/A | | `auth_type` | [Optional[models.RedisDeploymentTypeStandaloneAuthenticationMethod]](../models/redisdeploymenttypestandaloneauthenticationmethod.md) | :heavy_minus_sign: | N/A | | `max_block_secs` | *Optional[float]* | :heavy_minus_sign: | Maximum amount of time (seconds) to wait before assuming that Redis is down and passing events through. Use 0 to disable. | | `enable_client_side_caching` | *Optional[bool]* | :heavy_minus_sign: | Enable client-side cache. Redundant when using Redis write operations. See more options at Settings > General > Limits > Redis Cache. | +| `root_nodes` | List[[models.RootNodeConfRedisDeploymentTypeCluster](../models/rootnodeconfredisdeploymenttypecluster.md)] | :heavy_minus_sign: | Root nodes to which the cluster connection should be initiated | +| `tls` | *Optional[bool]* | :heavy_minus_sign: | Use TLS for connections to this cluster | | `scale_reads` | [Optional[models.ScaleReadsOptionsRedisDeploymentTypeCluster]](../models/scalereadsoptionsredisdeploymenttypecluster.md) | :heavy_minus_sign: | Which nodes read commands should be sent to | | `master_name` | *Optional[str]* | :heavy_minus_sign: | N/A | | `username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | | `password` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | | `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Secret that references Redis username and password | | `text_secret` | *Optional[str]* | :heavy_minus_sign: | Secret that references Redis admin password | \ No newline at end of file diff --git a/docs/models/restauthenticationbasic.md b/docs/models/restauthenticationbasic.md index f08b25e29..35c408057 100644 --- a/docs/models/restauthenticationbasic.md +++ b/docs/models/restauthenticationbasic.md @@ -3,29 +3,48 @@ ## Fields -| Field | Type | Required | Description | -| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `authentication` | [models.RestAuthenticationBasicAuthentication](../models/restauthenticationbasicauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | -| `username` | *str* | :heavy_check_mark: | N/A | -| `password` | *str* | :heavy_check_mark: | N/A | -| `discovery` | [Optional[models.RestAuthenticationBasicDiscovery]](../models/restauthenticationbasicdiscovery.md) | :heavy_minus_sign: | N/A | -| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | -| `collect_method` | [models.RestAuthenticationBasicCollectMethod](../models/restauthenticationbasiccollectmethod.md) | :heavy_check_mark: | N/A | -| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.RestAuthenticationBasicPagination]](../models/restauthenticationbasicpagination.md) | :heavy_minus_sign: | N/A | -| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | -| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | -| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | -| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | -| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | -| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | -| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | -| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | -| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | -| `retry_rules` | [Optional[models.RestAuthenticationBasicRetryRules]](../models/restauthenticationbasicretryrules.md) | :heavy_minus_sign: | N/A | -| `microsoft_graph_delta` | [Optional[models.RestAuthenticationBasicMicrosoftGraphDelta]](../models/restauthenticationbasicmicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | -| `scheduling` | [Optional[models.RestAuthenticationBasicScheduling]](../models/restauthenticationbasicscheduling.md) | :heavy_minus_sign: | N/A | -| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | -| `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | -| `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | -| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `authentication` | [models.RestAuthenticationBasicAuthentication](../models/restauthenticationbasicauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | +| `username` | *str* | :heavy_check_mark: | N/A | +| `password` | *str* | :heavy_check_mark: | N/A | +| `discovery` | [Optional[models.RestAuthenticationBasicDiscovery]](../models/restauthenticationbasicdiscovery.md) | :heavy_minus_sign: | N/A | +| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | +| `collect_method` | [models.RestAuthenticationBasicCollectMethod](../models/restauthenticationbasiccollectmethod.md) | :heavy_check_mark: | N/A | +| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.RestAuthenticationBasicPagination]](../models/restauthenticationbasicpagination.md) | :heavy_minus_sign: | N/A | +| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | +| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | +| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | +| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | +| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | +| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | +| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | +| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | +| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | +| `retry_rules` | [Optional[models.RestAuthenticationBasicRetryRules]](../models/restauthenticationbasicretryrules.md) | :heavy_minus_sign: | N/A | +| `microsoft_graph_delta` | [Optional[models.RestAuthenticationBasicMicrosoftGraphDelta]](../models/restauthenticationbasicmicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | +| `scheduling` | [Optional[models.RestAuthenticationBasicScheduling]](../models/restauthenticationbasicscheduling.md) | :heavy_minus_sign: | N/A | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | +| `login_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for login API call. This call is expected to be a POST. | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =. | +| `get_auth_token_from_header` | *Optional[bool]* | :heavy_minus_sign: | Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response | +| `auth_header_key` | *Optional[str]* | :heavy_minus_sign: | Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'. | +| `auth_header_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login. | +| `auth_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `client_secret_param_name` | *Optional[str]* | :heavy_minus_sign: | Defaults to 'client_secret'. Automatically added to request parameters using the value specified. | +| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | +| `template_client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime. | +| `auth_request_params` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value | +| `scopes` | List[*str*] | :heavy_minus_sign: | Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information. | +| `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | +| `template_service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime. | +| `subject` | *Optional[str]* | :heavy_minus_sign: | Email address of a user account with Super Admin permissions to the resources the collector will retrieve | +| `template_subject` | *Optional[str]* | :heavy_minus_sign: | Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime. | +| `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | +| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodget.md index 5e0ae46be..f05d3092b 100644 --- a/docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodget.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodother.md b/docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodother.md index 156d6d036..9b55dc9bf 100644 --- a/docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodother.md +++ b/docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodother.md @@ -18,5 +18,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodpost.md index 27b57b6a7..11a5017b3 100644 --- a/docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodpost.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index eba4494d5..4e81d7efb 100644 --- a/docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/restauthenticationbasicrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationbasicrestdiscoverydiscovertypejson.md b/docs/models/restauthenticationbasicrestdiscoverydiscovertypejson.md index cda3304ff..408363e97 100644 --- a/docs/models/restauthenticationbasicrestdiscoverydiscovertypejson.md +++ b/docs/models/restauthenticationbasicrestdiscoverydiscovertypejson.md @@ -3,15 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationBasicRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restauthenticationbasicrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationBasicRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restauthenticationbasicrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationbasicrestdiscoverydiscovertypelist.md b/docs/models/restauthenticationbasicrestdiscoverydiscovertypelist.md index 0d2059538..d9c1c2d53 100644 --- a/docs/models/restauthenticationbasicrestdiscoverydiscovertypelist.md +++ b/docs/models/restauthenticationbasicrestdiscoverydiscovertypelist.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationBasicRestDiscoveryDiscoverTypeListDiscoverType](../models/restauthenticationbasicrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationBasicRestDiscoveryDiscoverTypeListDiscoverType](../models/restauthenticationbasicrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file diff --git a/docs/models/restauthenticationbasicrestdiscoverydiscovertypenone.md b/docs/models/restauthenticationbasicrestdiscoverydiscovertypenone.md index 86ab4db32..3d00c43e0 100644 --- a/docs/models/restauthenticationbasicrestdiscoverydiscovertypenone.md +++ b/docs/models/restauthenticationbasicrestdiscoverydiscovertypenone.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationBasicRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restauthenticationbasicrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationBasicRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restauthenticationbasicrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationbasicrestpaginationtypenone.md b/docs/models/restauthenticationbasicrestpaginationtypenone.md index 1714258b7..5ed544e03 100644 --- a/docs/models/restauthenticationbasicrestpaginationtypenone.md +++ b/docs/models/restauthenticationbasicrestpaginationtypenone.md @@ -6,6 +6,7 @@ | Field | Type | Required | Description | | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `type` | [models.PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination](../models/paginationoptionsrestdiscoverydiscovertypehttppagination.md) | :heavy_check_mark: | N/A | +| `max_pages` | *Optional[float]* | :heavy_minus_sign: | Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages. | | `last_page_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section. | | `next_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the next page in the result set. Example: rel="next" refers to the next page of results: ; rel="next" | | `cur_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the current result set. Example: rel="self" refers to the current page of results: ; rel="self" | @@ -13,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationbasicrestpaginationtyperesponsebody.md b/docs/models/restauthenticationbasicrestpaginationtyperesponsebody.md index c3654d3e5..769c809dd 100644 --- a/docs/models/restauthenticationbasicrestpaginationtyperesponsebody.md +++ b/docs/models/restauthenticationbasicrestpaginationtyperesponsebody.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationbasicrestpaginationtyperesponseheader.md b/docs/models/restauthenticationbasicrestpaginationtyperesponseheader.md index 81e6a692d..94b90cb54 100644 --- a/docs/models/restauthenticationbasicrestpaginationtyperesponseheader.md +++ b/docs/models/restauthenticationbasicrestpaginationtyperesponseheader.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationbasicrestpaginationtyperesponseheaderlink.md b/docs/models/restauthenticationbasicrestpaginationtyperesponseheaderlink.md index 220d51ea5..bf7086877 100644 --- a/docs/models/restauthenticationbasicrestpaginationtyperesponseheaderlink.md +++ b/docs/models/restauthenticationbasicrestpaginationtyperesponseheaderlink.md @@ -14,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationbasicsecret.md b/docs/models/restauthenticationbasicsecret.md index 23063273b..30feda417 100644 --- a/docs/models/restauthenticationbasicsecret.md +++ b/docs/models/restauthenticationbasicsecret.md @@ -3,28 +3,48 @@ ## Fields -| Field | Type | Required | Description | -| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `authentication` | [models.RestAuthenticationBasicSecretAuthentication](../models/restauthenticationbasicsecretauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | -| `credentials_secret` | *str* | :heavy_check_mark: | Select or create a stored secret that references your credentials | -| `discovery` | [Optional[models.RestAuthenticationBasicSecretDiscovery]](../models/restauthenticationbasicsecretdiscovery.md) | :heavy_minus_sign: | N/A | -| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | -| `collect_method` | [models.RestAuthenticationBasicSecretCollectMethod](../models/restauthenticationbasicsecretcollectmethod.md) | :heavy_check_mark: | N/A | -| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.RestAuthenticationBasicSecretPagination]](../models/restauthenticationbasicsecretpagination.md) | :heavy_minus_sign: | N/A | -| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | -| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | -| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | -| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | -| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | -| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | -| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | -| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | -| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | -| `retry_rules` | [Optional[models.RestAuthenticationBasicSecretRetryRules]](../models/restauthenticationbasicsecretretryrules.md) | :heavy_minus_sign: | N/A | -| `microsoft_graph_delta` | [Optional[models.RestAuthenticationBasicSecretMicrosoftGraphDelta]](../models/restauthenticationbasicsecretmicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | -| `scheduling` | [Optional[models.RestAuthenticationBasicSecretScheduling]](../models/restauthenticationbasicsecretscheduling.md) | :heavy_minus_sign: | N/A | -| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | -| `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | -| `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | -| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `authentication` | [models.RestAuthenticationBasicSecretAuthentication](../models/restauthenticationbasicsecretauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | +| `credentials_secret` | *str* | :heavy_check_mark: | Select or create a stored secret that references your credentials | +| `discovery` | [Optional[models.RestAuthenticationBasicSecretDiscovery]](../models/restauthenticationbasicsecretdiscovery.md) | :heavy_minus_sign: | N/A | +| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | +| `collect_method` | [models.RestAuthenticationBasicSecretCollectMethod](../models/restauthenticationbasicsecretcollectmethod.md) | :heavy_check_mark: | N/A | +| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.RestAuthenticationBasicSecretPagination]](../models/restauthenticationbasicsecretpagination.md) | :heavy_minus_sign: | N/A | +| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | +| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | +| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | +| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | +| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | +| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | +| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | +| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | +| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | +| `retry_rules` | [Optional[models.RestAuthenticationBasicSecretRetryRules]](../models/restauthenticationbasicsecretretryrules.md) | :heavy_minus_sign: | N/A | +| `microsoft_graph_delta` | [Optional[models.RestAuthenticationBasicSecretMicrosoftGraphDelta]](../models/restauthenticationbasicsecretmicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | +| `scheduling` | [Optional[models.RestAuthenticationBasicSecretScheduling]](../models/restauthenticationbasicsecretscheduling.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `password` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `login_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for login API call. This call is expected to be a POST. | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =. | +| `get_auth_token_from_header` | *Optional[bool]* | :heavy_minus_sign: | Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response | +| `auth_header_key` | *Optional[str]* | :heavy_minus_sign: | Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'. | +| `auth_header_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login. | +| `auth_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `client_secret_param_name` | *Optional[str]* | :heavy_minus_sign: | Defaults to 'client_secret'. Automatically added to request parameters using the value specified. | +| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | +| `template_client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime. | +| `auth_request_params` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value | +| `scopes` | List[*str*] | :heavy_minus_sign: | Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information. | +| `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | +| `template_service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime. | +| `subject` | *Optional[str]* | :heavy_minus_sign: | Email address of a user account with Super Admin permissions to the resources the collector will retrieve | +| `template_subject` | *Optional[str]* | :heavy_minus_sign: | Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime. | +| `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | +| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodget.md index dfd0eb68f..2e3aefe42 100644 --- a/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodget.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodother.md b/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodother.md index a75894ad3..246369b21 100644 --- a/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodother.md +++ b/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodother.md @@ -18,5 +18,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodpost.md index 1b7ee17bb..c160638a5 100644 --- a/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodpost.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index 56d40d56a..2b0910fd3 100644 --- a/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypejson.md b/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypejson.md index c25cfd7ca..9be0b766d 100644 --- a/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypejson.md +++ b/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypejson.md @@ -3,15 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restauthenticationbasicsecretrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restauthenticationbasicsecretrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypelist.md b/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypelist.md index b45c4eabf..0844e5924 100644 --- a/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypelist.md +++ b/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypelist.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeListDiscoverType](../models/restauthenticationbasicsecretrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeListDiscoverType](../models/restauthenticationbasicsecretrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file diff --git a/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypenone.md b/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypenone.md index 89126c3f1..13c045ddc 100644 --- a/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypenone.md +++ b/docs/models/restauthenticationbasicsecretrestdiscoverydiscovertypenone.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restauthenticationbasicsecretrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restauthenticationbasicsecretrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationbasicsecretrestpaginationtypenone.md b/docs/models/restauthenticationbasicsecretrestpaginationtypenone.md index d0f907276..88a90133a 100644 --- a/docs/models/restauthenticationbasicsecretrestpaginationtypenone.md +++ b/docs/models/restauthenticationbasicsecretrestpaginationtypenone.md @@ -6,6 +6,7 @@ | Field | Type | Required | Description | | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `type` | [models.PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination](../models/paginationoptionsrestdiscoverydiscovertypehttppagination.md) | :heavy_check_mark: | N/A | +| `max_pages` | *Optional[float]* | :heavy_minus_sign: | Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages. | | `last_page_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section. | | `next_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the next page in the result set. Example: rel="next" refers to the next page of results: ; rel="next" | | `cur_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the current result set. Example: rel="self" refers to the current page of results: ; rel="self" | @@ -13,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationbasicsecretrestpaginationtyperesponsebody.md b/docs/models/restauthenticationbasicsecretrestpaginationtyperesponsebody.md index 2c2ff07b6..31ea89ec4 100644 --- a/docs/models/restauthenticationbasicsecretrestpaginationtyperesponsebody.md +++ b/docs/models/restauthenticationbasicsecretrestpaginationtyperesponsebody.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationbasicsecretrestpaginationtyperesponseheader.md b/docs/models/restauthenticationbasicsecretrestpaginationtyperesponseheader.md index 5bb18d2c9..95252fef0 100644 --- a/docs/models/restauthenticationbasicsecretrestpaginationtyperesponseheader.md +++ b/docs/models/restauthenticationbasicsecretrestpaginationtyperesponseheader.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationbasicsecretrestpaginationtyperesponseheaderlink.md b/docs/models/restauthenticationbasicsecretrestpaginationtyperesponseheaderlink.md index 75195dba7..22f634a30 100644 --- a/docs/models/restauthenticationbasicsecretrestpaginationtyperesponseheaderlink.md +++ b/docs/models/restauthenticationbasicsecretrestpaginationtyperesponseheaderlink.md @@ -14,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationgoogleoauth.md b/docs/models/restauthenticationgoogleoauth.md index a9ef2f875..17f02b7a4 100644 --- a/docs/models/restauthenticationgoogleoauth.md +++ b/docs/models/restauthenticationgoogleoauth.md @@ -3,29 +3,48 @@ ## Fields -| Field | Type | Required | Description | -| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `authentication` | [models.RestAuthenticationGoogleOauthAuthentication](../models/restauthenticationgoogleoauthauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | -| `scopes` | List[*str*] | :heavy_check_mark: | Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information. | -| `service_account_credentials` | *str* | :heavy_check_mark: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | -| `subject` | *str* | :heavy_check_mark: | Email address of a user account with Super Admin permissions to the resources the collector will retrieve | -| `discovery` | [Optional[models.RestAuthenticationGoogleOauthDiscovery]](../models/restauthenticationgoogleoauthdiscovery.md) | :heavy_minus_sign: | N/A | -| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | -| `collect_method` | [models.RestAuthenticationGoogleOauthCollectMethod](../models/restauthenticationgoogleoauthcollectmethod.md) | :heavy_check_mark: | N/A | -| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.RestAuthenticationGoogleOauthPagination]](../models/restauthenticationgoogleoauthpagination.md) | :heavy_minus_sign: | N/A | -| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | -| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | -| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | -| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | -| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | -| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | -| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | -| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | -| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | -| `retry_rules` | [Optional[models.RestAuthenticationGoogleOauthRetryRules]](../models/restauthenticationgoogleoauthretryrules.md) | :heavy_minus_sign: | N/A | -| `microsoft_graph_delta` | [Optional[models.RestAuthenticationGoogleOauthMicrosoftGraphDelta]](../models/restauthenticationgoogleoauthmicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | -| `scheduling` | [Optional[models.RestAuthenticationGoogleOauthScheduling]](../models/restauthenticationgoogleoauthscheduling.md) | :heavy_minus_sign: | N/A | -| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | -| `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | -| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `authentication` | [models.RestAuthenticationGoogleOauthAuthentication](../models/restauthenticationgoogleoauthauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | +| `scopes` | List[*str*] | :heavy_check_mark: | Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information. | +| `service_account_credentials` | *str* | :heavy_check_mark: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | +| `subject` | *str* | :heavy_check_mark: | Email address of a user account with Super Admin permissions to the resources the collector will retrieve | +| `template_service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime. | +| `template_subject` | *Optional[str]* | :heavy_minus_sign: | Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime. | +| `discovery` | [Optional[models.RestAuthenticationGoogleOauthDiscovery]](../models/restauthenticationgoogleoauthdiscovery.md) | :heavy_minus_sign: | N/A | +| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | +| `collect_method` | [models.RestAuthenticationGoogleOauthCollectMethod](../models/restauthenticationgoogleoauthcollectmethod.md) | :heavy_check_mark: | N/A | +| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.RestAuthenticationGoogleOauthPagination]](../models/restauthenticationgoogleoauthpagination.md) | :heavy_minus_sign: | N/A | +| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | +| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | +| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | +| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | +| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | +| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | +| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | +| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | +| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | +| `retry_rules` | [Optional[models.RestAuthenticationGoogleOauthRetryRules]](../models/restauthenticationgoogleoauthretryrules.md) | :heavy_minus_sign: | N/A | +| `microsoft_graph_delta` | [Optional[models.RestAuthenticationGoogleOauthMicrosoftGraphDelta]](../models/restauthenticationgoogleoauthmicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | +| `scheduling` | [Optional[models.RestAuthenticationGoogleOauthScheduling]](../models/restauthenticationgoogleoauthscheduling.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `password` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | +| `login_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for login API call. This call is expected to be a POST. | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =. | +| `get_auth_token_from_header` | *Optional[bool]* | :heavy_minus_sign: | Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response | +| `auth_header_key` | *Optional[str]* | :heavy_minus_sign: | Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'. | +| `auth_header_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login. | +| `auth_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `client_secret_param_name` | *Optional[str]* | :heavy_minus_sign: | Defaults to 'client_secret'. Automatically added to request parameters using the value specified. | +| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | +| `template_client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime. | +| `auth_request_params` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value | +| `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | +| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodget.md index 9e24ffbe0..f9651d2c6 100644 --- a/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodget.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodother.md b/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodother.md index b64fef96e..d0e9123a7 100644 --- a/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodother.md +++ b/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodother.md @@ -18,5 +18,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodpost.md index 1facdef9b..e4170f3fc 100644 --- a/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodpost.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index 15178abf8..9a34a3d8c 100644 --- a/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypejson.md b/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypejson.md index dc2b360a9..a61085a50 100644 --- a/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypejson.md +++ b/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypejson.md @@ -3,15 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restauthenticationgoogleoauthrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restauthenticationgoogleoauthrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypelist.md b/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypelist.md index 197b6f120..74bb4c75d 100644 --- a/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypelist.md +++ b/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypelist.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeListDiscoverType](../models/restauthenticationgoogleoauthrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeListDiscoverType](../models/restauthenticationgoogleoauthrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file diff --git a/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypenone.md b/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypenone.md index 111aa64f2..497416056 100644 --- a/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypenone.md +++ b/docs/models/restauthenticationgoogleoauthrestdiscoverydiscovertypenone.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restauthenticationgoogleoauthrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restauthenticationgoogleoauthrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationgoogleoauthrestpaginationtypenone.md b/docs/models/restauthenticationgoogleoauthrestpaginationtypenone.md index 480d62ad1..1c6735531 100644 --- a/docs/models/restauthenticationgoogleoauthrestpaginationtypenone.md +++ b/docs/models/restauthenticationgoogleoauthrestpaginationtypenone.md @@ -6,6 +6,7 @@ | Field | Type | Required | Description | | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `type` | [models.PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination](../models/paginationoptionsrestdiscoverydiscovertypehttppagination.md) | :heavy_check_mark: | N/A | +| `max_pages` | *Optional[float]* | :heavy_minus_sign: | Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages. | | `last_page_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section. | | `next_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the next page in the result set. Example: rel="next" refers to the next page of results: ; rel="next" | | `cur_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the current result set. Example: rel="self" refers to the current page of results: ; rel="self" | @@ -13,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationgoogleoauthrestpaginationtyperesponsebody.md b/docs/models/restauthenticationgoogleoauthrestpaginationtyperesponsebody.md index ec69233b9..b5fda3d17 100644 --- a/docs/models/restauthenticationgoogleoauthrestpaginationtyperesponsebody.md +++ b/docs/models/restauthenticationgoogleoauthrestpaginationtyperesponsebody.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationgoogleoauthrestpaginationtyperesponseheader.md b/docs/models/restauthenticationgoogleoauthrestpaginationtyperesponseheader.md index cc9271cdc..f300fc416 100644 --- a/docs/models/restauthenticationgoogleoauthrestpaginationtyperesponseheader.md +++ b/docs/models/restauthenticationgoogleoauthrestpaginationtyperesponseheader.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationgoogleoauthrestpaginationtyperesponseheaderlink.md b/docs/models/restauthenticationgoogleoauthrestpaginationtyperesponseheaderlink.md index 717446e45..11e820659 100644 --- a/docs/models/restauthenticationgoogleoauthrestpaginationtyperesponseheaderlink.md +++ b/docs/models/restauthenticationgoogleoauthrestpaginationtyperesponseheaderlink.md @@ -14,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationgoogleoauthsecret.md b/docs/models/restauthenticationgoogleoauthsecret.md index fae7fe289..fb636c067 100644 --- a/docs/models/restauthenticationgoogleoauthsecret.md +++ b/docs/models/restauthenticationgoogleoauthsecret.md @@ -3,30 +3,48 @@ ## Fields -| Field | Type | Required | Description | -| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `authentication` | [models.RestAuthenticationGoogleOauthSecretAuthentication](../models/restauthenticationgoogleoauthsecretauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | -| `scopes` | List[*str*] | :heavy_check_mark: | Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information. | -| `text_secret` | *str* | :heavy_check_mark: | Select or create a text secret that contains the Google service account credentials value | -| `subject` | *str* | :heavy_check_mark: | Email address of a user account with Super Admin permissions to the resources the collector will retrieve | -| `discovery` | [Optional[models.RestAuthenticationGoogleOauthSecretDiscovery]](../models/restauthenticationgoogleoauthsecretdiscovery.md) | :heavy_minus_sign: | N/A | -| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | -| `collect_method` | [models.RestAuthenticationGoogleOauthSecretCollectMethod](../models/restauthenticationgoogleoauthsecretcollectmethod.md) | :heavy_check_mark: | N/A | -| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.RestAuthenticationGoogleOauthSecretPagination]](../models/restauthenticationgoogleoauthsecretpagination.md) | :heavy_minus_sign: | N/A | -| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | -| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | -| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | -| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | -| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | -| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | -| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | -| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | -| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | -| `retry_rules` | [Optional[models.RestAuthenticationGoogleOauthSecretRetryRules]](../models/restauthenticationgoogleoauthsecretretryrules.md) | :heavy_minus_sign: | N/A | -| `microsoft_graph_delta` | [Optional[models.RestAuthenticationGoogleOauthSecretMicrosoftGraphDelta]](../models/restauthenticationgoogleoauthsecretmicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | -| `scheduling` | [Optional[models.RestAuthenticationGoogleOauthSecretScheduling]](../models/restauthenticationgoogleoauthsecretscheduling.md) | :heavy_minus_sign: | N/A | -| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | -| `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | -| `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | -| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `authentication` | [models.RestAuthenticationGoogleOauthSecretAuthentication](../models/restauthenticationgoogleoauthsecretauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | +| `scopes` | List[*str*] | :heavy_check_mark: | Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information. | +| `text_secret` | *str* | :heavy_check_mark: | Select or create a text secret that contains the client secret's value | +| `subject` | *str* | :heavy_check_mark: | Email address of a user account with Super Admin permissions to the resources the collector will retrieve | +| `template_subject` | *Optional[str]* | :heavy_minus_sign: | Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime. | +| `discovery` | [Optional[models.RestAuthenticationGoogleOauthSecretDiscovery]](../models/restauthenticationgoogleoauthsecretdiscovery.md) | :heavy_minus_sign: | N/A | +| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | +| `collect_method` | [models.RestAuthenticationGoogleOauthSecretCollectMethod](../models/restauthenticationgoogleoauthsecretcollectmethod.md) | :heavy_check_mark: | N/A | +| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.RestAuthenticationGoogleOauthSecretPagination]](../models/restauthenticationgoogleoauthsecretpagination.md) | :heavy_minus_sign: | N/A | +| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | +| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | +| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | +| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | +| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | +| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | +| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | +| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | +| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | +| `retry_rules` | [Optional[models.RestAuthenticationGoogleOauthSecretRetryRules]](../models/restauthenticationgoogleoauthsecretretryrules.md) | :heavy_minus_sign: | N/A | +| `microsoft_graph_delta` | [Optional[models.RestAuthenticationGoogleOauthSecretMicrosoftGraphDelta]](../models/restauthenticationgoogleoauthsecretmicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | +| `scheduling` | [Optional[models.RestAuthenticationGoogleOauthSecretScheduling]](../models/restauthenticationgoogleoauthsecretscheduling.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `password` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | +| `login_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for login API call. This call is expected to be a POST. | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =. | +| `get_auth_token_from_header` | *Optional[bool]* | :heavy_minus_sign: | Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response | +| `auth_header_key` | *Optional[str]* | :heavy_minus_sign: | Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'. | +| `auth_header_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login. | +| `auth_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `client_secret_param_name` | *Optional[str]* | :heavy_minus_sign: | Defaults to 'client_secret'. Automatically added to request parameters using the value specified. | +| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | +| `template_client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime. | +| `auth_request_params` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | +| `template_service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime. | +| `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | +| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodget.md index a2618e3b9..2644a47b2 100644 --- a/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodget.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodother.md b/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodother.md index aa8267514..32d274745 100644 --- a/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodother.md +++ b/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodother.md @@ -18,5 +18,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpost.md index 2187d5227..8c4aead0a 100644 --- a/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpost.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index 416fbf18e..99d749031 100644 --- a/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypejson.md b/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypejson.md index 423b1dfcf..8c9ad5f16 100644 --- a/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypejson.md +++ b/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypejson.md @@ -3,15 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypelist.md b/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypelist.md index 00f495af9..d55f5effb 100644 --- a/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypelist.md +++ b/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypelist.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeListDiscoverType](../models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeListDiscoverType](../models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file diff --git a/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypenone.md b/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypenone.md index a5f3ab35c..1aadc6b99 100644 --- a/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypenone.md +++ b/docs/models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypenone.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restauthenticationgoogleoauthsecretrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationgoogleoauthsecretrestpaginationtypenone.md b/docs/models/restauthenticationgoogleoauthsecretrestpaginationtypenone.md index 3114b2372..5d81a02aa 100644 --- a/docs/models/restauthenticationgoogleoauthsecretrestpaginationtypenone.md +++ b/docs/models/restauthenticationgoogleoauthsecretrestpaginationtypenone.md @@ -6,6 +6,7 @@ | Field | Type | Required | Description | | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `type` | [models.PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination](../models/paginationoptionsrestdiscoverydiscovertypehttppagination.md) | :heavy_check_mark: | N/A | +| `max_pages` | *Optional[float]* | :heavy_minus_sign: | Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages. | | `last_page_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section. | | `next_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the next page in the result set. Example: rel="next" refers to the next page of results: ; rel="next" | | `cur_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the current result set. Example: rel="self" refers to the current page of results: ; rel="self" | @@ -13,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationgoogleoauthsecretrestpaginationtyperesponsebody.md b/docs/models/restauthenticationgoogleoauthsecretrestpaginationtyperesponsebody.md index 040010e28..4f5c893d0 100644 --- a/docs/models/restauthenticationgoogleoauthsecretrestpaginationtyperesponsebody.md +++ b/docs/models/restauthenticationgoogleoauthsecretrestpaginationtyperesponsebody.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationgoogleoauthsecretrestpaginationtyperesponseheader.md b/docs/models/restauthenticationgoogleoauthsecretrestpaginationtyperesponseheader.md index 0d0be62f1..6c614d293 100644 --- a/docs/models/restauthenticationgoogleoauthsecretrestpaginationtyperesponseheader.md +++ b/docs/models/restauthenticationgoogleoauthsecretrestpaginationtyperesponseheader.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationgoogleoauthsecretrestpaginationtyperesponseheaderlink.md b/docs/models/restauthenticationgoogleoauthsecretrestpaginationtyperesponseheaderlink.md index e4ac30f6a..065c4b831 100644 --- a/docs/models/restauthenticationgoogleoauthsecretrestpaginationtyperesponseheaderlink.md +++ b/docs/models/restauthenticationgoogleoauthsecretrestpaginationtyperesponseheaderlink.md @@ -14,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationhmac.md b/docs/models/restauthenticationhmac.md index 7770938e7..bff24fe4c 100644 --- a/docs/models/restauthenticationhmac.md +++ b/docs/models/restauthenticationhmac.md @@ -3,27 +3,48 @@ ## Fields -| Field | Type | Required | Description | -| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `authentication` | [models.RestAuthenticationHmacAuthentication](../models/restauthenticationhmacauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | -| `hmac_function_id` | *str* | :heavy_check_mark: | Select or create an HMAC Function to use with authentication | -| `discovery` | [Optional[models.RestAuthenticationHmacDiscovery]](../models/restauthenticationhmacdiscovery.md) | :heavy_minus_sign: | N/A | -| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | -| `collect_method` | [models.RestAuthenticationHmacCollectMethod](../models/restauthenticationhmaccollectmethod.md) | :heavy_check_mark: | N/A | -| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.RestAuthenticationHmacPagination]](../models/restauthenticationhmacpagination.md) | :heavy_minus_sign: | N/A | -| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | -| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | -| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | -| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | -| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | -| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | -| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | -| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | -| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | -| `retry_rules` | [Optional[models.RestAuthenticationHmacRetryRules]](../models/restauthenticationhmacretryrules.md) | :heavy_minus_sign: | N/A | -| `microsoft_graph_delta` | [Optional[models.RestAuthenticationHmacMicrosoftGraphDelta]](../models/restauthenticationhmacmicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | -| `scheduling` | [Optional[models.RestAuthenticationHmacScheduling]](../models/restauthenticationhmacscheduling.md) | :heavy_minus_sign: | N/A | -| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | -| `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | -| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `authentication` | [models.RestAuthenticationHmacAuthentication](../models/restauthenticationhmacauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | +| `hmac_function_id` | *str* | :heavy_check_mark: | Select or create an HMAC Function to use with authentication | +| `discovery` | [Optional[models.RestAuthenticationHmacDiscovery]](../models/restauthenticationhmacdiscovery.md) | :heavy_minus_sign: | N/A | +| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | +| `collect_method` | [models.RestAuthenticationHmacCollectMethod](../models/restauthenticationhmaccollectmethod.md) | :heavy_check_mark: | N/A | +| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.RestAuthenticationHmacPagination]](../models/restauthenticationhmacpagination.md) | :heavy_minus_sign: | N/A | +| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | +| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | +| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | +| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | +| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | +| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | +| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | +| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | +| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | +| `retry_rules` | [Optional[models.RestAuthenticationHmacRetryRules]](../models/restauthenticationhmacretryrules.md) | :heavy_minus_sign: | N/A | +| `microsoft_graph_delta` | [Optional[models.RestAuthenticationHmacMicrosoftGraphDelta]](../models/restauthenticationhmacmicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | +| `scheduling` | [Optional[models.RestAuthenticationHmacScheduling]](../models/restauthenticationhmacscheduling.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `password` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | +| `login_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for login API call. This call is expected to be a POST. | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =. | +| `get_auth_token_from_header` | *Optional[bool]* | :heavy_minus_sign: | Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response | +| `auth_header_key` | *Optional[str]* | :heavy_minus_sign: | Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'. | +| `auth_header_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login. | +| `auth_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `client_secret_param_name` | *Optional[str]* | :heavy_minus_sign: | Defaults to 'client_secret'. Automatically added to request parameters using the value specified. | +| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | +| `template_client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime. | +| `auth_request_params` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value | +| `scopes` | List[*str*] | :heavy_minus_sign: | Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information. | +| `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | +| `template_service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime. | +| `subject` | *Optional[str]* | :heavy_minus_sign: | Email address of a user account with Super Admin permissions to the resources the collector will retrieve | +| `template_subject` | *Optional[str]* | :heavy_minus_sign: | Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime. | +| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodget.md index 473f588c2..13a501293 100644 --- a/docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodget.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodother.md b/docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodother.md index 9296fa7c4..c7015cd05 100644 --- a/docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodother.md +++ b/docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodother.md @@ -18,5 +18,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodpost.md index 7e7be6c7e..69d621603 100644 --- a/docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodpost.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index abe00fc52..2454087de 100644 --- a/docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/restauthenticationhmacrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationhmacrestdiscoverydiscovertypejson.md b/docs/models/restauthenticationhmacrestdiscoverydiscovertypejson.md index c3b64a4b2..f17ffe221 100644 --- a/docs/models/restauthenticationhmacrestdiscoverydiscovertypejson.md +++ b/docs/models/restauthenticationhmacrestdiscoverydiscovertypejson.md @@ -3,15 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationHmacRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restauthenticationhmacrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationHmacRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restauthenticationhmacrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationhmacrestdiscoverydiscovertypelist.md b/docs/models/restauthenticationhmacrestdiscoverydiscovertypelist.md index 5a625f5d3..5ec4d8d16 100644 --- a/docs/models/restauthenticationhmacrestdiscoverydiscovertypelist.md +++ b/docs/models/restauthenticationhmacrestdiscoverydiscovertypelist.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationHmacRestDiscoveryDiscoverTypeListDiscoverType](../models/restauthenticationhmacrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationHmacRestDiscoveryDiscoverTypeListDiscoverType](../models/restauthenticationhmacrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file diff --git a/docs/models/restauthenticationhmacrestdiscoverydiscovertypenone.md b/docs/models/restauthenticationhmacrestdiscoverydiscovertypenone.md index db7fb03ae..fc654f059 100644 --- a/docs/models/restauthenticationhmacrestdiscoverydiscovertypenone.md +++ b/docs/models/restauthenticationhmacrestdiscoverydiscovertypenone.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationHmacRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restauthenticationhmacrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationHmacRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restauthenticationhmacrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationhmacrestpaginationtypenone.md b/docs/models/restauthenticationhmacrestpaginationtypenone.md index d864fa0dd..285f556f5 100644 --- a/docs/models/restauthenticationhmacrestpaginationtypenone.md +++ b/docs/models/restauthenticationhmacrestpaginationtypenone.md @@ -6,6 +6,7 @@ | Field | Type | Required | Description | | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `type` | [models.PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination](../models/paginationoptionsrestdiscoverydiscovertypehttppagination.md) | :heavy_check_mark: | N/A | +| `max_pages` | *Optional[float]* | :heavy_minus_sign: | Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages. | | `last_page_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section. | | `next_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the next page in the result set. Example: rel="next" refers to the next page of results: ; rel="next" | | `cur_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the current result set. Example: rel="self" refers to the current page of results: ; rel="self" | @@ -13,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationhmacrestpaginationtyperesponsebody.md b/docs/models/restauthenticationhmacrestpaginationtyperesponsebody.md index 01560785a..cae4f72f9 100644 --- a/docs/models/restauthenticationhmacrestpaginationtyperesponsebody.md +++ b/docs/models/restauthenticationhmacrestpaginationtyperesponsebody.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationhmacrestpaginationtyperesponseheader.md b/docs/models/restauthenticationhmacrestpaginationtyperesponseheader.md index 4dbd1cb7d..108db47dd 100644 --- a/docs/models/restauthenticationhmacrestpaginationtyperesponseheader.md +++ b/docs/models/restauthenticationhmacrestpaginationtyperesponseheader.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationhmacrestpaginationtyperesponseheaderlink.md b/docs/models/restauthenticationhmacrestpaginationtyperesponseheaderlink.md index 5f5277620..e9497629a 100644 --- a/docs/models/restauthenticationhmacrestpaginationtyperesponseheaderlink.md +++ b/docs/models/restauthenticationhmacrestpaginationtyperesponseheaderlink.md @@ -14,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationlogin.md b/docs/models/restauthenticationlogin.md index cf5397b5a..f473c0c0c 100644 --- a/docs/models/restauthenticationlogin.md +++ b/docs/models/restauthenticationlogin.md @@ -15,6 +15,9 @@ | `auth_header_expr` | *str* | :heavy_check_mark: | JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login. | | `auth_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | | `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | | `discovery` | [Optional[models.RestAuthenticationLoginDiscovery]](../models/restauthenticationlogindiscovery.md) | :heavy_minus_sign: | N/A | | `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | | `collect_method` | [models.RestAuthenticationLoginCollectMethod](../models/restauthenticationlogincollectmethod.md) | :heavy_check_mark: | N/A | @@ -32,7 +35,16 @@ | `retry_rules` | [Optional[models.RestAuthenticationLoginRetryRules]](../models/restauthenticationloginretryrules.md) | :heavy_minus_sign: | N/A | | `microsoft_graph_delta` | [Optional[models.RestAuthenticationLoginMicrosoftGraphDelta]](../models/restauthenticationloginmicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | | `scheduling` | [Optional[models.RestAuthenticationLoginScheduling]](../models/restauthenticationloginscheduling.md) | :heavy_minus_sign: | N/A | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | +| `client_secret_param_name` | *Optional[str]* | :heavy_minus_sign: | Defaults to 'client_secret'. Automatically added to request parameters using the value specified. | | `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | +| `template_client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime. | +| `auth_request_params` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value | +| `scopes` | List[*str*] | :heavy_minus_sign: | Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information. | | `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | +| `template_service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime. | +| `subject` | *Optional[str]* | :heavy_minus_sign: | Email address of a user account with Super Admin permissions to the resources the collector will retrieve | +| `template_subject` | *Optional[str]* | :heavy_minus_sign: | Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime. | | `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | | `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodget.md index 1c02d95fe..c26888e72 100644 --- a/docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodget.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodother.md b/docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodother.md index 58375060f..b35ef4c51 100644 --- a/docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodother.md +++ b/docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodother.md @@ -18,5 +18,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodpost.md index f6f14586e..4384719b0 100644 --- a/docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodpost.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index a4ce76269..5144a03cc 100644 --- a/docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/restauthenticationloginrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationloginrestdiscoverydiscovertypejson.md b/docs/models/restauthenticationloginrestdiscoverydiscovertypejson.md index 962e8bb91..2c779103d 100644 --- a/docs/models/restauthenticationloginrestdiscoverydiscovertypejson.md +++ b/docs/models/restauthenticationloginrestdiscoverydiscovertypejson.md @@ -3,15 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationLoginRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restauthenticationloginrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationLoginRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restauthenticationloginrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationloginrestdiscoverydiscovertypelist.md b/docs/models/restauthenticationloginrestdiscoverydiscovertypelist.md index 724c1334d..2b39e0705 100644 --- a/docs/models/restauthenticationloginrestdiscoverydiscovertypelist.md +++ b/docs/models/restauthenticationloginrestdiscoverydiscovertypelist.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationLoginRestDiscoveryDiscoverTypeListDiscoverType](../models/restauthenticationloginrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationLoginRestDiscoveryDiscoverTypeListDiscoverType](../models/restauthenticationloginrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file diff --git a/docs/models/restauthenticationloginrestdiscoverydiscovertypenone.md b/docs/models/restauthenticationloginrestdiscoverydiscovertypenone.md index a1c3426d8..60c5a75e2 100644 --- a/docs/models/restauthenticationloginrestdiscoverydiscovertypenone.md +++ b/docs/models/restauthenticationloginrestdiscoverydiscovertypenone.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationLoginRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restauthenticationloginrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationLoginRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restauthenticationloginrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationloginrestpaginationtypenone.md b/docs/models/restauthenticationloginrestpaginationtypenone.md index f5fa609af..45c320224 100644 --- a/docs/models/restauthenticationloginrestpaginationtypenone.md +++ b/docs/models/restauthenticationloginrestpaginationtypenone.md @@ -6,6 +6,7 @@ | Field | Type | Required | Description | | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `type` | [models.PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination](../models/paginationoptionsrestdiscoverydiscovertypehttppagination.md) | :heavy_check_mark: | N/A | +| `max_pages` | *Optional[float]* | :heavy_minus_sign: | Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages. | | `last_page_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section. | | `next_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the next page in the result set. Example: rel="next" refers to the next page of results: ; rel="next" | | `cur_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the current result set. Example: rel="self" refers to the current page of results: ; rel="self" | @@ -13,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationloginrestpaginationtyperesponsebody.md b/docs/models/restauthenticationloginrestpaginationtyperesponsebody.md index c36434d87..83ac5c04b 100644 --- a/docs/models/restauthenticationloginrestpaginationtyperesponsebody.md +++ b/docs/models/restauthenticationloginrestpaginationtyperesponsebody.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationloginrestpaginationtyperesponseheader.md b/docs/models/restauthenticationloginrestpaginationtyperesponseheader.md index 973f66f2a..5e9a70f90 100644 --- a/docs/models/restauthenticationloginrestpaginationtyperesponseheader.md +++ b/docs/models/restauthenticationloginrestpaginationtyperesponseheader.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationloginrestpaginationtyperesponseheaderlink.md b/docs/models/restauthenticationloginrestpaginationtyperesponseheaderlink.md index f462d5234..2de5097b3 100644 --- a/docs/models/restauthenticationloginrestpaginationtyperesponseheaderlink.md +++ b/docs/models/restauthenticationloginrestpaginationtyperesponseheaderlink.md @@ -14,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationloginsecret.md b/docs/models/restauthenticationloginsecret.md index 72fa2c17e..68d2a0438 100644 --- a/docs/models/restauthenticationloginsecret.md +++ b/docs/models/restauthenticationloginsecret.md @@ -7,11 +7,11 @@ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `authentication` | [models.RestAuthenticationLoginSecretAuthentication](../models/restauthenticationloginsecretauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | | `login_url` | *str* | :heavy_check_mark: | URL to use for login API call. This call is expected to be a POST. | -| `credentials_secret` | *str* | :heavy_check_mark: | Select or create a stored secret that references your login credentials | +| `credentials_secret` | *str* | :heavy_check_mark: | Select or create a stored secret that references your credentials | | `login_body` | *str* | :heavy_check_mark: | Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =. | | `get_auth_token_from_header` | *Optional[bool]* | :heavy_minus_sign: | Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response | | `auth_header_key` | *Optional[str]* | :heavy_minus_sign: | Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'. | -| `auth_header_expr` | *str* | :heavy_check_mark: | JavaScript expression to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login. | +| `auth_header_expr` | *str* | :heavy_check_mark: | JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login. | | `auth_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | | `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | | `discovery` | [Optional[models.RestAuthenticationLoginSecretDiscovery]](../models/restauthenticationloginsecretdiscovery.md) | :heavy_minus_sign: | N/A | @@ -31,7 +31,20 @@ | `retry_rules` | [Optional[models.RestAuthenticationLoginSecretRetryRules]](../models/restauthenticationloginsecretretryrules.md) | :heavy_minus_sign: | N/A | | `microsoft_graph_delta` | [Optional[models.RestAuthenticationLoginSecretMicrosoftGraphDelta]](../models/restauthenticationloginsecretmicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | | `scheduling` | [Optional[models.RestAuthenticationLoginSecretScheduling]](../models/restauthenticationloginsecretscheduling.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `password` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `client_secret_param_name` | *Optional[str]* | :heavy_minus_sign: | Defaults to 'client_secret'. Automatically added to request parameters using the value specified. | | `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | +| `template_client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime. | +| `auth_request_params` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value | +| `scopes` | List[*str*] | :heavy_minus_sign: | Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information. | | `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | +| `template_service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime. | +| `subject` | *Optional[str]* | :heavy_minus_sign: | Email address of a user account with Super Admin permissions to the resources the collector will retrieve | +| `template_subject` | *Optional[str]* | :heavy_minus_sign: | Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime. | | `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | | `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodget.md index d208d5e6d..441880e8d 100644 --- a/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodget.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodother.md b/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodother.md index aff56c693..2ef90cb70 100644 --- a/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodother.md +++ b/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodother.md @@ -18,5 +18,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodpost.md index e58a75b3d..6c597943b 100644 --- a/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodpost.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index f8a820df1..f4ec9b7bf 100644 --- a/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypejson.md b/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypejson.md index 885b72a37..eb1a88802 100644 --- a/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypejson.md +++ b/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypejson.md @@ -3,15 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restauthenticationloginsecretrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restauthenticationloginsecretrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypelist.md b/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypelist.md index 1a8bceba0..83f0c570b 100644 --- a/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypelist.md +++ b/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypelist.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeListDiscoverType](../models/restauthenticationloginsecretrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeListDiscoverType](../models/restauthenticationloginsecretrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file diff --git a/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypenone.md b/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypenone.md index 66f930e0d..65981ea39 100644 --- a/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypenone.md +++ b/docs/models/restauthenticationloginsecretrestdiscoverydiscovertypenone.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restauthenticationloginsecretrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restauthenticationloginsecretrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationloginsecretrestpaginationtypenone.md b/docs/models/restauthenticationloginsecretrestpaginationtypenone.md index 7e84ce2ec..3989d8329 100644 --- a/docs/models/restauthenticationloginsecretrestpaginationtypenone.md +++ b/docs/models/restauthenticationloginsecretrestpaginationtypenone.md @@ -6,6 +6,7 @@ | Field | Type | Required | Description | | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `type` | [models.PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination](../models/paginationoptionsrestdiscoverydiscovertypehttppagination.md) | :heavy_check_mark: | N/A | +| `max_pages` | *Optional[float]* | :heavy_minus_sign: | Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages. | | `last_page_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section. | | `next_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the next page in the result set. Example: rel="next" refers to the next page of results: ; rel="next" | | `cur_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the current result set. Example: rel="self" refers to the current page of results: ; rel="self" | @@ -13,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationloginsecretrestpaginationtyperesponsebody.md b/docs/models/restauthenticationloginsecretrestpaginationtyperesponsebody.md index c1b96c809..bea5885e0 100644 --- a/docs/models/restauthenticationloginsecretrestpaginationtyperesponsebody.md +++ b/docs/models/restauthenticationloginsecretrestpaginationtyperesponsebody.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationloginsecretrestpaginationtyperesponseheader.md b/docs/models/restauthenticationloginsecretrestpaginationtyperesponseheader.md index 0d5212e15..1561430ca 100644 --- a/docs/models/restauthenticationloginsecretrestpaginationtyperesponseheader.md +++ b/docs/models/restauthenticationloginsecretrestpaginationtyperesponseheader.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationloginsecretrestpaginationtyperesponseheaderlink.md b/docs/models/restauthenticationloginsecretrestpaginationtyperesponseheaderlink.md index 8d3f67891..5249e181f 100644 --- a/docs/models/restauthenticationloginsecretrestpaginationtyperesponseheaderlink.md +++ b/docs/models/restauthenticationloginsecretrestpaginationtyperesponseheaderlink.md @@ -14,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationnone.md b/docs/models/restauthenticationnone.md index 98c09ebfd..3c80d5d1f 100644 --- a/docs/models/restauthenticationnone.md +++ b/docs/models/restauthenticationnone.md @@ -3,27 +3,48 @@ ## Fields -| Field | Type | Required | Description | -| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `authentication` | [models.RestAuthenticationNoneAuthentication](../models/restauthenticationnoneauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | -| `discovery` | [Optional[models.RestAuthenticationNoneDiscovery]](../models/restauthenticationnonediscovery.md) | :heavy_minus_sign: | N/A | -| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | -| `collect_method` | [models.RestAuthenticationNoneCollectMethod](../models/restauthenticationnonecollectmethod.md) | :heavy_check_mark: | N/A | -| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.RestAuthenticationNonePagination]](../models/restauthenticationnonepagination.md) | :heavy_minus_sign: | N/A | -| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | -| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | -| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | -| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | -| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | -| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | -| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | -| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | -| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | -| `retry_rules` | [Optional[models.RestAuthenticationNoneRetryRules]](../models/restauthenticationnoneretryrules.md) | :heavy_minus_sign: | N/A | -| `microsoft_graph_delta` | [Optional[models.RestAuthenticationNoneMicrosoftGraphDelta]](../models/restauthenticationnonemicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | -| `scheduling` | [Optional[models.RestAuthenticationNoneScheduling]](../models/restauthenticationnonescheduling.md) | :heavy_minus_sign: | N/A | -| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | -| `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | -| `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | -| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `authentication` | [models.RestAuthenticationNoneAuthentication](../models/restauthenticationnoneauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | +| `discovery` | [Optional[models.RestAuthenticationNoneDiscovery]](../models/restauthenticationnonediscovery.md) | :heavy_minus_sign: | N/A | +| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | +| `collect_method` | [models.RestAuthenticationNoneCollectMethod](../models/restauthenticationnonecollectmethod.md) | :heavy_check_mark: | N/A | +| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.RestAuthenticationNonePagination]](../models/restauthenticationnonepagination.md) | :heavy_minus_sign: | N/A | +| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | +| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | +| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | +| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | +| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | +| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | +| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | +| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | +| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | +| `retry_rules` | [Optional[models.RestAuthenticationNoneRetryRules]](../models/restauthenticationnoneretryrules.md) | :heavy_minus_sign: | N/A | +| `microsoft_graph_delta` | [Optional[models.RestAuthenticationNoneMicrosoftGraphDelta]](../models/restauthenticationnonemicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | +| `scheduling` | [Optional[models.RestAuthenticationNoneScheduling]](../models/restauthenticationnonescheduling.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `password` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | +| `login_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for login API call. This call is expected to be a POST. | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =. | +| `get_auth_token_from_header` | *Optional[bool]* | :heavy_minus_sign: | Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response | +| `auth_header_key` | *Optional[str]* | :heavy_minus_sign: | Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'. | +| `auth_header_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login. | +| `auth_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `client_secret_param_name` | *Optional[str]* | :heavy_minus_sign: | Defaults to 'client_secret'. Automatically added to request parameters using the value specified. | +| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | +| `template_client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime. | +| `auth_request_params` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value | +| `scopes` | List[*str*] | :heavy_minus_sign: | Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information. | +| `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | +| `template_service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime. | +| `subject` | *Optional[str]* | :heavy_minus_sign: | Email address of a user account with Super Admin permissions to the resources the collector will retrieve | +| `template_subject` | *Optional[str]* | :heavy_minus_sign: | Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime. | +| `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | +| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodget.md index b0f880b7d..4903fbdb0 100644 --- a/docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodget.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodother.md b/docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodother.md index fd27bce85..fd54288bf 100644 --- a/docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodother.md +++ b/docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodother.md @@ -18,5 +18,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodpost.md index 083f21f95..49d356fdf 100644 --- a/docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodpost.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index 570b0fe43..07780abad 100644 --- a/docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/restauthenticationnonerestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationnonerestdiscoverydiscovertypejson.md b/docs/models/restauthenticationnonerestdiscoverydiscovertypejson.md index 020c40e9f..ef0953ac5 100644 --- a/docs/models/restauthenticationnonerestdiscoverydiscovertypejson.md +++ b/docs/models/restauthenticationnonerestdiscoverydiscovertypejson.md @@ -3,15 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationNoneRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restauthenticationnonerestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationNoneRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restauthenticationnonerestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationnonerestdiscoverydiscovertypelist.md b/docs/models/restauthenticationnonerestdiscoverydiscovertypelist.md index bedd57d96..2941daac8 100644 --- a/docs/models/restauthenticationnonerestdiscoverydiscovertypelist.md +++ b/docs/models/restauthenticationnonerestdiscoverydiscovertypelist.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationNoneRestDiscoveryDiscoverTypeListDiscoverType](../models/restauthenticationnonerestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationNoneRestDiscoveryDiscoverTypeListDiscoverType](../models/restauthenticationnonerestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file diff --git a/docs/models/restauthenticationnonerestdiscoverydiscovertypenone.md b/docs/models/restauthenticationnonerestdiscoverydiscovertypenone.md index 633da6463..0ed27720e 100644 --- a/docs/models/restauthenticationnonerestdiscoverydiscovertypenone.md +++ b/docs/models/restauthenticationnonerestdiscoverydiscovertypenone.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationNoneRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restauthenticationnonerestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationNoneRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restauthenticationnonerestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationnonerestpaginationtypenone.md b/docs/models/restauthenticationnonerestpaginationtypenone.md index e22634582..5e80f369a 100644 --- a/docs/models/restauthenticationnonerestpaginationtypenone.md +++ b/docs/models/restauthenticationnonerestpaginationtypenone.md @@ -6,6 +6,7 @@ | Field | Type | Required | Description | | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `type` | [models.PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination](../models/paginationoptionsrestdiscoverydiscovertypehttppagination.md) | :heavy_check_mark: | N/A | +| `max_pages` | *Optional[float]* | :heavy_minus_sign: | Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages. | | `last_page_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section. | | `next_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the next page in the result set. Example: rel="next" refers to the next page of results: ; rel="next" | | `cur_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the current result set. Example: rel="self" refers to the current page of results: ; rel="self" | @@ -13,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationnonerestpaginationtyperesponsebody.md b/docs/models/restauthenticationnonerestpaginationtyperesponsebody.md index 663cce4d9..815fbc654 100644 --- a/docs/models/restauthenticationnonerestpaginationtyperesponsebody.md +++ b/docs/models/restauthenticationnonerestpaginationtyperesponsebody.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationnonerestpaginationtyperesponseheader.md b/docs/models/restauthenticationnonerestpaginationtyperesponseheader.md index 18e8f0231..a06474838 100644 --- a/docs/models/restauthenticationnonerestpaginationtyperesponseheader.md +++ b/docs/models/restauthenticationnonerestpaginationtyperesponseheader.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationnonerestpaginationtyperesponseheaderlink.md b/docs/models/restauthenticationnonerestpaginationtyperesponseheaderlink.md index 3cce101b9..dbc95719b 100644 --- a/docs/models/restauthenticationnonerestpaginationtyperesponseheaderlink.md +++ b/docs/models/restauthenticationnonerestpaginationtyperesponseheaderlink.md @@ -14,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationoauth.md b/docs/models/restauthenticationoauth.md index e74031e42..873c1ef6c 100644 --- a/docs/models/restauthenticationoauth.md +++ b/docs/models/restauthenticationoauth.md @@ -3,34 +3,48 @@ ## Fields -| Field | Type | Required | Description | -| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `authentication` | [models.RestAuthenticationOauthAuthentication](../models/restauthenticationoauthauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | -| `login_url` | *str* | :heavy_check_mark: | URL to use for the OAuth API call. This call is expected to be a POST. | -| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | -| `auth_header_key` | *Optional[str]* | :heavy_minus_sign: | Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'. | -| `auth_header_expr` | *str* | :heavy_check_mark: | JavaScript expression to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login. | -| `client_secret_param_name` | *str* | :heavy_check_mark: | Defaults to 'client_secret'. Automatically added to request parameters using the value specified. | -| `client_secret_param_value` | *str* | :heavy_check_mark: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | -| `auth_request_params` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | -| `auth_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `discovery` | [Optional[models.RestAuthenticationOauthDiscovery]](../models/restauthenticationoauthdiscovery.md) | :heavy_minus_sign: | N/A | -| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | -| `collect_method` | [models.RestAuthenticationOauthCollectMethod](../models/restauthenticationoauthcollectmethod.md) | :heavy_check_mark: | N/A | -| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.RestAuthenticationOauthPagination]](../models/restauthenticationoauthpagination.md) | :heavy_minus_sign: | N/A | -| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | -| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | -| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | -| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | -| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | -| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | -| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | -| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | -| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | -| `retry_rules` | [Optional[models.RestAuthenticationOauthRetryRules]](../models/restauthenticationoauthretryrules.md) | :heavy_minus_sign: | N/A | -| `microsoft_graph_delta` | [Optional[models.RestAuthenticationOauthMicrosoftGraphDelta]](../models/restauthenticationoauthmicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | -| `scheduling` | [Optional[models.RestAuthenticationOauthScheduling]](../models/restauthenticationoauthscheduling.md) | :heavy_minus_sign: | N/A | -| `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | -| `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | -| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `authentication` | [models.RestAuthenticationOauthAuthentication](../models/restauthenticationoauthauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | +| `login_url` | *str* | :heavy_check_mark: | URL to use for login API call. This call is expected to be a POST. | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `auth_header_key` | *Optional[str]* | :heavy_minus_sign: | Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'. | +| `auth_header_expr` | *str* | :heavy_check_mark: | JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login. | +| `client_secret_param_name` | *str* | :heavy_check_mark: | Defaults to 'client_secret'. Automatically added to request parameters using the value specified. | +| `client_secret_param_value` | *str* | :heavy_check_mark: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | +| `auth_request_params` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `auth_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `template_client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime. | +| `discovery` | [Optional[models.RestAuthenticationOauthDiscovery]](../models/restauthenticationoauthdiscovery.md) | :heavy_minus_sign: | N/A | +| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | +| `collect_method` | [models.RestAuthenticationOauthCollectMethod](../models/restauthenticationoauthcollectmethod.md) | :heavy_check_mark: | N/A | +| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.RestAuthenticationOauthPagination]](../models/restauthenticationoauthpagination.md) | :heavy_minus_sign: | N/A | +| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | +| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | +| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | +| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | +| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | +| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | +| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | +| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | +| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | +| `retry_rules` | [Optional[models.RestAuthenticationOauthRetryRules]](../models/restauthenticationoauthretryrules.md) | :heavy_minus_sign: | N/A | +| `microsoft_graph_delta` | [Optional[models.RestAuthenticationOauthMicrosoftGraphDelta]](../models/restauthenticationoauthmicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | +| `scheduling` | [Optional[models.RestAuthenticationOauthScheduling]](../models/restauthenticationoauthscheduling.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `password` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =. | +| `get_auth_token_from_header` | *Optional[bool]* | :heavy_minus_sign: | Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response | +| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value | +| `scopes` | List[*str*] | :heavy_minus_sign: | Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information. | +| `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | +| `template_service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime. | +| `subject` | *Optional[str]* | :heavy_minus_sign: | Email address of a user account with Super Admin permissions to the resources the collector will retrieve | +| `template_subject` | *Optional[str]* | :heavy_minus_sign: | Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime. | +| `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | +| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodget.md index 931d0e40f..d850bdfa7 100644 --- a/docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodget.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodother.md b/docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodother.md index da74c95ae..40af4d188 100644 --- a/docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodother.md +++ b/docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodother.md @@ -18,5 +18,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodpost.md index 9333789f6..5acc2c05c 100644 --- a/docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodpost.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index c073e37c4..d0f830dbe 100644 --- a/docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/restauthenticationoauthrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationoauthrestdiscoverydiscovertypejson.md b/docs/models/restauthenticationoauthrestdiscoverydiscovertypejson.md index 96cf542d1..1ea6c9c30 100644 --- a/docs/models/restauthenticationoauthrestdiscoverydiscovertypejson.md +++ b/docs/models/restauthenticationoauthrestdiscoverydiscovertypejson.md @@ -3,15 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationOauthRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restauthenticationoauthrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationOauthRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restauthenticationoauthrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationoauthrestdiscoverydiscovertypelist.md b/docs/models/restauthenticationoauthrestdiscoverydiscovertypelist.md index e0431558a..488ee2976 100644 --- a/docs/models/restauthenticationoauthrestdiscoverydiscovertypelist.md +++ b/docs/models/restauthenticationoauthrestdiscoverydiscovertypelist.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationOauthRestDiscoveryDiscoverTypeListDiscoverType](../models/restauthenticationoauthrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationOauthRestDiscoveryDiscoverTypeListDiscoverType](../models/restauthenticationoauthrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file diff --git a/docs/models/restauthenticationoauthrestdiscoverydiscovertypenone.md b/docs/models/restauthenticationoauthrestdiscoverydiscovertypenone.md index 860c177ad..00f0e90ba 100644 --- a/docs/models/restauthenticationoauthrestdiscoverydiscovertypenone.md +++ b/docs/models/restauthenticationoauthrestdiscoverydiscovertypenone.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationOauthRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restauthenticationoauthrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationOauthRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restauthenticationoauthrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationoauthrestpaginationtypenone.md b/docs/models/restauthenticationoauthrestpaginationtypenone.md index 200667a5f..f24d1f6cb 100644 --- a/docs/models/restauthenticationoauthrestpaginationtypenone.md +++ b/docs/models/restauthenticationoauthrestpaginationtypenone.md @@ -6,6 +6,7 @@ | Field | Type | Required | Description | | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `type` | [models.PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination](../models/paginationoptionsrestdiscoverydiscovertypehttppagination.md) | :heavy_check_mark: | N/A | +| `max_pages` | *Optional[float]* | :heavy_minus_sign: | Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages. | | `last_page_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section. | | `next_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the next page in the result set. Example: rel="next" refers to the next page of results: ; rel="next" | | `cur_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the current result set. Example: rel="self" refers to the current page of results: ; rel="self" | @@ -13,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationoauthrestpaginationtyperesponsebody.md b/docs/models/restauthenticationoauthrestpaginationtyperesponsebody.md index 258789b82..7a7faa4b9 100644 --- a/docs/models/restauthenticationoauthrestpaginationtyperesponsebody.md +++ b/docs/models/restauthenticationoauthrestpaginationtyperesponsebody.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationoauthrestpaginationtyperesponseheader.md b/docs/models/restauthenticationoauthrestpaginationtyperesponseheader.md index 2d2fa8014..7d4135e22 100644 --- a/docs/models/restauthenticationoauthrestpaginationtyperesponseheader.md +++ b/docs/models/restauthenticationoauthrestpaginationtyperesponseheader.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationoauthrestpaginationtyperesponseheaderlink.md b/docs/models/restauthenticationoauthrestpaginationtyperesponseheaderlink.md index 641d47116..4f6f7e6f4 100644 --- a/docs/models/restauthenticationoauthrestpaginationtyperesponseheaderlink.md +++ b/docs/models/restauthenticationoauthrestpaginationtyperesponseheaderlink.md @@ -14,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationoauthsecret.md b/docs/models/restauthenticationoauthsecret.md index 8aa89491a..d5dc2f992 100644 --- a/docs/models/restauthenticationoauthsecret.md +++ b/docs/models/restauthenticationoauthsecret.md @@ -3,35 +3,48 @@ ## Fields -| Field | Type | Required | Description | -| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `authentication` | [models.RestAuthenticationOauthSecretAuthentication](../models/restauthenticationoauthsecretauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | -| `login_url` | *str* | :heavy_check_mark: | URL to use for the OAuth API call. This call is expected to be a POST. | -| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | -| `auth_header_key` | *Optional[str]* | :heavy_minus_sign: | Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'. | -| `auth_header_expr` | *str* | :heavy_check_mark: | JavaScript expression to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login. | -| `client_secret_param_name` | *str* | :heavy_check_mark: | Defaults to 'client_secret'. Automatically added to request parameters using the value specified. | -| `text_secret` | *str* | :heavy_check_mark: | Select or create a text secret that contains the client secret's value | -| `auth_request_params` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | -| `auth_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `discovery` | [Optional[models.RestAuthenticationOauthSecretDiscovery]](../models/restauthenticationoauthsecretdiscovery.md) | :heavy_minus_sign: | N/A | -| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | -| `collect_method` | [models.RestAuthenticationOauthSecretCollectMethod](../models/restauthenticationoauthsecretcollectmethod.md) | :heavy_check_mark: | N/A | -| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.RestAuthenticationOauthSecretPagination]](../models/restauthenticationoauthsecretpagination.md) | :heavy_minus_sign: | N/A | -| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | -| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | -| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | -| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | -| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | -| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | -| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | -| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | -| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | -| `retry_rules` | [Optional[models.RestAuthenticationOauthSecretRetryRules]](../models/restauthenticationoauthsecretretryrules.md) | :heavy_minus_sign: | N/A | -| `microsoft_graph_delta` | [Optional[models.RestAuthenticationOauthSecretMicrosoftGraphDelta]](../models/restauthenticationoauthsecretmicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | -| `scheduling` | [Optional[models.RestAuthenticationOauthSecretScheduling]](../models/restauthenticationoauthsecretscheduling.md) | :heavy_minus_sign: | N/A | -| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | -| `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | -| `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | -| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `authentication` | [models.RestAuthenticationOauthSecretAuthentication](../models/restauthenticationoauthsecretauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | +| `login_url` | *str* | :heavy_check_mark: | URL to use for login API call. This call is expected to be a POST. | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `auth_header_key` | *Optional[str]* | :heavy_minus_sign: | Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'. | +| `auth_header_expr` | *str* | :heavy_check_mark: | JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login. | +| `client_secret_param_name` | *str* | :heavy_check_mark: | Defaults to 'client_secret'. Automatically added to request parameters using the value specified. | +| `text_secret` | *str* | :heavy_check_mark: | Select or create a text secret that contains the client secret's value | +| `auth_request_params` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `auth_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `discovery` | [Optional[models.RestAuthenticationOauthSecretDiscovery]](../models/restauthenticationoauthsecretdiscovery.md) | :heavy_minus_sign: | N/A | +| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | +| `collect_method` | [models.RestAuthenticationOauthSecretCollectMethod](../models/restauthenticationoauthsecretcollectmethod.md) | :heavy_check_mark: | N/A | +| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.RestAuthenticationOauthSecretPagination]](../models/restauthenticationoauthsecretpagination.md) | :heavy_minus_sign: | N/A | +| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | +| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | +| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | +| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | +| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | +| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | +| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | +| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | +| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | +| `retry_rules` | [Optional[models.RestAuthenticationOauthSecretRetryRules]](../models/restauthenticationoauthsecretretryrules.md) | :heavy_minus_sign: | N/A | +| `microsoft_graph_delta` | [Optional[models.RestAuthenticationOauthSecretMicrosoftGraphDelta]](../models/restauthenticationoauthsecretmicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | +| `scheduling` | [Optional[models.RestAuthenticationOauthSecretScheduling]](../models/restauthenticationoauthsecretscheduling.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `password` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =. | +| `get_auth_token_from_header` | *Optional[bool]* | :heavy_minus_sign: | Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response | +| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | +| `template_client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime. | +| `scopes` | List[*str*] | :heavy_minus_sign: | Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information. | +| `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | +| `template_service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime. | +| `subject` | *Optional[str]* | :heavy_minus_sign: | Email address of a user account with Super Admin permissions to the resources the collector will retrieve | +| `template_subject` | *Optional[str]* | :heavy_minus_sign: | Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime. | +| `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | +| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodget.md index 925d4a93e..783cb4d07 100644 --- a/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodget.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodother.md b/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodother.md index b1137a3ca..d0869e643 100644 --- a/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodother.md +++ b/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodother.md @@ -18,5 +18,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpost.md index e38e53f89..05247bfcf 100644 --- a/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpost.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index 6110a6c22..7b3e80dce 100644 --- a/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypejson.md b/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypejson.md index 82442d978..ced56fe30 100644 --- a/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypejson.md +++ b/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypejson.md @@ -3,15 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restauthenticationoauthsecretrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restauthenticationoauthsecretrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypelist.md b/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypelist.md index 2815af0af..0378d001b 100644 --- a/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypelist.md +++ b/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypelist.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeListDiscoverType](../models/restauthenticationoauthsecretrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeListDiscoverType](../models/restauthenticationoauthsecretrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file diff --git a/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypenone.md b/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypenone.md index 5432aebf7..1474e088c 100644 --- a/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypenone.md +++ b/docs/models/restauthenticationoauthsecretrestdiscoverydiscovertypenone.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restauthenticationoauthsecretrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restauthenticationoauthsecretrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restauthenticationoauthsecretrestpaginationtypenone.md b/docs/models/restauthenticationoauthsecretrestpaginationtypenone.md index 9d47a1e85..89a478b9b 100644 --- a/docs/models/restauthenticationoauthsecretrestpaginationtypenone.md +++ b/docs/models/restauthenticationoauthsecretrestpaginationtypenone.md @@ -6,6 +6,7 @@ | Field | Type | Required | Description | | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `type` | [models.PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination](../models/paginationoptionsrestdiscoverydiscovertypehttppagination.md) | :heavy_check_mark: | N/A | +| `max_pages` | *Optional[float]* | :heavy_minus_sign: | Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages. | | `last_page_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section. | | `next_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the next page in the result set. Example: rel="next" refers to the next page of results: ; rel="next" | | `cur_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the current result set. Example: rel="self" refers to the current page of results: ; rel="self" | @@ -13,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationoauthsecretrestpaginationtyperesponsebody.md b/docs/models/restauthenticationoauthsecretrestpaginationtyperesponsebody.md index 3b10239cd..f29aa996d 100644 --- a/docs/models/restauthenticationoauthsecretrestpaginationtyperesponsebody.md +++ b/docs/models/restauthenticationoauthsecretrestpaginationtyperesponsebody.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationoauthsecretrestpaginationtyperesponseheader.md b/docs/models/restauthenticationoauthsecretrestpaginationtyperesponseheader.md index 39d11dd69..8c27d697c 100644 --- a/docs/models/restauthenticationoauthsecretrestpaginationtyperesponseheader.md +++ b/docs/models/restauthenticationoauthsecretrestpaginationtyperesponseheader.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restauthenticationoauthsecretrestpaginationtyperesponseheaderlink.md b/docs/models/restauthenticationoauthsecretrestpaginationtyperesponseheaderlink.md index d63882275..990d42565 100644 --- a/docs/models/restauthenticationoauthsecretrestpaginationtyperesponseheaderlink.md +++ b/docs/models/restauthenticationoauthsecretrestpaginationtyperesponseheaderlink.md @@ -14,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restcollectmethodget.md b/docs/models/restcollectmethodget.md index b97973af6..e463193c5 100644 --- a/docs/models/restcollectmethodget.md +++ b/docs/models/restcollectmethodget.md @@ -3,28 +3,49 @@ ## Fields -| Field | Type | Required | Description | -| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `collect_method` | [models.RestCollectMethodGetCollectMethod](../models/restcollectmethodgetcollectmethod.md) | :heavy_check_mark: | N/A | -| `collect_request_params` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `discovery` | [Optional[models.RestCollectMethodGetDiscovery]](../models/restcollectmethodgetdiscovery.md) | :heavy_minus_sign: | N/A | -| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | -| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.RestCollectMethodGetPagination]](../models/restcollectmethodgetpagination.md) | :heavy_minus_sign: | N/A | -| `authentication` | [models.RestCollectMethodGetAuthentication](../models/restcollectmethodgetauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | -| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | -| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | -| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | -| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | -| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | -| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | -| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | -| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | -| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | -| `retry_rules` | [Optional[models.RestCollectMethodGetRetryRules]](../models/restcollectmethodgetretryrules.md) | :heavy_minus_sign: | N/A | -| `microsoft_graph_delta` | [Optional[models.RestCollectMethodGetMicrosoftGraphDelta]](../models/restcollectmethodgetmicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | -| `scheduling` | [Optional[models.RestCollectMethodGetScheduling]](../models/restcollectmethodgetscheduling.md) | :heavy_minus_sign: | N/A | -| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | -| `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | -| `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | -| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `collect_method` | [models.RestCollectMethodGetCollectMethod](../models/restcollectmethodgetcollectmethod.md) | :heavy_check_mark: | N/A | +| `collect_request_params` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `discovery` | [Optional[models.RestCollectMethodGetDiscovery]](../models/restcollectmethodgetdiscovery.md) | :heavy_minus_sign: | N/A | +| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | +| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.RestCollectMethodGetPagination]](../models/restcollectmethodgetpagination.md) | :heavy_minus_sign: | N/A | +| `authentication` | [models.RestCollectMethodGetAuthentication](../models/restcollectmethodgetauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | +| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | +| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | +| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | +| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | +| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | +| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | +| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | +| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | +| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | +| `retry_rules` | [Optional[models.RestCollectMethodGetRetryRules]](../models/restcollectmethodgetretryrules.md) | :heavy_minus_sign: | N/A | +| `microsoft_graph_delta` | [Optional[models.RestCollectMethodGetMicrosoftGraphDelta]](../models/restcollectmethodgetmicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | +| `scheduling` | [Optional[models.RestCollectMethodGetScheduling]](../models/restcollectmethodgetscheduling.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `password` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | +| `login_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for login API call. This call is expected to be a POST. | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =. | +| `get_auth_token_from_header` | *Optional[bool]* | :heavy_minus_sign: | Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response | +| `auth_header_key` | *Optional[str]* | :heavy_minus_sign: | Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'. | +| `auth_header_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login. | +| `auth_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `client_secret_param_name` | *Optional[str]* | :heavy_minus_sign: | Defaults to 'client_secret'. Automatically added to request parameters using the value specified. | +| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | +| `template_client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime. | +| `auth_request_params` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value | +| `scopes` | List[*str*] | :heavy_minus_sign: | Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information. | +| `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | +| `template_service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime. | +| `subject` | *Optional[str]* | :heavy_minus_sign: | Email address of a user account with Super Admin permissions to the resources the collector will retrieve | +| `template_subject` | *Optional[str]* | :heavy_minus_sign: | Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime. | +| `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | +| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodget.md index 71cf52221..4fab100d0 100644 --- a/docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodget.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodother.md b/docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodother.md index f0f54f461..8f6b2c262 100644 --- a/docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodother.md +++ b/docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodother.md @@ -18,5 +18,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodpost.md index 32cf197e0..d07f93fb5 100644 --- a/docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodpost.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index adba406d6..f918226af 100644 --- a/docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/restcollectmethodgetrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodgetrestdiscoverydiscovertypejson.md b/docs/models/restcollectmethodgetrestdiscoverydiscovertypejson.md index 502f658fe..924744f15 100644 --- a/docs/models/restcollectmethodgetrestdiscoverydiscovertypejson.md +++ b/docs/models/restcollectmethodgetrestdiscoverydiscovertypejson.md @@ -3,15 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestCollectMethodGetRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restcollectmethodgetrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestCollectMethodGetRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restcollectmethodgetrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodgetrestdiscoverydiscovertypelist.md b/docs/models/restcollectmethodgetrestdiscoverydiscovertypelist.md index b6f4c0741..795285ea8 100644 --- a/docs/models/restcollectmethodgetrestdiscoverydiscovertypelist.md +++ b/docs/models/restcollectmethodgetrestdiscoverydiscovertypelist.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestCollectMethodGetRestDiscoveryDiscoverTypeListDiscoverType](../models/restcollectmethodgetrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestCollectMethodGetRestDiscoveryDiscoverTypeListDiscoverType](../models/restcollectmethodgetrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file diff --git a/docs/models/restcollectmethodgetrestdiscoverydiscovertypenone.md b/docs/models/restcollectmethodgetrestdiscoverydiscovertypenone.md index 523c42434..a7153a387 100644 --- a/docs/models/restcollectmethodgetrestdiscoverydiscovertypenone.md +++ b/docs/models/restcollectmethodgetrestdiscoverydiscovertypenone.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestCollectMethodGetRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restcollectmethodgetrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestCollectMethodGetRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restcollectmethodgetrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodgetrestpaginationtypenone.md b/docs/models/restcollectmethodgetrestpaginationtypenone.md index 4e34be11d..b6641c8ea 100644 --- a/docs/models/restcollectmethodgetrestpaginationtypenone.md +++ b/docs/models/restcollectmethodgetrestpaginationtypenone.md @@ -6,6 +6,7 @@ | Field | Type | Required | Description | | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `type` | [models.PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination](../models/paginationoptionsrestdiscoverydiscovertypehttppagination.md) | :heavy_check_mark: | N/A | +| `max_pages` | *Optional[float]* | :heavy_minus_sign: | Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages. | | `last_page_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section. | | `next_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the next page in the result set. Example: rel="next" refers to the next page of results: ; rel="next" | | `cur_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the current result set. Example: rel="self" refers to the current page of results: ; rel="self" | @@ -13,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restcollectmethodgetrestpaginationtyperesponsebody.md b/docs/models/restcollectmethodgetrestpaginationtyperesponsebody.md index 5f91ce75e..67ae99a55 100644 --- a/docs/models/restcollectmethodgetrestpaginationtyperesponsebody.md +++ b/docs/models/restcollectmethodgetrestpaginationtyperesponsebody.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restcollectmethodgetrestpaginationtyperesponseheader.md b/docs/models/restcollectmethodgetrestpaginationtyperesponseheader.md index c34ed5781..7e7e86d48 100644 --- a/docs/models/restcollectmethodgetrestpaginationtyperesponseheader.md +++ b/docs/models/restcollectmethodgetrestpaginationtyperesponseheader.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restcollectmethodgetrestpaginationtyperesponseheaderlink.md b/docs/models/restcollectmethodgetrestpaginationtyperesponseheaderlink.md index da9228c1f..071fc6220 100644 --- a/docs/models/restcollectmethodgetrestpaginationtyperesponseheaderlink.md +++ b/docs/models/restcollectmethodgetrestpaginationtyperesponseheaderlink.md @@ -14,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restcollectmethodother.md b/docs/models/restcollectmethodother.md index 9f8839ab0..aae06df03 100644 --- a/docs/models/restcollectmethodother.md +++ b/docs/models/restcollectmethodother.md @@ -3,30 +3,51 @@ ## Fields -| Field | Type | Required | Description | -| ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `collect_method` | [models.RestCollectMethodOtherCollectMethod](../models/restcollectmethodothercollectmethod.md) | :heavy_check_mark: | N/A | -| `collect_verb` | *str* | :heavy_check_mark: | Custom HTTP method to use for the Collect operation | -| `collect_body` | *Optional[str]* | :heavy_minus_sign: | Template for body to send with the Collect request. Reference global variables, functions, or parameters from the Discover response using template parameters: `${C.vars.myVar}`, or `${Date.now()}`, `${param}` | -| `collect_request_params` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `discovery` | [Optional[models.RestCollectMethodOtherDiscovery]](../models/restcollectmethodotherdiscovery.md) | :heavy_minus_sign: | N/A | -| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | -| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.RestCollectMethodOtherPagination]](../models/restcollectmethodotherpagination.md) | :heavy_minus_sign: | N/A | -| `authentication` | [models.RestCollectMethodOtherAuthentication](../models/restcollectmethodotherauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | -| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | -| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | -| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | -| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | -| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | -| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | -| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | -| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | -| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | -| `retry_rules` | [Optional[models.RestCollectMethodOtherRetryRules]](../models/restcollectmethodotherretryrules.md) | :heavy_minus_sign: | N/A | -| `microsoft_graph_delta` | [Optional[models.RestCollectMethodOtherMicrosoftGraphDelta]](../models/restcollectmethodothermicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | -| `scheduling` | [Optional[models.RestCollectMethodOtherScheduling]](../models/restcollectmethodotherscheduling.md) | :heavy_minus_sign: | N/A | -| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | -| `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | -| `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | -| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `collect_method` | [models.RestCollectMethodOtherCollectMethod](../models/restcollectmethodothercollectmethod.md) | :heavy_check_mark: | N/A | +| `collect_verb` | *str* | :heavy_check_mark: | Custom HTTP method to use for the Collect operation | +| `collect_body` | *Optional[str]* | :heavy_minus_sign: | Template for body to send with the Collect request. Reference global variables, functions, or parameters from the Discover response using template parameters: `${C.vars.myVar}`, or `${Date.now()}`, `${param}` | +| `collect_request_params` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `discovery` | [Optional[models.RestCollectMethodOtherDiscovery]](../models/restcollectmethodotherdiscovery.md) | :heavy_minus_sign: | N/A | +| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | +| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.RestCollectMethodOtherPagination]](../models/restcollectmethodotherpagination.md) | :heavy_minus_sign: | N/A | +| `authentication` | [models.RestCollectMethodOtherAuthentication](../models/restcollectmethodotherauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | +| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | +| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | +| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | +| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | +| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | +| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | +| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | +| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | +| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | +| `retry_rules` | [Optional[models.RestCollectMethodOtherRetryRules]](../models/restcollectmethodotherretryrules.md) | :heavy_minus_sign: | N/A | +| `microsoft_graph_delta` | [Optional[models.RestCollectMethodOtherMicrosoftGraphDelta]](../models/restcollectmethodothermicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | +| `scheduling` | [Optional[models.RestCollectMethodOtherScheduling]](../models/restcollectmethodotherscheduling.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `password` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | +| `login_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for login API call. This call is expected to be a POST. | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =. | +| `get_auth_token_from_header` | *Optional[bool]* | :heavy_minus_sign: | Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response | +| `auth_header_key` | *Optional[str]* | :heavy_minus_sign: | Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'. | +| `auth_header_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login. | +| `auth_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `client_secret_param_name` | *Optional[str]* | :heavy_minus_sign: | Defaults to 'client_secret'. Automatically added to request parameters using the value specified. | +| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | +| `template_client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime. | +| `auth_request_params` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value | +| `scopes` | List[*str*] | :heavy_minus_sign: | Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information. | +| `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | +| `template_service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime. | +| `subject` | *Optional[str]* | :heavy_minus_sign: | Email address of a user account with Super Admin permissions to the resources the collector will retrieve | +| `template_subject` | *Optional[str]* | :heavy_minus_sign: | Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime. | +| `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | +| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodget.md index f9dfdf321..c011645e5 100644 --- a/docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodget.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodother.md b/docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodother.md index 775eff302..657778fe1 100644 --- a/docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodother.md +++ b/docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodother.md @@ -18,5 +18,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodpost.md index 89cc3ff77..9abc9c0cc 100644 --- a/docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodpost.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index 21f54e97a..6274cbbda 100644 --- a/docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/restcollectmethodotherrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodotherrestdiscoverydiscovertypejson.md b/docs/models/restcollectmethodotherrestdiscoverydiscovertypejson.md index 5e943f4c8..7457763cd 100644 --- a/docs/models/restcollectmethodotherrestdiscoverydiscovertypejson.md +++ b/docs/models/restcollectmethodotherrestdiscoverydiscovertypejson.md @@ -3,15 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestCollectMethodOtherRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restcollectmethodotherrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestCollectMethodOtherRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restcollectmethodotherrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodotherrestdiscoverydiscovertypelist.md b/docs/models/restcollectmethodotherrestdiscoverydiscovertypelist.md index cf1d36b60..20b96bebf 100644 --- a/docs/models/restcollectmethodotherrestdiscoverydiscovertypelist.md +++ b/docs/models/restcollectmethodotherrestdiscoverydiscovertypelist.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestCollectMethodOtherRestDiscoveryDiscoverTypeListDiscoverType](../models/restcollectmethodotherrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestCollectMethodOtherRestDiscoveryDiscoverTypeListDiscoverType](../models/restcollectmethodotherrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file diff --git a/docs/models/restcollectmethodotherrestdiscoverydiscovertypenone.md b/docs/models/restcollectmethodotherrestdiscoverydiscovertypenone.md index bbc4f4d61..8170159b8 100644 --- a/docs/models/restcollectmethodotherrestdiscoverydiscovertypenone.md +++ b/docs/models/restcollectmethodotherrestdiscoverydiscovertypenone.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestCollectMethodOtherRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restcollectmethodotherrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestCollectMethodOtherRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restcollectmethodotherrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodotherrestpaginationtypenone.md b/docs/models/restcollectmethodotherrestpaginationtypenone.md index 54a4e830e..45660ef8a 100644 --- a/docs/models/restcollectmethodotherrestpaginationtypenone.md +++ b/docs/models/restcollectmethodotherrestpaginationtypenone.md @@ -6,6 +6,7 @@ | Field | Type | Required | Description | | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `type` | [models.PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination](../models/paginationoptionsrestdiscoverydiscovertypehttppagination.md) | :heavy_check_mark: | N/A | +| `max_pages` | *Optional[float]* | :heavy_minus_sign: | Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages. | | `last_page_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section. | | `next_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the next page in the result set. Example: rel="next" refers to the next page of results: ; rel="next" | | `cur_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the current result set. Example: rel="self" refers to the current page of results: ; rel="self" | @@ -13,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restcollectmethodotherrestpaginationtyperesponsebody.md b/docs/models/restcollectmethodotherrestpaginationtyperesponsebody.md index a17c6112a..37099250c 100644 --- a/docs/models/restcollectmethodotherrestpaginationtyperesponsebody.md +++ b/docs/models/restcollectmethodotherrestpaginationtyperesponsebody.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restcollectmethodotherrestpaginationtyperesponseheader.md b/docs/models/restcollectmethodotherrestpaginationtyperesponseheader.md index 19e099670..32953cd03 100644 --- a/docs/models/restcollectmethodotherrestpaginationtyperesponseheader.md +++ b/docs/models/restcollectmethodotherrestpaginationtyperesponseheader.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restcollectmethodotherrestpaginationtyperesponseheaderlink.md b/docs/models/restcollectmethodotherrestpaginationtyperesponseheaderlink.md index 90a2dcd30..d44555b30 100644 --- a/docs/models/restcollectmethodotherrestpaginationtyperesponseheaderlink.md +++ b/docs/models/restcollectmethodotherrestpaginationtyperesponseheaderlink.md @@ -14,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restcollectmethodpost.md b/docs/models/restcollectmethodpost.md index 5de10863f..bec34adc6 100644 --- a/docs/models/restcollectmethodpost.md +++ b/docs/models/restcollectmethodpost.md @@ -3,28 +3,49 @@ ## Fields -| Field | Type | Required | Description | -| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `collect_method` | [models.RestCollectMethodPostCollectMethod](../models/restcollectmethodpostcollectmethod.md) | :heavy_check_mark: | N/A | -| `collect_request_params` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `discovery` | [Optional[models.RestCollectMethodPostDiscovery]](../models/restcollectmethodpostdiscovery.md) | :heavy_minus_sign: | N/A | -| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | -| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.RestCollectMethodPostPagination]](../models/restcollectmethodpostpagination.md) | :heavy_minus_sign: | N/A | -| `authentication` | [models.RestCollectMethodPostAuthentication](../models/restcollectmethodpostauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | -| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | -| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | -| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | -| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | -| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | -| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | -| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | -| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | -| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | -| `retry_rules` | [Optional[models.RestCollectMethodPostRetryRules]](../models/restcollectmethodpostretryrules.md) | :heavy_minus_sign: | N/A | -| `microsoft_graph_delta` | [Optional[models.RestCollectMethodPostMicrosoftGraphDelta]](../models/restcollectmethodpostmicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | -| `scheduling` | [Optional[models.RestCollectMethodPostScheduling]](../models/restcollectmethodpostscheduling.md) | :heavy_minus_sign: | N/A | -| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | -| `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | -| `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | -| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `collect_method` | [models.RestCollectMethodPostCollectMethod](../models/restcollectmethodpostcollectmethod.md) | :heavy_check_mark: | N/A | +| `collect_request_params` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `discovery` | [Optional[models.RestCollectMethodPostDiscovery]](../models/restcollectmethodpostdiscovery.md) | :heavy_minus_sign: | N/A | +| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | +| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.RestCollectMethodPostPagination]](../models/restcollectmethodpostpagination.md) | :heavy_minus_sign: | N/A | +| `authentication` | [models.RestCollectMethodPostAuthentication](../models/restcollectmethodpostauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | +| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | +| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | +| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | +| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | +| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | +| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | +| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | +| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | +| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | +| `retry_rules` | [Optional[models.RestCollectMethodPostRetryRules]](../models/restcollectmethodpostretryrules.md) | :heavy_minus_sign: | N/A | +| `microsoft_graph_delta` | [Optional[models.RestCollectMethodPostMicrosoftGraphDelta]](../models/restcollectmethodpostmicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | +| `scheduling` | [Optional[models.RestCollectMethodPostScheduling]](../models/restcollectmethodpostscheduling.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `password` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | +| `login_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for login API call. This call is expected to be a POST. | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =. | +| `get_auth_token_from_header` | *Optional[bool]* | :heavy_minus_sign: | Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response | +| `auth_header_key` | *Optional[str]* | :heavy_minus_sign: | Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'. | +| `auth_header_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login. | +| `auth_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `client_secret_param_name` | *Optional[str]* | :heavy_minus_sign: | Defaults to 'client_secret'. Automatically added to request parameters using the value specified. | +| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | +| `template_client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime. | +| `auth_request_params` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value | +| `scopes` | List[*str*] | :heavy_minus_sign: | Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information. | +| `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | +| `template_service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime. | +| `subject` | *Optional[str]* | :heavy_minus_sign: | Email address of a user account with Super Admin permissions to the resources the collector will retrieve | +| `template_subject` | *Optional[str]* | :heavy_minus_sign: | Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime. | +| `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | +| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodget.md index 94be1ba97..fef84e579 100644 --- a/docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodget.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodother.md b/docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodother.md index 33c4b8a8e..3e3c2826e 100644 --- a/docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodother.md +++ b/docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodother.md @@ -18,5 +18,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodpost.md index c1554665d..08b8f040c 100644 --- a/docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodpost.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index 96296cea7..51926e5bd 100644 --- a/docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/restcollectmethodpostrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodpostrestdiscoverydiscovertypejson.md b/docs/models/restcollectmethodpostrestdiscoverydiscovertypejson.md index 6beabf055..9a571531b 100644 --- a/docs/models/restcollectmethodpostrestdiscoverydiscovertypejson.md +++ b/docs/models/restcollectmethodpostrestdiscoverydiscovertypejson.md @@ -3,15 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestCollectMethodPostRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restcollectmethodpostrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestCollectMethodPostRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restcollectmethodpostrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodpostrestdiscoverydiscovertypelist.md b/docs/models/restcollectmethodpostrestdiscoverydiscovertypelist.md index faaa7152d..f0e8c4f8d 100644 --- a/docs/models/restcollectmethodpostrestdiscoverydiscovertypelist.md +++ b/docs/models/restcollectmethodpostrestdiscoverydiscovertypelist.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestCollectMethodPostRestDiscoveryDiscoverTypeListDiscoverType](../models/restcollectmethodpostrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestCollectMethodPostRestDiscoveryDiscoverTypeListDiscoverType](../models/restcollectmethodpostrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file diff --git a/docs/models/restcollectmethodpostrestdiscoverydiscovertypenone.md b/docs/models/restcollectmethodpostrestdiscoverydiscovertypenone.md index fd9b84b95..030b93637 100644 --- a/docs/models/restcollectmethodpostrestdiscoverydiscovertypenone.md +++ b/docs/models/restcollectmethodpostrestdiscoverydiscovertypenone.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestCollectMethodPostRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restcollectmethodpostrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestCollectMethodPostRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restcollectmethodpostrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodpostrestpaginationtypenone.md b/docs/models/restcollectmethodpostrestpaginationtypenone.md index e33175c46..00f4192e1 100644 --- a/docs/models/restcollectmethodpostrestpaginationtypenone.md +++ b/docs/models/restcollectmethodpostrestpaginationtypenone.md @@ -6,6 +6,7 @@ | Field | Type | Required | Description | | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `type` | [models.PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination](../models/paginationoptionsrestdiscoverydiscovertypehttppagination.md) | :heavy_check_mark: | N/A | +| `max_pages` | *Optional[float]* | :heavy_minus_sign: | Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages. | | `last_page_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section. | | `next_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the next page in the result set. Example: rel="next" refers to the next page of results: ; rel="next" | | `cur_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the current result set. Example: rel="self" refers to the current page of results: ; rel="self" | @@ -13,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restcollectmethodpostrestpaginationtyperesponsebody.md b/docs/models/restcollectmethodpostrestpaginationtyperesponsebody.md index bef8c3c89..86782e11f 100644 --- a/docs/models/restcollectmethodpostrestpaginationtyperesponsebody.md +++ b/docs/models/restcollectmethodpostrestpaginationtyperesponsebody.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restcollectmethodpostrestpaginationtyperesponseheader.md b/docs/models/restcollectmethodpostrestpaginationtyperesponseheader.md index 1e0eacc4b..678714aa7 100644 --- a/docs/models/restcollectmethodpostrestpaginationtyperesponseheader.md +++ b/docs/models/restcollectmethodpostrestpaginationtyperesponseheader.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restcollectmethodpostrestpaginationtyperesponseheaderlink.md b/docs/models/restcollectmethodpostrestpaginationtyperesponseheaderlink.md index 9558f4cfb..4d578aec0 100644 --- a/docs/models/restcollectmethodpostrestpaginationtyperesponseheaderlink.md +++ b/docs/models/restcollectmethodpostrestpaginationtyperesponseheaderlink.md @@ -14,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restcollectmethodpostwithbody.md b/docs/models/restcollectmethodpostwithbody.md index d95be8008..ca005b016 100644 --- a/docs/models/restcollectmethodpostwithbody.md +++ b/docs/models/restcollectmethodpostwithbody.md @@ -3,28 +3,49 @@ ## Fields -| Field | Type | Required | Description | -| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `collect_method` | [models.RestCollectMethodPostWithBodyCollectMethod](../models/restcollectmethodpostwithbodycollectmethod.md) | :heavy_check_mark: | N/A | -| `collect_body` | *str* | :heavy_check_mark: | Template for POST body to send with the Collect request. Reference global variables, functions, or parameters from the Discover response using template params: `${C.vars.myVar}`, or `${Date.now()}`, `${param}` | -| `discovery` | [Optional[models.RestCollectMethodPostWithBodyDiscovery]](../models/restcollectmethodpostwithbodydiscovery.md) | :heavy_minus_sign: | N/A | -| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | -| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.RestCollectMethodPostWithBodyPagination]](../models/restcollectmethodpostwithbodypagination.md) | :heavy_minus_sign: | N/A | -| `authentication` | [models.RestCollectMethodPostWithBodyAuthentication](../models/restcollectmethodpostwithbodyauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | -| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | -| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | -| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | -| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | -| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | -| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | -| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | -| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | -| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | -| `retry_rules` | [Optional[models.RestCollectMethodPostWithBodyRetryRules]](../models/restcollectmethodpostwithbodyretryrules.md) | :heavy_minus_sign: | N/A | -| `microsoft_graph_delta` | [Optional[models.RestCollectMethodPostWithBodyMicrosoftGraphDelta]](../models/restcollectmethodpostwithbodymicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | -| `scheduling` | [Optional[models.RestCollectMethodPostWithBodyScheduling]](../models/restcollectmethodpostwithbodyscheduling.md) | :heavy_minus_sign: | N/A | -| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | -| `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | -| `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | -| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file +| Field | Type | Required | Description | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `collect_method` | [models.RestCollectMethodPostWithBodyCollectMethod](../models/restcollectmethodpostwithbodycollectmethod.md) | :heavy_check_mark: | N/A | +| `collect_body` | *str* | :heavy_check_mark: | Template for POST body to send with the Collect request. Reference global variables, functions, or parameters from the Discover response using template params: `${C.vars.myVar}`, or `${Date.now()}`, `${param}` | +| `discovery` | [Optional[models.RestCollectMethodPostWithBodyDiscovery]](../models/restcollectmethodpostwithbodydiscovery.md) | :heavy_minus_sign: | N/A | +| `collect_url` | *str* | :heavy_check_mark: | URL (constant or JavaScript expression) to use for the Collect operation | +| `collect_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.RestCollectMethodPostWithBodyPagination]](../models/restcollectmethodpostwithbodypagination.md) | :heavy_minus_sign: | N/A | +| `authentication` | [models.RestCollectMethodPostWithBodyAuthentication](../models/restcollectmethodpostwithbodyauthentication.md) | :heavy_check_mark: | Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers. | +| `timeout` | *Optional[float]* | :heavy_minus_sign: | HTTP request inactivity timeout. Use 0 to disable. | +| `max_response_body_size` | *Optional[str]* | :heavy_minus_sign: | Maximum amount of data to buffer from a single response body. Responses exceeding this limit will be rejected. Maximum allowed value is 512 MB. Leave unset to rely on default error handling. | +| `use_round_robin_dns` | *Optional[bool]* | :heavy_minus_sign: | Use round-robin DNS lookup. Suitable when DNS server returns multiple addresses in sort order. | +| `disable_time_filter` | *Optional[bool]* | :heavy_minus_sign: | Disable Collector event time filtering when a date range is specified | +| `decode_url` | *Optional[bool]* | :heavy_minus_sign: | Decode the URL before sending requests (including pagination requests) | +| `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | +| `capture_headers` | *Optional[bool]* | :heavy_minus_sign: | Enable to add response headers to the resHeaders field under the __collectible object | +| `stop_on_empty_results` | *Optional[bool]* | :heavy_minus_sign: | Stop pagination when the Event Breaker produces no events | +| `safe_headers` | List[*str*] | :heavy_minus_sign: | List of headers that are safe to log in plain text | +| `retry_rules` | [Optional[models.RestCollectMethodPostWithBodyRetryRules]](../models/restcollectmethodpostwithbodyretryrules.md) | :heavy_minus_sign: | N/A | +| `microsoft_graph_delta` | [Optional[models.RestCollectMethodPostWithBodyMicrosoftGraphDelta]](../models/restcollectmethodpostwithbodymicrosoftgraphdelta.md) | :heavy_minus_sign: | Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable. | +| `scheduling` | [Optional[models.RestCollectMethodPostWithBodyScheduling]](../models/restcollectmethodpostwithbodyscheduling.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_username` | *Optional[str]* | :heavy_minus_sign: | Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime. | +| `password` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `template_password` | *Optional[str]* | :heavy_minus_sign: | Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime. | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | +| `login_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for login API call. This call is expected to be a POST. | +| `template_login_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime. | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =. | +| `get_auth_token_from_header` | *Optional[bool]* | :heavy_minus_sign: | Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response | +| `auth_header_key` | *Optional[str]* | :heavy_minus_sign: | Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'. | +| `auth_header_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login. | +| `auth_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header. | +| `client_secret_param_name` | *Optional[str]* | :heavy_minus_sign: | Defaults to 'client_secret'. Automatically added to request parameters using the value specified. | +| `client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters. | +| `template_client_secret_param_value` | *Optional[str]* | :heavy_minus_sign: | Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime. | +| `auth_request_params` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded. | +| `text_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a text secret that contains the client secret's value | +| `scopes` | List[*str*] | :heavy_minus_sign: | Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information. | +| `service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right. | +| `template_service_account_credentials` | *Optional[str]* | :heavy_minus_sign: | Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime. | +| `subject` | *Optional[str]* | :heavy_minus_sign: | Email address of a user account with Super Admin permissions to the resources the collector will retrieve | +| `template_subject` | *Optional[str]* | :heavy_minus_sign: | Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime. | +| `hmac_function_id` | *Optional[str]* | :heavy_minus_sign: | Select or create an HMAC Function to use with authentication | +| `template_collect_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime. | \ No newline at end of file diff --git a/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodget.md b/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodget.md index df4a09043..802e940aa 100644 --- a/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodget.md +++ b/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodget.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodother.md b/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodother.md index 4dfdc1f1e..d58111406 100644 --- a/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodother.md +++ b/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodother.md @@ -18,5 +18,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodpost.md b/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodpost.md index c17d996c2..f151963a5 100644 --- a/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodpost.md +++ b/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodpost.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md b/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md index 806167765..de87c0539 100644 --- a/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md +++ b/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypehttpdiscovermethodpostwithbody.md @@ -16,5 +16,6 @@ | `discover_response_format` | *Optional[str]* | :heavy_minus_sign: | If 'Strict discover response parsing' parsing is enabled, provide the response format | | `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | | `format_result_code` | *Optional[str]* | :heavy_minus_sign: | Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | | `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | | `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypejson.md b/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypejson.md index 06e6aa2c2..55b3bf0d7 100644 --- a/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypejson.md +++ b/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypejson.md @@ -3,15 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restcollectmethodpostwithbodyrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] } | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeJSONDiscoverType](../models/restcollectmethodpostwithbodyrestdiscoverydiscovertypejsondiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `manual_discover_result` | *str* | :heavy_check_mark: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypelist.md b/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypelist.md index 0e3dee02e..1a895008e 100644 --- a/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypelist.md +++ b/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypelist.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeListDiscoverType](../models/restcollectmethodpostwithbodyrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeListDiscoverType](../models/restcollectmethodpostwithbodyrestdiscoverydiscovertypelistdiscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `item_list` | List[*str*] | :heavy_check_mark: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | \ No newline at end of file diff --git a/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypenone.md b/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypenone.md index c85f08fff..f01bd5bce 100644 --- a/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypenone.md +++ b/docs/models/restcollectmethodpostwithbodyrestdiscoverydiscovertypenone.md @@ -3,14 +3,16 @@ ## Fields -| Field | Type | Required | Description | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `discover_type` | [models.RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restcollectmethodpostwithbodyrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | -| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | -| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | -| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | -| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | -| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | -| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file +| Field | Type | Required | Description | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `discover_type` | [models.RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeNoneDiscoverType](../models/restcollectmethodpostwithbodyrestdiscoverydiscovertypenonediscovertype.md) | :heavy_check_mark: | Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task. | +| `discover_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL. | +| `template_discover_url` | *Optional[str]* | :heavy_minus_sign: | Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime. | +| `discover_method` | [Optional[models.DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP]](../models/discovermethodoptionsrestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_request_headers` | List[[models.CollectRequestParamConfRestCollectMethodGet](../models/collectrequestparamconfrestcollectmethodget.md)] | :heavy_minus_sign: | N/A | +| `pagination` | [Optional[models.PaginationTypeRestDiscoveryDiscoverTypeHTTP]](../models/paginationtyperestdiscoverydiscovertypehttp.md) | :heavy_minus_sign: | N/A | +| `discover_data_field` | *Optional[str]* | :heavy_minus_sign: | Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array. | +| `enable_strict_discover_parsing` | *Optional[bool]* | :heavy_minus_sign: | Explicitly set the discover response format. When disabled, best effort parsing is used. | +| `enable_discover_code` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `manual_discover_result` | *Optional[str]* | :heavy_minus_sign: | Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field. | +| `item_list` | List[*str*] | :heavy_minus_sign: | Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters. | \ No newline at end of file diff --git a/docs/models/restcollectmethodpostwithbodyrestpaginationtypenone.md b/docs/models/restcollectmethodpostwithbodyrestpaginationtypenone.md index a35c263bf..4aaadff1d 100644 --- a/docs/models/restcollectmethodpostwithbodyrestpaginationtypenone.md +++ b/docs/models/restcollectmethodpostwithbodyrestpaginationtypenone.md @@ -6,6 +6,7 @@ | Field | Type | Required | Description | | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `type` | [models.PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination](../models/paginationoptionsrestdiscoverydiscovertypehttppagination.md) | :heavy_check_mark: | N/A | +| `max_pages` | *Optional[float]* | :heavy_minus_sign: | Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages. | | `last_page_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section. | | `next_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the next page in the result set. Example: rel="next" refers to the next page of results: ; rel="next" | | `cur_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the current result set. Example: rel="self" refers to the current page of results: ; rel="self" | @@ -13,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restcollectmethodpostwithbodyrestpaginationtyperesponsebody.md b/docs/models/restcollectmethodpostwithbodyrestpaginationtyperesponsebody.md index 17624d32d..5932a31f4 100644 --- a/docs/models/restcollectmethodpostwithbodyrestpaginationtyperesponsebody.md +++ b/docs/models/restcollectmethodpostwithbodyrestpaginationtyperesponsebody.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restcollectmethodpostwithbodyrestpaginationtyperesponseheader.md b/docs/models/restcollectmethodpostwithbodyrestpaginationtyperesponseheader.md index 5b5dd7304..3f1a0ce42 100644 --- a/docs/models/restcollectmethodpostwithbodyrestpaginationtyperesponseheader.md +++ b/docs/models/restcollectmethodpostwithbodyrestpaginationtyperesponseheader.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restcollectmethodpostwithbodyrestpaginationtyperesponseheaderlink.md b/docs/models/restcollectmethodpostwithbodyrestpaginationtyperesponseheaderlink.md index 5fee3dca6..29d4c21a7 100644 --- a/docs/models/restcollectmethodpostwithbodyrestpaginationtyperesponseheaderlink.md +++ b/docs/models/restcollectmethodpostwithbodyrestpaginationtyperesponseheaderlink.md @@ -14,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start collection from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to collect per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start collection from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restdiscoverydiscovertypehttppaginationtypenone.md b/docs/models/restdiscoverydiscovertypehttppaginationtypenone.md index d2818fb2e..5940d63c6 100644 --- a/docs/models/restdiscoverydiscovertypehttppaginationtypenone.md +++ b/docs/models/restdiscoverydiscovertypehttppaginationtypenone.md @@ -6,6 +6,7 @@ | Field | Type | Required | Description | | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `type` | [models.PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination](../models/paginationoptionsrestdiscoverydiscovertypehttppagination.md) | :heavy_check_mark: | N/A | +| `max_pages` | *Optional[float]* | :heavy_minus_sign: | Maximum number of pages to retrieve for the discover task. Defaults to 50 pages. Set to 0 to retrieve all pages. | | `last_page_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section. | | `next_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the next page in the result set. Example: rel="next" refers to the next page of results: ; rel="next" | | `cur_relation_attribute` | *Optional[str]* | :heavy_minus_sign: | Relation name used in the link header that refers to the current result set. Example: rel="self" refers to the current page of results: ; rel="self" | @@ -13,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start discovery from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to retrieve per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start discovery from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restdiscoverydiscovertypehttppaginationtyperesponsebody.md b/docs/models/restdiscoverydiscovertypehttppaginationtyperesponsebody.md index 3063894ac..d642365b0 100644 --- a/docs/models/restdiscoverydiscovertypehttppaginationtyperesponsebody.md +++ b/docs/models/restdiscoverydiscovertypehttppaginationtyperesponsebody.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start discovery from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to retrieve per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start discovery from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restdiscoverydiscovertypehttppaginationtyperesponseheader.md b/docs/models/restdiscoverydiscovertypehttppaginationtyperesponseheader.md index f8e497fd5..009977556 100644 --- a/docs/models/restdiscoverydiscovertypehttppaginationtyperesponseheader.md +++ b/docs/models/restdiscoverydiscovertypehttppaginationtyperesponseheader.md @@ -15,6 +15,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start discovery from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to retrieve per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start discovery from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/restdiscoverydiscovertypehttppaginationtyperesponseheaderlink.md b/docs/models/restdiscoverydiscovertypehttppaginationtyperesponseheaderlink.md index ded48b2a8..2768a323d 100644 --- a/docs/models/restdiscoverydiscovertypehttppaginationtyperesponseheaderlink.md +++ b/docs/models/restdiscoverydiscovertypehttppaginationtyperesponseheaderlink.md @@ -14,6 +14,8 @@ | `offset` | *Optional[float]* | :heavy_minus_sign: | Offset index from which to start request. Defaults to undefined, which will start discovery from the first record. | | `limit_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0 | | `limit` | *Optional[float]* | :heavy_minus_sign: | Maximum number of records to retrieve per request | +| `total_record_field` | *Optional[str]* | :heavy_minus_sign: | Name of the attribute in the response that contains the total number of records for the query | +| `zero_indexed` | *Optional[bool]* | :heavy_minus_sign: | Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1. | | `page_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | | `page` | *Optional[float]* | :heavy_minus_sign: | Page number from which to start request. Defaults to undefined, which will start discovery from the first page. | | `size_field` | *Optional[str]* | :heavy_minus_sign: | Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&page_size=100&page_number=0 | diff --git a/docs/models/redisdeploymenttypeclusterrootnode.md b/docs/models/rootnodeconfredisdeploymenttypecluster.md similarity index 98% rename from docs/models/redisdeploymenttypeclusterrootnode.md rename to docs/models/rootnodeconfredisdeploymenttypecluster.md index 9d893c25a..8c4d60071 100644 --- a/docs/models/redisdeploymenttypeclusterrootnode.md +++ b/docs/models/rootnodeconfredisdeploymenttypecluster.md @@ -1,4 +1,4 @@ -# RedisDeploymentTypeClusterRootNode +# RootNodeConfRedisDeploymentTypeCluster ## Fields diff --git a/docs/models/runnablejobcollectionrun.md b/docs/models/runnablejobcollectionrun.md index 60fd10713..b562426ed 100644 --- a/docs/models/runnablejobcollectionrun.md +++ b/docs/models/runnablejobcollectionrun.md @@ -16,7 +16,7 @@ | `timestamp_timezone` | *Optional[str]* | :heavy_minus_sign: | Timezone to use for Earliest and Latest times | | `time_warning` | [Optional[models.BrokenEventProcessor]](../models/brokeneventprocessor.md) | :heavy_minus_sign: | N/A | | `expression` | *Optional[str]* | :heavy_minus_sign: | A filter for tokens in the provided collect path and/or the events being collected | -| `min_task_size` | *Optional[str]* | :heavy_minus_sign: | Limits the bundle size for small tasks. For example,


if your lower bundle size is 1MB, you can bundle up to five 200KB files into one task. | -| `max_task_size` | *Optional[str]* | :heavy_minus_sign: | Limits the bundle size for files above the lower task bundle size. For example, if your upper bundle size is 10MB,


you can bundle up to five 2MB files into one task. Files greater than this size will be assigned to individual tasks. | +| `min_task_size` | *Optional[str]* | :heavy_minus_sign: | Limits the bundle size for small tasks. For example,

if your lower bundle size is 1MB, you can bundle up to five 200KB files into one task. | +| `max_task_size` | *Optional[str]* | :heavy_minus_sign: | Limits the bundle size for files above the lower task bundle size. For example, if your upper bundle size is 10MB,

you can bundle up to five 2MB files into one task. Files greater than this size will be assigned to individual tasks. | | `discover_to_routes` | *Optional[bool]* | :heavy_minus_sign: | Send discover results to Routes | | `capture` | [Optional[models.CaptureSettings]](../models/capturesettings.md) | :heavy_minus_sign: | N/A | \ No newline at end of file diff --git a/docs/models/runsettingstyperunnablejobcollectionschedule.md b/docs/models/runsettingstyperunnablejobcollectionschedule.md index 58aff8d4c..9e11cbae7 100644 --- a/docs/models/runsettingstyperunnablejobcollectionschedule.md +++ b/docs/models/runsettingstyperunnablejobcollectionschedule.md @@ -17,5 +17,5 @@ | `timestamp_timezone` | *Optional[Any]* | :heavy_minus_sign: | N/A | | `time_warning` | [Optional[models.BrokenEventProcessor]](../models/brokeneventprocessor.md) | :heavy_minus_sign: | N/A | | `expression` | *Optional[str]* | :heavy_minus_sign: | A filter for tokens in the provided collect path and/or the events being collected | -| `min_task_size` | *Optional[str]* | :heavy_minus_sign: | Limits the bundle size for small tasks. For example,


if your lower bundle size is 1MB, you can bundle up to five 200KB files into one task. | -| `max_task_size` | *Optional[str]* | :heavy_minus_sign: | Limits the bundle size for files above the lower task bundle size. For example, if your upper bundle size is 10MB,


you can bundle up to five 2MB files into one task. Files greater than this size will be assigned to individual tasks. | \ No newline at end of file +| `min_task_size` | *Optional[str]* | :heavy_minus_sign: | Limits the bundle size for small tasks. For example,

if your lower bundle size is 1MB, you can bundle up to five 200KB files into one task. | +| `max_task_size` | *Optional[str]* | :heavy_minus_sign: | Limits the bundle size for files above the lower task bundle size. For example, if your upper bundle size is 10MB,

you can bundle up to five 2MB files into one task. Files greater than this size will be assigned to individual tasks. | \ No newline at end of file diff --git a/docs/models/runsettingstypesavedjobresponsecollectionschedule.md b/docs/models/runsettingstypesavedjobresponsecollectionschedule.md index 8b441dbb0..9784a610b 100644 --- a/docs/models/runsettingstypesavedjobresponsecollectionschedule.md +++ b/docs/models/runsettingstypesavedjobresponsecollectionschedule.md @@ -17,5 +17,5 @@ | `timestamp_timezone` | *Optional[Any]* | :heavy_minus_sign: | N/A | | `time_warning` | [Optional[models.BrokenEventProcessor]](../models/brokeneventprocessor.md) | :heavy_minus_sign: | N/A | | `expression` | *Optional[str]* | :heavy_minus_sign: | A filter for tokens in the provided collect path and/or the events being collected | -| `min_task_size` | *Optional[str]* | :heavy_minus_sign: | Limits the bundle size for small tasks. For example,


if your lower bundle size is 1MB, you can bundle up to five 200KB files into one task. | -| `max_task_size` | *Optional[str]* | :heavy_minus_sign: | Limits the bundle size for files above the lower task bundle size. For example, if your upper bundle size is 10MB,


you can bundle up to five 2MB files into one task. Files greater than this size will be assigned to individual tasks. | \ No newline at end of file +| `min_task_size` | *Optional[str]* | :heavy_minus_sign: | Limits the bundle size for small tasks. For example,

if your lower bundle size is 1MB, you can bundle up to five 200KB files into one task. | +| `max_task_size` | *Optional[str]* | :heavy_minus_sign: | Limits the bundle size for files above the lower task bundle size. For example, if your upper bundle size is 10MB,

you can bundle up to five 2MB files into one task. Files greater than this size will be assigned to individual tasks. | \ No newline at end of file diff --git a/docs/models/serdetypegrok.md b/docs/models/serdetypegrok.md index 760a483d9..c3e4b5da1 100644 --- a/docs/models/serdetypegrok.md +++ b/docs/models/serdetypegrok.md @@ -11,8 +11,12 @@ | `mode` | [models.SerdeTypeGrokOperationMode](../models/serdetypegrokoperationmode.md) | :heavy_check_mark: | Extract creates new fields. Reserialize extracts and filters fields, and then reserializes. | | `src_field` | *Optional[str]* | :heavy_minus_sign: | Field containing text to be parsed | | `dst_field` | *Optional[str]* | :heavy_minus_sign: | Name of the field to add fields to. Extract mode only. | +| `keep` | List[*str*] | :heavy_minus_sign: | List of fields to keep. Supports wildcards (*). Takes precedence over 'Fields to remove'. | +| `remove` | List[*str*] | :heavy_minus_sign: | List of fields to remove. Supports wildcards (*). Cannot remove fields that match 'Fields to keep'. | +| `field_filter_expr` | *Optional[str]* | :heavy_minus_sign: | Expression evaluated against {index, name, value} context. Return truthy to keep a field, or falsy to remove it. | | `allowed_key_chars` | List[*str*] | :heavy_minus_sign: | A list of characters that may be present in a key name, even though they are normally separator or control characters | | `allowed_value_chars` | List[*str*] | :heavy_minus_sign: | A list of characters that may be present in a value, even though they are normally separator or control characters | +| `fields` | List[*str*] | :heavy_minus_sign: | The fields to be extracted, listed in order. Will auto-generate if empty. | | `regex` | *Optional[str]* | :heavy_minus_sign: | Regex literal with named capturing groups, such as (?bar), or _NAME_ and _VALUE_ capturing groups, such as(?<_NAME_0>[^ =]+)=(?<_VALUE_0>[^,]+) | | `regex_list` | List[[models.RegexListConfSerdeTypeRegex](../models/regexlistconfserdetyperegex.md)] | :heavy_minus_sign: | N/A | | `iterations` | *Optional[float]* | :heavy_minus_sign: | The maximum number of times to apply regex to source field when the global flag is set, or when using _NAME_ and _VALUE_ capturing groups | diff --git a/docs/models/serdetypejson.md b/docs/models/serdetypejson.md index 0103122bd..faa2b1f6f 100644 --- a/docs/models/serdetypejson.md +++ b/docs/models/serdetypejson.md @@ -14,6 +14,7 @@ | `dst_field` | *Optional[str]* | :heavy_minus_sign: | Name of the field to add fields to. Extract mode only. | | `allowed_key_chars` | List[*str*] | :heavy_minus_sign: | A list of characters that may be present in a key name, even though they are normally separator or control characters | | `allowed_value_chars` | List[*str*] | :heavy_minus_sign: | A list of characters that may be present in a value, even though they are normally separator or control characters | +| `fields` | List[*str*] | :heavy_minus_sign: | The fields to be extracted, listed in order. Will auto-generate if empty. | | `regex` | *Optional[str]* | :heavy_minus_sign: | Regex literal with named capturing groups, such as (?bar), or _NAME_ and _VALUE_ capturing groups, such as(?<_NAME_0>[^ =]+)=(?<_VALUE_0>[^,]+) | | `regex_list` | List[[models.RegexListConfSerdeTypeRegex](../models/regexlistconfserdetyperegex.md)] | :heavy_minus_sign: | N/A | | `iterations` | *Optional[float]* | :heavy_minus_sign: | The maximum number of times to apply regex to source field when the global flag is set, or when using _NAME_ and _VALUE_ capturing groups | diff --git a/docs/models/serdetypekvp.md b/docs/models/serdetypekvp.md index ccdbf9914..77c1309d9 100644 --- a/docs/models/serdetypekvp.md +++ b/docs/models/serdetypekvp.md @@ -15,6 +15,7 @@ | `mode` | [models.SerdeTypeKvpOperationMode](../models/serdetypekvpoperationmode.md) | :heavy_check_mark: | Extract creates new fields. Reserialize extracts and filters fields, and then reserializes. | | `src_field` | *Optional[str]* | :heavy_minus_sign: | Field containing text to be parsed | | `dst_field` | *Optional[str]* | :heavy_minus_sign: | Name of the field to add fields to. Extract mode only. | +| `fields` | List[*str*] | :heavy_minus_sign: | The fields to be extracted, listed in order. Will auto-generate if empty. | | `regex` | *Optional[str]* | :heavy_minus_sign: | Regex literal with named capturing groups, such as (?bar), or _NAME_ and _VALUE_ capturing groups, such as(?<_NAME_0>[^ =]+)=(?<_VALUE_0>[^,]+) | | `regex_list` | List[[models.RegexListConfSerdeTypeRegex](../models/regexlistconfserdetyperegex.md)] | :heavy_minus_sign: | N/A | | `iterations` | *Optional[float]* | :heavy_minus_sign: | The maximum number of times to apply regex to source field when the global flag is set, or when using _NAME_ and _VALUE_ capturing groups | diff --git a/docs/models/serdetyperegex.md b/docs/models/serdetyperegex.md index 590603601..d902250fe 100644 --- a/docs/models/serdetyperegex.md +++ b/docs/models/serdetyperegex.md @@ -14,7 +14,11 @@ | `mode` | [models.SerdeTypeRegexOperationMode](../models/serdetyperegexoperationmode.md) | :heavy_check_mark: | Extract creates new fields. Reserialize extracts and filters fields, and then reserializes. | | `src_field` | *Optional[str]* | :heavy_minus_sign: | Field containing text to be parsed | | `dst_field` | *Optional[str]* | :heavy_minus_sign: | Name of the field to add fields to. Extract mode only. | +| `keep` | List[*str*] | :heavy_minus_sign: | List of fields to keep. Supports wildcards (*). Takes precedence over 'Fields to remove'. | +| `remove` | List[*str*] | :heavy_minus_sign: | List of fields to remove. Supports wildcards (*). Cannot remove fields that match 'Fields to keep'. | +| `field_filter_expr` | *Optional[str]* | :heavy_minus_sign: | Expression evaluated against {index, name, value} context. Return truthy to keep a field, or falsy to remove it. | | `allowed_key_chars` | List[*str*] | :heavy_minus_sign: | A list of characters that may be present in a key name, even though they are normally separator or control characters | | `allowed_value_chars` | List[*str*] | :heavy_minus_sign: | A list of characters that may be present in a value, even though they are normally separator or control characters | +| `fields` | List[*str*] | :heavy_minus_sign: | The fields to be extracted, listed in order. Will auto-generate if empty. | | `pattern` | *Optional[str]* | :heavy_minus_sign: | Grok pattern to extract fields. Syntax supported: %{PATTERN_NAME:FIELD_NAME} | | `pattern_list` | List[[models.PatternListConfSerdeTypeGrok](../models/patternlistconfserdetypegrok.md)] | :heavy_minus_sign: | N/A | \ No newline at end of file diff --git a/docs/models/splunkauthenticationbasic.md b/docs/models/splunkauthenticationbasic.md index 4e4999f71..205f74c75 100644 --- a/docs/models/splunkauthenticationbasic.md +++ b/docs/models/splunkauthenticationbasic.md @@ -22,8 +22,13 @@ | `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | | `handle_escaped_chars` | *Optional[bool]* | :heavy_minus_sign: | Escape characters (\") in search queries will be passed directly to Splunk | | `retry_rules` | [Optional[models.SplunkAuthenticationBasicRetryRules]](../models/splunkauthenticationbasicretryrules.md) | :heavy_minus_sign: | N/A | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | | `token` | *Optional[str]* | :heavy_minus_sign: | N/A | | `token_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your Bearer token | +| `login_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for login API call. This call is expected to be a POST. | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are allowed. | +| `auth_header_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. | | `template_search_head` | *Optional[str]* | :heavy_minus_sign: | Binds 'searchHead' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'searchHead' at runtime. | | `template_search` | *Optional[str]* | :heavy_minus_sign: | Binds 'search' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'search' at runtime. | | `template_earliest` | *Optional[str]* | :heavy_minus_sign: | Binds 'earliest' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'earliest' at runtime. | diff --git a/docs/models/splunkauthenticationbasicsecret.md b/docs/models/splunkauthenticationbasicsecret.md index 68bf0f742..335074c5c 100644 --- a/docs/models/splunkauthenticationbasicsecret.md +++ b/docs/models/splunkauthenticationbasicsecret.md @@ -21,8 +21,14 @@ | `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | | `handle_escaped_chars` | *Optional[bool]* | :heavy_minus_sign: | Escape characters (\") in search queries will be passed directly to Splunk | | `retry_rules` | [Optional[models.SplunkAuthenticationBasicSecretRetryRules]](../models/splunkauthenticationbasicsecretretryrules.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | Basic authentication username | +| `password` | *Optional[str]* | :heavy_minus_sign: | Basic authentication password | | `token` | *Optional[str]* | :heavy_minus_sign: | N/A | | `token_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your Bearer token | +| `login_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for login API call. This call is expected to be a POST. | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are allowed. | +| `auth_header_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. | | `template_search_head` | *Optional[str]* | :heavy_minus_sign: | Binds 'searchHead' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'searchHead' at runtime. | | `template_search` | *Optional[str]* | :heavy_minus_sign: | Binds 'search' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'search' at runtime. | | `template_earliest` | *Optional[str]* | :heavy_minus_sign: | Binds 'earliest' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'earliest' at runtime. | diff --git a/docs/models/splunkauthenticationnone.md b/docs/models/splunkauthenticationnone.md index 01254f06a..3af3b9497 100644 --- a/docs/models/splunkauthenticationnone.md +++ b/docs/models/splunkauthenticationnone.md @@ -20,8 +20,15 @@ | `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | | `handle_escaped_chars` | *Optional[bool]* | :heavy_minus_sign: | Escape characters (\") in search queries will be passed directly to Splunk | | `retry_rules` | [Optional[models.SplunkAuthenticationNoneRetryRules]](../models/splunkauthenticationnoneretryrules.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | Basic authentication username | +| `password` | *Optional[str]* | :heavy_minus_sign: | Basic authentication password | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | | `token` | *Optional[str]* | :heavy_minus_sign: | N/A | | `token_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your Bearer token | +| `login_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for login API call. This call is expected to be a POST. | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are allowed. | +| `auth_header_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. | | `template_search_head` | *Optional[str]* | :heavy_minus_sign: | Binds 'searchHead' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'searchHead' at runtime. | | `template_search` | *Optional[str]* | :heavy_minus_sign: | Binds 'search' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'search' at runtime. | | `template_earliest` | *Optional[str]* | :heavy_minus_sign: | Binds 'earliest' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'earliest' at runtime. | diff --git a/docs/models/splunkauthenticationtoken.md b/docs/models/splunkauthenticationtoken.md index 11d154c0d..a5ab0989d 100644 --- a/docs/models/splunkauthenticationtoken.md +++ b/docs/models/splunkauthenticationtoken.md @@ -21,7 +21,14 @@ | `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | | `handle_escaped_chars` | *Optional[bool]* | :heavy_minus_sign: | Escape characters (\") in search queries will be passed directly to Splunk | | `retry_rules` | [Optional[models.SplunkAuthenticationTokenRetryRules]](../models/splunkauthenticationtokenretryrules.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | Basic authentication username | +| `password` | *Optional[str]* | :heavy_minus_sign: | Basic authentication password | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | | `token_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your Bearer token | +| `login_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for login API call. This call is expected to be a POST. | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are allowed. | +| `auth_header_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. | | `template_search_head` | *Optional[str]* | :heavy_minus_sign: | Binds 'searchHead' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'searchHead' at runtime. | | `template_search` | *Optional[str]* | :heavy_minus_sign: | Binds 'search' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'search' at runtime. | | `template_earliest` | *Optional[str]* | :heavy_minus_sign: | Binds 'earliest' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'earliest' at runtime. | diff --git a/docs/models/splunkauthenticationtokensecret.md b/docs/models/splunkauthenticationtokensecret.md index b38dffbed..50b6733b2 100644 --- a/docs/models/splunkauthenticationtokensecret.md +++ b/docs/models/splunkauthenticationtokensecret.md @@ -21,7 +21,14 @@ | `reject_unauthorized` | *Optional[bool]* | :heavy_minus_sign: | Reject certificates that cannot be verified against a valid CA (such as self-signed certificates) | | `handle_escaped_chars` | *Optional[bool]* | :heavy_minus_sign: | Escape characters (\") in search queries will be passed directly to Splunk | | `retry_rules` | [Optional[models.SplunkAuthenticationTokenSecretRetryRules]](../models/splunkauthenticationtokensecretretryrules.md) | :heavy_minus_sign: | N/A | +| `username` | *Optional[str]* | :heavy_minus_sign: | Basic authentication username | +| `password` | *Optional[str]* | :heavy_minus_sign: | Basic authentication password | +| `credentials_secret` | *Optional[str]* | :heavy_minus_sign: | Select or create a stored secret that references your credentials | | `token` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `login_url` | *Optional[str]* | :heavy_minus_sign: | URL to use for login API call. This call is expected to be a POST. | +| `login_body` | *Optional[str]* | :heavy_minus_sign: | Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. | +| `token_resp_attribute` | *Optional[str]* | :heavy_minus_sign: | Path to token attribute in login response body. Nested attributes are allowed. | +| `auth_header_expr` | *Optional[str]* | :heavy_minus_sign: | JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login. | | `template_search_head` | *Optional[str]* | :heavy_minus_sign: | Binds 'searchHead' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'searchHead' at runtime. | | `template_search` | *Optional[str]* | :heavy_minus_sign: | Binds 'search' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'search' at runtime. | | `template_earliest` | *Optional[str]* | :heavy_minus_sign: | Binds 'earliest' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'earliest' at runtime. | diff --git a/docs/models/updatepacksrequest.md b/docs/models/updatepacksrequest.md index d2fa4ad9e..525525cf0 100644 --- a/docs/models/updatepacksrequest.md +++ b/docs/models/updatepacksrequest.md @@ -3,7 +3,7 @@ ## Fields -| Field | Type | Required | Description | -| -------------------------------------------- | -------------------------------------------- | -------------------------------------------- | -------------------------------------------- | -| `filename` | *str* | :heavy_check_mark: | Filename of the Pack file to upload. | -| `request_body` | *Union[bytes, IO[bytes], io.BufferedReader]* | :heavy_check_mark: | N/A | \ No newline at end of file +| Field | Type | Required | Description | +| ------------------------------------ | ------------------------------------ | ------------------------------------ | ------------------------------------ | +| `filename` | *str* | :heavy_check_mark: | Filename of the Pack file to upload. | +| `request_body` | *Union[bytes, IO[bytes], io.IOBase]* | :heavy_check_mark: | N/A | \ No newline at end of file diff --git a/docs/sdks/captures/README.md b/docs/sdks/captures/README.md index cce06a071..7c201e288 100644 --- a/docs/sdks/captures/README.md +++ b/docs/sdks/captures/README.md @@ -4,11 +4,11 @@ ### Available Operations -* [create](#create) - Capture live incoming data +* [create](#create) - Capture live data ## create -Initiate a live data capture from Cribl Workers.Returns a stream of captured events in NDJSON format that match the parameters specified in the request body. +Initiate a live data capture from Cribl Workers. Returns a stream of captured events in NDJSON format that match the parameters specified in the request body. ### Example Usage: CaptureExamplesComplexFilter diff --git a/docs/sdks/collectorssdk/README.md b/docs/sdks/collectorssdk/README.md index 6b3fd2060..64d885fd5 100644 --- a/docs/sdks/collectorssdk/README.md +++ b/docs/sdks/collectorssdk/README.md @@ -6,11 +6,55 @@ Actions related to Collectors ### Available Operations -* [create](#create) - Create a Collector * [list](#list) - List all Collectors -* [delete](#delete) - Delete a Collector +* [create](#create) - Create a Collector * [get](#get) - Get a Collector * [update](#update) - Update a Collector +* [delete](#delete) - Delete a Collector + +## list + +Get a list of all Collectors. + +### Example Usage + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.collectors.list() + + # Handle response + print(res) + +``` + +### Parameters + +| Parameter | Type | Required | Description | +| ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | +| `collector_type` | [Optional[models.CollectorType]](../../models/collectortype.md) | :heavy_minus_sign: | Filter by collector type | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | + +### Response + +**[models.CountedSavedJobResponse](../../models/countedsavedjobresponse.md)** + +### Errors + +| Error Type | Status Code | Content Type | +| ---------------- | ---------------- | ---------------- | +| errors.Error | 500 | application/json | +| errors.APIError | 4XX, 5XX | \*/\* | ## create @@ -852,94 +896,6 @@ with CriblControlPlane( | errors.Error | 500 | application/json | | errors.APIError | 4XX, 5XX | \*/\* | -## list - -Get a list of all Collectors. - -### Example Usage - - -```python -from cribl_control_plane import CriblControlPlane, models -import os - - -with CriblControlPlane( - "https://api.example.com", - security=models.Security( - bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), - ), -) as ccp_client: - - res = ccp_client.collectors.list(collector_type="") - - # Handle response - print(res) - -``` - -### Parameters - -| Parameter | Type | Required | Description | -| ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | -| `collector_type` | *Optional[str]* | :heavy_minus_sign: | Filter by collector type | -| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | - -### Response - -**[models.CountedSavedJobResponse](../../models/countedsavedjobresponse.md)** - -### Errors - -| Error Type | Status Code | Content Type | -| ---------------- | ---------------- | ---------------- | -| errors.Error | 500 | application/json | -| errors.APIError | 4XX, 5XX | \*/\* | - -## delete - -Delete the specified Collector. - -### Example Usage - - -```python -from cribl_control_plane import CriblControlPlane, models -import os - - -with CriblControlPlane( - "https://api.example.com", - security=models.Security( - bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), - ), -) as ccp_client: - - res = ccp_client.collectors.delete(id="") - - # Handle response - print(res) - -``` - -### Parameters - -| Parameter | Type | Required | Description | -| ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | -| `id` | *str* | :heavy_check_mark: | The id of the Collector to delete. | -| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | - -### Response - -**[models.CountedSavedJobResponse](../../models/countedsavedjobresponse.md)** - -### Errors - -| Error Type | Status Code | Content Type | -| ---------------- | ---------------- | ---------------- | -| errors.Error | 500 | application/json | -| errors.APIError | 4XX, 5XX | \*/\* | - ## get Get the specified Collector. @@ -986,7 +942,7 @@ with CriblControlPlane( ## update -Update the specified Collector.

Provide a complete representation of the Collector that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Collector.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Collector might not function as expected. +Update the specified Collector.

Provide a complete representation of the Collector that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Collector.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Collector might not function as expected. ### Example Usage: CollectorExamplesAzureBlob @@ -1841,6 +1797,50 @@ with CriblControlPlane( ### Errors +| Error Type | Status Code | Content Type | +| ---------------- | ---------------- | ---------------- | +| errors.Error | 500 | application/json | +| errors.APIError | 4XX, 5XX | \*/\* | + +## delete + +Delete the specified Collector. + +### Example Usage + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.collectors.delete(id="") + + # Handle response + print(res) + +``` + +### Parameters + +| Parameter | Type | Required | Description | +| ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | +| `id` | *str* | :heavy_check_mark: | The id of the Collector to delete. | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | + +### Response + +**[models.CountedSavedJobResponse](../../models/countedsavedjobresponse.md)** + +### Errors + | Error Type | Status Code | Content Type | | ---------------- | ---------------- | ---------------- | | errors.Error | 500 | application/json | diff --git a/docs/sdks/commits/README.md b/docs/sdks/commits/README.md index f9591dc32..2a3f907e9 100644 --- a/docs/sdks/commits/README.md +++ b/docs/sdks/commits/README.md @@ -4,17 +4,61 @@ ### Available Operations +* [list](#list) - List the commit history * [create](#create) - Create a new commit for pending changes to the Cribl configuration * [diff](#diff) - Get the diff for a commit -* [list](#list) - List the commit history * [push](#push) - Push local commits to the remote repository * [revert](#revert) - Revert a commit in the local repository * [get](#get) - Get the diff and log message for a commit * [undo](#undo) - Discard uncommitted (staged) changes +## list + +List the commit history.

Analogous to git log for the Cribl configuration, allowing you to audit and review changes over time. + +### Example Usage + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.versions.commits.list(count=893.58) + + # Handle response + print(res) + +``` + +### Parameters + +| Parameter | Type | Required | Description | +| --------------------------------------------------------------------- | --------------------------------------------------------------------- | --------------------------------------------------------------------- | --------------------------------------------------------------------- | +| `count` | *Optional[int]* | :heavy_minus_sign: | Maximum number of commits to return in the response for this request. | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | + +### Response + +**[models.CountedGitLogResult](../../models/countedgitlogresult.md)** + +### Errors + +| Error Type | Status Code | Content Type | +| ---------------- | ---------------- | ---------------- | +| errors.Error | 500 | application/json | +| errors.APIError | 4XX, 5XX | \*/\* | + ## create -Create a new commit for pending changes to the Cribl configuration. Any merge conflicts indicated in the response must be resolved using Git.

To commit only a subset of configuration changes, specify the files to include in the commit in the files array. +Create a new commit for pending changes to the Cribl configuration. Any merge conflicts indicated in the response must be resolved using Git.

To commit only a subset of configuration changes, specify the files to include in the commit in the files array. ### Example Usage: VersionCommitExamplesCommitAll @@ -128,50 +172,6 @@ with CriblControlPlane( | errors.Error | 500 | application/json | | errors.APIError | 4XX, 5XX | \*/\* | -## list - -List the commit history.

Analogous to git log for the Cribl configuration, allowing you to audit and review changes over time. - -### Example Usage - - -```python -from cribl_control_plane import CriblControlPlane, models -import os - - -with CriblControlPlane( - "https://api.example.com", - security=models.Security( - bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), - ), -) as ccp_client: - - res = ccp_client.versions.commits.list(count=893.58) - - # Handle response - print(res) - -``` - -### Parameters - -| Parameter | Type | Required | Description | -| --------------------------------------------------------------------- | --------------------------------------------------------------------- | --------------------------------------------------------------------- | --------------------------------------------------------------------- | -| `count` | *Optional[int]* | :heavy_minus_sign: | Maximum number of commits to return in the response for this request. | -| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | - -### Response - -**[models.CountedGitLogResult](../../models/countedgitlogresult.md)** - -### Errors - -| Error Type | Status Code | Content Type | -| ---------------- | ---------------- | ---------------- | -| errors.Error | 500 | application/json | -| errors.APIError | 4XX, 5XX | \*/\* | - ## push Push all local commits from the local repository to the remote repository. diff --git a/docs/sdks/cribl/README.md b/docs/sdks/cribl/README.md index 5d83fdc97..c3b23522d 100644 --- a/docs/sdks/cribl/README.md +++ b/docs/sdks/cribl/README.md @@ -4,7 +4,7 @@ ### Available Operations -* [list](#list) - Get Cribl system settings +* [list](#list) - Get system settings * [update](#update) - Update system settings ## list diff --git a/docs/sdks/databaseconnections/README.md b/docs/sdks/databaseconnections/README.md index b29d4d8ce..b8786c04e 100644 --- a/docs/sdks/databaseconnections/README.md +++ b/docs/sdks/databaseconnections/README.md @@ -6,10 +6,55 @@ Actions related to DatabaseConnections ### Available Operations +* [list](#list) - List Database Connections * [create](#create) - Create Database Connection -* [delete](#delete) - Delete a Database Connection * [get](#get) - Get a Database Connection * [update](#update) - Update a Database Connection +* [delete](#delete) - Delete a Database Connection + +## list + +Get a list of all Database Connections. + +### Example Usage + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.database_connections.list() + + # Handle response + print(res) + +``` + +### Parameters + +| Parameter | Type | Required | Description | +| --------------------------------------------------------------------------------- | --------------------------------------------------------------------------------- | --------------------------------------------------------------------------------- | --------------------------------------------------------------------------------- | +| `database_type` | [Optional[models.DatabaseConnectionType]](../../models/databaseconnectiontype.md) | :heavy_minus_sign: | Type of Database Connections to include in the results. | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | + +### Response + +**[models.CountedDatabaseConnectionConfig](../../models/counteddatabaseconnectionconfig.md)** + +### Errors + +| Error Type | Status Code | Content Type | +| ---------------- | ---------------- | ---------------- | +| errors.Error | 500 | application/json | +| errors.APIError | 4XX, 5XX | \*/\* | ## create @@ -256,13 +301,13 @@ with CriblControlPlane( | errors.Error | 500 | application/json | | errors.APIError | 4XX, 5XX | \*/\* | -## delete +## get -Delete the specified Database Connection. +Get the specified Database Connection. ### Example Usage - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -275,7 +320,7 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.database_connections.delete(id="") + res = ccp_client.database_connections.get(id="") # Handle response print(res) @@ -286,7 +331,7 @@ with CriblControlPlane( | Parameter | Type | Required | Description | | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | -| `id` | *str* | :heavy_check_mark: | The id of the Database Connection to delete. | +| `id` | *str* | :heavy_check_mark: | The id of the Database Connection to get. | | `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | ### Response @@ -300,13 +345,13 @@ with CriblControlPlane( | errors.Error | 500 | application/json | | errors.APIError | 4XX, 5XX | \*/\* | -## get +## update -Get the specified Database Connection. +Update the specified Database Connection.

Provide a complete representation of the Database Connection that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Database Connection.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Database Connection might not function as expected. -### Example Usage +### Example Usage: DatabaseConnectionExamplesMySQLWithConnectionString - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -319,38 +364,204 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.database_connections.get(id="") + res = ccp_client.database_connections.update(id_param="", auth_type="connectionString", database_type=models.DatabaseConnectionType.MYSQL, description="Production MySQL database for customer data", id="mysql-prod-db", connection_string="mysql://admin:password123@mysql.example.com:3306/production?ssl=true", connection_timeout=10000, tags="production,mysql,customer-data") # Handle response print(res) ``` +### Example Usage: DatabaseConnectionExamplesMySQLWithSecret -### Parameters + +```python +from cribl_control_plane import CriblControlPlane, models +import os -| Parameter | Type | Required | Description | -| ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | -| `id` | *str* | :heavy_check_mark: | The id of the Database Connection to get. | -| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | -### Response +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: -**[models.CountedDatabaseConnectionConfig](../../models/counteddatabaseconnectionconfig.md)** + res = ccp_client.database_connections.update(id_param="", auth_type="secret", database_type=models.DatabaseConnectionType.MYSQL, description="Analytics MySQL database", id="mysql-analytics-db", connection_timeout=15000, tags="analytics,mysql", text_secret="mysql-analytics-connection") -### Errors + # Handle response + print(res) -| Error Type | Status Code | Content Type | -| ---------------- | ---------------- | ---------------- | -| errors.Error | 500 | application/json | -| errors.APIError | 4XX, 5XX | \*/\* | +``` +### Example Usage: DatabaseConnectionExamplesOracleWithConnectionString -## update + +```python +from cribl_control_plane import CriblControlPlane, models +import os -Update the specified Database Connection.

Provide a complete representation of the Database Connection that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Database Connection.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Database Connection might not function as expected. -### Example Usage: DatabaseConnectionExamplesMySQLWithConnectionString +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: - + res = ccp_client.database_connections.update(id_param="", auth_type="connectionString", database_type=models.DatabaseConnectionType.ORACLE, description="Oracle ERP database", id="oracle-erp", connection_string="oracle.example.com:1521/ORCL", connection_timeout=15000, password="Oracle_Pass456!", tags="erp,oracle,finance", user="erp_user") + + # Handle response + print(res) + +``` +### Example Usage: DatabaseConnectionExamplesOracleWithCredentialsSecrets + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.database_connections.update(id_param="", auth_type="secrets", database_type=models.DatabaseConnectionType.ORACLE, description="High-security Oracle database with credential secrets", id="oracle-secure-db", connection_timeout=15000, creds_secrets="oracle-secure-credentials", tags="secure,oracle,sensitive-data", text_secret="oracle-secure-connection") + + # Handle response + print(res) + +``` +### Example Usage: DatabaseConnectionExamplesOracleWithSecret + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.database_connections.update(id_param="", auth_type="secret", database_type=models.DatabaseConnectionType.ORACLE, description="Oracle data warehouse", id="oracle-warehouse", connection_timeout=20000, password="Warehouse_Pass789!", tags="warehouse,oracle,reporting", text_secret="oracle-warehouse-connection", user="warehouse_user") + + # Handle response + print(res) + +``` +### Example Usage: DatabaseConnectionExamplesPostgreSQLWithConnectionString + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.database_connections.update(id_param="", auth_type="connectionString", database_type=models.DatabaseConnectionType.POSTGRES, description="Data warehouse PostgreSQL database", id="postgres-warehouse", connection_string="postgresql://warehouse_user:SecurePass456@postgres.example.com:5432/warehouse?sslmode=require", connection_timeout=15000, tags="warehouse,postgres,reporting") + + # Handle response + print(res) + +``` +### Example Usage: DatabaseConnectionExamplesPostgreSQLWithSecret + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.database_connections.update(id_param="", auth_type="secret", database_type=models.DatabaseConnectionType.POSTGRES, description="Logs PostgreSQL database", id="postgres-logs", connection_timeout=10000, tags="logs,postgres", text_secret="postgres-logs-connection") + + # Handle response + print(res) + +``` +### Example Usage: DatabaseConnectionExamplesSQLServerWithConfigObject + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.database_connections.update(id_param="", auth_type="configObj", database_type=models.DatabaseConnectionType.SQLSERVER, description="Reporting SQL Server database with custom config", id="sqlserver-reporting", config_obj="{\"server\":\"sqlserver.example.com\",\"database\":\"Reporting\",\"user\":\"report_user\",\"password\":\"Report_Pass123!\",\"options\":{\"encrypt\":true,\"trustServerCertificate\":false,\"connectTimeout\":20000}}", request_timeout=60000, tags="reporting,sqlserver,analytics") + + # Handle response + print(res) + +``` +### Example Usage: DatabaseConnectionExamplesSQLServerWithConnectionString + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.database_connections.update(id_param="", auth_type="connectionString", database_type=models.DatabaseConnectionType.SQLSERVER, description="ERP SQL Server database", id="sqlserver-erp", connection_string="Server=sqlserver.example.com;Database=ERP;User Id=erp_admin;Password=ERP_Pass789!;Encrypt=true", connection_timeout=15000, request_timeout=30000, tags="erp,sqlserver,finance") + + # Handle response + print(res) + +``` +### Example Usage: DatabaseConnectionExamplesSQLServerWithSecret + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.database_connections.update(id_param="", auth_type="secret", database_type=models.DatabaseConnectionType.SQLSERVER, description="CRM SQL Server database", id="sqlserver-crm", connection_timeout=15000, request_timeout=15000, tags="crm,sqlserver,sales", text_secret="sqlserver-crm-connection") + + # Handle response + print(res) + +``` +### Example Usage: UpdateDatabaseConnectionExamplesMySQLWithConnectionString + + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -369,9 +580,9 @@ with CriblControlPlane( print(res) ``` -### Example Usage: DatabaseConnectionExamplesMySQLWithSecret +### Example Usage: UpdateDatabaseConnectionExamplesMySQLWithSecret - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -390,9 +601,9 @@ with CriblControlPlane( print(res) ``` -### Example Usage: DatabaseConnectionExamplesOracleWithConnectionString +### Example Usage: UpdateDatabaseConnectionExamplesOracleWithConnectionString - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -411,9 +622,9 @@ with CriblControlPlane( print(res) ``` -### Example Usage: DatabaseConnectionExamplesOracleWithCredentialsSecrets +### Example Usage: UpdateDatabaseConnectionExamplesOracleWithCredentialsSecrets - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -432,9 +643,9 @@ with CriblControlPlane( print(res) ``` -### Example Usage: DatabaseConnectionExamplesOracleWithSecret +### Example Usage: UpdateDatabaseConnectionExamplesOracleWithSecret - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -453,9 +664,9 @@ with CriblControlPlane( print(res) ``` -### Example Usage: DatabaseConnectionExamplesPostgreSQLWithConnectionString +### Example Usage: UpdateDatabaseConnectionExamplesPostgreSQLWithConnectionString - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -474,9 +685,9 @@ with CriblControlPlane( print(res) ``` -### Example Usage: DatabaseConnectionExamplesPostgreSQLWithSecret +### Example Usage: UpdateDatabaseConnectionExamplesPostgreSQLWithSecret - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -495,9 +706,9 @@ with CriblControlPlane( print(res) ``` -### Example Usage: DatabaseConnectionExamplesSQLServerWithConfigObject +### Example Usage: UpdateDatabaseConnectionExamplesSQLServerWithConfigObject - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -516,9 +727,9 @@ with CriblControlPlane( print(res) ``` -### Example Usage: DatabaseConnectionExamplesSQLServerWithConnectionString +### Example Usage: UpdateDatabaseConnectionExamplesSQLServerWithConnectionString - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -537,9 +748,9 @@ with CriblControlPlane( print(res) ``` -### Example Usage: DatabaseConnectionExamplesSQLServerWithSecret +### Example Usage: UpdateDatabaseConnectionExamplesSQLServerWithSecret - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -585,6 +796,50 @@ with CriblControlPlane( ### Errors +| Error Type | Status Code | Content Type | +| ---------------- | ---------------- | ---------------- | +| errors.Error | 500 | application/json | +| errors.APIError | 4XX, 5XX | \*/\* | + +## delete + +Delete the specified Database Connection. + +### Example Usage + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.database_connections.delete(id="") + + # Handle response + print(res) + +``` + +### Parameters + +| Parameter | Type | Required | Description | +| ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | +| `id` | *str* | :heavy_check_mark: | The id of the Database Connection to delete. | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | + +### Response + +**[models.CountedDatabaseConnectionConfig](../../models/counteddatabaseconnectionconfig.md)** + +### Errors + | Error Type | Status Code | Content Type | | ---------------- | ---------------- | ---------------- | | errors.Error | 500 | application/json | diff --git a/docs/sdks/datasets/README.md b/docs/sdks/datasets/README.md index 09d625deb..4b60dcdf5 100644 --- a/docs/sdks/datasets/README.md +++ b/docs/sdks/datasets/README.md @@ -4,11 +4,63 @@ ### Available Operations -* [create](#create) - Create a Lake Dataset (Cribl.Cloud only) * [list](#list) - List all Lake Datasets (Cribl.Cloud only) -* [delete](#delete) - Delete a Lake Dataset (Cribl.Cloud only) +* [create](#create) - Create a Lake Dataset (Cribl.Cloud only) * [get](#get) - Get a Lake Dataset (Cribl.Cloud only) * [update](#update) - Update a Lake Dataset (Cribl.Cloud only) +* [delete](#delete) - Delete a Lake Dataset (Cribl.Cloud only) + +## list + +Get a list of all Lake Datasets in the specified Lake (Cribl.Cloud only). + +### Example Usage + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.lakes.datasets.list(lake_id="", storage_location_id="", exclude_ddss=True, exclude_deleted=True, exclude_internal=False, exclude_byos=False) + + # Handle response + print(res) + +``` + +### Parameters + +| Parameter | Type | Required | Description | +| ---------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `lake_id` | *str* | :heavy_check_mark: | The id of the Lake that contains the Lake Datasets to list. | +| `storage_location_id` | *Optional[str]* | :heavy_minus_sign: | Filter datasets by storage location ID. Use default for default storage location. | +| `format_` | [Optional[models.GetCriblLakeDatasetByLakeIDFormat]](../../models/getcribllakedatasetbylakeidformat.md) | :heavy_minus_sign: | Filter datasets by format. Set to ddss to return only DDSS datasets. | +| `exclude_ddss` | *Optional[bool]* | :heavy_minus_sign: | Exclude DDSS format datasets from the response. | +| `exclude_netskope` | *Optional[bool]* | :heavy_minus_sign: | Exclude Netskope format datasets from the response. | +| `exclude_deleted` | *Optional[bool]* | :heavy_minus_sign: | Exclude deleted datasets from the response. | +| `exclude_internal` | *Optional[bool]* | :heavy_minus_sign: | Exclude internal datasets (those with IDs starting with cribl_) from the response. | +| `exclude_byos` | *Optional[bool]* | :heavy_minus_sign: | Exclude BYOS (Bring Your Own Storage) datasets from the response. | +| `include_metrics` | *Optional[bool]* | :heavy_minus_sign: | Set to true to include storage metrics for each Lake Dataset. Otherwise, false (default). Requires a Cribl Lake metrics license. | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | + +### Response + +**[models.CountedCriblLakeDataset](../../models/countedcribllakedataset.md)** + +### Errors + +| Error Type | Status Code | Content Type | +| ---------------- | ---------------- | ---------------- | +| errors.Error | 500 | application/json | +| errors.APIError | 4XX, 5XX | \*/\* | ## create @@ -118,12 +170,12 @@ with CriblControlPlane( | `deletion_started_at` | *Optional[float]* | :heavy_minus_sign: | Timestamp (in Unix time) when Dataset deletion was initiated, in milliseconds. | | `description` | *Optional[str]* | :heavy_minus_sign: | Brief description of the Dataset. | | `format_` | [Optional[models.FormatOptionsCriblLakeDataset]](../../models/formatoptionscribllakedataset.md) | :heavy_minus_sign: | Storage format used for data persisted in the Dataset. | -| `http_da_used` | *Optional[bool]* | :heavy_minus_sign: | If true, the Dataset is used by Direct Access HTTP. | +| `http_da_used` | *Optional[bool]* | :heavy_minus_sign: | If true, the Dataset is used by Direct Access HTTP. Otherwise, false. | | `metrics` | [Optional[models.LakeDatasetMetrics]](../../models/lakedatasetmetrics.md) | :heavy_minus_sign: | N/A | | `retention_period_in_days` | *Optional[int]* | :heavy_minus_sign: | Dataset retention period, in days. | | `search_config` | [Optional[models.LakeDatasetSearchConfig]](../../models/lakedatasetsearchconfig.md) | :heavy_minus_sign: | N/A | | `storage_class` | [Optional[models.StorageClassOptionsCriblLakeDataset]](../../models/storageclassoptionscribllakedataset.md) | :heavy_minus_sign: | Storage class used for objects written to the Dataset. | -| `storage_location_id` | *Optional[str]* | :heavy_minus_sign: | Identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName. | +| `storage_location_id` | *Optional[str]* | :heavy_minus_sign: | Unique identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName. | | `view_name` | *Optional[str]* | :heavy_minus_sign: | Name of the ClickHouse view for the Dataset on the Lakehouse. | | `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | @@ -138,101 +190,6 @@ with CriblControlPlane( | errors.Error | 500 | application/json | | errors.APIError | 4XX, 5XX | \*/\* | -## list - -Get a list of all Lake Datasets in the specified Lake (Cribl.Cloud only). - -### Example Usage - - -```python -from cribl_control_plane import CriblControlPlane, models -import os - - -with CriblControlPlane( - "https://api.example.com", - security=models.Security( - bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), - ), -) as ccp_client: - - res = ccp_client.lakes.datasets.list(lake_id="", storage_location_id="", format_="", exclude_ddss=True, exclude_deleted=True, exclude_internal=False, exclude_byos=False) - - # Handle response - print(res) - -``` - -### Parameters - -| Parameter | Type | Required | Description | -| ----------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------- | -| `lake_id` | *str* | :heavy_check_mark: | The id of the Lake that contains the Lake Datasets to list. | -| `storage_location_id` | *Optional[str]* | :heavy_minus_sign: | Filter datasets by storage location ID. Use default for default storage location. | -| `format_` | *Optional[str]* | :heavy_minus_sign: | Filter datasets by format. Set to ddss to return only DDSS datasets. | -| `exclude_ddss` | *Optional[bool]* | :heavy_minus_sign: | Exclude DDSS format datasets from the response. | -| `exclude_deleted` | *Optional[bool]* | :heavy_minus_sign: | Exclude deleted datasets from the response. | -| `exclude_internal` | *Optional[bool]* | :heavy_minus_sign: | Exclude internal datasets (those with IDs starting with cribl_) from the response. | -| `exclude_byos` | *Optional[bool]* | :heavy_minus_sign: | Exclude BYOS (Bring Your Own Storage) datasets from the response. | -| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | - -### Response - -**[models.CountedCriblLakeDataset](../../models/countedcribllakedataset.md)** - -### Errors - -| Error Type | Status Code | Content Type | -| ---------------- | ---------------- | ---------------- | -| errors.Error | 500 | application/json | -| errors.APIError | 4XX, 5XX | \*/\* | - -## delete - -Delete the specified Lake Dataset in the specified Lake (Cribl.Cloud only). - -### Example Usage - - -```python -from cribl_control_plane import CriblControlPlane, models -import os - - -with CriblControlPlane( - "https://api.example.com", - security=models.Security( - bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), - ), -) as ccp_client: - - res = ccp_client.lakes.datasets.delete(lake_id="", id="") - - # Handle response - print(res) - -``` - -### Parameters - -| Parameter | Type | Required | Description | -| ------------------------------------------------------------------------- | ------------------------------------------------------------------------- | ------------------------------------------------------------------------- | ------------------------------------------------------------------------- | -| `lake_id` | *str* | :heavy_check_mark: | The id of the Lake that contains the Lake Dataset to delete. | -| `id` | *str* | :heavy_check_mark: | The id of the Lake Dataset to delete. | -| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | - -### Response - -**[models.CountedCriblLakeDataset](../../models/countedcribllakedataset.md)** - -### Errors - -| Error Type | Status Code | Content Type | -| ---------------- | ---------------- | ---------------- | -| errors.Error | 500 | application/json | -| errors.APIError | 4XX, 5XX | \*/\* | - ## get Get the specified Lake Dataset in the specified Lake (Cribl.Cloud only). @@ -261,11 +218,12 @@ with CriblControlPlane( ### Parameters -| Parameter | Type | Required | Description | -| ---------------------------------------------------------------------- | ---------------------------------------------------------------------- | ---------------------------------------------------------------------- | ---------------------------------------------------------------------- | -| `lake_id` | *str* | :heavy_check_mark: | The id of the Lake that contains the Lake Dataset to get. | -| `id` | *str* | :heavy_check_mark: | The id of the Lake Dataset to get. | -| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | +| Parameter | Type | Required | Description | +| ---------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `lake_id` | *str* | :heavy_check_mark: | The id of the Lake that contains the Lake Dataset to get. | +| `id` | *str* | :heavy_check_mark: | The id of the Lake Dataset to get. | +| `include_metrics` | *Optional[bool]* | :heavy_minus_sign: | Set to true to include storage metrics for each Lake Dataset. Otherwise, false (default). Requires a Cribl Lake metrics license. | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | ### Response @@ -361,13 +319,13 @@ with CriblControlPlane( | `deletion_started_at` | *Optional[float]* | :heavy_minus_sign: | Timestamp (in Unix time) when Dataset deletion was initiated, in milliseconds. | | `description` | *Optional[str]* | :heavy_minus_sign: | Brief description of the Dataset. | | `format_` | [Optional[models.FormatOptionsCriblLakeDataset]](../../models/formatoptionscribllakedataset.md) | :heavy_minus_sign: | Storage format used for data persisted in the Dataset. | -| `http_da_used` | *Optional[bool]* | :heavy_minus_sign: | If true, the Dataset is used by Direct Access HTTP. | -| `id` | *Optional[str]* | :heavy_minus_sign: | Dataset identifier. Optional; the path parameter id is authoritative. | +| `http_da_used` | *Optional[bool]* | :heavy_minus_sign: | If true, the Dataset is used by Direct Access HTTP. Otherwise, false. | +| `id` | *Optional[str]* | :heavy_minus_sign: | Unique identifier for the Dataset. Optional; the path parameter id is authoritative. | | `metrics` | [Optional[models.LakeDatasetMetrics]](../../models/lakedatasetmetrics.md) | :heavy_minus_sign: | N/A | | `retention_period_in_days` | *Optional[int]* | :heavy_minus_sign: | Dataset retention period, in days. | | `search_config` | [Optional[models.LakeDatasetSearchConfig]](../../models/lakedatasetsearchconfig.md) | :heavy_minus_sign: | N/A | | `storage_class` | [Optional[models.StorageClassOptionsCriblLakeDataset]](../../models/storageclassoptionscribllakedataset.md) | :heavy_minus_sign: | Storage class used for objects written to the Dataset. | -| `storage_location_id` | *Optional[str]* | :heavy_minus_sign: | Identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName. | +| `storage_location_id` | *Optional[str]* | :heavy_minus_sign: | Unique identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName. | | `view_name` | *Optional[str]* | :heavy_minus_sign: | Name of the ClickHouse view for the Dataset on the Lakehouse. | | `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | @@ -377,6 +335,51 @@ with CriblControlPlane( ### Errors +| Error Type | Status Code | Content Type | +| ---------------- | ---------------- | ---------------- | +| errors.Error | 500 | application/json | +| errors.APIError | 4XX, 5XX | \*/\* | + +## delete + +Delete the specified Lake Dataset in the specified Lake (Cribl.Cloud only). + +### Example Usage + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.lakes.datasets.delete(lake_id="", id="") + + # Handle response + print(res) + +``` + +### Parameters + +| Parameter | Type | Required | Description | +| ------------------------------------------------------------------------- | ------------------------------------------------------------------------- | ------------------------------------------------------------------------- | ------------------------------------------------------------------------- | +| `lake_id` | *str* | :heavy_check_mark: | The id of the Lake that contains the Lake Dataset to delete. | +| `id` | *str* | :heavy_check_mark: | The id of the Lake Dataset to delete. | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | + +### Response + +**[models.CountedCriblLakeDataset](../../models/countedcribllakedataset.md)** + +### Errors + | Error Type | Status Code | Content Type | | ---------------- | ---------------- | ---------------- | | errors.Error | 500 | application/json | diff --git a/docs/sdks/destinations/README.md b/docs/sdks/destinations/README.md index 1ed414dec..95f006894 100644 --- a/docs/sdks/destinations/README.md +++ b/docs/sdks/destinations/README.md @@ -706,7 +706,7 @@ with CriblControlPlane( "type": models.CreateOutputTypeDynatraceHTTP.DYNATRACE_HTTP, "auth_type": models.CreateOutputAuthenticationTypeDynatraceHTTP.TOKEN, "format_": models.CreateOutputFormatDynatraceHTTP.JSON_ARRAY, - "endpoint": models.CreateOutputEndpoint.CLOUD, + "endpoint": models.CreateOutputEndpointDynatraceHTTP.CLOUD, "telemetry_type": models.CreateOutputTelemetryType.LOGS, "token": "your-api-key", }) @@ -902,6 +902,31 @@ with CriblControlPlane( # Handle response print(res) +``` +### Example Usage: OutputCreateExamplesGoogleCloudObservability + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.create(request={ + "id": "google-cloud-observability-output", + "type": models.CreateOutputTypeGoogleCloudObservability.GOOGLE_CLOUD_OBSERVABILITY, + "google_auth_method": models.CreateOutputGoogleAuthenticationMethod.AUTO, + }) + + # Handle response + print(res) + ``` ### Example Usage: OutputCreateExamplesGoogleCloudStorage @@ -4409,6 +4434,2185 @@ with CriblControlPlane( # Handle response print(res) +``` +### Example Usage: UpdateOutputExamplesAlphasocS3 + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "alphasoc-s3-output", + "type": models.OutputAlphasocS3Type.ALPHASOC_S3, + "bucket": "events", + "stage_path": "/tmp/staging", + "endpoint": "https://s3.alphasoc.net", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesAzureBlob + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "azure-blob-output", + "type": models.OutputAzureBlobType.AZURE_BLOB, + "container_name": "my-container", + "stage_path": "/tmp/staging", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesAzureDataExplorer + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "azure-data-explorer-output", + "type": models.OutputAzureDataExplorerType.AZURE_DATA_EXPLORER, + "cluster_url": "https://mycluster.kusto.windows.net", + "database": "mydatabase", + "table": "mytable", + "ingest_mode": models.OutputAzureDataExplorerIngestionMode.STREAMING, + "oauth_endpoint": models.MicrosoftEntraIDAuthenticationEndpointOptionsSasl.HTTPS_LOGIN_MICROSOFTONLINE_COM, + "tenant_id": "tenant-id", + "client_id": "client-id", + "scope": "https://mycluster.kusto.windows.net/.default", + "oauth_type": models.OutputAzureDataExplorerAuthenticationMethod.CLIENT_SECRET, + "client_secret": "client-secret", + "format_": models.DataFormatOptions.JSON, + "compress": models.CompressionOptionsHTTP.GZIP, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesAzureEventhub + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "azure-eventhub-output", + "type": models.OutputAzureEventhubType.AZURE_EVENTHUB, + "brokers": [ + "myeventhub.servicebus.windows.net:9093", + ], + "topic": "logs", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesAzureLogs + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "azure-logs-output", + "type": models.OutputAzureLogsType.AZURE_LOGS, + "log_type": "Cribl", + "auth_type": models.OutputAzureLogsAuthenticationMethod.MANUAL, + "workspace_id": "workspace-id", + "workspace_key": "workspace-key", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesChronicle + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "chronicle-output", + "type": models.OutputChronicleType.CHRONICLE, + "region": "us", + "log_type": "UNKNOWN", + "gcp_project_id": "my-project", + "gcp_instance": "customer-id", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesClickHouse + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "clickhouse-output", + "type": models.OutputClickHouseType.CLICK_HOUSE, + "url": "http://localhost:8123/", + "database": "mydb", + "table_name": "mytable", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesCloudflareR2 + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "cloudflare-r2-output", + "type": models.OutputCloudflareR2Type.CLOUDFLARE_R2, + "bucket": "my-bucket", + "stage_path": "/tmp/staging", + "endpoint": "https://account-id.r2.cloudflarestorage.com", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesCloudwatch + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "cloudwatch-output", + "type": models.OutputCloudwatchType.CLOUDWATCH, + "log_group_name": "my-log-group", + "log_stream_name": "my-log-stream", + "region": "us-east-1", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesConfluentCloud + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output=models.OutputConfluentCloud( + id="confluent-cloud-output", + type=models.OutputConfluentCloudType.CONFLUENT_CLOUD, + brokers=[ + "pkc-xxxxx.us-east-1.aws.confluent.cloud:9092", + ], + topic="logs", + )) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesCriblHttp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "cribl-http-output", + "type": models.OutputCriblHTTPType.CRIBL_HTTP, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesCriblLake + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "cribl-lake-output", + "type": models.OutputCriblLakeType.CRIBL_LAKE, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesCriblSearchEngine + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "cribl-search-engine-output", + "type": models.OutputCriblSearchEngineType.CRIBL_SEARCH_ENGINE, + "system_fields": [ + "cribl_pipe", + ], + "streamtags": [], + "load_balanced": False, + "tls": { + "disabled": True, + }, + "token_ttl_minutes": 60, + "exclude_fields": [ + "__kube_*", + "__metadata", + "__winEvent", + ], + "compression": models.CompressionOptionsGzipNone.GZIP, + "concurrency": 5, + "max_payload_size_kb": 4096, + "max_payload_events": 0, + "reject_unauthorized": True, + "timeout_sec": 30, + "flush_period_sec": 1, + "failed_request_logging_mode": models.FailedRequestLoggingModeOptions.NONE, + "safe_headers": [], + "throttle_rate_per_sec": "0", + "response_retry_settings": [ + { + "http_status": 401, + "initial_backoff": 1000, + "backoff_rate": 2, + "max_backoff": 20000, + }, + { + "http_status": 403, + "initial_backoff": 1000, + "backoff_rate": 2, + "max_backoff": 20000, + }, + { + "http_status": 408, + "initial_backoff": 250, + "backoff_rate": 2, + "max_backoff": 10000, + }, + { + "http_status": 429, + "initial_backoff": 1000, + "backoff_rate": 2, + "max_backoff": 10000, + }, + { + "http_status": 500, + "initial_backoff": 250, + "backoff_rate": 2, + "max_backoff": 10000, + }, + { + "http_status": 502, + "initial_backoff": 250, + "backoff_rate": 2, + "max_backoff": 10000, + }, + { + "http_status": 503, + "initial_backoff": 250, + "backoff_rate": 2, + "max_backoff": 10000, + }, + { + "http_status": 504, + "initial_backoff": 250, + "backoff_rate": 2, + "max_backoff": 10000, + }, + { + "http_status": 509, + "initial_backoff": 250, + "backoff_rate": 2, + "max_backoff": 10000, + }, + ], + "timeout_retry_settings": { + "timeout_retry": False, + }, + "response_honor_retry_after_header": True, + "on_backpressure": models.BackpressureBehaviorOptions.BLOCK, + "use_round_robin_dns": True, + "url": "https://0.0.0.0:10200", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesCriblTcp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "cribl-tcp-output", + "type": models.OutputCriblTCPType.CRIBL_TCP, + "host": "localhost", + "port": 10090, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesCrowdstrikeNextGenSiem + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "crowdstrike-next-gen-siem-output", + "type": models.OutputCrowdstrikeNextGenSiemType.CROWDSTRIKE_NEXT_GEN_SIEM, + "url": "https://ingest.us.crowdstrike.com/api/ingest/hec/connection-id/v1/services/collector", + "format_": models.RequestFormatOptions.JSON, + "auth_type": models.AuthenticationMethodOptionsAuthTokensItems.MANUAL, + "token": "your-token", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesDatabricks + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "databricks-output", + "type": models.OutputDatabricksType.DATABRICKS, + "workspace_id": "your-workspace-id", + "scope": "all-apis", + "client_id": "your-client-id", + "catalog": "main", + "schema_": "external", + "events_volume_name": "events", + "client_text_secret": "your-client-secret", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesDatadog + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "datadog-output", + "type": models.OutputDatadogType.DATADOG, + "api_key": "your-api-key", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesDataset + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "dataset-output", + "type": models.OutputDatasetType.DATASET, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesDefault + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "default-output", + "type": models.OutputDefaultType.DEFAULT, + "default_id": "my-default-output", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesDiskSpool + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "disk-spool-output", + "type": models.OutputDiskSpoolType.DISK_SPOOL, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesDlS3 + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "dl-s3-output", + "type": models.OutputDlS3Type.DL_S3, + "bucket": "my-bucket", + "region": "us-east-1", + "stage_path": "/tmp/staging", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesDynatraceHttp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "dynatrace-http-output", + "type": models.OutputDynatraceHTTPType.DYNATRACE_HTTP, + "auth_type": models.OutputDynatraceHTTPAuthenticationType.TOKEN, + "format_": models.OutputDynatraceHTTPFormat.JSON_ARRAY, + "endpoint": models.OutputDynatraceHTTPEndpoint.CLOUD, + "telemetry_type": models.OutputDynatraceHTTPTelemetryType.LOGS, + "token": "your-api-key", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesDynatraceOtlp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "dynatrace-otlp-output", + "type": models.OutputDynatraceOtlpType.DYNATRACE_OTLP, + "protocol": models.OutputDynatraceOtlpProtocol.HTTP, + "endpoint": "https://your-environment.live.dynatrace.com/api/v2/otlp", + "otlp_version": models.OtlpVersionOptions131.ONE_DOT_3_DOT_1, + "endpoint_type": models.OutputDynatraceOtlpEndpointType.SAAS, + "token_secret": "your-token-secret", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesElastic + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "elastic-output", + "type": models.OutputElasticType.ELASTIC, + "index": "logs", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesElasticCloud + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "elastic-cloud-output", + "type": models.OutputElasticCloudType.ELASTIC_CLOUD, + "url": "my-cloud-id", + "index": "logs", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesExabeam + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "exabeam-output", + "type": models.OutputExabeamType.EXABEAM, + "bucket": "my-bucket", + "region": "us-east1", + "stage_path": "/tmp/staging", + "endpoint": "https://storage.googleapis.com", + "collector_instance_id": "11112222-3333-4444-5555-666677778888", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesFilesystem + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "filesystem-output", + "type": models.OutputFilesystemType.FILESYSTEM, + "dest_path": "/var/log/output", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesGoogleChronicle + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "google-chronicle-output", + "type": models.OutputGoogleChronicleType.GOOGLE_CHRONICLE, + "log_format_type": models.OutputGoogleChronicleSendEventsAs.UNSTRUCTURED, + "region": "us", + "customer_id": "customer-id", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesGoogleCloudLogging + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "google-cloud-logging-output", + "type": models.OutputGoogleCloudLoggingType.GOOGLE_CLOUD_LOGGING, + "log_location_type": models.OutputGoogleCloudLoggingLogLocationType.PROJECT, + "log_name_expression": "my-log", + "log_location_expression": "my-project", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesGoogleCloudObservability + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "google-cloud-observability-output", + "type": models.OutputGoogleCloudObservabilityType.GOOGLE_CLOUD_OBSERVABILITY, + "google_auth_method": models.OutputGoogleCloudObservabilityGoogleAuthenticationMethod.AUTO, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesGoogleCloudStorage + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "google-cloud-storage-output", + "type": models.OutputGoogleCloudStorageType.GOOGLE_CLOUD_STORAGE, + "bucket": "my-bucket", + "region": "us-east1", + "endpoint": "https://storage.googleapis.com", + "stage_path": "/tmp/staging", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesGooglePubsub + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "google-pubsub-output", + "type": models.OutputGooglePubsubType.GOOGLE_PUBSUB, + "topic_name": "my-topic", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesGrafanaCloud + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output=models.OutputGrafanaCloudGrafanaCloud1( + id="grafana-cloud-output", + type=models.OutputGrafanaCloudType1.GRAFANA_CLOUD, + loki_url="https://logs-prod-us-central1.grafana.net", + )) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesGraphite + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "graphite-output", + "type": models.OutputGraphiteType.GRAPHITE, + "protocol": models.DestinationProtocolOptions.TCP, + "host": "localhost", + "port": 2003, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesHoneycomb + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "honeycomb-output", + "type": models.OutputHoneycombType.HONEYCOMB, + "dataset": "my-dataset", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesHumioHec + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "humio-hec-output", + "type": models.OutputHumioHecType.HUMIO_HEC, + "url": "https://cloud.us.humio.com/api/v1/ingest/hec", + "format_": models.RequestFormatOptions.JSON, + "auth_type": models.AuthenticationMethodOptionsAuthTokensItems.MANUAL, + "token": "your-token", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesInfluxdb + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "influxdb-output", + "type": models.OutputInfluxdbType.INFLUXDB, + "url": "http://localhost:8086", + "database": "mydb", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesKafka + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output=models.OutputKafka( + id="kafka-output", + type=models.OutputKafkaType.KAFKA, + brokers=[ + "localhost:9092", + ], + topic="logs", + )) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesKinesis + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "kinesis-output", + "type": models.OutputKinesisType.KINESIS, + "stream_name": "my-stream", + "region": "us-east-1", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesLocalSearchStorage + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "local-search-storage-output", + "type": models.OutputLocalSearchStorageType.LOCAL_SEARCH_STORAGE, + "url": "http://localhost:8123/", + "database": "default", + "table_name": "mytable", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesLoki + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "loki-output", + "type": models.OutputLokiType.LOKI, + "url": "http://localhost:3100/loki/api/v1/push", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesMicrosoftFabric + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "microsoft-fabric-output", + "type": models.OutputMicrosoftFabricType.MICROSOFT_FABRIC, + "topic": "logs", + "bootstrap_server": "myeventstream.servicebus.windows.net:9093", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesMinio + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "minio-output", + "type": models.OutputMinioType.MINIO, + "bucket": "my-bucket", + "stage_path": "/tmp/staging", + "endpoint": "http://localhost:9000", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesMsk + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output=models.OutputMsk( + id="msk-output", + type=models.OutputMskType.MSK, + brokers=[ + "b-1.example.xxxxx.c2.kafka.us-east-1.amazonaws.com:9092", + ], + topic="logs", + aws_authentication_method=models.AuthenticationMethodOptionsS3CollectorConf.AUTO, + region="us-east-1", + )) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesNetflow + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "netflow-output", + "type": models.OutputNetflowType.NETFLOW, + "hosts": [ + { + "host": "localhost", + "port": 2055, + }, + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesNewrelic + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "newrelic-output", + "type": models.OutputNewrelicType.NEWRELIC, + "api_key": "your-api-key", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesNewrelicEvents + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "newrelic-events-output", + "type": models.OutputNewrelicEventsType.NEWRELIC_EVENTS, + "account_id": "123456", + "event_type": "CriblEvent", + "api_key": "your-api-key", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesNutanixObjects + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "nutanix-objects-output", + "type": models.OutputNutanixObjectsType.NUTANIX_OBJECTS, + "bucket": "my-bucket", + "stage_path": "/tmp/staging", + "endpoint": "https://nutanix-objects.example.com", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesOpenTelemetry + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "opentelemetry-output", + "type": models.OutputOpenTelemetryType.OPEN_TELEMETRY, + "endpoint": "http://localhost:4317", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesPrometheus + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "prometheus-output", + "type": models.OutputPrometheusType.PROMETHEUS, + "url": "http://localhost:9091/api/v1/write", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesRing + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "ring-output", + "type": models.OutputRingType.RING, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesRouter + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "router-output", + "type": models.OutputRouterType.ROUTER, + "rules": [ + { + "filter_": "true", + "output": "my-output", + }, + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesS3 + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "s3-output", + "type": models.OutputS3Type.S3, + "bucket": "my-bucket", + "region": "us-east-1", + "stage_path": "/tmp/staging", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSecurityLake + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "security-lake-output", + "type": models.OutputSecurityLakeType.SECURITY_LAKE, + "assume_role_arn": "arn:aws:iam::123456789012:role/my-role", + "bucket": "my-bucket", + "region": "us-east-1", + "stage_path": "/tmp/staging", + "account_id": "123456789012", + "custom_source": "my-custom-source", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSentinel + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "sentinel-output", + "type": models.OutputSentinelType.SENTINEL, + "login_url": "https://login.microsoftonline.com", + "secret": "client-secret", + "client_id": "client-id", + "endpoint_url_configuration": models.OutputSentinelEndpointConfiguration.URL, + "url": "https://your-workspace.ingest.monitor.azure.com", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSentinelOneAiSiem + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "sentinel-one-ai-siem-output", + "type": models.OutputSentinelOneAiSiemType.SENTINEL_ONE_AI_SIEM, + "region": models.OutputSentinelOneAiSiemRegion.US, + "endpoint": models.OutputSentinelOneAISIEMAISIEMEndpointPath.ROOT_SERVICES_COLLECTOR_EVENT, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesServiceNow + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "servicenow-output", + "type": models.OutputServiceNowType.SERVICE_NOW, + "endpoint": "ingest.lightstep.com:443", + "token_secret": "your-token-secret", + "otlp_version": models.OtlpVersionOptions131.ONE_DOT_3_DOT_1, + "protocol": models.ProtocolOptions.HTTP, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSignalfx + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "signalfx-output", + "type": models.OutputSignalfxType.SIGNALFX, + "realm": "us0", + "token": "your-token", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSnmp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "snmp-output", + "type": models.OutputSnmpType.SNMP, + "hosts": [ + { + "host": "192.168.1.1", + "port": 161, + }, + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSns + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "sns-output", + "type": models.OutputSnsType.SNS, + "topic_arn": "arn:aws:sns:us-east-1:123456789012:my-topic", + "message_group_id": "my-message-group", + "region": "us-east-1", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSplunk + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "splunk-output", + "type": models.OutputSplunkType.SPLUNK, + "host": "localhost", + "port": 9997, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSplunkHec + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "splunk-hec-output", + "type": models.OutputSplunkHecType.SPLUNK_HEC, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSplunkLb + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output=models.OutputSplunkLb( + id="splunk-lb-output", + type=models.OutputSplunkLbType.SPLUNK_LB, + hosts=[ + models.HostConfOutputSyslog( + host="localhost", + port=9997, + ), + ], + )) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSqs + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "sqs-output", + "type": models.OutputSqsType.SQS, + "queue_name": "my-queue", + "queue_type": models.OutputSqsQueueType.STANDARD, + "region": "us-east-1", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesStatsd + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "statsd-output", + "type": models.OutputStatsdType.STATSD, + "protocol": models.DestinationProtocolOptions.UDP, + "host": "localhost", + "port": 8125, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesStatsdExt + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "statsd-ext-output", + "type": models.OutputStatsdExtType.STATSD_EXT, + "protocol": models.DestinationProtocolOptions.UDP, + "host": "localhost", + "port": 8125, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesStorjS3 + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "storj-s3-output", + "type": models.OutputStorjS3Type.STORJ_S3, + "bucket": "my-bucket", + "stage_path": "/tmp/staging", + "endpoint": "https://gateway.storjshare.io", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSumoLogic + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "sumo-logic-output", + "type": models.OutputSumoLogicType.SUMO_LOGIC, + "url": "https://endpoint1.collection.us2.sumologic.com", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSyslog + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "syslog-output", + "type": models.OutputSyslogType.SYSLOG, + "host": "localhost", + "port": 514, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesTcpjson + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "tcpjson-output", + "type": models.OutputTcpjsonType.TCPJSON, + "host": "localhost", + "port": 10090, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesWavefront + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "wavefront-output", + "type": models.OutputWavefrontType.WAVEFRONT, + "domain": "longboard", + "token": "your-token", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesWebhook + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "webhook-output", + "type": models.OutputWebhookType1.WEBHOOK, + "url": "https://example.com/webhook", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesWizHec + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "wiz-hec-output", + "type": models.OutputWizHecType.WIZ_HEC, + "auth_type": models.AuthenticationMethodOptionsAuthTokensItems.MANUAL, + "wiz_connector_id": "00000000-0000-0000-0000-000000000000", + "wiz_environment": "test", + "data_center": "us1", + "wiz_sourcetype": "placeholder", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesXsiam + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "xsiam-output", + "type": models.OutputXsiamType.XSIAM, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesalibabaCloudS3 + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "alibaba-oss-output", + "type": models.OutputAlibabaCloudS3Type.ALIBABA_CLOUD_S3, + "bucket": "my-bucket", + "stage_path": "/tmp/staging", + "endpoint": "https://s3.oss-cn-hangzhou.aliyuncs.com", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplescloudianS3 + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "cloudian-s3-output", + "type": models.OutputCloudianS3Type.CLOUDIAN_S3, + "endpoint": "https://s3.hyperstore.example.com", + "bucket": "my-bucket", + "stage_path": "/tmp/staging", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesdellS3 + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "dell-s3-output", + "type": models.OutputDellS3Type.DELL_S3, + "bucket": "my-bucket", + "stage_path": "/tmp/staging", + "endpoint": "https://powerscale.example.com:9021", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesscalityS3 + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.destinations.update(id="", output={ + "id": "scality-s3-output", + "type": models.OutputScalityS3Type.SCALITY_S3, + "bucket": "my-bucket", + "stage_path": "/tmp/staging", + "endpoint": "https://s3.scality.example.com", + }) + + # Handle response + print(res) + ``` ### Parameters diff --git a/docs/sdks/destinationsstatuses/README.md b/docs/sdks/destinationsstatuses/README.md index 6b7e8d901..3a34067c4 100644 --- a/docs/sdks/destinationsstatuses/README.md +++ b/docs/sdks/destinationsstatuses/README.md @@ -4,16 +4,16 @@ ### Available Operations -* [get](#get) - Get the status of a Destination * [list](#list) - List the status of all Destinations +* [get](#get) - Get the status of a Destination -## get +## list -Get the status and optional metrics for the specified Destination. +List status information and optional metrics for all configured Destinations in the Worker Group or Edge Fleet. ### Example Usage - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -26,25 +26,28 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.destinations.statuses.get(id="") + res = ccp_client.destinations.statuses.list() - # Handle response - print(res) + while res is not None: + # Handle items + + res = res.next() ``` ### Parameters -| Parameter | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | -| `id` | *str* | :heavy_check_mark: | The id of the Destination to get the status for. | -| `metrics` | *Optional[bool]* | :heavy_minus_sign: | Set to true to include metrics for each Destination. Otherwise, false (default). | -| `type` | *Optional[bool]* | :heavy_minus_sign: | Set to true to prefix the Destination id with the Destination type. Otherwise, false (default). | -| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | +| Parameter | Type | Required | Description | +| -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | +| `metrics` | *Optional[bool]* | :heavy_minus_sign: | Set to true to include metrics for each Destination. Otherwise, false (default). | +| `type` | *Optional[bool]* | :heavy_minus_sign: | Set to true to prefix the Destination id with the Destination type. Otherwise, false (default). | +| `offset` | *Optional[int]* | :heavy_minus_sign: | Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. | +| `limit` | *Optional[int]* | :heavy_minus_sign: | Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | ### Response -**[models.CountedOutputStatus](../../models/countedoutputstatus.md)** +**[models.GetOutputStatusResponse](../../models/getoutputstatusresponse.md)** ### Errors @@ -53,13 +56,13 @@ with CriblControlPlane( | errors.Error | 500 | application/json | | errors.APIError | 4XX, 5XX | \*/\* | -## list +## get -List status information and optional metrics for all configured Destinations in the Worker Group or Edge Fleet. +Get the status and optional metrics for the specified Destination. ### Example Usage - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -72,28 +75,25 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.destinations.statuses.list() - - while res is not None: - # Handle items + res = ccp_client.destinations.statuses.get(id="") - res = res.next() + # Handle response + print(res) ``` ### Parameters -| Parameter | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -| `metrics` | *Optional[bool]* | :heavy_minus_sign: | Set to true to include metrics for each Destination. Otherwise, false (default). | -| `type` | *Optional[bool]* | :heavy_minus_sign: | Set to true to prefix the Destination id with the Destination type. Otherwise, false (default). | -| `offset` | *Optional[int]* | :heavy_minus_sign: | Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. | -| `limit` | *Optional[int]* | :heavy_minus_sign: | Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. | -| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | +| Parameter | Type | Required | Description | +| -------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | +| `id` | *str* | :heavy_check_mark: | The id of the Destination to get the status for. | +| `metrics` | *Optional[bool]* | :heavy_minus_sign: | Set to true to include metrics for each Destination. Otherwise, false (default). | +| `type` | *Optional[bool]* | :heavy_minus_sign: | Set to true to prefix the Destination id with the Destination type. Otherwise, false (default). | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | ### Response -**[models.GetOutputStatusResponse](../../models/getoutputstatusresponse.md)** +**[models.CountedOutputStatus](../../models/countedoutputstatus.md)** ### Errors diff --git a/docs/sdks/functions/README.md b/docs/sdks/functions/README.md index 08f819440..37aa77833 100644 --- a/docs/sdks/functions/README.md +++ b/docs/sdks/functions/README.md @@ -6,16 +6,16 @@ Actions related to functions ### Available Operations -* [get](#get) - Get a Function * [list](#list) - List all Functions +* [get](#get) - Get a Function -## get +## list -Get the specified Function. +Get a list of all Functions. ### Example Usage - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -28,7 +28,7 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.functions.get(id="") + res = ccp_client.functions.list() # Handle response print(res) @@ -39,7 +39,6 @@ with CriblControlPlane( | Parameter | Type | Required | Description | | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | -| `id` | *str* | :heavy_check_mark: | The id of the Function to get. | | `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | ### Response @@ -53,13 +52,13 @@ with CriblControlPlane( | errors.Error | 500 | application/json | | errors.APIError | 4XX, 5XX | \*/\* | -## list +## get -Get a list of all Functions. +Get the specified Function. ### Example Usage - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -72,7 +71,7 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.functions.list() + res = ccp_client.functions.get(id="") # Handle response print(res) @@ -83,6 +82,7 @@ with CriblControlPlane( | Parameter | Type | Required | Description | | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | +| `id` | *str* | :heavy_check_mark: | The id of the Function to get. | | `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | ### Response diff --git a/docs/sdks/groupssdk/README.md b/docs/sdks/groupssdk/README.md index b737d0dc4..6b1f6bec2 100644 --- a/docs/sdks/groupssdk/README.md +++ b/docs/sdks/groupssdk/README.md @@ -155,7 +155,7 @@ with CriblControlPlane( | Parameter | Type | Required | Description | Example | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `product` | [models.ProductsCore](../../models/productscore.md) | :heavy_check_mark: | Name of the Cribl product to add the Worker Group, Outpost Group, or Edge Fleet to. | | -| `id` | *str* | :heavy_check_mark: | N/A | | +| `id` | *str* | :heavy_check_mark: | Unique identifier. | | | `cloud` | [Optional[models.ConfigGroupCloud]](../../models/configgroupcloud.md) | :heavy_minus_sign: | N/A | | | `description` | *Optional[str]* | :heavy_minus_sign: | Brief description of the Worker Group, Outpost Group, or Edge Fleet. | | | `estimated_ingest_rate` | [Optional[models.EstimatedIngestRateOptionsConfigGroup]](../../models/estimatedingestrateoptionsconfiggroup.md) | :heavy_minus_sign: | Estimated ingest rate for a Cribl.Cloud Worker Group, in GB/sec. | 4096 | @@ -233,7 +233,7 @@ with CriblControlPlane( ## update -Update the specified Worker Group, Outpost Group, or Edge Fleet.

Provide a complete representation of the Group or Fleet that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Group or Fleet.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Group or Fleet might not function as expected.**Warning**: Do not change the values for the following parameters in the body of PATCH requests. The request body must include the values as they appear in the GET /products/{product}/groups/{id} response.
- configVersion
- deployingWorkerCount
- incompatibleWorkerCount
- workerCount
- lookupDeployments. +Update the specified Worker Group, Outpost Group, or Edge Fleet.

Provide a complete representation of the Group or Fleet that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Group or Fleet.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Group or Fleet might not function as expected.

**Warning**: Do not change the values for the following parameters in the body of PATCH requests. The request body must include the values as they appear in the GET /products/{product}/groups/{id} response.
- configVersion
- deployingWorkerCount
- incompatibleWorkerCount
- workerCount
- lookupDeployments. ### Example Usage: UpdateGroupExamplesScaleCloudWorkerGroup @@ -287,7 +287,7 @@ with CriblControlPlane( | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `product` | [models.ProductsCore](../../models/productscore.md) | :heavy_check_mark: | Name of the Cribl product to get the Worker Groups, Outpost Groups, or Edge Fleets for. | | | `id_param` | *str* | :heavy_check_mark: | The id of the Worker Group, Outpost Group, or Edge Fleet to update. | | -| `id` | *str* | :heavy_check_mark: | N/A | | +| `id` | *str* | :heavy_check_mark: | Unique identifier. | | | `cloud` | [Optional[models.ConfigGroupCloud]](../../models/configgroupcloud.md) | :heavy_minus_sign: | N/A | | | `config_version` | *Optional[str]* | :heavy_minus_sign: | Commit hash of the deployed configuration version for the Worker Group, Outpost Group, or Edge Fleet. Automatically populated and returned in responses.

**Warning**: Do not change the value of configVersion in the body of PATCH requests. The PATCH request body must include the value as it appears in the GET /products/{product}/groups/{id} response. | | | `deploying_worker_count` | *Optional[int]* | :heavy_minus_sign: | Number of Workers or Nodes that are currently deploying the latest configuration version.

**Warning**: Do not change the value of deployingWorkerCount in the body of PATCH requests. The PATCH request body must include the value as it appears in the GET /products/{product}/groups/{id} response. | | diff --git a/docs/sdks/health/README.md b/docs/sdks/health/README.md index 6ff5d3fbf..c600ef543 100644 --- a/docs/sdks/health/README.md +++ b/docs/sdks/health/README.md @@ -10,7 +10,7 @@ Actions related to REST server health ## get -Get the current health status of the server (Leader or Worker Node). In Distributed deployments, requests routed to a Worker or Edge node using the [host context](https://docs.cribl.io/cribl-as-code/api#base-url-group-fleet-host) require a Bearer token for [authentication](https://docs.cribl.io/cribl-as-code/api-auth/). +Get the current health status of the server (Leader or Worker Node). In Distributed deployments, requests routed to a Worker or Edge node using the [host context](https://docs.cribl.io/cribl-as-code/api#base-url-group-fleet-host) require a Bearer token for [authentication](https://docs.cribl.io/cribl-as-code/api-auth/). ### Example Usage diff --git a/docs/sdks/nodes/README.md b/docs/sdks/nodes/README.md index 6269563d0..e03cf7e81 100644 --- a/docs/sdks/nodes/README.md +++ b/docs/sdks/nodes/README.md @@ -5,8 +5,8 @@ ### Available Operations * [count](#count) - Get a count of Worker, Edge, or Outpost Nodes -* [get](#get) - Get detailed metadata for a Worker, Edge, or Outpost Node * [list](#list) - Get detailed metadata for Worker, Edge, or Outpost Nodes +* [get](#get) - Get detailed metadata for a Worker, Edge, or Outpost Node * [restart](#restart) - Restart Worker, Edge, or Outpost Nodes ## count @@ -54,13 +54,13 @@ with CriblControlPlane( | errors.Error | 500 | application/json | | errors.APIError | 4XX, 5XX | \*/\* | -## get +## list -Get detailed metadata for the specified Worker, Edge, or Outpost Node for the specified Cribl product. +Get detailed metadata for Worker, Edge, or Outpost Nodes for the specified Cribl product. ### Example Usage - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -73,24 +73,31 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.nodes.get(product=models.ProductsCore.STREAM, id="") + res = ccp_client.nodes.list(product=models.ProductsCore.STREAM) - # Handle response - print(res) + while res is not None: + # Handle items + + res = res.next() ``` ### Parameters -| Parameter | Type | Required | Description | -| ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | -| `product` | [models.ProductsCore](../../models/productscore.md) | :heavy_check_mark: | Name of the Cribl product that contains the Node. | -| `id` | *str* | :heavy_check_mark: | The id of the Node to get the metadata for. | -| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | +| Parameter | Type | Required | Description | +| -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | +| `product` | [models.ProductsCore](../../models/productscore.md) | :heavy_check_mark: | Name of the Cribl product to get Worker, Edge, or Outpost Nodes for. | +| `filter_exp` | *Optional[str]* | :heavy_minus_sign: | Filter expression to evaluate against Nodes for inclusion in the response. | +| `sort_exp` | *Optional[str]* | :heavy_minus_sign: | Sorting expression to evaluate against Nodes to specify the sort order for the response. | +| `filter_` | *Optional[str]* | :heavy_minus_sign: | JSON-stringified filter object to evaluate against Nodes for inclusion in the response. | +| `sort` | *Optional[str]* | :heavy_minus_sign: | JSON-stringified sorting object to evaluate against Nodes to specify the sort order for the response. | +| `limit` | *Optional[int]* | :heavy_minus_sign: | Maximum number of Nodes to return in the response for this request. Use with offset to paginate the response into manageable batches. | +| `offset` | *Optional[int]* | :heavy_minus_sign: | Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | ### Response -**[models.CountedMasterWorkerEntry](../../models/countedmasterworkerentry.md)** +**[models.GetProductsWorkersByProductResponse](../../models/getproductsworkersbyproductresponse.md)** ### Errors @@ -99,13 +106,13 @@ with CriblControlPlane( | errors.Error | 500 | application/json | | errors.APIError | 4XX, 5XX | \*/\* | -## list +## get -Get detailed metadata for Worker, Edge, or Outpost Nodes for the specified Cribl product. +Get detailed metadata for the specified Worker, Edge, or Outpost Node for the specified Cribl product. ### Example Usage - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -118,31 +125,24 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.nodes.list(product=models.ProductsCore.STREAM) - - while res is not None: - # Handle items + res = ccp_client.nodes.get(product=models.ProductsCore.STREAM, id="") - res = res.next() + # Handle response + print(res) ``` ### Parameters -| Parameter | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -| `product` | [models.ProductsCore](../../models/productscore.md) | :heavy_check_mark: | Name of the Cribl product to get Worker, Edge, or Outpost Nodes for. | -| `filter_exp` | *Optional[str]* | :heavy_minus_sign: | Filter expression to evaluate against Nodes for inclusion in the response. | -| `sort_exp` | *Optional[str]* | :heavy_minus_sign: | Sorting expression to evaluate against Nodes to specify the sort order for the response. | -| `filter_` | *Optional[str]* | :heavy_minus_sign: | JSON-stringified filter object to evaluate against Nodes for inclusion in the response. | -| `sort` | *Optional[str]* | :heavy_minus_sign: | JSON-stringified sorting object to evaluate against Nodes to specify the sort order for the response. | -| `limit` | *Optional[int]* | :heavy_minus_sign: | Maximum number of Nodes to return in the response for this request. Use with offset to paginate the response into manageable batches. | -| `offset` | *Optional[int]* | :heavy_minus_sign: | Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. | -| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | +| Parameter | Type | Required | Description | +| ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | +| `product` | [models.ProductsCore](../../models/productscore.md) | :heavy_check_mark: | Name of the Cribl product that contains the Node. | +| `id` | *str* | :heavy_check_mark: | The id of the Node to get the metadata for. | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | ### Response -**[models.GetProductsWorkersByProductResponse](../../models/getproductsworkersbyproductresponse.md)** +**[models.CountedMasterWorkerEntry](../../models/countedmasterworkerentry.md)** ### Errors diff --git a/docs/sdks/packs/README.md b/docs/sdks/packs/README.md index 37e3add62..a070ffa4e 100644 --- a/docs/sdks/packs/README.md +++ b/docs/sdks/packs/README.md @@ -9,13 +9,13 @@ Actions related to Packs * [install](#install) - Install a Pack * [list](#list) - List all Packs * [upload](#upload) - Upload a Pack file -* [delete](#delete) - Uninstall a Pack * [get](#get) - Get a Pack * [update](#update) - Upgrade a Pack +* [delete](#delete) - Uninstall a Pack ## install -Install a Pack.

To install an uploaded Pack, provide the source value from the PUT /packs response as the source parameter in the request body.

To install a Pack by importing from a URL, provide the direct URL location of the .crbl file for the Pack as the source parameter in the request body.

To install a Pack by importing from a Git repository, provide git+ as the source parameter in the request body.

If you do not include the source parameter in the request body, an empty Pack is created. +Install a Pack.

To install an uploaded Pack, provide the source value from the PUT /packs response as the source parameter in the request body.

To install a Pack by importing from a URL, provide the direct URL location of the .crbl file for the Pack as the source parameter in the request body.

To install a Pack by importing from a Git repository, provide git+ as the source parameter in the request body.

If you do not include the source parameter in the request body, an empty Pack is created. ### Example Usage: PackInstallExamplesEmptyPack @@ -259,7 +259,7 @@ with CriblControlPlane( | Parameter | Type | Required | Description | | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | | `filename` | *str* | :heavy_check_mark: | Filename of the Pack file to upload. | -| `request_body` | *Union[bytes, IO[bytes], io.BufferedReader]* | :heavy_check_mark: | N/A | +| `request_body` | *Union[bytes, IO[bytes], io.IOBase]* | :heavy_check_mark: | N/A | | `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | ### Response @@ -273,13 +273,13 @@ with CriblControlPlane( | errors.Error | 500 | application/json | | errors.APIError | 4XX, 5XX | \*/\* | -## delete +## get -Uninstall the specified Pack. +Get the specified Pack. ### Example Usage - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -292,7 +292,7 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.packs.delete(id="") + res = ccp_client.packs.get(id="") # Handle response print(res) @@ -303,12 +303,12 @@ with CriblControlPlane( | Parameter | Type | Required | Description | | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | -| `id` | *str* | :heavy_check_mark: | The id of the Pack to uninstall. | +| `id` | *str* | :heavy_check_mark: | The id of the Pack to get. | | `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | ### Response -**[models.CountedPackUninstallInfo](../../models/countedpackuninstallinfo.md)** +**[models.CountedPackInfo](../../models/countedpackinfo.md)** ### Errors @@ -317,13 +317,13 @@ with CriblControlPlane( | errors.Error | 500 | application/json | | errors.APIError | 4XX, 5XX | \*/\* | -## get +## update -Get the specified Pack. +Upgrade the specified Pack.

If the Pack includes any user-modified versions of default Cribl Knowledge resources such as lookups, copy the modified files locally for safekeeping before upgrading the Pack. Copy the modified files back to the upgraded Pack after you install it with POST /packs to overwrite the default versions in the Pack.

After you upgrade the Pack, update any Routes, Pipelines, Sources, and Destinations that use the previous Pack version so that they reference the upgraded Pack. ### Example Usage - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -336,7 +336,7 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.packs.get(id="") + res = ccp_client.packs.update(id="", source="https://github.com/criblpacks/cribl-palo-alto-networks/releases/download/1.1.4/cribl-palo-alto-networks-a3e5a19d-1.1.4.crbl") # Handle response print(res) @@ -347,7 +347,11 @@ with CriblControlPlane( | Parameter | Type | Required | Description | | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | -| `id` | *str* | :heavy_check_mark: | The id of the Pack to get. | +| `id` | *str* | :heavy_check_mark: | The id of the Pack to upgrade. | +| `source` | *str* | :heavy_check_mark: | N/A | +| `allow_custom_functions` | *Optional[bool]* | :heavy_minus_sign: | N/A | +| `minor` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `spec` | *Optional[str]* | :heavy_minus_sign: | N/A | | `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | ### Response @@ -361,13 +365,13 @@ with CriblControlPlane( | errors.Error | 500 | application/json | | errors.APIError | 4XX, 5XX | \*/\* | -## update +## delete -Upgrade the specified Pack.

If the Pack includes any user-modified versions of default Cribl Knowledge resources such as lookups, copy the modified files locally for safekeeping before upgrading the Pack.Copy the modified files back to the upgraded Pack after you install it with POST /packs to overwrite the default versions in the Pack.

After you upgrade the Pack, update any Routes, Pipelines, Sources, and Destinations that use the previous Pack version so that they reference the upgraded Pack. +Uninstall the specified Pack. ### Example Usage - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -380,7 +384,7 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.packs.update(id="", source="https://github.com/criblpacks/cribl-palo-alto-networks/releases/download/1.1.4/cribl-palo-alto-networks-a3e5a19d-1.1.4.crbl") + res = ccp_client.packs.delete(id="") # Handle response print(res) @@ -391,16 +395,12 @@ with CriblControlPlane( | Parameter | Type | Required | Description | | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | -| `id` | *str* | :heavy_check_mark: | The id of the Pack to upgrade. | -| `source` | *str* | :heavy_check_mark: | N/A | -| `allow_custom_functions` | *Optional[bool]* | :heavy_minus_sign: | N/A | -| `minor` | *Optional[str]* | :heavy_minus_sign: | N/A | -| `spec` | *Optional[str]* | :heavy_minus_sign: | N/A | +| `id` | *str* | :heavy_check_mark: | The id of the Pack to uninstall. | | `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | ### Response -**[models.CountedPackInfo](../../models/countedpackinfo.md)** +**[models.CountedPackUninstallInfo](../../models/countedpackuninstallinfo.md)** ### Errors diff --git a/docs/sdks/packsdestinations/README.md b/docs/sdks/packsdestinations/README.md index 1a3ce8ed2..2e57dd586 100644 --- a/docs/sdks/packsdestinations/README.md +++ b/docs/sdks/packsdestinations/README.md @@ -705,7 +705,7 @@ with CriblControlPlane( "type": models.CreateOutputSystemByPackTypeDynatraceHTTP.DYNATRACE_HTTP, "auth_type": models.CreateOutputSystemByPackAuthenticationTypeDynatraceHTTP.TOKEN, "format_": models.CreateOutputSystemByPackFormatDynatraceHTTP.JSON_ARRAY, - "endpoint": models.CreateOutputSystemByPackEndpoint.CLOUD, + "endpoint": models.CreateOutputSystemByPackEndpointDynatraceHTTP.CLOUD, "telemetry_type": models.CreateOutputSystemByPackTelemetryType.LOGS, "token": "your-api-key", }) @@ -901,6 +901,31 @@ with CriblControlPlane( # Handle response print(res) +``` +### Example Usage: OutputCreateExamplesGoogleCloudObservability + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.create(pack="", request_body={ + "id": "google-cloud-observability-output", + "type": models.CreateOutputSystemByPackTypeGoogleCloudObservability.GOOGLE_CLOUD_OBSERVABILITY, + "google_auth_method": models.CreateOutputSystemByPackGoogleAuthenticationMethod.AUTO, + }) + + # Handle response + print(res) + ``` ### Example Usage: OutputCreateExamplesGoogleCloudStorage @@ -4410,6 +4435,2185 @@ with CriblControlPlane( # Handle response print(res) +``` +### Example Usage: UpdateOutputExamplesAlphasocS3 + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "alphasoc-s3-output", + "type": models.OutputAlphasocS3Type.ALPHASOC_S3, + "bucket": "events", + "stage_path": "/tmp/staging", + "endpoint": "https://s3.alphasoc.net", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesAzureBlob + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "azure-blob-output", + "type": models.OutputAzureBlobType.AZURE_BLOB, + "container_name": "my-container", + "stage_path": "/tmp/staging", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesAzureDataExplorer + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "azure-data-explorer-output", + "type": models.OutputAzureDataExplorerType.AZURE_DATA_EXPLORER, + "cluster_url": "https://mycluster.kusto.windows.net", + "database": "mydatabase", + "table": "mytable", + "ingest_mode": models.OutputAzureDataExplorerIngestionMode.STREAMING, + "oauth_endpoint": models.MicrosoftEntraIDAuthenticationEndpointOptionsSasl.HTTPS_LOGIN_MICROSOFTONLINE_COM, + "tenant_id": "tenant-id", + "client_id": "client-id", + "scope": "https://mycluster.kusto.windows.net/.default", + "oauth_type": models.OutputAzureDataExplorerAuthenticationMethod.CLIENT_SECRET, + "client_secret": "client-secret", + "format_": models.DataFormatOptions.JSON, + "compress": models.CompressionOptionsHTTP.GZIP, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesAzureEventhub + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "azure-eventhub-output", + "type": models.OutputAzureEventhubType.AZURE_EVENTHUB, + "brokers": [ + "myeventhub.servicebus.windows.net:9093", + ], + "topic": "logs", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesAzureLogs + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "azure-logs-output", + "type": models.OutputAzureLogsType.AZURE_LOGS, + "log_type": "Cribl", + "auth_type": models.OutputAzureLogsAuthenticationMethod.MANUAL, + "workspace_id": "workspace-id", + "workspace_key": "workspace-key", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesChronicle + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "chronicle-output", + "type": models.OutputChronicleType.CHRONICLE, + "region": "us", + "log_type": "UNKNOWN", + "gcp_project_id": "my-project", + "gcp_instance": "customer-id", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesClickHouse + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "clickhouse-output", + "type": models.OutputClickHouseType.CLICK_HOUSE, + "url": "http://localhost:8123/", + "database": "mydb", + "table_name": "mytable", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesCloudflareR2 + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "cloudflare-r2-output", + "type": models.OutputCloudflareR2Type.CLOUDFLARE_R2, + "bucket": "my-bucket", + "stage_path": "/tmp/staging", + "endpoint": "https://account-id.r2.cloudflarestorage.com", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesCloudwatch + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "cloudwatch-output", + "type": models.OutputCloudwatchType.CLOUDWATCH, + "log_group_name": "my-log-group", + "log_stream_name": "my-log-stream", + "region": "us-east-1", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesConfluentCloud + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output=models.OutputConfluentCloud( + id="confluent-cloud-output", + type=models.OutputConfluentCloudType.CONFLUENT_CLOUD, + brokers=[ + "pkc-xxxxx.us-east-1.aws.confluent.cloud:9092", + ], + topic="logs", + )) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesCriblHttp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "cribl-http-output", + "type": models.OutputCriblHTTPType.CRIBL_HTTP, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesCriblLake + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "cribl-lake-output", + "type": models.OutputCriblLakeType.CRIBL_LAKE, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesCriblSearchEngine + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "cribl-search-engine-output", + "type": models.OutputCriblSearchEngineType.CRIBL_SEARCH_ENGINE, + "system_fields": [ + "cribl_pipe", + ], + "streamtags": [], + "load_balanced": False, + "tls": { + "disabled": True, + }, + "token_ttl_minutes": 60, + "exclude_fields": [ + "__kube_*", + "__metadata", + "__winEvent", + ], + "compression": models.CompressionOptionsGzipNone.GZIP, + "concurrency": 5, + "max_payload_size_kb": 4096, + "max_payload_events": 0, + "reject_unauthorized": True, + "timeout_sec": 30, + "flush_period_sec": 1, + "failed_request_logging_mode": models.FailedRequestLoggingModeOptions.NONE, + "safe_headers": [], + "throttle_rate_per_sec": "0", + "response_retry_settings": [ + { + "http_status": 401, + "initial_backoff": 1000, + "backoff_rate": 2, + "max_backoff": 20000, + }, + { + "http_status": 403, + "initial_backoff": 1000, + "backoff_rate": 2, + "max_backoff": 20000, + }, + { + "http_status": 408, + "initial_backoff": 250, + "backoff_rate": 2, + "max_backoff": 10000, + }, + { + "http_status": 429, + "initial_backoff": 1000, + "backoff_rate": 2, + "max_backoff": 10000, + }, + { + "http_status": 500, + "initial_backoff": 250, + "backoff_rate": 2, + "max_backoff": 10000, + }, + { + "http_status": 502, + "initial_backoff": 250, + "backoff_rate": 2, + "max_backoff": 10000, + }, + { + "http_status": 503, + "initial_backoff": 250, + "backoff_rate": 2, + "max_backoff": 10000, + }, + { + "http_status": 504, + "initial_backoff": 250, + "backoff_rate": 2, + "max_backoff": 10000, + }, + { + "http_status": 509, + "initial_backoff": 250, + "backoff_rate": 2, + "max_backoff": 10000, + }, + ], + "timeout_retry_settings": { + "timeout_retry": False, + }, + "response_honor_retry_after_header": True, + "on_backpressure": models.BackpressureBehaviorOptions.BLOCK, + "use_round_robin_dns": True, + "url": "https://0.0.0.0:10200", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesCriblTcp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "cribl-tcp-output", + "type": models.OutputCriblTCPType.CRIBL_TCP, + "host": "localhost", + "port": 10090, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesCrowdstrikeNextGenSiem + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "crowdstrike-next-gen-siem-output", + "type": models.OutputCrowdstrikeNextGenSiemType.CROWDSTRIKE_NEXT_GEN_SIEM, + "url": "https://ingest.us.crowdstrike.com/api/ingest/hec/connection-id/v1/services/collector", + "format_": models.RequestFormatOptions.JSON, + "auth_type": models.AuthenticationMethodOptionsAuthTokensItems.MANUAL, + "token": "your-token", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesDatabricks + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "databricks-output", + "type": models.OutputDatabricksType.DATABRICKS, + "workspace_id": "your-workspace-id", + "scope": "all-apis", + "client_id": "your-client-id", + "catalog": "main", + "schema_": "external", + "events_volume_name": "events", + "client_text_secret": "your-client-secret", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesDatadog + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "datadog-output", + "type": models.OutputDatadogType.DATADOG, + "api_key": "your-api-key", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesDataset + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "dataset-output", + "type": models.OutputDatasetType.DATASET, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesDefault + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "default-output", + "type": models.OutputDefaultType.DEFAULT, + "default_id": "my-default-output", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesDiskSpool + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "disk-spool-output", + "type": models.OutputDiskSpoolType.DISK_SPOOL, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesDlS3 + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "dl-s3-output", + "type": models.OutputDlS3Type.DL_S3, + "bucket": "my-bucket", + "region": "us-east-1", + "stage_path": "/tmp/staging", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesDynatraceHttp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "dynatrace-http-output", + "type": models.OutputDynatraceHTTPType.DYNATRACE_HTTP, + "auth_type": models.OutputDynatraceHTTPAuthenticationType.TOKEN, + "format_": models.OutputDynatraceHTTPFormat.JSON_ARRAY, + "endpoint": models.OutputDynatraceHTTPEndpoint.CLOUD, + "telemetry_type": models.OutputDynatraceHTTPTelemetryType.LOGS, + "token": "your-api-key", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesDynatraceOtlp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "dynatrace-otlp-output", + "type": models.OutputDynatraceOtlpType.DYNATRACE_OTLP, + "protocol": models.OutputDynatraceOtlpProtocol.HTTP, + "endpoint": "https://your-environment.live.dynatrace.com/api/v2/otlp", + "otlp_version": models.OtlpVersionOptions131.ONE_DOT_3_DOT_1, + "endpoint_type": models.OutputDynatraceOtlpEndpointType.SAAS, + "token_secret": "your-token-secret", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesElastic + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "elastic-output", + "type": models.OutputElasticType.ELASTIC, + "index": "logs", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesElasticCloud + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "elastic-cloud-output", + "type": models.OutputElasticCloudType.ELASTIC_CLOUD, + "url": "my-cloud-id", + "index": "logs", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesExabeam + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "exabeam-output", + "type": models.OutputExabeamType.EXABEAM, + "bucket": "my-bucket", + "region": "us-east1", + "stage_path": "/tmp/staging", + "endpoint": "https://storage.googleapis.com", + "collector_instance_id": "11112222-3333-4444-5555-666677778888", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesFilesystem + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "filesystem-output", + "type": models.OutputFilesystemType.FILESYSTEM, + "dest_path": "/var/log/output", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesGoogleChronicle + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "google-chronicle-output", + "type": models.OutputGoogleChronicleType.GOOGLE_CHRONICLE, + "log_format_type": models.OutputGoogleChronicleSendEventsAs.UNSTRUCTURED, + "region": "us", + "customer_id": "customer-id", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesGoogleCloudLogging + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "google-cloud-logging-output", + "type": models.OutputGoogleCloudLoggingType.GOOGLE_CLOUD_LOGGING, + "log_location_type": models.OutputGoogleCloudLoggingLogLocationType.PROJECT, + "log_name_expression": "my-log", + "log_location_expression": "my-project", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesGoogleCloudObservability + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "google-cloud-observability-output", + "type": models.OutputGoogleCloudObservabilityType.GOOGLE_CLOUD_OBSERVABILITY, + "google_auth_method": models.OutputGoogleCloudObservabilityGoogleAuthenticationMethod.AUTO, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesGoogleCloudStorage + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "google-cloud-storage-output", + "type": models.OutputGoogleCloudStorageType.GOOGLE_CLOUD_STORAGE, + "bucket": "my-bucket", + "region": "us-east1", + "endpoint": "https://storage.googleapis.com", + "stage_path": "/tmp/staging", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesGooglePubsub + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "google-pubsub-output", + "type": models.OutputGooglePubsubType.GOOGLE_PUBSUB, + "topic_name": "my-topic", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesGrafanaCloud + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output=models.OutputGrafanaCloudGrafanaCloud1( + id="grafana-cloud-output", + type=models.OutputGrafanaCloudType1.GRAFANA_CLOUD, + loki_url="https://logs-prod-us-central1.grafana.net", + )) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesGraphite + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "graphite-output", + "type": models.OutputGraphiteType.GRAPHITE, + "protocol": models.DestinationProtocolOptions.TCP, + "host": "localhost", + "port": 2003, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesHoneycomb + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "honeycomb-output", + "type": models.OutputHoneycombType.HONEYCOMB, + "dataset": "my-dataset", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesHumioHec + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "humio-hec-output", + "type": models.OutputHumioHecType.HUMIO_HEC, + "url": "https://cloud.us.humio.com/api/v1/ingest/hec", + "format_": models.RequestFormatOptions.JSON, + "auth_type": models.AuthenticationMethodOptionsAuthTokensItems.MANUAL, + "token": "your-token", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesInfluxdb + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "influxdb-output", + "type": models.OutputInfluxdbType.INFLUXDB, + "url": "http://localhost:8086", + "database": "mydb", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesKafka + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output=models.OutputKafka( + id="kafka-output", + type=models.OutputKafkaType.KAFKA, + brokers=[ + "localhost:9092", + ], + topic="logs", + )) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesKinesis + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "kinesis-output", + "type": models.OutputKinesisType.KINESIS, + "stream_name": "my-stream", + "region": "us-east-1", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesLocalSearchStorage + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "local-search-storage-output", + "type": models.OutputLocalSearchStorageType.LOCAL_SEARCH_STORAGE, + "url": "http://localhost:8123/", + "database": "default", + "table_name": "mytable", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesLoki + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "loki-output", + "type": models.OutputLokiType.LOKI, + "url": "http://localhost:3100/loki/api/v1/push", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesMicrosoftFabric + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "microsoft-fabric-output", + "type": models.OutputMicrosoftFabricType.MICROSOFT_FABRIC, + "topic": "logs", + "bootstrap_server": "myeventstream.servicebus.windows.net:9093", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesMinio + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "minio-output", + "type": models.OutputMinioType.MINIO, + "bucket": "my-bucket", + "stage_path": "/tmp/staging", + "endpoint": "http://localhost:9000", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesMsk + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output=models.OutputMsk( + id="msk-output", + type=models.OutputMskType.MSK, + brokers=[ + "b-1.example.xxxxx.c2.kafka.us-east-1.amazonaws.com:9092", + ], + topic="logs", + aws_authentication_method=models.AuthenticationMethodOptionsS3CollectorConf.AUTO, + region="us-east-1", + )) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesNetflow + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "netflow-output", + "type": models.OutputNetflowType.NETFLOW, + "hosts": [ + { + "host": "localhost", + "port": 2055, + }, + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesNewrelic + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "newrelic-output", + "type": models.OutputNewrelicType.NEWRELIC, + "api_key": "your-api-key", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesNewrelicEvents + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "newrelic-events-output", + "type": models.OutputNewrelicEventsType.NEWRELIC_EVENTS, + "account_id": "123456", + "event_type": "CriblEvent", + "api_key": "your-api-key", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesNutanixObjects + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "nutanix-objects-output", + "type": models.OutputNutanixObjectsType.NUTANIX_OBJECTS, + "bucket": "my-bucket", + "stage_path": "/tmp/staging", + "endpoint": "https://nutanix-objects.example.com", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesOpenTelemetry + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "opentelemetry-output", + "type": models.OutputOpenTelemetryType.OPEN_TELEMETRY, + "endpoint": "http://localhost:4317", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesPrometheus + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "prometheus-output", + "type": models.OutputPrometheusType.PROMETHEUS, + "url": "http://localhost:9091/api/v1/write", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesRing + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "ring-output", + "type": models.OutputRingType.RING, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesRouter + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "router-output", + "type": models.OutputRouterType.ROUTER, + "rules": [ + { + "filter_": "true", + "output": "my-output", + }, + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesS3 + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "s3-output", + "type": models.OutputS3Type.S3, + "bucket": "my-bucket", + "region": "us-east-1", + "stage_path": "/tmp/staging", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSecurityLake + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "security-lake-output", + "type": models.OutputSecurityLakeType.SECURITY_LAKE, + "assume_role_arn": "arn:aws:iam::123456789012:role/my-role", + "bucket": "my-bucket", + "region": "us-east-1", + "stage_path": "/tmp/staging", + "account_id": "123456789012", + "custom_source": "my-custom-source", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSentinel + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "sentinel-output", + "type": models.OutputSentinelType.SENTINEL, + "login_url": "https://login.microsoftonline.com", + "secret": "client-secret", + "client_id": "client-id", + "endpoint_url_configuration": models.OutputSentinelEndpointConfiguration.URL, + "url": "https://your-workspace.ingest.monitor.azure.com", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSentinelOneAiSiem + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "sentinel-one-ai-siem-output", + "type": models.OutputSentinelOneAiSiemType.SENTINEL_ONE_AI_SIEM, + "region": models.OutputSentinelOneAiSiemRegion.US, + "endpoint": models.OutputSentinelOneAISIEMAISIEMEndpointPath.ROOT_SERVICES_COLLECTOR_EVENT, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesServiceNow + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "servicenow-output", + "type": models.OutputServiceNowType.SERVICE_NOW, + "endpoint": "ingest.lightstep.com:443", + "token_secret": "your-token-secret", + "otlp_version": models.OtlpVersionOptions131.ONE_DOT_3_DOT_1, + "protocol": models.ProtocolOptions.HTTP, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSignalfx + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "signalfx-output", + "type": models.OutputSignalfxType.SIGNALFX, + "realm": "us0", + "token": "your-token", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSnmp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "snmp-output", + "type": models.OutputSnmpType.SNMP, + "hosts": [ + { + "host": "192.168.1.1", + "port": 161, + }, + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSns + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "sns-output", + "type": models.OutputSnsType.SNS, + "topic_arn": "arn:aws:sns:us-east-1:123456789012:my-topic", + "message_group_id": "my-message-group", + "region": "us-east-1", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSplunk + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "splunk-output", + "type": models.OutputSplunkType.SPLUNK, + "host": "localhost", + "port": 9997, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSplunkHec + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "splunk-hec-output", + "type": models.OutputSplunkHecType.SPLUNK_HEC, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSplunkLb + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output=models.OutputSplunkLb( + id="splunk-lb-output", + type=models.OutputSplunkLbType.SPLUNK_LB, + hosts=[ + models.HostConfOutputSyslog( + host="localhost", + port=9997, + ), + ], + )) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSqs + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "sqs-output", + "type": models.OutputSqsType.SQS, + "queue_name": "my-queue", + "queue_type": models.OutputSqsQueueType.STANDARD, + "region": "us-east-1", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesStatsd + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "statsd-output", + "type": models.OutputStatsdType.STATSD, + "protocol": models.DestinationProtocolOptions.UDP, + "host": "localhost", + "port": 8125, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesStatsdExt + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "statsd-ext-output", + "type": models.OutputStatsdExtType.STATSD_EXT, + "protocol": models.DestinationProtocolOptions.UDP, + "host": "localhost", + "port": 8125, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesStorjS3 + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "storj-s3-output", + "type": models.OutputStorjS3Type.STORJ_S3, + "bucket": "my-bucket", + "stage_path": "/tmp/staging", + "endpoint": "https://gateway.storjshare.io", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSumoLogic + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "sumo-logic-output", + "type": models.OutputSumoLogicType.SUMO_LOGIC, + "url": "https://endpoint1.collection.us2.sumologic.com", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesSyslog + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "syslog-output", + "type": models.OutputSyslogType.SYSLOG, + "host": "localhost", + "port": 514, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesTcpjson + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "tcpjson-output", + "type": models.OutputTcpjsonType.TCPJSON, + "host": "localhost", + "port": 10090, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesWavefront + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "wavefront-output", + "type": models.OutputWavefrontType.WAVEFRONT, + "domain": "longboard", + "token": "your-token", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesWebhook + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "webhook-output", + "type": models.OutputWebhookType1.WEBHOOK, + "url": "https://example.com/webhook", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesWizHec + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "wiz-hec-output", + "type": models.OutputWizHecType.WIZ_HEC, + "auth_type": models.AuthenticationMethodOptionsAuthTokensItems.MANUAL, + "wiz_connector_id": "00000000-0000-0000-0000-000000000000", + "wiz_environment": "test", + "data_center": "us1", + "wiz_sourcetype": "placeholder", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesXsiam + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "xsiam-output", + "type": models.OutputXsiamType.XSIAM, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesalibabaCloudS3 + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "alibaba-oss-output", + "type": models.OutputAlibabaCloudS3Type.ALIBABA_CLOUD_S3, + "bucket": "my-bucket", + "stage_path": "/tmp/staging", + "endpoint": "https://s3.oss-cn-hangzhou.aliyuncs.com", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplescloudianS3 + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "cloudian-s3-output", + "type": models.OutputCloudianS3Type.CLOUDIAN_S3, + "endpoint": "https://s3.hyperstore.example.com", + "bucket": "my-bucket", + "stage_path": "/tmp/staging", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesdellS3 + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "dell-s3-output", + "type": models.OutputDellS3Type.DELL_S3, + "bucket": "my-bucket", + "stage_path": "/tmp/staging", + "endpoint": "https://powerscale.example.com:9021", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateOutputExamplesscalityS3 + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.destinations.update(id="", pack="", output={ + "id": "scality-s3-output", + "type": models.OutputScalityS3Type.SCALITY_S3, + "bucket": "my-bucket", + "stage_path": "/tmp/staging", + "endpoint": "https://s3.scality.example.com", + }) + + # Handle response + print(res) + ``` ### Parameters diff --git a/docs/sdks/packsdestinationsstatuses/README.md b/docs/sdks/packsdestinationsstatuses/README.md index 20a5a5bd4..db851da43 100644 --- a/docs/sdks/packsdestinationsstatuses/README.md +++ b/docs/sdks/packsdestinationsstatuses/README.md @@ -4,16 +4,16 @@ ### Available Operations -* [get](#get) - Get the status of a Destination within a Pack * [list](#list) - List the status of all Destinations within a Pack +* [get](#get) - Get the status of a Destination within a Pack -## get +## list -Get the status and optional metrics for the specified Destination within the specified Pack. +List status information and optional metrics for all configured Destinations in the Worker Group or Edge Fleet within the specified Pack. ### Example Usage - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -26,26 +26,29 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.packs.destinations.statuses.get(id="", pack="") + res = ccp_client.packs.destinations.statuses.list(pack="") - # Handle response - print(res) + while res is not None: + # Handle items + + res = res.next() ``` ### Parameters -| Parameter | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | -| `id` | *str* | :heavy_check_mark: | The id of the Destination to get the status for. | -| `pack` | *str* | :heavy_check_mark: | The id of the Pack. | -| `metrics` | *Optional[bool]* | :heavy_minus_sign: | Set to true to include metrics for each Destination. Otherwise, false (default). | -| `type` | *Optional[bool]* | :heavy_minus_sign: | Set to true to prefix the Destination id with the Destination type. Otherwise, false (default). | -| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | +| Parameter | Type | Required | Description | +| -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | +| `pack` | *str* | :heavy_check_mark: | The id of the Pack. | +| `metrics` | *Optional[bool]* | :heavy_minus_sign: | Set to true to include metrics for each Destination. Otherwise, false (default). | +| `type` | *Optional[bool]* | :heavy_minus_sign: | Set to true to prefix the Destination id with the Destination type. Otherwise, false (default). | +| `offset` | *Optional[int]* | :heavy_minus_sign: | Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. | +| `limit` | *Optional[int]* | :heavy_minus_sign: | Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | ### Response -**[models.CountedOutputStatus](../../models/countedoutputstatus.md)** +**[models.GetOutputStatusSystemOutputsByPackResponse](../../models/getoutputstatussystemoutputsbypackresponse.md)** ### Errors @@ -54,13 +57,13 @@ with CriblControlPlane( | errors.Error | 500 | application/json | | errors.APIError | 4XX, 5XX | \*/\* | -## list +## get -List status information and optional metrics for all configured Destinations in the Worker Group or Edge Fleet within the specified Pack. +Get the status and optional metrics for the specified Destination within the specified Pack. ### Example Usage - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -73,29 +76,26 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.packs.destinations.statuses.list(pack="") - - while res is not None: - # Handle items + res = ccp_client.packs.destinations.statuses.get(id="", pack="") - res = res.next() + # Handle response + print(res) ``` ### Parameters -| Parameter | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -| `pack` | *str* | :heavy_check_mark: | The id of the Pack. | -| `metrics` | *Optional[bool]* | :heavy_minus_sign: | Set to true to include metrics for each Destination. Otherwise, false (default). | -| `type` | *Optional[bool]* | :heavy_minus_sign: | Set to true to prefix the Destination id with the Destination type. Otherwise, false (default). | -| `offset` | *Optional[int]* | :heavy_minus_sign: | Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. | -| `limit` | *Optional[int]* | :heavy_minus_sign: | Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. | -| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | +| Parameter | Type | Required | Description | +| -------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | +| `id` | *str* | :heavy_check_mark: | The id of the Destination to get the status for. | +| `pack` | *str* | :heavy_check_mark: | The id of the Pack. | +| `metrics` | *Optional[bool]* | :heavy_minus_sign: | Set to true to include metrics for each Destination. Otherwise, false (default). | +| `type` | *Optional[bool]* | :heavy_minus_sign: | Set to true to prefix the Destination id with the Destination type. Otherwise, false (default). | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | ### Response -**[models.GetOutputStatusSystemOutputsByPackResponse](../../models/getoutputstatussystemoutputsbypackresponse.md)** +**[models.CountedOutputStatus](../../models/countedoutputstatus.md)** ### Errors diff --git a/docs/sdks/packspipelines/README.md b/docs/sdks/packspipelines/README.md index e35e1a2ba..d7c3ed86b 100644 --- a/docs/sdks/packspipelines/README.md +++ b/docs/sdks/packspipelines/README.md @@ -4,11 +4,55 @@ ### Available Operations -* [create](#create) - Create a Pipeline within a Pack * [list](#list) - List all Pipelines within a Pack -* [delete](#delete) - Delete a Pipeline within a Pack +* [create](#create) - Create a Pipeline within a Pack * [get](#get) - Get a Pipeline within a Pack * [update](#update) - Update a Pipeline within a Pack +* [delete](#delete) - Delete a Pipeline within a Pack + +## list + +Get a list of all Pipelines within the specified Pack. + +### Example Usage + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.list(pack="") + + # Handle response + print(res) + +``` + +### Parameters + +| Parameter | Type | Required | Description | +| ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | +| `pack` | *str* | :heavy_check_mark: | The id of the Pack. | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | + +### Response + +**[models.CountedPipeline](../../models/countedpipeline.md)** + +### Errors + +| Error Type | Status Code | Content Type | +| ---------------- | ---------------- | ---------------- | +| errors.Error | 500 | application/json | +| errors.APIError | 4XX, 5XX | \*/\* | ## create @@ -1861,95 +1905,6 @@ with CriblControlPlane( | errors.Error | 500 | application/json | | errors.APIError | 4XX, 5XX | \*/\* | -## list - -Get a list of all Pipelines within the specified Pack. - -### Example Usage - - -```python -from cribl_control_plane import CriblControlPlane, models -import os - - -with CriblControlPlane( - "https://api.example.com", - security=models.Security( - bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), - ), -) as ccp_client: - - res = ccp_client.packs.pipelines.list(pack="") - - # Handle response - print(res) - -``` - -### Parameters - -| Parameter | Type | Required | Description | -| ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | -| `pack` | *str* | :heavy_check_mark: | The id of the Pack. | -| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | - -### Response - -**[models.CountedPipeline](../../models/countedpipeline.md)** - -### Errors - -| Error Type | Status Code | Content Type | -| ---------------- | ---------------- | ---------------- | -| errors.Error | 500 | application/json | -| errors.APIError | 4XX, 5XX | \*/\* | - -## delete - -Delete the specified Pipeline within the specified Pack. - -### Example Usage - - -```python -from cribl_control_plane import CriblControlPlane, models -import os - - -with CriblControlPlane( - "https://api.example.com", - security=models.Security( - bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), - ), -) as ccp_client: - - res = ccp_client.packs.pipelines.delete(id="", pack="") - - # Handle response - print(res) - -``` - -### Parameters - -| Parameter | Type | Required | Description | -| ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | -| `id` | *str* | :heavy_check_mark: | The id of the Pipeline to delete. | -| `pack` | *str* | :heavy_check_mark: | The id of the Pack. | -| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | - -### Response - -**[models.CountedPipeline](../../models/countedpipeline.md)** - -### Errors - -| Error Type | Status Code | Content Type | -| ---------------- | ---------------- | ---------------- | -| errors.Error | 500 | application/json | -| errors.APIError | 4XX, 5XX | \*/\* | - ## get Get the specified Pipeline within the specified Pack. @@ -1997,7 +1952,7 @@ with CriblControlPlane( ## update -Update the specified Pipeline within the specified Pack.

Provide a complete representation of the Pipeline that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Pipeline.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Pipeline might not function as expected. +Update the specified Pipeline within the specified Pack.

Provide a complete representation of the Pipeline that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Pipeline.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Pipeline might not function as expected. ### Example Usage: PipelineExamplesAggregateMetrics @@ -3825,15 +3780,1886 @@ with CriblControlPlane( print(res) ``` +### Example Usage: UpdatePipelineExamplesAggregateMetrics -### Parameters + +```python +from cribl_control_plane import CriblControlPlane, models +import os -| Parameter | Type | Required | Description | -| ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | -| `id_param` | *str* | :heavy_check_mark: | The id of the Pipeline to update. | -| `pack` | *str* | :heavy_check_mark: | The id of the Pack. | -| `id` | *str* | :heavy_check_mark: | N/A | -| `conf` | [models.ConfInput](../../models/confinput.md) | :heavy_check_mark: | N/A | + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="aggregate-metrics-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that aggregates process metrics: CPU, memory, and bytes over time windows", + "streamtags": [], + "functions": [ + { + "filter_": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) || (_metric == 'proc.mem_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.mem_perc'\")) || (_metric == 'proc.bytes_in' || __criblMetrics[0].nameExpr.includes(\"'proc.bytes_in'\"))", + "id": models.PipelineFunctionAggregateMetricsID.AGGREGATE_METRICS, + "conf": { + "passthrough": False, + "preserve_group_bys": False, + "sufficient_stats_only": False, + "time_window": "10s", + "aggregations": [ + { + "metric_type": models.PipelineFunctionAggregateMetricsMetricType.GAUGE, + "agg": "avg(_value || proc.cpu_perc).as(proc.cpu_perc_avg)", + }, + { + "metric_type": models.PipelineFunctionAggregateMetricsMetricType.GAUGE, + "agg": "sum(_value || proc.mem_perc).as(proc.mem_perc_sum)", + }, + { + "metric_type": models.PipelineFunctionAggregateMetricsMetricType.COUNTER, + "agg": "count(_value || proc.bytes_in).as(proc.bytes_in_count)", + }, + ], + "groupbys": [ + "proc", + ], + "cumulative": False, + "should_treat_dots_as_literals": True, + "flush_on_input_close": True, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesAggregations + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="aggregation-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that aggregates rejected bytes grouped by source address every 10 seconds", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionAggregationID.AGGREGATION, + "conf": { + "passthrough": False, + "preserve_group_bys": False, + "sufficient_stats_only": False, + "metrics_mode": False, + "time_window": "10s", + "aggregations": [ + "sum(bytes).where(action==\"REJECT\").as(TotalBytes)", + ], + "groupbys": [ + "srcaddr", + ], + "cumulative": False, + "should_treat_dots_as_literals": False, + "flush_on_input_close": True, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesAutoTimestamp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="auto-timestamp-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that extracts timestamps from event data using auto timestamp function", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionAutoTimestampID.AUTO_TIMESTAMP, + "conf": { + "src_field": "_raw", + "dst_field": "_time", + "default_timezone": "local", + "time_expression": "time.getTime() / 1000", + "offset": 0, + "max_len": 150, + "default_time": models.DefaultTime.NOW, + "latest_date_allowed": "+1week", + "earliest_date_allowed": "-420weeks", + "timestamps": [ + { + "regex": "/(\\d{1,2}\\/\\d{2}\\/\\d{4}\\s\\d{1,2}:\\d{2}:\\d{2}\\s\\w{2})/", + "strptime": "%Y-%m-%d %H:%M:%S", + }, + ], + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesCEFSerializer + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="cef-serializer-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that formats events in CEF format with custom header and extension fields", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionCefID.CEF, + "conf": { + "output_field": "_raw", + "header": [ + { + "value": "'CEF:0'", + }, + { + "value": "'Cribl'", + }, + { + "value": "'Cribl'", + }, + { + "value": "C.version", + }, + { + "value": "420", + }, + { + "value": "'Cribl Event'", + }, + { + "value": "6", + }, + ], + "extension": [ + { + "name": "c6a1Label", + "value": "'Colorado_Ext_Bldg7'", + }, + ], + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesChain + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="chain-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that chains to another pipeline for sequential data processing", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionChainID.CHAIN, + "conf": { + "processor": "prometheus_metrics", + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesClone + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="clone-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that creates cloned events with additional fields for comparison or routing", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionCloneID.CLONE, + "conf": { + "clones": [ + { + "env": "staging", + }, + { + "index": "clones", + }, + ], + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesComment + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="comment-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline with comment function for documentation", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionCommentID.COMMENT, + "conf": { + "comment": "This function processes security events and enriches them with DNS lookups", + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesDNSLookup + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="dns-lookup-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that performs DNS lookups to resolve hostnames and IP addresses", + "streamtags": [], + "functions": [ + models.PipelineFunctionDNSLookup( + filter_="true", + id=models.PipelineFunctionDNSLookupID.DNS_LOOKUP, + conf=models.FunctionConfSchemaDNSLookup( + dns_lookup_fields=[ + models.DNSLookupField( + in_field_name="hostname", + resource_record_type=models.ResourceRecordType.A, + out_field_name="hostname_ip", + ), + ], + reverse_lookup_fields=[ + models.ReverseLookupField( + in_field_name="src_ip", + out_field_name="src_hostname", + ), + ], + cache_ttl=30, + max_cache_size=5000, + use_resolv_conf=False, + lookup_fallback=False, + lookup_fail_log_level=models.LogLevelForFailedLookups.ERROR, + ), + ), + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesDrop + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="drop-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that drops events containing success messages", + "streamtags": [], + "functions": [ + { + "filter_": "_raw.search(/success/i)>=0", + "id": models.PipelineFunctionDropID.DROP, + "conf": {}, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesDropDimensions + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="drop-dimensions-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that drops specified dimensions from metrics to reduce cardinality", + "streamtags": [], + "functions": [ + { + "filter_": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) && (__criblMetrics[0].dims.includes(\"proc\"))", + "id": models.PipelineFunctionDropDimensionsID.DROP_DIMENSIONS, + "conf": { + "time_window": "10s", + "drop_dimensions": [ + "proc", + "pie", + "unit", + ], + "flush_on_input_close": True, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesDynamicSampling + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="dynamic-sampling-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that dynamically samples events based on volume using square root mode", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionDynamicSamplingID.DYNAMIC_SAMPLING, + "conf": { + "mode": models.SampleMode.SQRT, + "key_expr": "`${domain}:${httpCode}`", + "sample_period": 20, + "min_events": 3, + "max_sample_rate": 3, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesEmpty + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="empty-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "", + "streamtags": [], + "functions": [], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesEval + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="eval-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that evaluates JavaScript expressions to add, modify, and remove fields", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionEvalID.EVAL, + "conf": { + "add": [ + { + "name": "action", + "value": "login == 'error' ? 'blocked' : action", + }, + { + "name": "myTags", + "value": "login == 'error' ? [...myTags, 'error'] : myTags", + }, + ], + "keep": [ + "host", + "source", + "action", + "myTags", + ], + "remove": [ + "identification", + ], + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesEventBreaker + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="event-breaker-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that breaks large event streams into discrete events using regex", + "streamtags": [], + "functions": [ + models.PipelineFunctionEventBreaker( + filter_="true", + id=models.PipelineFunctionEventBreakerID.EVENT_BREAKER, + conf=models.EventBreakerExistingOrNewNewRuleTypeRegex( + rule_type=models.EventBreakerTypeOptionsEventBreakerExistingOrNewNew.REGEX, + event_breaker_regex="/[\\n\\r]+(?!\\s)/", + existing_or_new=models.EventBreakerExistingOrNewNewRuleTypeRegexExistingOrNew.NEW, + max_event_bytes=51200, + timestamp_anchor_regex="/^/", + timestamp=models.EventBreakerExistingOrNewNewTimestampTypeAuto( + type=models.TimestampTypeOptionsEventBreakerExistingOrNewNewTimestamp.AUTO, + length=150, + ), + timestamp_timezone="local", + timestamp_earliest="-420weeks", + timestamp_latest="+1week", + should_mark_cribl_breaker=True, + ), + ), + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesFlatten + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="flatten-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that flattens nested JSON structures into top-level fields", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionFlattenID.FLATTEN, + "conf": { + "fields": [], + "prefix": "", + "depth": 5, + "delimiter": "_", + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesFoldKeys + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="fold-keys-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that transforms flat field names with separators into nested structures", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionFoldkeysID.FOLDKEYS, + "conf": { + "delete_original": True, + "separator": "_", + "selection_reg_exp": "^data", + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesGeoIP + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="geoip-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that enriches events with geolocation data from IP addresses", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionGeoipID.GEOIP, + "conf": { + "file": "GeoLite2-City.mmdb", + "in_field": "ip", + "out_field": "geoip", + "additional_fields": [ + { + "extra_in_field": "src_ip", + "extra_out_field": "src_geoip", + }, + ], + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesGrok + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="grok-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that extracts structured fields from log data using Grok patterns", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionGrokID.GROK, + "conf": { + "pattern": "%{TIMESTAMP_ISO8601:event_time} %{LOGLEVEL:log_level} %{GREEDYDATA:log_message}", + "pattern_list": [], + "source": "_raw", + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesGuard + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="guard-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that scans for sensitive data and applies mitigation expressions", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionSensitiveDataScannerID.SENSITIVE_DATA_SCANNER, + "conf": { + "rules": [ + { + "ruleset_id": "Finance_Global", + "replace_expr": "'REDACTED'", + "disabled": False, + }, + ], + "fields": [ + "_raw", + ], + "exclude_fields": [], + "flags": [ + { + "name": "_sensitive", + "value": "true", + }, + ], + "include_detected_rules": True, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesJSONUnroll + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="json-unroll-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that unrolls JSON arrays into individual events while retaining parent fields", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionJSONUnrollID.JSON_UNROLL, + "conf": { + "path": "allCars", + "name": "cars", + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesLookup + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="lookup-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that enriches events with location data from IP address lookups", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionLookupID.LOOKUP, + "conf": { + "file": "ip_locations.csv", + "db_lookup": False, + "match_mode": models.MatchMode.EXACT, + "reload_period_sec": -1, + "in_fields": [ + { + "event_field": "destination_ip", + "lookup_field": "ip", + }, + ], + "out_fields": [ + { + "lookup_field": "location", + "event_field": "location", + "default_value": "Unknown", + }, + ], + "add_to_event": False, + "ignore_case": False, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesMask + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="mask-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that masks Social Security numbers and other sensitive data", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionMaskID.MASK, + "conf": { + "rules": [ + { + "match_regex": "/(social=)(\\d+)/", + "replace_expr": "`${g1}${C.Mask.md5(g2)}`", + "disabled": False, + }, + ], + "fields": [ + "_raw", + ], + "depth": 5, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesNumerify + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="numerify-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that converts string numbers to numeric type for mathematical operations", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionNumerifyID.NUMERIFY, + "conf": { + "format_": models.NumerifyFormatNoneFormat.NONE, + "depth": 5, + "ignore_fields": [], + "filter_expr": "", + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesOTLPLogs + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="otlp-logs-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that normalizes and batches OTLP log events from OpenTelemetry sources", + "streamtags": [], + "functions": [ + { + "filter_": "__inputId=='open_telemetry:open_telemetry'", + "id": models.PipelineFunctionOtlpLogsID.OTLP_LOGS, + "conf": { + "drop_non_log_events": False, + "batch_otlp_logs": True, + "send_batch_size": 8192, + "timeout": 200, + "send_batch_max_size": 0, + "metadata_keys": [], + "metadata_cardinality_limit": 1000, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesOTLPMetrics + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="otlp-metrics-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that converts dimensional metrics to OTLP format and batches them by resource attributes", + "streamtags": [], + "functions": [ + { + "filter_": "__inputId=='prometheus_rw:prom_rw_in'", + "id": models.PipelineFunctionOtlpMetricsID.OTLP_METRICS, + "conf": { + "resource_attribute_prefixes": [ + "service", + "system", + "telemetry", + "k8s", + "cloud", + "host", + "process", + ], + "drop_non_metric_events": False, + "otlp_version": models.OtlpVersionOptions.ZERO_DOT_10_DOT_0, + "batch_otlp_metrics": True, + "send_batch_size": 8192, + "timeout": 200, + "send_batch_max_size": 0, + "metadata_keys": [], + "metadata_cardinality_limit": 1000, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesOTLPTraces + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="otlp-traces-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that normalizes and batches OTLP trace events from OpenTelemetry sources", + "streamtags": [], + "functions": [ + { + "filter_": "__inputId=='open_telemetry:open_telemetry'", + "id": models.PipelineFunctionOtlpTracesID.OTLP_TRACES, + "conf": { + "drop_non_trace_events": False, + "otlp_version": models.OtlpVersionOptions.ZERO_DOT_10_DOT_0, + "batch_otlp_traces": True, + "send_batch_size": 8192, + "timeout": 200, + "send_batch_max_size": 0, + "metadata_keys": [], + "metadata_cardinality_limit": 1000, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesParser + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="parser-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that extracts fields from key-value pair formatted data", + "streamtags": [], + "functions": [ + models.PipelineFunctionSerde( + filter_="true", + id=models.PipelineFunctionSerdeID.SERDE, + conf=models.SerdeTypeKvp( + type=models.TypeOptions.KVP, + keep=[ + "a", + "b", + "c", + ], + remove=[ + "*", + ], + clean_fields=False, + mode=models.SerdeTypeKvpOperationMode.EXTRACT, + src_field="_raw", + ), + ), + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesPublishMetrics + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="publish-metrics-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that extracts metrics from events and formats them for metrics aggregation platforms", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionPublishMetricsID.PUBLISH_METRICS, + "conf": { + "fields": [ + { + "in_field_name": "bytes", + "out_field_expr": "'metric_name.bytes'", + "metric_type": models.FunctionConfSchemaPublishMetricsMetricType.GAUGE, + }, + { + "in_field_name": "packets", + "out_field_expr": "'metric_name.packets'", + "metric_type": models.FunctionConfSchemaPublishMetricsMetricType.GAUGE, + }, + ], + "overwrite": False, + "dimensions": [ + "action", + "interface_id", + "dstaddr", + ], + "remove_metrics": [], + "remove_dimensions": [], + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesRedis + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="redis-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that retrieves values from Redis using GET command", + "streamtags": [], + "functions": [ + models.PipelineFunctionRedis( + filter_="true", + id=models.PipelineFunctionRedisID.REDIS, + conf=models.RedisAuthTypeNone( + auth_type=models.RedisAuthTypeNoneAuthenticationMethod.NONE, + commands=[ + models.RedisAuthTypeNoneCommand( + out_field="cached_value", + command="get", + key_expr="'user_session'", + args_expr="", + ), + ], + deployment_type=models.RedisAuthTypeNoneDeploymentType.STANDALONE, + max_block_secs=60, + url="'redis://localhost:6379/0'", + ), + ), + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesRegexExtract + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="regex-extract-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that extracts structured fields from log data using regex patterns with named capture groups", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionRegexExtractID.REGEX_EXTRACT, + "conf": { + "regex": "/metric1=(?\\d+)/", + "source": "_raw", + "iterations": 100, + "overwrite": False, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesRegexFilter + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="regex-filter-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that filters out events matching specific regex patterns", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionRegexFilterID.REGEX_FILTER, + "conf": { + "regex": "/Opera/", + "field": "_raw", + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesRename + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="rename-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that renames fields using key-value pairs and expressions", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionRenameID.RENAME, + "conf": { + "base_fields": [], + "rename": [ + { + "current_name": "level", + "new_name": "LEVEL", + }, + ], + "rename_expr": "name.startsWith('out') ? name.toUpperCase() : name", + "wildcard_depth": 5, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesRollupMetrics + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="rollup-metrics-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that consolidates high-frequency metrics into manageable time windows", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionRollupMetricsID.ROLLUP_METRICS, + "conf": { + "dimensions": [ + "*", + ], + "time_window": "30s", + "gauge_rollup": models.GaugeUpdate.LAST, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesSNMPTrapSerialize + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="snmp-trap-serialize-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that serializes events into SNMP trap format for SNMP trap destinations", + "streamtags": [], + "functions": [ + models.PipelineFunctionSnmpTrapSerialize( + filter_="true", + id=models.PipelineFunctionSnmpTrapSerializeID.SNMP_TRAP_SERIALIZE, + conf=models.FunctionConfSchemaSnmpTrapSerialize( + strict=True, + drop_failed_events=True, + ), + ), + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesSampling + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="sampling-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that samples events at specified rates based on filter criteria", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionSamplingID.SAMPLING, + "conf": { + "rules": [ + { + "filter_": "__status == 200", + "rate": 5, + }, + ], + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesSerialize + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="serialize-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that serializes event fields into JSON format", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionSerializeID.SERIALIZE, + "conf": { + "type": models.SerializeTypeCsvType.CSV, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesSuppress + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="suppress-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that suppresses duplicate events based on a key expression", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionSuppressID.SUPPRESS, + "conf": { + "key_expr": "`${ip}:${port}`", + "allow": 1, + "suppress_period_sec": 30, + "drop_events_mode": True, + "max_cache_size": 50000, + "cache_idle_timeout_periods": 2, + "num_events_idle_timeout_trigger": 10000, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesTee + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="tee-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that sends events to a command via stdin for debugging purposes", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionTeeID.TEE, + "conf": { + "command": "tee", + "args": [ + "/opt/cribl/foo.log", + ], + "restart_on_exit": True, + "env": { + + }, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesUnroll + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="unroll-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that unrolls array fields into separate events", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionUnrollID.UNROLL, + "conf": { + "src_expr": "_raw.split(/\\n/)", + "dst_field": "_raw", + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesXMLUnroll + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.update(id_param="", pack="", id="xml-unroll-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that unrolls XML elements into separate events", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionXMLUnrollID.XML_UNROLL, + "conf": { + "unroll": "^Parent\\.Child$", + "inherit": "^Parent\\.(myID|branchLocation)$", + "unroll_idx_field": "unroll_idx", + "pretty": False, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` + +### Parameters + +| Parameter | Type | Required | Description | +| ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | +| `id_param` | *str* | :heavy_check_mark: | The id of the Pipeline to update. | +| `pack` | *str* | :heavy_check_mark: | The id of the Pack. | +| `id` | *str* | :heavy_check_mark: | N/A | +| `conf` | [models.ConfInput](../../models/confinput.md) | :heavy_check_mark: | N/A | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | + +### Response + +**[models.CountedPipeline](../../models/countedpipeline.md)** + +### Errors + +| Error Type | Status Code | Content Type | +| ---------------- | ---------------- | ---------------- | +| errors.Error | 500 | application/json | +| errors.APIError | 4XX, 5XX | \*/\* | + +## delete + +Delete the specified Pipeline within the specified Pack. + +### Example Usage + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.pipelines.delete(id="", pack="") + + # Handle response + print(res) + +``` + +### Parameters + +| Parameter | Type | Required | Description | +| ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | +| `id` | *str* | :heavy_check_mark: | The id of the Pipeline to delete. | +| `pack` | *str* | :heavy_check_mark: | The id of the Pack. | | `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | ### Response diff --git a/docs/sdks/packsroutes/README.md b/docs/sdks/packsroutes/README.md index d0921cf8c..15c6c1e70 100644 --- a/docs/sdks/packsroutes/README.md +++ b/docs/sdks/packsroutes/README.md @@ -4,11 +4,55 @@ ### Available Operations +* [list](#list) - List all Routes within a Pack * [get](#get) - Get a Routing table within a Pack * [update](#update) - Update a Route within a Pack -* [list](#list) - List all Routes within a Pack * [append](#append) - Add a Route to the end of the Routing table within a Pack +## list + +Get a list of all Routes within the specified Pack. + +### Example Usage + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.routes.list(pack="") + + # Handle response + print(res) + +``` + +### Parameters + +| Parameter | Type | Required | Description | +| ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | +| `pack` | *str* | :heavy_check_mark: | The id of the Pack. | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | + +### Response + +**[models.CountedRoutes](../../models/countedroutes.md)** + +### Errors + +| Error Type | Status Code | Content Type | +| ---------------- | ---------------- | ---------------- | +| errors.Error | 500 | application/json | +| errors.APIError | 4XX, 5XX | \*/\* | + ## get Get the specified Routing table within the specified Pack. @@ -56,7 +100,7 @@ with CriblControlPlane( ## update -Update the specified Route within the specified Pack.

Provide a complete representation of the Routing table, including the Route that you want to update, in the request body. This endpoint does not support partial updates. Cribl removes any omitted Routes and fields when updating.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the Routing table might not function as expected. +Update the specified Route within the specified Pack.

Provide a complete representation of the Routing table, including the Route that you want to update, in the request body.

This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Routing table.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Routing table might not function as expected.

Cribl also removes any omitted Routes when updating the Routing table. ### Example Usage: RoutesUpdateExamplesBasicRoute @@ -230,50 +274,6 @@ with CriblControlPlane( | errors.Error | 500 | application/json | | errors.APIError | 4XX, 5XX | \*/\* | -## list - -Get a list of all Routes within the specified Pack. - -### Example Usage - - -```python -from cribl_control_plane import CriblControlPlane, models -import os - - -with CriblControlPlane( - "https://api.example.com", - security=models.Security( - bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), - ), -) as ccp_client: - - res = ccp_client.packs.routes.list(pack="") - - # Handle response - print(res) - -``` - -### Parameters - -| Parameter | Type | Required | Description | -| ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | -| `pack` | *str* | :heavy_check_mark: | The id of the Pack. | -| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | - -### Response - -**[models.CountedRoutes](../../models/countedroutes.md)** - -### Errors - -| Error Type | Status Code | Content Type | -| ---------------- | ---------------- | ---------------- | -| errors.Error | 500 | application/json | -| errors.APIError | 4XX, 5XX | \*/\* | - ## append Add a Route to the end of the specified Routing table within the specified Pack. diff --git a/docs/sdks/packssources/README.md b/docs/sdks/packssources/README.md index ec7bcc06a..be63ff168 100644 --- a/docs/sdks/packssources/README.md +++ b/docs/sdks/packssources/README.md @@ -550,19 +550,19 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.packs.sources.create(pack="", request_body=models.CreateInputSystemByPackInputEventhubAmqp( - id="eventhub-amqp-source", - type=models.CreateInputSystemByPackTypeEventhubAmqp.EVENTHUB_AMQP, - send_to_routes=True, - pq_enabled=False, - event_hub_name="my-event-hub", - consumer_group="$Default", - checkpointing=models.CreateInputSystemByPackCheckpointing( - blob_store=models.CreateInputSystemByPackAzureBlobStorage( - container_name="my-container", - ), - ), - )) + res = ccp_client.packs.sources.create(pack="", request_body={ + "id": "eventhub-amqp-source", + "type": models.CreateInputSystemByPackTypeEventhubAmqp.EVENTHUB_AMQP, + "send_to_routes": True, + "pq_enabled": False, + "event_hub_name": "my-event-hub", + "consumer_group": "$Default", + "checkpointing": { + "blob_store": { + "container_name": "my-container", + }, + }, + }) # Handle response print(res) @@ -2076,7 +2076,7 @@ with CriblControlPlane( ## update -Update the specified Source.

Provide a complete representation of the Source that you want to update in the request body. This endpoint does not support partial updates. Cribl removes omitted fields when updating the Source, except for criblSourceProvenance (its value is preserved when omitted and cannot be overwritten).

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Source might not function as expected within the specified Pack. +Update the specified Source.

Provide a complete representation of the Source that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Source.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Source might not function as expected.

Cribl preserves criblSourceProvenance when you omit it from the request body, and you cannot overwrite it through this endpoint within the specified Pack. ### Example Usage: InputCreateExamplesAnthropicCompliance @@ -2569,19 +2569,19 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.packs.sources.update(id="", pack="", input_=models.InputEventhubAmqpInput( - id="eventhub-amqp-source", - type=models.InputEventhubAmqpType.EVENTHUB_AMQP, - send_to_routes=True, - pq_enabled=False, - event_hub_name="my-event-hub", - consumer_group="$Default", - checkpointing=models.InputEventhubAmqpCheckpointing( - blob_store=models.InputEventhubAmqpAzureBlobStorage( - container_name="my-container", - ), - ), - )) + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "eventhub-amqp-source", + "type": models.InputEventhubAmqpType.EVENTHUB_AMQP, + "send_to_routes": True, + "pq_enabled": False, + "event_hub_name": "my-event-hub", + "consumer_group": "$Default", + "checkpointing": { + "blob_store": { + "container_name": "my-container", + }, + }, + }) # Handle response print(res) @@ -4079,6 +4079,2008 @@ with CriblControlPlane( # Handle response print(res) +``` +### Example Usage: UpdateInputExamplesAnthropicCompliance + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "anthropic-compliance-source", + "type": models.InputAnthropicComplianceType.ANTHROPIC_COMPLIANCE, + "send_to_routes": True, + "pq_enabled": False, + "text_secret": "anthropic-api-key-secret", + "content_config": [ + { + "content_type": "activities", + "content_description": "Compliance Activities", + "enabled": True, + "state_tracking": True, + "state_update_expression": "__timestampExtracted !== false && {latestTime: (state.latestTime || 0) > _time ? state.latestTime : _time}", + "state_merge_expression": "prevState.latestTime > newState.latestTime ? prevState : newState", + "cron_schedule": "*/5 * * * *", + "earliest": "-7d@d", + "latest": "now", + "job_timeout": "300", + }, + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesAppleUnifiedLogs + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "apple-unified-logs-source", + "type": models.InputAppleUnifiedLogsType.APPLE_UNIFIED_LOGS, + "send_to_routes": True, + "pq_enabled": False, + "predicate": "subsystem == \"com.apple.security\"", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesAppscope + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "appscope-source", + "type": models.InputAppscopeType.APPSCOPE, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 9109, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesAzureBlob + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "azure-blob-source", + "type": models.InputAzureBlobType.AZURE_BLOB, + "send_to_routes": True, + "pq_enabled": False, + "queue_name": "azure-blob-queue", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesCloudflareHec + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "cloudflare-hec-source", + "type": models.InputCloudflareHecType.CLOUDFLARE_HEC, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 8088, + "hec_api": "/services/collector", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesCollection + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "collection-source", + "type": models.InputCollectionType.COLLECTION, + "send_to_routes": True, + "pq_enabled": False, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesConfluentCloud + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_=models.InputConfluentCloudInput( + id="confluent-cloud-source", + type=models.InputConfluentCloudType.CONFLUENT_CLOUD, + send_to_routes=True, + pq_enabled=False, + brokers=[ + "pkc-xxxxx.us-east-1.aws.confluent.cloud:9092", + ], + topics=[ + "logs", + ], + )) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesCribl + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "cribl-source", + "type": models.InputCriblType.CRIBL, + "send_to_routes": True, + "pq_enabled": False, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesCriblHttp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "cribl-http-source", + "type": models.InputCriblHTTPType.CRIBL_HTTP, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10080, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesCriblLakeHttp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "cribl-lake-http-source", + "type": models.InputCriblLakeHTTPType.CRIBL_LAKE_HTTP, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10080, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesCriblMetrics + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "cribl-metrics-source", + "type": models.InputCriblmetricsType.CRIBLMETRICS, + "send_to_routes": True, + "pq_enabled": False, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesCriblTcp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "cribl-tcp-source", + "type": models.InputCriblTCPType.CRIBL_TCP, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10090, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesCrowdstrike + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "crowdstrike-source", + "type": models.InputCrowdstrikeType.CROWDSTRIKE, + "send_to_routes": True, + "pq_enabled": False, + "queue_name": "crowdstrike-queue", + "region": "us-east-1", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesDatadogAgent + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "datadog-agent-source", + "type": models.InputDatadogAgentType.DATADOG_AGENT, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 8126, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesDatagen + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "datagen-source", + "type": models.InputDatagenType.DATAGEN, + "send_to_routes": True, + "pq_enabled": False, + "samples": [ + { + "sample": "sample.json", + "events_per_sec": 10, + }, + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesEdgePrometheus + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "edge-prometheus-source", + "type": models.InputEdgePrometheusType.EDGE_PROMETHEUS, + "send_to_routes": True, + "pq_enabled": False, + "discovery_type": models.InputEdgePrometheusDiscoveryType.STATIC, + "interval": 60, + "targets": [ + { + "host": "localhost", + }, + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesElastic + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "elastic-source", + "type": models.InputElasticType.ELASTIC, + "send_to_routes": True, + "pq_enabled": False, + "host": "localhost", + "port": 9200, + "elastic_api": "/", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesEventhub + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "eventhub-source", + "type": models.InputEventhubType.EVENTHUB, + "send_to_routes": True, + "pq_enabled": False, + "brokers": [ + "myeventhub.servicebus.windows.net:9093", + ], + "topics": [ + "logs", + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesEventhubAmqp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "eventhub-amqp-source", + "type": models.InputEventhubAmqpType.EVENTHUB_AMQP, + "send_to_routes": True, + "pq_enabled": False, + "event_hub_name": "my-event-hub", + "consumer_group": "$Default", + "checkpointing": { + "blob_store": { + "container_name": "my-container", + }, + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesExec + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "exec-source", + "type": models.InputExecType.EXEC, + "send_to_routes": True, + "pq_enabled": False, + "command": "echo \"Hello World\"", + "interval": 60, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesFile + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "file-source", + "type": models.InputFileType.FILE, + "send_to_routes": True, + "pq_enabled": False, + "mode": models.InputFileMode.MANUAL, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesFirehose + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "firehose-source", + "type": models.InputFirehoseType.FIREHOSE, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10080, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesGooglePubsub + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "google-pubsub-source", + "type": models.InputGooglePubsubType.GOOGLE_PUBSUB, + "send_to_routes": True, + "pq_enabled": False, + "topic_name": "my-topic", + "subscription_name": "my-subscription", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesGrafana + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "grafana-source", + "type": models.InputGrafanaType1.GRAFANA, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10080, + "prometheus_api": "/api/prom/push", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesHttp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "http-source", + "type": models.InputHTTPType.HTTP, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10080, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesHttpRaw + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "http-raw-source", + "type": models.InputHTTPRawType.HTTP_RAW, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10080, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesJournalFiles + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "journal-files-source", + "type": models.InputJournalFilesType.JOURNAL_FILES, + "send_to_routes": True, + "pq_enabled": False, + "path": "/var/log/journal", + "journals": [ + "system", + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesKafka + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_=models.InputKafkaInput( + id="kafka-source", + type=models.InputKafkaType.KAFKA, + send_to_routes=True, + pq_enabled=False, + brokers=[ + "localhost:9092", + ], + topics=[ + "logs", + ], + )) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesKinesis + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "kinesis-source", + "type": models.InputKinesisType.KINESIS, + "send_to_routes": True, + "pq_enabled": False, + "stream_name": "my-stream", + "region": "us-east-1", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesKubeEvents + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "kube-events-source", + "type": models.InputKubeEventsType.KUBE_EVENTS, + "send_to_routes": True, + "pq_enabled": False, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesKubeLogs + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "kube-logs-source", + "type": models.InputKubeLogsType.KUBE_LOGS, + "send_to_routes": True, + "pq_enabled": False, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesKubeMetrics + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "kube-metrics-source", + "type": models.InputKubeMetricsType.KUBE_METRICS, + "send_to_routes": True, + "pq_enabled": False, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesLoki + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "loki-source", + "type": models.InputLokiType.LOKI, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10080, + "loki_api": "/loki/api/v1/push", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesMetrics + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "metrics-source", + "type": models.InputMetricsType.METRICS, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "udp_port": 8125, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesMicrosoftGraph + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "microsoft-graph-source", + "type": models.InputMicrosoftGraphType.MICROSOFT_GRAPH, + "send_to_routes": True, + "pq_enabled": False, + "url": "https://graph.microsoft.com/v1.0/admin/exchange/tracing/messageTraces", + "interval": 15, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesModelDrivenTelemetry + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "mdt-source", + "type": models.InputModelDrivenTelemetryType.MODEL_DRIVEN_TELEMETRY, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 57000, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesMsk + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_=models.InputMskInput( + id="msk-source", + type=models.InputMskType.MSK, + send_to_routes=True, + pq_enabled=False, + brokers=[ + "b-1.example.xxxxx.c2.kafka.us-east-1.amazonaws.com:9092", + ], + topics=[ + "logs", + ], + aws_authentication_method=models.AuthenticationMethodOptionsS3CollectorConf.AUTO, + region="us-east-1", + )) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesNetflow + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "netflow-source", + "type": models.InputNetflowType.NETFLOW, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 2055, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesOffice365Mgmt + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "office365-mgmt-source", + "type": models.InputOffice365MgmtType.OFFICE365_MGMT, + "send_to_routes": True, + "pq_enabled": False, + "plan_type": models.SubscriptionPlanOptions.ENTERPRISE_GCC, + "tenant_id": "tenant-id", + "app_id": "app-id", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesOffice365MsgTrace + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "office365-msg-trace-source", + "type": models.InputOffice365MsgTraceType.OFFICE365_MSG_TRACE, + "send_to_routes": True, + "pq_enabled": False, + "url": "https://reports.office365.com/ecp/reportingwebservice/reporting.svc/MessageTrace", + "interval": 15, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesOffice365Service + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "office365-service-source", + "type": models.InputOffice365ServiceType.OFFICE365_SERVICE, + "send_to_routes": True, + "pq_enabled": False, + "tenant_id": "tenant-id", + "app_id": "app-id", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesOkta + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "okta-source", + "type": models.InputOktaType.OKTA, + "send_to_routes": True, + "pq_enabled": False, + "okta_domain": "your-org", + "text_secret": "okta-api-token-secret", + "cron_schedule": "*/5 * * * *", + "earliest": "-7d@d", + "latest": "now", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesOpenAI + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "openai-source", + "type": models.InputOpenaiType.OPENAI, + "send_to_routes": True, + "pq_enabled": False, + "content_config": [ + { + "disabled": False, + "request_params": [ + { + "name": "effective_at[gt]", + "value": "`${Math.round(Date.now()/1000 - 3600)}`", + }, + { + "name": "limit", + "value": "100", + }, + ], + "pagination_type": models.InputOpenaiPaginationType.RESPONSE_BODY, + "pagination_attribute": [ + "last_id", + ], + "pagination_last_page_expr": "has_more === false", + "cron_schedule": "0 * * * *", + "earliest": "-1h", + "latest": "now", + }, + ], + "text_secret": "openai-api-key-secret", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesOpenAIComplianceLogs + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "openai-compliance-logs-source", + "type": models.InputOpenaiComplianceLogsType.OPENAI_COMPLIANCE_LOGS, + "send_to_routes": True, + "pq_enabled": False, + "text_secret": "openai-api-key-secret", + "account_type": models.InputOpenaiComplianceLogsAccountType.WORKSPACE, + "cron_schedule": "*/15 * * * *", + "earliest": "-1h", + "latest": "now", + "workspace_id": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee", + "workspace_event_types": [ + "AUDIT_LOG", + "AUTH_LOG", + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesOpenTelemetry + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "otel-source", + "type": models.InputOpenTelemetryType.OPEN_TELEMETRY, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 4317, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesPrometheus + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "prometheus-source", + "type": models.InputPrometheusType.PROMETHEUS, + "send_to_routes": True, + "pq_enabled": False, + "discovery_type": models.InputPrometheusDiscoveryType.STATIC, + "interval": 60, + "log_level": models.LogLevelOptions.INFO, + "target_list": [ + "http://localhost:9090/metrics", + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesPrometheusRw + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "prometheus-rw-source", + "type": models.InputPrometheusRwType.PROMETHEUS_RW, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10080, + "prometheus_api": "/write", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesRawUdp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "raw-udp-source", + "type": models.InputRawUDPType.RAW_UDP, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 514, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesS3 + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "s3-source", + "type": models.InputS3Type.S3, + "send_to_routes": True, + "pq_enabled": False, + "queue_name": "s3-notifications-queue", + "region": "us-east-1", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesS3Inventory + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "s3-inventory-source", + "type": models.InputS3InventoryType.S3_INVENTORY, + "send_to_routes": True, + "pq_enabled": False, + "queue_name": "s3-inventory-queue", + "region": "us-east-1", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesSecurityLake + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "security-lake-source", + "type": models.InputSecurityLakeType.SECURITY_LAKE, + "send_to_routes": True, + "pq_enabled": False, + "queue_name": "security-lake-queue", + "region": "us-east-1", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesServiceNowTable + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "servicenow-table-source", + "type": models.InputServicenowTableType.SERVICENOW_TABLE, + "send_to_routes": True, + "pq_enabled": False, + "instance": "https://example.service-now.com", + "table_name": "incident", + "fields": [ + "sys_id", + "number", + "short_description", + ], + "page_size": 10000, + "cron_schedule": "0 * * * *", + "earliest": "-1d", + "latest": "now", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesSnmp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "snmp-source", + "type": models.InputSnmpType.SNMP, + "send_to_routes": True, + "pq_enabled": False, + "host": "192.168.1.1", + "port": 161, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesSplunk + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "splunk-source", + "type": models.InputSplunkType.SPLUNK, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 9997, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesSplunkHec + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "splunk-hec-source", + "type": models.InputSplunkHecType.SPLUNK_HEC, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 8088, + "splunk_hec_api": "/services/collector", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesSplunkSearch + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "splunk-search-source", + "type": models.InputSplunkSearchType.SPLUNK_SEARCH, + "send_to_routes": True, + "pq_enabled": False, + "search_head": "https://localhost:8089", + "search": "index=main", + "cron_schedule": "*/15 * * * *", + "endpoint": "/services/search/v2/jobs/export", + "output_mode": models.OutputModeOptionsSplunkCollectorConf.JSON, + "auth_type": models.InputSplunkSearchAuthenticationType.BASIC, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesSqs + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "sqs-source", + "type": models.InputSqsType.SQS, + "send_to_routes": True, + "pq_enabled": False, + "queue_name": "my-queue", + "queue_type": models.InputSqsQueueType.STANDARD, + "region": "us-east-1", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesSyslog + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "syslog-source", + "type": models.InputSyslogType1.SYSLOG, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "udp_port": 514, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesSystemMetrics + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "system-metrics-source", + "type": models.InputSystemMetricsType.SYSTEM_METRICS, + "send_to_routes": True, + "pq_enabled": False, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesSystemState + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "system-state-source", + "type": models.InputSystemStateType.SYSTEM_STATE, + "send_to_routes": True, + "pq_enabled": False, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesTcp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "tcp-source", + "type": models.InputTCPType.TCP, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10090, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesTcpjson + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "tcpjson-source", + "type": models.InputTcpjsonType.TCPJSON, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10090, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesWef + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "wef-source", + "type": models.InputWefType.WEF, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 5985, + "subscriptions": [ + { + "subscription_name": "subscription-1", + "content_format": models.InputWefFormat.RENDERED_TEXT, + "heartbeat_interval": 60, + "batch_timeout": 5, + "targets": [], + }, + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesWinEventLogs + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "win-event-logs-source", + "type": models.InputWinEventLogsType.WIN_EVENT_LOGS, + "send_to_routes": True, + "pq_enabled": False, + "log_names": [ + "Application", + "System", + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesWindowsMetrics + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "windows-metrics-source", + "type": models.InputWindowsMetricsType.WINDOWS_METRICS, + "send_to_routes": True, + "pq_enabled": False, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesWiz + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "wiz-source", + "type": models.InputWizType.WIZ, + "send_to_routes": True, + "pq_enabled": False, + "endpoint": "https://api.wiz.io", + "auth_url": "https://auth.wiz.io/oauth/token", + "client_id": "client-id", + "content_config": [], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesWizWebhook + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "wiz-webhook-source", + "type": models.InputWizWebhookType.WIZ_WEBHOOK, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10080, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesZscalerHec + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.packs.sources.update(id="", pack="", input_={ + "id": "zscaler-hec-source", + "type": models.InputZscalerHecType.ZSCALER_HEC, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 8088, + "hec_api": "/services/collector", + }) + + # Handle response + print(res) + ``` ### Parameters diff --git a/docs/sdks/packssourcesstatuses/README.md b/docs/sdks/packssourcesstatuses/README.md index c58e2b637..fb60b1242 100644 --- a/docs/sdks/packssourcesstatuses/README.md +++ b/docs/sdks/packssourcesstatuses/README.md @@ -4,16 +4,16 @@ ### Available Operations -* [get](#get) - Get the status of a Source within a Pack * [list](#list) - List the status of all Sources within a Pack +* [get](#get) - Get the status of a Source within a Pack -## get +## list -Get the status and optional metrics for the specified Source within the specified Pack. +List status information and optional metrics for all configured Sources in the Worker Group or Edge Fleet within the specified Pack. ### Example Usage - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -26,26 +26,29 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.packs.sources.statuses.get(id="", pack="") + res = ccp_client.packs.sources.statuses.list(pack="") - # Handle response - print(res) + while res is not None: + # Handle items + + res = res.next() ``` ### Parameters -| Parameter | Type | Required | Description | -| ---------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | -| `id` | *str* | :heavy_check_mark: | The id of the Source to get the status for. | -| `pack` | *str* | :heavy_check_mark: | The id of the Pack. | -| `metrics` | *Optional[bool]* | :heavy_minus_sign: | Set to true to include metrics for each Source. Otherwise, false (default). | -| `type` | *Optional[bool]* | :heavy_minus_sign: | Set to true to prefix the Source id with the Source type. Otherwise, false (default). | -| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | +| Parameter | Type | Required | Description | +| -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | +| `pack` | *str* | :heavy_check_mark: | The id of the Pack. | +| `metrics` | *Optional[bool]* | :heavy_minus_sign: | Set to true to include metrics for each Source. Otherwise, false (default). | +| `type` | *Optional[bool]* | :heavy_minus_sign: | Set to true to prefix the Source id with the Source type. Otherwise, false (default). | +| `offset` | *Optional[int]* | :heavy_minus_sign: | Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. | +| `limit` | *Optional[int]* | :heavy_minus_sign: | Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | ### Response -**[models.CountedInputStatus](../../models/countedinputstatus.md)** +**[models.GetInputStatusSystemInputsByPackResponse](../../models/getinputstatussysteminputsbypackresponse.md)** ### Errors @@ -54,13 +57,13 @@ with CriblControlPlane( | errors.Error | 500 | application/json | | errors.APIError | 4XX, 5XX | \*/\* | -## list +## get -List status information and optional metrics for all configured Sources in the Worker Group or Edge Fleet within the specified Pack. +Get the status and optional metrics for the specified Source within the specified Pack. ### Example Usage - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -73,29 +76,26 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.packs.sources.statuses.list(pack="") - - while res is not None: - # Handle items + res = ccp_client.packs.sources.statuses.get(id="", pack="") - res = res.next() + # Handle response + print(res) ``` ### Parameters -| Parameter | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -| `pack` | *str* | :heavy_check_mark: | The id of the Pack. | -| `metrics` | *Optional[bool]* | :heavy_minus_sign: | Set to true to include metrics for each Source. Otherwise, false (default). | -| `type` | *Optional[bool]* | :heavy_minus_sign: | Set to true to prefix the Source id with the Source type. Otherwise, false (default). | -| `offset` | *Optional[int]* | :heavy_minus_sign: | Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. | -| `limit` | *Optional[int]* | :heavy_minus_sign: | Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. | -| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | +| Parameter | Type | Required | Description | +| ---------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | +| `id` | *str* | :heavy_check_mark: | The id of the Source to get the status for. | +| `pack` | *str* | :heavy_check_mark: | The id of the Pack. | +| `metrics` | *Optional[bool]* | :heavy_minus_sign: | Set to true to include metrics for each Source. Otherwise, false (default). | +| `type` | *Optional[bool]* | :heavy_minus_sign: | Set to true to prefix the Source id with the Source type. Otherwise, false (default). | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | ### Response -**[models.GetInputStatusSystemInputsByPackResponse](../../models/getinputstatussysteminputsbypackresponse.md)** +**[models.CountedInputStatus](../../models/countedinputstatus.md)** ### Errors diff --git a/docs/sdks/pipelines/README.md b/docs/sdks/pipelines/README.md index d9dca8b28..ada74d7b5 100644 --- a/docs/sdks/pipelines/README.md +++ b/docs/sdks/pipelines/README.md @@ -6,12 +6,55 @@ Actions related to Pipelines ### Available Operations -* [create](#create) - Create a Pipeline * [list](#list) - List all Pipelines +* [create](#create) - Create a Pipeline * [delete](#delete) - Delete a Pipeline * [get](#get) - Get a Pipeline * [update](#update) - Update a Pipeline +## list + +Get a list of all Pipelines. + +### Example Usage + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.list() + + # Handle response + print(res) + +``` + +### Parameters + +| Parameter | Type | Required | Description | +| ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | + +### Response + +**[models.CountedPipeline](../../models/countedpipeline.md)** + +### Errors + +| Error Type | Status Code | Content Type | +| ---------------- | ---------------- | ---------------- | +| errors.Error | 500 | application/json | +| errors.APIError | 4XX, 5XX | \*/\* | + ## create Create a new Pipeline. @@ -1862,49 +1905,6 @@ with CriblControlPlane( | errors.Error | 500 | application/json | | errors.APIError | 4XX, 5XX | \*/\* | -## list - -Get a list of all Pipelines. - -### Example Usage - - -```python -from cribl_control_plane import CriblControlPlane, models -import os - - -with CriblControlPlane( - "https://api.example.com", - security=models.Security( - bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), - ), -) as ccp_client: - - res = ccp_client.pipelines.list() - - # Handle response - print(res) - -``` - -### Parameters - -| Parameter | Type | Required | Description | -| ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | -| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | - -### Response - -**[models.CountedPipeline](../../models/countedpipeline.md)** - -### Errors - -| Error Type | Status Code | Content Type | -| ---------------- | ---------------- | ---------------- | -| errors.Error | 500 | application/json | -| errors.APIError | 4XX, 5XX | \*/\* | - ## delete Delete the specified Pipeline. @@ -1995,7 +1995,7 @@ with CriblControlPlane( ## update -Update the specified Pipeline.

Provide a complete representation of the Pipeline that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Pipeline.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Pipeline might not function as expected. +Update the specified Pipeline.

Provide a complete representation of the Pipeline that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Pipeline.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Pipeline might not function as expected. ### Example Usage: PipelineExamplesAggregateMetrics @@ -3790,6 +3790,1832 @@ from cribl_control_plane import CriblControlPlane, models import os +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="xml-unroll-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that unrolls XML elements into separate events", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionXMLUnrollID.XML_UNROLL, + "conf": { + "unroll": "^Parent\\.Child$", + "inherit": "^Parent\\.(myID|branchLocation)$", + "unroll_idx_field": "unroll_idx", + "pretty": False, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesAggregateMetrics + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="aggregate-metrics-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that aggregates process metrics: CPU, memory, and bytes over time windows", + "streamtags": [], + "functions": [ + { + "filter_": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) || (_metric == 'proc.mem_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.mem_perc'\")) || (_metric == 'proc.bytes_in' || __criblMetrics[0].nameExpr.includes(\"'proc.bytes_in'\"))", + "id": models.PipelineFunctionAggregateMetricsID.AGGREGATE_METRICS, + "conf": { + "passthrough": False, + "preserve_group_bys": False, + "sufficient_stats_only": False, + "time_window": "10s", + "aggregations": [ + { + "metric_type": models.PipelineFunctionAggregateMetricsMetricType.GAUGE, + "agg": "avg(_value || proc.cpu_perc).as(proc.cpu_perc_avg)", + }, + { + "metric_type": models.PipelineFunctionAggregateMetricsMetricType.GAUGE, + "agg": "sum(_value || proc.mem_perc).as(proc.mem_perc_sum)", + }, + { + "metric_type": models.PipelineFunctionAggregateMetricsMetricType.COUNTER, + "agg": "count(_value || proc.bytes_in).as(proc.bytes_in_count)", + }, + ], + "groupbys": [ + "proc", + ], + "cumulative": False, + "should_treat_dots_as_literals": True, + "flush_on_input_close": True, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesAggregations + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="aggregation-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that aggregates rejected bytes grouped by source address every 10 seconds", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionAggregationID.AGGREGATION, + "conf": { + "passthrough": False, + "preserve_group_bys": False, + "sufficient_stats_only": False, + "metrics_mode": False, + "time_window": "10s", + "aggregations": [ + "sum(bytes).where(action==\"REJECT\").as(TotalBytes)", + ], + "groupbys": [ + "srcaddr", + ], + "cumulative": False, + "should_treat_dots_as_literals": False, + "flush_on_input_close": True, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesAutoTimestamp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="auto-timestamp-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that extracts timestamps from event data using auto timestamp function", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionAutoTimestampID.AUTO_TIMESTAMP, + "conf": { + "src_field": "_raw", + "dst_field": "_time", + "default_timezone": "local", + "time_expression": "time.getTime() / 1000", + "offset": 0, + "max_len": 150, + "default_time": models.DefaultTime.NOW, + "latest_date_allowed": "+1week", + "earliest_date_allowed": "-420weeks", + "timestamps": [ + { + "regex": "/(\\d{1,2}\\/\\d{2}\\/\\d{4}\\s\\d{1,2}:\\d{2}:\\d{2}\\s\\w{2})/", + "strptime": "%Y-%m-%d %H:%M:%S", + }, + ], + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesCEFSerializer + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="cef-serializer-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that formats events in CEF format with custom header and extension fields", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionCefID.CEF, + "conf": { + "output_field": "_raw", + "header": [ + { + "value": "'CEF:0'", + }, + { + "value": "'Cribl'", + }, + { + "value": "'Cribl'", + }, + { + "value": "C.version", + }, + { + "value": "420", + }, + { + "value": "'Cribl Event'", + }, + { + "value": "6", + }, + ], + "extension": [ + { + "name": "c6a1Label", + "value": "'Colorado_Ext_Bldg7'", + }, + ], + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesChain + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="chain-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that chains to another pipeline for sequential data processing", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionChainID.CHAIN, + "conf": { + "processor": "prometheus_metrics", + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesClone + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="clone-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that creates cloned events with additional fields for comparison or routing", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionCloneID.CLONE, + "conf": { + "clones": [ + { + "env": "staging", + }, + { + "index": "clones", + }, + ], + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesComment + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="comment-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline with comment function for documentation", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionCommentID.COMMENT, + "conf": { + "comment": "This function processes security events and enriches them with DNS lookups", + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesDNSLookup + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="dns-lookup-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that performs DNS lookups to resolve hostnames and IP addresses", + "streamtags": [], + "functions": [ + models.PipelineFunctionDNSLookup( + filter_="true", + id=models.PipelineFunctionDNSLookupID.DNS_LOOKUP, + conf=models.FunctionConfSchemaDNSLookup( + dns_lookup_fields=[ + models.DNSLookupField( + in_field_name="hostname", + resource_record_type=models.ResourceRecordType.A, + out_field_name="hostname_ip", + ), + ], + reverse_lookup_fields=[ + models.ReverseLookupField( + in_field_name="src_ip", + out_field_name="src_hostname", + ), + ], + cache_ttl=30, + max_cache_size=5000, + use_resolv_conf=False, + lookup_fallback=False, + lookup_fail_log_level=models.LogLevelForFailedLookups.ERROR, + ), + ), + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesDrop + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="drop-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that drops events containing success messages", + "streamtags": [], + "functions": [ + { + "filter_": "_raw.search(/success/i)>=0", + "id": models.PipelineFunctionDropID.DROP, + "conf": {}, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesDropDimensions + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="drop-dimensions-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that drops specified dimensions from metrics to reduce cardinality", + "streamtags": [], + "functions": [ + { + "filter_": "(_metric == 'proc.cpu_perc' || __criblMetrics[0].nameExpr.includes(\"'proc.cpu_perc'\")) && (__criblMetrics[0].dims.includes(\"proc\"))", + "id": models.PipelineFunctionDropDimensionsID.DROP_DIMENSIONS, + "conf": { + "time_window": "10s", + "drop_dimensions": [ + "proc", + "pie", + "unit", + ], + "flush_on_input_close": True, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesDynamicSampling + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="dynamic-sampling-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that dynamically samples events based on volume using square root mode", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionDynamicSamplingID.DYNAMIC_SAMPLING, + "conf": { + "mode": models.SampleMode.SQRT, + "key_expr": "`${domain}:${httpCode}`", + "sample_period": 20, + "min_events": 3, + "max_sample_rate": 3, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesEmpty + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="empty-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "", + "streamtags": [], + "functions": [], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesEval + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="eval-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that evaluates JavaScript expressions to add, modify, and remove fields", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionEvalID.EVAL, + "conf": { + "add": [ + { + "name": "action", + "value": "login == 'error' ? 'blocked' : action", + }, + { + "name": "myTags", + "value": "login == 'error' ? [...myTags, 'error'] : myTags", + }, + ], + "keep": [ + "host", + "source", + "action", + "myTags", + ], + "remove": [ + "identification", + ], + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesEventBreaker + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="event-breaker-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that breaks large event streams into discrete events using regex", + "streamtags": [], + "functions": [ + models.PipelineFunctionEventBreaker( + filter_="true", + id=models.PipelineFunctionEventBreakerID.EVENT_BREAKER, + conf=models.EventBreakerExistingOrNewNewRuleTypeRegex( + rule_type=models.EventBreakerTypeOptionsEventBreakerExistingOrNewNew.REGEX, + event_breaker_regex="/[\\n\\r]+(?!\\s)/", + existing_or_new=models.EventBreakerExistingOrNewNewRuleTypeRegexExistingOrNew.NEW, + max_event_bytes=51200, + timestamp_anchor_regex="/^/", + timestamp=models.EventBreakerExistingOrNewNewTimestampTypeAuto( + type=models.TimestampTypeOptionsEventBreakerExistingOrNewNewTimestamp.AUTO, + length=150, + ), + timestamp_timezone="local", + timestamp_earliest="-420weeks", + timestamp_latest="+1week", + should_mark_cribl_breaker=True, + ), + ), + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesFlatten + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="flatten-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that flattens nested JSON structures into top-level fields", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionFlattenID.FLATTEN, + "conf": { + "fields": [], + "prefix": "", + "depth": 5, + "delimiter": "_", + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesFoldKeys + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="fold-keys-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that transforms flat field names with separators into nested structures", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionFoldkeysID.FOLDKEYS, + "conf": { + "delete_original": True, + "separator": "_", + "selection_reg_exp": "^data", + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesGeoIP + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="geoip-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that enriches events with geolocation data from IP addresses", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionGeoipID.GEOIP, + "conf": { + "file": "GeoLite2-City.mmdb", + "in_field": "ip", + "out_field": "geoip", + "additional_fields": [ + { + "extra_in_field": "src_ip", + "extra_out_field": "src_geoip", + }, + ], + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesGrok + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="grok-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that extracts structured fields from log data using Grok patterns", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionGrokID.GROK, + "conf": { + "pattern": "%{TIMESTAMP_ISO8601:event_time} %{LOGLEVEL:log_level} %{GREEDYDATA:log_message}", + "pattern_list": [], + "source": "_raw", + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesGuard + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="guard-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that scans for sensitive data and applies mitigation expressions", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionSensitiveDataScannerID.SENSITIVE_DATA_SCANNER, + "conf": { + "rules": [ + { + "ruleset_id": "Finance_Global", + "replace_expr": "'REDACTED'", + "disabled": False, + }, + ], + "fields": [ + "_raw", + ], + "exclude_fields": [], + "flags": [ + { + "name": "_sensitive", + "value": "true", + }, + ], + "include_detected_rules": True, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesJSONUnroll + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="json-unroll-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that unrolls JSON arrays into individual events while retaining parent fields", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionJSONUnrollID.JSON_UNROLL, + "conf": { + "path": "allCars", + "name": "cars", + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesLookup + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="lookup-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that enriches events with location data from IP address lookups", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionLookupID.LOOKUP, + "conf": { + "file": "ip_locations.csv", + "db_lookup": False, + "match_mode": models.MatchMode.EXACT, + "reload_period_sec": -1, + "in_fields": [ + { + "event_field": "destination_ip", + "lookup_field": "ip", + }, + ], + "out_fields": [ + { + "lookup_field": "location", + "event_field": "location", + "default_value": "Unknown", + }, + ], + "add_to_event": False, + "ignore_case": False, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesMask + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="mask-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that masks Social Security numbers and other sensitive data", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionMaskID.MASK, + "conf": { + "rules": [ + { + "match_regex": "/(social=)(\\d+)/", + "replace_expr": "`${g1}${C.Mask.md5(g2)}`", + "disabled": False, + }, + ], + "fields": [ + "_raw", + ], + "depth": 5, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesNumerify + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="numerify-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that converts string numbers to numeric type for mathematical operations", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionNumerifyID.NUMERIFY, + "conf": { + "format_": models.NumerifyFormatNoneFormat.NONE, + "depth": 5, + "ignore_fields": [], + "filter_expr": "", + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesOTLPLogs + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="otlp-logs-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that normalizes and batches OTLP log events from OpenTelemetry sources", + "streamtags": [], + "functions": [ + { + "filter_": "__inputId=='open_telemetry:open_telemetry'", + "id": models.PipelineFunctionOtlpLogsID.OTLP_LOGS, + "conf": { + "drop_non_log_events": False, + "batch_otlp_logs": True, + "send_batch_size": 8192, + "timeout": 200, + "send_batch_max_size": 0, + "metadata_keys": [], + "metadata_cardinality_limit": 1000, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesOTLPMetrics + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="otlp-metrics-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that converts dimensional metrics to OTLP format and batches them by resource attributes", + "streamtags": [], + "functions": [ + { + "filter_": "__inputId=='prometheus_rw:prom_rw_in'", + "id": models.PipelineFunctionOtlpMetricsID.OTLP_METRICS, + "conf": { + "resource_attribute_prefixes": [ + "service", + "system", + "telemetry", + "k8s", + "cloud", + "host", + "process", + ], + "drop_non_metric_events": False, + "otlp_version": models.OtlpVersionOptions.ZERO_DOT_10_DOT_0, + "batch_otlp_metrics": True, + "send_batch_size": 8192, + "timeout": 200, + "send_batch_max_size": 0, + "metadata_keys": [], + "metadata_cardinality_limit": 1000, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesOTLPTraces + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="otlp-traces-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that normalizes and batches OTLP trace events from OpenTelemetry sources", + "streamtags": [], + "functions": [ + { + "filter_": "__inputId=='open_telemetry:open_telemetry'", + "id": models.PipelineFunctionOtlpTracesID.OTLP_TRACES, + "conf": { + "drop_non_trace_events": False, + "otlp_version": models.OtlpVersionOptions.ZERO_DOT_10_DOT_0, + "batch_otlp_traces": True, + "send_batch_size": 8192, + "timeout": 200, + "send_batch_max_size": 0, + "metadata_keys": [], + "metadata_cardinality_limit": 1000, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesParser + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="parser-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that extracts fields from key-value pair formatted data", + "streamtags": [], + "functions": [ + models.PipelineFunctionSerde( + filter_="true", + id=models.PipelineFunctionSerdeID.SERDE, + conf=models.SerdeTypeKvp( + type=models.TypeOptions.KVP, + keep=[ + "a", + "b", + "c", + ], + remove=[ + "*", + ], + clean_fields=False, + mode=models.SerdeTypeKvpOperationMode.EXTRACT, + src_field="_raw", + ), + ), + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesPublishMetrics + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="publish-metrics-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that extracts metrics from events and formats them for metrics aggregation platforms", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionPublishMetricsID.PUBLISH_METRICS, + "conf": { + "fields": [ + { + "in_field_name": "bytes", + "out_field_expr": "'metric_name.bytes'", + "metric_type": models.FunctionConfSchemaPublishMetricsMetricType.GAUGE, + }, + { + "in_field_name": "packets", + "out_field_expr": "'metric_name.packets'", + "metric_type": models.FunctionConfSchemaPublishMetricsMetricType.GAUGE, + }, + ], + "overwrite": False, + "dimensions": [ + "action", + "interface_id", + "dstaddr", + ], + "remove_metrics": [], + "remove_dimensions": [], + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesRedis + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="redis-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that retrieves values from Redis using GET command", + "streamtags": [], + "functions": [ + models.PipelineFunctionRedis( + filter_="true", + id=models.PipelineFunctionRedisID.REDIS, + conf=models.RedisAuthTypeNone( + auth_type=models.RedisAuthTypeNoneAuthenticationMethod.NONE, + commands=[ + models.RedisAuthTypeNoneCommand( + out_field="cached_value", + command="get", + key_expr="'user_session'", + args_expr="", + ), + ], + deployment_type=models.RedisAuthTypeNoneDeploymentType.STANDALONE, + max_block_secs=60, + url="'redis://localhost:6379/0'", + ), + ), + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesRegexExtract + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="regex-extract-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that extracts structured fields from log data using regex patterns with named capture groups", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionRegexExtractID.REGEX_EXTRACT, + "conf": { + "regex": "/metric1=(?\\d+)/", + "source": "_raw", + "iterations": 100, + "overwrite": False, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesRegexFilter + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="regex-filter-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that filters out events matching specific regex patterns", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionRegexFilterID.REGEX_FILTER, + "conf": { + "regex": "/Opera/", + "field": "_raw", + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesRename + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="rename-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that renames fields using key-value pairs and expressions", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionRenameID.RENAME, + "conf": { + "base_fields": [], + "rename": [ + { + "current_name": "level", + "new_name": "LEVEL", + }, + ], + "rename_expr": "name.startsWith('out') ? name.toUpperCase() : name", + "wildcard_depth": 5, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesRollupMetrics + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="rollup-metrics-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that consolidates high-frequency metrics into manageable time windows", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionRollupMetricsID.ROLLUP_METRICS, + "conf": { + "dimensions": [ + "*", + ], + "time_window": "30s", + "gauge_rollup": models.GaugeUpdate.LAST, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesSNMPTrapSerialize + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="snmp-trap-serialize-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that serializes events into SNMP trap format for SNMP trap destinations", + "streamtags": [], + "functions": [ + models.PipelineFunctionSnmpTrapSerialize( + filter_="true", + id=models.PipelineFunctionSnmpTrapSerializeID.SNMP_TRAP_SERIALIZE, + conf=models.FunctionConfSchemaSnmpTrapSerialize( + strict=True, + drop_failed_events=True, + ), + ), + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesSampling + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="sampling-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that samples events at specified rates based on filter criteria", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionSamplingID.SAMPLING, + "conf": { + "rules": [ + { + "filter_": "__status == 200", + "rate": 5, + }, + ], + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesSerialize + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="serialize-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that serializes event fields into JSON format", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionSerializeID.SERIALIZE, + "conf": { + "type": models.SerializeTypeKvpType.KVP, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesSuppress + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="suppress-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that suppresses duplicate events based on a key expression", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionSuppressID.SUPPRESS, + "conf": { + "key_expr": "`${ip}:${port}`", + "allow": 1, + "suppress_period_sec": 30, + "drop_events_mode": True, + "max_cache_size": 50000, + "cache_idle_timeout_periods": 2, + "num_events_idle_timeout_trigger": 10000, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesTee + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="tee-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that sends events to a command via stdin for debugging purposes", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionTeeID.TEE, + "conf": { + "command": "tee", + "args": [ + "/opt/cribl/foo.log", + ], + "restart_on_exit": True, + "env": { + + }, + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesUnroll + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.pipelines.update(id_param="", id="unroll-pipeline", conf={ + "async_func_timeout": 1000, + "output": "default", + "description": "Pipeline that unrolls array fields into separate events", + "streamtags": [], + "functions": [ + { + "filter_": "true", + "id": models.PipelineFunctionUnrollID.UNROLL, + "conf": { + "src_expr": "_raw.split(/\\n/)", + "dst_field": "_raw", + }, + }, + ], + "groups": { + + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdatePipelineExamplesXMLUnroll + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + with CriblControlPlane( "https://api.example.com", security=models.Security( diff --git a/docs/sdks/routessdk/README.md b/docs/sdks/routessdk/README.md index deaecac1f..05bf85eb6 100644 --- a/docs/sdks/routessdk/README.md +++ b/docs/sdks/routessdk/README.md @@ -6,11 +6,54 @@ Actions related to Routes ### Available Operations +* [list](#list) - List all Routes * [get](#get) - Get a Routing table * [update](#update) - Update a Route -* [list](#list) - List all Routes * [append](#append) - Add a Route to the end of the Routing table +## list + +Get a list of all Routes. + +### Example Usage + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.routes.list() + + # Handle response + print(res) + +``` + +### Parameters + +| Parameter | Type | Required | Description | +| ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | + +### Response + +**[models.CountedRoutes](../../models/countedroutes.md)** + +### Errors + +| Error Type | Status Code | Content Type | +| ---------------- | ---------------- | ---------------- | +| errors.Error | 500 | application/json | +| errors.APIError | 4XX, 5XX | \*/\* | + ## get Get the specified Routing table. @@ -57,7 +100,7 @@ with CriblControlPlane( ## update -Update a Route in the specified Routing table.

Provide a complete representation of the Routing table, including the Route that you want to update, in the request body. This endpoint does not support partial updates. Cribl removes any omitted Routes and fields when updating.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the Routing table might not function as expected. +Update a Route in the specified Routing table.

\1 This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Routing table.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Routing table might not function as expected.

Cribl also removes any omitted Routes when updating the Routing table. ### Example Usage: RoutesUpdateExamplesBasicRoute @@ -230,49 +273,6 @@ with CriblControlPlane( | errors.Error | 500 | application/json | | errors.APIError | 4XX, 5XX | \*/\* | -## list - -Get a list of all Routes. - -### Example Usage - - -```python -from cribl_control_plane import CriblControlPlane, models -import os - - -with CriblControlPlane( - "https://api.example.com", - security=models.Security( - bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), - ), -) as ccp_client: - - res = ccp_client.routes.list() - - # Handle response - print(res) - -``` - -### Parameters - -| Parameter | Type | Required | Description | -| ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | -| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | - -### Response - -**[models.CountedRoutes](../../models/countedroutes.md)** - -### Errors - -| Error Type | Status Code | Content Type | -| ---------------- | ---------------- | ---------------- | -| errors.Error | 500 | application/json | -| errors.APIError | 4XX, 5XX | \*/\* | - ## append Add a Route to the end of the specified Routing table. diff --git a/docs/sdks/settings/README.md b/docs/sdks/settings/README.md index da1ca9eef..e1c4fdb92 100644 --- a/docs/sdks/settings/README.md +++ b/docs/sdks/settings/README.md @@ -8,7 +8,7 @@ ## restart -Restart the Cribl server.Useful for applying configuration changes that require a full process restart, such as changes to system-level settings that cannot be applied by reloading. +Restart the Cribl server. Useful for applying configuration changes that require a full process restart, such as changes to system-level settings that cannot be applied by reloading. ### Example Usage diff --git a/docs/sdks/sources/README.md b/docs/sdks/sources/README.md index 99cd583f0..9084f1432 100644 --- a/docs/sdks/sources/README.md +++ b/docs/sdks/sources/README.md @@ -551,19 +551,19 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.sources.create(request=models.CreateInputInputEventhubAmqp( - id="eventhub-amqp-source", - type=models.CreateInputTypeEventhubAmqp.EVENTHUB_AMQP, - send_to_routes=True, - pq_enabled=False, - event_hub_name="my-event-hub", - consumer_group="$Default", - checkpointing=models.CreateInputCheckpointing( - blob_store=models.CreateInputAzureBlobStorage( - container_name="my-container", - ), - ), - )) + res = ccp_client.sources.create(request={ + "id": "eventhub-amqp-source", + "type": models.CreateInputTypeEventhubAmqp.EVENTHUB_AMQP, + "send_to_routes": True, + "pq_enabled": False, + "event_hub_name": "my-event-hub", + "consumer_group": "$Default", + "checkpointing": { + "blob_store": { + "container_name": "my-container", + }, + }, + }) # Handle response print(res) @@ -2075,7 +2075,7 @@ with CriblControlPlane( ## update -Update the specified Source.

Provide a complete representation of the Source that you want to update in the request body. This endpoint does not support partial updates. Cribl removes omitted fields when updating the Source, except for criblSourceProvenance (its value is preserved when omitted and cannot be overwritten).

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Source might not function as expected. +Update the specified Source.

Provide a complete representation of the Source that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Source.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Source might not function as expected.

Cribl preserves criblSourceProvenance when you omit it from the request body, and you cannot overwrite it through this endpoint. ### Example Usage: InputCreateExamplesAnthropicCompliance @@ -2568,19 +2568,19 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.sources.update(id="", input_=models.InputEventhubAmqpInput( - id="eventhub-amqp-source", - type=models.InputEventhubAmqpType.EVENTHUB_AMQP, - send_to_routes=True, - pq_enabled=False, - event_hub_name="my-event-hub", - consumer_group="$Default", - checkpointing=models.InputEventhubAmqpCheckpointing( - blob_store=models.InputEventhubAmqpAzureBlobStorage( - container_name="my-container", - ), - ), - )) + res = ccp_client.sources.update(id="", input_={ + "id": "eventhub-amqp-source", + "type": models.InputEventhubAmqpType.EVENTHUB_AMQP, + "send_to_routes": True, + "pq_enabled": False, + "event_hub_name": "my-event-hub", + "consumer_group": "$Default", + "checkpointing": { + "blob_store": { + "container_name": "my-container", + }, + }, + }) # Handle response print(res) @@ -4078,6 +4078,2008 @@ with CriblControlPlane( # Handle response print(res) +``` +### Example Usage: UpdateInputExamplesAnthropicCompliance + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "anthropic-compliance-source", + "type": models.InputAnthropicComplianceType.ANTHROPIC_COMPLIANCE, + "send_to_routes": True, + "pq_enabled": False, + "text_secret": "anthropic-api-key-secret", + "content_config": [ + { + "content_type": "activities", + "content_description": "Compliance Activities", + "enabled": True, + "state_tracking": True, + "state_update_expression": "__timestampExtracted !== false && {latestTime: (state.latestTime || 0) > _time ? state.latestTime : _time}", + "state_merge_expression": "prevState.latestTime > newState.latestTime ? prevState : newState", + "cron_schedule": "*/5 * * * *", + "earliest": "-7d@d", + "latest": "now", + "job_timeout": "300", + }, + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesAppleUnifiedLogs + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "apple-unified-logs-source", + "type": models.InputAppleUnifiedLogsType.APPLE_UNIFIED_LOGS, + "send_to_routes": True, + "pq_enabled": False, + "predicate": "subsystem == \"com.apple.security\"", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesAppscope + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "appscope-source", + "type": models.InputAppscopeType.APPSCOPE, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 9109, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesAzureBlob + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "azure-blob-source", + "type": models.InputAzureBlobType.AZURE_BLOB, + "send_to_routes": True, + "pq_enabled": False, + "queue_name": "azure-blob-queue", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesCloudflareHec + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "cloudflare-hec-source", + "type": models.InputCloudflareHecType.CLOUDFLARE_HEC, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 8088, + "hec_api": "/services/collector", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesCollection + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "collection-source", + "type": models.InputCollectionType.COLLECTION, + "send_to_routes": True, + "pq_enabled": False, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesConfluentCloud + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_=models.InputConfluentCloudInput( + id="confluent-cloud-source", + type=models.InputConfluentCloudType.CONFLUENT_CLOUD, + send_to_routes=True, + pq_enabled=False, + brokers=[ + "pkc-xxxxx.us-east-1.aws.confluent.cloud:9092", + ], + topics=[ + "logs", + ], + )) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesCribl + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "cribl-source", + "type": models.InputCriblType.CRIBL, + "send_to_routes": True, + "pq_enabled": False, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesCriblHttp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "cribl-http-source", + "type": models.InputCriblHTTPType.CRIBL_HTTP, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10080, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesCriblLakeHttp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "cribl-lake-http-source", + "type": models.InputCriblLakeHTTPType.CRIBL_LAKE_HTTP, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10080, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesCriblMetrics + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "cribl-metrics-source", + "type": models.InputCriblmetricsType.CRIBLMETRICS, + "send_to_routes": True, + "pq_enabled": False, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesCriblTcp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "cribl-tcp-source", + "type": models.InputCriblTCPType.CRIBL_TCP, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10090, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesCrowdstrike + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "crowdstrike-source", + "type": models.InputCrowdstrikeType.CROWDSTRIKE, + "send_to_routes": True, + "pq_enabled": False, + "queue_name": "crowdstrike-queue", + "region": "us-east-1", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesDatadogAgent + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "datadog-agent-source", + "type": models.InputDatadogAgentType.DATADOG_AGENT, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 8126, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesDatagen + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "datagen-source", + "type": models.InputDatagenType.DATAGEN, + "send_to_routes": True, + "pq_enabled": False, + "samples": [ + { + "sample": "sample.json", + "events_per_sec": 10, + }, + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesEdgePrometheus + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "edge-prometheus-source", + "type": models.InputEdgePrometheusType.EDGE_PROMETHEUS, + "send_to_routes": True, + "pq_enabled": False, + "discovery_type": models.InputEdgePrometheusDiscoveryType.STATIC, + "interval": 60, + "targets": [ + { + "host": "localhost", + }, + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesElastic + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "elastic-source", + "type": models.InputElasticType.ELASTIC, + "send_to_routes": True, + "pq_enabled": False, + "host": "localhost", + "port": 9200, + "elastic_api": "/", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesEventhub + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "eventhub-source", + "type": models.InputEventhubType.EVENTHUB, + "send_to_routes": True, + "pq_enabled": False, + "brokers": [ + "myeventhub.servicebus.windows.net:9093", + ], + "topics": [ + "logs", + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesEventhubAmqp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "eventhub-amqp-source", + "type": models.InputEventhubAmqpType.EVENTHUB_AMQP, + "send_to_routes": True, + "pq_enabled": False, + "event_hub_name": "my-event-hub", + "consumer_group": "$Default", + "checkpointing": { + "blob_store": { + "container_name": "my-container", + }, + }, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesExec + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "exec-source", + "type": models.InputExecType.EXEC, + "send_to_routes": True, + "pq_enabled": False, + "command": "echo \"Hello World\"", + "interval": 60, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesFile + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "file-source", + "type": models.InputFileType.FILE, + "send_to_routes": True, + "pq_enabled": False, + "mode": models.InputFileMode.MANUAL, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesFirehose + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "firehose-source", + "type": models.InputFirehoseType.FIREHOSE, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10080, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesGooglePubsub + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "google-pubsub-source", + "type": models.InputGooglePubsubType.GOOGLE_PUBSUB, + "send_to_routes": True, + "pq_enabled": False, + "topic_name": "my-topic", + "subscription_name": "my-subscription", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesGrafana + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "grafana-source", + "type": models.InputGrafanaType1.GRAFANA, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10080, + "prometheus_api": "/api/prom/push", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesHttp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "http-source", + "type": models.InputHTTPType.HTTP, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10080, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesHttpRaw + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "http-raw-source", + "type": models.InputHTTPRawType.HTTP_RAW, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10080, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesJournalFiles + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "journal-files-source", + "type": models.InputJournalFilesType.JOURNAL_FILES, + "send_to_routes": True, + "pq_enabled": False, + "path": "/var/log/journal", + "journals": [ + "system", + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesKafka + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_=models.InputKafkaInput( + id="kafka-source", + type=models.InputKafkaType.KAFKA, + send_to_routes=True, + pq_enabled=False, + brokers=[ + "localhost:9092", + ], + topics=[ + "logs", + ], + )) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesKinesis + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "kinesis-source", + "type": models.InputKinesisType.KINESIS, + "send_to_routes": True, + "pq_enabled": False, + "stream_name": "my-stream", + "region": "us-east-1", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesKubeEvents + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "kube-events-source", + "type": models.InputKubeEventsType.KUBE_EVENTS, + "send_to_routes": True, + "pq_enabled": False, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesKubeLogs + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "kube-logs-source", + "type": models.InputKubeLogsType.KUBE_LOGS, + "send_to_routes": True, + "pq_enabled": False, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesKubeMetrics + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "kube-metrics-source", + "type": models.InputKubeMetricsType.KUBE_METRICS, + "send_to_routes": True, + "pq_enabled": False, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesLoki + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "loki-source", + "type": models.InputLokiType.LOKI, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10080, + "loki_api": "/loki/api/v1/push", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesMetrics + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "metrics-source", + "type": models.InputMetricsType.METRICS, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "udp_port": 8125, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesMicrosoftGraph + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "microsoft-graph-source", + "type": models.InputMicrosoftGraphType.MICROSOFT_GRAPH, + "send_to_routes": True, + "pq_enabled": False, + "url": "https://graph.microsoft.com/v1.0/admin/exchange/tracing/messageTraces", + "interval": 15, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesModelDrivenTelemetry + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "mdt-source", + "type": models.InputModelDrivenTelemetryType.MODEL_DRIVEN_TELEMETRY, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 57000, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesMsk + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_=models.InputMskInput( + id="msk-source", + type=models.InputMskType.MSK, + send_to_routes=True, + pq_enabled=False, + brokers=[ + "b-1.example.xxxxx.c2.kafka.us-east-1.amazonaws.com:9092", + ], + topics=[ + "logs", + ], + aws_authentication_method=models.AuthenticationMethodOptionsS3CollectorConf.AUTO, + region="us-east-1", + )) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesNetflow + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "netflow-source", + "type": models.InputNetflowType.NETFLOW, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 2055, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesOffice365Mgmt + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "office365-mgmt-source", + "type": models.InputOffice365MgmtType.OFFICE365_MGMT, + "send_to_routes": True, + "pq_enabled": False, + "plan_type": models.SubscriptionPlanOptions.ENTERPRISE_GCC, + "tenant_id": "tenant-id", + "app_id": "app-id", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesOffice365MsgTrace + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "office365-msg-trace-source", + "type": models.InputOffice365MsgTraceType.OFFICE365_MSG_TRACE, + "send_to_routes": True, + "pq_enabled": False, + "url": "https://reports.office365.com/ecp/reportingwebservice/reporting.svc/MessageTrace", + "interval": 15, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesOffice365Service + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "office365-service-source", + "type": models.InputOffice365ServiceType.OFFICE365_SERVICE, + "send_to_routes": True, + "pq_enabled": False, + "tenant_id": "tenant-id", + "app_id": "app-id", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesOkta + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "okta-source", + "type": models.InputOktaType.OKTA, + "send_to_routes": True, + "pq_enabled": False, + "okta_domain": "your-org", + "text_secret": "okta-api-token-secret", + "cron_schedule": "*/5 * * * *", + "earliest": "-7d@d", + "latest": "now", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesOpenAI + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "openai-source", + "type": models.InputOpenaiType.OPENAI, + "send_to_routes": True, + "pq_enabled": False, + "content_config": [ + { + "disabled": False, + "request_params": [ + { + "name": "effective_at[gt]", + "value": "`${Math.round(Date.now()/1000 - 3600)}`", + }, + { + "name": "limit", + "value": "100", + }, + ], + "pagination_type": models.InputOpenaiPaginationType.RESPONSE_BODY, + "pagination_attribute": [ + "last_id", + ], + "pagination_last_page_expr": "has_more === false", + "cron_schedule": "0 * * * *", + "earliest": "-1h", + "latest": "now", + }, + ], + "text_secret": "openai-api-key-secret", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesOpenAIComplianceLogs + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "openai-compliance-logs-source", + "type": models.InputOpenaiComplianceLogsType.OPENAI_COMPLIANCE_LOGS, + "send_to_routes": True, + "pq_enabled": False, + "text_secret": "openai-api-key-secret", + "account_type": models.InputOpenaiComplianceLogsAccountType.WORKSPACE, + "cron_schedule": "*/15 * * * *", + "earliest": "-1h", + "latest": "now", + "workspace_id": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee", + "workspace_event_types": [ + "AUDIT_LOG", + "AUTH_LOG", + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesOpenTelemetry + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "otel-source", + "type": models.InputOpenTelemetryType.OPEN_TELEMETRY, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 4317, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesPrometheus + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "prometheus-source", + "type": models.InputPrometheusType.PROMETHEUS, + "send_to_routes": True, + "pq_enabled": False, + "discovery_type": models.InputPrometheusDiscoveryType.STATIC, + "interval": 60, + "log_level": models.LogLevelOptions.INFO, + "target_list": [ + "http://localhost:9090/metrics", + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesPrometheusRw + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "prometheus-rw-source", + "type": models.InputPrometheusRwType.PROMETHEUS_RW, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10080, + "prometheus_api": "/write", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesRawUdp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "raw-udp-source", + "type": models.InputRawUDPType.RAW_UDP, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 514, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesS3 + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "s3-source", + "type": models.InputS3Type.S3, + "send_to_routes": True, + "pq_enabled": False, + "queue_name": "s3-notifications-queue", + "region": "us-east-1", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesS3Inventory + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "s3-inventory-source", + "type": models.InputS3InventoryType.S3_INVENTORY, + "send_to_routes": True, + "pq_enabled": False, + "queue_name": "s3-inventory-queue", + "region": "us-east-1", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesSecurityLake + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "security-lake-source", + "type": models.InputSecurityLakeType.SECURITY_LAKE, + "send_to_routes": True, + "pq_enabled": False, + "queue_name": "security-lake-queue", + "region": "us-east-1", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesServiceNowTable + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "servicenow-table-source", + "type": models.InputServicenowTableType.SERVICENOW_TABLE, + "send_to_routes": True, + "pq_enabled": False, + "instance": "https://example.service-now.com", + "table_name": "incident", + "fields": [ + "sys_id", + "number", + "short_description", + ], + "page_size": 10000, + "cron_schedule": "0 * * * *", + "earliest": "-1d", + "latest": "now", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesSnmp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "snmp-source", + "type": models.InputSnmpType.SNMP, + "send_to_routes": True, + "pq_enabled": False, + "host": "192.168.1.1", + "port": 161, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesSplunk + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "splunk-source", + "type": models.InputSplunkType.SPLUNK, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 9997, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesSplunkHec + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "splunk-hec-source", + "type": models.InputSplunkHecType.SPLUNK_HEC, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 8088, + "splunk_hec_api": "/services/collector", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesSplunkSearch + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "splunk-search-source", + "type": models.InputSplunkSearchType.SPLUNK_SEARCH, + "send_to_routes": True, + "pq_enabled": False, + "search_head": "https://localhost:8089", + "search": "index=main", + "cron_schedule": "*/15 * * * *", + "endpoint": "/services/search/v2/jobs/export", + "output_mode": models.OutputModeOptionsSplunkCollectorConf.JSON, + "auth_type": models.InputSplunkSearchAuthenticationType.BASIC, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesSqs + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "sqs-source", + "type": models.InputSqsType.SQS, + "send_to_routes": True, + "pq_enabled": False, + "queue_name": "my-queue", + "queue_type": models.InputSqsQueueType.STANDARD, + "region": "us-east-1", + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesSyslog + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "syslog-source", + "type": models.InputSyslogType1.SYSLOG, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "udp_port": 514, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesSystemMetrics + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "system-metrics-source", + "type": models.InputSystemMetricsType.SYSTEM_METRICS, + "send_to_routes": True, + "pq_enabled": False, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesSystemState + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "system-state-source", + "type": models.InputSystemStateType.SYSTEM_STATE, + "send_to_routes": True, + "pq_enabled": False, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesTcp + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "tcp-source", + "type": models.InputTCPType.TCP, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10090, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesTcpjson + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "tcpjson-source", + "type": models.InputTcpjsonType.TCPJSON, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10090, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesWef + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "wef-source", + "type": models.InputWefType.WEF, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 5985, + "subscriptions": [ + { + "subscription_name": "subscription-1", + "content_format": models.InputWefFormat.RENDERED_TEXT, + "heartbeat_interval": 60, + "batch_timeout": 5, + "targets": [], + }, + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesWinEventLogs + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "win-event-logs-source", + "type": models.InputWinEventLogsType.WIN_EVENT_LOGS, + "send_to_routes": True, + "pq_enabled": False, + "log_names": [ + "Application", + "System", + ], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesWindowsMetrics + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "windows-metrics-source", + "type": models.InputWindowsMetricsType.WINDOWS_METRICS, + "send_to_routes": True, + "pq_enabled": False, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesWiz + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "wiz-source", + "type": models.InputWizType.WIZ, + "send_to_routes": True, + "pq_enabled": False, + "endpoint": "https://api.wiz.io", + "auth_url": "https://auth.wiz.io/oauth/token", + "client_id": "client-id", + "content_config": [], + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesWizWebhook + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "wiz-webhook-source", + "type": models.InputWizWebhookType.WIZ_WEBHOOK, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 10080, + }) + + # Handle response + print(res) + +``` +### Example Usage: UpdateInputExamplesZscalerHec + + +```python +from cribl_control_plane import CriblControlPlane, models +import os + + +with CriblControlPlane( + "https://api.example.com", + security=models.Security( + bearer_auth=os.getenv("CRIBLCONTROLPLANE_BEARER_AUTH", ""), + ), +) as ccp_client: + + res = ccp_client.sources.update(id="", input_={ + "id": "zscaler-hec-source", + "type": models.InputZscalerHecType.ZSCALER_HEC, + "send_to_routes": True, + "pq_enabled": False, + "host": "0.0.0.0", + "port": 8088, + "hec_api": "/services/collector", + }) + + # Handle response + print(res) + ``` ### Parameters diff --git a/docs/sdks/sourcespq/README.md b/docs/sdks/sourcespq/README.md index a1ba878a9..587205c03 100644 --- a/docs/sdks/sourcespq/README.md +++ b/docs/sdks/sourcespq/README.md @@ -4,16 +4,16 @@ ### Available Operations -* [clear](#clear) - Clear the persistent queue for a Source * [get](#get) - Get information about the latest job to clear the persistent queue for a Source +* [clear](#clear) - Clear the persistent queue for a Source -## clear +## get -Clear the persistent queue (PQ) for the specified Source. +Get information about the latest job to clear the persistent queue (PQ) for the specified Source. ### Example Usage - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -26,7 +26,7 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.sources.pq.clear(id="") + res = ccp_client.sources.pq.get(id="") # Handle response print(res) @@ -37,12 +37,12 @@ with CriblControlPlane( | Parameter | Type | Required | Description | | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | -| `id` | *str* | :heavy_check_mark: | The id of the Source to clear the PQ for. | +| `id` | *str* | :heavy_check_mark: | The id of the Source to get PQ job information for. | | `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | ### Response -**[models.CountedString](../../models/countedstring.md)** +**[models.CountedJobInfo](../../models/countedjobinfo.md)** ### Errors @@ -51,13 +51,13 @@ with CriblControlPlane( | errors.Error | 500 | application/json | | errors.APIError | 4XX, 5XX | \*/\* | -## get +## clear -Get information about the latest job to clear the persistent queue (PQ) for the specified Source. +Clear the persistent queue (PQ) for the specified Source. ### Example Usage - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -70,7 +70,7 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.sources.pq.get(id="") + res = ccp_client.sources.pq.clear(id="") # Handle response print(res) @@ -81,12 +81,12 @@ with CriblControlPlane( | Parameter | Type | Required | Description | | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------------------------------------------------------------- | -| `id` | *str* | :heavy_check_mark: | The id of the Source to get PQ job information for. | +| `id` | *str* | :heavy_check_mark: | The id of the Source to clear the PQ for. | | `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | ### Response -**[models.CountedJobInfo](../../models/countedjobinfo.md)** +**[models.CountedString](../../models/countedstring.md)** ### Errors diff --git a/docs/sdks/sourcesstatuses/README.md b/docs/sdks/sourcesstatuses/README.md index fb1420ddc..9326ae16b 100644 --- a/docs/sdks/sourcesstatuses/README.md +++ b/docs/sdks/sourcesstatuses/README.md @@ -4,16 +4,16 @@ ### Available Operations -* [get](#get) - Get the status of a Source * [list](#list) - List the status of all Sources +* [get](#get) - Get the status of a Source -## get +## list -Get the status and optional metrics for the specified Source. +List status information and optional metrics for all configured Sources in the Worker Group or Edge Fleet. ### Example Usage - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -26,25 +26,28 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.sources.statuses.get(id="") + res = ccp_client.sources.statuses.list() - # Handle response - print(res) + while res is not None: + # Handle items + + res = res.next() ``` ### Parameters -| Parameter | Type | Required | Description | -| ---------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | -| `id` | *str* | :heavy_check_mark: | The id of the Source to get the status for. | -| `metrics` | *Optional[bool]* | :heavy_minus_sign: | Set to true to include metrics for each Source. Otherwise, false (default). | -| `type` | *Optional[bool]* | :heavy_minus_sign: | Set to true to prefix the Source id with the Source type. Otherwise, false (default). | -| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | +| Parameter | Type | Required | Description | +| -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | +| `metrics` | *Optional[bool]* | :heavy_minus_sign: | Set to true to include metrics for each Source. Otherwise, false (default). | +| `type` | *Optional[bool]* | :heavy_minus_sign: | Set to true to prefix the Source id with the Source type. Otherwise, false (default). | +| `offset` | *Optional[int]* | :heavy_minus_sign: | Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. | +| `limit` | *Optional[int]* | :heavy_minus_sign: | Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | ### Response -**[models.CountedInputStatus](../../models/countedinputstatus.md)** +**[models.GetInputStatusResponse](../../models/getinputstatusresponse.md)** ### Errors @@ -53,13 +56,13 @@ with CriblControlPlane( | errors.Error | 500 | application/json | | errors.APIError | 4XX, 5XX | \*/\* | -## list +## get -List status information and optional metrics for all configured Sources in the Worker Group or Edge Fleet. +Get the status and optional metrics for the specified Source. ### Example Usage - + ```python from cribl_control_plane import CriblControlPlane, models import os @@ -72,28 +75,25 @@ with CriblControlPlane( ), ) as ccp_client: - res = ccp_client.sources.statuses.list() - - while res is not None: - # Handle items + res = ccp_client.sources.statuses.get(id="") - res = res.next() + # Handle response + print(res) ``` ### Parameters -| Parameter | Type | Required | Description | -| -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -| `metrics` | *Optional[bool]* | :heavy_minus_sign: | Set to true to include metrics for each Source. Otherwise, false (default). | -| `type` | *Optional[bool]* | :heavy_minus_sign: | Set to true to prefix the Source id with the Source type. Otherwise, false (default). | -| `offset` | *Optional[int]* | :heavy_minus_sign: | Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. | -| `limit` | *Optional[int]* | :heavy_minus_sign: | Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. | -| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | +| Parameter | Type | Required | Description | +| ---------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | +| `id` | *str* | :heavy_check_mark: | The id of the Source to get the status for. | +| `metrics` | *Optional[bool]* | :heavy_minus_sign: | Set to true to include metrics for each Source. Otherwise, false (default). | +| `type` | *Optional[bool]* | :heavy_minus_sign: | Set to true to prefix the Source id with the Source type. Otherwise, false (default). | +| `retries` | [Optional[utils.RetryConfig]](../../models/utils/retryconfig.md) | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. | ### Response -**[models.GetInputStatusResponse](../../models/getinputstatusresponse.md)** +**[models.CountedInputStatus](../../models/countedinputstatus.md)** ### Errors diff --git a/docs/sdks/summaries/README.md b/docs/sdks/summaries/README.md index 95b185fe0..02a1a3cbc 100644 --- a/docs/sdks/summaries/README.md +++ b/docs/sdks/summaries/README.md @@ -8,7 +8,7 @@ ## get -Get a summary of the deployment for the specified Cribl product (Stream or Edge).

The summary includes a count of Worker Groups or Edge Fleets and resources such as Pipelines, Routes, Sources, and Destinations. For Distributed deployments, it also includes a count and statistics for Worker or Edge Nodes. +Get a summary of the deployment for the specified Cribl product (Stream or Edge).

The summary includes a count of Worker Groups or Edge Fleets and resources such as Pipelines, Routes, Sources, and Destinations. For Distributed deployments, it also includes a count and statistics for Worker or Edge Nodes. ### Example Usage diff --git a/docs/sdks/tokens/README.md b/docs/sdks/tokens/README.md index 0402082ce..8d46e0ef3 100644 --- a/docs/sdks/tokens/README.md +++ b/docs/sdks/tokens/README.md @@ -8,7 +8,7 @@ ## get -This endpoint is unavailable on Cribl.Cloud.Instead, follow the instructions at https://docs.cribl.io/stream/api-tutorials/#criblcloud to get an Auth token for Cribl.Cloud. +This endpoint is unavailable on Cribl.Cloud. Instead, follow the instructions at https://docs.cribl.io/stream/api-tutorials/#criblcloud to get an Auth token for Cribl.Cloud. ### Example Usage diff --git a/pyproject.toml b/pyproject.toml index 3e16900d4..8585d309d 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,7 +1,7 @@ [project] name = "cribl-control-plane" -version = "0.8.1" +version = "0.9.0" description = "Python Client SDK Generated by Speakeasy." authors = [{ name = "Speakeasy" },] readme = "README-PYPI.md" diff --git a/src/cribl_control_plane/_version.py b/src/cribl_control_plane/_version.py index b69ab37d7..6a5f55732 100644 --- a/src/cribl_control_plane/_version.py +++ b/src/cribl_control_plane/_version.py @@ -3,11 +3,11 @@ import importlib.metadata __title__: str = "cribl-control-plane" -__version__: str = "0.8.1" -__openapi_doc_version__: str = "4.18.1-37206a7f" -__gen_version__: str = "2.885.0" +__version__: str = "0.9.0" +__openapi_doc_version__: str = "4.18.2-fd1f0d2f" +__gen_version__: str = "2.911.0" __user_agent__: str = ( - "speakeasy-sdk/python 0.8.1 2.885.0 4.18.1-37206a7f cribl-control-plane" + "speakeasy-sdk/python 0.9.0 2.911.0 4.18.2-fd1f0d2f cribl-control-plane" ) try: diff --git a/src/cribl_control_plane/captures.py b/src/cribl_control_plane/captures.py index c79f359f0..95c95cc33 100644 --- a/src/cribl_control_plane/captures.py +++ b/src/cribl_control_plane/captures.py @@ -25,9 +25,9 @@ def create( timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> jsonl.JsonLStream[Dict[str, Any]]: - r"""Capture live incoming data + r"""Capture live data - Initiate a live data capture from Cribl Workers.Returns a stream of captured events in NDJSON format that match the parameters specified in the request body. + Initiate a live data capture from Cribl Workers. Returns a stream of captured events in NDJSON format that match the parameters specified in the request body. :param duration: Amount of time to keep capture open, in seconds. If not provided, the default is 5 seconds. :param filter_: JavaScript expression evaluated against each event to determine whether an event is included in the capture output. Expressions can reference any event field and use logical operators. If not provided, all events are captured. @@ -147,9 +147,9 @@ async def create_async( timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> jsonl.JsonLStreamAsync[Dict[str, Any]]: - r"""Capture live incoming data + r"""Capture live data - Initiate a live data capture from Cribl Workers.Returns a stream of captured events in NDJSON format that match the parameters specified in the request body. + Initiate a live data capture from Cribl Workers. Returns a stream of captured events in NDJSON format that match the parameters specified in the request body. :param duration: Amount of time to keep capture open, in seconds. If not provided, the default is 5 seconds. :param filter_: JavaScript expression evaluated against each event to determine whether an event is included in the capture output. Expressions can reference any event field and use logical operators. If not provided, all events are captured. diff --git a/src/cribl_control_plane/collectors_sdk.py b/src/cribl_control_plane/collectors_sdk.py index 7323d6189..b949c92b8 100644 --- a/src/cribl_control_plane/collectors_sdk.py +++ b/src/cribl_control_plane/collectors_sdk.py @@ -12,20 +12,20 @@ class CollectorsSDK(BaseSDK): r"""Actions related to Collectors""" - def create( + def list( self, *, - request: Union[models.SavedJob, models.SavedJobTypedDict], + collector_type: Optional[models.CollectorType] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedSavedJobResponse: - r"""Create a Collector + r"""List all Collectors - Create a new Collector. + Get a list of all Collectors. - :param request: The request object to send. + :param collector_type: Filter by collector type :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -41,26 +41,23 @@ def create( else: base_url = self._get_url(base_url, url_variables) - if not isinstance(request, BaseModel): - request = utils.unmarshal(request, models.SavedJob) - request = cast(models.SavedJob, request) + request = models.GetSavedJobRequest( + collector_type=collector_type, + ) req = self._build_request( - method="POST", + method="GET", path="/lib/jobs", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=True, + request_body_required=False, request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, - get_serialized_body=lambda: utils.serialize_request_body( - request, False, False, "json", models.SavedJob - ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -81,7 +78,7 @@ def create( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="createSavedJob", + operation_id="getSavedJob", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -107,20 +104,20 @@ def create( raise errors.APIError("Unexpected response received", http_res) - async def create_async( + async def list_async( self, *, - request: Union[models.SavedJob, models.SavedJobTypedDict], + collector_type: Optional[models.CollectorType] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedSavedJobResponse: - r"""Create a Collector + r"""List all Collectors - Create a new Collector. + Get a list of all Collectors. - :param request: The request object to send. + :param collector_type: Filter by collector type :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -136,26 +133,23 @@ async def create_async( else: base_url = self._get_url(base_url, url_variables) - if not isinstance(request, BaseModel): - request = utils.unmarshal(request, models.SavedJob) - request = cast(models.SavedJob, request) + request = models.GetSavedJobRequest( + collector_type=collector_type, + ) req = self._build_request_async( - method="POST", + method="GET", path="/lib/jobs", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=True, + request_body_required=False, request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, - get_serialized_body=lambda: utils.serialize_request_body( - request, False, False, "json", models.SavedJob - ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -176,7 +170,7 @@ async def create_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="createSavedJob", + operation_id="getSavedJob", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -202,20 +196,20 @@ async def create_async( raise errors.APIError("Unexpected response received", http_res) - def list( + def create( self, *, - collector_type: Optional[str] = None, + request: Union[models.SavedJob, models.SavedJobTypedDict], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedSavedJobResponse: - r"""List all Collectors + r"""Create a Collector - Get a list of all Collectors. + Create a new Collector. - :param collector_type: Filter by collector type + :param request: The request object to send. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -231,23 +225,26 @@ def list( else: base_url = self._get_url(base_url, url_variables) - request = models.GetSavedJobRequest( - collector_type=collector_type, - ) + if not isinstance(request, BaseModel): + request = utils.unmarshal(request, models.SavedJob) + request = cast(models.SavedJob, request) req = self._build_request( - method="GET", + method="POST", path="/lib/jobs", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=False, + request_body_required=True, request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, + get_serialized_body=lambda: utils.serialize_request_body( + request, False, False, "json", models.SavedJob + ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -268,7 +265,7 @@ def list( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getSavedJob", + operation_id="createSavedJob", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -294,20 +291,20 @@ def list( raise errors.APIError("Unexpected response received", http_res) - async def list_async( + async def create_async( self, *, - collector_type: Optional[str] = None, + request: Union[models.SavedJob, models.SavedJobTypedDict], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedSavedJobResponse: - r"""List all Collectors + r"""Create a Collector - Get a list of all Collectors. + Create a new Collector. - :param collector_type: Filter by collector type + :param request: The request object to send. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -323,23 +320,26 @@ async def list_async( else: base_url = self._get_url(base_url, url_variables) - request = models.GetSavedJobRequest( - collector_type=collector_type, - ) + if not isinstance(request, BaseModel): + request = utils.unmarshal(request, models.SavedJob) + request = cast(models.SavedJob, request) req = self._build_request_async( - method="GET", + method="POST", path="/lib/jobs", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=False, + request_body_required=True, request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, + get_serialized_body=lambda: utils.serialize_request_body( + request, False, False, "json", models.SavedJob + ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -360,7 +360,7 @@ async def list_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getSavedJob", + operation_id="createSavedJob", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -386,7 +386,7 @@ async def list_async( raise errors.APIError("Unexpected response received", http_res) - def delete( + def get( self, *, id: str, @@ -395,11 +395,11 @@ def delete( timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedSavedJobResponse: - r"""Delete a Collector + r"""Get a Collector - Delete the specified Collector. + Get the specified Collector. - :param id: The id of the Collector to delete. + :param id: The id of the Collector to get. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -415,12 +415,12 @@ def delete( else: base_url = self._get_url(base_url, url_variables) - request = models.DeleteSavedJobByIDRequest( + request = models.GetSavedJobByIDRequest( id=id, ) req = self._build_request( - method="DELETE", + method="GET", path="/lib/jobs/{id}", base_url=base_url, url_variables=url_variables, @@ -452,7 +452,7 @@ def delete( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="deleteSavedJobById", + operation_id="getSavedJobById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -478,7 +478,7 @@ def delete( raise errors.APIError("Unexpected response received", http_res) - async def delete_async( + async def get_async( self, *, id: str, @@ -487,11 +487,11 @@ async def delete_async( timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedSavedJobResponse: - r"""Delete a Collector + r"""Get a Collector - Delete the specified Collector. + Get the specified Collector. - :param id: The id of the Collector to delete. + :param id: The id of the Collector to get. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -507,12 +507,12 @@ async def delete_async( else: base_url = self._get_url(base_url, url_variables) - request = models.DeleteSavedJobByIDRequest( + request = models.GetSavedJobByIDRequest( id=id, ) req = self._build_request_async( - method="DELETE", + method="GET", path="/lib/jobs/{id}", base_url=base_url, url_variables=url_variables, @@ -544,7 +544,7 @@ async def delete_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="deleteSavedJobById", + operation_id="getSavedJobById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -570,20 +570,22 @@ async def delete_async( raise errors.APIError("Unexpected response received", http_res) - def get( + def update( self, *, id: str, + saved_job: Union[models.SavedJob, models.SavedJobTypedDict], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedSavedJobResponse: - r"""Get a Collector + r"""Update a Collector - Get the specified Collector. + Update the specified Collector.

Provide a complete representation of the Collector that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Collector.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Collector might not function as expected. - :param id: The id of the Collector to get. + :param id: The id of the Collector to update. + :param saved_job: SavedJob object. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -599,23 +601,27 @@ def get( else: base_url = self._get_url(base_url, url_variables) - request = models.GetSavedJobByIDRequest( + request = models.UpdateSavedJobByIDRequest( id=id, + saved_job=utils.get_pydantic_model(saved_job, models.SavedJob), ) req = self._build_request( - method="GET", + method="PATCH", path="/lib/jobs/{id}", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=False, + request_body_required=True, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, + get_serialized_body=lambda: utils.serialize_request_body( + request.saved_job, False, False, "json", models.SavedJob + ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -636,7 +642,7 @@ def get( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getSavedJobById", + operation_id="updateSavedJobById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -662,20 +668,22 @@ def get( raise errors.APIError("Unexpected response received", http_res) - async def get_async( + async def update_async( self, *, id: str, + saved_job: Union[models.SavedJob, models.SavedJobTypedDict], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedSavedJobResponse: - r"""Get a Collector + r"""Update a Collector - Get the specified Collector. + Update the specified Collector.

Provide a complete representation of the Collector that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Collector.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Collector might not function as expected. - :param id: The id of the Collector to get. + :param id: The id of the Collector to update. + :param saved_job: SavedJob object. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -691,23 +699,27 @@ async def get_async( else: base_url = self._get_url(base_url, url_variables) - request = models.GetSavedJobByIDRequest( + request = models.UpdateSavedJobByIDRequest( id=id, + saved_job=utils.get_pydantic_model(saved_job, models.SavedJob), ) req = self._build_request_async( - method="GET", + method="PATCH", path="/lib/jobs/{id}", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=False, + request_body_required=True, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, + get_serialized_body=lambda: utils.serialize_request_body( + request.saved_job, False, False, "json", models.SavedJob + ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -728,7 +740,7 @@ async def get_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getSavedJobById", + operation_id="updateSavedJobById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -754,22 +766,20 @@ async def get_async( raise errors.APIError("Unexpected response received", http_res) - def update( + def delete( self, *, id: str, - saved_job: Union[models.SavedJob, models.SavedJobTypedDict], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedSavedJobResponse: - r"""Update a Collector + r"""Delete a Collector - Update the specified Collector.

Provide a complete representation of the Collector that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Collector.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Collector might not function as expected. + Delete the specified Collector. - :param id: The id of the Collector to update. - :param saved_job: SavedJob object. + :param id: The id of the Collector to delete. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -785,27 +795,23 @@ def update( else: base_url = self._get_url(base_url, url_variables) - request = models.UpdateSavedJobByIDRequest( + request = models.DeleteSavedJobByIDRequest( id=id, - saved_job=utils.get_pydantic_model(saved_job, models.SavedJob), ) req = self._build_request( - method="PATCH", + method="DELETE", path="/lib/jobs/{id}", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=True, + request_body_required=False, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, - get_serialized_body=lambda: utils.serialize_request_body( - request.saved_job, False, False, "json", models.SavedJob - ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -826,7 +832,7 @@ def update( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="updateSavedJobById", + operation_id="deleteSavedJobById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -852,22 +858,20 @@ def update( raise errors.APIError("Unexpected response received", http_res) - async def update_async( + async def delete_async( self, *, id: str, - saved_job: Union[models.SavedJob, models.SavedJobTypedDict], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedSavedJobResponse: - r"""Update a Collector + r"""Delete a Collector - Update the specified Collector.

Provide a complete representation of the Collector that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Collector.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Collector might not function as expected. + Delete the specified Collector. - :param id: The id of the Collector to update. - :param saved_job: SavedJob object. + :param id: The id of the Collector to delete. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -883,27 +887,23 @@ async def update_async( else: base_url = self._get_url(base_url, url_variables) - request = models.UpdateSavedJobByIDRequest( + request = models.DeleteSavedJobByIDRequest( id=id, - saved_job=utils.get_pydantic_model(saved_job, models.SavedJob), ) req = self._build_request_async( - method="PATCH", + method="DELETE", path="/lib/jobs/{id}", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=True, + request_body_required=False, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, - get_serialized_body=lambda: utils.serialize_request_body( - request.saved_job, False, False, "json", models.SavedJob - ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -924,7 +924,7 @@ async def update_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="updateSavedJobById", + operation_id="deleteSavedJobById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security diff --git a/src/cribl_control_plane/commits.py b/src/cribl_control_plane/commits.py index 075caeebd..39797e290 100644 --- a/src/cribl_control_plane/commits.py +++ b/src/cribl_control_plane/commits.py @@ -8,7 +8,7 @@ from cribl_control_plane.types import OptionalNullable, UNSET from cribl_control_plane.utils import get_security_from_env from cribl_control_plane.utils.unmarshal_json_response import unmarshal_json_response -from typing import Any, List, Mapping, Optional +from typing import Any, Iterable, List, Mapping, Optional class Commits(BaseSDK): @@ -24,24 +24,20 @@ def __init__( def _init_sdks(self): self.files = Files(self.sdk_configuration, parent_ref=self.parent_ref) - def create( + def list( self, *, - message: str, - effective: Optional[bool] = None, - files: Optional[List[str]] = None, + count: Optional[int] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedGitCommitSummary: - r"""Create a new commit for pending changes to the Cribl configuration + ) -> models.CountedGitLogResult: + r"""List the commit history - Create a new commit for pending changes to the Cribl configuration. Any merge conflicts indicated in the response must be resolved using Git.

To commit only a subset of configuration changes, specify the files to include in the commit in the files array. + List the commit history.

Analogous to git log for the Cribl configuration, allowing you to audit and review changes over time. - :param message: - :param effective: - :param files: + :param count: Maximum number of commits to return in the response for this request. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -57,28 +53,23 @@ def create( else: base_url = self._get_url(base_url, url_variables) - request = models.GitCommitBody( - effective=effective, - files=files, - message=message, + request = models.GetVersionRequest( + count=count, ) req = self._build_request( - method="POST", - path="/version/commit", + method="GET", + path="/version", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=True, + request_body_required=False, request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, - get_serialized_body=lambda: utils.serialize_request_body( - request, False, False, "json", models.GitCommitBody - ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -99,7 +90,7 @@ def create( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="createVersionCommit", + operation_id="getVersion", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -112,7 +103,7 @@ def create( response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedGitCommitSummary, http_res) + return unmarshal_json_response(models.CountedGitLogResult, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) @@ -125,24 +116,20 @@ def create( raise errors.APIError("Unexpected response received", http_res) - async def create_async( + async def list_async( self, *, - message: str, - effective: Optional[bool] = None, - files: Optional[List[str]] = None, + count: Optional[int] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedGitCommitSummary: - r"""Create a new commit for pending changes to the Cribl configuration + ) -> models.CountedGitLogResult: + r"""List the commit history - Create a new commit for pending changes to the Cribl configuration. Any merge conflicts indicated in the response must be resolved using Git.

To commit only a subset of configuration changes, specify the files to include in the commit in the files array. + List the commit history.

Analogous to git log for the Cribl configuration, allowing you to audit and review changes over time. - :param message: - :param effective: - :param files: + :param count: Maximum number of commits to return in the response for this request. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -158,28 +145,23 @@ async def create_async( else: base_url = self._get_url(base_url, url_variables) - request = models.GitCommitBody( - effective=effective, - files=files, - message=message, + request = models.GetVersionRequest( + count=count, ) req = self._build_request_async( - method="POST", - path="/version/commit", + method="GET", + path="/version", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=True, + request_body_required=False, request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, - get_serialized_body=lambda: utils.serialize_request_body( - request, False, False, "json", models.GitCommitBody - ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -200,7 +182,7 @@ async def create_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="createVersionCommit", + operation_id="getVersion", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -213,7 +195,7 @@ async def create_async( response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedGitCommitSummary, http_res) + return unmarshal_json_response(models.CountedGitLogResult, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) @@ -226,24 +208,24 @@ async def create_async( raise errors.APIError("Unexpected response received", http_res) - def diff( + def create( self, *, - commit: Optional[str] = None, - filename: Optional[str] = None, - diff_line_limit: Optional[int] = None, + message: str, + effective: Optional[bool] = None, + files: Optional[Iterable[str]] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedGitDiffResult: - r"""Get the diff for a commit + ) -> models.CountedGitCommitSummary: + r"""Create a new commit for pending changes to the Cribl configuration - Get the diff for a commit. Default is the latest commit (HEAD). + Create a new commit for pending changes to the Cribl configuration. Any merge conflicts indicated in the response must be resolved using Git.

To commit only a subset of configuration changes, specify the files to include in the commit in the files array. - :param commit: The Git commit hash to get the diff for. - :param filename: The relative path of the file to get the diff for. - :param diff_line_limit: Number of lines of the diff to return. Default is 1000. Set to 0 to return the full diff, regardless of the number of lines. + :param message: + :param effective: + :param files: :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -259,25 +241,28 @@ def diff( else: base_url = self._get_url(base_url, url_variables) - request = models.GetVersionDiffRequest( - commit=commit, - filename=filename, - diff_line_limit=diff_line_limit, + request = models.GitCommitBody( + effective=effective, + files=utils.unmarshal(files, Optional[List[str]]), + message=message, ) req = self._build_request( - method="GET", - path="/version/diff", + method="POST", + path="/version/commit", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=False, + request_body_required=True, request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, + get_serialized_body=lambda: utils.serialize_request_body( + request, False, False, "json", models.GitCommitBody + ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -298,7 +283,7 @@ def diff( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getVersionDiff", + operation_id="createVersionCommit", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -311,7 +296,7 @@ def diff( response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedGitDiffResult, http_res) + return unmarshal_json_response(models.CountedGitCommitSummary, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) @@ -324,24 +309,24 @@ def diff( raise errors.APIError("Unexpected response received", http_res) - async def diff_async( + async def create_async( self, *, - commit: Optional[str] = None, - filename: Optional[str] = None, - diff_line_limit: Optional[int] = None, + message: str, + effective: Optional[bool] = None, + files: Optional[Iterable[str]] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedGitDiffResult: - r"""Get the diff for a commit + ) -> models.CountedGitCommitSummary: + r"""Create a new commit for pending changes to the Cribl configuration - Get the diff for a commit. Default is the latest commit (HEAD). + Create a new commit for pending changes to the Cribl configuration. Any merge conflicts indicated in the response must be resolved using Git.

To commit only a subset of configuration changes, specify the files to include in the commit in the files array. - :param commit: The Git commit hash to get the diff for. - :param filename: The relative path of the file to get the diff for. - :param diff_line_limit: Number of lines of the diff to return. Default is 1000. Set to 0 to return the full diff, regardless of the number of lines. + :param message: + :param effective: + :param files: :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -357,25 +342,28 @@ async def diff_async( else: base_url = self._get_url(base_url, url_variables) - request = models.GetVersionDiffRequest( - commit=commit, - filename=filename, - diff_line_limit=diff_line_limit, + request = models.GitCommitBody( + effective=effective, + files=utils.unmarshal(files, Optional[List[str]]), + message=message, ) req = self._build_request_async( - method="GET", - path="/version/diff", + method="POST", + path="/version/commit", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=False, + request_body_required=True, request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, + get_serialized_body=lambda: utils.serialize_request_body( + request, False, False, "json", models.GitCommitBody + ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -396,7 +384,7 @@ async def diff_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getVersionDiff", + operation_id="createVersionCommit", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -409,7 +397,7 @@ async def diff_async( response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedGitDiffResult, http_res) + return unmarshal_json_response(models.CountedGitCommitSummary, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) @@ -422,20 +410,24 @@ async def diff_async( raise errors.APIError("Unexpected response received", http_res) - def list( + def diff( self, *, - count: Optional[int] = None, + commit: Optional[str] = None, + filename: Optional[str] = None, + diff_line_limit: Optional[int] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedGitLogResult: - r"""List the commit history + ) -> models.CountedGitDiffResult: + r"""Get the diff for a commit - List the commit history.

Analogous to git log for the Cribl configuration, allowing you to audit and review changes over time. + Get the diff for a commit. Default is the latest commit (HEAD). - :param count: Maximum number of commits to return in the response for this request. + :param commit: The Git commit hash to get the diff for. + :param filename: The relative path of the file to get the diff for. + :param diff_line_limit: Number of lines of the diff to return. Default is 1000. Set to 0 to return the full diff, regardless of the number of lines. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -451,13 +443,15 @@ def list( else: base_url = self._get_url(base_url, url_variables) - request = models.GetVersionRequest( - count=count, + request = models.GetVersionDiffRequest( + commit=commit, + filename=filename, + diff_line_limit=diff_line_limit, ) req = self._build_request( method="GET", - path="/version", + path="/version/diff", base_url=base_url, url_variables=url_variables, request=request, @@ -488,7 +482,7 @@ def list( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getVersion", + operation_id="getVersionDiff", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -501,7 +495,7 @@ def list( response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedGitLogResult, http_res) + return unmarshal_json_response(models.CountedGitDiffResult, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) @@ -514,20 +508,24 @@ def list( raise errors.APIError("Unexpected response received", http_res) - async def list_async( + async def diff_async( self, *, - count: Optional[int] = None, + commit: Optional[str] = None, + filename: Optional[str] = None, + diff_line_limit: Optional[int] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedGitLogResult: - r"""List the commit history + ) -> models.CountedGitDiffResult: + r"""Get the diff for a commit - List the commit history.

Analogous to git log for the Cribl configuration, allowing you to audit and review changes over time. + Get the diff for a commit. Default is the latest commit (HEAD). - :param count: Maximum number of commits to return in the response for this request. + :param commit: The Git commit hash to get the diff for. + :param filename: The relative path of the file to get the diff for. + :param diff_line_limit: Number of lines of the diff to return. Default is 1000. Set to 0 to return the full diff, regardless of the number of lines. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -543,13 +541,15 @@ async def list_async( else: base_url = self._get_url(base_url, url_variables) - request = models.GetVersionRequest( - count=count, + request = models.GetVersionDiffRequest( + commit=commit, + filename=filename, + diff_line_limit=diff_line_limit, ) req = self._build_request_async( method="GET", - path="/version", + path="/version/diff", base_url=base_url, url_variables=url_variables, request=request, @@ -580,7 +580,7 @@ async def list_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getVersion", + operation_id="getVersionDiff", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -593,7 +593,7 @@ async def list_async( response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedGitLogResult, http_res) + return unmarshal_json_response(models.CountedGitDiffResult, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) diff --git a/src/cribl_control_plane/cribl.py b/src/cribl_control_plane/cribl.py index 437167b36..7038625a7 100644 --- a/src/cribl_control_plane/cribl.py +++ b/src/cribl_control_plane/cribl.py @@ -18,7 +18,7 @@ def list( timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedSystemSettingsConf: - r"""Get Cribl system settings + r"""Get system settings Get Cribl system settings. @@ -103,7 +103,7 @@ async def list_async( timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedSystemSettingsConf: - r"""Get Cribl system settings + r"""Get system settings Get Cribl system settings. diff --git a/src/cribl_control_plane/databaseconnections.py b/src/cribl_control_plane/databaseconnections.py index bd6af90f5..6afebea41 100644 --- a/src/cribl_control_plane/databaseconnections.py +++ b/src/cribl_control_plane/databaseconnections.py @@ -12,44 +12,20 @@ class DatabaseConnections(BaseSDK): r"""Actions related to DatabaseConnections""" - def create( + def list( self, *, - auth_type: str, - database_type: models.DatabaseConnectionType, - description: str, - id: str, - config_obj: Optional[str] = None, - connection_string: Optional[str] = None, - connection_timeout: Optional[float] = None, - creds_secrets: Optional[str] = None, - password: Optional[str] = None, - request_timeout: Optional[float] = None, - tags: Optional[str] = None, - text_secret: Optional[str] = None, - user: Optional[str] = None, + database_type: Optional[models.DatabaseConnectionType] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedDatabaseConnectionConfig: - r"""Create Database Connection + r"""List Database Connections - Create a new Database Connection. + Get a list of all Database Connections. - :param auth_type: - :param database_type: - :param description: - :param id: - :param config_obj: - :param connection_string: - :param connection_timeout: - :param creds_secrets: - :param password: - :param request_timeout: - :param tags: - :param text_secret: - :param user: + :param database_type: Type of Database Connections to include in the results. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -65,38 +41,23 @@ def create( else: base_url = self._get_url(base_url, url_variables) - request = models.DatabaseConnectionConfig( - auth_type=auth_type, - config_obj=config_obj, - connection_string=connection_string, - connection_timeout=connection_timeout, - creds_secrets=creds_secrets, + request = models.GetDatabaseConnectionConfigRequest( database_type=database_type, - description=description, - id=id, - password=password, - request_timeout=request_timeout, - tags=tags, - text_secret=text_secret, - user=user, ) req = self._build_request( - method="POST", + method="GET", path="/lib/database-connections", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=True, + request_body_required=False, request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, - get_serialized_body=lambda: utils.serialize_request_body( - request, False, False, "json", models.DatabaseConnectionConfig - ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -117,7 +78,7 @@ def create( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="createDatabaseConnectionConfig", + operation_id="getDatabaseConnectionConfig", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -145,44 +106,20 @@ def create( raise errors.APIError("Unexpected response received", http_res) - async def create_async( + async def list_async( self, *, - auth_type: str, - database_type: models.DatabaseConnectionType, - description: str, - id: str, - config_obj: Optional[str] = None, - connection_string: Optional[str] = None, - connection_timeout: Optional[float] = None, - creds_secrets: Optional[str] = None, - password: Optional[str] = None, - request_timeout: Optional[float] = None, - tags: Optional[str] = None, - text_secret: Optional[str] = None, - user: Optional[str] = None, + database_type: Optional[models.DatabaseConnectionType] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedDatabaseConnectionConfig: - r"""Create Database Connection + r"""List Database Connections - Create a new Database Connection. + Get a list of all Database Connections. - :param auth_type: - :param database_type: - :param description: - :param id: - :param config_obj: - :param connection_string: - :param connection_timeout: - :param creds_secrets: - :param password: - :param request_timeout: - :param tags: - :param text_secret: - :param user: + :param database_type: Type of Database Connections to include in the results. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -198,38 +135,23 @@ async def create_async( else: base_url = self._get_url(base_url, url_variables) - request = models.DatabaseConnectionConfig( - auth_type=auth_type, - config_obj=config_obj, - connection_string=connection_string, - connection_timeout=connection_timeout, - creds_secrets=creds_secrets, + request = models.GetDatabaseConnectionConfigRequest( database_type=database_type, - description=description, - id=id, - password=password, - request_timeout=request_timeout, - tags=tags, - text_secret=text_secret, - user=user, ) req = self._build_request_async( - method="POST", + method="GET", path="/lib/database-connections", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=True, + request_body_required=False, request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, - get_serialized_body=lambda: utils.serialize_request_body( - request, False, False, "json", models.DatabaseConnectionConfig - ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -250,7 +172,7 @@ async def create_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="createDatabaseConnectionConfig", + operation_id="getDatabaseConnectionConfig", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -278,20 +200,44 @@ async def create_async( raise errors.APIError("Unexpected response received", http_res) - def delete( + def create( self, *, + auth_type: str, + database_type: models.DatabaseConnectionType, + description: str, id: str, + config_obj: Optional[str] = None, + connection_string: Optional[str] = None, + connection_timeout: Optional[float] = None, + creds_secrets: Optional[str] = None, + password: Optional[str] = None, + request_timeout: Optional[float] = None, + tags: Optional[str] = None, + text_secret: Optional[str] = None, + user: Optional[str] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedDatabaseConnectionConfig: - r"""Delete a Database Connection + r"""Create Database Connection - Delete the specified Database Connection. + Create a new Database Connection. - :param id: The id of the Database Connection to delete. + :param auth_type: + :param database_type: + :param description: + :param id: + :param config_obj: + :param connection_string: + :param connection_timeout: + :param creds_secrets: + :param password: + :param request_timeout: + :param tags: + :param text_secret: + :param user: :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -307,23 +253,38 @@ def delete( else: base_url = self._get_url(base_url, url_variables) - request = models.DeleteDatabaseConnectionConfigByIDRequest( + request = models.DatabaseConnectionConfig( + auth_type=auth_type, + config_obj=config_obj, + connection_string=connection_string, + connection_timeout=connection_timeout, + creds_secrets=creds_secrets, + database_type=database_type, + description=description, id=id, + password=password, + request_timeout=request_timeout, + tags=tags, + text_secret=text_secret, + user=user, ) req = self._build_request( - method="DELETE", - path="/lib/database-connections/{id}", + method="POST", + path="/lib/database-connections", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=False, - request_has_path_params=True, + request_body_required=True, + request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, + get_serialized_body=lambda: utils.serialize_request_body( + request, False, False, "json", models.DatabaseConnectionConfig + ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -344,7 +305,7 @@ def delete( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="deleteDatabaseConnectionConfigById", + operation_id="createDatabaseConnectionConfig", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -372,20 +333,44 @@ def delete( raise errors.APIError("Unexpected response received", http_res) - async def delete_async( + async def create_async( self, *, + auth_type: str, + database_type: models.DatabaseConnectionType, + description: str, id: str, + config_obj: Optional[str] = None, + connection_string: Optional[str] = None, + connection_timeout: Optional[float] = None, + creds_secrets: Optional[str] = None, + password: Optional[str] = None, + request_timeout: Optional[float] = None, + tags: Optional[str] = None, + text_secret: Optional[str] = None, + user: Optional[str] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedDatabaseConnectionConfig: - r"""Delete a Database Connection + r"""Create Database Connection - Delete the specified Database Connection. + Create a new Database Connection. - :param id: The id of the Database Connection to delete. + :param auth_type: + :param database_type: + :param description: + :param id: + :param config_obj: + :param connection_string: + :param connection_timeout: + :param creds_secrets: + :param password: + :param request_timeout: + :param tags: + :param text_secret: + :param user: :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -401,23 +386,38 @@ async def delete_async( else: base_url = self._get_url(base_url, url_variables) - request = models.DeleteDatabaseConnectionConfigByIDRequest( + request = models.DatabaseConnectionConfig( + auth_type=auth_type, + config_obj=config_obj, + connection_string=connection_string, + connection_timeout=connection_timeout, + creds_secrets=creds_secrets, + database_type=database_type, + description=description, id=id, + password=password, + request_timeout=request_timeout, + tags=tags, + text_secret=text_secret, + user=user, ) req = self._build_request_async( - method="DELETE", - path="/lib/database-connections/{id}", + method="POST", + path="/lib/database-connections", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=False, - request_has_path_params=True, + request_body_required=True, + request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, + get_serialized_body=lambda: utils.serialize_request_body( + request, False, False, "json", models.DatabaseConnectionConfig + ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -438,7 +438,7 @@ async def delete_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="deleteDatabaseConnectionConfigById", + operation_id="createDatabaseConnectionConfig", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -678,7 +678,7 @@ def update( ) -> models.CountedDatabaseConnectionConfig: r"""Update a Database Connection - Update the specified Database Connection.

Provide a complete representation of the Database Connection that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Database Connection.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Database Connection might not function as expected. + Update the specified Database Connection.

Provide a complete representation of the Database Connection that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Database Connection.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Database Connection might not function as expected. :param id_param: The id of the Database Connection to update. :param auth_type: @@ -820,7 +820,7 @@ async def update_async( ) -> models.CountedDatabaseConnectionConfig: r"""Update a Database Connection - Update the specified Database Connection.

Provide a complete representation of the Database Connection that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Database Connection.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Database Connection might not function as expected. + Update the specified Database Connection.

Provide a complete representation of the Database Connection that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Database Connection.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Database Connection might not function as expected. :param id_param: The id of the Database Connection to update. :param auth_type: @@ -937,3 +937,191 @@ async def update_async( raise errors.APIError("API error occurred", http_res, http_res_text) raise errors.APIError("Unexpected response received", http_res) + + def delete( + self, + *, + id: str, + retries: OptionalNullable[utils.RetryConfig] = UNSET, + server_url: Optional[str] = None, + timeout_ms: Optional[int] = None, + http_headers: Optional[Mapping[str, str]] = None, + ) -> models.CountedDatabaseConnectionConfig: + r"""Delete a Database Connection + + Delete the specified Database Connection. + + :param id: The id of the Database Connection to delete. + :param retries: Override the default retry configuration for this method + :param server_url: Override the default server URL for this method + :param timeout_ms: Override the default request timeout configuration for this method in milliseconds + :param http_headers: Additional headers to set or replace on requests. + """ + base_url = None + url_variables = None + if timeout_ms is None: + timeout_ms = self.sdk_configuration.timeout_ms + + if server_url is not None: + base_url = server_url + else: + base_url = self._get_url(base_url, url_variables) + + request = models.DeleteDatabaseConnectionConfigByIDRequest( + id=id, + ) + + req = self._build_request( + method="DELETE", + path="/lib/database-connections/{id}", + base_url=base_url, + url_variables=url_variables, + request=request, + request_body_required=False, + request_has_path_params=True, + request_has_query_params=True, + user_agent_header="user-agent", + accept_header_value="application/json", + http_headers=http_headers, + security=self.sdk_configuration.security, + allow_empty_value=None, + timeout_ms=timeout_ms, + ) + + if retries == UNSET: + if self.sdk_configuration.retry_config is not UNSET: + retries = self.sdk_configuration.retry_config + else: + retries = utils.RetryConfig( + "backoff", utils.BackoffStrategy(500, 60000, 1.5, 3600000), True + ) + + retry_config = None + if isinstance(retries, utils.RetryConfig): + retry_config = (retries, ["429"]) + + http_res = self.do_request( + hook_ctx=HookContext( + config=self.sdk_configuration, + base_url=base_url or "", + operation_id="deleteDatabaseConnectionConfigById", + oauth2_scopes=[], + security_source=get_security_from_env( + self.sdk_configuration.security, models.Security + ), + ), + request=req, + is_error_status_code=lambda c: utils.match_status_codes(["4XX", "5XX"], c), + retry_config=retry_config, + ) + + response_data: Any = None + if utils.match_response(http_res, "200", "application/json"): + return unmarshal_json_response( + models.CountedDatabaseConnectionConfig, http_res + ) + if utils.match_response(http_res, "500", "application/json"): + response_data = unmarshal_json_response(errors.ErrorData, http_res) + raise errors.Error(response_data, http_res) + if utils.match_response(http_res, ["401", "4XX"], "*"): + http_res_text = utils.stream_to_text(http_res) + raise errors.APIError("API error occurred", http_res, http_res_text) + if utils.match_response(http_res, "5XX", "*"): + http_res_text = utils.stream_to_text(http_res) + raise errors.APIError("API error occurred", http_res, http_res_text) + + raise errors.APIError("Unexpected response received", http_res) + + async def delete_async( + self, + *, + id: str, + retries: OptionalNullable[utils.RetryConfig] = UNSET, + server_url: Optional[str] = None, + timeout_ms: Optional[int] = None, + http_headers: Optional[Mapping[str, str]] = None, + ) -> models.CountedDatabaseConnectionConfig: + r"""Delete a Database Connection + + Delete the specified Database Connection. + + :param id: The id of the Database Connection to delete. + :param retries: Override the default retry configuration for this method + :param server_url: Override the default server URL for this method + :param timeout_ms: Override the default request timeout configuration for this method in milliseconds + :param http_headers: Additional headers to set or replace on requests. + """ + base_url = None + url_variables = None + if timeout_ms is None: + timeout_ms = self.sdk_configuration.timeout_ms + + if server_url is not None: + base_url = server_url + else: + base_url = self._get_url(base_url, url_variables) + + request = models.DeleteDatabaseConnectionConfigByIDRequest( + id=id, + ) + + req = self._build_request_async( + method="DELETE", + path="/lib/database-connections/{id}", + base_url=base_url, + url_variables=url_variables, + request=request, + request_body_required=False, + request_has_path_params=True, + request_has_query_params=True, + user_agent_header="user-agent", + accept_header_value="application/json", + http_headers=http_headers, + security=self.sdk_configuration.security, + allow_empty_value=None, + timeout_ms=timeout_ms, + ) + + if retries == UNSET: + if self.sdk_configuration.retry_config is not UNSET: + retries = self.sdk_configuration.retry_config + else: + retries = utils.RetryConfig( + "backoff", utils.BackoffStrategy(500, 60000, 1.5, 3600000), True + ) + + retry_config = None + if isinstance(retries, utils.RetryConfig): + retry_config = (retries, ["429"]) + + http_res = await self.do_request_async( + hook_ctx=HookContext( + config=self.sdk_configuration, + base_url=base_url or "", + operation_id="deleteDatabaseConnectionConfigById", + oauth2_scopes=[], + security_source=get_security_from_env( + self.sdk_configuration.security, models.Security + ), + ), + request=req, + is_error_status_code=lambda c: utils.match_status_codes(["4XX", "5XX"], c), + retry_config=retry_config, + ) + + response_data: Any = None + if utils.match_response(http_res, "200", "application/json"): + return unmarshal_json_response( + models.CountedDatabaseConnectionConfig, http_res + ) + if utils.match_response(http_res, "500", "application/json"): + response_data = unmarshal_json_response(errors.ErrorData, http_res) + raise errors.Error(response_data, http_res) + if utils.match_response(http_res, ["401", "4XX"], "*"): + http_res_text = await utils.stream_to_text_async(http_res) + raise errors.APIError("API error occurred", http_res, http_res_text) + if utils.match_response(http_res, "5XX", "*"): + http_res_text = await utils.stream_to_text_async(http_res) + raise errors.APIError("API error occurred", http_res, http_res_text) + + raise errors.APIError("Unexpected response received", http_res) diff --git a/src/cribl_control_plane/datasets.py b/src/cribl_control_plane/datasets.py index 064518244..a48c1e3f4 100644 --- a/src/cribl_control_plane/datasets.py +++ b/src/cribl_control_plane/datasets.py @@ -6,334 +6,22 @@ from cribl_control_plane.types import OptionalNullable, UNSET from cribl_control_plane.utils import get_security_from_env from cribl_control_plane.utils.unmarshal_json_response import unmarshal_json_response -from typing import Any, List, Mapping, Optional, Union +from typing import Any, Iterable, List, Mapping, Optional, Union class Datasets(BaseSDK): - def create( - self, - *, - lake_id: str, - id: str, - accelerated_fields: Optional[List[str]] = None, - bucket_name: Optional[str] = None, - cache_connection: Optional[ - Union[models.CacheConnection, models.CacheConnectionTypedDict] - ] = None, - deletion_started_at: Optional[float] = None, - description: Optional[str] = None, - format_: Optional[models.FormatOptionsCriblLakeDataset] = None, - http_da_used: Optional[bool] = None, - metrics: Optional[ - Union[models.LakeDatasetMetrics, models.LakeDatasetMetricsTypedDict] - ] = None, - retention_period_in_days: Optional[int] = None, - search_config: Optional[ - Union[ - models.LakeDatasetSearchConfig, models.LakeDatasetSearchConfigTypedDict - ] - ] = None, - storage_class: Optional[models.StorageClassOptionsCriblLakeDataset] = None, - storage_location_id: Optional[str] = None, - view_name: Optional[str] = None, - retries: OptionalNullable[utils.RetryConfig] = UNSET, - server_url: Optional[str] = None, - timeout_ms: Optional[int] = None, - http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedCriblLakeDataset: - r"""Create a Lake Dataset (Cribl.Cloud only) - - Create a new Lake Dataset in the specified Lake (Cribl.Cloud only). - - :param lake_id: The id of the Lake to create the Lake Dataset in. - :param id: Unique identifier for the Dataset. - :param accelerated_fields: Accelerated fields for the Dataset. Data is partitioned by these fields in storage to improve query performance. - :param bucket_name: Name of the legacy Cribl Lake bucket that backs the Dataset. Mutually exclusive with storageLocationId. - :param cache_connection: - :param deletion_started_at: Timestamp (in Unix time) when Dataset deletion was initiated, in milliseconds. - :param description: Brief description of the Dataset. - :param format_: Storage format used for data persisted in the Dataset. - :param http_da_used: If true, the Dataset is used by Direct Access HTTP. - :param metrics: - :param retention_period_in_days: Dataset retention period, in days. - :param search_config: - :param storage_class: Storage class used for objects written to the Dataset. - :param storage_location_id: Identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName. - :param view_name: Name of the ClickHouse view for the Dataset on the Lakehouse. - :param retries: Override the default retry configuration for this method - :param server_url: Override the default server URL for this method - :param timeout_ms: Override the default request timeout configuration for this method in milliseconds - :param http_headers: Additional headers to set or replace on requests. - """ - base_url = None - url_variables = None - if timeout_ms is None: - timeout_ms = self.sdk_configuration.timeout_ms - - if server_url is not None: - base_url = server_url - else: - base_url = self._get_url(base_url, url_variables) - - request = models.CreateCriblLakeDatasetByLakeIDRequest( - lake_id=lake_id, - cribl_lake_dataset=models.CriblLakeDataset( - accelerated_fields=accelerated_fields, - bucket_name=bucket_name, - cache_connection=utils.get_pydantic_model( - cache_connection, Optional[models.CacheConnection] - ), - deletion_started_at=deletion_started_at, - description=description, - format_=format_, - http_da_used=http_da_used, - id=id, - metrics=utils.get_pydantic_model( - metrics, Optional[models.LakeDatasetMetrics] - ), - retention_period_in_days=retention_period_in_days, - search_config=utils.get_pydantic_model( - search_config, Optional[models.LakeDatasetSearchConfig] - ), - storage_class=storage_class, - storage_location_id=storage_location_id, - view_name=view_name, - ), - ) - - req = self._build_request( - method="POST", - path="/products/lake/lakes/{lakeId}/datasets", - base_url=base_url, - url_variables=url_variables, - request=request, - request_body_required=True, - request_has_path_params=True, - request_has_query_params=True, - user_agent_header="user-agent", - accept_header_value="application/json", - http_headers=http_headers, - security=self.sdk_configuration.security, - get_serialized_body=lambda: utils.serialize_request_body( - request.cribl_lake_dataset, - False, - False, - "json", - models.CriblLakeDataset, - ), - allow_empty_value=None, - timeout_ms=timeout_ms, - ) - - if retries == UNSET: - if self.sdk_configuration.retry_config is not UNSET: - retries = self.sdk_configuration.retry_config - else: - retries = utils.RetryConfig( - "backoff", utils.BackoffStrategy(500, 60000, 1.5, 3600000), True - ) - - retry_config = None - if isinstance(retries, utils.RetryConfig): - retry_config = (retries, ["429"]) - - http_res = self.do_request( - hook_ctx=HookContext( - config=self.sdk_configuration, - base_url=base_url or "", - operation_id="createCriblLakeDatasetByLakeId", - oauth2_scopes=[], - security_source=get_security_from_env( - self.sdk_configuration.security, models.Security - ), - ), - request=req, - is_error_status_code=lambda c: utils.match_status_codes(["4XX", "5XX"], c), - retry_config=retry_config, - ) - - response_data: Any = None - if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedCriblLakeDataset, http_res) - if utils.match_response(http_res, "500", "application/json"): - response_data = unmarshal_json_response(errors.ErrorData, http_res) - raise errors.Error(response_data, http_res) - if utils.match_response(http_res, ["401", "4XX"], "*"): - http_res_text = utils.stream_to_text(http_res) - raise errors.APIError("API error occurred", http_res, http_res_text) - if utils.match_response(http_res, "5XX", "*"): - http_res_text = utils.stream_to_text(http_res) - raise errors.APIError("API error occurred", http_res, http_res_text) - - raise errors.APIError("Unexpected response received", http_res) - - async def create_async( - self, - *, - lake_id: str, - id: str, - accelerated_fields: Optional[List[str]] = None, - bucket_name: Optional[str] = None, - cache_connection: Optional[ - Union[models.CacheConnection, models.CacheConnectionTypedDict] - ] = None, - deletion_started_at: Optional[float] = None, - description: Optional[str] = None, - format_: Optional[models.FormatOptionsCriblLakeDataset] = None, - http_da_used: Optional[bool] = None, - metrics: Optional[ - Union[models.LakeDatasetMetrics, models.LakeDatasetMetricsTypedDict] - ] = None, - retention_period_in_days: Optional[int] = None, - search_config: Optional[ - Union[ - models.LakeDatasetSearchConfig, models.LakeDatasetSearchConfigTypedDict - ] - ] = None, - storage_class: Optional[models.StorageClassOptionsCriblLakeDataset] = None, - storage_location_id: Optional[str] = None, - view_name: Optional[str] = None, - retries: OptionalNullable[utils.RetryConfig] = UNSET, - server_url: Optional[str] = None, - timeout_ms: Optional[int] = None, - http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedCriblLakeDataset: - r"""Create a Lake Dataset (Cribl.Cloud only) - - Create a new Lake Dataset in the specified Lake (Cribl.Cloud only). - - :param lake_id: The id of the Lake to create the Lake Dataset in. - :param id: Unique identifier for the Dataset. - :param accelerated_fields: Accelerated fields for the Dataset. Data is partitioned by these fields in storage to improve query performance. - :param bucket_name: Name of the legacy Cribl Lake bucket that backs the Dataset. Mutually exclusive with storageLocationId. - :param cache_connection: - :param deletion_started_at: Timestamp (in Unix time) when Dataset deletion was initiated, in milliseconds. - :param description: Brief description of the Dataset. - :param format_: Storage format used for data persisted in the Dataset. - :param http_da_used: If true, the Dataset is used by Direct Access HTTP. - :param metrics: - :param retention_period_in_days: Dataset retention period, in days. - :param search_config: - :param storage_class: Storage class used for objects written to the Dataset. - :param storage_location_id: Identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName. - :param view_name: Name of the ClickHouse view for the Dataset on the Lakehouse. - :param retries: Override the default retry configuration for this method - :param server_url: Override the default server URL for this method - :param timeout_ms: Override the default request timeout configuration for this method in milliseconds - :param http_headers: Additional headers to set or replace on requests. - """ - base_url = None - url_variables = None - if timeout_ms is None: - timeout_ms = self.sdk_configuration.timeout_ms - - if server_url is not None: - base_url = server_url - else: - base_url = self._get_url(base_url, url_variables) - - request = models.CreateCriblLakeDatasetByLakeIDRequest( - lake_id=lake_id, - cribl_lake_dataset=models.CriblLakeDataset( - accelerated_fields=accelerated_fields, - bucket_name=bucket_name, - cache_connection=utils.get_pydantic_model( - cache_connection, Optional[models.CacheConnection] - ), - deletion_started_at=deletion_started_at, - description=description, - format_=format_, - http_da_used=http_da_used, - id=id, - metrics=utils.get_pydantic_model( - metrics, Optional[models.LakeDatasetMetrics] - ), - retention_period_in_days=retention_period_in_days, - search_config=utils.get_pydantic_model( - search_config, Optional[models.LakeDatasetSearchConfig] - ), - storage_class=storage_class, - storage_location_id=storage_location_id, - view_name=view_name, - ), - ) - - req = self._build_request_async( - method="POST", - path="/products/lake/lakes/{lakeId}/datasets", - base_url=base_url, - url_variables=url_variables, - request=request, - request_body_required=True, - request_has_path_params=True, - request_has_query_params=True, - user_agent_header="user-agent", - accept_header_value="application/json", - http_headers=http_headers, - security=self.sdk_configuration.security, - get_serialized_body=lambda: utils.serialize_request_body( - request.cribl_lake_dataset, - False, - False, - "json", - models.CriblLakeDataset, - ), - allow_empty_value=None, - timeout_ms=timeout_ms, - ) - - if retries == UNSET: - if self.sdk_configuration.retry_config is not UNSET: - retries = self.sdk_configuration.retry_config - else: - retries = utils.RetryConfig( - "backoff", utils.BackoffStrategy(500, 60000, 1.5, 3600000), True - ) - - retry_config = None - if isinstance(retries, utils.RetryConfig): - retry_config = (retries, ["429"]) - - http_res = await self.do_request_async( - hook_ctx=HookContext( - config=self.sdk_configuration, - base_url=base_url or "", - operation_id="createCriblLakeDatasetByLakeId", - oauth2_scopes=[], - security_source=get_security_from_env( - self.sdk_configuration.security, models.Security - ), - ), - request=req, - is_error_status_code=lambda c: utils.match_status_codes(["4XX", "5XX"], c), - retry_config=retry_config, - ) - - response_data: Any = None - if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedCriblLakeDataset, http_res) - if utils.match_response(http_res, "500", "application/json"): - response_data = unmarshal_json_response(errors.ErrorData, http_res) - raise errors.Error(response_data, http_res) - if utils.match_response(http_res, ["401", "4XX"], "*"): - http_res_text = await utils.stream_to_text_async(http_res) - raise errors.APIError("API error occurred", http_res, http_res_text) - if utils.match_response(http_res, "5XX", "*"): - http_res_text = await utils.stream_to_text_async(http_res) - raise errors.APIError("API error occurred", http_res, http_res_text) - - raise errors.APIError("Unexpected response received", http_res) - def list( self, *, lake_id: str, storage_location_id: Optional[str] = None, - format_: Optional[str] = None, + format_: Optional[models.GetCriblLakeDatasetByLakeIDFormat] = None, exclude_ddss: Optional[bool] = None, + exclude_netskope: Optional[bool] = None, exclude_deleted: Optional[bool] = None, exclude_internal: Optional[bool] = None, exclude_byos: Optional[bool] = None, + include_metrics: Optional[bool] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, @@ -347,9 +35,11 @@ def list( :param storage_location_id: Filter datasets by storage location ID. Use default for default storage location. :param format_: Filter datasets by format. Set to ddss to return only DDSS datasets. :param exclude_ddss: Exclude DDSS format datasets from the response. + :param exclude_netskope: Exclude Netskope format datasets from the response. :param exclude_deleted: Exclude deleted datasets from the response. :param exclude_internal: Exclude internal datasets (those with IDs starting with cribl_) from the response. :param exclude_byos: Exclude BYOS (Bring Your Own Storage) datasets from the response. + :param include_metrics: Set to true to include storage metrics for each Lake Dataset. Otherwise, false (default). Requires a Cribl Lake metrics license. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -370,9 +60,11 @@ def list( storage_location_id=storage_location_id, format_=format_, exclude_ddss=exclude_ddss, + exclude_netskope=exclude_netskope, exclude_deleted=exclude_deleted, exclude_internal=exclude_internal, exclude_byos=exclude_byos, + include_metrics=include_metrics, ) req = self._build_request( @@ -439,11 +131,13 @@ async def list_async( *, lake_id: str, storage_location_id: Optional[str] = None, - format_: Optional[str] = None, + format_: Optional[models.GetCriblLakeDatasetByLakeIDFormat] = None, exclude_ddss: Optional[bool] = None, + exclude_netskope: Optional[bool] = None, exclude_deleted: Optional[bool] = None, exclude_internal: Optional[bool] = None, exclude_byos: Optional[bool] = None, + include_metrics: Optional[bool] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, @@ -457,9 +151,11 @@ async def list_async( :param storage_location_id: Filter datasets by storage location ID. Use default for default storage location. :param format_: Filter datasets by format. Set to ddss to return only DDSS datasets. :param exclude_ddss: Exclude DDSS format datasets from the response. + :param exclude_netskope: Exclude Netskope format datasets from the response. :param exclude_deleted: Exclude deleted datasets from the response. :param exclude_internal: Exclude internal datasets (those with IDs starting with cribl_) from the response. :param exclude_byos: Exclude BYOS (Bring Your Own Storage) datasets from the response. + :param include_metrics: Set to true to include storage metrics for each Lake Dataset. Otherwise, false (default). Requires a Cribl Lake metrics license. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -480,9 +176,11 @@ async def list_async( storage_location_id=storage_location_id, format_=format_, exclude_ddss=exclude_ddss, + exclude_netskope=exclude_netskope, exclude_deleted=exclude_deleted, exclude_internal=exclude_internal, exclude_byos=exclude_byos, + include_metrics=include_metrics, ) req = self._build_request_async( @@ -544,22 +242,56 @@ async def list_async( raise errors.APIError("Unexpected response received", http_res) - def delete( + def create( self, *, lake_id: str, id: str, + accelerated_fields: Optional[Iterable[str]] = None, + bucket_name: Optional[str] = None, + cache_connection: Optional[ + Union[models.CacheConnection, models.CacheConnectionTypedDict] + ] = None, + deletion_started_at: Optional[float] = None, + description: Optional[str] = None, + format_: Optional[models.FormatOptionsCriblLakeDataset] = None, + http_da_used: Optional[bool] = None, + metrics: Optional[ + Union[models.LakeDatasetMetrics, models.LakeDatasetMetricsTypedDict] + ] = None, + retention_period_in_days: Optional[int] = None, + search_config: Optional[ + Union[ + models.LakeDatasetSearchConfig, models.LakeDatasetSearchConfigTypedDict + ] + ] = None, + storage_class: Optional[models.StorageClassOptionsCriblLakeDataset] = None, + storage_location_id: Optional[str] = None, + view_name: Optional[str] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedCriblLakeDataset: - r"""Delete a Lake Dataset (Cribl.Cloud only) + r"""Create a Lake Dataset (Cribl.Cloud only) - Delete the specified Lake Dataset in the specified Lake (Cribl.Cloud only). + Create a new Lake Dataset in the specified Lake (Cribl.Cloud only). - :param lake_id: The id of the Lake that contains the Lake Dataset to delete. - :param id: The id of the Lake Dataset to delete. + :param lake_id: The id of the Lake to create the Lake Dataset in. + :param id: Unique identifier for the Dataset. + :param accelerated_fields: Accelerated fields for the Dataset. Data is partitioned by these fields in storage to improve query performance. + :param bucket_name: Name of the legacy Cribl Lake bucket that backs the Dataset. Mutually exclusive with storageLocationId. + :param cache_connection: + :param deletion_started_at: Timestamp (in Unix time) when Dataset deletion was initiated, in milliseconds. + :param description: Brief description of the Dataset. + :param format_: Storage format used for data persisted in the Dataset. + :param http_da_used: If true, the Dataset is used by Direct Access HTTP. Otherwise, false. + :param metrics: + :param retention_period_in_days: Dataset retention period, in days. + :param search_config: + :param storage_class: Storage class used for objects written to the Dataset. + :param storage_location_id: Unique identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName. + :param view_name: Name of the ClickHouse view for the Dataset on the Lakehouse. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -575,24 +307,54 @@ def delete( else: base_url = self._get_url(base_url, url_variables) - request = models.DeleteCriblLakeDatasetByLakeIDAndIDRequest( + request = models.CreateCriblLakeDatasetByLakeIDRequest( lake_id=lake_id, - id=id, + cribl_lake_dataset=models.CriblLakeDataset( + accelerated_fields=utils.unmarshal( + accelerated_fields, Optional[List[str]] + ), + bucket_name=bucket_name, + cache_connection=utils.get_pydantic_model( + cache_connection, Optional[models.CacheConnection] + ), + deletion_started_at=deletion_started_at, + description=description, + format_=format_, + http_da_used=http_da_used, + id=id, + metrics=utils.get_pydantic_model( + metrics, Optional[models.LakeDatasetMetrics] + ), + retention_period_in_days=retention_period_in_days, + search_config=utils.get_pydantic_model( + search_config, Optional[models.LakeDatasetSearchConfig] + ), + storage_class=storage_class, + storage_location_id=storage_location_id, + view_name=view_name, + ), ) req = self._build_request( - method="DELETE", - path="/products/lake/lakes/{lakeId}/datasets/{id}", + method="POST", + path="/products/lake/lakes/{lakeId}/datasets", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=False, + request_body_required=True, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, + get_serialized_body=lambda: utils.serialize_request_body( + request.cribl_lake_dataset, + False, + False, + "json", + models.CriblLakeDataset, + ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -613,7 +375,7 @@ def delete( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="deleteCriblLakeDatasetByLakeIdAndId", + operation_id="createCriblLakeDatasetByLakeId", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -639,22 +401,56 @@ def delete( raise errors.APIError("Unexpected response received", http_res) - async def delete_async( + async def create_async( self, *, lake_id: str, id: str, + accelerated_fields: Optional[Iterable[str]] = None, + bucket_name: Optional[str] = None, + cache_connection: Optional[ + Union[models.CacheConnection, models.CacheConnectionTypedDict] + ] = None, + deletion_started_at: Optional[float] = None, + description: Optional[str] = None, + format_: Optional[models.FormatOptionsCriblLakeDataset] = None, + http_da_used: Optional[bool] = None, + metrics: Optional[ + Union[models.LakeDatasetMetrics, models.LakeDatasetMetricsTypedDict] + ] = None, + retention_period_in_days: Optional[int] = None, + search_config: Optional[ + Union[ + models.LakeDatasetSearchConfig, models.LakeDatasetSearchConfigTypedDict + ] + ] = None, + storage_class: Optional[models.StorageClassOptionsCriblLakeDataset] = None, + storage_location_id: Optional[str] = None, + view_name: Optional[str] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedCriblLakeDataset: - r"""Delete a Lake Dataset (Cribl.Cloud only) + r"""Create a Lake Dataset (Cribl.Cloud only) - Delete the specified Lake Dataset in the specified Lake (Cribl.Cloud only). + Create a new Lake Dataset in the specified Lake (Cribl.Cloud only). - :param lake_id: The id of the Lake that contains the Lake Dataset to delete. - :param id: The id of the Lake Dataset to delete. + :param lake_id: The id of the Lake to create the Lake Dataset in. + :param id: Unique identifier for the Dataset. + :param accelerated_fields: Accelerated fields for the Dataset. Data is partitioned by these fields in storage to improve query performance. + :param bucket_name: Name of the legacy Cribl Lake bucket that backs the Dataset. Mutually exclusive with storageLocationId. + :param cache_connection: + :param deletion_started_at: Timestamp (in Unix time) when Dataset deletion was initiated, in milliseconds. + :param description: Brief description of the Dataset. + :param format_: Storage format used for data persisted in the Dataset. + :param http_da_used: If true, the Dataset is used by Direct Access HTTP. Otherwise, false. + :param metrics: + :param retention_period_in_days: Dataset retention period, in days. + :param search_config: + :param storage_class: Storage class used for objects written to the Dataset. + :param storage_location_id: Unique identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName. + :param view_name: Name of the ClickHouse view for the Dataset on the Lakehouse. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -670,24 +466,54 @@ async def delete_async( else: base_url = self._get_url(base_url, url_variables) - request = models.DeleteCriblLakeDatasetByLakeIDAndIDRequest( + request = models.CreateCriblLakeDatasetByLakeIDRequest( lake_id=lake_id, - id=id, + cribl_lake_dataset=models.CriblLakeDataset( + accelerated_fields=utils.unmarshal( + accelerated_fields, Optional[List[str]] + ), + bucket_name=bucket_name, + cache_connection=utils.get_pydantic_model( + cache_connection, Optional[models.CacheConnection] + ), + deletion_started_at=deletion_started_at, + description=description, + format_=format_, + http_da_used=http_da_used, + id=id, + metrics=utils.get_pydantic_model( + metrics, Optional[models.LakeDatasetMetrics] + ), + retention_period_in_days=retention_period_in_days, + search_config=utils.get_pydantic_model( + search_config, Optional[models.LakeDatasetSearchConfig] + ), + storage_class=storage_class, + storage_location_id=storage_location_id, + view_name=view_name, + ), ) req = self._build_request_async( - method="DELETE", - path="/products/lake/lakes/{lakeId}/datasets/{id}", + method="POST", + path="/products/lake/lakes/{lakeId}/datasets", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=False, + request_body_required=True, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, + get_serialized_body=lambda: utils.serialize_request_body( + request.cribl_lake_dataset, + False, + False, + "json", + models.CriblLakeDataset, + ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -708,7 +534,7 @@ async def delete_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="deleteCriblLakeDatasetByLakeIdAndId", + operation_id="createCriblLakeDatasetByLakeId", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -739,6 +565,7 @@ def get( *, lake_id: str, id: str, + include_metrics: Optional[bool] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, @@ -750,6 +577,7 @@ def get( :param lake_id: The id of the Lake that contains the Lake Dataset to get. :param id: The id of the Lake Dataset to get. + :param include_metrics: Set to true to include storage metrics for each Lake Dataset. Otherwise, false (default). Requires a Cribl Lake metrics license. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -768,6 +596,7 @@ def get( request = models.GetCriblLakeDatasetByLakeIDAndIDRequest( lake_id=lake_id, id=id, + include_metrics=include_metrics, ) req = self._build_request( @@ -834,6 +663,7 @@ async def get_async( *, lake_id: str, id: str, + include_metrics: Optional[bool] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, @@ -845,6 +675,7 @@ async def get_async( :param lake_id: The id of the Lake that contains the Lake Dataset to get. :param id: The id of the Lake Dataset to get. + :param include_metrics: Set to true to include storage metrics for each Lake Dataset. Otherwise, false (default). Requires a Cribl Lake metrics license. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -863,6 +694,7 @@ async def get_async( request = models.GetCriblLakeDatasetByLakeIDAndIDRequest( lake_id=lake_id, id=id, + include_metrics=include_metrics, ) req = self._build_request_async( @@ -929,7 +761,7 @@ def update( *, lake_id: str, id_param: str, - accelerated_fields: Optional[List[str]] = None, + accelerated_fields: Optional[Iterable[str]] = None, bucket_name: Optional[str] = None, cache_connection: Optional[ Union[models.CacheConnection, models.CacheConnectionTypedDict] @@ -968,13 +800,13 @@ def update( :param deletion_started_at: Timestamp (in Unix time) when Dataset deletion was initiated, in milliseconds. :param description: Brief description of the Dataset. :param format_: Storage format used for data persisted in the Dataset. - :param http_da_used: If true, the Dataset is used by Direct Access HTTP. - :param id: Dataset identifier. Optional; the path parameter id is authoritative. + :param http_da_used: If true, the Dataset is used by Direct Access HTTP. Otherwise, false. + :param id: Unique identifier for the Dataset. Optional; the path parameter id is authoritative. :param metrics: :param retention_period_in_days: Dataset retention period, in days. :param search_config: :param storage_class: Storage class used for objects written to the Dataset. - :param storage_location_id: Identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName. + :param storage_location_id: Unique identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName. :param view_name: Name of the ClickHouse view for the Dataset on the Lakehouse. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method @@ -995,7 +827,9 @@ def update( lake_id=lake_id, id_param=id_param, cribl_lake_dataset_update=models.CriblLakeDatasetUpdate( - accelerated_fields=accelerated_fields, + accelerated_fields=utils.unmarshal( + accelerated_fields, Optional[List[str]] + ), bucket_name=bucket_name, cache_connection=utils.get_pydantic_model( cache_connection, Optional[models.CacheConnection] @@ -1089,7 +923,7 @@ async def update_async( *, lake_id: str, id_param: str, - accelerated_fields: Optional[List[str]] = None, + accelerated_fields: Optional[Iterable[str]] = None, bucket_name: Optional[str] = None, cache_connection: Optional[ Union[models.CacheConnection, models.CacheConnectionTypedDict] @@ -1128,13 +962,13 @@ async def update_async( :param deletion_started_at: Timestamp (in Unix time) when Dataset deletion was initiated, in milliseconds. :param description: Brief description of the Dataset. :param format_: Storage format used for data persisted in the Dataset. - :param http_da_used: If true, the Dataset is used by Direct Access HTTP. - :param id: Dataset identifier. Optional; the path parameter id is authoritative. + :param http_da_used: If true, the Dataset is used by Direct Access HTTP. Otherwise, false. + :param id: Unique identifier for the Dataset. Optional; the path parameter id is authoritative. :param metrics: :param retention_period_in_days: Dataset retention period, in days. :param search_config: :param storage_class: Storage class used for objects written to the Dataset. - :param storage_location_id: Identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName. + :param storage_location_id: Unique identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName. :param view_name: Name of the ClickHouse view for the Dataset on the Lakehouse. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method @@ -1155,7 +989,9 @@ async def update_async( lake_id=lake_id, id_param=id_param, cribl_lake_dataset_update=models.CriblLakeDatasetUpdate( - accelerated_fields=accelerated_fields, + accelerated_fields=utils.unmarshal( + accelerated_fields, Optional[List[str]] + ), bucket_name=bucket_name, cache_connection=utils.get_pydantic_model( cache_connection, Optional[models.CacheConnection] @@ -1243,3 +1079,193 @@ async def update_async( raise errors.APIError("API error occurred", http_res, http_res_text) raise errors.APIError("Unexpected response received", http_res) + + def delete( + self, + *, + lake_id: str, + id: str, + retries: OptionalNullable[utils.RetryConfig] = UNSET, + server_url: Optional[str] = None, + timeout_ms: Optional[int] = None, + http_headers: Optional[Mapping[str, str]] = None, + ) -> models.CountedCriblLakeDataset: + r"""Delete a Lake Dataset (Cribl.Cloud only) + + Delete the specified Lake Dataset in the specified Lake (Cribl.Cloud only). + + :param lake_id: The id of the Lake that contains the Lake Dataset to delete. + :param id: The id of the Lake Dataset to delete. + :param retries: Override the default retry configuration for this method + :param server_url: Override the default server URL for this method + :param timeout_ms: Override the default request timeout configuration for this method in milliseconds + :param http_headers: Additional headers to set or replace on requests. + """ + base_url = None + url_variables = None + if timeout_ms is None: + timeout_ms = self.sdk_configuration.timeout_ms + + if server_url is not None: + base_url = server_url + else: + base_url = self._get_url(base_url, url_variables) + + request = models.DeleteCriblLakeDatasetByLakeIDAndIDRequest( + lake_id=lake_id, + id=id, + ) + + req = self._build_request( + method="DELETE", + path="/products/lake/lakes/{lakeId}/datasets/{id}", + base_url=base_url, + url_variables=url_variables, + request=request, + request_body_required=False, + request_has_path_params=True, + request_has_query_params=True, + user_agent_header="user-agent", + accept_header_value="application/json", + http_headers=http_headers, + security=self.sdk_configuration.security, + allow_empty_value=None, + timeout_ms=timeout_ms, + ) + + if retries == UNSET: + if self.sdk_configuration.retry_config is not UNSET: + retries = self.sdk_configuration.retry_config + else: + retries = utils.RetryConfig( + "backoff", utils.BackoffStrategy(500, 60000, 1.5, 3600000), True + ) + + retry_config = None + if isinstance(retries, utils.RetryConfig): + retry_config = (retries, ["429"]) + + http_res = self.do_request( + hook_ctx=HookContext( + config=self.sdk_configuration, + base_url=base_url or "", + operation_id="deleteCriblLakeDatasetByLakeIdAndId", + oauth2_scopes=[], + security_source=get_security_from_env( + self.sdk_configuration.security, models.Security + ), + ), + request=req, + is_error_status_code=lambda c: utils.match_status_codes(["4XX", "5XX"], c), + retry_config=retry_config, + ) + + response_data: Any = None + if utils.match_response(http_res, "200", "application/json"): + return unmarshal_json_response(models.CountedCriblLakeDataset, http_res) + if utils.match_response(http_res, "500", "application/json"): + response_data = unmarshal_json_response(errors.ErrorData, http_res) + raise errors.Error(response_data, http_res) + if utils.match_response(http_res, ["401", "4XX"], "*"): + http_res_text = utils.stream_to_text(http_res) + raise errors.APIError("API error occurred", http_res, http_res_text) + if utils.match_response(http_res, "5XX", "*"): + http_res_text = utils.stream_to_text(http_res) + raise errors.APIError("API error occurred", http_res, http_res_text) + + raise errors.APIError("Unexpected response received", http_res) + + async def delete_async( + self, + *, + lake_id: str, + id: str, + retries: OptionalNullable[utils.RetryConfig] = UNSET, + server_url: Optional[str] = None, + timeout_ms: Optional[int] = None, + http_headers: Optional[Mapping[str, str]] = None, + ) -> models.CountedCriblLakeDataset: + r"""Delete a Lake Dataset (Cribl.Cloud only) + + Delete the specified Lake Dataset in the specified Lake (Cribl.Cloud only). + + :param lake_id: The id of the Lake that contains the Lake Dataset to delete. + :param id: The id of the Lake Dataset to delete. + :param retries: Override the default retry configuration for this method + :param server_url: Override the default server URL for this method + :param timeout_ms: Override the default request timeout configuration for this method in milliseconds + :param http_headers: Additional headers to set or replace on requests. + """ + base_url = None + url_variables = None + if timeout_ms is None: + timeout_ms = self.sdk_configuration.timeout_ms + + if server_url is not None: + base_url = server_url + else: + base_url = self._get_url(base_url, url_variables) + + request = models.DeleteCriblLakeDatasetByLakeIDAndIDRequest( + lake_id=lake_id, + id=id, + ) + + req = self._build_request_async( + method="DELETE", + path="/products/lake/lakes/{lakeId}/datasets/{id}", + base_url=base_url, + url_variables=url_variables, + request=request, + request_body_required=False, + request_has_path_params=True, + request_has_query_params=True, + user_agent_header="user-agent", + accept_header_value="application/json", + http_headers=http_headers, + security=self.sdk_configuration.security, + allow_empty_value=None, + timeout_ms=timeout_ms, + ) + + if retries == UNSET: + if self.sdk_configuration.retry_config is not UNSET: + retries = self.sdk_configuration.retry_config + else: + retries = utils.RetryConfig( + "backoff", utils.BackoffStrategy(500, 60000, 1.5, 3600000), True + ) + + retry_config = None + if isinstance(retries, utils.RetryConfig): + retry_config = (retries, ["429"]) + + http_res = await self.do_request_async( + hook_ctx=HookContext( + config=self.sdk_configuration, + base_url=base_url or "", + operation_id="deleteCriblLakeDatasetByLakeIdAndId", + oauth2_scopes=[], + security_source=get_security_from_env( + self.sdk_configuration.security, models.Security + ), + ), + request=req, + is_error_status_code=lambda c: utils.match_status_codes(["4XX", "5XX"], c), + retry_config=retry_config, + ) + + response_data: Any = None + if utils.match_response(http_res, "200", "application/json"): + return unmarshal_json_response(models.CountedCriblLakeDataset, http_res) + if utils.match_response(http_res, "500", "application/json"): + response_data = unmarshal_json_response(errors.ErrorData, http_res) + raise errors.Error(response_data, http_res) + if utils.match_response(http_res, ["401", "4XX"], "*"): + http_res_text = await utils.stream_to_text_async(http_res) + raise errors.APIError("API error occurred", http_res, http_res_text) + if utils.match_response(http_res, "5XX", "*"): + http_res_text = await utils.stream_to_text_async(http_res) + raise errors.APIError("API error occurred", http_res, http_res_text) + + raise errors.APIError("Unexpected response received", http_res) diff --git a/src/cribl_control_plane/destinations_statuses.py b/src/cribl_control_plane/destinations_statuses.py index f671ac4f8..5489ae77f 100644 --- a/src/cribl_control_plane/destinations_statuses.py +++ b/src/cribl_control_plane/destinations_statuses.py @@ -11,24 +11,26 @@ class DestinationsStatuses(BaseSDK): - def get( + def list( self, *, - id: str, metrics: Optional[bool] = None, type_: Optional[bool] = None, + offset: Optional[int] = None, + limit: Optional[int] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedOutputStatus: - r"""Get the status of a Destination + ) -> Optional[models.GetOutputStatusResponse]: + r"""List the status of all Destinations - Get the status and optional metrics for the specified Destination. + List status information and optional metrics for all configured Destinations in the Worker Group or Edge Fleet. - :param id: The id of the Destination to get the status for. :param metrics: Set to true to include metrics for each Destination. Otherwise, false (default). :param type: Set to true to prefix the Destination id with the Destination type. Otherwise, false (default). + :param offset: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. + :param limit: Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -44,20 +46,21 @@ def get( else: base_url = self._get_url(base_url, url_variables) - request = models.GetOutputStatusByIDRequest( - id=id, + request = models.GetOutputStatusRequest( metrics=metrics, type=type_, + offset=offset, + limit=limit, ) req = self._build_request( method="GET", - path="/system/status/outputs/{id}", + path="/system/status/outputs", base_url=base_url, url_variables=url_variables, request=request, request_body_required=False, - request_has_path_params=True, + request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", @@ -83,7 +86,7 @@ def get( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getOutputStatusById", + operation_id="getOutputStatus", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -94,13 +97,42 @@ def get( retry_config=retry_config, ) + def next_func() -> Optional[models.GetOutputStatusResponse]: + body = utils.unmarshal_json(http_res.text, Union[Dict[Any, Any], List[Any]]) + + offset = request.offset if isinstance(request.offset, int) else 0 + + if not http_res.text: + return None + results = JSONPath("$.items").parse(body) + if len(results) == 0 or len(results[0]) == 0: + return None + limit_ = request.limit if isinstance(request.limit, int) else 0 + if len(results[0]) < limit_: + return None + next_offset = offset + len(results[0]) + + return self.list( + metrics=metrics, + type_=type_, + offset=next_offset, + limit=limit, + retries=retries, + server_url=server_url, + timeout_ms=timeout_ms, + http_headers=http_headers, + ) + response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedOutputStatus, http_res) + return models.GetOutputStatusResponse( + result=unmarshal_json_response(models.CountedOutputStatus, http_res), + next=next_func, + ) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) - if utils.match_response(http_res, ["401", "4XX"], "*"): + if utils.match_response(http_res, ["400", "401", "4XX"], "*"): http_res_text = utils.stream_to_text(http_res) raise errors.APIError("API error occurred", http_res, http_res_text) if utils.match_response(http_res, "5XX", "*"): @@ -109,24 +141,26 @@ def get( raise errors.APIError("Unexpected response received", http_res) - async def get_async( + async def list_async( self, *, - id: str, metrics: Optional[bool] = None, type_: Optional[bool] = None, + offset: Optional[int] = None, + limit: Optional[int] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedOutputStatus: - r"""Get the status of a Destination + ) -> Optional[models.GetOutputStatusResponse]: + r"""List the status of all Destinations - Get the status and optional metrics for the specified Destination. + List status information and optional metrics for all configured Destinations in the Worker Group or Edge Fleet. - :param id: The id of the Destination to get the status for. :param metrics: Set to true to include metrics for each Destination. Otherwise, false (default). :param type: Set to true to prefix the Destination id with the Destination type. Otherwise, false (default). + :param offset: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. + :param limit: Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -142,20 +176,21 @@ async def get_async( else: base_url = self._get_url(base_url, url_variables) - request = models.GetOutputStatusByIDRequest( - id=id, + request = models.GetOutputStatusRequest( metrics=metrics, type=type_, + offset=offset, + limit=limit, ) req = self._build_request_async( method="GET", - path="/system/status/outputs/{id}", + path="/system/status/outputs", base_url=base_url, url_variables=url_variables, request=request, request_body_required=False, - request_has_path_params=True, + request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", @@ -181,7 +216,7 @@ async def get_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getOutputStatusById", + operation_id="getOutputStatus", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -192,13 +227,45 @@ async def get_async( retry_config=retry_config, ) + def next_func() -> Awaitable[Optional[models.GetOutputStatusResponse]]: + body = utils.unmarshal_json(http_res.text, Union[Dict[Any, Any], List[Any]]) + + async def empty_result(): + return None + + offset = request.offset if isinstance(request.offset, int) else 0 + + if not http_res.text: + return empty_result() + results = JSONPath("$.items").parse(body) + if len(results) == 0 or len(results[0]) == 0: + return empty_result() + limit_ = request.limit if isinstance(request.limit, int) else 0 + if len(results[0]) < limit_: + return empty_result() + next_offset = offset + len(results[0]) + + return self.list_async( + metrics=metrics, + type_=type_, + offset=next_offset, + limit=limit, + retries=retries, + server_url=server_url, + timeout_ms=timeout_ms, + http_headers=http_headers, + ) + response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedOutputStatus, http_res) + return models.GetOutputStatusResponse( + result=unmarshal_json_response(models.CountedOutputStatus, http_res), + next=next_func, + ) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) - if utils.match_response(http_res, ["401", "4XX"], "*"): + if utils.match_response(http_res, ["400", "401", "4XX"], "*"): http_res_text = await utils.stream_to_text_async(http_res) raise errors.APIError("API error occurred", http_res, http_res_text) if utils.match_response(http_res, "5XX", "*"): @@ -207,26 +274,24 @@ async def get_async( raise errors.APIError("Unexpected response received", http_res) - def list( + def get( self, *, + id: str, metrics: Optional[bool] = None, type_: Optional[bool] = None, - offset: Optional[int] = None, - limit: Optional[int] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> Optional[models.GetOutputStatusResponse]: - r"""List the status of all Destinations + ) -> models.CountedOutputStatus: + r"""Get the status of a Destination - List status information and optional metrics for all configured Destinations in the Worker Group or Edge Fleet. + Get the status and optional metrics for the specified Destination. + :param id: The id of the Destination to get the status for. :param metrics: Set to true to include metrics for each Destination. Otherwise, false (default). :param type: Set to true to prefix the Destination id with the Destination type. Otherwise, false (default). - :param offset: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. - :param limit: Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -242,21 +307,20 @@ def list( else: base_url = self._get_url(base_url, url_variables) - request = models.GetOutputStatusRequest( + request = models.GetOutputStatusByIDRequest( + id=id, metrics=metrics, type=type_, - offset=offset, - limit=limit, ) req = self._build_request( method="GET", - path="/system/status/outputs", + path="/system/status/outputs/{id}", base_url=base_url, url_variables=url_variables, request=request, request_body_required=False, - request_has_path_params=False, + request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", @@ -282,7 +346,7 @@ def list( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getOutputStatus", + operation_id="getOutputStatusById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -293,42 +357,13 @@ def list( retry_config=retry_config, ) - def next_func() -> Optional[models.GetOutputStatusResponse]: - body = utils.unmarshal_json(http_res.text, Union[Dict[Any, Any], List[Any]]) - - offset = request.offset if isinstance(request.offset, int) else 0 - - if not http_res.text: - return None - results = JSONPath("$.items").parse(body) - if len(results) == 0 or len(results[0]) == 0: - return None - limit_ = request.limit if isinstance(request.limit, int) else 0 - if len(results[0]) < limit_: - return None - next_offset = offset + len(results[0]) - - return self.list( - metrics=metrics, - type_=type_, - offset=next_offset, - limit=limit, - retries=retries, - server_url=server_url, - timeout_ms=timeout_ms, - http_headers=http_headers, - ) - response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return models.GetOutputStatusResponse( - result=unmarshal_json_response(models.CountedOutputStatus, http_res), - next=next_func, - ) + return unmarshal_json_response(models.CountedOutputStatus, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) - if utils.match_response(http_res, ["400", "401", "4XX"], "*"): + if utils.match_response(http_res, ["401", "4XX"], "*"): http_res_text = utils.stream_to_text(http_res) raise errors.APIError("API error occurred", http_res, http_res_text) if utils.match_response(http_res, "5XX", "*"): @@ -337,26 +372,24 @@ def next_func() -> Optional[models.GetOutputStatusResponse]: raise errors.APIError("Unexpected response received", http_res) - async def list_async( + async def get_async( self, *, + id: str, metrics: Optional[bool] = None, type_: Optional[bool] = None, - offset: Optional[int] = None, - limit: Optional[int] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> Optional[models.GetOutputStatusResponse]: - r"""List the status of all Destinations + ) -> models.CountedOutputStatus: + r"""Get the status of a Destination - List status information and optional metrics for all configured Destinations in the Worker Group or Edge Fleet. + Get the status and optional metrics for the specified Destination. + :param id: The id of the Destination to get the status for. :param metrics: Set to true to include metrics for each Destination. Otherwise, false (default). :param type: Set to true to prefix the Destination id with the Destination type. Otherwise, false (default). - :param offset: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. - :param limit: Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -372,21 +405,20 @@ async def list_async( else: base_url = self._get_url(base_url, url_variables) - request = models.GetOutputStatusRequest( + request = models.GetOutputStatusByIDRequest( + id=id, metrics=metrics, type=type_, - offset=offset, - limit=limit, ) req = self._build_request_async( method="GET", - path="/system/status/outputs", + path="/system/status/outputs/{id}", base_url=base_url, url_variables=url_variables, request=request, request_body_required=False, - request_has_path_params=False, + request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", @@ -412,7 +444,7 @@ async def list_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getOutputStatus", + operation_id="getOutputStatusById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -423,45 +455,13 @@ async def list_async( retry_config=retry_config, ) - def next_func() -> Awaitable[Optional[models.GetOutputStatusResponse]]: - body = utils.unmarshal_json(http_res.text, Union[Dict[Any, Any], List[Any]]) - - async def empty_result(): - return None - - offset = request.offset if isinstance(request.offset, int) else 0 - - if not http_res.text: - return empty_result() - results = JSONPath("$.items").parse(body) - if len(results) == 0 or len(results[0]) == 0: - return empty_result() - limit_ = request.limit if isinstance(request.limit, int) else 0 - if len(results[0]) < limit_: - return empty_result() - next_offset = offset + len(results[0]) - - return self.list_async( - metrics=metrics, - type_=type_, - offset=next_offset, - limit=limit, - retries=retries, - server_url=server_url, - timeout_ms=timeout_ms, - http_headers=http_headers, - ) - response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return models.GetOutputStatusResponse( - result=unmarshal_json_response(models.CountedOutputStatus, http_res), - next=next_func, - ) + return unmarshal_json_response(models.CountedOutputStatus, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) - if utils.match_response(http_res, ["400", "401", "4XX"], "*"): + if utils.match_response(http_res, ["401", "4XX"], "*"): http_res_text = await utils.stream_to_text_async(http_res) raise errors.APIError("API error occurred", http_res, http_res_text) if utils.match_response(http_res, "5XX", "*"): diff --git a/src/cribl_control_plane/errors/healthserverstatus_error.py b/src/cribl_control_plane/errors/healthserverstatus_error.py index d5a2fa487..fbd684313 100644 --- a/src/cribl_control_plane/errors/healthserverstatus_error.py +++ b/src/cribl_control_plane/errors/healthserverstatus_error.py @@ -2,7 +2,10 @@ from __future__ import annotations from cribl_control_plane.errors import CriblControlPlaneError -from cribl_control_plane.models import healthserverstatus as models_healthserverstatus +from cribl_control_plane.models import ( + healthoverlaystatus as models_healthoverlaystatus, + healthserverstatus as models_healthserverstatus, +) from cribl_control_plane.types import BaseModel from dataclasses import dataclass, field import httpx @@ -12,6 +15,7 @@ class HealthServerStatusErrorData(BaseModel): + overlay: models_healthoverlaystatus.HealthOverlayStatus start_time: Annotated[int, pydantic.Field(alias="startTime")] r"""Timestamp (in Unix time) when the Cribl process started.""" status: models_healthserverstatus.HealthServerStatusStatus diff --git a/src/cribl_control_plane/functions.py b/src/cribl_control_plane/functions.py index ff7ecbd17..b39e208eb 100644 --- a/src/cribl_control_plane/functions.py +++ b/src/cribl_control_plane/functions.py @@ -12,20 +12,18 @@ class Functions(BaseSDK): r"""Actions related to functions""" - def get( + def list( self, *, - id: str, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedFunctionResponse: - r"""Get a Function + r"""List all Functions - Get the specified Function. + Get a list of all Functions. - :param id: The id of the Function to get. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -40,19 +38,14 @@ def get( base_url = server_url else: base_url = self._get_url(base_url, url_variables) - - request = models.GetFunctionsByIDRequest( - id=id, - ) - req = self._build_request( method="GET", - path="/functions/{id}", + path="/functions", base_url=base_url, url_variables=url_variables, - request=request, + request=None, request_body_required=False, - request_has_path_params=True, + request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", @@ -78,7 +71,7 @@ def get( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getFunctionsById", + operation_id="getFunctions", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -104,20 +97,18 @@ def get( raise errors.APIError("Unexpected response received", http_res) - async def get_async( + async def list_async( self, *, - id: str, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedFunctionResponse: - r"""Get a Function + r"""List all Functions - Get the specified Function. + Get a list of all Functions. - :param id: The id of the Function to get. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -132,19 +123,14 @@ async def get_async( base_url = server_url else: base_url = self._get_url(base_url, url_variables) - - request = models.GetFunctionsByIDRequest( - id=id, - ) - req = self._build_request_async( method="GET", - path="/functions/{id}", + path="/functions", base_url=base_url, url_variables=url_variables, - request=request, + request=None, request_body_required=False, - request_has_path_params=True, + request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", @@ -170,7 +156,7 @@ async def get_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getFunctionsById", + operation_id="getFunctions", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -196,18 +182,20 @@ async def get_async( raise errors.APIError("Unexpected response received", http_res) - def list( + def get( self, *, + id: str, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedFunctionResponse: - r"""List all Functions + r"""Get a Function - Get a list of all Functions. + Get the specified Function. + :param id: The id of the Function to get. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -222,14 +210,19 @@ def list( base_url = server_url else: base_url = self._get_url(base_url, url_variables) + + request = models.GetFunctionsByIDRequest( + id=id, + ) + req = self._build_request( method="GET", - path="/functions", + path="/functions/{id}", base_url=base_url, url_variables=url_variables, - request=None, + request=request, request_body_required=False, - request_has_path_params=False, + request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", @@ -255,7 +248,7 @@ def list( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getFunctions", + operation_id="getFunctionsById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -281,18 +274,20 @@ def list( raise errors.APIError("Unexpected response received", http_res) - async def list_async( + async def get_async( self, *, + id: str, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedFunctionResponse: - r"""List all Functions + r"""Get a Function - Get a list of all Functions. + Get the specified Function. + :param id: The id of the Function to get. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -307,14 +302,19 @@ async def list_async( base_url = server_url else: base_url = self._get_url(base_url, url_variables) + + request = models.GetFunctionsByIDRequest( + id=id, + ) + req = self._build_request_async( method="GET", - path="/functions", + path="/functions/{id}", base_url=base_url, url_variables=url_variables, - request=None, + request=request, request_body_required=False, - request_has_path_params=False, + request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", @@ -340,7 +340,7 @@ async def list_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getFunctions", + operation_id="getFunctionsById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security diff --git a/src/cribl_control_plane/groups_sdk.py b/src/cribl_control_plane/groups_sdk.py index 6f4060bac..a30cb5583 100644 --- a/src/cribl_control_plane/groups_sdk.py +++ b/src/cribl_control_plane/groups_sdk.py @@ -9,14 +9,14 @@ from cribl_control_plane.types import OptionalNullable, UNSET from cribl_control_plane.utils import get_security_from_env from cribl_control_plane.utils.unmarshal_json_response import unmarshal_json_response -from typing import Any, List, Mapping, Optional, Union +from typing import Any, Iterable, List, Mapping, Optional, Union class GroupsSDK(BaseSDK): r"""Actions related to Groups""" - configs: GroupsConfigs acl: ACL + configs: GroupsConfigs def __init__( self, sdk_config: SDKConfiguration, parent_ref: Optional[object] = None @@ -26,8 +26,8 @@ def __init__( self._init_sdks() def _init_sdks(self): - self.configs = GroupsConfigs(self.sdk_configuration, parent_ref=self.parent_ref) self.acl = ACL(self.sdk_configuration, parent_ref=self.parent_ref) + self.configs = GroupsConfigs(self.sdk_configuration, parent_ref=self.parent_ref) def list( self, @@ -239,7 +239,7 @@ def create( on_prem: Optional[bool] = None, provisioned: Optional[bool] = None, source_group_id: Optional[str] = None, - streamtags: Optional[List[str]] = None, + streamtags: Optional[Iterable[str]] = None, tags: Optional[str] = None, type_: Optional[models.TypeOptionsConfigGroup] = None, upgrade_version: Optional[str] = None, @@ -254,7 +254,7 @@ def create( Create a new Worker Group, Outpost Group, or Edge Fleet for the specified Cribl product. :param product: Name of the Cribl product to add the Worker Group, Outpost Group, or Edge Fleet to. - :param id: + :param id: Unique identifier. :param cloud: :param description: Brief description of the Worker Group, Outpost Group, or Edge Fleet. :param estimated_ingest_rate: Estimated ingest rate for a Cribl.Cloud Worker Group, in GB/sec. @@ -303,7 +303,7 @@ def create( on_prem=on_prem, provisioned=provisioned, source_group_id=source_group_id, - streamtags=streamtags, + streamtags=utils.unmarshal(streamtags, Optional[List[str]]), tags=tags, type=type_, upgrade_version=upgrade_version, @@ -397,7 +397,7 @@ async def create_async( on_prem: Optional[bool] = None, provisioned: Optional[bool] = None, source_group_id: Optional[str] = None, - streamtags: Optional[List[str]] = None, + streamtags: Optional[Iterable[str]] = None, tags: Optional[str] = None, type_: Optional[models.TypeOptionsConfigGroup] = None, upgrade_version: Optional[str] = None, @@ -412,7 +412,7 @@ async def create_async( Create a new Worker Group, Outpost Group, or Edge Fleet for the specified Cribl product. :param product: Name of the Cribl product to add the Worker Group, Outpost Group, or Edge Fleet to. - :param id: + :param id: Unique identifier. :param cloud: :param description: Brief description of the Worker Group, Outpost Group, or Edge Fleet. :param estimated_ingest_rate: Estimated ingest rate for a Cribl.Cloud Worker Group, in GB/sec. @@ -461,7 +461,7 @@ async def create_async( on_prem=on_prem, provisioned=provisioned, source_group_id=source_group_id, - streamtags=streamtags, + streamtags=utils.unmarshal(streamtags, Optional[List[str]]), tags=tags, type=type_, upgrade_version=upgrade_version, @@ -753,15 +753,15 @@ def update( is_search: Optional[bool] = None, lookup_deployments: Optional[ Union[ - List[models.ConfigGroupLookups], - List[models.ConfigGroupLookupsTypedDict], + Iterable[models.ConfigGroupLookups], + Iterable[models.ConfigGroupLookupsTypedDict], ] ] = None, max_worker_age: Optional[str] = None, name: Optional[str] = None, on_prem: Optional[bool] = None, provisioned: Optional[bool] = None, - streamtags: Optional[List[str]] = None, + streamtags: Optional[Iterable[str]] = None, tags: Optional[str] = None, type_: Optional[models.TypeOptionsConfigGroup] = None, upgrade_version: Optional[str] = None, @@ -774,11 +774,11 @@ def update( ) -> models.CountedConfigGroup: r"""Update a Worker Group, Outpost Group, or Edge Fleet - Update the specified Worker Group, Outpost Group, or Edge Fleet.

Provide a complete representation of the Group or Fleet that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Group or Fleet.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Group or Fleet might not function as expected.**Warning**: Do not change the values for the following parameters in the body of PATCH requests. The request body must include the values as they appear in the GET /products/{product}/groups/{id} response.
- configVersion
- deployingWorkerCount
- incompatibleWorkerCount
- workerCount
- lookupDeployments. + Update the specified Worker Group, Outpost Group, or Edge Fleet.

Provide a complete representation of the Group or Fleet that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Group or Fleet.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Group or Fleet might not function as expected.

**Warning**: Do not change the values for the following parameters in the body of PATCH requests. The request body must include the values as they appear in the GET /products/{product}/groups/{id} response.
- configVersion
- deployingWorkerCount
- incompatibleWorkerCount
- workerCount
- lookupDeployments. :param product: Name of the Cribl product to get the Worker Groups, Outpost Groups, or Edge Fleets for. :param id_param: The id of the Worker Group, Outpost Group, or Edge Fleet to update. - :param id: + :param id: Unique identifier. :param cloud: :param config_version: Commit hash of the deployed configuration version for the Worker Group, Outpost Group, or Edge Fleet. Automatically populated and returned in responses.

**Warning**: Do not change the value of configVersion in the body of PATCH requests. The PATCH request body must include the value as it appears in the GET /products/{product}/groups/{id} response. :param deploying_worker_count: Number of Workers or Nodes that are currently deploying the latest configuration version.

**Warning**: Do not change the value of deployingWorkerCount in the body of PATCH requests. The PATCH request body must include the value as it appears in the GET /products/{product}/groups/{id} response. @@ -839,7 +839,7 @@ def update( name=name, on_prem=on_prem, provisioned=provisioned, - streamtags=streamtags, + streamtags=utils.unmarshal(streamtags, Optional[List[str]]), tags=tags, type=type_, upgrade_version=upgrade_version, @@ -932,15 +932,15 @@ async def update_async( is_search: Optional[bool] = None, lookup_deployments: Optional[ Union[ - List[models.ConfigGroupLookups], - List[models.ConfigGroupLookupsTypedDict], + Iterable[models.ConfigGroupLookups], + Iterable[models.ConfigGroupLookupsTypedDict], ] ] = None, max_worker_age: Optional[str] = None, name: Optional[str] = None, on_prem: Optional[bool] = None, provisioned: Optional[bool] = None, - streamtags: Optional[List[str]] = None, + streamtags: Optional[Iterable[str]] = None, tags: Optional[str] = None, type_: Optional[models.TypeOptionsConfigGroup] = None, upgrade_version: Optional[str] = None, @@ -953,11 +953,11 @@ async def update_async( ) -> models.CountedConfigGroup: r"""Update a Worker Group, Outpost Group, or Edge Fleet - Update the specified Worker Group, Outpost Group, or Edge Fleet.

Provide a complete representation of the Group or Fleet that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Group or Fleet.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Group or Fleet might not function as expected.**Warning**: Do not change the values for the following parameters in the body of PATCH requests. The request body must include the values as they appear in the GET /products/{product}/groups/{id} response.
- configVersion
- deployingWorkerCount
- incompatibleWorkerCount
- workerCount
- lookupDeployments. + Update the specified Worker Group, Outpost Group, or Edge Fleet.

Provide a complete representation of the Group or Fleet that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Group or Fleet.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Group or Fleet might not function as expected.

**Warning**: Do not change the values for the following parameters in the body of PATCH requests. The request body must include the values as they appear in the GET /products/{product}/groups/{id} response.
- configVersion
- deployingWorkerCount
- incompatibleWorkerCount
- workerCount
- lookupDeployments. :param product: Name of the Cribl product to get the Worker Groups, Outpost Groups, or Edge Fleets for. :param id_param: The id of the Worker Group, Outpost Group, or Edge Fleet to update. - :param id: + :param id: Unique identifier. :param cloud: :param config_version: Commit hash of the deployed configuration version for the Worker Group, Outpost Group, or Edge Fleet. Automatically populated and returned in responses.

**Warning**: Do not change the value of configVersion in the body of PATCH requests. The PATCH request body must include the value as it appears in the GET /products/{product}/groups/{id} response. :param deploying_worker_count: Number of Workers or Nodes that are currently deploying the latest configuration version.

**Warning**: Do not change the value of deployingWorkerCount in the body of PATCH requests. The PATCH request body must include the value as it appears in the GET /products/{product}/groups/{id} response. @@ -1018,7 +1018,7 @@ async def update_async( name=name, on_prem=on_prem, provisioned=provisioned, - streamtags=streamtags, + streamtags=utils.unmarshal(streamtags, Optional[List[str]]), tags=tags, type=type_, upgrade_version=upgrade_version, @@ -1287,8 +1287,8 @@ def deploy( version: str, lookups: Optional[ Union[ - List[models.DeployRequestLookups], - List[models.DeployRequestLookupsTypedDict], + Iterable[models.DeployRequestLookups], + Iterable[models.DeployRequestLookupsTypedDict], ] ] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, @@ -1400,8 +1400,8 @@ async def deploy_async( version: str, lookups: Optional[ Union[ - List[models.DeployRequestLookups], - List[models.DeployRequestLookupsTypedDict], + Iterable[models.DeployRequestLookups], + Iterable[models.DeployRequestLookupsTypedDict], ] ] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, diff --git a/src/cribl_control_plane/health.py b/src/cribl_control_plane/health.py index af5b01252..39519032a 100644 --- a/src/cribl_control_plane/health.py +++ b/src/cribl_control_plane/health.py @@ -22,7 +22,7 @@ def get( ) -> models.HealthServerStatus: r"""Get the health status of the server - Get the current health status of the server (Leader or Worker Node). In Distributed deployments, requests routed to a Worker or Edge node using the [host context](https://docs.cribl.io/cribl-as-code/api#base-url-group-fleet-host) require a Bearer token for [authentication](https://docs.cribl.io/cribl-as-code/api-auth/). + Get the current health status of the server (Leader or Worker Node). In Distributed deployments, requests routed to a Worker or Edge node using the [host context](https://docs.cribl.io/cribl-as-code/api#base-url-group-fleet-host) require a Bearer token for [authentication](https://docs.cribl.io/cribl-as-code/api-auth/). :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method @@ -112,7 +112,7 @@ async def get_async( ) -> models.HealthServerStatus: r"""Get the health status of the server - Get the current health status of the server (Leader or Worker Node). In Distributed deployments, requests routed to a Worker or Edge node using the [host context](https://docs.cribl.io/cribl-as-code/api#base-url-group-fleet-host) require a Bearer token for [authentication](https://docs.cribl.io/cribl-as-code/api-auth/). + Get the current health status of the server (Leader or Worker Node). In Distributed deployments, requests routed to a Worker or Edge node using the [host context](https://docs.cribl.io/cribl-as-code/api#base-url-group-fleet-host) require a Bearer token for [authentication](https://docs.cribl.io/cribl-as-code/api-auth/). :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method diff --git a/src/cribl_control_plane/hectokens.py b/src/cribl_control_plane/hectokens.py index a08f558ac..9899bdc13 100644 --- a/src/cribl_control_plane/hectokens.py +++ b/src/cribl_control_plane/hectokens.py @@ -6,7 +6,7 @@ from cribl_control_plane.types import OptionalNullable, UNSET from cribl_control_plane.utils import get_security_from_env from cribl_control_plane.utils.unmarshal_json_response import unmarshal_json_response -from typing import Any, List, Mapping, Optional, Union +from typing import Any, Iterable, List, Mapping, Optional, Union class HecTokens(BaseSDK): @@ -15,13 +15,13 @@ def create( *, id: str, token: str, - allowed_indexes_at_token: Optional[List[str]] = None, + allowed_indexes_at_token: Optional[Iterable[str]] = None, description: Optional[str] = None, enabled: Optional[bool] = None, metadata: Optional[ Union[ - List[models.EventBreakerRuleFields], - List[models.EventBreakerRuleFieldsTypedDict], + Iterable[models.EventBreakerRuleFields], + Iterable[models.EventBreakerRuleFieldsTypedDict], ] ] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, @@ -57,7 +57,9 @@ def create( request = models.CreateInputHecTokenByIDRequest( id=id, add_hec_token_request=models.AddHecTokenRequest( - allowed_indexes_at_token=allowed_indexes_at_token, + allowed_indexes_at_token=utils.unmarshal( + allowed_indexes_at_token, Optional[List[str]] + ), description=description, enabled=enabled, metadata=utils.get_pydantic_model( @@ -138,13 +140,13 @@ async def create_async( *, id: str, token: str, - allowed_indexes_at_token: Optional[List[str]] = None, + allowed_indexes_at_token: Optional[Iterable[str]] = None, description: Optional[str] = None, enabled: Optional[bool] = None, metadata: Optional[ Union[ - List[models.EventBreakerRuleFields], - List[models.EventBreakerRuleFieldsTypedDict], + Iterable[models.EventBreakerRuleFields], + Iterable[models.EventBreakerRuleFieldsTypedDict], ] ] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, @@ -180,7 +182,9 @@ async def create_async( request = models.CreateInputHecTokenByIDRequest( id=id, add_hec_token_request=models.AddHecTokenRequest( - allowed_indexes_at_token=allowed_indexes_at_token, + allowed_indexes_at_token=utils.unmarshal( + allowed_indexes_at_token, Optional[List[str]] + ), description=description, enabled=enabled, metadata=utils.get_pydantic_model( @@ -261,13 +265,13 @@ def update( *, id: str, token: str, - allowed_indexes_at_token: Optional[List[str]] = None, + allowed_indexes_at_token: Optional[Iterable[str]] = None, description: Optional[str] = None, enabled: Optional[bool] = None, metadata: Optional[ Union[ - List[models.EventBreakerRuleFields], - List[models.EventBreakerRuleFieldsTypedDict], + Iterable[models.EventBreakerRuleFields], + Iterable[models.EventBreakerRuleFieldsTypedDict], ] ] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, @@ -304,7 +308,9 @@ def update( id=id, token=token, update_hec_token_request=models.UpdateHecTokenRequest( - allowed_indexes_at_token=allowed_indexes_at_token, + allowed_indexes_at_token=utils.unmarshal( + allowed_indexes_at_token, Optional[List[str]] + ), description=description, enabled=enabled, metadata=utils.get_pydantic_model( @@ -384,13 +390,13 @@ async def update_async( *, id: str, token: str, - allowed_indexes_at_token: Optional[List[str]] = None, + allowed_indexes_at_token: Optional[Iterable[str]] = None, description: Optional[str] = None, enabled: Optional[bool] = None, metadata: Optional[ Union[ - List[models.EventBreakerRuleFields], - List[models.EventBreakerRuleFieldsTypedDict], + Iterable[models.EventBreakerRuleFields], + Iterable[models.EventBreakerRuleFieldsTypedDict], ] ] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, @@ -427,7 +433,9 @@ async def update_async( id=id, token=token, update_hec_token_request=models.UpdateHecTokenRequest( - allowed_indexes_at_token=allowed_indexes_at_token, + allowed_indexes_at_token=utils.unmarshal( + allowed_indexes_at_token, Optional[List[str]] + ), description=description, enabled=enabled, metadata=utils.get_pydantic_model( diff --git a/src/cribl_control_plane/models/__init__.py b/src/cribl_control_plane/models/__init__.py index 4cdb68739..d7d8a3bba 100644 --- a/src/cribl_control_plane/models/__init__.py +++ b/src/cribl_control_plane/models/__init__.py @@ -7,6 +7,10 @@ if TYPE_CHECKING: from .acknowledgmentsoptions import AcknowledgmentsOptions from .acknowledgmentsoptionsallleader import AcknowledgmentsOptionsAllLeader + from .activehealthoverlaystatus import ( + ActiveHealthOverlayStatus, + ActiveHealthOverlayStatusTypedDict, + ) from .addconffunctionconfschemaaggregation import ( AddConfFunctionConfSchemaAggregation, AddConfFunctionConfSchemaAggregationTypedDict, @@ -79,10 +83,6 @@ AuthRequestHeaderConfHealthCheckAuthenticationLogin, AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict, ) - from .authrequestheaderconfhealthcheckauthenticationoauth import ( - AuthRequestHeaderConfHealthCheckAuthenticationOauth, - AuthRequestHeaderConfHealthCheckAuthenticationOauthTypedDict, - ) from .authrequestparamconfhealthcheckauthenticationoauth import ( AuthRequestParamConfHealthCheckAuthenticationOauth, AuthRequestParamConfHealthCheckAuthenticationOauthTypedDict, @@ -207,6 +207,7 @@ CollectorSplunkType, CollectorSplunkTypedDict, ) + from .collectortype import CollectorType from .collectrequestparamconfhealthcheckcollectmethodpost import ( CollectRequestParamConfHealthCheckCollectMethodPost, CollectRequestParamConfHealthCheckCollectMethodPostTypedDict, @@ -622,6 +623,8 @@ CreateInputCPUModeSystemMetrics, CreateInputCPUSystemMetrics, CreateInputCPUSystemMetricsTypedDict, + CreateInputCertificate, + CreateInputCertificateTypedDict, CreateInputCheckpointing, CreateInputCheckpointingTypedDict, CreateInputCollectors, @@ -1048,6 +1051,8 @@ CreateInputSystemByPackCPUModeSystemMetrics, CreateInputSystemByPackCPUSystemMetrics, CreateInputSystemByPackCPUSystemMetricsTypedDict, + CreateInputSystemByPackCertificate, + CreateInputSystemByPackCertificateTypedDict, CreateInputSystemByPackCheckpointing, CreateInputSystemByPackCheckpointingTypedDict, CreateInputSystemByPackCollectors, @@ -1217,7 +1222,7 @@ CreateInputSystemHecTokenByPackAndIDRequest, CreateInputSystemHecTokenByPackAndIDRequestTypedDict, ) - from .createoutput_request import ( + from .createoutput_outputwebhook_url_1 import ( CreateOutputAPIVersion, CreateOutputAdditionalProperty, CreateOutputAdditionalPropertyTypedDict, @@ -1235,6 +1240,7 @@ CreateOutputCompression, CreateOutputElasticVersion, CreateOutputEndpointConfiguration, + CreateOutputEndpointGoogleCloudObservability, CreateOutputExtentTag, CreateOutputExtentTagTypedDict, CreateOutputExtraLogType, @@ -1242,6 +1248,7 @@ CreateOutputFacility, CreateOutputFieldName, CreateOutputFormatSentinel, + CreateOutputGoogleAuthenticationMethod, CreateOutputIndexerDiscoveryConfigs, CreateOutputIndexerDiscoveryConfigsTypedDict, CreateOutputIngestIfNotExist, @@ -1251,6 +1258,7 @@ CreateOutputMessageFormat, CreateOutputMetadatum, CreateOutputMetadatumTypedDict, + CreateOutputOtlpVersionGoogleCloudObservability, CreateOutputOutputAzureBlob, CreateOutputOutputAzureBlobTypedDict, CreateOutputOutputAzureDataExplorer, @@ -1263,8 +1271,6 @@ CreateOutputOutputCloudwatchTypedDict, CreateOutputOutputConfluentCloud, CreateOutputOutputConfluentCloudTypedDict, - CreateOutputOutputDefault, - CreateOutputOutputDefaultTypedDict, CreateOutputOutputDevnull, CreateOutputOutputDevnullTypedDict, CreateOutputOutputElastic, @@ -1279,6 +1285,8 @@ CreateOutputOutputGoogleChronicleTypedDict, CreateOutputOutputGoogleCloudLogging, CreateOutputOutputGoogleCloudLoggingTypedDict, + CreateOutputOutputGoogleCloudObservability, + CreateOutputOutputGoogleCloudObservabilityTypedDict, CreateOutputOutputGoogleCloudStorage, CreateOutputOutputGoogleCloudStorageTypedDict, CreateOutputOutputGooglePubsub, @@ -1333,10 +1341,6 @@ CreateOutputOutputWebhookURL1TypedDict, CreateOutputOutputWebhookURL2, CreateOutputOutputWebhookURL2TypedDict, - CreateOutputOutputWebhookUnion, - CreateOutputOutputWebhookUnionTypedDict, - CreateOutputOutputWebhookWebhook1, - CreateOutputOutputWebhookWebhook1TypedDict, CreateOutputOutputWebhookWebhook2, CreateOutputOutputWebhookWebhook2TypedDict, CreateOutputOutputWizHec, @@ -1360,6 +1364,8 @@ CreateOutputPqControlsGoogleChronicleTypedDict, CreateOutputPqControlsGoogleCloudLogging, CreateOutputPqControlsGoogleCloudLoggingTypedDict, + CreateOutputPqControlsGoogleCloudObservability, + CreateOutputPqControlsGoogleCloudObservabilityTypedDict, CreateOutputPqControlsGooglePubsub, CreateOutputPqControlsGooglePubsubTypedDict, CreateOutputPqControlsHoneycomb, @@ -1397,11 +1403,10 @@ CreateOutputPqControlsWizHec, CreateOutputPqControlsWizHecTypedDict, CreateOutputPrefixOptional, + CreateOutputProtocolGoogleCloudObservability, CreateOutputProtocolSyslog, CreateOutputReportLevel, CreateOutputReportMethod, - CreateOutputRequest, - CreateOutputRequestTypedDict, CreateOutputSendEventsAs, CreateOutputSeveritySyslog, CreateOutputTimestampFormat, @@ -1412,7 +1417,6 @@ CreateOutputTypeAzureLogs, CreateOutputTypeCloudwatch, CreateOutputTypeConfluentCloud, - CreateOutputTypeDefault, CreateOutputTypeDevnull, CreateOutputTypeElastic, CreateOutputTypeElasticCloud, @@ -1420,6 +1424,7 @@ CreateOutputTypeFilesystem, CreateOutputTypeGoogleChronicle, CreateOutputTypeGoogleCloudLogging, + CreateOutputTypeGoogleCloudObservability, CreateOutputTypeGoogleCloudStorage, CreateOutputTypeGooglePubsub, CreateOutputTypeHoneycomb, @@ -1447,6 +1452,17 @@ CreateOutputURLSplunkHecTypedDict, CreateOutputWriteAction, ) + from .createoutput_request import ( + CreateOutputOutputDefault, + CreateOutputOutputDefaultTypedDict, + CreateOutputOutputWebhookUnion, + CreateOutputOutputWebhookUnionTypedDict, + CreateOutputOutputWebhookWebhook1, + CreateOutputOutputWebhookWebhook1TypedDict, + CreateOutputRequest, + CreateOutputRequestTypedDict, + CreateOutputTypeDefault, + ) from .createoutput_type_statsd import ( CreateOutputAISIEMEndpointPath, CreateOutputAuthentication, @@ -1467,7 +1483,7 @@ CreateOutputDataFormatSumoLogic, CreateOutputDataSetSite, CreateOutputDatadogSite, - CreateOutputEndpoint, + CreateOutputEndpointDynatraceHTTP, CreateOutputEndpointType, CreateOutputFormatClickHouse, CreateOutputFormatCriblLake, @@ -1479,7 +1495,7 @@ CreateOutputHostSnmpTypedDict, CreateOutputMappingTypeClickHouse, CreateOutputMappingTypeLocalSearchStorage, - CreateOutputOTLPVersion, + CreateOutputOTLPVersionOpenTelemetry, CreateOutputOutputAlibabaCloudS3, CreateOutputOutputAlibabaCloudS3TypedDict, CreateOutputOutputAlphasocS3, @@ -1678,7 +1694,7 @@ CreateOutputURLXsiam, CreateOutputURLXsiamTypedDict, ) - from .createoutputsystembypack_request import ( + from .createoutputsystembypack_outputwebhook_url_1 import ( CreateOutputSystemByPackAPIVersion, CreateOutputSystemByPackAdditionalProperty, CreateOutputSystemByPackAdditionalPropertyTypedDict, @@ -1696,6 +1712,7 @@ CreateOutputSystemByPackCompression, CreateOutputSystemByPackElasticVersion, CreateOutputSystemByPackEndpointConfiguration, + CreateOutputSystemByPackEndpointGoogleCloudObservability, CreateOutputSystemByPackExtentTag, CreateOutputSystemByPackExtentTagTypedDict, CreateOutputSystemByPackExtraLogType, @@ -1703,6 +1720,7 @@ CreateOutputSystemByPackFacility, CreateOutputSystemByPackFieldName, CreateOutputSystemByPackFormatSentinel, + CreateOutputSystemByPackGoogleAuthenticationMethod, CreateOutputSystemByPackIndexerDiscoveryConfigs, CreateOutputSystemByPackIndexerDiscoveryConfigsTypedDict, CreateOutputSystemByPackIngestIfNotExist, @@ -1712,6 +1730,7 @@ CreateOutputSystemByPackMessageFormat, CreateOutputSystemByPackMetadatum, CreateOutputSystemByPackMetadatumTypedDict, + CreateOutputSystemByPackOtlpVersionGoogleCloudObservability, CreateOutputSystemByPackOutputAzureBlob, CreateOutputSystemByPackOutputAzureBlobTypedDict, CreateOutputSystemByPackOutputAzureDataExplorer, @@ -1724,8 +1743,6 @@ CreateOutputSystemByPackOutputCloudwatchTypedDict, CreateOutputSystemByPackOutputConfluentCloud, CreateOutputSystemByPackOutputConfluentCloudTypedDict, - CreateOutputSystemByPackOutputDefault, - CreateOutputSystemByPackOutputDefaultTypedDict, CreateOutputSystemByPackOutputDevnull, CreateOutputSystemByPackOutputDevnullTypedDict, CreateOutputSystemByPackOutputElastic, @@ -1740,6 +1757,8 @@ CreateOutputSystemByPackOutputGoogleChronicleTypedDict, CreateOutputSystemByPackOutputGoogleCloudLogging, CreateOutputSystemByPackOutputGoogleCloudLoggingTypedDict, + CreateOutputSystemByPackOutputGoogleCloudObservability, + CreateOutputSystemByPackOutputGoogleCloudObservabilityTypedDict, CreateOutputSystemByPackOutputGoogleCloudStorage, CreateOutputSystemByPackOutputGoogleCloudStorageTypedDict, CreateOutputSystemByPackOutputGooglePubsub, @@ -1794,10 +1813,6 @@ CreateOutputSystemByPackOutputWebhookURL1TypedDict, CreateOutputSystemByPackOutputWebhookURL2, CreateOutputSystemByPackOutputWebhookURL2TypedDict, - CreateOutputSystemByPackOutputWebhookUnion, - CreateOutputSystemByPackOutputWebhookUnionTypedDict, - CreateOutputSystemByPackOutputWebhookWebhook1, - CreateOutputSystemByPackOutputWebhookWebhook1TypedDict, CreateOutputSystemByPackOutputWebhookWebhook2, CreateOutputSystemByPackOutputWebhookWebhook2TypedDict, CreateOutputSystemByPackOutputWizHec, @@ -1821,6 +1836,8 @@ CreateOutputSystemByPackPqControlsGoogleChronicleTypedDict, CreateOutputSystemByPackPqControlsGoogleCloudLogging, CreateOutputSystemByPackPqControlsGoogleCloudLoggingTypedDict, + CreateOutputSystemByPackPqControlsGoogleCloudObservability, + CreateOutputSystemByPackPqControlsGoogleCloudObservabilityTypedDict, CreateOutputSystemByPackPqControlsGooglePubsub, CreateOutputSystemByPackPqControlsGooglePubsubTypedDict, CreateOutputSystemByPackPqControlsHoneycomb, @@ -1858,13 +1875,10 @@ CreateOutputSystemByPackPqControlsWizHec, CreateOutputSystemByPackPqControlsWizHecTypedDict, CreateOutputSystemByPackPrefixOptional, + CreateOutputSystemByPackProtocolGoogleCloudObservability, CreateOutputSystemByPackProtocolSyslog, CreateOutputSystemByPackReportLevel, CreateOutputSystemByPackReportMethod, - CreateOutputSystemByPackRequest, - CreateOutputSystemByPackRequestBody, - CreateOutputSystemByPackRequestBodyTypedDict, - CreateOutputSystemByPackRequestTypedDict, CreateOutputSystemByPackSendEventsAs, CreateOutputSystemByPackSeveritySyslog, CreateOutputSystemByPackTimestampFormat, @@ -1875,7 +1889,6 @@ CreateOutputSystemByPackTypeAzureLogs, CreateOutputSystemByPackTypeCloudwatch, CreateOutputSystemByPackTypeConfluentCloud, - CreateOutputSystemByPackTypeDefault, CreateOutputSystemByPackTypeDevnull, CreateOutputSystemByPackTypeElastic, CreateOutputSystemByPackTypeElasticCloud, @@ -1883,6 +1896,7 @@ CreateOutputSystemByPackTypeFilesystem, CreateOutputSystemByPackTypeGoogleChronicle, CreateOutputSystemByPackTypeGoogleCloudLogging, + CreateOutputSystemByPackTypeGoogleCloudObservability, CreateOutputSystemByPackTypeGoogleCloudStorage, CreateOutputSystemByPackTypeGooglePubsub, CreateOutputSystemByPackTypeHoneycomb, @@ -1910,6 +1924,19 @@ CreateOutputSystemByPackURLSplunkHecTypedDict, CreateOutputSystemByPackWriteAction, ) + from .createoutputsystembypack_request import ( + CreateOutputSystemByPackOutputDefault, + CreateOutputSystemByPackOutputDefaultTypedDict, + CreateOutputSystemByPackOutputWebhookUnion, + CreateOutputSystemByPackOutputWebhookUnionTypedDict, + CreateOutputSystemByPackOutputWebhookWebhook1, + CreateOutputSystemByPackOutputWebhookWebhook1TypedDict, + CreateOutputSystemByPackRequest, + CreateOutputSystemByPackRequestBody, + CreateOutputSystemByPackRequestBodyTypedDict, + CreateOutputSystemByPackRequestTypedDict, + CreateOutputSystemByPackTypeDefault, + ) from .createoutputsystembypack_type_statsd import ( CreateOutputSystemByPackAISIEMEndpointPath, CreateOutputSystemByPackAuthentication, @@ -1930,7 +1957,7 @@ CreateOutputSystemByPackDataFormatSumoLogic, CreateOutputSystemByPackDataSetSite, CreateOutputSystemByPackDatadogSite, - CreateOutputSystemByPackEndpoint, + CreateOutputSystemByPackEndpointDynatraceHTTP, CreateOutputSystemByPackEndpointType, CreateOutputSystemByPackFormatClickHouse, CreateOutputSystemByPackFormatCriblLake, @@ -1942,7 +1969,7 @@ CreateOutputSystemByPackHostSnmpTypedDict, CreateOutputSystemByPackMappingTypeClickHouse, CreateOutputSystemByPackMappingTypeLocalSearchStorage, - CreateOutputSystemByPackOTLPVersion, + CreateOutputSystemByPackOTLPVersionOpenTelemetry, CreateOutputSystemByPackOutputAlibabaCloudS3, CreateOutputSystemByPackOutputAlibabaCloudS3TypedDict, CreateOutputSystemByPackOutputAlphasocS3, @@ -2818,6 +2845,7 @@ GetCriblLakeDatasetByLakeIDAndIDRequestTypedDict, ) from .getcribllakedatasetbylakeidop import ( + GetCriblLakeDatasetByLakeIDFormat, GetCriblLakeDatasetByLakeIDRequest, GetCriblLakeDatasetByLakeIDRequestTypedDict, ) @@ -2825,6 +2853,10 @@ GetDatabaseConnectionConfigByIDRequest, GetDatabaseConnectionConfigByIDRequestTypedDict, ) + from .getdatabaseconnectionconfigop import ( + GetDatabaseConnectionConfigRequest, + GetDatabaseConnectionConfigRequestTypedDict, + ) from .getfunctionsbyidop import ( GetFunctionsByIDRequest, GetFunctionsByIDRequestTypedDict, @@ -3428,6 +3460,11 @@ UnknownHealthCheckCollectorConf, ) from .healthcounttype import HealthCountType, HealthCountTypeTypedDict + from .healthoverlaystatus import ( + HealthOverlayStatus, + HealthOverlayStatusTypedDict, + UnknownHealthOverlayStatus, + ) from .healthserverstatus import ( HealthServerStatus, HealthServerStatusStatus, @@ -3447,6 +3484,10 @@ HostOsTypeHeartbeatMetadata, HostOsTypeHeartbeatMetadataTypedDict, ) + from .httpdiscoveryheaderconfinputprometheus import ( + HTTPDiscoveryHeaderConfInputPrometheus, + HTTPDiscoveryHeaderConfInputPrometheusTypedDict, + ) from .input import Input, InputTypedDict from .inputanthropiccompliance_input import ( InputAnthropicComplianceContentConfig, @@ -3589,6 +3630,8 @@ InputEventhubAmqpAuthenticationMethod, InputEventhubAmqpAzureBlobStorage, InputEventhubAmqpAzureBlobStorageTypedDict, + InputEventhubAmqpCertificate, + InputEventhubAmqpCertificateTypedDict, InputEventhubAmqpCheckpointing, InputEventhubAmqpCheckpointingTypedDict, InputEventhubAmqpInput, @@ -3796,6 +3839,8 @@ InputResponseCPUModeSystemMetrics, InputResponseCPUSystemMetrics, InputResponseCPUSystemMetricsTypedDict, + InputResponseCertificate, + InputResponseCertificateTypedDict, InputResponseCheckpointing, InputResponseCheckpointingTypedDict, InputResponseCollectors, @@ -4482,6 +4527,10 @@ from .modeoptionshost import ModeOptionsHost from .modeoptionspq import ModeOptionsPq from .nestedfieldserializationoptions import NestedFieldSerializationOptions + from .noactivehealthoverlaystatus import ( + NoActiveHealthOverlayStatus, + NoActiveHealthOverlayStatusTypedDict, + ) from .nodeactiveupgradestatus import NodeActiveUpgradeStatus from .nodefailedupgradestatus import NodeFailedUpgradeStatus from .nodeprovidedinfo import ( @@ -4794,6 +4843,17 @@ OutputGoogleCloudLoggingType, OutputGoogleCloudLoggingTypedDict, ) + from .outputgooglecloudobservability import ( + OutputGoogleCloudObservability, + OutputGoogleCloudObservabilityEndpoint, + OutputGoogleCloudObservabilityGoogleAuthenticationMethod, + OutputGoogleCloudObservabilityOtlpVersion, + OutputGoogleCloudObservabilityPqControls, + OutputGoogleCloudObservabilityPqControlsTypedDict, + OutputGoogleCloudObservabilityProtocol, + OutputGoogleCloudObservabilityType, + OutputGoogleCloudObservabilityTypedDict, + ) from .outputgooglecloudstorage import ( OutputGoogleCloudStorage, OutputGoogleCloudStorageAuthenticationMethod, @@ -4953,6 +5013,17 @@ ) from .outputresponse import ( OutputResponse, + OutputResponseOutputDefault, + OutputResponseOutputDefaultTypedDict, + OutputResponseOutputWebhookUnion, + OutputResponseOutputWebhookUnionTypedDict, + OutputResponseOutputWebhookWebhook1, + OutputResponseOutputWebhookWebhook1TypedDict, + OutputResponseTypeDefault, + OutputResponseTypedDict, + UnknownOutputResponse, + ) + from .outputresponse_outputwebhook_url_1 import ( OutputResponseAPIVersion, OutputResponseAdditionalProperty, OutputResponseAdditionalPropertyTypedDict, @@ -4970,6 +5041,7 @@ OutputResponseCompression, OutputResponseElasticVersion, OutputResponseEndpointConfiguration, + OutputResponseEndpointGoogleCloudObservability, OutputResponseExtentTag, OutputResponseExtentTagTypedDict, OutputResponseExtraLogType, @@ -4977,6 +5049,7 @@ OutputResponseFacility, OutputResponseFieldName, OutputResponseFormatSentinel, + OutputResponseGoogleAuthenticationMethod, OutputResponseIndexerDiscoveryConfigs, OutputResponseIndexerDiscoveryConfigsTypedDict, OutputResponseIngestIfNotExist, @@ -4986,6 +5059,7 @@ OutputResponseMessageFormat, OutputResponseMetadatum, OutputResponseMetadatumTypedDict, + OutputResponseOtlpVersionGoogleCloudObservability, OutputResponseOutputAzureBlob, OutputResponseOutputAzureBlobTypedDict, OutputResponseOutputAzureDataExplorer, @@ -4998,8 +5072,6 @@ OutputResponseOutputCloudwatchTypedDict, OutputResponseOutputConfluentCloud, OutputResponseOutputConfluentCloudTypedDict, - OutputResponseOutputDefault, - OutputResponseOutputDefaultTypedDict, OutputResponseOutputDevnull, OutputResponseOutputDevnullTypedDict, OutputResponseOutputElastic, @@ -5014,6 +5086,8 @@ OutputResponseOutputGoogleChronicleTypedDict, OutputResponseOutputGoogleCloudLogging, OutputResponseOutputGoogleCloudLoggingTypedDict, + OutputResponseOutputGoogleCloudObservability, + OutputResponseOutputGoogleCloudObservabilityTypedDict, OutputResponseOutputGoogleCloudStorage, OutputResponseOutputGoogleCloudStorageTypedDict, OutputResponseOutputGooglePubsub, @@ -5068,10 +5142,6 @@ OutputResponseOutputWebhookURL1TypedDict, OutputResponseOutputWebhookURL2, OutputResponseOutputWebhookURL2TypedDict, - OutputResponseOutputWebhookUnion, - OutputResponseOutputWebhookUnionTypedDict, - OutputResponseOutputWebhookWebhook1, - OutputResponseOutputWebhookWebhook1TypedDict, OutputResponseOutputWebhookWebhook2, OutputResponseOutputWebhookWebhook2TypedDict, OutputResponseOutputWizHec, @@ -5095,6 +5165,8 @@ OutputResponsePqControlsGoogleChronicleTypedDict, OutputResponsePqControlsGoogleCloudLogging, OutputResponsePqControlsGoogleCloudLoggingTypedDict, + OutputResponsePqControlsGoogleCloudObservability, + OutputResponsePqControlsGoogleCloudObservabilityTypedDict, OutputResponsePqControlsGooglePubsub, OutputResponsePqControlsGooglePubsubTypedDict, OutputResponsePqControlsHoneycomb, @@ -5132,6 +5204,7 @@ OutputResponsePqControlsWizHec, OutputResponsePqControlsWizHecTypedDict, OutputResponsePrefixOptional, + OutputResponseProtocolGoogleCloudObservability, OutputResponseProtocolSyslog, OutputResponseReportLevel, OutputResponseReportMethod, @@ -5145,7 +5218,6 @@ OutputResponseTypeAzureLogs, OutputResponseTypeCloudwatch, OutputResponseTypeConfluentCloud, - OutputResponseTypeDefault, OutputResponseTypeDevnull, OutputResponseTypeElastic, OutputResponseTypeElasticCloud, @@ -5153,6 +5225,7 @@ OutputResponseTypeFilesystem, OutputResponseTypeGoogleChronicle, OutputResponseTypeGoogleCloudLogging, + OutputResponseTypeGoogleCloudObservability, OutputResponseTypeGoogleCloudStorage, OutputResponseTypeGooglePubsub, OutputResponseTypeHoneycomb, @@ -5173,14 +5246,12 @@ OutputResponseTypeTcpjson, OutputResponseTypeWavefront, OutputResponseTypeWizHec, - OutputResponseTypedDict, OutputResponseUDMType, OutputResponseURLElastic, OutputResponseURLElasticTypedDict, OutputResponseURLSplunkHec, OutputResponseURLSplunkHecTypedDict, OutputResponseWriteAction, - UnknownOutputResponse, ) from .outputresponse_type_statsd import ( OutputResponseAISIEMEndpointPath, @@ -5202,7 +5273,7 @@ OutputResponseDataFormatSumoLogic, OutputResponseDataSetSite, OutputResponseDatadogSite, - OutputResponseEndpoint, + OutputResponseEndpointDynatraceHTTP, OutputResponseEndpointType, OutputResponseFormatClickHouse, OutputResponseFormatCriblLake, @@ -5214,7 +5285,7 @@ OutputResponseHostSnmpTypedDict, OutputResponseMappingTypeClickHouse, OutputResponseMappingTypeLocalSearchStorage, - OutputResponseOTLPVersion, + OutputResponseOTLPVersionOpenTelemetry, OutputResponseOutputAlibabaCloudS3, OutputResponseOutputAlibabaCloudS3TypedDict, OutputResponseOutputAlphasocS3, @@ -6045,16 +6116,12 @@ RedisDeploymentTypeClusterCommand, RedisDeploymentTypeClusterCommandTypedDict, RedisDeploymentTypeClusterDeploymentType, - RedisDeploymentTypeClusterRootNode, - RedisDeploymentTypeClusterRootNodeTypedDict, RedisDeploymentTypeClusterTypedDict, RedisDeploymentTypeSentinel, RedisDeploymentTypeSentinelAuthenticationMethod, RedisDeploymentTypeSentinelCommand, RedisDeploymentTypeSentinelCommandTypedDict, RedisDeploymentTypeSentinelDeploymentType, - RedisDeploymentTypeSentinelRootNode, - RedisDeploymentTypeSentinelRootNodeTypedDict, RedisDeploymentTypeSentinelTypedDict, RedisDeploymentTypeStandalone, RedisDeploymentTypeStandaloneAuthenticationMethod, @@ -6269,10 +6336,6 @@ ) from .regionoptions import RegionOptions from .requestformatoptions import RequestFormatOptions - from .requestparamconfinputopenai import ( - RequestParamConfInputOpenai, - RequestParamConfInputOpenaiTypedDict, - ) from .resourcepolicy import ResourcePolicy, ResourcePolicyTypedDict from .responseretrysettingconfoutputwebhook import ( ResponseRetrySettingConfOutputWebhook, @@ -7220,6 +7283,10 @@ RollbackSettingsUnion, RollbackSettingsUnionTypedDict, ) + from .rootnodeconfredisdeploymenttypecluster import ( + RootNodeConfRedisDeploymentTypeCluster, + RootNodeConfRedisDeploymentTypeClusterTypedDict, + ) from .routecomment import RouteComment, RouteCommentTypedDict from .routeconf import RouteConf, RouteConfTypedDict from .routeconfinput import RouteConfInput, RouteConfInputTypedDict @@ -7663,6 +7730,8 @@ "APITypeSystemSettingsConfTypedDict", "AcknowledgmentsOptions", "AcknowledgmentsOptionsAllLeader", + "ActiveHealthOverlayStatus", + "ActiveHealthOverlayStatusTypedDict", "AddConfFunctionConfSchemaAggregation", "AddConfFunctionConfSchemaAggregationTypedDict", "AddHecTokenRequest", @@ -7687,8 +7756,6 @@ "AuditTypedDict", "AuthRequestHeaderConfHealthCheckAuthenticationLogin", "AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict", - "AuthRequestHeaderConfHealthCheckAuthenticationOauth", - "AuthRequestHeaderConfHealthCheckAuthenticationOauthTypedDict", "AuthRequestParamConfHealthCheckAuthenticationOauth", "AuthRequestParamConfHealthCheckAuthenticationOauthTypedDict", "AuthToken", @@ -7814,6 +7881,7 @@ "CollectorSplunk", "CollectorSplunkType", "CollectorSplunkTypedDict", + "CollectorType", "CollectorTypedDict", "Commit", "CommitTypedDict", @@ -7971,6 +8039,8 @@ "CreateInputCPUSystemMetricsTypedDict", "CreateInputCPUWindowsMetrics", "CreateInputCPUWindowsMetricsTypedDict", + "CreateInputCertificate", + "CreateInputCertificateTypedDict", "CreateInputCheckpointing", "CreateInputCheckpointingTypedDict", "CreateInputCollectors", @@ -8312,6 +8382,8 @@ "CreateInputSystemByPackCPUSystemMetricsTypedDict", "CreateInputSystemByPackCPUWindowsMetrics", "CreateInputSystemByPackCPUWindowsMetricsTypedDict", + "CreateInputSystemByPackCertificate", + "CreateInputSystemByPackCertificateTypedDict", "CreateInputSystemByPackCheckpointing", "CreateInputSystemByPackCheckpointingTypedDict", "CreateInputSystemByPackCollectors", @@ -8809,8 +8881,9 @@ "CreateOutputDataSetSite", "CreateOutputDatadogSite", "CreateOutputElasticVersion", - "CreateOutputEndpoint", "CreateOutputEndpointConfiguration", + "CreateOutputEndpointDynatraceHTTP", + "CreateOutputEndpointGoogleCloudObservability", "CreateOutputEndpointType", "CreateOutputExtentTag", "CreateOutputExtentTagTypedDict", @@ -8823,6 +8896,7 @@ "CreateOutputFormatDynatraceHTTP", "CreateOutputFormatLocalSearchStorage", "CreateOutputFormatSentinel", + "CreateOutputGoogleAuthenticationMethod", "CreateOutputHostNetflow", "CreateOutputHostNetflowTypedDict", "CreateOutputHostSnmp", @@ -8838,7 +8912,8 @@ "CreateOutputMessageFormat", "CreateOutputMetadatum", "CreateOutputMetadatumTypedDict", - "CreateOutputOTLPVersion", + "CreateOutputOTLPVersionOpenTelemetry", + "CreateOutputOtlpVersionGoogleCloudObservability", "CreateOutputOutputAlibabaCloudS3", "CreateOutputOutputAlibabaCloudS3TypedDict", "CreateOutputOutputAlphasocS3", @@ -8905,6 +8980,8 @@ "CreateOutputOutputGoogleChronicleTypedDict", "CreateOutputOutputGoogleCloudLogging", "CreateOutputOutputGoogleCloudLoggingTypedDict", + "CreateOutputOutputGoogleCloudObservability", + "CreateOutputOutputGoogleCloudObservabilityTypedDict", "CreateOutputOutputGoogleCloudStorage", "CreateOutputOutputGoogleCloudStorageTypedDict", "CreateOutputOutputGooglePubsub", @@ -9062,6 +9139,8 @@ "CreateOutputPqControlsGoogleChronicleTypedDict", "CreateOutputPqControlsGoogleCloudLogging", "CreateOutputPqControlsGoogleCloudLoggingTypedDict", + "CreateOutputPqControlsGoogleCloudObservability", + "CreateOutputPqControlsGoogleCloudObservabilityTypedDict", "CreateOutputPqControlsGooglePubsub", "CreateOutputPqControlsGooglePubsubTypedDict", "CreateOutputPqControlsGraphite", @@ -9128,6 +9207,7 @@ "CreateOutputPqControlsXsiamTypedDict", "CreateOutputPrefixOptional", "CreateOutputProtocolDynatraceOtlp", + "CreateOutputProtocolGoogleCloudObservability", "CreateOutputProtocolSyslog", "CreateOutputQueueType", "CreateOutputRegion", @@ -9179,8 +9259,9 @@ "CreateOutputSystemByPackDataSetSite", "CreateOutputSystemByPackDatadogSite", "CreateOutputSystemByPackElasticVersion", - "CreateOutputSystemByPackEndpoint", "CreateOutputSystemByPackEndpointConfiguration", + "CreateOutputSystemByPackEndpointDynatraceHTTP", + "CreateOutputSystemByPackEndpointGoogleCloudObservability", "CreateOutputSystemByPackEndpointType", "CreateOutputSystemByPackExtentTag", "CreateOutputSystemByPackExtentTagTypedDict", @@ -9193,6 +9274,7 @@ "CreateOutputSystemByPackFormatDynatraceHTTP", "CreateOutputSystemByPackFormatLocalSearchStorage", "CreateOutputSystemByPackFormatSentinel", + "CreateOutputSystemByPackGoogleAuthenticationMethod", "CreateOutputSystemByPackHostNetflow", "CreateOutputSystemByPackHostNetflowTypedDict", "CreateOutputSystemByPackHostSnmp", @@ -9208,7 +9290,8 @@ "CreateOutputSystemByPackMessageFormat", "CreateOutputSystemByPackMetadatum", "CreateOutputSystemByPackMetadatumTypedDict", - "CreateOutputSystemByPackOTLPVersion", + "CreateOutputSystemByPackOTLPVersionOpenTelemetry", + "CreateOutputSystemByPackOtlpVersionGoogleCloudObservability", "CreateOutputSystemByPackOutputAlibabaCloudS3", "CreateOutputSystemByPackOutputAlibabaCloudS3TypedDict", "CreateOutputSystemByPackOutputAlphasocS3", @@ -9275,6 +9358,8 @@ "CreateOutputSystemByPackOutputGoogleChronicleTypedDict", "CreateOutputSystemByPackOutputGoogleCloudLogging", "CreateOutputSystemByPackOutputGoogleCloudLoggingTypedDict", + "CreateOutputSystemByPackOutputGoogleCloudObservability", + "CreateOutputSystemByPackOutputGoogleCloudObservabilityTypedDict", "CreateOutputSystemByPackOutputGoogleCloudStorage", "CreateOutputSystemByPackOutputGoogleCloudStorageTypedDict", "CreateOutputSystemByPackOutputGooglePubsub", @@ -9432,6 +9517,8 @@ "CreateOutputSystemByPackPqControlsGoogleChronicleTypedDict", "CreateOutputSystemByPackPqControlsGoogleCloudLogging", "CreateOutputSystemByPackPqControlsGoogleCloudLoggingTypedDict", + "CreateOutputSystemByPackPqControlsGoogleCloudObservability", + "CreateOutputSystemByPackPqControlsGoogleCloudObservabilityTypedDict", "CreateOutputSystemByPackPqControlsGooglePubsub", "CreateOutputSystemByPackPqControlsGooglePubsubTypedDict", "CreateOutputSystemByPackPqControlsGraphite", @@ -9498,6 +9585,7 @@ "CreateOutputSystemByPackPqControlsXsiamTypedDict", "CreateOutputSystemByPackPrefixOptional", "CreateOutputSystemByPackProtocolDynatraceOtlp", + "CreateOutputSystemByPackProtocolGoogleCloudObservability", "CreateOutputSystemByPackProtocolSyslog", "CreateOutputSystemByPackQueueType", "CreateOutputSystemByPackRegion", @@ -9552,6 +9640,7 @@ "CreateOutputSystemByPackTypeFilesystem", "CreateOutputSystemByPackTypeGoogleChronicle", "CreateOutputSystemByPackTypeGoogleCloudLogging", + "CreateOutputSystemByPackTypeGoogleCloudObservability", "CreateOutputSystemByPackTypeGoogleCloudStorage", "CreateOutputSystemByPackTypeGooglePubsub", "CreateOutputSystemByPackTypeGraphite", @@ -9643,6 +9732,7 @@ "CreateOutputTypeFilesystem", "CreateOutputTypeGoogleChronicle", "CreateOutputTypeGoogleCloudLogging", + "CreateOutputTypeGoogleCloudObservability", "CreateOutputTypeGoogleCloudStorage", "CreateOutputTypeGooglePubsub", "CreateOutputTypeGraphite", @@ -10157,10 +10247,13 @@ "GetConfigGroupConfigVersionByProductAndIDRequestTypedDict", "GetCriblLakeDatasetByLakeIDAndIDRequest", "GetCriblLakeDatasetByLakeIDAndIDRequestTypedDict", + "GetCriblLakeDatasetByLakeIDFormat", "GetCriblLakeDatasetByLakeIDRequest", "GetCriblLakeDatasetByLakeIDRequestTypedDict", "GetDatabaseConnectionConfigByIDRequest", "GetDatabaseConnectionConfigByIDRequestTypedDict", + "GetDatabaseConnectionConfigRequest", + "GetDatabaseConnectionConfigRequestTypedDict", "GetFunctionsByIDRequest", "GetFunctionsByIDRequestTypedDict", "GetInputByIDRequest", @@ -10305,6 +10398,8 @@ "HBCriblInfoTypedDict", "HBLeaderInfo", "HBLeaderInfoTypedDict", + "HTTPDiscoveryHeaderConfInputPrometheus", + "HTTPDiscoveryHeaderConfInputPrometheusTypedDict", "Header", "HeaderInput", "HeaderInputTypedDict", @@ -10675,6 +10770,8 @@ "HealthCheckCollectorConfTypedDict", "HealthCountType", "HealthCountTypeTypedDict", + "HealthOverlayStatus", + "HealthOverlayStatusTypedDict", "HealthServerStatus", "HealthServerStatusStatus", "HealthServerStatusTypedDict", @@ -10787,6 +10884,8 @@ "InputEventhubAmqpAuthenticationMethod", "InputEventhubAmqpAzureBlobStorage", "InputEventhubAmqpAzureBlobStorageTypedDict", + "InputEventhubAmqpCertificate", + "InputEventhubAmqpCertificateTypedDict", "InputEventhubAmqpCheckpointing", "InputEventhubAmqpCheckpointingTypedDict", "InputEventhubAmqpInput", @@ -10961,6 +11060,8 @@ "InputResponseCPUSystemMetricsTypedDict", "InputResponseCPUWindowsMetrics", "InputResponseCPUWindowsMetricsTypedDict", + "InputResponseCertificate", + "InputResponseCertificateTypedDict", "InputResponseCheckpointing", "InputResponseCheckpointingTypedDict", "InputResponseCollectors", @@ -11587,6 +11688,8 @@ "ModeOptionsHost", "ModeOptionsPq", "NestedFieldSerializationOptions", + "NoActiveHealthOverlayStatus", + "NoActiveHealthOverlayStatusTypedDict", "NodeActiveUpgradeStatus", "NodeFailedUpgradeStatus", "NodeProvidedInfo", @@ -11832,6 +11935,15 @@ "OutputGoogleCloudLoggingPqControlsTypedDict", "OutputGoogleCloudLoggingType", "OutputGoogleCloudLoggingTypedDict", + "OutputGoogleCloudObservability", + "OutputGoogleCloudObservabilityEndpoint", + "OutputGoogleCloudObservabilityGoogleAuthenticationMethod", + "OutputGoogleCloudObservabilityOtlpVersion", + "OutputGoogleCloudObservabilityPqControls", + "OutputGoogleCloudObservabilityPqControlsTypedDict", + "OutputGoogleCloudObservabilityProtocol", + "OutputGoogleCloudObservabilityType", + "OutputGoogleCloudObservabilityTypedDict", "OutputGoogleCloudStorage", "OutputGoogleCloudStorageAuthenticationMethod", "OutputGoogleCloudStorageType", @@ -11987,8 +12099,9 @@ "OutputResponseDataSetSite", "OutputResponseDatadogSite", "OutputResponseElasticVersion", - "OutputResponseEndpoint", "OutputResponseEndpointConfiguration", + "OutputResponseEndpointDynatraceHTTP", + "OutputResponseEndpointGoogleCloudObservability", "OutputResponseEndpointType", "OutputResponseExtentTag", "OutputResponseExtentTagTypedDict", @@ -12001,6 +12114,7 @@ "OutputResponseFormatDynatraceHTTP", "OutputResponseFormatLocalSearchStorage", "OutputResponseFormatSentinel", + "OutputResponseGoogleAuthenticationMethod", "OutputResponseHostNetflow", "OutputResponseHostNetflowTypedDict", "OutputResponseHostSnmp", @@ -12016,7 +12130,8 @@ "OutputResponseMessageFormat", "OutputResponseMetadatum", "OutputResponseMetadatumTypedDict", - "OutputResponseOTLPVersion", + "OutputResponseOTLPVersionOpenTelemetry", + "OutputResponseOtlpVersionGoogleCloudObservability", "OutputResponseOutputAlibabaCloudS3", "OutputResponseOutputAlibabaCloudS3TypedDict", "OutputResponseOutputAlphasocS3", @@ -12083,6 +12198,8 @@ "OutputResponseOutputGoogleChronicleTypedDict", "OutputResponseOutputGoogleCloudLogging", "OutputResponseOutputGoogleCloudLoggingTypedDict", + "OutputResponseOutputGoogleCloudObservability", + "OutputResponseOutputGoogleCloudObservabilityTypedDict", "OutputResponseOutputGoogleCloudStorage", "OutputResponseOutputGoogleCloudStorageTypedDict", "OutputResponseOutputGooglePubsub", @@ -12240,6 +12357,8 @@ "OutputResponsePqControlsGoogleChronicleTypedDict", "OutputResponsePqControlsGoogleCloudLogging", "OutputResponsePqControlsGoogleCloudLoggingTypedDict", + "OutputResponsePqControlsGoogleCloudObservability", + "OutputResponsePqControlsGoogleCloudObservabilityTypedDict", "OutputResponsePqControlsGooglePubsub", "OutputResponsePqControlsGooglePubsubTypedDict", "OutputResponsePqControlsGraphite", @@ -12306,6 +12425,7 @@ "OutputResponsePqControlsXsiamTypedDict", "OutputResponsePrefixOptional", "OutputResponseProtocolDynatraceOtlp", + "OutputResponseProtocolGoogleCloudObservability", "OutputResponseProtocolSyslog", "OutputResponseQueueType", "OutputResponseRegion", @@ -12356,6 +12476,7 @@ "OutputResponseTypeFilesystem", "OutputResponseTypeGoogleChronicle", "OutputResponseTypeGoogleCloudLogging", + "OutputResponseTypeGoogleCloudObservability", "OutputResponseTypeGoogleCloudStorage", "OutputResponseTypeGooglePubsub", "OutputResponseTypeGraphite", @@ -12934,16 +13055,12 @@ "RedisDeploymentTypeClusterCommand", "RedisDeploymentTypeClusterCommandTypedDict", "RedisDeploymentTypeClusterDeploymentType", - "RedisDeploymentTypeClusterRootNode", - "RedisDeploymentTypeClusterRootNodeTypedDict", "RedisDeploymentTypeClusterTypedDict", "RedisDeploymentTypeSentinel", "RedisDeploymentTypeSentinelAuthenticationMethod", "RedisDeploymentTypeSentinelCommand", "RedisDeploymentTypeSentinelCommandTypedDict", "RedisDeploymentTypeSentinelDeploymentType", - "RedisDeploymentTypeSentinelRootNode", - "RedisDeploymentTypeSentinelRootNodeTypedDict", "RedisDeploymentTypeSentinelTypedDict", "RedisDeploymentTypeStandalone", "RedisDeploymentTypeStandaloneAuthenticationMethod", @@ -12964,8 +13081,6 @@ "Renamed", "RenamedTypedDict", "RequestFormatOptions", - "RequestParamConfInputOpenai", - "RequestParamConfInputOpenaiTypedDict", "ResourcePolicy", "ResourcePolicyTypedDict", "ResourceRecordType", @@ -13862,6 +13977,8 @@ "RollbackSettingsTypedDict", "RollbackSettingsUnion", "RollbackSettingsUnionTypedDict", + "RootNodeConfRedisDeploymentTypeCluster", + "RootNodeConfRedisDeploymentTypeClusterTypedDict", "RouteComment", "RouteCommentTypedDict", "RouteConf", @@ -14227,6 +14344,7 @@ "UnknownHealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeHTTP", "UnknownHealthCheckCollectMethodPostWithBodyRetryRules", "UnknownHealthCheckCollectorConf", + "UnknownHealthOverlayStatus", "UnknownInputResponse", "UnknownOutputResponse", "UnknownPaginationTypeRestDiscoveryDiscoverTypeHTTP", @@ -14365,6 +14483,8 @@ _dynamic_imports: dict[str, str] = { "AcknowledgmentsOptions": ".acknowledgmentsoptions", "AcknowledgmentsOptionsAllLeader": ".acknowledgmentsoptionsallleader", + "ActiveHealthOverlayStatus": ".activehealthoverlaystatus", + "ActiveHealthOverlayStatusTypedDict": ".activehealthoverlaystatus", "AddConfFunctionConfSchemaAggregation": ".addconffunctionconfschemaaggregation", "AddConfFunctionConfSchemaAggregationTypedDict": ".addconffunctionconfschemaaggregation", "AddHecTokenRequest": ".addhectokenrequest", @@ -14406,8 +14526,6 @@ "AuthenticationTypeUseTypedDict": ".authenticationtypeuse", "AuthRequestHeaderConfHealthCheckAuthenticationLogin": ".authrequestheaderconfhealthcheckauthenticationlogin", "AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict": ".authrequestheaderconfhealthcheckauthenticationlogin", - "AuthRequestHeaderConfHealthCheckAuthenticationOauth": ".authrequestheaderconfhealthcheckauthenticationoauth", - "AuthRequestHeaderConfHealthCheckAuthenticationOauthTypedDict": ".authrequestheaderconfhealthcheckauthenticationoauth", "AuthRequestParamConfHealthCheckAuthenticationOauth": ".authrequestparamconfhealthcheckauthenticationoauth", "AuthRequestParamConfHealthCheckAuthenticationOauthTypedDict": ".authrequestparamconfhealthcheckauthenticationoauth", "AuthToken": ".authtoken", @@ -14505,6 +14623,7 @@ "CollectorSplunk": ".collectorsplunk", "CollectorSplunkType": ".collectorsplunk", "CollectorSplunkTypedDict": ".collectorsplunk", + "CollectorType": ".collectortype", "CollectRequestParamConfHealthCheckCollectMethodPost": ".collectrequestparamconfhealthcheckcollectmethodpost", "CollectRequestParamConfHealthCheckCollectMethodPostTypedDict": ".collectrequestparamconfhealthcheckcollectmethodpost", "CollectRequestParamConfRestCollectMethodGet": ".collectrequestparamconfrestcollectmethodget", @@ -14871,6 +14990,8 @@ "CreateInputCPUModeSystemMetrics": ".createinput_request", "CreateInputCPUSystemMetrics": ".createinput_request", "CreateInputCPUSystemMetricsTypedDict": ".createinput_request", + "CreateInputCertificate": ".createinput_request", + "CreateInputCertificateTypedDict": ".createinput_request", "CreateInputCheckpointing": ".createinput_request", "CreateInputCheckpointingTypedDict": ".createinput_request", "CreateInputCollectors": ".createinput_request", @@ -15291,6 +15412,8 @@ "CreateInputSystemByPackCPUModeSystemMetrics": ".createinputsystembypack_request", "CreateInputSystemByPackCPUSystemMetrics": ".createinputsystembypack_request", "CreateInputSystemByPackCPUSystemMetricsTypedDict": ".createinputsystembypack_request", + "CreateInputSystemByPackCertificate": ".createinputsystembypack_request", + "CreateInputSystemByPackCertificateTypedDict": ".createinputsystembypack_request", "CreateInputSystemByPackCheckpointing": ".createinputsystembypack_request", "CreateInputSystemByPackCheckpointingTypedDict": ".createinputsystembypack_request", "CreateInputSystemByPackCollectors": ".createinputsystembypack_request", @@ -15457,234 +15580,243 @@ "CreateInputSystemByPackTypeTcpjson": ".createinputsystembypack_request", "CreateInputSystemHecTokenByPackAndIDRequest": ".createinputsystemhectokenbypackandidop", "CreateInputSystemHecTokenByPackAndIDRequestTypedDict": ".createinputsystemhectokenbypackandidop", - "CreateOutputAPIVersion": ".createoutput_request", - "CreateOutputAdditionalProperty": ".createoutput_request", - "CreateOutputAdditionalPropertyTypedDict": ".createoutput_request", - "CreateOutputAuthToken": ".createoutput_request", - "CreateOutputAuthTokenTypedDict": ".createoutput_request", - "CreateOutputAuthType": ".createoutput_request", - "CreateOutputAuthenticationMethodAzureDataExplorer": ".createoutput_request", - "CreateOutputAuthenticationMethodAzureLogs": ".createoutput_request", - "CreateOutputAuthenticationMethodGoogleChronicle": ".createoutput_request", - "CreateOutputAuthenticationMethodGoogleCloudStorage": ".createoutput_request", - "CreateOutputAuthenticationTypeInfluxdb": ".createoutput_request", - "CreateOutputBlobAccessTier": ".createoutput_request", - "CreateOutputCertificate": ".createoutput_request", - "CreateOutputCertificateTypedDict": ".createoutput_request", - "CreateOutputCompression": ".createoutput_request", - "CreateOutputElasticVersion": ".createoutput_request", - "CreateOutputEndpointConfiguration": ".createoutput_request", - "CreateOutputExtentTag": ".createoutput_request", - "CreateOutputExtentTagTypedDict": ".createoutput_request", - "CreateOutputExtraLogType": ".createoutput_request", - "CreateOutputExtraLogTypeTypedDict": ".createoutput_request", - "CreateOutputFacility": ".createoutput_request", - "CreateOutputFieldName": ".createoutput_request", - "CreateOutputFormatSentinel": ".createoutput_request", - "CreateOutputIndexerDiscoveryConfigs": ".createoutput_request", - "CreateOutputIndexerDiscoveryConfigsTypedDict": ".createoutput_request", - "CreateOutputIngestIfNotExist": ".createoutput_request", - "CreateOutputIngestIfNotExistTypedDict": ".createoutput_request", - "CreateOutputIngestionMode": ".createoutput_request", - "CreateOutputLogLocationType": ".createoutput_request", - "CreateOutputMessageFormat": ".createoutput_request", - "CreateOutputMetadatum": ".createoutput_request", - "CreateOutputMetadatumTypedDict": ".createoutput_request", - "CreateOutputOutputAzureBlob": ".createoutput_request", - "CreateOutputOutputAzureBlobTypedDict": ".createoutput_request", - "CreateOutputOutputAzureDataExplorer": ".createoutput_request", - "CreateOutputOutputAzureDataExplorerTypedDict": ".createoutput_request", - "CreateOutputOutputAzureEventhub": ".createoutput_request", - "CreateOutputOutputAzureEventhubTypedDict": ".createoutput_request", - "CreateOutputOutputAzureLogs": ".createoutput_request", - "CreateOutputOutputAzureLogsTypedDict": ".createoutput_request", - "CreateOutputOutputCloudwatch": ".createoutput_request", - "CreateOutputOutputCloudwatchTypedDict": ".createoutput_request", - "CreateOutputOutputConfluentCloud": ".createoutput_request", - "CreateOutputOutputConfluentCloudTypedDict": ".createoutput_request", + "CreateOutputAPIVersion": ".createoutput_outputwebhook_url_1", + "CreateOutputAdditionalProperty": ".createoutput_outputwebhook_url_1", + "CreateOutputAdditionalPropertyTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputAuthToken": ".createoutput_outputwebhook_url_1", + "CreateOutputAuthTokenTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputAuthType": ".createoutput_outputwebhook_url_1", + "CreateOutputAuthenticationMethodAzureDataExplorer": ".createoutput_outputwebhook_url_1", + "CreateOutputAuthenticationMethodAzureLogs": ".createoutput_outputwebhook_url_1", + "CreateOutputAuthenticationMethodGoogleChronicle": ".createoutput_outputwebhook_url_1", + "CreateOutputAuthenticationMethodGoogleCloudStorage": ".createoutput_outputwebhook_url_1", + "CreateOutputAuthenticationTypeInfluxdb": ".createoutput_outputwebhook_url_1", + "CreateOutputBlobAccessTier": ".createoutput_outputwebhook_url_1", + "CreateOutputCertificate": ".createoutput_outputwebhook_url_1", + "CreateOutputCertificateTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputCompression": ".createoutput_outputwebhook_url_1", + "CreateOutputElasticVersion": ".createoutput_outputwebhook_url_1", + "CreateOutputEndpointConfiguration": ".createoutput_outputwebhook_url_1", + "CreateOutputEndpointGoogleCloudObservability": ".createoutput_outputwebhook_url_1", + "CreateOutputExtentTag": ".createoutput_outputwebhook_url_1", + "CreateOutputExtentTagTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputExtraLogType": ".createoutput_outputwebhook_url_1", + "CreateOutputExtraLogTypeTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputFacility": ".createoutput_outputwebhook_url_1", + "CreateOutputFieldName": ".createoutput_outputwebhook_url_1", + "CreateOutputFormatSentinel": ".createoutput_outputwebhook_url_1", + "CreateOutputGoogleAuthenticationMethod": ".createoutput_outputwebhook_url_1", + "CreateOutputIndexerDiscoveryConfigs": ".createoutput_outputwebhook_url_1", + "CreateOutputIndexerDiscoveryConfigsTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputIngestIfNotExist": ".createoutput_outputwebhook_url_1", + "CreateOutputIngestIfNotExistTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputIngestionMode": ".createoutput_outputwebhook_url_1", + "CreateOutputLogLocationType": ".createoutput_outputwebhook_url_1", + "CreateOutputMessageFormat": ".createoutput_outputwebhook_url_1", + "CreateOutputMetadatum": ".createoutput_outputwebhook_url_1", + "CreateOutputMetadatumTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOtlpVersionGoogleCloudObservability": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputAzureBlob": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputAzureBlobTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputAzureDataExplorer": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputAzureDataExplorerTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputAzureEventhub": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputAzureEventhubTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputAzureLogs": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputAzureLogsTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputCloudwatch": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputCloudwatchTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputConfluentCloud": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputConfluentCloudTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputDevnull": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputDevnullTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputElastic": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputElasticCloud": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputElasticCloudTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputElasticTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputExabeam": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputExabeamTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputFilesystem": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputFilesystemTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputGoogleChronicle": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputGoogleChronicleTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputGoogleCloudLogging": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputGoogleCloudLoggingTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputGoogleCloudObservability": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputGoogleCloudObservabilityTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputGoogleCloudStorage": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputGoogleCloudStorageTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputGooglePubsub": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputGooglePubsubTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputHoneycomb": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputHoneycombTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputInfluxdb": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputInfluxdbTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputKafka": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputKafkaTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputKinesis": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputKinesisTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputMinio": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputMinioTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputMsk": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputMskTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputNewrelic": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputNewrelicEvents": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputNewrelicEventsTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputNewrelicTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputS3": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputS3TypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputSentinel": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputSentinelTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputSignalfx": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputSignalfxTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputSplunk": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputSplunkHec": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputSplunkHecTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputSplunkLb": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputSplunkLbTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputSplunkTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputStatsd": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputStatsdTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputSyslog": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputSyslogTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputTcpjson": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputTcpjsonTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputWavefront": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputWavefrontTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputWebhookAuthenticationType1": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputWebhookAuthenticationType2": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputWebhookFormat1": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputWebhookFormat2": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputWebhookPqControls1": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputWebhookPqControls1TypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputWebhookPqControls2": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputWebhookPqControls2TypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputWebhookType1": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputWebhookType2": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputWebhookURL1": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputWebhookURL1TypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputWebhookURL2": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputWebhookURL2TypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputWebhookWebhook2": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputWebhookWebhook2TypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputWizHec": ".createoutput_outputwebhook_url_1", + "CreateOutputOutputWizHecTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPayloadFormat": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsAzureDataExplorer": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsAzureDataExplorerTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsAzureEventhub": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsAzureEventhubTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsAzureLogs": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsAzureLogsTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsCloudwatch": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsCloudwatchTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsConfluentCloud": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsConfluentCloudTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsElastic": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsElasticCloud": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsElasticCloudTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsElasticTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsGoogleChronicle": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsGoogleChronicleTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsGoogleCloudLogging": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsGoogleCloudLoggingTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsGoogleCloudObservability": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsGoogleCloudObservabilityTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsGooglePubsub": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsGooglePubsubTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsHoneycomb": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsHoneycombTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsInfluxdb": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsInfluxdbTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsKafka": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsKafkaTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsKinesis": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsKinesisTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsMsk": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsMskTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsNewrelic": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsNewrelicEvents": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsNewrelicEventsTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsNewrelicTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsSentinel": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsSentinelTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsSignalfx": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsSignalfxTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsSplunk": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsSplunkHec": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsSplunkHecTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsSplunkLb": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsSplunkLbTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsSplunkTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsStatsd": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsStatsdTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsSyslog": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsSyslogTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsTcpjson": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsTcpjsonTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsWavefront": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsWavefrontTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsWizHec": ".createoutput_outputwebhook_url_1", + "CreateOutputPqControlsWizHecTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputPrefixOptional": ".createoutput_outputwebhook_url_1", + "CreateOutputProtocolGoogleCloudObservability": ".createoutput_outputwebhook_url_1", + "CreateOutputProtocolSyslog": ".createoutput_outputwebhook_url_1", + "CreateOutputReportLevel": ".createoutput_outputwebhook_url_1", + "CreateOutputReportMethod": ".createoutput_outputwebhook_url_1", + "CreateOutputSendEventsAs": ".createoutput_outputwebhook_url_1", + "CreateOutputSeveritySyslog": ".createoutput_outputwebhook_url_1", + "CreateOutputTimestampFormat": ".createoutput_outputwebhook_url_1", + "CreateOutputTimestampPrecision": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeAzureBlob": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeAzureDataExplorer": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeAzureEventhub": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeAzureLogs": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeCloudwatch": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeConfluentCloud": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeDevnull": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeElastic": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeElasticCloud": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeExabeam": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeFilesystem": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeGoogleChronicle": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeGoogleCloudLogging": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeGoogleCloudObservability": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeGoogleCloudStorage": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeGooglePubsub": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeHoneycomb": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeInfluxdb": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeKafka": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeKinesis": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeMinio": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeMsk": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeNewrelic": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeNewrelicEvents": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeS3": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeSentinel": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeSignalfx": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeSplunk": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeSplunkHec": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeSplunkLb": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeSyslog": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeTcpjson": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeWavefront": ".createoutput_outputwebhook_url_1", + "CreateOutputTypeWizHec": ".createoutput_outputwebhook_url_1", + "CreateOutputUDMType": ".createoutput_outputwebhook_url_1", + "CreateOutputURLElastic": ".createoutput_outputwebhook_url_1", + "CreateOutputURLElasticTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputURLSplunkHec": ".createoutput_outputwebhook_url_1", + "CreateOutputURLSplunkHecTypedDict": ".createoutput_outputwebhook_url_1", + "CreateOutputWriteAction": ".createoutput_outputwebhook_url_1", "CreateOutputOutputDefault": ".createoutput_request", "CreateOutputOutputDefaultTypedDict": ".createoutput_request", - "CreateOutputOutputDevnull": ".createoutput_request", - "CreateOutputOutputDevnullTypedDict": ".createoutput_request", - "CreateOutputOutputElastic": ".createoutput_request", - "CreateOutputOutputElasticCloud": ".createoutput_request", - "CreateOutputOutputElasticCloudTypedDict": ".createoutput_request", - "CreateOutputOutputElasticTypedDict": ".createoutput_request", - "CreateOutputOutputExabeam": ".createoutput_request", - "CreateOutputOutputExabeamTypedDict": ".createoutput_request", - "CreateOutputOutputFilesystem": ".createoutput_request", - "CreateOutputOutputFilesystemTypedDict": ".createoutput_request", - "CreateOutputOutputGoogleChronicle": ".createoutput_request", - "CreateOutputOutputGoogleChronicleTypedDict": ".createoutput_request", - "CreateOutputOutputGoogleCloudLogging": ".createoutput_request", - "CreateOutputOutputGoogleCloudLoggingTypedDict": ".createoutput_request", - "CreateOutputOutputGoogleCloudStorage": ".createoutput_request", - "CreateOutputOutputGoogleCloudStorageTypedDict": ".createoutput_request", - "CreateOutputOutputGooglePubsub": ".createoutput_request", - "CreateOutputOutputGooglePubsubTypedDict": ".createoutput_request", - "CreateOutputOutputHoneycomb": ".createoutput_request", - "CreateOutputOutputHoneycombTypedDict": ".createoutput_request", - "CreateOutputOutputInfluxdb": ".createoutput_request", - "CreateOutputOutputInfluxdbTypedDict": ".createoutput_request", - "CreateOutputOutputKafka": ".createoutput_request", - "CreateOutputOutputKafkaTypedDict": ".createoutput_request", - "CreateOutputOutputKinesis": ".createoutput_request", - "CreateOutputOutputKinesisTypedDict": ".createoutput_request", - "CreateOutputOutputMinio": ".createoutput_request", - "CreateOutputOutputMinioTypedDict": ".createoutput_request", - "CreateOutputOutputMsk": ".createoutput_request", - "CreateOutputOutputMskTypedDict": ".createoutput_request", - "CreateOutputOutputNewrelic": ".createoutput_request", - "CreateOutputOutputNewrelicEvents": ".createoutput_request", - "CreateOutputOutputNewrelicEventsTypedDict": ".createoutput_request", - "CreateOutputOutputNewrelicTypedDict": ".createoutput_request", - "CreateOutputOutputS3": ".createoutput_request", - "CreateOutputOutputS3TypedDict": ".createoutput_request", - "CreateOutputOutputSentinel": ".createoutput_request", - "CreateOutputOutputSentinelTypedDict": ".createoutput_request", - "CreateOutputOutputSignalfx": ".createoutput_request", - "CreateOutputOutputSignalfxTypedDict": ".createoutput_request", - "CreateOutputOutputSplunk": ".createoutput_request", - "CreateOutputOutputSplunkHec": ".createoutput_request", - "CreateOutputOutputSplunkHecTypedDict": ".createoutput_request", - "CreateOutputOutputSplunkLb": ".createoutput_request", - "CreateOutputOutputSplunkLbTypedDict": ".createoutput_request", - "CreateOutputOutputSplunkTypedDict": ".createoutput_request", - "CreateOutputOutputStatsd": ".createoutput_request", - "CreateOutputOutputStatsdTypedDict": ".createoutput_request", - "CreateOutputOutputSyslog": ".createoutput_request", - "CreateOutputOutputSyslogTypedDict": ".createoutput_request", - "CreateOutputOutputTcpjson": ".createoutput_request", - "CreateOutputOutputTcpjsonTypedDict": ".createoutput_request", - "CreateOutputOutputWavefront": ".createoutput_request", - "CreateOutputOutputWavefrontTypedDict": ".createoutput_request", - "CreateOutputOutputWebhookAuthenticationType1": ".createoutput_request", - "CreateOutputOutputWebhookAuthenticationType2": ".createoutput_request", - "CreateOutputOutputWebhookFormat1": ".createoutput_request", - "CreateOutputOutputWebhookFormat2": ".createoutput_request", - "CreateOutputOutputWebhookPqControls1": ".createoutput_request", - "CreateOutputOutputWebhookPqControls1TypedDict": ".createoutput_request", - "CreateOutputOutputWebhookPqControls2": ".createoutput_request", - "CreateOutputOutputWebhookPqControls2TypedDict": ".createoutput_request", - "CreateOutputOutputWebhookType1": ".createoutput_request", - "CreateOutputOutputWebhookType2": ".createoutput_request", - "CreateOutputOutputWebhookURL1": ".createoutput_request", - "CreateOutputOutputWebhookURL1TypedDict": ".createoutput_request", - "CreateOutputOutputWebhookURL2": ".createoutput_request", - "CreateOutputOutputWebhookURL2TypedDict": ".createoutput_request", "CreateOutputOutputWebhookUnion": ".createoutput_request", "CreateOutputOutputWebhookUnionTypedDict": ".createoutput_request", "CreateOutputOutputWebhookWebhook1": ".createoutput_request", "CreateOutputOutputWebhookWebhook1TypedDict": ".createoutput_request", - "CreateOutputOutputWebhookWebhook2": ".createoutput_request", - "CreateOutputOutputWebhookWebhook2TypedDict": ".createoutput_request", - "CreateOutputOutputWizHec": ".createoutput_request", - "CreateOutputOutputWizHecTypedDict": ".createoutput_request", - "CreateOutputPayloadFormat": ".createoutput_request", - "CreateOutputPqControlsAzureDataExplorer": ".createoutput_request", - "CreateOutputPqControlsAzureDataExplorerTypedDict": ".createoutput_request", - "CreateOutputPqControlsAzureEventhub": ".createoutput_request", - "CreateOutputPqControlsAzureEventhubTypedDict": ".createoutput_request", - "CreateOutputPqControlsAzureLogs": ".createoutput_request", - "CreateOutputPqControlsAzureLogsTypedDict": ".createoutput_request", - "CreateOutputPqControlsCloudwatch": ".createoutput_request", - "CreateOutputPqControlsCloudwatchTypedDict": ".createoutput_request", - "CreateOutputPqControlsConfluentCloud": ".createoutput_request", - "CreateOutputPqControlsConfluentCloudTypedDict": ".createoutput_request", - "CreateOutputPqControlsElastic": ".createoutput_request", - "CreateOutputPqControlsElasticCloud": ".createoutput_request", - "CreateOutputPqControlsElasticCloudTypedDict": ".createoutput_request", - "CreateOutputPqControlsElasticTypedDict": ".createoutput_request", - "CreateOutputPqControlsGoogleChronicle": ".createoutput_request", - "CreateOutputPqControlsGoogleChronicleTypedDict": ".createoutput_request", - "CreateOutputPqControlsGoogleCloudLogging": ".createoutput_request", - "CreateOutputPqControlsGoogleCloudLoggingTypedDict": ".createoutput_request", - "CreateOutputPqControlsGooglePubsub": ".createoutput_request", - "CreateOutputPqControlsGooglePubsubTypedDict": ".createoutput_request", - "CreateOutputPqControlsHoneycomb": ".createoutput_request", - "CreateOutputPqControlsHoneycombTypedDict": ".createoutput_request", - "CreateOutputPqControlsInfluxdb": ".createoutput_request", - "CreateOutputPqControlsInfluxdbTypedDict": ".createoutput_request", - "CreateOutputPqControlsKafka": ".createoutput_request", - "CreateOutputPqControlsKafkaTypedDict": ".createoutput_request", - "CreateOutputPqControlsKinesis": ".createoutput_request", - "CreateOutputPqControlsKinesisTypedDict": ".createoutput_request", - "CreateOutputPqControlsMsk": ".createoutput_request", - "CreateOutputPqControlsMskTypedDict": ".createoutput_request", - "CreateOutputPqControlsNewrelic": ".createoutput_request", - "CreateOutputPqControlsNewrelicEvents": ".createoutput_request", - "CreateOutputPqControlsNewrelicEventsTypedDict": ".createoutput_request", - "CreateOutputPqControlsNewrelicTypedDict": ".createoutput_request", - "CreateOutputPqControlsSentinel": ".createoutput_request", - "CreateOutputPqControlsSentinelTypedDict": ".createoutput_request", - "CreateOutputPqControlsSignalfx": ".createoutput_request", - "CreateOutputPqControlsSignalfxTypedDict": ".createoutput_request", - "CreateOutputPqControlsSplunk": ".createoutput_request", - "CreateOutputPqControlsSplunkHec": ".createoutput_request", - "CreateOutputPqControlsSplunkHecTypedDict": ".createoutput_request", - "CreateOutputPqControlsSplunkLb": ".createoutput_request", - "CreateOutputPqControlsSplunkLbTypedDict": ".createoutput_request", - "CreateOutputPqControlsSplunkTypedDict": ".createoutput_request", - "CreateOutputPqControlsStatsd": ".createoutput_request", - "CreateOutputPqControlsStatsdTypedDict": ".createoutput_request", - "CreateOutputPqControlsSyslog": ".createoutput_request", - "CreateOutputPqControlsSyslogTypedDict": ".createoutput_request", - "CreateOutputPqControlsTcpjson": ".createoutput_request", - "CreateOutputPqControlsTcpjsonTypedDict": ".createoutput_request", - "CreateOutputPqControlsWavefront": ".createoutput_request", - "CreateOutputPqControlsWavefrontTypedDict": ".createoutput_request", - "CreateOutputPqControlsWizHec": ".createoutput_request", - "CreateOutputPqControlsWizHecTypedDict": ".createoutput_request", - "CreateOutputPrefixOptional": ".createoutput_request", - "CreateOutputProtocolSyslog": ".createoutput_request", - "CreateOutputReportLevel": ".createoutput_request", - "CreateOutputReportMethod": ".createoutput_request", "CreateOutputRequest": ".createoutput_request", "CreateOutputRequestTypedDict": ".createoutput_request", - "CreateOutputSendEventsAs": ".createoutput_request", - "CreateOutputSeveritySyslog": ".createoutput_request", - "CreateOutputTimestampFormat": ".createoutput_request", - "CreateOutputTimestampPrecision": ".createoutput_request", - "CreateOutputTypeAzureBlob": ".createoutput_request", - "CreateOutputTypeAzureDataExplorer": ".createoutput_request", - "CreateOutputTypeAzureEventhub": ".createoutput_request", - "CreateOutputTypeAzureLogs": ".createoutput_request", - "CreateOutputTypeCloudwatch": ".createoutput_request", - "CreateOutputTypeConfluentCloud": ".createoutput_request", "CreateOutputTypeDefault": ".createoutput_request", - "CreateOutputTypeDevnull": ".createoutput_request", - "CreateOutputTypeElastic": ".createoutput_request", - "CreateOutputTypeElasticCloud": ".createoutput_request", - "CreateOutputTypeExabeam": ".createoutput_request", - "CreateOutputTypeFilesystem": ".createoutput_request", - "CreateOutputTypeGoogleChronicle": ".createoutput_request", - "CreateOutputTypeGoogleCloudLogging": ".createoutput_request", - "CreateOutputTypeGoogleCloudStorage": ".createoutput_request", - "CreateOutputTypeGooglePubsub": ".createoutput_request", - "CreateOutputTypeHoneycomb": ".createoutput_request", - "CreateOutputTypeInfluxdb": ".createoutput_request", - "CreateOutputTypeKafka": ".createoutput_request", - "CreateOutputTypeKinesis": ".createoutput_request", - "CreateOutputTypeMinio": ".createoutput_request", - "CreateOutputTypeMsk": ".createoutput_request", - "CreateOutputTypeNewrelic": ".createoutput_request", - "CreateOutputTypeNewrelicEvents": ".createoutput_request", - "CreateOutputTypeS3": ".createoutput_request", - "CreateOutputTypeSentinel": ".createoutput_request", - "CreateOutputTypeSignalfx": ".createoutput_request", - "CreateOutputTypeSplunk": ".createoutput_request", - "CreateOutputTypeSplunkHec": ".createoutput_request", - "CreateOutputTypeSplunkLb": ".createoutput_request", - "CreateOutputTypeSyslog": ".createoutput_request", - "CreateOutputTypeTcpjson": ".createoutput_request", - "CreateOutputTypeWavefront": ".createoutput_request", - "CreateOutputTypeWizHec": ".createoutput_request", - "CreateOutputUDMType": ".createoutput_request", - "CreateOutputURLElastic": ".createoutput_request", - "CreateOutputURLElasticTypedDict": ".createoutput_request", - "CreateOutputURLSplunkHec": ".createoutput_request", - "CreateOutputURLSplunkHecTypedDict": ".createoutput_request", - "CreateOutputWriteAction": ".createoutput_request", "CreateOutputAISIEMEndpointPath": ".createoutput_type_statsd", "CreateOutputAuthentication": ".createoutput_type_statsd", "CreateOutputAuthenticationMethodChronicle": ".createoutput_type_statsd", @@ -15704,7 +15836,7 @@ "CreateOutputDataFormatSumoLogic": ".createoutput_type_statsd", "CreateOutputDataSetSite": ".createoutput_type_statsd", "CreateOutputDatadogSite": ".createoutput_type_statsd", - "CreateOutputEndpoint": ".createoutput_type_statsd", + "CreateOutputEndpointDynatraceHTTP": ".createoutput_type_statsd", "CreateOutputEndpointType": ".createoutput_type_statsd", "CreateOutputFormatClickHouse": ".createoutput_type_statsd", "CreateOutputFormatCriblLake": ".createoutput_type_statsd", @@ -15716,7 +15848,7 @@ "CreateOutputHostSnmpTypedDict": ".createoutput_type_statsd", "CreateOutputMappingTypeClickHouse": ".createoutput_type_statsd", "CreateOutputMappingTypeLocalSearchStorage": ".createoutput_type_statsd", - "CreateOutputOTLPVersion": ".createoutput_type_statsd", + "CreateOutputOTLPVersionOpenTelemetry": ".createoutput_type_statsd", "CreateOutputOutputAlibabaCloudS3": ".createoutput_type_statsd", "CreateOutputOutputAlibabaCloudS3TypedDict": ".createoutput_type_statsd", "CreateOutputOutputAlphasocS3": ".createoutput_type_statsd", @@ -15914,236 +16046,245 @@ "CreateOutputTypeXsiam": ".createoutput_type_statsd", "CreateOutputURLXsiam": ".createoutput_type_statsd", "CreateOutputURLXsiamTypedDict": ".createoutput_type_statsd", - "CreateOutputSystemByPackAPIVersion": ".createoutputsystembypack_request", - "CreateOutputSystemByPackAdditionalProperty": ".createoutputsystembypack_request", - "CreateOutputSystemByPackAdditionalPropertyTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackAuthToken": ".createoutputsystembypack_request", - "CreateOutputSystemByPackAuthTokenTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackAuthType": ".createoutputsystembypack_request", - "CreateOutputSystemByPackAuthenticationMethodAzureDataExplorer": ".createoutputsystembypack_request", - "CreateOutputSystemByPackAuthenticationMethodAzureLogs": ".createoutputsystembypack_request", - "CreateOutputSystemByPackAuthenticationMethodGoogleChronicle": ".createoutputsystembypack_request", - "CreateOutputSystemByPackAuthenticationMethodGoogleCloudStorage": ".createoutputsystembypack_request", - "CreateOutputSystemByPackAuthenticationTypeInfluxdb": ".createoutputsystembypack_request", - "CreateOutputSystemByPackBlobAccessTier": ".createoutputsystembypack_request", - "CreateOutputSystemByPackCertificate": ".createoutputsystembypack_request", - "CreateOutputSystemByPackCertificateTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackCompression": ".createoutputsystembypack_request", - "CreateOutputSystemByPackElasticVersion": ".createoutputsystembypack_request", - "CreateOutputSystemByPackEndpointConfiguration": ".createoutputsystembypack_request", - "CreateOutputSystemByPackExtentTag": ".createoutputsystembypack_request", - "CreateOutputSystemByPackExtentTagTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackExtraLogType": ".createoutputsystembypack_request", - "CreateOutputSystemByPackExtraLogTypeTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackFacility": ".createoutputsystembypack_request", - "CreateOutputSystemByPackFieldName": ".createoutputsystembypack_request", - "CreateOutputSystemByPackFormatSentinel": ".createoutputsystembypack_request", - "CreateOutputSystemByPackIndexerDiscoveryConfigs": ".createoutputsystembypack_request", - "CreateOutputSystemByPackIndexerDiscoveryConfigsTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackIngestIfNotExist": ".createoutputsystembypack_request", - "CreateOutputSystemByPackIngestIfNotExistTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackIngestionMode": ".createoutputsystembypack_request", - "CreateOutputSystemByPackLogLocationType": ".createoutputsystembypack_request", - "CreateOutputSystemByPackMessageFormat": ".createoutputsystembypack_request", - "CreateOutputSystemByPackMetadatum": ".createoutputsystembypack_request", - "CreateOutputSystemByPackMetadatumTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputAzureBlob": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputAzureBlobTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputAzureDataExplorer": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputAzureDataExplorerTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputAzureEventhub": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputAzureEventhubTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputAzureLogs": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputAzureLogsTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputCloudwatch": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputCloudwatchTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputConfluentCloud": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputConfluentCloudTypedDict": ".createoutputsystembypack_request", + "CreateOutputSystemByPackAPIVersion": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackAdditionalProperty": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackAdditionalPropertyTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackAuthToken": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackAuthTokenTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackAuthType": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackAuthenticationMethodAzureDataExplorer": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackAuthenticationMethodAzureLogs": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackAuthenticationMethodGoogleChronicle": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackAuthenticationMethodGoogleCloudStorage": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackAuthenticationTypeInfluxdb": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackBlobAccessTier": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackCertificate": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackCertificateTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackCompression": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackElasticVersion": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackEndpointConfiguration": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackEndpointGoogleCloudObservability": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackExtentTag": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackExtentTagTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackExtraLogType": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackExtraLogTypeTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackFacility": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackFieldName": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackFormatSentinel": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackGoogleAuthenticationMethod": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackIndexerDiscoveryConfigs": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackIndexerDiscoveryConfigsTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackIngestIfNotExist": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackIngestIfNotExistTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackIngestionMode": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackLogLocationType": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackMessageFormat": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackMetadatum": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackMetadatumTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOtlpVersionGoogleCloudObservability": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputAzureBlob": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputAzureBlobTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputAzureDataExplorer": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputAzureDataExplorerTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputAzureEventhub": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputAzureEventhubTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputAzureLogs": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputAzureLogsTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputCloudwatch": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputCloudwatchTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputConfluentCloud": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputConfluentCloudTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputDevnull": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputDevnullTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputElastic": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputElasticCloud": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputElasticCloudTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputElasticTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputExabeam": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputExabeamTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputFilesystem": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputFilesystemTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputGoogleChronicle": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputGoogleChronicleTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputGoogleCloudLogging": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputGoogleCloudLoggingTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputGoogleCloudObservability": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputGoogleCloudObservabilityTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputGoogleCloudStorage": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputGoogleCloudStorageTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputGooglePubsub": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputGooglePubsubTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputHoneycomb": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputHoneycombTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputInfluxdb": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputInfluxdbTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputKafka": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputKafkaTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputKinesis": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputKinesisTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputMinio": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputMinioTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputMsk": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputMskTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputNewrelic": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputNewrelicEvents": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputNewrelicEventsTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputNewrelicTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputS3": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputS3TypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputSentinel": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputSentinelTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputSignalfx": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputSignalfxTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputSplunk": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputSplunkHec": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputSplunkHecTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputSplunkLb": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputSplunkLbTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputSplunkTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputStatsd": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputStatsdTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputSyslog": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputSyslogTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputTcpjson": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputTcpjsonTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputWavefront": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputWavefrontTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputWebhookAuthenticationType1": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputWebhookAuthenticationType2": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputWebhookFormat1": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputWebhookFormat2": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputWebhookPqControls1": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputWebhookPqControls1TypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputWebhookPqControls2": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputWebhookPqControls2TypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputWebhookType1": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputWebhookType2": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputWebhookURL1": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputWebhookURL1TypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputWebhookURL2": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputWebhookURL2TypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputWebhookWebhook2": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputWebhookWebhook2TypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputWizHec": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackOutputWizHecTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPayloadFormat": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsAzureDataExplorer": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsAzureDataExplorerTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsAzureEventhub": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsAzureEventhubTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsAzureLogs": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsAzureLogsTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsCloudwatch": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsCloudwatchTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsConfluentCloud": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsConfluentCloudTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsElastic": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsElasticCloud": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsElasticCloudTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsElasticTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsGoogleChronicle": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsGoogleChronicleTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsGoogleCloudLogging": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsGoogleCloudLoggingTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsGoogleCloudObservability": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsGoogleCloudObservabilityTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsGooglePubsub": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsGooglePubsubTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsHoneycomb": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsHoneycombTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsInfluxdb": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsInfluxdbTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsKafka": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsKafkaTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsKinesis": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsKinesisTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsMsk": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsMskTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsNewrelic": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsNewrelicEvents": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsNewrelicEventsTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsNewrelicTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsSentinel": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsSentinelTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsSignalfx": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsSignalfxTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsSplunk": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsSplunkHec": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsSplunkHecTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsSplunkLb": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsSplunkLbTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsSplunkTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsStatsd": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsStatsdTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsSyslog": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsSyslogTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsTcpjson": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsTcpjsonTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsWavefront": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsWavefrontTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsWizHec": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPqControlsWizHecTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackPrefixOptional": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackProtocolGoogleCloudObservability": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackProtocolSyslog": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackReportLevel": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackReportMethod": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackSendEventsAs": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackSeveritySyslog": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTimestampFormat": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTimestampPrecision": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeAzureBlob": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeAzureDataExplorer": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeAzureEventhub": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeAzureLogs": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeCloudwatch": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeConfluentCloud": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeDevnull": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeElastic": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeElasticCloud": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeExabeam": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeFilesystem": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeGoogleChronicle": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeGoogleCloudLogging": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeGoogleCloudObservability": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeGoogleCloudStorage": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeGooglePubsub": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeHoneycomb": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeInfluxdb": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeKafka": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeKinesis": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeMinio": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeMsk": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeNewrelic": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeNewrelicEvents": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeS3": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeSentinel": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeSignalfx": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeSplunk": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeSplunkHec": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeSplunkLb": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeSyslog": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeTcpjson": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeWavefront": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackTypeWizHec": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackUDMType": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackURLElastic": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackURLElasticTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackURLSplunkHec": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackURLSplunkHecTypedDict": ".createoutputsystembypack_outputwebhook_url_1", + "CreateOutputSystemByPackWriteAction": ".createoutputsystembypack_outputwebhook_url_1", "CreateOutputSystemByPackOutputDefault": ".createoutputsystembypack_request", "CreateOutputSystemByPackOutputDefaultTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputDevnull": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputDevnullTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputElastic": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputElasticCloud": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputElasticCloudTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputElasticTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputExabeam": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputExabeamTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputFilesystem": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputFilesystemTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputGoogleChronicle": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputGoogleChronicleTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputGoogleCloudLogging": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputGoogleCloudLoggingTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputGoogleCloudStorage": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputGoogleCloudStorageTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputGooglePubsub": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputGooglePubsubTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputHoneycomb": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputHoneycombTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputInfluxdb": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputInfluxdbTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputKafka": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputKafkaTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputKinesis": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputKinesisTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputMinio": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputMinioTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputMsk": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputMskTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputNewrelic": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputNewrelicEvents": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputNewrelicEventsTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputNewrelicTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputS3": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputS3TypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputSentinel": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputSentinelTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputSignalfx": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputSignalfxTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputSplunk": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputSplunkHec": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputSplunkHecTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputSplunkLb": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputSplunkLbTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputSplunkTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputStatsd": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputStatsdTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputSyslog": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputSyslogTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputTcpjson": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputTcpjsonTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputWavefront": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputWavefrontTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputWebhookAuthenticationType1": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputWebhookAuthenticationType2": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputWebhookFormat1": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputWebhookFormat2": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputWebhookPqControls1": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputWebhookPqControls1TypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputWebhookPqControls2": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputWebhookPqControls2TypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputWebhookType1": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputWebhookType2": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputWebhookURL1": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputWebhookURL1TypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputWebhookURL2": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputWebhookURL2TypedDict": ".createoutputsystembypack_request", "CreateOutputSystemByPackOutputWebhookUnion": ".createoutputsystembypack_request", "CreateOutputSystemByPackOutputWebhookUnionTypedDict": ".createoutputsystembypack_request", "CreateOutputSystemByPackOutputWebhookWebhook1": ".createoutputsystembypack_request", "CreateOutputSystemByPackOutputWebhookWebhook1TypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputWebhookWebhook2": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputWebhookWebhook2TypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputWizHec": ".createoutputsystembypack_request", - "CreateOutputSystemByPackOutputWizHecTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPayloadFormat": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsAzureDataExplorer": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsAzureDataExplorerTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsAzureEventhub": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsAzureEventhubTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsAzureLogs": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsAzureLogsTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsCloudwatch": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsCloudwatchTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsConfluentCloud": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsConfluentCloudTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsElastic": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsElasticCloud": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsElasticCloudTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsElasticTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsGoogleChronicle": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsGoogleChronicleTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsGoogleCloudLogging": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsGoogleCloudLoggingTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsGooglePubsub": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsGooglePubsubTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsHoneycomb": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsHoneycombTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsInfluxdb": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsInfluxdbTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsKafka": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsKafkaTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsKinesis": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsKinesisTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsMsk": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsMskTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsNewrelic": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsNewrelicEvents": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsNewrelicEventsTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsNewrelicTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsSentinel": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsSentinelTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsSignalfx": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsSignalfxTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsSplunk": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsSplunkHec": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsSplunkHecTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsSplunkLb": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsSplunkLbTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsSplunkTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsStatsd": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsStatsdTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsSyslog": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsSyslogTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsTcpjson": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsTcpjsonTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsWavefront": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsWavefrontTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsWizHec": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPqControlsWizHecTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackPrefixOptional": ".createoutputsystembypack_request", - "CreateOutputSystemByPackProtocolSyslog": ".createoutputsystembypack_request", - "CreateOutputSystemByPackReportLevel": ".createoutputsystembypack_request", - "CreateOutputSystemByPackReportMethod": ".createoutputsystembypack_request", "CreateOutputSystemByPackRequest": ".createoutputsystembypack_request", "CreateOutputSystemByPackRequestBody": ".createoutputsystembypack_request", "CreateOutputSystemByPackRequestBodyTypedDict": ".createoutputsystembypack_request", "CreateOutputSystemByPackRequestTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackSendEventsAs": ".createoutputsystembypack_request", - "CreateOutputSystemByPackSeveritySyslog": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTimestampFormat": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTimestampPrecision": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeAzureBlob": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeAzureDataExplorer": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeAzureEventhub": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeAzureLogs": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeCloudwatch": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeConfluentCloud": ".createoutputsystembypack_request", "CreateOutputSystemByPackTypeDefault": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeDevnull": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeElastic": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeElasticCloud": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeExabeam": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeFilesystem": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeGoogleChronicle": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeGoogleCloudLogging": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeGoogleCloudStorage": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeGooglePubsub": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeHoneycomb": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeInfluxdb": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeKafka": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeKinesis": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeMinio": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeMsk": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeNewrelic": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeNewrelicEvents": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeS3": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeSentinel": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeSignalfx": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeSplunk": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeSplunkHec": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeSplunkLb": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeSyslog": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeTcpjson": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeWavefront": ".createoutputsystembypack_request", - "CreateOutputSystemByPackTypeWizHec": ".createoutputsystembypack_request", - "CreateOutputSystemByPackUDMType": ".createoutputsystembypack_request", - "CreateOutputSystemByPackURLElastic": ".createoutputsystembypack_request", - "CreateOutputSystemByPackURLElasticTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackURLSplunkHec": ".createoutputsystembypack_request", - "CreateOutputSystemByPackURLSplunkHecTypedDict": ".createoutputsystembypack_request", - "CreateOutputSystemByPackWriteAction": ".createoutputsystembypack_request", "CreateOutputSystemByPackAISIEMEndpointPath": ".createoutputsystembypack_type_statsd", "CreateOutputSystemByPackAuthentication": ".createoutputsystembypack_type_statsd", "CreateOutputSystemByPackAuthenticationMethodChronicle": ".createoutputsystembypack_type_statsd", @@ -16163,7 +16304,7 @@ "CreateOutputSystemByPackDataFormatSumoLogic": ".createoutputsystembypack_type_statsd", "CreateOutputSystemByPackDataSetSite": ".createoutputsystembypack_type_statsd", "CreateOutputSystemByPackDatadogSite": ".createoutputsystembypack_type_statsd", - "CreateOutputSystemByPackEndpoint": ".createoutputsystembypack_type_statsd", + "CreateOutputSystemByPackEndpointDynatraceHTTP": ".createoutputsystembypack_type_statsd", "CreateOutputSystemByPackEndpointType": ".createoutputsystembypack_type_statsd", "CreateOutputSystemByPackFormatClickHouse": ".createoutputsystembypack_type_statsd", "CreateOutputSystemByPackFormatCriblLake": ".createoutputsystembypack_type_statsd", @@ -16175,7 +16316,7 @@ "CreateOutputSystemByPackHostSnmpTypedDict": ".createoutputsystembypack_type_statsd", "CreateOutputSystemByPackMappingTypeClickHouse": ".createoutputsystembypack_type_statsd", "CreateOutputSystemByPackMappingTypeLocalSearchStorage": ".createoutputsystembypack_type_statsd", - "CreateOutputSystemByPackOTLPVersion": ".createoutputsystembypack_type_statsd", + "CreateOutputSystemByPackOTLPVersionOpenTelemetry": ".createoutputsystembypack_type_statsd", "CreateOutputSystemByPackOutputAlibabaCloudS3": ".createoutputsystembypack_type_statsd", "CreateOutputSystemByPackOutputAlibabaCloudS3TypedDict": ".createoutputsystembypack_type_statsd", "CreateOutputSystemByPackOutputAlphasocS3": ".createoutputsystembypack_type_statsd", @@ -16841,10 +16982,13 @@ "GetConfigGroupConfigVersionByProductAndIDRequestTypedDict": ".getconfiggroupconfigversionbyproductandidop", "GetCriblLakeDatasetByLakeIDAndIDRequest": ".getcribllakedatasetbylakeidandidop", "GetCriblLakeDatasetByLakeIDAndIDRequestTypedDict": ".getcribllakedatasetbylakeidandidop", + "GetCriblLakeDatasetByLakeIDFormat": ".getcribllakedatasetbylakeidop", "GetCriblLakeDatasetByLakeIDRequest": ".getcribllakedatasetbylakeidop", "GetCriblLakeDatasetByLakeIDRequestTypedDict": ".getcribllakedatasetbylakeidop", "GetDatabaseConnectionConfigByIDRequest": ".getdatabaseconnectionconfigbyidop", "GetDatabaseConnectionConfigByIDRequestTypedDict": ".getdatabaseconnectionconfigbyidop", + "GetDatabaseConnectionConfigRequest": ".getdatabaseconnectionconfigop", + "GetDatabaseConnectionConfigRequestTypedDict": ".getdatabaseconnectionconfigop", "GetFunctionsByIDRequest": ".getfunctionsbyidop", "GetFunctionsByIDRequestTypedDict": ".getfunctionsbyidop", "GetInputByIDRequest": ".getinputbyidop", @@ -17401,6 +17545,9 @@ "UnknownHealthCheckCollectorConf": ".healthcheckcollectorconf", "HealthCountType": ".healthcounttype", "HealthCountTypeTypedDict": ".healthcounttype", + "HealthOverlayStatus": ".healthoverlaystatus", + "HealthOverlayStatusTypedDict": ".healthoverlaystatus", + "UnknownHealthOverlayStatus": ".healthoverlaystatus", "HealthServerStatus": ".healthserverstatus", "HealthServerStatusStatus": ".healthserverstatus", "HealthServerStatusTypedDict": ".healthserverstatus", @@ -17413,6 +17560,8 @@ "HostConfOutputSyslogTypedDict": ".hostconfoutputsyslog", "HostOsTypeHeartbeatMetadata": ".hostostypeheartbeatmetadata", "HostOsTypeHeartbeatMetadataTypedDict": ".hostostypeheartbeatmetadata", + "HTTPDiscoveryHeaderConfInputPrometheus": ".httpdiscoveryheaderconfinputprometheus", + "HTTPDiscoveryHeaderConfInputPrometheusTypedDict": ".httpdiscoveryheaderconfinputprometheus", "Input": ".input", "InputTypedDict": ".input", "InputAnthropicComplianceContentConfig": ".inputanthropiccompliance_input", @@ -17517,6 +17666,8 @@ "InputEventhubAmqpAuthenticationMethod": ".inputeventhubamqp_input", "InputEventhubAmqpAzureBlobStorage": ".inputeventhubamqp_input", "InputEventhubAmqpAzureBlobStorageTypedDict": ".inputeventhubamqp_input", + "InputEventhubAmqpCertificate": ".inputeventhubamqp_input", + "InputEventhubAmqpCertificateTypedDict": ".inputeventhubamqp_input", "InputEventhubAmqpCheckpointing": ".inputeventhubamqp_input", "InputEventhubAmqpCheckpointingTypedDict": ".inputeventhubamqp_input", "InputEventhubAmqpInput": ".inputeventhubamqp_input", @@ -17680,6 +17831,8 @@ "InputResponseCPUModeSystemMetrics": ".inputresponse", "InputResponseCPUSystemMetrics": ".inputresponse", "InputResponseCPUSystemMetricsTypedDict": ".inputresponse", + "InputResponseCertificate": ".inputresponse", + "InputResponseCertificateTypedDict": ".inputresponse", "InputResponseCheckpointing": ".inputresponse", "InputResponseCheckpointingTypedDict": ".inputresponse", "InputResponseCollectors": ".inputresponse", @@ -18311,6 +18464,8 @@ "ModeOptionsHost": ".modeoptionshost", "ModeOptionsPq": ".modeoptionspq", "NestedFieldSerializationOptions": ".nestedfieldserializationoptions", + "NoActiveHealthOverlayStatus": ".noactivehealthoverlaystatus", + "NoActiveHealthOverlayStatusTypedDict": ".noactivehealthoverlaystatus", "NodeActiveUpgradeStatus": ".nodeactiveupgradestatus", "NodeFailedUpgradeStatus": ".nodefailedupgradestatus", "NodeProvidedInfo": ".nodeprovidedinfo", @@ -18567,6 +18722,15 @@ "OutputGoogleCloudLoggingPqControlsTypedDict": ".outputgooglecloudlogging", "OutputGoogleCloudLoggingType": ".outputgooglecloudlogging", "OutputGoogleCloudLoggingTypedDict": ".outputgooglecloudlogging", + "OutputGoogleCloudObservability": ".outputgooglecloudobservability", + "OutputGoogleCloudObservabilityEndpoint": ".outputgooglecloudobservability", + "OutputGoogleCloudObservabilityGoogleAuthenticationMethod": ".outputgooglecloudobservability", + "OutputGoogleCloudObservabilityOtlpVersion": ".outputgooglecloudobservability", + "OutputGoogleCloudObservabilityPqControls": ".outputgooglecloudobservability", + "OutputGoogleCloudObservabilityPqControlsTypedDict": ".outputgooglecloudobservability", + "OutputGoogleCloudObservabilityProtocol": ".outputgooglecloudobservability", + "OutputGoogleCloudObservabilityType": ".outputgooglecloudobservability", + "OutputGoogleCloudObservabilityTypedDict": ".outputgooglecloudobservability", "OutputGoogleCloudStorage": ".outputgooglecloudstorage", "OutputGoogleCloudStorageAuthenticationMethod": ".outputgooglecloudstorage", "OutputGoogleCloudStorageType": ".outputgooglecloudstorage", @@ -18687,234 +18851,243 @@ "OutputPrometheusType": ".outputprometheus", "OutputPrometheusTypedDict": ".outputprometheus", "OutputResponse": ".outputresponse", - "OutputResponseAPIVersion": ".outputresponse", - "OutputResponseAdditionalProperty": ".outputresponse", - "OutputResponseAdditionalPropertyTypedDict": ".outputresponse", - "OutputResponseAuthToken": ".outputresponse", - "OutputResponseAuthTokenTypedDict": ".outputresponse", - "OutputResponseAuthType": ".outputresponse", - "OutputResponseAuthenticationMethodAzureDataExplorer": ".outputresponse", - "OutputResponseAuthenticationMethodAzureLogs": ".outputresponse", - "OutputResponseAuthenticationMethodGoogleChronicle": ".outputresponse", - "OutputResponseAuthenticationMethodGoogleCloudStorage": ".outputresponse", - "OutputResponseAuthenticationTypeInfluxdb": ".outputresponse", - "OutputResponseBlobAccessTier": ".outputresponse", - "OutputResponseCertificate": ".outputresponse", - "OutputResponseCertificateTypedDict": ".outputresponse", - "OutputResponseCompression": ".outputresponse", - "OutputResponseElasticVersion": ".outputresponse", - "OutputResponseEndpointConfiguration": ".outputresponse", - "OutputResponseExtentTag": ".outputresponse", - "OutputResponseExtentTagTypedDict": ".outputresponse", - "OutputResponseExtraLogType": ".outputresponse", - "OutputResponseExtraLogTypeTypedDict": ".outputresponse", - "OutputResponseFacility": ".outputresponse", - "OutputResponseFieldName": ".outputresponse", - "OutputResponseFormatSentinel": ".outputresponse", - "OutputResponseIndexerDiscoveryConfigs": ".outputresponse", - "OutputResponseIndexerDiscoveryConfigsTypedDict": ".outputresponse", - "OutputResponseIngestIfNotExist": ".outputresponse", - "OutputResponseIngestIfNotExistTypedDict": ".outputresponse", - "OutputResponseIngestionMode": ".outputresponse", - "OutputResponseLogLocationType": ".outputresponse", - "OutputResponseMessageFormat": ".outputresponse", - "OutputResponseMetadatum": ".outputresponse", - "OutputResponseMetadatumTypedDict": ".outputresponse", - "OutputResponseOutputAzureBlob": ".outputresponse", - "OutputResponseOutputAzureBlobTypedDict": ".outputresponse", - "OutputResponseOutputAzureDataExplorer": ".outputresponse", - "OutputResponseOutputAzureDataExplorerTypedDict": ".outputresponse", - "OutputResponseOutputAzureEventhub": ".outputresponse", - "OutputResponseOutputAzureEventhubTypedDict": ".outputresponse", - "OutputResponseOutputAzureLogs": ".outputresponse", - "OutputResponseOutputAzureLogsTypedDict": ".outputresponse", - "OutputResponseOutputCloudwatch": ".outputresponse", - "OutputResponseOutputCloudwatchTypedDict": ".outputresponse", - "OutputResponseOutputConfluentCloud": ".outputresponse", - "OutputResponseOutputConfluentCloudTypedDict": ".outputresponse", "OutputResponseOutputDefault": ".outputresponse", "OutputResponseOutputDefaultTypedDict": ".outputresponse", - "OutputResponseOutputDevnull": ".outputresponse", - "OutputResponseOutputDevnullTypedDict": ".outputresponse", - "OutputResponseOutputElastic": ".outputresponse", - "OutputResponseOutputElasticCloud": ".outputresponse", - "OutputResponseOutputElasticCloudTypedDict": ".outputresponse", - "OutputResponseOutputElasticTypedDict": ".outputresponse", - "OutputResponseOutputExabeam": ".outputresponse", - "OutputResponseOutputExabeamTypedDict": ".outputresponse", - "OutputResponseOutputFilesystem": ".outputresponse", - "OutputResponseOutputFilesystemTypedDict": ".outputresponse", - "OutputResponseOutputGoogleChronicle": ".outputresponse", - "OutputResponseOutputGoogleChronicleTypedDict": ".outputresponse", - "OutputResponseOutputGoogleCloudLogging": ".outputresponse", - "OutputResponseOutputGoogleCloudLoggingTypedDict": ".outputresponse", - "OutputResponseOutputGoogleCloudStorage": ".outputresponse", - "OutputResponseOutputGoogleCloudStorageTypedDict": ".outputresponse", - "OutputResponseOutputGooglePubsub": ".outputresponse", - "OutputResponseOutputGooglePubsubTypedDict": ".outputresponse", - "OutputResponseOutputHoneycomb": ".outputresponse", - "OutputResponseOutputHoneycombTypedDict": ".outputresponse", - "OutputResponseOutputInfluxdb": ".outputresponse", - "OutputResponseOutputInfluxdbTypedDict": ".outputresponse", - "OutputResponseOutputKafka": ".outputresponse", - "OutputResponseOutputKafkaTypedDict": ".outputresponse", - "OutputResponseOutputKinesis": ".outputresponse", - "OutputResponseOutputKinesisTypedDict": ".outputresponse", - "OutputResponseOutputMinio": ".outputresponse", - "OutputResponseOutputMinioTypedDict": ".outputresponse", - "OutputResponseOutputMsk": ".outputresponse", - "OutputResponseOutputMskTypedDict": ".outputresponse", - "OutputResponseOutputNewrelic": ".outputresponse", - "OutputResponseOutputNewrelicEvents": ".outputresponse", - "OutputResponseOutputNewrelicEventsTypedDict": ".outputresponse", - "OutputResponseOutputNewrelicTypedDict": ".outputresponse", - "OutputResponseOutputS3": ".outputresponse", - "OutputResponseOutputS3TypedDict": ".outputresponse", - "OutputResponseOutputSentinel": ".outputresponse", - "OutputResponseOutputSentinelTypedDict": ".outputresponse", - "OutputResponseOutputSignalfx": ".outputresponse", - "OutputResponseOutputSignalfxTypedDict": ".outputresponse", - "OutputResponseOutputSplunk": ".outputresponse", - "OutputResponseOutputSplunkHec": ".outputresponse", - "OutputResponseOutputSplunkHecTypedDict": ".outputresponse", - "OutputResponseOutputSplunkLb": ".outputresponse", - "OutputResponseOutputSplunkLbTypedDict": ".outputresponse", - "OutputResponseOutputSplunkTypedDict": ".outputresponse", - "OutputResponseOutputStatsd": ".outputresponse", - "OutputResponseOutputStatsdTypedDict": ".outputresponse", - "OutputResponseOutputSyslog": ".outputresponse", - "OutputResponseOutputSyslogTypedDict": ".outputresponse", - "OutputResponseOutputTcpjson": ".outputresponse", - "OutputResponseOutputTcpjsonTypedDict": ".outputresponse", - "OutputResponseOutputWavefront": ".outputresponse", - "OutputResponseOutputWavefrontTypedDict": ".outputresponse", - "OutputResponseOutputWebhookAuthenticationType1": ".outputresponse", - "OutputResponseOutputWebhookAuthenticationType2": ".outputresponse", - "OutputResponseOutputWebhookFormat1": ".outputresponse", - "OutputResponseOutputWebhookFormat2": ".outputresponse", - "OutputResponseOutputWebhookPqControls1": ".outputresponse", - "OutputResponseOutputWebhookPqControls1TypedDict": ".outputresponse", - "OutputResponseOutputWebhookPqControls2": ".outputresponse", - "OutputResponseOutputWebhookPqControls2TypedDict": ".outputresponse", - "OutputResponseOutputWebhookType1": ".outputresponse", - "OutputResponseOutputWebhookType2": ".outputresponse", - "OutputResponseOutputWebhookURL1": ".outputresponse", - "OutputResponseOutputWebhookURL1TypedDict": ".outputresponse", - "OutputResponseOutputWebhookURL2": ".outputresponse", - "OutputResponseOutputWebhookURL2TypedDict": ".outputresponse", "OutputResponseOutputWebhookUnion": ".outputresponse", "OutputResponseOutputWebhookUnionTypedDict": ".outputresponse", "OutputResponseOutputWebhookWebhook1": ".outputresponse", "OutputResponseOutputWebhookWebhook1TypedDict": ".outputresponse", - "OutputResponseOutputWebhookWebhook2": ".outputresponse", - "OutputResponseOutputWebhookWebhook2TypedDict": ".outputresponse", - "OutputResponseOutputWizHec": ".outputresponse", - "OutputResponseOutputWizHecTypedDict": ".outputresponse", - "OutputResponsePayloadFormat": ".outputresponse", - "OutputResponsePqControlsAzureDataExplorer": ".outputresponse", - "OutputResponsePqControlsAzureDataExplorerTypedDict": ".outputresponse", - "OutputResponsePqControlsAzureEventhub": ".outputresponse", - "OutputResponsePqControlsAzureEventhubTypedDict": ".outputresponse", - "OutputResponsePqControlsAzureLogs": ".outputresponse", - "OutputResponsePqControlsAzureLogsTypedDict": ".outputresponse", - "OutputResponsePqControlsCloudwatch": ".outputresponse", - "OutputResponsePqControlsCloudwatchTypedDict": ".outputresponse", - "OutputResponsePqControlsConfluentCloud": ".outputresponse", - "OutputResponsePqControlsConfluentCloudTypedDict": ".outputresponse", - "OutputResponsePqControlsElastic": ".outputresponse", - "OutputResponsePqControlsElasticCloud": ".outputresponse", - "OutputResponsePqControlsElasticCloudTypedDict": ".outputresponse", - "OutputResponsePqControlsElasticTypedDict": ".outputresponse", - "OutputResponsePqControlsGoogleChronicle": ".outputresponse", - "OutputResponsePqControlsGoogleChronicleTypedDict": ".outputresponse", - "OutputResponsePqControlsGoogleCloudLogging": ".outputresponse", - "OutputResponsePqControlsGoogleCloudLoggingTypedDict": ".outputresponse", - "OutputResponsePqControlsGooglePubsub": ".outputresponse", - "OutputResponsePqControlsGooglePubsubTypedDict": ".outputresponse", - "OutputResponsePqControlsHoneycomb": ".outputresponse", - "OutputResponsePqControlsHoneycombTypedDict": ".outputresponse", - "OutputResponsePqControlsInfluxdb": ".outputresponse", - "OutputResponsePqControlsInfluxdbTypedDict": ".outputresponse", - "OutputResponsePqControlsKafka": ".outputresponse", - "OutputResponsePqControlsKafkaTypedDict": ".outputresponse", - "OutputResponsePqControlsKinesis": ".outputresponse", - "OutputResponsePqControlsKinesisTypedDict": ".outputresponse", - "OutputResponsePqControlsMsk": ".outputresponse", - "OutputResponsePqControlsMskTypedDict": ".outputresponse", - "OutputResponsePqControlsNewrelic": ".outputresponse", - "OutputResponsePqControlsNewrelicEvents": ".outputresponse", - "OutputResponsePqControlsNewrelicEventsTypedDict": ".outputresponse", - "OutputResponsePqControlsNewrelicTypedDict": ".outputresponse", - "OutputResponsePqControlsSentinel": ".outputresponse", - "OutputResponsePqControlsSentinelTypedDict": ".outputresponse", - "OutputResponsePqControlsSignalfx": ".outputresponse", - "OutputResponsePqControlsSignalfxTypedDict": ".outputresponse", - "OutputResponsePqControlsSplunk": ".outputresponse", - "OutputResponsePqControlsSplunkHec": ".outputresponse", - "OutputResponsePqControlsSplunkHecTypedDict": ".outputresponse", - "OutputResponsePqControlsSplunkLb": ".outputresponse", - "OutputResponsePqControlsSplunkLbTypedDict": ".outputresponse", - "OutputResponsePqControlsSplunkTypedDict": ".outputresponse", - "OutputResponsePqControlsStatsd": ".outputresponse", - "OutputResponsePqControlsStatsdTypedDict": ".outputresponse", - "OutputResponsePqControlsSyslog": ".outputresponse", - "OutputResponsePqControlsSyslogTypedDict": ".outputresponse", - "OutputResponsePqControlsTcpjson": ".outputresponse", - "OutputResponsePqControlsTcpjsonTypedDict": ".outputresponse", - "OutputResponsePqControlsWavefront": ".outputresponse", - "OutputResponsePqControlsWavefrontTypedDict": ".outputresponse", - "OutputResponsePqControlsWizHec": ".outputresponse", - "OutputResponsePqControlsWizHecTypedDict": ".outputresponse", - "OutputResponsePrefixOptional": ".outputresponse", - "OutputResponseProtocolSyslog": ".outputresponse", - "OutputResponseReportLevel": ".outputresponse", - "OutputResponseReportMethod": ".outputresponse", - "OutputResponseSendEventsAs": ".outputresponse", - "OutputResponseSeveritySyslog": ".outputresponse", - "OutputResponseTimestampFormat": ".outputresponse", - "OutputResponseTimestampPrecision": ".outputresponse", - "OutputResponseTypeAzureBlob": ".outputresponse", - "OutputResponseTypeAzureDataExplorer": ".outputresponse", - "OutputResponseTypeAzureEventhub": ".outputresponse", - "OutputResponseTypeAzureLogs": ".outputresponse", - "OutputResponseTypeCloudwatch": ".outputresponse", - "OutputResponseTypeConfluentCloud": ".outputresponse", "OutputResponseTypeDefault": ".outputresponse", - "OutputResponseTypeDevnull": ".outputresponse", - "OutputResponseTypeElastic": ".outputresponse", - "OutputResponseTypeElasticCloud": ".outputresponse", - "OutputResponseTypeExabeam": ".outputresponse", - "OutputResponseTypeFilesystem": ".outputresponse", - "OutputResponseTypeGoogleChronicle": ".outputresponse", - "OutputResponseTypeGoogleCloudLogging": ".outputresponse", - "OutputResponseTypeGoogleCloudStorage": ".outputresponse", - "OutputResponseTypeGooglePubsub": ".outputresponse", - "OutputResponseTypeHoneycomb": ".outputresponse", - "OutputResponseTypeInfluxdb": ".outputresponse", - "OutputResponseTypeKafka": ".outputresponse", - "OutputResponseTypeKinesis": ".outputresponse", - "OutputResponseTypeMinio": ".outputresponse", - "OutputResponseTypeMsk": ".outputresponse", - "OutputResponseTypeNewrelic": ".outputresponse", - "OutputResponseTypeNewrelicEvents": ".outputresponse", - "OutputResponseTypeS3": ".outputresponse", - "OutputResponseTypeSentinel": ".outputresponse", - "OutputResponseTypeSignalfx": ".outputresponse", - "OutputResponseTypeSplunk": ".outputresponse", - "OutputResponseTypeSplunkHec": ".outputresponse", - "OutputResponseTypeSplunkLb": ".outputresponse", - "OutputResponseTypeSyslog": ".outputresponse", - "OutputResponseTypeTcpjson": ".outputresponse", - "OutputResponseTypeWavefront": ".outputresponse", - "OutputResponseTypeWizHec": ".outputresponse", "OutputResponseTypedDict": ".outputresponse", - "OutputResponseUDMType": ".outputresponse", - "OutputResponseURLElastic": ".outputresponse", - "OutputResponseURLElasticTypedDict": ".outputresponse", - "OutputResponseURLSplunkHec": ".outputresponse", - "OutputResponseURLSplunkHecTypedDict": ".outputresponse", - "OutputResponseWriteAction": ".outputresponse", "UnknownOutputResponse": ".outputresponse", + "OutputResponseAPIVersion": ".outputresponse_outputwebhook_url_1", + "OutputResponseAdditionalProperty": ".outputresponse_outputwebhook_url_1", + "OutputResponseAdditionalPropertyTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseAuthToken": ".outputresponse_outputwebhook_url_1", + "OutputResponseAuthTokenTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseAuthType": ".outputresponse_outputwebhook_url_1", + "OutputResponseAuthenticationMethodAzureDataExplorer": ".outputresponse_outputwebhook_url_1", + "OutputResponseAuthenticationMethodAzureLogs": ".outputresponse_outputwebhook_url_1", + "OutputResponseAuthenticationMethodGoogleChronicle": ".outputresponse_outputwebhook_url_1", + "OutputResponseAuthenticationMethodGoogleCloudStorage": ".outputresponse_outputwebhook_url_1", + "OutputResponseAuthenticationTypeInfluxdb": ".outputresponse_outputwebhook_url_1", + "OutputResponseBlobAccessTier": ".outputresponse_outputwebhook_url_1", + "OutputResponseCertificate": ".outputresponse_outputwebhook_url_1", + "OutputResponseCertificateTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseCompression": ".outputresponse_outputwebhook_url_1", + "OutputResponseElasticVersion": ".outputresponse_outputwebhook_url_1", + "OutputResponseEndpointConfiguration": ".outputresponse_outputwebhook_url_1", + "OutputResponseEndpointGoogleCloudObservability": ".outputresponse_outputwebhook_url_1", + "OutputResponseExtentTag": ".outputresponse_outputwebhook_url_1", + "OutputResponseExtentTagTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseExtraLogType": ".outputresponse_outputwebhook_url_1", + "OutputResponseExtraLogTypeTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseFacility": ".outputresponse_outputwebhook_url_1", + "OutputResponseFieldName": ".outputresponse_outputwebhook_url_1", + "OutputResponseFormatSentinel": ".outputresponse_outputwebhook_url_1", + "OutputResponseGoogleAuthenticationMethod": ".outputresponse_outputwebhook_url_1", + "OutputResponseIndexerDiscoveryConfigs": ".outputresponse_outputwebhook_url_1", + "OutputResponseIndexerDiscoveryConfigsTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseIngestIfNotExist": ".outputresponse_outputwebhook_url_1", + "OutputResponseIngestIfNotExistTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseIngestionMode": ".outputresponse_outputwebhook_url_1", + "OutputResponseLogLocationType": ".outputresponse_outputwebhook_url_1", + "OutputResponseMessageFormat": ".outputresponse_outputwebhook_url_1", + "OutputResponseMetadatum": ".outputresponse_outputwebhook_url_1", + "OutputResponseMetadatumTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOtlpVersionGoogleCloudObservability": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputAzureBlob": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputAzureBlobTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputAzureDataExplorer": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputAzureDataExplorerTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputAzureEventhub": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputAzureEventhubTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputAzureLogs": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputAzureLogsTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputCloudwatch": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputCloudwatchTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputConfluentCloud": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputConfluentCloudTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputDevnull": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputDevnullTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputElastic": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputElasticCloud": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputElasticCloudTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputElasticTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputExabeam": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputExabeamTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputFilesystem": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputFilesystemTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputGoogleChronicle": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputGoogleChronicleTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputGoogleCloudLogging": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputGoogleCloudLoggingTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputGoogleCloudObservability": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputGoogleCloudObservabilityTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputGoogleCloudStorage": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputGoogleCloudStorageTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputGooglePubsub": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputGooglePubsubTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputHoneycomb": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputHoneycombTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputInfluxdb": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputInfluxdbTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputKafka": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputKafkaTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputKinesis": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputKinesisTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputMinio": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputMinioTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputMsk": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputMskTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputNewrelic": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputNewrelicEvents": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputNewrelicEventsTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputNewrelicTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputS3": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputS3TypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputSentinel": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputSentinelTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputSignalfx": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputSignalfxTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputSplunk": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputSplunkHec": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputSplunkHecTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputSplunkLb": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputSplunkLbTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputSplunkTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputStatsd": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputStatsdTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputSyslog": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputSyslogTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputTcpjson": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputTcpjsonTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputWavefront": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputWavefrontTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputWebhookAuthenticationType1": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputWebhookAuthenticationType2": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputWebhookFormat1": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputWebhookFormat2": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputWebhookPqControls1": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputWebhookPqControls1TypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputWebhookPqControls2": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputWebhookPqControls2TypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputWebhookType1": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputWebhookType2": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputWebhookURL1": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputWebhookURL1TypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputWebhookURL2": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputWebhookURL2TypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputWebhookWebhook2": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputWebhookWebhook2TypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputWizHec": ".outputresponse_outputwebhook_url_1", + "OutputResponseOutputWizHecTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePayloadFormat": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsAzureDataExplorer": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsAzureDataExplorerTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsAzureEventhub": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsAzureEventhubTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsAzureLogs": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsAzureLogsTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsCloudwatch": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsCloudwatchTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsConfluentCloud": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsConfluentCloudTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsElastic": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsElasticCloud": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsElasticCloudTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsElasticTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsGoogleChronicle": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsGoogleChronicleTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsGoogleCloudLogging": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsGoogleCloudLoggingTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsGoogleCloudObservability": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsGoogleCloudObservabilityTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsGooglePubsub": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsGooglePubsubTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsHoneycomb": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsHoneycombTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsInfluxdb": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsInfluxdbTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsKafka": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsKafkaTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsKinesis": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsKinesisTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsMsk": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsMskTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsNewrelic": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsNewrelicEvents": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsNewrelicEventsTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsNewrelicTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsSentinel": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsSentinelTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsSignalfx": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsSignalfxTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsSplunk": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsSplunkHec": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsSplunkHecTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsSplunkLb": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsSplunkLbTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsSplunkTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsStatsd": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsStatsdTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsSyslog": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsSyslogTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsTcpjson": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsTcpjsonTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsWavefront": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsWavefrontTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsWizHec": ".outputresponse_outputwebhook_url_1", + "OutputResponsePqControlsWizHecTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponsePrefixOptional": ".outputresponse_outputwebhook_url_1", + "OutputResponseProtocolGoogleCloudObservability": ".outputresponse_outputwebhook_url_1", + "OutputResponseProtocolSyslog": ".outputresponse_outputwebhook_url_1", + "OutputResponseReportLevel": ".outputresponse_outputwebhook_url_1", + "OutputResponseReportMethod": ".outputresponse_outputwebhook_url_1", + "OutputResponseSendEventsAs": ".outputresponse_outputwebhook_url_1", + "OutputResponseSeveritySyslog": ".outputresponse_outputwebhook_url_1", + "OutputResponseTimestampFormat": ".outputresponse_outputwebhook_url_1", + "OutputResponseTimestampPrecision": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeAzureBlob": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeAzureDataExplorer": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeAzureEventhub": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeAzureLogs": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeCloudwatch": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeConfluentCloud": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeDevnull": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeElastic": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeElasticCloud": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeExabeam": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeFilesystem": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeGoogleChronicle": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeGoogleCloudLogging": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeGoogleCloudObservability": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeGoogleCloudStorage": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeGooglePubsub": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeHoneycomb": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeInfluxdb": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeKafka": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeKinesis": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeMinio": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeMsk": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeNewrelic": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeNewrelicEvents": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeS3": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeSentinel": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeSignalfx": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeSplunk": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeSplunkHec": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeSplunkLb": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeSyslog": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeTcpjson": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeWavefront": ".outputresponse_outputwebhook_url_1", + "OutputResponseTypeWizHec": ".outputresponse_outputwebhook_url_1", + "OutputResponseUDMType": ".outputresponse_outputwebhook_url_1", + "OutputResponseURLElastic": ".outputresponse_outputwebhook_url_1", + "OutputResponseURLElasticTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseURLSplunkHec": ".outputresponse_outputwebhook_url_1", + "OutputResponseURLSplunkHecTypedDict": ".outputresponse_outputwebhook_url_1", + "OutputResponseWriteAction": ".outputresponse_outputwebhook_url_1", "OutputResponseAISIEMEndpointPath": ".outputresponse_type_statsd", "OutputResponseAuthentication": ".outputresponse_type_statsd", "OutputResponseAuthenticationMethodChronicle": ".outputresponse_type_statsd", @@ -18934,7 +19107,7 @@ "OutputResponseDataFormatSumoLogic": ".outputresponse_type_statsd", "OutputResponseDataSetSite": ".outputresponse_type_statsd", "OutputResponseDatadogSite": ".outputresponse_type_statsd", - "OutputResponseEndpoint": ".outputresponse_type_statsd", + "OutputResponseEndpointDynatraceHTTP": ".outputresponse_type_statsd", "OutputResponseEndpointType": ".outputresponse_type_statsd", "OutputResponseFormatClickHouse": ".outputresponse_type_statsd", "OutputResponseFormatCriblLake": ".outputresponse_type_statsd", @@ -18946,7 +19119,7 @@ "OutputResponseHostSnmpTypedDict": ".outputresponse_type_statsd", "OutputResponseMappingTypeClickHouse": ".outputresponse_type_statsd", "OutputResponseMappingTypeLocalSearchStorage": ".outputresponse_type_statsd", - "OutputResponseOTLPVersion": ".outputresponse_type_statsd", + "OutputResponseOTLPVersionOpenTelemetry": ".outputresponse_type_statsd", "OutputResponseOutputAlibabaCloudS3": ".outputresponse_type_statsd", "OutputResponseOutputAlibabaCloudS3TypedDict": ".outputresponse_type_statsd", "OutputResponseOutputAlphasocS3": ".outputresponse_type_statsd", @@ -19628,16 +19801,12 @@ "RedisDeploymentTypeClusterCommand": ".pipelinefunctionredis", "RedisDeploymentTypeClusterCommandTypedDict": ".pipelinefunctionredis", "RedisDeploymentTypeClusterDeploymentType": ".pipelinefunctionredis", - "RedisDeploymentTypeClusterRootNode": ".pipelinefunctionredis", - "RedisDeploymentTypeClusterRootNodeTypedDict": ".pipelinefunctionredis", "RedisDeploymentTypeClusterTypedDict": ".pipelinefunctionredis", "RedisDeploymentTypeSentinel": ".pipelinefunctionredis", "RedisDeploymentTypeSentinelAuthenticationMethod": ".pipelinefunctionredis", "RedisDeploymentTypeSentinelCommand": ".pipelinefunctionredis", "RedisDeploymentTypeSentinelCommandTypedDict": ".pipelinefunctionredis", "RedisDeploymentTypeSentinelDeploymentType": ".pipelinefunctionredis", - "RedisDeploymentTypeSentinelRootNode": ".pipelinefunctionredis", - "RedisDeploymentTypeSentinelRootNodeTypedDict": ".pipelinefunctionredis", "RedisDeploymentTypeSentinelTypedDict": ".pipelinefunctionredis", "RedisDeploymentTypeStandalone": ".pipelinefunctionredis", "RedisDeploymentTypeStandaloneAuthenticationMethod": ".pipelinefunctionredis", @@ -19802,8 +19971,6 @@ "RegexListConfSerdeTypeRegexTypedDict": ".regexlistconfserdetyperegex", "RegionOptions": ".regionoptions", "RequestFormatOptions": ".requestformatoptions", - "RequestParamConfInputOpenai": ".requestparamconfinputopenai", - "RequestParamConfInputOpenaiTypedDict": ".requestparamconfinputopenai", "ResourcePolicy": ".resourcepolicy", "ResourcePolicyTypedDict": ".resourcepolicy", "ResponseRetrySettingConfOutputWebhook": ".responseretrysettingconfoutputwebhook", @@ -20737,6 +20904,8 @@ "RollbackSettingsTypedDict": ".rollbacksettings_union", "RollbackSettingsUnion": ".rollbacksettings_union", "RollbackSettingsUnionTypedDict": ".rollbacksettings_union", + "RootNodeConfRedisDeploymentTypeCluster": ".rootnodeconfredisdeploymenttypecluster", + "RootNodeConfRedisDeploymentTypeClusterTypedDict": ".rootnodeconfredisdeploymenttypecluster", "RouteComment": ".routecomment", "RouteCommentTypedDict": ".routecomment", "RouteConf": ".routeconf", diff --git a/src/cribl_control_plane/models/activehealthoverlaystatus.py b/src/cribl_control_plane/models/activehealthoverlaystatus.py new file mode 100644 index 000000000..c1a062f8a --- /dev/null +++ b/src/cribl_control_plane/models/activehealthoverlaystatus.py @@ -0,0 +1,38 @@ +"""Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" + +from __future__ import annotations +from cribl_control_plane.types import BaseModel +from cribl_control_plane.utils import validate_const +import pydantic +from pydantic.functional_validators import AfterValidator +from typing import Literal +from typing_extensions import Annotated, TypedDict + + +class ActiveHealthOverlayStatusTypedDict(TypedDict): + binary_version: str + r"""Binary version targeted by the active overlay.""" + overlay_id: str + r"""Active overlay identifier.""" + state: Literal["active"] + r"""Current overlay state.""" + + +class ActiveHealthOverlayStatus(BaseModel): + binary_version: Annotated[str, pydantic.Field(alias="binaryVersion")] + r"""Binary version targeted by the active overlay.""" + + overlay_id: Annotated[str, pydantic.Field(alias="overlayId")] + r"""Active overlay identifier.""" + + STATE: Annotated[ + Annotated[Literal["active"], AfterValidator(validate_const("active"))], + pydantic.Field(alias="state"), + ] = "active" + r"""Current overlay state.""" + + +try: + ActiveHealthOverlayStatus.model_rebuild() +except NameError: + pass diff --git a/src/cribl_control_plane/models/authrequestheaderconfhealthcheckauthenticationoauth.py b/src/cribl_control_plane/models/authrequestheaderconfhealthcheckauthenticationoauth.py deleted file mode 100644 index e57cc702a..000000000 --- a/src/cribl_control_plane/models/authrequestheaderconfhealthcheckauthenticationoauth.py +++ /dev/null @@ -1,20 +0,0 @@ -"""Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" - -from __future__ import annotations -from cribl_control_plane.types import BaseModel -from typing_extensions import TypedDict - - -class AuthRequestHeaderConfHealthCheckAuthenticationOauthTypedDict(TypedDict): - name: str - r"""Header name.""" - value: str - r"""JavaScript expression to compute the header's value, normally enclosed in backticks (e.g., `${earliest}`). If a constant, use single quotes (e.g., 'earliest'). Values without delimiters (e.g., earliest) are evaluated as strings.""" - - -class AuthRequestHeaderConfHealthCheckAuthenticationOauth(BaseModel): - name: str - r"""Header name.""" - - value: str - r"""JavaScript expression to compute the header's value, normally enclosed in backticks (e.g., `${earliest}`). If a constant, use single quotes (e.g., 'earliest'). Values without delimiters (e.g., earliest) are evaluated as strings.""" diff --git a/src/cribl_control_plane/models/authtype.py b/src/cribl_control_plane/models/authtype.py index ec4e9a56f..24d79d214 100644 --- a/src/cribl_control_plane/models/authtype.py +++ b/src/cribl_control_plane/models/authtype.py @@ -1,34 +1,132 @@ """Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" from __future__ import annotations +from .oauthparamconfinputkafka import ( + OauthParamConfInputKafka, + OauthParamConfInputKafkaTypedDict, +) from cribl_control_plane.types import BaseModel, UNSET_SENTINEL import pydantic from pydantic import model_serializer -from typing import Optional +from typing import List, Optional from typing_extensions import Annotated, NotRequired, TypedDict class AuthTypeTypedDict(TypedDict): - r"""Credentials to use when authenticating with the schema registry using basic HTTP authentication""" + r"""Credentials to use when authenticating with the schema registry""" disabled: bool + oauth_enabled: NotRequired[bool] + r"""Authenticate with the schema registry using OAuth instead of basic HTTP authentication""" + token_url: NotRequired[str] + r"""URL of the token endpoint to use for OAuth authentication""" + client_id: NotRequired[str] + r"""Client ID to use for OAuth authentication""" + oauth_secret_type: NotRequired[str] + client_text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + oauth_params: NotRequired[List[OauthParamConfInputKafkaTypedDict]] + r"""Additional fields to send to the token endpoint, such as scope or audience""" + identity_pool_id: NotRequired[str] + r"""Confluent Cloud identity pool ID. Sent as the `Confluent-Identity-Pool-Id` header on requests to the schema registry.""" + logical_cluster: NotRequired[str] + r"""Confluent Cloud Schema Registry logical cluster ID. Sent as the `target-sr-cluster` header on requests to the schema registry.""" credentials_secret: NotRequired[str] r"""Select or create a secret that references your credentials""" + template_token_url: NotRequired[str] + r"""Binds 'tokenUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenUrl' at runtime.""" + template_client_id: NotRequired[str] + r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" + template_identity_pool_id: NotRequired[str] + r"""Binds 'identityPoolId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'identityPoolId' at runtime.""" + template_logical_cluster: NotRequired[str] + r"""Binds 'logicalCluster' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logicalCluster' at runtime.""" class AuthType(BaseModel): - r"""Credentials to use when authenticating with the schema registry using basic HTTP authentication""" + r"""Credentials to use when authenticating with the schema registry""" disabled: bool + oauth_enabled: Annotated[Optional[bool], pydantic.Field(alias="oauthEnabled")] = ( + None + ) + r"""Authenticate with the schema registry using OAuth instead of basic HTTP authentication""" + + token_url: Annotated[Optional[str], pydantic.Field(alias="tokenUrl")] = None + r"""URL of the token endpoint to use for OAuth authentication""" + + client_id: Annotated[Optional[str], pydantic.Field(alias="clientId")] = None + r"""Client ID to use for OAuth authentication""" + + oauth_secret_type: Annotated[ + Optional[str], pydantic.Field(alias="oauthSecretType") + ] = None + + client_text_secret: Annotated[ + Optional[str], pydantic.Field(alias="clientTextSecret") + ] = None + r"""Select or create a stored text secret""" + + oauth_params: Annotated[ + Optional[List[OauthParamConfInputKafka]], pydantic.Field(alias="oauthParams") + ] = None + r"""Additional fields to send to the token endpoint, such as scope or audience""" + + identity_pool_id: Annotated[ + Optional[str], pydantic.Field(alias="identityPoolId") + ] = None + r"""Confluent Cloud identity pool ID. Sent as the `Confluent-Identity-Pool-Id` header on requests to the schema registry.""" + + logical_cluster: Annotated[ + Optional[str], pydantic.Field(alias="logicalCluster") + ] = None + r"""Confluent Cloud Schema Registry logical cluster ID. Sent as the `target-sr-cluster` header on requests to the schema registry.""" + credentials_secret: Annotated[ Optional[str], pydantic.Field(alias="credentialsSecret") ] = None r"""Select or create a secret that references your credentials""" + template_token_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_tokenUrl") + ] = None + r"""Binds 'tokenUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenUrl' at runtime.""" + + template_client_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientId") + ] = None + r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" + + template_identity_pool_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_identityPoolId") + ] = None + r"""Binds 'identityPoolId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'identityPoolId' at runtime.""" + + template_logical_cluster: Annotated[ + Optional[str], pydantic.Field(alias="__template_logicalCluster") + ] = None + r"""Binds 'logicalCluster' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logicalCluster' at runtime.""" + @model_serializer(mode="wrap") def serialize_model(self, handler): - optional_fields = set(["credentialsSecret"]) + optional_fields = set( + [ + "oauthEnabled", + "tokenUrl", + "clientId", + "oauthSecretType", + "clientTextSecret", + "oauthParams", + "identityPoolId", + "logicalCluster", + "credentialsSecret", + "__template_tokenUrl", + "__template_clientId", + "__template_identityPoolId", + "__template_logicalCluster", + ] + ) serialized = handler(self) m = {} diff --git a/src/cribl_control_plane/models/azureblobcollectorconf.py b/src/cribl_control_plane/models/azureblobcollectorconf.py index ed46aa300..c7c0dd4f7 100644 --- a/src/cribl_control_plane/models/azureblobcollectorconf.py +++ b/src/cribl_control_plane/models/azureblobcollectorconf.py @@ -73,16 +73,30 @@ class AzureBlobAuthTypeClientCertTypedDict(TypedDict): r"""Include Azure Blob tags in collected events. In each event, tags will be located at: __collectible.tags. Disable this feature when using a Shared Access Signature Connection String, to prevent errors.""" max_batch_size: NotRequired[float] r"""Maximum number of metadata objects to batch before recording as results""" + disable_time_filter: NotRequired[bool] + r"""Disable Collector event time filtering when a date range is specified""" parquet_chunk_size_mb: NotRequired[float] r"""Maximum file size for each Parquet chunk""" parquet_chunk_download_timeout: NotRequired[float] r"""The maximum time allowed for downloading a Parquet chunk. Processing will abort if a chunk cannot be downloaded within the time specified.""" connection_string: NotRequired[str] r"""Enter your Azure storage account Connection String. If left blank, Cribl Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING.""" + template_connection_string: NotRequired[str] + r"""Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime.""" text_secret: NotRequired[str] r"""Text secret""" + template_storage_account_name: NotRequired[str] + r"""Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime.""" + template_tenant_id: NotRequired[str] + r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" + template_client_id: NotRequired[str] + r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" client_text_secret: NotRequired[str] r"""Text secret containing the client secret""" + template_endpoint_suffix: NotRequired[str] + r"""Binds 'endpointSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpointSuffix' at runtime.""" + template_azure_cloud: NotRequired[str] + r"""Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime.""" template_container_name: NotRequired[str] r"""Binds 'containerName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'containerName' at runtime.""" template_path: NotRequired[str] @@ -143,6 +157,11 @@ class AzureBlobAuthTypeClientCert(BaseModel): ) r"""Maximum number of metadata objects to batch before recording as results""" + disable_time_filter: Annotated[ + Optional[bool], pydantic.Field(alias="disableTimeFilter") + ] = None + r"""Disable Collector event time filtering when a date range is specified""" + parquet_chunk_size_mb: Annotated[ Optional[float], pydantic.Field(alias="parquetChunkSizeMB") ] = None @@ -158,14 +177,44 @@ class AzureBlobAuthTypeClientCert(BaseModel): ] = None r"""Enter your Azure storage account Connection String. If left blank, Cribl Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING.""" + template_connection_string: Annotated[ + Optional[str], pydantic.Field(alias="__template_connectionString") + ] = None + r"""Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime.""" + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None r"""Text secret""" + template_storage_account_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_storageAccountName") + ] = None + r"""Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime.""" + + template_tenant_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_tenantId") + ] = None + r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" + + template_client_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientId") + ] = None + r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" + client_text_secret: Annotated[ Optional[str], pydantic.Field(alias="clientTextSecret") ] = None r"""Text secret containing the client secret""" + template_endpoint_suffix: Annotated[ + Optional[str], pydantic.Field(alias="__template_endpointSuffix") + ] = None + r"""Binds 'endpointSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpointSuffix' at runtime.""" + + template_azure_cloud: Annotated[ + Optional[str], pydantic.Field(alias="__template_azureCloud") + ] = None + r"""Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime.""" + template_container_name: Annotated[ Optional[str], pydantic.Field(alias="__template_containerName") ] = None @@ -199,11 +248,18 @@ def serialize_model(self, handler): "includeMetadata", "includeTags", "maxBatchSize", + "disableTimeFilter", "parquetChunkSizeMB", "parquetChunkDownloadTimeout", "connectionString", + "__template_connectionString", "textSecret", + "__template_storageAccountName", + "__template_tenantId", + "__template_clientId", "clientTextSecret", + "__template_endpointSuffix", + "__template_azureCloud", "__template_containerName", "__template_path", ] @@ -265,6 +321,16 @@ class AzureBlobAuthTypeClientSecretTypedDict(TypedDict): r"""The endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net.""" azure_cloud: NotRequired[str] r"""The Azure cloud to use. Defaults to Azure Public Cloud.""" + template_storage_account_name: NotRequired[str] + r"""Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime.""" + template_tenant_id: NotRequired[str] + r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" + template_client_id: NotRequired[str] + r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" + template_endpoint_suffix: NotRequired[str] + r"""Binds 'endpointSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpointSuffix' at runtime.""" + template_azure_cloud: NotRequired[str] + r"""Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime.""" output_name: NotRequired[str] r"""An optional predefined Destination that will be used to auto-populate Collector settings""" path: NotRequired[str] @@ -279,12 +345,16 @@ class AzureBlobAuthTypeClientSecretTypedDict(TypedDict): r"""Include Azure Blob tags in collected events. In each event, tags will be located at: __collectible.tags. Disable this feature when using a Shared Access Signature Connection String, to prevent errors.""" max_batch_size: NotRequired[float] r"""Maximum number of metadata objects to batch before recording as results""" + disable_time_filter: NotRequired[bool] + r"""Disable Collector event time filtering when a date range is specified""" parquet_chunk_size_mb: NotRequired[float] r"""Maximum file size for each Parquet chunk""" parquet_chunk_download_timeout: NotRequired[float] r"""The maximum time allowed for downloading a Parquet chunk. Processing will abort if a chunk cannot be downloaded within the time specified.""" connection_string: NotRequired[str] r"""Enter your Azure storage account Connection String. If left blank, Cribl Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING.""" + template_connection_string: NotRequired[str] + r"""Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime.""" text_secret: NotRequired[str] r"""Text secret""" certificate: NotRequired[CertificateTypeAzureBlobAuthTypeClientCertTypedDict] @@ -324,6 +394,31 @@ class AzureBlobAuthTypeClientSecret(BaseModel): azure_cloud: Annotated[Optional[str], pydantic.Field(alias="azureCloud")] = None r"""The Azure cloud to use. Defaults to Azure Public Cloud.""" + template_storage_account_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_storageAccountName") + ] = None + r"""Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime.""" + + template_tenant_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_tenantId") + ] = None + r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" + + template_client_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientId") + ] = None + r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" + + template_endpoint_suffix: Annotated[ + Optional[str], pydantic.Field(alias="__template_endpointSuffix") + ] = None + r"""Binds 'endpointSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpointSuffix' at runtime.""" + + template_azure_cloud: Annotated[ + Optional[str], pydantic.Field(alias="__template_azureCloud") + ] = None + r"""Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime.""" + output_name: Annotated[Optional[str], pydantic.Field(alias="outputName")] = None r"""An optional predefined Destination that will be used to auto-populate Collector settings""" @@ -349,6 +444,11 @@ class AzureBlobAuthTypeClientSecret(BaseModel): ) r"""Maximum number of metadata objects to batch before recording as results""" + disable_time_filter: Annotated[ + Optional[bool], pydantic.Field(alias="disableTimeFilter") + ] = None + r"""Disable Collector event time filtering when a date range is specified""" + parquet_chunk_size_mb: Annotated[ Optional[float], pydantic.Field(alias="parquetChunkSizeMB") ] = None @@ -364,6 +464,11 @@ class AzureBlobAuthTypeClientSecret(BaseModel): ] = None r"""Enter your Azure storage account Connection String. If left blank, Cribl Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING.""" + template_connection_string: Annotated[ + Optional[str], pydantic.Field(alias="__template_connectionString") + ] = None + r"""Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime.""" + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None r"""Text secret""" @@ -395,6 +500,11 @@ def serialize_model(self, handler): "authType", "endpointSuffix", "azureCloud", + "__template_storageAccountName", + "__template_tenantId", + "__template_clientId", + "__template_endpointSuffix", + "__template_azureCloud", "outputName", "path", "extractors", @@ -402,9 +512,11 @@ def serialize_model(self, handler): "includeMetadata", "includeTags", "maxBatchSize", + "disableTimeFilter", "parquetChunkSizeMB", "parquetChunkDownloadTimeout", "connectionString", + "__template_connectionString", "textSecret", "certificate", "__template_containerName", @@ -472,14 +584,38 @@ class AzureBlobAuthTypeSecretTypedDict(TypedDict): r"""Include Azure Blob tags in collected events. In each event, tags will be located at: __collectible.tags. Disable this feature when using a Shared Access Signature Connection String, to prevent errors.""" max_batch_size: NotRequired[float] r"""Maximum number of metadata objects to batch before recording as results""" + disable_time_filter: NotRequired[bool] + r"""Disable Collector event time filtering when a date range is specified""" parquet_chunk_size_mb: NotRequired[float] r"""Maximum file size for each Parquet chunk""" parquet_chunk_download_timeout: NotRequired[float] r"""The maximum time allowed for downloading a Parquet chunk. Processing will abort if a chunk cannot be downloaded within the time specified.""" connection_string: NotRequired[str] r"""Enter your Azure storage account Connection String. If left blank, Cribl Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING.""" + template_connection_string: NotRequired[str] + r"""Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime.""" + storage_account_name: NotRequired[str] + r"""The name of your Azure storage account""" + template_storage_account_name: NotRequired[str] + r"""Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime.""" + tenant_id: NotRequired[str] + r"""The service principal's tenant ID""" + template_tenant_id: NotRequired[str] + r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" + client_id: NotRequired[str] + r"""The service principal's client ID""" + template_client_id: NotRequired[str] + r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" client_text_secret: NotRequired[str] r"""Text secret containing the client secret""" + endpoint_suffix: NotRequired[str] + r"""The endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net.""" + template_endpoint_suffix: NotRequired[str] + r"""Binds 'endpointSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpointSuffix' at runtime.""" + azure_cloud: NotRequired[str] + r"""The Azure cloud to use. Defaults to Azure Public Cloud.""" + template_azure_cloud: NotRequired[str] + r"""Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime.""" certificate: NotRequired[CertificateTypeAzureBlobAuthTypeClientCertTypedDict] template_container_name: NotRequired[str] r"""Binds 'containerName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'containerName' at runtime.""" @@ -525,6 +661,11 @@ class AzureBlobAuthTypeSecret(BaseModel): ) r"""Maximum number of metadata objects to batch before recording as results""" + disable_time_filter: Annotated[ + Optional[bool], pydantic.Field(alias="disableTimeFilter") + ] = None + r"""Disable Collector event time filtering when a date range is specified""" + parquet_chunk_size_mb: Annotated[ Optional[float], pydantic.Field(alias="parquetChunkSizeMB") ] = None @@ -540,11 +681,60 @@ class AzureBlobAuthTypeSecret(BaseModel): ] = None r"""Enter your Azure storage account Connection String. If left blank, Cribl Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING.""" + template_connection_string: Annotated[ + Optional[str], pydantic.Field(alias="__template_connectionString") + ] = None + r"""Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime.""" + + storage_account_name: Annotated[ + Optional[str], pydantic.Field(alias="storageAccountName") + ] = None + r"""The name of your Azure storage account""" + + template_storage_account_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_storageAccountName") + ] = None + r"""Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime.""" + + tenant_id: Annotated[Optional[str], pydantic.Field(alias="tenantId")] = None + r"""The service principal's tenant ID""" + + template_tenant_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_tenantId") + ] = None + r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" + + client_id: Annotated[Optional[str], pydantic.Field(alias="clientId")] = None + r"""The service principal's client ID""" + + template_client_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientId") + ] = None + r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" + client_text_secret: Annotated[ Optional[str], pydantic.Field(alias="clientTextSecret") ] = None r"""Text secret containing the client secret""" + endpoint_suffix: Annotated[ + Optional[str], pydantic.Field(alias="endpointSuffix") + ] = None + r"""The endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net.""" + + template_endpoint_suffix: Annotated[ + Optional[str], pydantic.Field(alias="__template_endpointSuffix") + ] = None + r"""Binds 'endpointSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpointSuffix' at runtime.""" + + azure_cloud: Annotated[Optional[str], pydantic.Field(alias="azureCloud")] = None + r"""The Azure cloud to use. Defaults to Azure Public Cloud.""" + + template_azure_cloud: Annotated[ + Optional[str], pydantic.Field(alias="__template_azureCloud") + ] = None + r"""Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime.""" + certificate: Optional[CertificateTypeAzureBlobAuthTypeClientCert] = None template_container_name: Annotated[ @@ -578,10 +768,22 @@ def serialize_model(self, handler): "includeMetadata", "includeTags", "maxBatchSize", + "disableTimeFilter", "parquetChunkSizeMB", "parquetChunkDownloadTimeout", "connectionString", + "__template_connectionString", + "storageAccountName", + "__template_storageAccountName", + "tenantId", + "__template_tenantId", + "clientId", + "__template_clientId", "clientTextSecret", + "endpointSuffix", + "__template_endpointSuffix", + "azureCloud", + "__template_azureCloud", "certificate", "__template_containerName", "__template_path", @@ -634,6 +836,8 @@ class AzureBlobAuthTypeManualTypedDict(TypedDict): r"""Container to collect from. This value can be a constant, or a JavaScript expression that can only be evaluated at init time. Example referencing a Global Variable: myBucket-${C.vars.myVar}""" auth_type: NotRequired[AzureBlobAuthTypeManualAuthenticationMethod] r"""Enter authentication data directly, or select a secret referencing your auth data""" + template_connection_string: NotRequired[str] + r"""Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime.""" output_name: NotRequired[str] r"""An optional predefined Destination that will be used to auto-populate Collector settings""" path: NotRequired[str] @@ -648,14 +852,36 @@ class AzureBlobAuthTypeManualTypedDict(TypedDict): r"""Include Azure Blob tags in collected events. In each event, tags will be located at: __collectible.tags. Disable this feature when using a Shared Access Signature Connection String, to prevent errors.""" max_batch_size: NotRequired[float] r"""Maximum number of metadata objects to batch before recording as results""" + disable_time_filter: NotRequired[bool] + r"""Disable Collector event time filtering when a date range is specified""" parquet_chunk_size_mb: NotRequired[float] r"""Maximum file size for each Parquet chunk""" parquet_chunk_download_timeout: NotRequired[float] r"""The maximum time allowed for downloading a Parquet chunk. Processing will abort if a chunk cannot be downloaded within the time specified.""" text_secret: NotRequired[str] r"""Text secret""" + storage_account_name: NotRequired[str] + r"""The name of your Azure storage account""" + template_storage_account_name: NotRequired[str] + r"""Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime.""" + tenant_id: NotRequired[str] + r"""The service principal's tenant ID""" + template_tenant_id: NotRequired[str] + r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" + client_id: NotRequired[str] + r"""The service principal's client ID""" + template_client_id: NotRequired[str] + r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" client_text_secret: NotRequired[str] r"""Text secret containing the client secret""" + endpoint_suffix: NotRequired[str] + r"""The endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net.""" + template_endpoint_suffix: NotRequired[str] + r"""Binds 'endpointSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpointSuffix' at runtime.""" + azure_cloud: NotRequired[str] + r"""The Azure cloud to use. Defaults to Azure Public Cloud.""" + template_azure_cloud: NotRequired[str] + r"""Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime.""" certificate: NotRequired[CertificateTypeAzureBlobAuthTypeClientCertTypedDict] template_container_name: NotRequired[str] r"""Binds 'containerName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'containerName' at runtime.""" @@ -676,6 +902,11 @@ class AzureBlobAuthTypeManual(BaseModel): ] = None r"""Enter authentication data directly, or select a secret referencing your auth data""" + template_connection_string: Annotated[ + Optional[str], pydantic.Field(alias="__template_connectionString") + ] = None + r"""Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime.""" + output_name: Annotated[Optional[str], pydantic.Field(alias="outputName")] = None r"""An optional predefined Destination that will be used to auto-populate Collector settings""" @@ -701,6 +932,11 @@ class AzureBlobAuthTypeManual(BaseModel): ) r"""Maximum number of metadata objects to batch before recording as results""" + disable_time_filter: Annotated[ + Optional[bool], pydantic.Field(alias="disableTimeFilter") + ] = None + r"""Disable Collector event time filtering when a date range is specified""" + parquet_chunk_size_mb: Annotated[ Optional[float], pydantic.Field(alias="parquetChunkSizeMB") ] = None @@ -714,11 +950,55 @@ class AzureBlobAuthTypeManual(BaseModel): text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None r"""Text secret""" + storage_account_name: Annotated[ + Optional[str], pydantic.Field(alias="storageAccountName") + ] = None + r"""The name of your Azure storage account""" + + template_storage_account_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_storageAccountName") + ] = None + r"""Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime.""" + + tenant_id: Annotated[Optional[str], pydantic.Field(alias="tenantId")] = None + r"""The service principal's tenant ID""" + + template_tenant_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_tenantId") + ] = None + r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" + + client_id: Annotated[Optional[str], pydantic.Field(alias="clientId")] = None + r"""The service principal's client ID""" + + template_client_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientId") + ] = None + r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" + client_text_secret: Annotated[ Optional[str], pydantic.Field(alias="clientTextSecret") ] = None r"""Text secret containing the client secret""" + endpoint_suffix: Annotated[ + Optional[str], pydantic.Field(alias="endpointSuffix") + ] = None + r"""The endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net.""" + + template_endpoint_suffix: Annotated[ + Optional[str], pydantic.Field(alias="__template_endpointSuffix") + ] = None + r"""Binds 'endpointSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpointSuffix' at runtime.""" + + azure_cloud: Annotated[Optional[str], pydantic.Field(alias="azureCloud")] = None + r"""The Azure cloud to use. Defaults to Azure Public Cloud.""" + + template_azure_cloud: Annotated[ + Optional[str], pydantic.Field(alias="__template_azureCloud") + ] = None + r"""Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime.""" + certificate: Optional[CertificateTypeAzureBlobAuthTypeClientCert] = None template_container_name: Annotated[ @@ -745,6 +1025,7 @@ def serialize_model(self, handler): optional_fields = set( [ "authType", + "__template_connectionString", "outputName", "path", "extractors", @@ -752,10 +1033,21 @@ def serialize_model(self, handler): "includeMetadata", "includeTags", "maxBatchSize", + "disableTimeFilter", "parquetChunkSizeMB", "parquetChunkDownloadTimeout", "textSecret", + "storageAccountName", + "__template_storageAccountName", + "tenantId", + "__template_tenantId", + "clientId", + "__template_clientId", "clientTextSecret", + "endpointSuffix", + "__template_endpointSuffix", + "azureCloud", + "__template_azureCloud", "certificate", "__template_containerName", "__template_path", diff --git a/src/cribl_control_plane/models/branchinfo.py b/src/cribl_control_plane/models/branchinfo.py index 61587e382..3195c05fc 100644 --- a/src/cribl_control_plane/models/branchinfo.py +++ b/src/cribl_control_plane/models/branchinfo.py @@ -7,7 +7,9 @@ class BranchInfoTypedDict(TypedDict): id: str + r"""Unique identifier.""" class BranchInfo(BaseModel): id: str + r"""Unique identifier.""" diff --git a/src/cribl_control_plane/models/cacheconnection.py b/src/cribl_control_plane/models/cacheconnection.py index 7f487b5a2..76364a173 100644 --- a/src/cribl_control_plane/models/cacheconnection.py +++ b/src/cribl_control_plane/models/cacheconnection.py @@ -13,9 +13,9 @@ class CacheConnectionTypedDict(TypedDict): cache_ref: str - r"""Identifier of the Lakehouse cache referenced by the Dataset.""" + r"""Unique identifier for the Lakehouse cache referenced by the Dataset.""" created_at: float - r"""Timestamp when the continuous data feed to the Lakehouse cache started, in Unix time (milliseconds).""" + r"""Timestamp (in Unix time) when the continuous data feed to the Lakehouse cache started, in milliseconds.""" retention_in_days: float r"""Retention period for the Lakehouse cache connection, in days.""" accelerated_fields: NotRequired[List[str]] @@ -23,15 +23,15 @@ class CacheConnectionTypedDict(TypedDict): backfill_status: NotRequired[CacheConnectionBackfillStatus] lakehouse_connection_type: NotRequired[LakehouseConnectionType] migration_query_id: NotRequired[str] - r"""Query identifier of the active Lakehouse migration. Omitted if no migration is in progress.""" + r"""Unique identifier for the active Lakehouse migration query. Omitted if no migration is in progress.""" class CacheConnection(BaseModel): cache_ref: Annotated[str, pydantic.Field(alias="cacheRef")] - r"""Identifier of the Lakehouse cache referenced by the Dataset.""" + r"""Unique identifier for the Lakehouse cache referenced by the Dataset.""" created_at: Annotated[float, pydantic.Field(alias="createdAt")] - r"""Timestamp when the continuous data feed to the Lakehouse cache started, in Unix time (milliseconds).""" + r"""Timestamp (in Unix time) when the continuous data feed to the Lakehouse cache started, in milliseconds.""" retention_in_days: Annotated[float, pydantic.Field(alias="retentionInDays")] r"""Retention period for the Lakehouse cache connection, in days.""" @@ -53,7 +53,7 @@ class CacheConnection(BaseModel): migration_query_id: Annotated[ Optional[str], pydantic.Field(alias="migrationQueryId") ] = None - r"""Query identifier of the active Lakehouse migration. Omitted if no migration is in progress.""" + r"""Unique identifier for the active Lakehouse migration query. Omitted if no migration is in progress.""" @field_serializer("backfill_status") def serialize_backfill_status(self, value): diff --git a/src/cribl_control_plane/models/collectortype.py b/src/cribl_control_plane/models/collectortype.py new file mode 100644 index 000000000..230b40176 --- /dev/null +++ b/src/cribl_control_plane/models/collectortype.py @@ -0,0 +1,18 @@ +"""Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" + +from __future__ import annotations +from cribl_control_plane import utils +from enum import Enum + + +class CollectorType(str, Enum, metaclass=utils.OpenEnumMeta): + AZURE_BLOB = "azure_blob" + CRIBL_LAKE = "cribl_lake" + DATABASE = "database" + FILESYSTEM = "filesystem" + GOOGLE_CLOUD_STORAGE = "google_cloud_storage" + HEALTH_CHECK = "health_check" + REST = "rest" + S3 = "s3" + SCRIPT = "script" + SPLUNK = "splunk" diff --git a/src/cribl_control_plane/models/configgroup.py b/src/cribl_control_plane/models/configgroup.py index 7c8bfdd94..e32281d14 100644 --- a/src/cribl_control_plane/models/configgroup.py +++ b/src/cribl_control_plane/models/configgroup.py @@ -56,6 +56,7 @@ def serialize_model(self, handler): class ConfigGroupTypedDict(TypedDict): id: str + r"""Unique identifier.""" cloud: NotRequired[ConfigGroupCloudTypedDict] config_version: NotRequired[str] r"""Commit hash of the deployed configuration version for the Worker Group, Outpost Group, or Edge Fleet. Automatically populated and returned in responses.

**Warning**: Do not change the value of configVersion in the body of PATCH requests. The PATCH request body must include the value as it appears in the GET /products/{product}/groups/{id} response.""" @@ -101,6 +102,7 @@ class ConfigGroupTypedDict(TypedDict): class ConfigGroup(BaseModel): id: str + r"""Unique identifier.""" cloud: Optional[ConfigGroupCloud] = None diff --git a/src/cribl_control_plane/models/countedboolean.py b/src/cribl_control_plane/models/countedboolean.py index 644d62430..c1916bfa9 100644 --- a/src/cribl_control_plane/models/countedboolean.py +++ b/src/cribl_control_plane/models/countedboolean.py @@ -11,6 +11,7 @@ class CountedBooleanTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[bool]] + r"""List of items in this response.""" class CountedBoolean(BaseModel): @@ -18,6 +19,7 @@ class CountedBoolean(BaseModel): r"""number of items present in the items array""" items: Optional[List[bool]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedbranchinfo.py b/src/cribl_control_plane/models/countedbranchinfo.py index b7110e22f..c056e87dd 100644 --- a/src/cribl_control_plane/models/countedbranchinfo.py +++ b/src/cribl_control_plane/models/countedbranchinfo.py @@ -12,6 +12,7 @@ class CountedBranchInfoTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[BranchInfoTypedDict]] + r"""List of items in this response.""" class CountedBranchInfo(BaseModel): @@ -19,6 +20,7 @@ class CountedBranchInfo(BaseModel): r"""number of items present in the items array""" items: Optional[List[BranchInfo]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedconfiggroup.py b/src/cribl_control_plane/models/countedconfiggroup.py index fdc1df0ff..afaae2f2c 100644 --- a/src/cribl_control_plane/models/countedconfiggroup.py +++ b/src/cribl_control_plane/models/countedconfiggroup.py @@ -12,6 +12,7 @@ class CountedConfigGroupTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[ConfigGroupTypedDict]] + r"""List of items in this response.""" class CountedConfigGroup(BaseModel): @@ -19,6 +20,7 @@ class CountedConfigGroup(BaseModel): r"""number of items present in the items array""" items: Optional[List[ConfigGroup]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedcribllakedataset.py b/src/cribl_control_plane/models/countedcribllakedataset.py index cc2710265..dd9aff971 100644 --- a/src/cribl_control_plane/models/countedcribllakedataset.py +++ b/src/cribl_control_plane/models/countedcribllakedataset.py @@ -12,6 +12,7 @@ class CountedCriblLakeDatasetTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[CriblLakeDatasetTypedDict]] + r"""List of items in this response.""" class CountedCriblLakeDataset(BaseModel): @@ -19,6 +20,7 @@ class CountedCriblLakeDataset(BaseModel): r"""number of items present in the items array""" items: Optional[List[CriblLakeDataset]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/counteddatabaseconnectionconfig.py b/src/cribl_control_plane/models/counteddatabaseconnectionconfig.py index 7c9d1cdfc..ed95193e9 100644 --- a/src/cribl_control_plane/models/counteddatabaseconnectionconfig.py +++ b/src/cribl_control_plane/models/counteddatabaseconnectionconfig.py @@ -15,6 +15,7 @@ class CountedDatabaseConnectionConfigTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[DatabaseConnectionConfigTypedDict]] + r"""List of items in this response.""" class CountedDatabaseConnectionConfig(BaseModel): @@ -22,6 +23,7 @@ class CountedDatabaseConnectionConfig(BaseModel): r"""number of items present in the items array""" items: Optional[List[DatabaseConnectionConfig]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/counteddistributedsummary.py b/src/cribl_control_plane/models/counteddistributedsummary.py index bf4673b46..cb1acfc8c 100644 --- a/src/cribl_control_plane/models/counteddistributedsummary.py +++ b/src/cribl_control_plane/models/counteddistributedsummary.py @@ -12,6 +12,7 @@ class CountedDistributedSummaryTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[DistributedSummaryTypedDict]] + r"""List of items in this response.""" class CountedDistributedSummary(BaseModel): @@ -19,6 +20,7 @@ class CountedDistributedSummary(BaseModel): r"""number of items present in the items array""" items: Optional[List[DistributedSummary]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedfunctionresponse.py b/src/cribl_control_plane/models/countedfunctionresponse.py index 8ae16312a..c543fca32 100644 --- a/src/cribl_control_plane/models/countedfunctionresponse.py +++ b/src/cribl_control_plane/models/countedfunctionresponse.py @@ -12,6 +12,7 @@ class CountedFunctionResponseTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[FunctionResponseTypedDict]] + r"""List of items in this response.""" class CountedFunctionResponse(BaseModel): @@ -19,6 +20,7 @@ class CountedFunctionResponse(BaseModel): r"""number of items present in the items array""" items: Optional[List[FunctionResponse]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedgitcommitsummary.py b/src/cribl_control_plane/models/countedgitcommitsummary.py index 8d9b9d714..1bf17a066 100644 --- a/src/cribl_control_plane/models/countedgitcommitsummary.py +++ b/src/cribl_control_plane/models/countedgitcommitsummary.py @@ -12,6 +12,7 @@ class CountedGitCommitSummaryTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[GitCommitSummaryTypedDict]] + r"""List of items in this response.""" class CountedGitCommitSummary(BaseModel): @@ -19,6 +20,7 @@ class CountedGitCommitSummary(BaseModel): r"""number of items present in the items array""" items: Optional[List[GitCommitSummary]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedgitcountresult.py b/src/cribl_control_plane/models/countedgitcountresult.py index b141acad8..4f73600aa 100644 --- a/src/cribl_control_plane/models/countedgitcountresult.py +++ b/src/cribl_control_plane/models/countedgitcountresult.py @@ -12,6 +12,7 @@ class CountedGitCountResultTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[GitCountResultTypedDict]] + r"""List of items in this response.""" class CountedGitCountResult(BaseModel): @@ -19,6 +20,7 @@ class CountedGitCountResult(BaseModel): r"""number of items present in the items array""" items: Optional[List[GitCountResult]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedgitdiffresult.py b/src/cribl_control_plane/models/countedgitdiffresult.py index a67f5cea5..027f3098c 100644 --- a/src/cribl_control_plane/models/countedgitdiffresult.py +++ b/src/cribl_control_plane/models/countedgitdiffresult.py @@ -12,6 +12,7 @@ class CountedGitDiffResultTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[GitDiffResultTypedDict]] + r"""List of items in this response.""" class CountedGitDiffResult(BaseModel): @@ -19,6 +20,7 @@ class CountedGitDiffResult(BaseModel): r"""number of items present in the items array""" items: Optional[List[GitDiffResult]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedgitfilesresponse.py b/src/cribl_control_plane/models/countedgitfilesresponse.py index 84a952fb5..506258505 100644 --- a/src/cribl_control_plane/models/countedgitfilesresponse.py +++ b/src/cribl_control_plane/models/countedgitfilesresponse.py @@ -12,6 +12,7 @@ class CountedGitFilesResponseTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[GitFilesResponseTypedDict]] + r"""List of items in this response.""" class CountedGitFilesResponse(BaseModel): @@ -19,6 +20,7 @@ class CountedGitFilesResponse(BaseModel): r"""number of items present in the items array""" items: Optional[List[GitFilesResponse]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedgitinfo.py b/src/cribl_control_plane/models/countedgitinfo.py index f3f3367e3..524c1cc7d 100644 --- a/src/cribl_control_plane/models/countedgitinfo.py +++ b/src/cribl_control_plane/models/countedgitinfo.py @@ -12,6 +12,7 @@ class CountedGitInfoTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[GitInfoTypedDict]] + r"""List of items in this response.""" class CountedGitInfo(BaseModel): @@ -19,6 +20,7 @@ class CountedGitInfo(BaseModel): r"""number of items present in the items array""" items: Optional[List[GitInfo]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedgitlogresult.py b/src/cribl_control_plane/models/countedgitlogresult.py index 6dfa03246..558055115 100644 --- a/src/cribl_control_plane/models/countedgitlogresult.py +++ b/src/cribl_control_plane/models/countedgitlogresult.py @@ -12,6 +12,7 @@ class CountedGitLogResultTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[GitLogResultTypedDict]] + r"""List of items in this response.""" class CountedGitLogResult(BaseModel): @@ -19,6 +20,7 @@ class CountedGitLogResult(BaseModel): r"""number of items present in the items array""" items: Optional[List[GitLogResult]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedgitrevertresult.py b/src/cribl_control_plane/models/countedgitrevertresult.py index a1231bd07..943bac762 100644 --- a/src/cribl_control_plane/models/countedgitrevertresult.py +++ b/src/cribl_control_plane/models/countedgitrevertresult.py @@ -12,6 +12,7 @@ class CountedGitRevertResultTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[GitRevertResultTypedDict]] + r"""List of items in this response.""" class CountedGitRevertResult(BaseModel): @@ -19,6 +20,7 @@ class CountedGitRevertResult(BaseModel): r"""number of items present in the items array""" items: Optional[List[GitRevertResult]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedgitshowresult.py b/src/cribl_control_plane/models/countedgitshowresult.py index 93132b5db..b68460f84 100644 --- a/src/cribl_control_plane/models/countedgitshowresult.py +++ b/src/cribl_control_plane/models/countedgitshowresult.py @@ -12,6 +12,7 @@ class CountedGitShowResultTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[GitShowResultTypedDict]] + r"""List of items in this response.""" class CountedGitShowResult(BaseModel): @@ -19,6 +20,7 @@ class CountedGitShowResult(BaseModel): r"""number of items present in the items array""" items: Optional[List[GitShowResult]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedgitstatusresult.py b/src/cribl_control_plane/models/countedgitstatusresult.py index 05e1352be..c15fe53bc 100644 --- a/src/cribl_control_plane/models/countedgitstatusresult.py +++ b/src/cribl_control_plane/models/countedgitstatusresult.py @@ -12,6 +12,7 @@ class CountedGitStatusResultTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[GitStatusResultTypedDict]] + r"""List of items in this response.""" class CountedGitStatusResult(BaseModel): @@ -19,6 +20,7 @@ class CountedGitStatusResult(BaseModel): r"""number of items present in the items array""" items: Optional[List[GitStatusResult]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedinputresponse.py b/src/cribl_control_plane/models/countedinputresponse.py index f0736a762..ab0cb0223 100644 --- a/src/cribl_control_plane/models/countedinputresponse.py +++ b/src/cribl_control_plane/models/countedinputresponse.py @@ -12,6 +12,7 @@ class CountedInputResponseTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[InputResponseTypedDict]] + r"""List of items in this response.""" class CountedInputResponse(BaseModel): @@ -19,6 +20,7 @@ class CountedInputResponse(BaseModel): r"""number of items present in the items array""" items: Optional[List[InputResponse]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedinputsplunkhec.py b/src/cribl_control_plane/models/countedinputsplunkhec.py index 656bc438b..aadea63de 100644 --- a/src/cribl_control_plane/models/countedinputsplunkhec.py +++ b/src/cribl_control_plane/models/countedinputsplunkhec.py @@ -12,6 +12,7 @@ class CountedInputSplunkHecTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[InputSplunkHecTypedDict]] + r"""List of items in this response.""" class CountedInputSplunkHec(BaseModel): @@ -19,6 +20,7 @@ class CountedInputSplunkHec(BaseModel): r"""number of items present in the items array""" items: Optional[List[InputSplunkHec]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedinputstatus.py b/src/cribl_control_plane/models/countedinputstatus.py index d883c6bd7..d70792b3c 100644 --- a/src/cribl_control_plane/models/countedinputstatus.py +++ b/src/cribl_control_plane/models/countedinputstatus.py @@ -12,6 +12,7 @@ class CountedInputStatusTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[InputStatusTypedDict]] + r"""List of items in this response.""" class CountedInputStatus(BaseModel): @@ -19,6 +20,7 @@ class CountedInputStatus(BaseModel): r"""number of items present in the items array""" items: Optional[List[InputStatus]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedjobinfo.py b/src/cribl_control_plane/models/countedjobinfo.py index 758bc1206..99d2aca5e 100644 --- a/src/cribl_control_plane/models/countedjobinfo.py +++ b/src/cribl_control_plane/models/countedjobinfo.py @@ -12,6 +12,7 @@ class CountedJobInfoTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[JobInfoTypedDict]] + r"""List of items in this response.""" class CountedJobInfo(BaseModel): @@ -19,6 +20,7 @@ class CountedJobInfo(BaseModel): r"""number of items present in the items array""" items: Optional[List[JobInfo]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedmasterworkerentry.py b/src/cribl_control_plane/models/countedmasterworkerentry.py index 5463e6218..d0d479125 100644 --- a/src/cribl_control_plane/models/countedmasterworkerentry.py +++ b/src/cribl_control_plane/models/countedmasterworkerentry.py @@ -12,6 +12,7 @@ class CountedMasterWorkerEntryTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[MasterWorkerEntryTypedDict]] + r"""List of items in this response.""" class CountedMasterWorkerEntry(BaseModel): @@ -19,6 +20,7 @@ class CountedMasterWorkerEntry(BaseModel): r"""number of items present in the items array""" items: Optional[List[MasterWorkerEntry]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countednumber.py b/src/cribl_control_plane/models/countednumber.py index d2af62805..31e6e0584 100644 --- a/src/cribl_control_plane/models/countednumber.py +++ b/src/cribl_control_plane/models/countednumber.py @@ -11,6 +11,7 @@ class CountedNumberTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[float]] + r"""List of items in this response.""" class CountedNumber(BaseModel): @@ -18,6 +19,7 @@ class CountedNumber(BaseModel): r"""number of items present in the items array""" items: Optional[List[float]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedoutputresponse.py b/src/cribl_control_plane/models/countedoutputresponse.py index 38b03d058..4877f348f 100644 --- a/src/cribl_control_plane/models/countedoutputresponse.py +++ b/src/cribl_control_plane/models/countedoutputresponse.py @@ -12,6 +12,7 @@ class CountedOutputResponseTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[OutputResponseTypedDict]] + r"""List of items in this response.""" class CountedOutputResponse(BaseModel): @@ -19,6 +20,7 @@ class CountedOutputResponse(BaseModel): r"""number of items present in the items array""" items: Optional[List[OutputResponse]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedoutputsamplesresponse.py b/src/cribl_control_plane/models/countedoutputsamplesresponse.py index 49ae98566..85ad39101 100644 --- a/src/cribl_control_plane/models/countedoutputsamplesresponse.py +++ b/src/cribl_control_plane/models/countedoutputsamplesresponse.py @@ -12,6 +12,7 @@ class CountedOutputSamplesResponseTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[OutputSamplesResponseTypedDict]] + r"""List of items in this response.""" class CountedOutputSamplesResponse(BaseModel): @@ -19,6 +20,7 @@ class CountedOutputSamplesResponse(BaseModel): r"""number of items present in the items array""" items: Optional[List[OutputSamplesResponse]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedoutputstatus.py b/src/cribl_control_plane/models/countedoutputstatus.py index a2b463899..7ec809e67 100644 --- a/src/cribl_control_plane/models/countedoutputstatus.py +++ b/src/cribl_control_plane/models/countedoutputstatus.py @@ -12,6 +12,7 @@ class CountedOutputStatusTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[OutputStatusTypedDict]] + r"""List of items in this response.""" class CountedOutputStatus(BaseModel): @@ -19,6 +20,7 @@ class CountedOutputStatus(BaseModel): r"""number of items present in the items array""" items: Optional[List[OutputStatus]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedoutputtestresponse.py b/src/cribl_control_plane/models/countedoutputtestresponse.py index ed7000c47..b91608919 100644 --- a/src/cribl_control_plane/models/countedoutputtestresponse.py +++ b/src/cribl_control_plane/models/countedoutputtestresponse.py @@ -12,6 +12,7 @@ class CountedOutputTestResponseTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[OutputTestResponseTypedDict]] + r"""List of items in this response.""" class CountedOutputTestResponse(BaseModel): @@ -19,6 +20,7 @@ class CountedOutputTestResponse(BaseModel): r"""number of items present in the items array""" items: Optional[List[OutputTestResponse]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedpackinfo.py b/src/cribl_control_plane/models/countedpackinfo.py index bf7d6c4d6..ea0d48f9b 100644 --- a/src/cribl_control_plane/models/countedpackinfo.py +++ b/src/cribl_control_plane/models/countedpackinfo.py @@ -12,6 +12,7 @@ class CountedPackInfoTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[PackInfoTypedDict]] + r"""List of items in this response.""" class CountedPackInfo(BaseModel): @@ -19,6 +20,7 @@ class CountedPackInfo(BaseModel): r"""number of items present in the items array""" items: Optional[List[PackInfo]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedpackinstallinfo.py b/src/cribl_control_plane/models/countedpackinstallinfo.py index eda5dab6f..ea0435914 100644 --- a/src/cribl_control_plane/models/countedpackinstallinfo.py +++ b/src/cribl_control_plane/models/countedpackinstallinfo.py @@ -12,6 +12,7 @@ class CountedPackInstallInfoTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[PackInstallInfoTypedDict]] + r"""List of items in this response.""" class CountedPackInstallInfo(BaseModel): @@ -19,6 +20,7 @@ class CountedPackInstallInfo(BaseModel): r"""number of items present in the items array""" items: Optional[List[PackInstallInfo]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedpackuninstallinfo.py b/src/cribl_control_plane/models/countedpackuninstallinfo.py index 90a35b92e..3d3a6d5bd 100644 --- a/src/cribl_control_plane/models/countedpackuninstallinfo.py +++ b/src/cribl_control_plane/models/countedpackuninstallinfo.py @@ -12,6 +12,7 @@ class CountedPackUninstallInfoTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[PackUninstallInfoTypedDict]] + r"""List of items in this response.""" class CountedPackUninstallInfo(BaseModel): @@ -19,6 +20,7 @@ class CountedPackUninstallInfo(BaseModel): r"""number of items present in the items array""" items: Optional[List[PackUninstallInfo]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedpipeline.py b/src/cribl_control_plane/models/countedpipeline.py index e61605910..37388077e 100644 --- a/src/cribl_control_plane/models/countedpipeline.py +++ b/src/cribl_control_plane/models/countedpipeline.py @@ -12,6 +12,7 @@ class CountedPipelineTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[PipelineTypedDict]] + r"""List of items in this response.""" class CountedPipeline(BaseModel): @@ -19,6 +20,7 @@ class CountedPipeline(BaseModel): r"""number of items present in the items array""" items: Optional[List[Pipeline]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedrestartresponse.py b/src/cribl_control_plane/models/countedrestartresponse.py index a121a6fb2..367fb99c4 100644 --- a/src/cribl_control_plane/models/countedrestartresponse.py +++ b/src/cribl_control_plane/models/countedrestartresponse.py @@ -12,6 +12,7 @@ class CountedRestartResponseTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[RestartResponseTypedDict]] + r"""List of items in this response.""" class CountedRestartResponse(BaseModel): @@ -19,6 +20,7 @@ class CountedRestartResponse(BaseModel): r"""number of items present in the items array""" items: Optional[List[RestartResponse]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedroutes.py b/src/cribl_control_plane/models/countedroutes.py index 4d0e265f2..37887fb06 100644 --- a/src/cribl_control_plane/models/countedroutes.py +++ b/src/cribl_control_plane/models/countedroutes.py @@ -12,6 +12,7 @@ class CountedRoutesTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[RoutesTypedDict]] + r"""List of items in this response.""" class CountedRoutes(BaseModel): @@ -19,6 +20,7 @@ class CountedRoutes(BaseModel): r"""number of items present in the items array""" items: Optional[List[Routes]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedsavedjobresponse.py b/src/cribl_control_plane/models/countedsavedjobresponse.py index 1447a3f71..e1e81e9e6 100644 --- a/src/cribl_control_plane/models/countedsavedjobresponse.py +++ b/src/cribl_control_plane/models/countedsavedjobresponse.py @@ -12,6 +12,7 @@ class CountedSavedJobResponseTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[SavedJobResponseTypedDict]] + r"""List of items in this response.""" class CountedSavedJobResponse(BaseModel): @@ -19,6 +20,7 @@ class CountedSavedJobResponse(BaseModel): r"""number of items present in the items array""" items: Optional[List[SavedJobResponse]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedstring.py b/src/cribl_control_plane/models/countedstring.py index 53e79f5c4..f374790cb 100644 --- a/src/cribl_control_plane/models/countedstring.py +++ b/src/cribl_control_plane/models/countedstring.py @@ -11,6 +11,7 @@ class CountedStringTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[str]] + r"""List of items in this response.""" class CountedString(BaseModel): @@ -18,6 +19,7 @@ class CountedString(BaseModel): r"""number of items present in the items array""" items: Optional[List[str]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedsystemrestartresponse.py b/src/cribl_control_plane/models/countedsystemrestartresponse.py index 6d56f7601..a110823e6 100644 --- a/src/cribl_control_plane/models/countedsystemrestartresponse.py +++ b/src/cribl_control_plane/models/countedsystemrestartresponse.py @@ -12,6 +12,7 @@ class CountedSystemRestartResponseTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[SystemRestartResponseTypedDict]] + r"""List of items in this response.""" class CountedSystemRestartResponse(BaseModel): @@ -19,6 +20,7 @@ class CountedSystemRestartResponse(BaseModel): r"""number of items present in the items array""" items: Optional[List[SystemRestartResponse]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedsystemsettingsconf.py b/src/cribl_control_plane/models/countedsystemsettingsconf.py index a6c7c2040..b8a29c80b 100644 --- a/src/cribl_control_plane/models/countedsystemsettingsconf.py +++ b/src/cribl_control_plane/models/countedsystemsettingsconf.py @@ -12,6 +12,7 @@ class CountedSystemSettingsConfTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[SystemSettingsConfTypedDict]] + r"""List of items in this response.""" class CountedSystemSettingsConf(BaseModel): @@ -19,6 +20,7 @@ class CountedSystemSettingsConf(BaseModel): r"""number of items present in the items array""" items: Optional[List[SystemSettingsConf]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/countedteamaccesscontrollist.py b/src/cribl_control_plane/models/countedteamaccesscontrollist.py index c1b27a9ec..dcdefa970 100644 --- a/src/cribl_control_plane/models/countedteamaccesscontrollist.py +++ b/src/cribl_control_plane/models/countedteamaccesscontrollist.py @@ -12,6 +12,7 @@ class CountedTeamAccessControlListTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[TeamAccessControlListTypedDict]] + r"""List of items in this response.""" class CountedTeamAccessControlList(BaseModel): @@ -19,6 +20,7 @@ class CountedTeamAccessControlList(BaseModel): r"""number of items present in the items array""" items: Optional[List[TeamAccessControlList]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/counteduseraccesscontrollist.py b/src/cribl_control_plane/models/counteduseraccesscontrollist.py index 21e097a86..0196fd054 100644 --- a/src/cribl_control_plane/models/counteduseraccesscontrollist.py +++ b/src/cribl_control_plane/models/counteduseraccesscontrollist.py @@ -12,6 +12,7 @@ class CountedUserAccessControlListTypedDict(TypedDict): count: NotRequired[int] r"""number of items present in the items array""" items: NotRequired[List[UserAccessControlListTypedDict]] + r"""List of items in this response.""" class CountedUserAccessControlList(BaseModel): @@ -19,6 +20,7 @@ class CountedUserAccessControlList(BaseModel): r"""number of items present in the items array""" items: Optional[List[UserAccessControlList]] = None + r"""List of items in this response.""" @model_serializer(mode="wrap") def serialize_model(self, handler): diff --git a/src/cribl_control_plane/models/createinput_logged_in_users.py b/src/cribl_control_plane/models/createinput_logged_in_users.py index c5dca4316..dc87e1325 100644 --- a/src/cribl_control_plane/models/createinput_logged_in_users.py +++ b/src/cribl_control_plane/models/createinput_logged_in_users.py @@ -25,6 +25,10 @@ ) from .diskspoolingtype import DiskSpoolingType, DiskSpoolingTypeTypedDict from .gputype import GpuType, GpuTypeTypedDict +from .httpdiscoveryheaderconfinputprometheus import ( + HTTPDiscoveryHeaderConfInputPrometheus, + HTTPDiscoveryHeaderConfInputPrometheusTypedDict, +) from .logleveloptions import LogLevelOptions from .logleveloptionscontentconfigitemsdebugerror import ( LogLevelOptionsContentConfigItemsDebugError, @@ -50,10 +54,6 @@ PrivacyProtocolOptionsSnmpTrapSerializeV3UserAuthProtocolNotNone, ) from .processtype import ProcessType, ProcessTypeTypedDict -from .requestparamconfinputopenai import ( - RequestParamConfInputOpenai, - RequestParamConfInputOpenaiTypedDict, -) from .retryrulestype import RetryRulesType, RetryRulesTypeTypedDict from .ruleconfinputkubemetrics import ( RuleConfInputKubeMetrics, @@ -880,6 +880,8 @@ class CreateInputAuthTokenCloudflareHecTypedDict(TypedDict): r"""Select Secret to use a text secret to authenticate""" token_secret: NotRequired[str] r"""Select or create a stored text secret""" + token: NotRequired[str] + r"""Shared secret to be provided by any client (Authorization: )""" enabled: NotRequired[bool] description: NotRequired[str] allowed_indexes_at_token: NotRequired[List[str]] @@ -898,6 +900,9 @@ class CreateInputAuthTokenCloudflareHec(BaseModel): token_secret: Annotated[Optional[str], pydantic.Field(alias="tokenSecret")] = None r"""Select or create a stored text secret""" + token: Optional[str] = None + r"""Shared secret to be provided by any client (Authorization: )""" + enabled: Optional[bool] = None description: Optional[str] = None @@ -925,6 +930,7 @@ def serialize_model(self, handler): [ "authType", "tokenSecret", + "token", "enabled", "description", "allowedIndexesAtToken", @@ -3127,7 +3133,7 @@ class CreateInputLogLevelOpenai(str, Enum, metaclass=utils.OpenEnumMeta): class CreateInputContentConfigInputTypedDict(TypedDict): - request_params: List[RequestParamConfInputOpenaiTypedDict] + request_params: List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict] r"""Query-string parameters to send with this endpoint""" pagination_type: CreateInputPaginationType cron_schedule: str @@ -3162,7 +3168,8 @@ class CreateInputContentConfigInputTypedDict(TypedDict): class CreateInputContentConfigInput(BaseModel): request_params: Annotated[ - List[RequestParamConfInputOpenai], pydantic.Field(alias="requestParams") + List[HTTPDiscoveryHeaderConfInputPrometheus], + pydantic.Field(alias="requestParams"), ] r"""Query-string parameters to send with this endpoint""" @@ -3919,7 +3926,7 @@ class CreateInputInputJournalFilesTypedDict(TypedDict): rules: NotRequired[List[CreateInputInputJournalFilesRuleTypedDict]] r"""Add rules to decide which journal objects to allow. Events are generated if no rules are given or if all the rules' expressions evaluate to true.""" current_boot: NotRequired[bool] - r"""Skip log messages that are not part of the current boot session.""" + r"""Skip log messages that are not part of the current boot session""" max_age_dur: NotRequired[str] r"""The maximum log message age, in duration form (e.g,: 60s, 4h, 3d, 1w). Default of no value will apply no max age filters.""" suppress_missing_path_errors: NotRequired[bool] @@ -3975,7 +3982,7 @@ class CreateInputInputJournalFiles(BaseModel): r"""Add rules to decide which journal objects to allow. Events are generated if no rules are given or if all the rules' expressions evaluate to true.""" current_boot: Annotated[Optional[bool], pydantic.Field(alias="currentBoot")] = None - r"""Skip log messages that are not part of the current boot session.""" + r"""Skip log messages that are not part of the current boot session""" max_age_dur: Annotated[Optional[str], pydantic.Field(alias="maxAgeDur")] = None r"""The maximum log message age, in duration form (e.g,: 60s, 4h, 3d, 1w). Default of no value will apply no max age filters.""" @@ -4228,7 +4235,7 @@ class CreateInputInputAppleUnifiedLogsTypedDict(TypedDict): r"""Unique ID for this input""" type: CreateInputTypeAppleUnifiedLogs predicate: str - r"""String to filter log entries, in NSPredicate format (e.g., subsystem == \"com.apple.security\" or process == \"kernel\"). See [Predicate format reference](https://developer.apple.com/library/archive/documentation/Cocoa/Conceptual/Predicates/AdditionalChapters/Introduction.html) for more information.""" + r"""String to filter log entries, in NSPredicate format (e.g., subsystem == \"com.apple.security\" or process == \"kernel\"). See [Common Log Types and Predicates](https://docs.cribl.io/edge/sources-apple-unified-logs/#examples) for more information.""" disabled: NotRequired[bool] pipeline: NotRequired[str] r"""Pipeline to process data from this Source before sending it through the Routes""" @@ -4261,7 +4268,7 @@ class CreateInputInputAppleUnifiedLogs(BaseModel): type: CreateInputTypeAppleUnifiedLogs predicate: str - r"""String to filter log entries, in NSPredicate format (e.g., subsystem == \"com.apple.security\" or process == \"kernel\"). See [Predicate format reference](https://developer.apple.com/library/archive/documentation/Cocoa/Conceptual/Predicates/AdditionalChapters/Introduction.html) for more information.""" + r"""String to filter log entries, in NSPredicate format (e.g., subsystem == \"com.apple.security\" or process == \"kernel\"). See [Common Log Types and Predicates](https://docs.cribl.io/edge/sources-apple-unified-logs/#examples) for more information.""" disabled: Optional[bool] = None @@ -11318,6 +11325,10 @@ class CreateInputInputKubeLogsTypedDict(TypedDict): r"""Add rules to decide which Pods to collect logs from. Logs are collected if no rules are given or if all the rules' expressions evaluate to true.""" timestamps: NotRequired[bool] r"""For use when containers do not emit a timestamp, prefix each line of output with a timestamp. If you enable this setting, you can use the Kubernetes Logs Event Breaker and the kubernetes_logs Pre-processing Pipeline to remove them from the events after the timestamps are extracted.""" + line_buffer_limit: NotRequired[float] + r"""Maximum bytes to buffer while reassembling a single log line. A line that exceeds this size is flushed as-is, either whole or partially. The default is 1048576 (1 MB).""" + lb_disable_assembly: NotRequired[bool] + r"""Internal flag to disable LB worker payload reassembly.""" metadata: NotRequired[List[MetadataConfInputCollectionTypedDict]] r"""Fields to add to events from this input""" persistence: NotRequired[DiskSpoolingTypeTypedDict] @@ -11373,6 +11384,16 @@ class CreateInputInputKubeLogs(BaseModel): timestamps: Optional[bool] = None r"""For use when containers do not emit a timestamp, prefix each line of output with a timestamp. If you enable this setting, you can use the Kubernetes Logs Event Breaker and the kubernetes_logs Pre-processing Pipeline to remove them from the events after the timestamps are extracted.""" + line_buffer_limit: Annotated[ + Optional[float], pydantic.Field(alias="lineBufferLimit") + ] = None + r"""Maximum bytes to buffer while reassembling a single log line. A line that exceeds this size is flushed as-is, either whole or partially. The default is 1048576 (1 MB).""" + + lb_disable_assembly: Annotated[ + Optional[bool], pydantic.Field(alias="__LBDisableAssembly") + ] = None + r"""Internal flag to disable LB worker payload reassembly.""" + metadata: Optional[List[MetadataConfInputCollection]] = None r"""Fields to add to events from this input""" @@ -11420,6 +11441,8 @@ def serialize_model(self, handler): "interval", "rules", "timestamps", + "lineBufferLimit", + "__LBDisableAssembly", "metadata", "persistence", "breakerRulesets", diff --git a/src/cribl_control_plane/models/createinput_request.py b/src/cribl_control_plane/models/createinput_request.py index f6f5717f3..0e9a26db5 100644 --- a/src/cribl_control_plane/models/createinput_request.py +++ b/src/cribl_control_plane/models/createinput_request.py @@ -145,6 +145,10 @@ ) from .googleauthenticationmethodoptions import GoogleAuthenticationMethodOptions from .gputype import GpuType, GpuTypeTypedDict +from .httpdiscoveryheaderconfinputprometheus import ( + HTTPDiscoveryHeaderConfInputPrometheus, + HTTPDiscoveryHeaderConfInputPrometheusTypedDict, +) from .kafkaschemaregistryauthenticationtype import ( KafkaSchemaRegistryAuthenticationType, KafkaSchemaRegistryAuthenticationTypeTypedDict, @@ -3028,6 +3032,47 @@ class CreateInputAuthenticationMechanism(str, Enum, metaclass=utils.OpenEnumMeta OAUTH_BEARER = "oauth-bearer" +class CreateInputCertificateTypedDict(TypedDict): + certificate_name: str + r"""The certificate you registered as credentials for your app in the Azure portal""" + cert_path: str + r"""Path on server containing certificates to use. PEM format. Can reference $ENV_VARS.""" + priv_key_path: str + r"""Path on server containing the private key to use. PEM format. Can reference $ENV_VARS.""" + passphrase: NotRequired[str] + r"""Passphrase to use to decrypt private key""" + + +class CreateInputCertificate(BaseModel): + certificate_name: Annotated[str, pydantic.Field(alias="certificateName")] + r"""The certificate you registered as credentials for your app in the Azure portal""" + + cert_path: Annotated[str, pydantic.Field(alias="certPath")] + r"""Path on server containing certificates to use. PEM format. Can reference $ENV_VARS.""" + + priv_key_path: Annotated[str, pydantic.Field(alias="privKeyPath")] + r"""Path on server containing the private key to use. PEM format. Can reference $ENV_VARS.""" + + passphrase: Optional[str] = None + r"""Passphrase to use to decrypt private key""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["passphrase"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + class CreateInputAuthTypedDict(TypedDict): mechanism: CreateInputAuthenticationMechanism text_secret: NotRequired[str] @@ -3035,7 +3080,7 @@ class CreateInputAuthTypedDict(TypedDict): client_secret_auth_type: NotRequired[AuthenticationMethodOptionsAuth] client_text_secret: NotRequired[str] r"""Select or create a stored text secret""" - certificate: NotRequired[CertificateTypeAzureBlobAuthTypeClientCertTypedDict] + certificate: NotRequired[CreateInputCertificateTypedDict] oauth_endpoint: NotRequired[MicrosoftEntraIDAuthenticationEndpointOptionsSasl] r"""Endpoint used to acquire authentication tokens from Azure""" client_id: NotRequired[str] @@ -3070,7 +3115,7 @@ class CreateInputAuth(BaseModel): ] = None r"""Select or create a stored text secret""" - certificate: Optional[CertificateTypeAzureBlobAuthTypeClientCert] = None + certificate: Optional[CreateInputCertificate] = None oauth_endpoint: Annotated[ Optional[MicrosoftEntraIDAuthenticationEndpointOptionsSasl], @@ -3573,20 +3618,16 @@ class CreateInputInputEventhubTypedDict(TypedDict): r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" tls: NotRequired[TLSSettingsClientSideTypeTypedDict] session_timeout: NotRequired[float] - r"""Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities. - If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance. - Value must be lower than rebalanceTimeout. - See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities. If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance. Value must be lower than rebalanceTimeout. See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ rebalance_timeout: NotRequired[float] - r"""Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ heartbeat_interval: NotRequired[float] - r"""Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ auto_commit_interval: NotRequired[float] r"""How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch.""" @@ -3701,26 +3742,22 @@ class CreateInputInputEventhub(BaseModel): session_timeout: Annotated[ Optional[float], pydantic.Field(alias="sessionTimeout") ] = None - r"""Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities. - If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance. - Value must be lower than rebalanceTimeout. - See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities. If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance. Value must be lower than rebalanceTimeout. See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ rebalance_timeout: Annotated[ Optional[float], pydantic.Field(alias="rebalanceTimeout") ] = None - r"""Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ heartbeat_interval: Annotated[ Optional[float], pydantic.Field(alias="heartbeatInterval") ] = None - r"""Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ auto_commit_interval: Annotated[ @@ -5218,6 +5255,8 @@ class CreateInputDiscoveryTypeEdgePrometheus(str, Enum, metaclass=utils.OpenEnum K8S_PODS = "k8s-pods" # Kubernetes Service Monitor (v4.18+) K8S_SERVICE_MONITOR = "k8s-service-monitor" + # HTTP SD + HTTP_SD = "http_sd" class CreateInputAuthenticationMethodEdgePrometheus( @@ -5391,11 +5430,22 @@ class CreateInputInputEdgePrometheusTypedDict(TypedDict): scrape_path_expr: NotRequired[str] r"""Path to use when collecting metrics from discovered targets""" pod_filter: NotRequired[List[CreateInputPodFilterTypedDict]] - r"""Add rules to decide which pods to discover for metrics. + r""" + Add rules to decide which pods to discover for metrics. Pods are searched if no rules are given or of all the rules' expressions evaluate to true. """ + http_discovery_url: NotRequired[str] + r"""URL to fetch target groups from (must be http or https)""" + http_discovery_headers: NotRequired[ + List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict] + ] + r"""Extra headers to send with the discovery request""" + http_discovery_reject_unauthorized: NotRequired[bool] + r"""Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified.""" + max_response_body_size: NotRequired[str] + r"""Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB.""" username: NotRequired[str] r"""Username for Prometheus Basic authentication""" password: NotRequired[str] @@ -5592,12 +5642,34 @@ class CreateInputInputEdgePrometheus(BaseModel): pod_filter: Annotated[ Optional[List[CreateInputPodFilter]], pydantic.Field(alias="podFilter") ] = None - r"""Add rules to decide which pods to discover for metrics. + r""" + Add rules to decide which pods to discover for metrics. Pods are searched if no rules are given or of all the rules' expressions evaluate to true. """ + http_discovery_url: Annotated[ + Optional[str], pydantic.Field(alias="httpDiscoveryUrl") + ] = None + r"""URL to fetch target groups from (must be http or https)""" + + http_discovery_headers: Annotated[ + Optional[List[HTTPDiscoveryHeaderConfInputPrometheus]], + pydantic.Field(alias="httpDiscoveryHeaders"), + ] = None + r"""Extra headers to send with the discovery request""" + + http_discovery_reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="httpDiscoveryRejectUnauthorized") + ] = None + r"""Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified.""" + + max_response_body_size: Annotated[ + Optional[str], pydantic.Field(alias="maxResponseBodySize") + ] = None + r"""Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB.""" + username: Optional[str] = None r"""Username for Prometheus Basic authentication""" @@ -5748,6 +5820,10 @@ def serialize_model(self, handler): "scrapePortExpr", "scrapePathExpr", "podFilter", + "httpDiscoveryUrl", + "httpDiscoveryHeaders", + "httpDiscoveryRejectUnauthorized", + "maxResponseBodySize", "username", "password", "credentialsSecret", @@ -5790,6 +5866,8 @@ class CreateInputDiscoveryTypePrometheus(str, Enum, metaclass=utils.OpenEnumMeta DNS = "dns" # AWS EC2 EC2 = "ec2" + # HTTP SD + HTTP_SD = "http_sd" class CreateInputMetricsProtocol(str, Enum, metaclass=utils.OpenEnumMeta): @@ -5882,6 +5960,16 @@ class CreateInputInputPrometheusTypedDict(TypedDict): r"""External ID to use when assuming role""" duration_seconds: NotRequired[float] r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + http_discovery_url: NotRequired[str] + r"""URL to fetch target groups from (must be http or https)""" + http_discovery_headers: NotRequired[ + List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict] + ] + r"""Extra headers to send with the discovery request""" + http_discovery_reject_unauthorized: NotRequired[bool] + r"""Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified.""" + max_response_body_size: NotRequired[str] + r"""Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB.""" username: NotRequired[str] r"""Username for Prometheus Basic authentication""" password: NotRequired[str] @@ -6090,6 +6178,27 @@ class CreateInputInputPrometheus(BaseModel): ] = None r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + http_discovery_url: Annotated[ + Optional[str], pydantic.Field(alias="httpDiscoveryUrl") + ] = None + r"""URL to fetch target groups from (must be http or https)""" + + http_discovery_headers: Annotated[ + Optional[List[HTTPDiscoveryHeaderConfInputPrometheus]], + pydantic.Field(alias="httpDiscoveryHeaders"), + ] = None + r"""Extra headers to send with the discovery request""" + + http_discovery_reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="httpDiscoveryRejectUnauthorized") + ] = None + r"""Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified.""" + + max_response_body_size: Annotated[ + Optional[str], pydantic.Field(alias="maxResponseBodySize") + ] = None + r"""Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB.""" + username: Optional[str] = None r"""Username for Prometheus Basic authentication""" @@ -6274,6 +6383,10 @@ def serialize_model(self, handler): "assumeRoleArn", "assumeRoleExternalId", "durationSeconds", + "httpDiscoveryUrl", + "httpDiscoveryHeaders", + "httpDiscoveryRejectUnauthorized", + "maxResponseBodySize", "username", "password", "credentialsSecret", @@ -7769,14 +7882,12 @@ class CreateInputInputConfluentCloudTypedDict(TypedDict): See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. """ rebalance_timeout: NotRequired[float] - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: NotRequired[float] - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ auto_commit_interval: NotRequired[float] r"""How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch.""" @@ -7905,17 +8016,15 @@ class CreateInputInputConfluentCloud(BaseModel): rebalance_timeout: Annotated[ Optional[float], pydantic.Field(alias="rebalanceTimeout") ] = None - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: Annotated[ Optional[float], pydantic.Field(alias="heartbeatInterval") ] = None - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ auto_commit_interval: Annotated[ @@ -10286,14 +10395,12 @@ class CreateInputInputMskTypedDict(TypedDict): See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. """ rebalance_timeout: NotRequired[float] - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: NotRequired[float] - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ metadata: NotRequired[List[MetadataConfInputCollectionTypedDict]] r"""Fields to add to events from this input""" @@ -10435,17 +10542,15 @@ class CreateInputInputMsk(BaseModel): rebalance_timeout: Annotated[ Optional[float], pydantic.Field(alias="rebalanceTimeout") ] = None - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: Annotated[ Optional[float], pydantic.Field(alias="heartbeatInterval") ] = None - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ metadata: Optional[List[MetadataConfInputCollection]] = None @@ -10753,14 +10858,12 @@ class CreateInputInputKafkaTypedDict(TypedDict): See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. """ rebalance_timeout: NotRequired[float] - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: NotRequired[float] - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ auto_commit_interval: NotRequired[float] r"""How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch.""" @@ -10889,17 +10992,15 @@ class CreateInputInputKafka(BaseModel): rebalance_timeout: Annotated[ Optional[float], pydantic.Field(alias="rebalanceTimeout") ] = None - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: Annotated[ Optional[float], pydantic.Field(alias="heartbeatInterval") ] = None - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ auto_commit_interval: Annotated[ @@ -11163,12 +11264,12 @@ def serialize_model(self, handler): CreateInputInputSystemMetricsTypedDict, CreateInputInputWindowsMetricsTypedDict, CreateInputInputJournalFilesTypedDict, - CreateInputInputKubeLogsTypedDict, CreateInputInputModelDrivenTelemetryTypedDict, CreateInputInputExecTypedDict, CreateInputInputRawUDPTypedDict, CreateInputInputAnthropicComplianceTypedDict, CreateInputInputWinEventLogsTypedDict, + CreateInputInputKubeLogsTypedDict, CreateInputInputSnmpTypedDict, CreateInputInputMetricsTypedDict, CreateInputInputNetflowTypedDict, @@ -11215,8 +11316,8 @@ def serialize_model(self, handler): CreateInputInputSecurityLakeTypedDict, CreateInputInputS3TypedDict, CreateInputInputS3InventoryTypedDict, - CreateInputInputEdgePrometheusTypedDict, CreateInputInputMskTypedDict, + CreateInputInputEdgePrometheusTypedDict, CreateInputInputPrometheusTypedDict, CreateInputInputGrafanaUnionTypedDict, CreateInputInputSyslogUnionTypedDict, @@ -11381,6 +11482,10 @@ def serialize_model(self, handler): CreateInputInputExec.model_rebuild() except NameError: pass +try: + CreateInputCertificate.model_rebuild() +except NameError: + pass try: CreateInputAuth.model_rebuild() except NameError: diff --git a/src/cribl_control_plane/models/createinputsystembypack_logged_in_users.py b/src/cribl_control_plane/models/createinputsystembypack_logged_in_users.py index d3e0b0831..74e3000a5 100644 --- a/src/cribl_control_plane/models/createinputsystembypack_logged_in_users.py +++ b/src/cribl_control_plane/models/createinputsystembypack_logged_in_users.py @@ -25,6 +25,10 @@ ) from .diskspoolingtype import DiskSpoolingType, DiskSpoolingTypeTypedDict from .gputype import GpuType, GpuTypeTypedDict +from .httpdiscoveryheaderconfinputprometheus import ( + HTTPDiscoveryHeaderConfInputPrometheus, + HTTPDiscoveryHeaderConfInputPrometheusTypedDict, +) from .logleveloptions import LogLevelOptions from .logleveloptionscontentconfigitemsdebugerror import ( LogLevelOptionsContentConfigItemsDebugError, @@ -50,10 +54,6 @@ PrivacyProtocolOptionsSnmpTrapSerializeV3UserAuthProtocolNotNone, ) from .processtype import ProcessType, ProcessTypeTypedDict -from .requestparamconfinputopenai import ( - RequestParamConfInputOpenai, - RequestParamConfInputOpenaiTypedDict, -) from .retryrulestype import RetryRulesType, RetryRulesTypeTypedDict from .ruleconfinputkubemetrics import ( RuleConfInputKubeMetrics, @@ -888,6 +888,8 @@ class CreateInputSystemByPackAuthTokenCloudflareHecTypedDict(TypedDict): r"""Select Secret to use a text secret to authenticate""" token_secret: NotRequired[str] r"""Select or create a stored text secret""" + token: NotRequired[str] + r"""Shared secret to be provided by any client (Authorization: )""" enabled: NotRequired[bool] description: NotRequired[str] allowed_indexes_at_token: NotRequired[List[str]] @@ -906,6 +908,9 @@ class CreateInputSystemByPackAuthTokenCloudflareHec(BaseModel): token_secret: Annotated[Optional[str], pydantic.Field(alias="tokenSecret")] = None r"""Select or create a stored text secret""" + token: Optional[str] = None + r"""Shared secret to be provided by any client (Authorization: )""" + enabled: Optional[bool] = None description: Optional[str] = None @@ -935,6 +940,7 @@ def serialize_model(self, handler): [ "authType", "tokenSecret", + "token", "enabled", "description", "allowedIndexesAtToken", @@ -3145,7 +3151,7 @@ class CreateInputSystemByPackLogLevelOpenai(str, Enum, metaclass=utils.OpenEnumM class CreateInputSystemByPackContentConfigInputTypedDict(TypedDict): - request_params: List[RequestParamConfInputOpenaiTypedDict] + request_params: List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict] r"""Query-string parameters to send with this endpoint""" pagination_type: CreateInputSystemByPackPaginationType cron_schedule: str @@ -3180,7 +3186,8 @@ class CreateInputSystemByPackContentConfigInputTypedDict(TypedDict): class CreateInputSystemByPackContentConfigInput(BaseModel): request_params: Annotated[ - List[RequestParamConfInputOpenai], pydantic.Field(alias="requestParams") + List[HTTPDiscoveryHeaderConfInputPrometheus], + pydantic.Field(alias="requestParams"), ] r"""Query-string parameters to send with this endpoint""" @@ -3942,7 +3949,7 @@ class CreateInputSystemByPackInputJournalFilesTypedDict(TypedDict): rules: NotRequired[List[CreateInputSystemByPackInputJournalFilesRuleTypedDict]] r"""Add rules to decide which journal objects to allow. Events are generated if no rules are given or if all the rules' expressions evaluate to true.""" current_boot: NotRequired[bool] - r"""Skip log messages that are not part of the current boot session.""" + r"""Skip log messages that are not part of the current boot session""" max_age_dur: NotRequired[str] r"""The maximum log message age, in duration form (e.g,: 60s, 4h, 3d, 1w). Default of no value will apply no max age filters.""" suppress_missing_path_errors: NotRequired[bool] @@ -3998,7 +4005,7 @@ class CreateInputSystemByPackInputJournalFiles(BaseModel): r"""Add rules to decide which journal objects to allow. Events are generated if no rules are given or if all the rules' expressions evaluate to true.""" current_boot: Annotated[Optional[bool], pydantic.Field(alias="currentBoot")] = None - r"""Skip log messages that are not part of the current boot session.""" + r"""Skip log messages that are not part of the current boot session""" max_age_dur: Annotated[Optional[str], pydantic.Field(alias="maxAgeDur")] = None r"""The maximum log message age, in duration form (e.g,: 60s, 4h, 3d, 1w). Default of no value will apply no max age filters.""" @@ -4253,7 +4260,7 @@ class CreateInputSystemByPackInputAppleUnifiedLogsTypedDict(TypedDict): r"""Unique ID for this input""" type: CreateInputSystemByPackTypeAppleUnifiedLogs predicate: str - r"""String to filter log entries, in NSPredicate format (e.g., subsystem == \"com.apple.security\" or process == \"kernel\"). See [Predicate format reference](https://developer.apple.com/library/archive/documentation/Cocoa/Conceptual/Predicates/AdditionalChapters/Introduction.html) for more information.""" + r"""String to filter log entries, in NSPredicate format (e.g., subsystem == \"com.apple.security\" or process == \"kernel\"). See [Common Log Types and Predicates](https://docs.cribl.io/edge/sources-apple-unified-logs/#examples) for more information.""" disabled: NotRequired[bool] pipeline: NotRequired[str] r"""Pipeline to process data from this Source before sending it through the Routes""" @@ -4286,7 +4293,7 @@ class CreateInputSystemByPackInputAppleUnifiedLogs(BaseModel): type: CreateInputSystemByPackTypeAppleUnifiedLogs predicate: str - r"""String to filter log entries, in NSPredicate format (e.g., subsystem == \"com.apple.security\" or process == \"kernel\"). See [Predicate format reference](https://developer.apple.com/library/archive/documentation/Cocoa/Conceptual/Predicates/AdditionalChapters/Introduction.html) for more information.""" + r"""String to filter log entries, in NSPredicate format (e.g., subsystem == \"com.apple.security\" or process == \"kernel\"). See [Common Log Types and Predicates](https://docs.cribl.io/edge/sources-apple-unified-logs/#examples) for more information.""" disabled: Optional[bool] = None @@ -11385,6 +11392,10 @@ class CreateInputSystemByPackInputKubeLogsTypedDict(TypedDict): r"""Add rules to decide which Pods to collect logs from. Logs are collected if no rules are given or if all the rules' expressions evaluate to true.""" timestamps: NotRequired[bool] r"""For use when containers do not emit a timestamp, prefix each line of output with a timestamp. If you enable this setting, you can use the Kubernetes Logs Event Breaker and the kubernetes_logs Pre-processing Pipeline to remove them from the events after the timestamps are extracted.""" + line_buffer_limit: NotRequired[float] + r"""Maximum bytes to buffer while reassembling a single log line. A line that exceeds this size is flushed as-is, either whole or partially. The default is 1048576 (1 MB).""" + lb_disable_assembly: NotRequired[bool] + r"""Internal flag to disable LB worker payload reassembly.""" metadata: NotRequired[List[MetadataConfInputCollectionTypedDict]] r"""Fields to add to events from this input""" persistence: NotRequired[DiskSpoolingTypeTypedDict] @@ -11440,6 +11451,16 @@ class CreateInputSystemByPackInputKubeLogs(BaseModel): timestamps: Optional[bool] = None r"""For use when containers do not emit a timestamp, prefix each line of output with a timestamp. If you enable this setting, you can use the Kubernetes Logs Event Breaker and the kubernetes_logs Pre-processing Pipeline to remove them from the events after the timestamps are extracted.""" + line_buffer_limit: Annotated[ + Optional[float], pydantic.Field(alias="lineBufferLimit") + ] = None + r"""Maximum bytes to buffer while reassembling a single log line. A line that exceeds this size is flushed as-is, either whole or partially. The default is 1048576 (1 MB).""" + + lb_disable_assembly: Annotated[ + Optional[bool], pydantic.Field(alias="__LBDisableAssembly") + ] = None + r"""Internal flag to disable LB worker payload reassembly.""" + metadata: Optional[List[MetadataConfInputCollection]] = None r"""Fields to add to events from this input""" @@ -11487,6 +11508,8 @@ def serialize_model(self, handler): "interval", "rules", "timestamps", + "lineBufferLimit", + "__LBDisableAssembly", "metadata", "persistence", "breakerRulesets", diff --git a/src/cribl_control_plane/models/createinputsystembypack_request.py b/src/cribl_control_plane/models/createinputsystembypack_request.py index e03c7b297..0205851b2 100644 --- a/src/cribl_control_plane/models/createinputsystembypack_request.py +++ b/src/cribl_control_plane/models/createinputsystembypack_request.py @@ -145,6 +145,10 @@ ) from .googleauthenticationmethodoptions import GoogleAuthenticationMethodOptions from .gputype import GpuType, GpuTypeTypedDict +from .httpdiscoveryheaderconfinputprometheus import ( + HTTPDiscoveryHeaderConfInputPrometheus, + HTTPDiscoveryHeaderConfInputPrometheusTypedDict, +) from .kafkaschemaregistryauthenticationtype import ( KafkaSchemaRegistryAuthenticationType, KafkaSchemaRegistryAuthenticationTypeTypedDict, @@ -3050,6 +3054,47 @@ class CreateInputSystemByPackAuthenticationMechanism( OAUTH_BEARER = "oauth-bearer" +class CreateInputSystemByPackCertificateTypedDict(TypedDict): + certificate_name: str + r"""The certificate you registered as credentials for your app in the Azure portal""" + cert_path: str + r"""Path on server containing certificates to use. PEM format. Can reference $ENV_VARS.""" + priv_key_path: str + r"""Path on server containing the private key to use. PEM format. Can reference $ENV_VARS.""" + passphrase: NotRequired[str] + r"""Passphrase to use to decrypt private key""" + + +class CreateInputSystemByPackCertificate(BaseModel): + certificate_name: Annotated[str, pydantic.Field(alias="certificateName")] + r"""The certificate you registered as credentials for your app in the Azure portal""" + + cert_path: Annotated[str, pydantic.Field(alias="certPath")] + r"""Path on server containing certificates to use. PEM format. Can reference $ENV_VARS.""" + + priv_key_path: Annotated[str, pydantic.Field(alias="privKeyPath")] + r"""Path on server containing the private key to use. PEM format. Can reference $ENV_VARS.""" + + passphrase: Optional[str] = None + r"""Passphrase to use to decrypt private key""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["passphrase"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + class CreateInputSystemByPackAuthTypedDict(TypedDict): mechanism: CreateInputSystemByPackAuthenticationMechanism text_secret: NotRequired[str] @@ -3057,7 +3102,7 @@ class CreateInputSystemByPackAuthTypedDict(TypedDict): client_secret_auth_type: NotRequired[AuthenticationMethodOptionsAuth] client_text_secret: NotRequired[str] r"""Select or create a stored text secret""" - certificate: NotRequired[CertificateTypeAzureBlobAuthTypeClientCertTypedDict] + certificate: NotRequired[CreateInputSystemByPackCertificateTypedDict] oauth_endpoint: NotRequired[MicrosoftEntraIDAuthenticationEndpointOptionsSasl] r"""Endpoint used to acquire authentication tokens from Azure""" client_id: NotRequired[str] @@ -3092,7 +3137,7 @@ class CreateInputSystemByPackAuth(BaseModel): ] = None r"""Select or create a stored text secret""" - certificate: Optional[CertificateTypeAzureBlobAuthTypeClientCert] = None + certificate: Optional[CreateInputSystemByPackCertificate] = None oauth_endpoint: Annotated[ Optional[MicrosoftEntraIDAuthenticationEndpointOptionsSasl], @@ -3597,20 +3642,16 @@ class CreateInputSystemByPackInputEventhubTypedDict(TypedDict): r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" tls: NotRequired[TLSSettingsClientSideTypeTypedDict] session_timeout: NotRequired[float] - r"""Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities. - If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance. - Value must be lower than rebalanceTimeout. - See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities. If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance. Value must be lower than rebalanceTimeout. See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ rebalance_timeout: NotRequired[float] - r"""Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ heartbeat_interval: NotRequired[float] - r"""Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ auto_commit_interval: NotRequired[float] r"""How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch.""" @@ -3725,26 +3766,22 @@ class CreateInputSystemByPackInputEventhub(BaseModel): session_timeout: Annotated[ Optional[float], pydantic.Field(alias="sessionTimeout") ] = None - r"""Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities. - If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance. - Value must be lower than rebalanceTimeout. - See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities. If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance. Value must be lower than rebalanceTimeout. See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ rebalance_timeout: Annotated[ Optional[float], pydantic.Field(alias="rebalanceTimeout") ] = None - r"""Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ heartbeat_interval: Annotated[ Optional[float], pydantic.Field(alias="heartbeatInterval") ] = None - r"""Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ auto_commit_interval: Annotated[ @@ -5255,6 +5292,8 @@ class CreateInputSystemByPackDiscoveryTypeEdgePrometheus( K8S_PODS = "k8s-pods" # Kubernetes Service Monitor (v4.18+) K8S_SERVICE_MONITOR = "k8s-service-monitor" + # HTTP SD + HTTP_SD = "http_sd" class CreateInputSystemByPackAuthenticationMethodEdgePrometheus( @@ -5428,11 +5467,22 @@ class CreateInputSystemByPackInputEdgePrometheusTypedDict(TypedDict): scrape_path_expr: NotRequired[str] r"""Path to use when collecting metrics from discovered targets""" pod_filter: NotRequired[List[CreateInputSystemByPackPodFilterTypedDict]] - r"""Add rules to decide which pods to discover for metrics. + r""" + Add rules to decide which pods to discover for metrics. Pods are searched if no rules are given or of all the rules' expressions evaluate to true. """ + http_discovery_url: NotRequired[str] + r"""URL to fetch target groups from (must be http or https)""" + http_discovery_headers: NotRequired[ + List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict] + ] + r"""Extra headers to send with the discovery request""" + http_discovery_reject_unauthorized: NotRequired[bool] + r"""Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified.""" + max_response_body_size: NotRequired[str] + r"""Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB.""" username: NotRequired[str] r"""Username for Prometheus Basic authentication""" password: NotRequired[str] @@ -5631,12 +5681,34 @@ class CreateInputSystemByPackInputEdgePrometheus(BaseModel): Optional[List[CreateInputSystemByPackPodFilter]], pydantic.Field(alias="podFilter"), ] = None - r"""Add rules to decide which pods to discover for metrics. + r""" + Add rules to decide which pods to discover for metrics. Pods are searched if no rules are given or of all the rules' expressions evaluate to true. """ + http_discovery_url: Annotated[ + Optional[str], pydantic.Field(alias="httpDiscoveryUrl") + ] = None + r"""URL to fetch target groups from (must be http or https)""" + + http_discovery_headers: Annotated[ + Optional[List[HTTPDiscoveryHeaderConfInputPrometheus]], + pydantic.Field(alias="httpDiscoveryHeaders"), + ] = None + r"""Extra headers to send with the discovery request""" + + http_discovery_reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="httpDiscoveryRejectUnauthorized") + ] = None + r"""Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified.""" + + max_response_body_size: Annotated[ + Optional[str], pydantic.Field(alias="maxResponseBodySize") + ] = None + r"""Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB.""" + username: Optional[str] = None r"""Username for Prometheus Basic authentication""" @@ -5789,6 +5861,10 @@ def serialize_model(self, handler): "scrapePortExpr", "scrapePathExpr", "podFilter", + "httpDiscoveryUrl", + "httpDiscoveryHeaders", + "httpDiscoveryRejectUnauthorized", + "maxResponseBodySize", "username", "password", "credentialsSecret", @@ -5833,6 +5909,8 @@ class CreateInputSystemByPackDiscoveryTypePrometheus( DNS = "dns" # AWS EC2 EC2 = "ec2" + # HTTP SD + HTTP_SD = "http_sd" class CreateInputSystemByPackMetricsProtocol(str, Enum, metaclass=utils.OpenEnumMeta): @@ -5925,6 +6003,16 @@ class CreateInputSystemByPackInputPrometheusTypedDict(TypedDict): r"""External ID to use when assuming role""" duration_seconds: NotRequired[float] r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + http_discovery_url: NotRequired[str] + r"""URL to fetch target groups from (must be http or https)""" + http_discovery_headers: NotRequired[ + List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict] + ] + r"""Extra headers to send with the discovery request""" + http_discovery_reject_unauthorized: NotRequired[bool] + r"""Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified.""" + max_response_body_size: NotRequired[str] + r"""Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB.""" username: NotRequired[str] r"""Username for Prometheus Basic authentication""" password: NotRequired[str] @@ -6134,6 +6222,27 @@ class CreateInputSystemByPackInputPrometheus(BaseModel): ] = None r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + http_discovery_url: Annotated[ + Optional[str], pydantic.Field(alias="httpDiscoveryUrl") + ] = None + r"""URL to fetch target groups from (must be http or https)""" + + http_discovery_headers: Annotated[ + Optional[List[HTTPDiscoveryHeaderConfInputPrometheus]], + pydantic.Field(alias="httpDiscoveryHeaders"), + ] = None + r"""Extra headers to send with the discovery request""" + + http_discovery_reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="httpDiscoveryRejectUnauthorized") + ] = None + r"""Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified.""" + + max_response_body_size: Annotated[ + Optional[str], pydantic.Field(alias="maxResponseBodySize") + ] = None + r"""Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB.""" + username: Optional[str] = None r"""Username for Prometheus Basic authentication""" @@ -6318,6 +6427,10 @@ def serialize_model(self, handler): "assumeRoleArn", "assumeRoleExternalId", "durationSeconds", + "httpDiscoveryUrl", + "httpDiscoveryHeaders", + "httpDiscoveryRejectUnauthorized", + "maxResponseBodySize", "username", "password", "credentialsSecret", @@ -7818,14 +7931,12 @@ class CreateInputSystemByPackInputConfluentCloudTypedDict(TypedDict): See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. """ rebalance_timeout: NotRequired[float] - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: NotRequired[float] - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ auto_commit_interval: NotRequired[float] r"""How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch.""" @@ -7954,17 +8065,15 @@ class CreateInputSystemByPackInputConfluentCloud(BaseModel): rebalance_timeout: Annotated[ Optional[float], pydantic.Field(alias="rebalanceTimeout") ] = None - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: Annotated[ Optional[float], pydantic.Field(alias="heartbeatInterval") ] = None - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ auto_commit_interval: Annotated[ @@ -10350,14 +10459,12 @@ class CreateInputSystemByPackInputMskTypedDict(TypedDict): See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. """ rebalance_timeout: NotRequired[float] - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: NotRequired[float] - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ metadata: NotRequired[List[MetadataConfInputCollectionTypedDict]] r"""Fields to add to events from this input""" @@ -10499,17 +10606,15 @@ class CreateInputSystemByPackInputMsk(BaseModel): rebalance_timeout: Annotated[ Optional[float], pydantic.Field(alias="rebalanceTimeout") ] = None - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: Annotated[ Optional[float], pydantic.Field(alias="heartbeatInterval") ] = None - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ metadata: Optional[List[MetadataConfInputCollection]] = None @@ -10817,14 +10922,12 @@ class CreateInputSystemByPackInputKafkaTypedDict(TypedDict): See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. """ rebalance_timeout: NotRequired[float] - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: NotRequired[float] - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ auto_commit_interval: NotRequired[float] r"""How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch.""" @@ -10953,17 +11056,15 @@ class CreateInputSystemByPackInputKafka(BaseModel): rebalance_timeout: Annotated[ Optional[float], pydantic.Field(alias="rebalanceTimeout") ] = None - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: Annotated[ Optional[float], pydantic.Field(alias="heartbeatInterval") ] = None - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ auto_commit_interval: Annotated[ @@ -11227,12 +11328,12 @@ def serialize_model(self, handler): CreateInputSystemByPackInputSystemMetricsTypedDict, CreateInputSystemByPackInputWindowsMetricsTypedDict, CreateInputSystemByPackInputJournalFilesTypedDict, - CreateInputSystemByPackInputKubeLogsTypedDict, CreateInputSystemByPackInputModelDrivenTelemetryTypedDict, CreateInputSystemByPackInputExecTypedDict, CreateInputSystemByPackInputRawUDPTypedDict, CreateInputSystemByPackInputAnthropicComplianceTypedDict, CreateInputSystemByPackInputWinEventLogsTypedDict, + CreateInputSystemByPackInputKubeLogsTypedDict, CreateInputSystemByPackInputSnmpTypedDict, CreateInputSystemByPackInputMetricsTypedDict, CreateInputSystemByPackInputNetflowTypedDict, @@ -11279,8 +11380,8 @@ def serialize_model(self, handler): CreateInputSystemByPackInputSecurityLakeTypedDict, CreateInputSystemByPackInputS3TypedDict, CreateInputSystemByPackInputS3InventoryTypedDict, - CreateInputSystemByPackInputEdgePrometheusTypedDict, CreateInputSystemByPackInputMskTypedDict, + CreateInputSystemByPackInputEdgePrometheusTypedDict, CreateInputSystemByPackInputPrometheusTypedDict, CreateInputSystemByPackInputGrafanaUnionTypedDict, CreateInputSystemByPackInputSyslogUnionTypedDict, @@ -11479,6 +11580,10 @@ class CreateInputSystemByPackRequest(BaseModel): CreateInputSystemByPackInputExec.model_rebuild() except NameError: pass +try: + CreateInputSystemByPackCertificate.model_rebuild() +except NameError: + pass try: CreateInputSystemByPackAuth.model_rebuild() except NameError: diff --git a/src/cribl_control_plane/models/createoutput_outputwebhook_url_1.py b/src/cribl_control_plane/models/createoutput_outputwebhook_url_1.py new file mode 100644 index 000000000..a2085cf73 --- /dev/null +++ b/src/cribl_control_plane/models/createoutput_outputwebhook_url_1.py @@ -0,0 +1,18335 @@ +"""Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" + +from __future__ import annotations +from .acknowledgmentsoptions import AcknowledgmentsOptions +from .acknowledgmentsoptionsallleader import AcknowledgmentsOptionsAllLeader +from .authenticationmethodoptions import AuthenticationMethodOptions +from .authenticationmethodoptionsapi import AuthenticationMethodOptionsAPI +from .authenticationmethodoptionsauthtokensitems import ( + AuthenticationMethodOptionsAuthTokensItems, +) +from .authenticationmethodoptionss3collectorconf import ( + AuthenticationMethodOptionsS3CollectorConf, +) +from .authenticationtype import AuthenticationType, AuthenticationTypeTypedDict +from .authenticationtypeuse import AuthenticationTypeUse, AuthenticationTypeUseTypedDict +from .authtypetemplatemanualapikeyauthtype import ( + AuthTypeTemplatemanualAPIKeyAuthType, + AuthTypeTemplatemanualAPIKeyAuthTypeTypedDict, +) +from .backpressurebehavioroptions import BackpressureBehaviorOptions +from .backpressurebehavioroptionsblockdrop import BackpressureBehaviorOptionsBlockDrop +from .certificatetypeazureblobauthtypeclientcert import ( + CertificateTypeAzureBlobAuthTypeClientCert, + CertificateTypeAzureBlobAuthTypeClientCertTypedDict, +) +from .compressionleveloptions import CompressionLevelOptions +from .compressionoptions import CompressionOptions +from .compressionoptionsgziplz4 import CompressionOptionsGzipLz4 +from .compressionoptionsgzipnone import CompressionOptionsGzipNone +from .compressionoptionshttp import CompressionOptionsHTTP +from .compressionoptionspq import CompressionOptionsPq +from .createoutput_type_statsd import CreateOutputTypeStatsd +from .dataformatoptions import DataFormatOptions +from .datapageversionoptions import DataPageVersionOptions +from .destinationprotocoloptions import DestinationProtocolOptions +from .diskspaceprotectionoptions import DiskSpaceProtectionOptions +from .extrahttpheaderconfinputelastic import ( + ExtraHTTPHeaderConfInputElastic, + ExtraHTTPHeaderConfInputElasticTypedDict, +) +from .failedrequestloggingmodeoptions import FailedRequestLoggingModeOptions +from .googleauthenticationmethodoptions import GoogleAuthenticationMethodOptions +from .hostconfoutputsyslog import HostConfOutputSyslog, HostConfOutputSyslogTypedDict +from .kafkaschemaregistryauthenticationtypetemplateschemaregistryurlauth import ( + KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth, + KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict, +) +from .keyvaluemetadataconfoutputfilesystem import ( + KeyValueMetadataConfOutputFilesystem, + KeyValueMetadataConfOutputFilesystemTypedDict, +) +from .loglabelconfoutputgooglecloudlogging import ( + LogLabelConfOutputGoogleCloudLogging, + LogLabelConfOutputGoogleCloudLoggingTypedDict, +) +from .maxs2sversionoptions import MaxS2SVersionOptions +from .methodoptions import MethodOptions +from .microsoftentraidauthenticationendpointoptionssasl import ( + MicrosoftEntraIDAuthenticationEndpointOptionsSasl, +) +from .modeoptions import ModeOptions +from .nestedfieldserializationoptions import NestedFieldSerializationOptions +from .oauthheaderconfinputservicenowtable import ( + OauthHeaderConfInputServicenowTable, + OauthHeaderConfInputServicenowTableTypedDict, +) +from .oauthparamconfinputservicenowtable import ( + OauthParamConfInputServicenowTable, + OauthParamConfInputServicenowTableTypedDict, +) +from .objectacloptions import ObjectACLOptions +from .objectacloptionsauthenticatedreadbucketownerfullcontrol import ( + ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol, +) +from .orphanfilerecoverytype import ( + OrphanFileRecoveryType, + OrphanFileRecoveryTypeTypedDict, +) +from .parquetversionoptions import ParquetVersionOptions +from .queuefullbehavioroptions import QueueFullBehaviorOptions +from .recorddataformatoptions import RecordDataFormatOptions +from .recorddataformatoptionsjsonprotobuf import RecordDataFormatOptionsJSONProtobuf +from .regionoptions import RegionOptions +from .responseretrysettingconfoutputwebhook import ( + ResponseRetrySettingConfOutputWebhook, + ResponseRetrySettingConfOutputWebhookTypedDict, +) +from .retrysettingstype import RetrySettingsType, RetrySettingsTypeTypedDict +from .saslextensionconfinputkafka import ( + SaslExtensionConfInputKafka, + SaslExtensionConfInputKafkaTypedDict, +) +from .serversideencryptionforuploadedobjectsoptions import ( + ServerSideEncryptionForUploadedObjectsOptions, +) +from .serversideencryptionforuploadedobjectsoptionsaes256 import ( + ServerSideEncryptionForUploadedObjectsOptionsAes256, +) +from .storageclassoptions import StorageClassOptions +from .storageclassoptionsarchivecoldline import StorageClassOptionsArchiveColdline +from .storageclassoptionsreducedredundancystandard import ( + StorageClassOptionsReducedredundancyStandard, +) +from .timeoutretrysettingstype import ( + TimeoutRetrySettingsType, + TimeoutRetrySettingsTypeTypedDict, +) +from .tlssettingsclientsidetype import ( + TLSSettingsClientSideType, + TLSSettingsClientSideTypeTypedDict, +) +from .tlssettingsclientsidetypecapathcertpath import ( + TLSSettingsClientSideTypeCaPathCertPath, + TLSSettingsClientSideTypeCaPathCertPathTypedDict, +) +from .tlssettingsclientsidetypecapathcertpathextended import ( + TLSSettingsClientSideTypeCaPathCertPathExtended, + TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict, +) +from .tlssettingsclientsidetypeextended import ( + TLSSettingsClientSideTypeExtended, + TLSSettingsClientSideTypeExtendedTypedDict, +) +from cribl_control_plane import models, utils +from cribl_control_plane.types import BaseModel, UNSET_SENTINEL +from enum import Enum +import pydantic +from pydantic import field_serializer, model_serializer +from typing import List, Optional +from typing_extensions import Annotated, NotRequired, TypedDict + + +class CreateOutputPqControlsStatsdTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsStatsd(BaseModel): + pass + + +class CreateOutputOutputStatsdTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeStatsd + protocol: DestinationProtocolOptions + r"""Protocol to use when communicating with the destination.""" + host: str + r"""The hostname of the destination.""" + port: float + r"""Destination port.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + mtu: NotRequired[float] + r"""When protocol is UDP, specifies the maximum size of packets sent to the destination. Also known as the MTU for the network path to the destination system.""" + flush_period_sec: NotRequired[float] + r"""When protocol is TCP, specifies how often buffers should be flushed, resulting in records sent to the destination.""" + dns_resolve_period_sec: NotRequired[float] + r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every batch sent will incur a DNS lookup.""" + description: NotRequired[str] + throttle_rate_per_sec: NotRequired[str] + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + connection_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + write_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsStatsdTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputOutputStatsd(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeStatsd + + protocol: DestinationProtocolOptions + r"""Protocol to use when communicating with the destination.""" + + host: str + r"""The hostname of the destination.""" + + port: float + r"""Destination port.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + mtu: Optional[float] = None + r"""When protocol is UDP, specifies the maximum size of packets sent to the destination. Also known as the MTU for the network path to the destination system.""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""When protocol is TCP, specifies how often buffers should be flushed, resulting in records sent to the destination.""" + + dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") + ] = None + r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every batch sent will incur a DNS lookup.""" + + description: Optional[str] = None + + throttle_rate_per_sec: Annotated[ + Optional[str], pydantic.Field(alias="throttleRatePerSec") + ] = None + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + + write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( + None + ) + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsStatsd], pydantic.Field(alias="pqControls") + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("protocol") + def serialize_protocol(self, value): + if isinstance(value, str): + try: + return models.DestinationProtocolOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "mtu", + "flushPeriodSec", + "dnsResolvePeriodSec", + "description", + "throttleRatePerSec", + "connectionTimeout", + "writeTimeout", + "onBackpressure", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeMinio(str, Enum): + MINIO = "minio" + + +class CreateOutputOutputMinioTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeMinio + bucket: str + r"""Name of the destination MinIO bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + stage_path: str + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + endpoint: str + r"""MinIO service url (e.g. http://minioHost:9000)""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] + r"""AWS authentication method. Choose Auto to use IAM roles.""" + reuse_connections: NotRequired[bool] + r"""Reuse connections between requests, which can improve performance""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + region: NotRequired[str] + r"""Region where the MinIO bucket is located""" + dest_path: NotRequired[str] + r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" + max_concurrent_file_parts: NotRequired[float] + r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" + verify_permissions: NotRequired[bool] + r"""Disable if you can access files within the bucket but not the bucket itself""" + max_closing_files_to_backpressure: NotRequired[float] + r"""Maximum number of files that can be waiting for upload before backpressure is applied""" + add_id_to_stage_path: NotRequired[bool] + r"""Add the Output ID value to staging location""" + remove_empty_dirs: NotRequired[bool] + r"""Remove empty staging directories after moving files""" + partition_expr: NotRequired[str] + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + format_: NotRequired[DataFormatOptions] + r"""Format of the output data""" + base_file_name: NotRequired[str] + r"""JavaScript expression to define the output filename prefix (can be constant)""" + file_name_suffix: NotRequired[str] + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + max_file_size_mb: NotRequired[float] + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + max_file_open_time_sec: NotRequired[float] + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + max_file_idle_time_sec: NotRequired[float] + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + max_open_files: NotRequired[float] + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + header_line: NotRequired[str] + r"""If set, this line will be written to the beginning of each output file""" + write_high_water_mark: NotRequired[float] + r"""Buffer size used to write to a file""" + on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] + r"""How to handle events when all receivers are exerting backpressure""" + deadletter_enabled: NotRequired[bool] + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + force_close_on_shutdown: NotRequired[bool] + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + retry_settings: NotRequired[RetrySettingsTypeTypedDict] + orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] + aws_secret_key: NotRequired[str] + r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" + object_acl: NotRequired[ObjectACLOptions] + r"""Object ACL to assign to uploaded objects""" + storage_class: NotRequired[StorageClassOptionsReducedredundancyStandard] + r"""Storage class to select for uploaded objects""" + server_side_encryption: NotRequired[ + ServerSideEncryptionForUploadedObjectsOptionsAes256 + ] + r"""Server-side encryption to use for uploaded objects""" + description: NotRequired[str] + aws_api_key: NotRequired[str] + r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" + aws_secret: NotRequired[str] + r"""Select or create a stored secret that references your access key and secret key""" + compress: NotRequired[CompressionOptionsHTTP] + r"""Data compression format to apply to HTTP content before it is delivered""" + compression_level: NotRequired[CompressionLevelOptions] + r"""Compression level to apply before moving files to final destination""" + automatic_schema: NotRequired[bool] + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + parquet_schema: NotRequired[str] + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + parquet_version: NotRequired[ParquetVersionOptions] + r"""Determines which data types are supported and how they are represented""" + parquet_data_page_version: NotRequired[DataPageVersionOptions] + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + parquet_row_group_length: NotRequired[float] + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + parquet_page_size: NotRequired[str] + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + should_log_invalid_rows: NotRequired[bool] + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + enable_statistics: NotRequired[bool] + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + enable_write_page_index: NotRequired[bool] + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + enable_page_checksum: NotRequired[bool] + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + empty_dir_cleanup_sec: NotRequired[float] + r"""How frequently, in seconds, to clean up empty directories""" + directory_batch_size: NotRequired[float] + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + deadletter_path: NotRequired[str] + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + max_retry_num: NotRequired[float] + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_bucket: NotRequired[str] + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_dest_path: NotRequired[str] + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + template_partition_expr: NotRequired[str] + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_base_file_name: NotRequired[str] + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + template_file_name_suffix: NotRequired[str] + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_aws_secret_key: NotRequired[str] + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + template_object_acl: NotRequired[str] + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + template_storage_class: NotRequired[str] + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + template_server_side_encryption: NotRequired[str] + r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" + template_aws_api_key: NotRequired[str] + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + template_parquet_schema: NotRequired[str] + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + +class CreateOutputOutputMinio(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeMinio + + bucket: str + r"""Name of the destination MinIO bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + + stage_path: Annotated[str, pydantic.Field(alias="stagePath")] + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + + endpoint: str + r"""MinIO service url (e.g. http://minioHost:9000)""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + aws_authentication_method: Annotated[ + Optional[AuthenticationMethodOptionsS3CollectorConf], + pydantic.Field(alias="awsAuthenticationMethod"), + ] = None + r"""AWS authentication method. Choose Auto to use IAM roles.""" + + reuse_connections: Annotated[ + Optional[bool], pydantic.Field(alias="reuseConnections") + ] = None + r"""Reuse connections between requests, which can improve performance""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + + region: Optional[str] = None + r"""Region where the MinIO bucket is located""" + + dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None + r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" + + max_concurrent_file_parts: Annotated[ + Optional[float], pydantic.Field(alias="maxConcurrentFileParts") + ] = None + r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" + + verify_permissions: Annotated[ + Optional[bool], pydantic.Field(alias="verifyPermissions") + ] = None + r"""Disable if you can access files within the bucket but not the bucket itself""" + + max_closing_files_to_backpressure: Annotated[ + Optional[float], pydantic.Field(alias="maxClosingFilesToBackpressure") + ] = None + r"""Maximum number of files that can be waiting for upload before backpressure is applied""" + + add_id_to_stage_path: Annotated[ + Optional[bool], pydantic.Field(alias="addIdToStagePath") + ] = None + r"""Add the Output ID value to staging location""" + + remove_empty_dirs: Annotated[ + Optional[bool], pydantic.Field(alias="removeEmptyDirs") + ] = None + r"""Remove empty staging directories after moving files""" + + partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( + None + ) + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + + format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( + None + ) + r"""Format of the output data""" + + base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( + None + ) + r"""JavaScript expression to define the output filename prefix (can be constant)""" + + file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="fileNameSuffix") + ] = None + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + + max_file_size_mb: Annotated[ + Optional[float], pydantic.Field(alias="maxFileSizeMB") + ] = None + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + + max_file_open_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") + ] = None + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + + max_file_idle_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") + ] = None + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + + max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( + None + ) + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + + header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None + r"""If set, this line will be written to the beginning of each output file""" + + write_high_water_mark: Annotated[ + Optional[float], pydantic.Field(alias="writeHighWaterMark") + ] = None + r"""Buffer size used to write to a file""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptionsBlockDrop], + pydantic.Field(alias="onBackpressure"), + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + deadletter_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="deadletterEnabled") + ] = None + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + + on_disk_full_backpressure: Annotated[ + Optional[DiskSpaceProtectionOptions], + pydantic.Field(alias="onDiskFullBackpressure"), + ] = None + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + + force_close_on_shutdown: Annotated[ + Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") + ] = None + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + + retry_settings: Annotated[ + Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") + ] = None + + orphans: Optional[OrphanFileRecoveryType] = None + + aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( + None + ) + r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" + + object_acl: Annotated[ + Optional[ObjectACLOptions], pydantic.Field(alias="objectACL") + ] = None + r"""Object ACL to assign to uploaded objects""" + + storage_class: Annotated[ + Optional[StorageClassOptionsReducedredundancyStandard], + pydantic.Field(alias="storageClass"), + ] = None + r"""Storage class to select for uploaded objects""" + + server_side_encryption: Annotated[ + Optional[ServerSideEncryptionForUploadedObjectsOptionsAes256], + pydantic.Field(alias="serverSideEncryption"), + ] = None + r"""Server-side encryption to use for uploaded objects""" + + description: Optional[str] = None + + aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None + r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" + + aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None + r"""Select or create a stored secret that references your access key and secret key""" + + compress: Optional[CompressionOptionsHTTP] = None + r"""Data compression format to apply to HTTP content before it is delivered""" + + compression_level: Annotated[ + Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") + ] = None + r"""Compression level to apply before moving files to final destination""" + + automatic_schema: Annotated[ + Optional[bool], pydantic.Field(alias="automaticSchema") + ] = None + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + + parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( + None + ) + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + + parquet_version: Annotated[ + Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") + ] = None + r"""Determines which data types are supported and how they are represented""" + + parquet_data_page_version: Annotated[ + Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") + ] = None + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + + parquet_row_group_length: Annotated[ + Optional[float], pydantic.Field(alias="parquetRowGroupLength") + ] = None + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + + parquet_page_size: Annotated[ + Optional[str], pydantic.Field(alias="parquetPageSize") + ] = None + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + + should_log_invalid_rows: Annotated[ + Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") + ] = None + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + + key_value_metadata: Annotated[ + Optional[List[KeyValueMetadataConfOutputFilesystem]], + pydantic.Field(alias="keyValueMetadata"), + ] = None + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + + enable_statistics: Annotated[ + Optional[bool], pydantic.Field(alias="enableStatistics") + ] = None + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + + enable_write_page_index: Annotated[ + Optional[bool], pydantic.Field(alias="enableWritePageIndex") + ] = None + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + + enable_page_checksum: Annotated[ + Optional[bool], pydantic.Field(alias="enablePageChecksum") + ] = None + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + + empty_dir_cleanup_sec: Annotated[ + Optional[float], pydantic.Field(alias="emptyDirCleanupSec") + ] = None + r"""How frequently, in seconds, to clean up empty directories""" + + directory_batch_size: Annotated[ + Optional[float], pydantic.Field(alias="directoryBatchSize") + ] = None + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + + deadletter_path: Annotated[ + Optional[str], pydantic.Field(alias="deadletterPath") + ] = None + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + + max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( + None + ) + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_bucket: Annotated[ + Optional[str], pydantic.Field(alias="__template_bucket") + ] = None + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_dest_path: Annotated[ + Optional[str], pydantic.Field(alias="__template_destPath") + ] = None + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + + template_partition_expr: Annotated[ + Optional[str], pydantic.Field(alias="__template_partitionExpr") + ] = None + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_base_file_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_baseFileName") + ] = None + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + + template_file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="__template_fileNameSuffix") + ] = None + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_aws_secret_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsSecretKey") + ] = None + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + + template_object_acl: Annotated[ + Optional[str], pydantic.Field(alias="__template_objectACL") + ] = None + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + + template_storage_class: Annotated[ + Optional[str], pydantic.Field(alias="__template_storageClass") + ] = None + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + + template_server_side_encryption: Annotated[ + Optional[str], pydantic.Field(alias="__template_serverSideEncryption") + ] = None + r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" + + template_aws_api_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsApiKey") + ] = None + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + template_parquet_schema: Annotated[ + Optional[str], pydantic.Field(alias="__template_parquetSchema") + ] = None + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + @field_serializer("aws_authentication_method") + def serialize_aws_authentication_method(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsS3CollectorConf(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.DataFormatOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptionsBlockDrop(value) + except ValueError: + return value + return value + + @field_serializer("on_disk_full_backpressure") + def serialize_on_disk_full_backpressure(self, value): + if isinstance(value, str): + try: + return models.DiskSpaceProtectionOptions(value) + except ValueError: + return value + return value + + @field_serializer("object_acl") + def serialize_object_acl(self, value): + if isinstance(value, str): + try: + return models.ObjectACLOptions(value) + except ValueError: + return value + return value + + @field_serializer("storage_class") + def serialize_storage_class(self, value): + if isinstance(value, str): + try: + return models.StorageClassOptionsReducedredundancyStandard(value) + except ValueError: + return value + return value + + @field_serializer("server_side_encryption") + def serialize_server_side_encryption(self, value): + if isinstance(value, str): + try: + return models.ServerSideEncryptionForUploadedObjectsOptionsAes256(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsHTTP(value) + except ValueError: + return value + return value + + @field_serializer("compression_level") + def serialize_compression_level(self, value): + if isinstance(value, str): + try: + return models.CompressionLevelOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_version") + def serialize_parquet_version(self, value): + if isinstance(value, str): + try: + return models.ParquetVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_data_page_version") + def serialize_parquet_data_page_version(self, value): + if isinstance(value, str): + try: + return models.DataPageVersionOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "awsAuthenticationMethod", + "reuseConnections", + "rejectUnauthorized", + "region", + "destPath", + "maxConcurrentFileParts", + "verifyPermissions", + "maxClosingFilesToBackpressure", + "addIdToStagePath", + "removeEmptyDirs", + "partitionExpr", + "format", + "baseFileName", + "fileNameSuffix", + "maxFileSizeMB", + "maxFileOpenTimeSec", + "maxFileIdleTimeSec", + "maxOpenFiles", + "headerLine", + "writeHighWaterMark", + "onBackpressure", + "deadletterEnabled", + "onDiskFullBackpressure", + "forceCloseOnShutdown", + "retrySettings", + "orphans", + "awsSecretKey", + "objectACL", + "storageClass", + "serverSideEncryption", + "description", + "awsApiKey", + "awsSecret", + "compress", + "compressionLevel", + "automaticSchema", + "parquetSchema", + "parquetVersion", + "parquetDataPageVersion", + "parquetRowGroupLength", + "parquetPageSize", + "shouldLogInvalidRows", + "keyValueMetadata", + "enableStatistics", + "enableWritePageIndex", + "enablePageChecksum", + "emptyDirCleanupSec", + "directoryBatchSize", + "deadletterPath", + "maxRetryNum", + "__template_streamtags", + "__template_bucket", + "__template_region", + "__template_destPath", + "__template_partitionExpr", + "__template_format", + "__template_baseFileName", + "__template_fileNameSuffix", + "__template_onBackpressure", + "__template_awsSecretKey", + "__template_objectACL", + "__template_storageClass", + "__template_serverSideEncryption", + "__template_awsApiKey", + "__template_compress", + "__template_parquetSchema", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeCloudwatch(str, Enum): + CLOUDWATCH = "cloudwatch" + + +class CreateOutputPqControlsCloudwatchTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsCloudwatch(BaseModel): + pass + + +class CreateOutputOutputCloudwatchTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeCloudwatch + log_group_name: str + r"""CloudWatch log group to associate events with""" + log_stream_name: str + r"""Prefix for CloudWatch log stream name. This prefix will be used to generate a unique log stream name per cribl instance, for example: myStream_myHost_myOutputId""" + region: str + r"""Region where the CloudWatchLogs is located""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] + r"""AWS authentication method. Choose Auto to use IAM roles.""" + aws_secret_key: NotRequired[str] + endpoint: NotRequired[str] + r"""CloudWatchLogs service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to CloudWatchLogs-compatible endpoint.""" + reuse_connections: NotRequired[bool] + r"""Reuse connections between requests, which can improve performance""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + enable_assume_role: NotRequired[bool] + r"""Use Assume Role credentials to access CloudWatchLogs""" + assume_role_arn: NotRequired[str] + r"""Amazon Resource Name (ARN) of the role to assume""" + assume_role_external_id: NotRequired[str] + r"""External ID to use when assuming role""" + duration_seconds: NotRequired[float] + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + max_queue_size: NotRequired[float] + r"""Maximum number of queued batches before blocking""" + max_record_size_kb: NotRequired[float] + r"""Maximum size (KB) of each individual record before compression. For non compressible data 1MB is the max recommended size""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + aws_api_key: NotRequired[str] + aws_secret: NotRequired[str] + r"""Select or create a stored secret that references your access key and secret key""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsCloudwatchTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_log_group_name: NotRequired[str] + r"""Binds 'logGroupName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logGroupName' at runtime.""" + template_log_stream_name: NotRequired[str] + r"""Binds 'logStreamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logStreamName' at runtime.""" + template_aws_secret_key: NotRequired[str] + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_endpoint: NotRequired[str] + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + template_assume_role_arn: NotRequired[str] + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + template_assume_role_external_id: NotRequired[str] + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_aws_api_key: NotRequired[str] + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + +class CreateOutputOutputCloudwatch(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeCloudwatch + + log_group_name: Annotated[str, pydantic.Field(alias="logGroupName")] + r"""CloudWatch log group to associate events with""" + + log_stream_name: Annotated[str, pydantic.Field(alias="logStreamName")] + r"""Prefix for CloudWatch log stream name. This prefix will be used to generate a unique log stream name per cribl instance, for example: myStream_myHost_myOutputId""" + + region: str + r"""Region where the CloudWatchLogs is located""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + aws_authentication_method: Annotated[ + Optional[AuthenticationMethodOptionsS3CollectorConf], + pydantic.Field(alias="awsAuthenticationMethod"), + ] = None + r"""AWS authentication method. Choose Auto to use IAM roles.""" + + aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( + None + ) + + endpoint: Optional[str] = None + r"""CloudWatchLogs service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to CloudWatchLogs-compatible endpoint.""" + + reuse_connections: Annotated[ + Optional[bool], pydantic.Field(alias="reuseConnections") + ] = None + r"""Reuse connections between requests, which can improve performance""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + + enable_assume_role: Annotated[ + Optional[bool], pydantic.Field(alias="enableAssumeRole") + ] = None + r"""Use Assume Role credentials to access CloudWatchLogs""" + + assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( + None + ) + r"""Amazon Resource Name (ARN) of the role to assume""" + + assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="assumeRoleExternalId") + ] = None + r"""External ID to use when assuming role""" + + duration_seconds: Annotated[ + Optional[float], pydantic.Field(alias="durationSeconds") + ] = None + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + + max_queue_size: Annotated[Optional[float], pydantic.Field(alias="maxQueueSize")] = ( + None + ) + r"""Maximum number of queued batches before blocking""" + + max_record_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSizeKB") + ] = None + r"""Maximum size (KB) of each individual record before compression. For non compressible data 1MB is the max recommended size""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None + + aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None + r"""Select or create a stored secret that references your access key and secret key""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsCloudwatch], pydantic.Field(alias="pqControls") + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_log_group_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_logGroupName") + ] = None + r"""Binds 'logGroupName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logGroupName' at runtime.""" + + template_log_stream_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_logStreamName") + ] = None + r"""Binds 'logStreamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logStreamName' at runtime.""" + + template_aws_secret_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsSecretKey") + ] = None + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_endpoint") + ] = None + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + + template_assume_role_arn: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleArn") + ] = None + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + + template_assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") + ] = None + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_aws_api_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsApiKey") + ] = None + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + @field_serializer("aws_authentication_method") + def serialize_aws_authentication_method(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsS3CollectorConf(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "awsAuthenticationMethod", + "awsSecretKey", + "endpoint", + "reuseConnections", + "rejectUnauthorized", + "enableAssumeRole", + "assumeRoleArn", + "assumeRoleExternalId", + "durationSeconds", + "maxQueueSize", + "maxRecordSizeKB", + "flushPeriodSec", + "onBackpressure", + "description", + "awsApiKey", + "awsSecret", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_logGroupName", + "__template_logStreamName", + "__template_awsSecretKey", + "__template_region", + "__template_endpoint", + "__template_assumeRoleArn", + "__template_assumeRoleExternalId", + "__template_onBackpressure", + "__template_awsApiKey", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeInfluxdb(str, Enum): + INFLUXDB = "influxdb" + + +class CreateOutputTimestampPrecision(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Sets the precision for the supplied Unix time values. Defaults to milliseconds.""" + + # Nanoseconds + NS = "ns" + # Microseconds + U = "u" + # Milliseconds + MS = "ms" + # Seconds + S = "s" + # Minutes + M = "m" + # Hours + H = "h" + + +class CreateOutputAuthenticationTypeInfluxdb(str, Enum, metaclass=utils.OpenEnumMeta): + r"""InfluxDB authentication type""" + + # None + NONE = "none" + # Basic + BASIC = "basic" + # Basic (credentials secret) + CREDENTIALS_SECRET = "credentialsSecret" + # Token + TOKEN = "token" + # Token (text secret) + TEXT_SECRET = "textSecret" + + +class CreateOutputPqControlsInfluxdbTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsInfluxdb(BaseModel): + pass + + +class CreateOutputOutputInfluxdbTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeInfluxdb + url: str + r"""URL of an InfluxDB cluster to send events to, e.g., http://localhost:8086/write""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + use_v2_api: NotRequired[bool] + r"""The v2 API can be enabled with InfluxDB versions 1.8 and later.""" + timestamp_precision: NotRequired[CreateOutputTimestampPrecision] + r"""Sets the precision for the supplied Unix time values. Defaults to milliseconds.""" + dynamic_value_field_name: NotRequired[bool] + r"""Enabling this will pull the value field from the metric name. E,g, 'db.query.user' will use 'db.query' as the measurement and 'user' as the value field.""" + value_field_name: NotRequired[str] + r"""Name of the field in which to store the metric when sending to InfluxDB. If dynamic generation is enabled and fails, this will be used as a fallback.""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[CreateOutputAuthenticationTypeInfluxdb] + r"""InfluxDB authentication type""" + description: NotRequired[str] + database: NotRequired[str] + r"""Database to write to.""" + bucket: NotRequired[str] + r"""Bucket to write to.""" + org: NotRequired[str] + r"""Organization ID for this bucket.""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsInfluxdbTypedDict] + username: NotRequired[str] + password: NotRequired[str] + token: NotRequired[str] + r"""Bearer token to include in the authorization header""" + credentials_secret: NotRequired[str] + r"""Select or create a secret that references your credentials""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_database: NotRequired[str] + r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" + template_bucket: NotRequired[str] + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + + +class CreateOutputOutputInfluxdb(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeInfluxdb + + url: str + r"""URL of an InfluxDB cluster to send events to, e.g., http://localhost:8086/write""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + use_v2_api: Annotated[Optional[bool], pydantic.Field(alias="useV2API")] = None + r"""The v2 API can be enabled with InfluxDB versions 1.8 and later.""" + + timestamp_precision: Annotated[ + Optional[CreateOutputTimestampPrecision], + pydantic.Field(alias="timestampPrecision"), + ] = None + r"""Sets the precision for the supplied Unix time values. Defaults to milliseconds.""" + + dynamic_value_field_name: Annotated[ + Optional[bool], pydantic.Field(alias="dynamicValueFieldName") + ] = None + r"""Enabling this will pull the value field from the metric name. E,g, 'db.query.user' will use 'db.query' as the measurement and 'user' as the value field.""" + + value_field_name: Annotated[ + Optional[str], pydantic.Field(alias="valueFieldName") + ] = None + r"""Name of the field in which to store the metric when sending to InfluxDB. If dynamic generation is enabled and fails, this will be used as a fallback.""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[CreateOutputAuthenticationTypeInfluxdb], + pydantic.Field(alias="authType"), + ] = None + r"""InfluxDB authentication type""" + + description: Optional[str] = None + + database: Optional[str] = None + r"""Database to write to.""" + + bucket: Optional[str] = None + r"""Bucket to write to.""" + + org: Optional[str] = None + r"""Organization ID for this bucket.""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsInfluxdb], pydantic.Field(alias="pqControls") + ] = None + + username: Optional[str] = None + + password: Optional[str] = None + + token: Optional[str] = None + r"""Bearer token to include in the authorization header""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a secret that references your credentials""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_database: Annotated[ + Optional[str], pydantic.Field(alias="__template_database") + ] = None + r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" + + template_bucket: Annotated[ + Optional[str], pydantic.Field(alias="__template_bucket") + ] = None + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + + @field_serializer("timestamp_precision") + def serialize_timestamp_precision(self, value): + if isinstance(value, str): + try: + return models.CreateOutputTimestampPrecision(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.CreateOutputAuthenticationTypeInfluxdb(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "useV2API", + "timestampPrecision", + "dynamicValueFieldName", + "valueFieldName", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "authType", + "description", + "database", + "bucket", + "org", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "username", + "password", + "token", + "credentialsSecret", + "textSecret", + "__template_streamtags", + "__template_url", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_database", + "__template_bucket", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeNewrelicEvents(str, Enum): + NEWRELIC_EVENTS = "newrelic_events" + + +class CreateOutputPqControlsNewrelicEventsTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsNewrelicEvents(BaseModel): + pass + + +class CreateOutputOutputNewrelicEventsTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeNewrelicEvents + account_id: str + r"""New Relic account ID""" + event_type: str + r"""Default New Relic eventType to use when event type is not present. For more information, see the [New Relic eventType documentation](https://docs.newrelic.com/docs/telemetry-data-platform/custom-data/custom-events/data-requirements-limits-custom-event-data/#reserved-words).""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + region: NotRequired[RegionOptions] + r"""Which New Relic region endpoint to use.""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[AuthenticationMethodOptionsAPI] + r"""Enter API key directly, or select a stored secret""" + description: NotRequired[str] + custom_url: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsNewrelicEventsTypedDict] + api_key: NotRequired[str] + r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_account_id: NotRequired[str] + r"""Binds 'accountId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'accountId' at runtime.""" + template_event_type: NotRequired[str] + r"""Binds 'eventType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'eventType' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_custom_url: NotRequired[str] + r"""Binds 'customUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customUrl' at runtime.""" + + +class CreateOutputOutputNewrelicEvents(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeNewrelicEvents + + account_id: Annotated[str, pydantic.Field(alias="accountId")] + r"""New Relic account ID""" + + event_type: Annotated[str, pydantic.Field(alias="eventType")] + r"""Default New Relic eventType to use when event type is not present. For more information, see the [New Relic eventType documentation](https://docs.newrelic.com/docs/telemetry-data-platform/custom-data/custom-events/data-requirements-limits-custom-event-data/#reserved-words).""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + region: Optional[RegionOptions] = None + r"""Which New Relic region endpoint to use.""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAPI], pydantic.Field(alias="authType") + ] = None + r"""Enter API key directly, or select a stored secret""" + + description: Optional[str] = None + + custom_url: Annotated[Optional[str], pydantic.Field(alias="customUrl")] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsNewrelicEvents], + pydantic.Field(alias="pqControls"), + ] = None + + api_key: Annotated[Optional[str], pydantic.Field(alias="apiKey")] = None + r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_account_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_accountId") + ] = None + r"""Binds 'accountId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'accountId' at runtime.""" + + template_event_type: Annotated[ + Optional[str], pydantic.Field(alias="__template_eventType") + ] = None + r"""Binds 'eventType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'eventType' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_custom_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_customUrl") + ] = None + r"""Binds 'customUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customUrl' at runtime.""" + + @field_serializer("region") + def serialize_region(self, value): + if isinstance(value, str): + try: + return models.RegionOptions(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAPI(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "region", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "authType", + "description", + "customUrl", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "apiKey", + "textSecret", + "__template_streamtags", + "__template_region", + "__template_accountId", + "__template_eventType", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_customUrl", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeNewrelic(str, Enum): + NEWRELIC = "newrelic" + + +class CreateOutputFieldName(str, Enum, metaclass=utils.OpenEnumMeta): + SERVICE = "service" + HOSTNAME = "hostname" + TIMESTAMP = "timestamp" + AUDIT_ID = "auditId" + + +class CreateOutputMetadatumTypedDict(TypedDict): + name: CreateOutputFieldName + value: str + r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)""" + + +class CreateOutputMetadatum(BaseModel): + name: CreateOutputFieldName + + value: str + r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)""" + + @field_serializer("name") + def serialize_name(self, value): + if isinstance(value, str): + try: + return models.CreateOutputFieldName(value) + except ValueError: + return value + return value + + +class CreateOutputPqControlsNewrelicTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsNewrelic(BaseModel): + pass + + +class CreateOutputOutputNewrelicTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeNewrelic + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + region: NotRequired[RegionOptions] + r"""Which New Relic region endpoint to use.""" + log_type: NotRequired[str] + r"""Name of the logtype to send with events, e.g.: observability, access_log. The event's 'sourcetype' field (if set) will override this value.""" + message_field: NotRequired[str] + r"""Name of field to send as log message value. If not present, event will be serialized and sent as JSON.""" + metadata: NotRequired[List[CreateOutputMetadatumTypedDict]] + r"""Fields to add to events from this input""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[AuthenticationMethodOptionsAPI] + r"""Enter API key directly, or select a stored secret""" + total_memory_limit_kb: NotRequired[float] + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + description: NotRequired[str] + custom_url: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsNewrelicTypedDict] + api_key: NotRequired[str] + r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_log_type: NotRequired[str] + r"""Binds 'logType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logType' at runtime.""" + template_message_field: NotRequired[str] + r"""Binds 'messageField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'messageField' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputOutputNewrelic(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeNewrelic + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + region: Optional[RegionOptions] = None + r"""Which New Relic region endpoint to use.""" + + log_type: Annotated[Optional[str], pydantic.Field(alias="logType")] = None + r"""Name of the logtype to send with events, e.g.: observability, access_log. The event's 'sourcetype' field (if set) will override this value.""" + + message_field: Annotated[Optional[str], pydantic.Field(alias="messageField")] = None + r"""Name of field to send as log message value. If not present, event will be serialized and sent as JSON.""" + + metadata: Optional[List[CreateOutputMetadatum]] = None + r"""Fields to add to events from this input""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAPI], pydantic.Field(alias="authType") + ] = None + r"""Enter API key directly, or select a stored secret""" + + total_memory_limit_kb: Annotated[ + Optional[float], pydantic.Field(alias="totalMemoryLimitKB") + ] = None + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + + description: Optional[str] = None + + custom_url: Annotated[Optional[str], pydantic.Field(alias="customUrl")] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsNewrelic], pydantic.Field(alias="pqControls") + ] = None + + api_key: Annotated[Optional[str], pydantic.Field(alias="apiKey")] = None + r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_log_type: Annotated[ + Optional[str], pydantic.Field(alias="__template_logType") + ] = None + r"""Binds 'logType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logType' at runtime.""" + + template_message_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_messageField") + ] = None + r"""Binds 'messageField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'messageField' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("region") + def serialize_region(self, value): + if isinstance(value, str): + try: + return models.RegionOptions(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAPI(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "region", + "logType", + "messageField", + "metadata", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "authType", + "totalMemoryLimitKB", + "description", + "customUrl", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "apiKey", + "textSecret", + "__template_streamtags", + "__template_region", + "__template_logType", + "__template_messageField", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeElasticCloud(str, Enum): + ELASTIC_CLOUD = "elastic_cloud" + + +class CreateOutputPqControlsElasticCloudTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsElasticCloud(BaseModel): + pass + + +class CreateOutputOutputElasticCloudTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeElasticCloud + url: str + r"""Enter Cloud ID of the Elastic Cloud environment to send events to""" + index: str + r"""Data stream or index to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + extra_params: NotRequired[List[SaslExtensionConfInputKafkaTypedDict]] + r"""Extra parameters to use in HTTP requests""" + auth: NotRequired[AuthTypeTemplatemanualAPIKeyAuthTypeTypedDict] + elastic_pipeline: NotRequired[str] + r"""Optional Elastic Cloud Destination pipeline""" + include_doc_id: NotRequired[bool] + r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsElasticCloudTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + template_index: NotRequired[str] + r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_elastic_pipeline: NotRequired[str] + r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputOutputElasticCloud(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeElasticCloud + + url: str + r"""Enter Cloud ID of the Elastic Cloud environment to send events to""" + + index: str + r"""Data stream or index to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + extra_params: Annotated[ + Optional[List[SaslExtensionConfInputKafka]], pydantic.Field(alias="extraParams") + ] = None + r"""Extra parameters to use in HTTP requests""" + + auth: Optional[AuthTypeTemplatemanualAPIKeyAuthType] = None + + elastic_pipeline: Annotated[ + Optional[str], pydantic.Field(alias="elasticPipeline") + ] = None + r"""Optional Elastic Cloud Destination pipeline""" + + include_doc_id: Annotated[Optional[bool], pydantic.Field(alias="includeDocId")] = ( + None + ) + r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsElasticCloud], pydantic.Field(alias="pqControls") + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + template_index: Annotated[ + Optional[str], pydantic.Field(alias="__template_index") + ] = None + r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_elastic_pipeline: Annotated[ + Optional[str], pydantic.Field(alias="__template_elasticPipeline") + ] = None + r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "failedRequestLoggingMode", + "safeHeaders", + "extraParams", + "auth", + "elasticPipeline", + "includeDocId", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "description", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_url", + "__template_index", + "__template_failedRequestLoggingMode", + "__template_elasticPipeline", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeElastic(str, Enum): + ELASTIC = "elastic" + + +class CreateOutputElasticVersion(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Optional Elasticsearch version, used to format events. If not specified, will auto-discover version.""" + + # Auto + AUTO = "auto" + # 6.x + SIX = "6" + # 7.x + SEVEN = "7" + + +class CreateOutputWriteAction(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Action to use when writing events. Must be set to `Create` when writing to a data stream.""" + + # Index + INDEX = "index" + # Create + CREATE = "create" + + +class CreateOutputURLElasticTypedDict(TypedDict): + url: str + r"""The URL to an Elastic node to send events to. Example: http://elastic:9200/_bulk""" + weight: NotRequired[float] + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + +class CreateOutputURLElastic(BaseModel): + url: str + r"""The URL to an Elastic node to send events to. Example: http://elastic:9200/_bulk""" + + weight: Optional[float] = None + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["weight", "__template_url"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputPqControlsElasticTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsElastic(BaseModel): + pass + + +class CreateOutputOutputElasticTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeElastic + index: str + r"""Index or data stream to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + load_balanced: NotRequired[bool] + r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" + doc_type: NotRequired[str] + r"""Document type to use for events. Can be overwritten by an event's __type field.""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + extra_params: NotRequired[List[SaslExtensionConfInputKafkaTypedDict]] + auth: NotRequired[AuthTypeTemplatemanualAPIKeyAuthTypeTypedDict] + elastic_version: NotRequired[CreateOutputElasticVersion] + r"""Optional Elasticsearch version, used to format events. If not specified, will auto-discover version.""" + elastic_pipeline: NotRequired[str] + r"""Optional Elasticsearch destination pipeline""" + include_doc_id: NotRequired[bool] + r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" + write_action: NotRequired[CreateOutputWriteAction] + r"""Action to use when writing events. Must be set to `Create` when writing to a data stream.""" + retry_partial_errors: NotRequired[bool] + r"""Retry failed events when a bulk request to Elastic is successful, but the response body returns an error for one or more events in the batch""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + url: NotRequired[str] + r"""The Cloud ID or URL to an Elastic cluster to send events to. Example: http://elastic:9200/_bulk""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + exclude_self: NotRequired[bool] + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + urls: NotRequired[List[CreateOutputURLElasticTypedDict]] + dns_resolve_period_sec: NotRequired[float] + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + load_balance_stats_period_sec: NotRequired[float] + r"""How far back in time to keep traffic stats for load balancing purposes""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsElasticTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_index: NotRequired[str] + r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" + template_doc_type: NotRequired[str] + r"""Binds 'docType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'docType' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_elastic_pipeline: NotRequired[str] + r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + +class CreateOutputOutputElastic(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeElastic + + index: str + r"""Index or data stream to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( + None + ) + r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" + + doc_type: Annotated[Optional[str], pydantic.Field(alias="docType")] = None + r"""Document type to use for events. Can be overwritten by an event's __type field.""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + extra_params: Annotated[ + Optional[List[SaslExtensionConfInputKafka]], pydantic.Field(alias="extraParams") + ] = None + + auth: Optional[AuthTypeTemplatemanualAPIKeyAuthType] = None + + elastic_version: Annotated[ + Optional[CreateOutputElasticVersion], pydantic.Field(alias="elasticVersion") + ] = None + r"""Optional Elasticsearch version, used to format events. If not specified, will auto-discover version.""" + + elastic_pipeline: Annotated[ + Optional[str], pydantic.Field(alias="elasticPipeline") + ] = None + r"""Optional Elasticsearch destination pipeline""" + + include_doc_id: Annotated[Optional[bool], pydantic.Field(alias="includeDocId")] = ( + None + ) + r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" + + write_action: Annotated[ + Optional[CreateOutputWriteAction], pydantic.Field(alias="writeAction") + ] = None + r"""Action to use when writing events. Must be set to `Create` when writing to a data stream.""" + + retry_partial_errors: Annotated[ + Optional[bool], pydantic.Field(alias="retryPartialErrors") + ] = None + r"""Retry failed events when a bulk request to Elastic is successful, but the response body returns an error for one or more events in the batch""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + url: Optional[str] = None + r"""The Cloud ID or URL to an Elastic cluster to send events to. Example: http://elastic:9200/_bulk""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + + urls: Optional[List[CreateOutputURLElastic]] = None + + dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") + ] = None + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + + load_balance_stats_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") + ] = None + r"""How far back in time to keep traffic stats for load balancing purposes""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsElastic], pydantic.Field(alias="pqControls") + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_index: Annotated[ + Optional[str], pydantic.Field(alias="__template_index") + ] = None + r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" + + template_doc_type: Annotated[ + Optional[str], pydantic.Field(alias="__template_docType") + ] = None + r"""Binds 'docType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'docType' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_elastic_pipeline: Annotated[ + Optional[str], pydantic.Field(alias="__template_elasticPipeline") + ] = None + r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("elastic_version") + def serialize_elastic_version(self, value): + if isinstance(value, str): + try: + return models.CreateOutputElasticVersion(value) + except ValueError: + return value + return value + + @field_serializer("write_action") + def serialize_write_action(self, value): + if isinstance(value, str): + try: + return models.CreateOutputWriteAction(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "loadBalanced", + "docType", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "extraParams", + "auth", + "elasticVersion", + "elasticPipeline", + "includeDocId", + "writeAction", + "retryPartialErrors", + "onBackpressure", + "description", + "url", + "useRoundRobinDns", + "excludeSelf", + "urls", + "dnsResolvePeriodSec", + "loadBalanceStatsPeriodSec", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_index", + "__template_docType", + "__template_failedRequestLoggingMode", + "__template_elasticPipeline", + "__template_onBackpressure", + "__template_url", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeMsk(str, Enum): + MSK = "msk" + + +class CreateOutputPqControlsMskTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsMsk(BaseModel): + pass + + +class CreateOutputOutputMskTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeMsk + brokers: List[str] + r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" + topic: str + r"""The topic to publish events to. Can be overridden using the __topicOut field.""" + aws_authentication_method: AuthenticationMethodOptionsS3CollectorConf + r"""AWS authentication method. Choose Auto to use IAM roles.""" + region: str + r"""Region where the MSK cluster is located""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + ack: NotRequired[AcknowledgmentsOptionsAllLeader] + r"""Control the number of required acknowledgments.""" + format_: NotRequired[RecordDataFormatOptionsJSONProtobuf] + r"""Format to use to serialize events before writing to Kafka.""" + compression: NotRequired[CompressionOptionsGzipLz4] + r"""Codec to use to compress the data before sending to Kafka""" + max_record_size_kb: NotRequired[float] + r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" + flush_event_count: NotRequired[float] + r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" + flush_period_sec: NotRequired[float] + r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" + kafka_schema_registry: NotRequired[ + KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict + ] + connection_timeout: NotRequired[float] + r"""Maximum time to wait for a connection to complete successfully""" + request_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to a request""" + max_retries: NotRequired[float] + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + max_back_off: NotRequired[float] + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + initial_backoff: NotRequired[float] + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + backoff_rate: NotRequired[float] + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + authentication_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to an authentication request""" + reauthentication_threshold: NotRequired[float] + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + aws_secret_key: NotRequired[str] + endpoint: NotRequired[str] + r"""MSK cluster service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to MSK cluster-compatible endpoint.""" + reuse_connections: NotRequired[bool] + r"""Reuse connections between requests, which can improve performance""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + enable_assume_role: NotRequired[bool] + r"""Use Assume Role credentials to access MSK""" + assume_role_arn: NotRequired[str] + r"""Amazon Resource Name (ARN) of the role to assume""" + assume_role_external_id: NotRequired[str] + r"""External ID to use when assuming role""" + duration_seconds: NotRequired[float] + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + aws_api_key: NotRequired[str] + aws_secret: NotRequired[str] + r"""Select or create a stored secret that references your access key and secret key""" + protobuf_library_id: NotRequired[str] + r"""Select a set of Protobuf definitions for the events you want to send""" + protobuf_encoding_id: NotRequired[str] + r"""Select the type of object you want the Protobuf definitions to use for event encoding""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsMskTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_topic: NotRequired[str] + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_compression: NotRequired[str] + r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" + template_aws_secret_key: NotRequired[str] + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_endpoint: NotRequired[str] + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + template_assume_role_arn: NotRequired[str] + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + template_assume_role_external_id: NotRequired[str] + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_aws_api_key: NotRequired[str] + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + +class CreateOutputOutputMsk(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeMsk + + brokers: List[str] + r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" + + topic: str + r"""The topic to publish events to. Can be overridden using the __topicOut field.""" + + aws_authentication_method: Annotated[ + AuthenticationMethodOptionsS3CollectorConf, + pydantic.Field(alias="awsAuthenticationMethod"), + ] + r"""AWS authentication method. Choose Auto to use IAM roles.""" + + region: str + r"""Region where the MSK cluster is located""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + ack: Optional[AcknowledgmentsOptionsAllLeader] = None + r"""Control the number of required acknowledgments.""" + + format_: Annotated[ + Optional[RecordDataFormatOptionsJSONProtobuf], pydantic.Field(alias="format") + ] = None + r"""Format to use to serialize events before writing to Kafka.""" + + compression: Optional[CompressionOptionsGzipLz4] = None + r"""Codec to use to compress the data before sending to Kafka""" + + max_record_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSizeKB") + ] = None + r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" + + flush_event_count: Annotated[ + Optional[float], pydantic.Field(alias="flushEventCount") + ] = None + r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" + + kafka_schema_registry: Annotated[ + Optional[KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth], + pydantic.Field(alias="kafkaSchemaRegistry"), + ] = None + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Maximum time to wait for a connection to complete successfully""" + + request_timeout: Annotated[ + Optional[float], pydantic.Field(alias="requestTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to a request""" + + max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + + max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + + initial_backoff: Annotated[ + Optional[float], pydantic.Field(alias="initialBackoff") + ] = None + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + + backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + + authentication_timeout: Annotated[ + Optional[float], pydantic.Field(alias="authenticationTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to an authentication request""" + + reauthentication_threshold: Annotated[ + Optional[float], pydantic.Field(alias="reauthenticationThreshold") + ] = None + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + + aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( + None + ) + + endpoint: Optional[str] = None + r"""MSK cluster service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to MSK cluster-compatible endpoint.""" + + reuse_connections: Annotated[ + Optional[bool], pydantic.Field(alias="reuseConnections") + ] = None + r"""Reuse connections between requests, which can improve performance""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + + enable_assume_role: Annotated[ + Optional[bool], pydantic.Field(alias="enableAssumeRole") + ] = None + r"""Use Assume Role credentials to access MSK""" + + assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( + None + ) + r"""Amazon Resource Name (ARN) of the role to assume""" + + assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="assumeRoleExternalId") + ] = None + r"""External ID to use when assuming role""" + + duration_seconds: Annotated[ + Optional[float], pydantic.Field(alias="durationSeconds") + ] = None + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None + + aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None + r"""Select or create a stored secret that references your access key and secret key""" + + protobuf_library_id: Annotated[ + Optional[str], pydantic.Field(alias="protobufLibraryId") + ] = None + r"""Select a set of Protobuf definitions for the events you want to send""" + + protobuf_encoding_id: Annotated[ + Optional[str], pydantic.Field(alias="protobufEncodingId") + ] = None + r"""Select the type of object you want the Protobuf definitions to use for event encoding""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsMsk], pydantic.Field(alias="pqControls") + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_topic: Annotated[ + Optional[str], pydantic.Field(alias="__template_topic") + ] = None + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_compression: Annotated[ + Optional[str], pydantic.Field(alias="__template_compression") + ] = None + r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" + + template_aws_secret_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsSecretKey") + ] = None + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_endpoint") + ] = None + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + + template_assume_role_arn: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleArn") + ] = None + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + + template_assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") + ] = None + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_aws_api_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsApiKey") + ] = None + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + @field_serializer("ack") + def serialize_ack(self, value): + if isinstance(value, str): + try: + return models.AcknowledgmentsOptionsAllLeader(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.RecordDataFormatOptionsJSONProtobuf(value) + except ValueError: + return value + return value + + @field_serializer("compression") + def serialize_compression(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsGzipLz4(value) + except ValueError: + return value + return value + + @field_serializer("aws_authentication_method") + def serialize_aws_authentication_method(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsS3CollectorConf(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "ack", + "format", + "compression", + "maxRecordSizeKB", + "flushEventCount", + "flushPeriodSec", + "kafkaSchemaRegistry", + "connectionTimeout", + "requestTimeout", + "maxRetries", + "maxBackOff", + "initialBackoff", + "backoffRate", + "authenticationTimeout", + "reauthenticationThreshold", + "awsSecretKey", + "endpoint", + "reuseConnections", + "rejectUnauthorized", + "enableAssumeRole", + "assumeRoleArn", + "assumeRoleExternalId", + "durationSeconds", + "tls", + "onBackpressure", + "description", + "awsApiKey", + "awsSecret", + "protobufLibraryId", + "protobufEncodingId", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_topic", + "__template_format", + "__template_compression", + "__template_awsSecretKey", + "__template_region", + "__template_endpoint", + "__template_assumeRoleArn", + "__template_assumeRoleExternalId", + "__template_onBackpressure", + "__template_awsApiKey", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeConfluentCloud(str, Enum): + CONFLUENT_CLOUD = "confluent_cloud" + + +class CreateOutputPqControlsConfluentCloudTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsConfluentCloud(BaseModel): + pass + + +class CreateOutputOutputConfluentCloudTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeConfluentCloud + brokers: List[str] + r"""List of Confluent Cloud bootstrap servers to use, such as yourAccount.confluent.cloud:9092.""" + topic: str + r"""The topic to publish events to. Can be overridden using the __topicOut field.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] + ack: NotRequired[AcknowledgmentsOptionsAllLeader] + r"""Control the number of required acknowledgments.""" + format_: NotRequired[RecordDataFormatOptionsJSONProtobuf] + r"""Format to use to serialize events before writing to Kafka.""" + compression: NotRequired[CompressionOptionsGzipLz4] + r"""Codec to use to compress the data before sending to Kafka""" + max_record_size_kb: NotRequired[float] + r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" + flush_event_count: NotRequired[float] + r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" + flush_period_sec: NotRequired[float] + r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" + kafka_schema_registry: NotRequired[ + KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict + ] + connection_timeout: NotRequired[float] + r"""Maximum time to wait for a connection to complete successfully""" + request_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to a request""" + max_retries: NotRequired[float] + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + max_back_off: NotRequired[float] + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + initial_backoff: NotRequired[float] + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + backoff_rate: NotRequired[float] + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + authentication_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to an authentication request""" + reauthentication_threshold: NotRequired[float] + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + sasl: NotRequired[AuthenticationTypeTypedDict] + r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + protobuf_library_id: NotRequired[str] + r"""Select a set of Protobuf definitions for the events you want to send""" + protobuf_encoding_id: NotRequired[str] + r"""Select the type of object you want the Protobuf definitions to use for event encoding""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsConfluentCloudTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_brokers: NotRequired[str] + r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" + template_topic: NotRequired[str] + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_compression: NotRequired[str] + r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputOutputConfluentCloud(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeConfluentCloud + + brokers: List[str] + r"""List of Confluent Cloud bootstrap servers to use, such as yourAccount.confluent.cloud:9092.""" + + topic: str + r"""The topic to publish events to. Can be overridden using the __topicOut field.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None + + ack: Optional[AcknowledgmentsOptionsAllLeader] = None + r"""Control the number of required acknowledgments.""" + + format_: Annotated[ + Optional[RecordDataFormatOptionsJSONProtobuf], pydantic.Field(alias="format") + ] = None + r"""Format to use to serialize events before writing to Kafka.""" + + compression: Optional[CompressionOptionsGzipLz4] = None + r"""Codec to use to compress the data before sending to Kafka""" + + max_record_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSizeKB") + ] = None + r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" + + flush_event_count: Annotated[ + Optional[float], pydantic.Field(alias="flushEventCount") + ] = None + r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" + + kafka_schema_registry: Annotated[ + Optional[KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth], + pydantic.Field(alias="kafkaSchemaRegistry"), + ] = None + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Maximum time to wait for a connection to complete successfully""" + + request_timeout: Annotated[ + Optional[float], pydantic.Field(alias="requestTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to a request""" + + max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + + max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + + initial_backoff: Annotated[ + Optional[float], pydantic.Field(alias="initialBackoff") + ] = None + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + + backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + + authentication_timeout: Annotated[ + Optional[float], pydantic.Field(alias="authenticationTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to an authentication request""" + + reauthentication_threshold: Annotated[ + Optional[float], pydantic.Field(alias="reauthenticationThreshold") + ] = None + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + + sasl: Optional[AuthenticationType] = None + r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + protobuf_library_id: Annotated[ + Optional[str], pydantic.Field(alias="protobufLibraryId") + ] = None + r"""Select a set of Protobuf definitions for the events you want to send""" + + protobuf_encoding_id: Annotated[ + Optional[str], pydantic.Field(alias="protobufEncodingId") + ] = None + r"""Select the type of object you want the Protobuf definitions to use for event encoding""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsConfluentCloud], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_brokers: Annotated[ + Optional[str], pydantic.Field(alias="__template_brokers") + ] = None + r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" + + template_topic: Annotated[ + Optional[str], pydantic.Field(alias="__template_topic") + ] = None + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_compression: Annotated[ + Optional[str], pydantic.Field(alias="__template_compression") + ] = None + r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("ack") + def serialize_ack(self, value): + if isinstance(value, str): + try: + return models.AcknowledgmentsOptionsAllLeader(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.RecordDataFormatOptionsJSONProtobuf(value) + except ValueError: + return value + return value + + @field_serializer("compression") + def serialize_compression(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsGzipLz4(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "tls", + "ack", + "format", + "compression", + "maxRecordSizeKB", + "flushEventCount", + "flushPeriodSec", + "kafkaSchemaRegistry", + "connectionTimeout", + "requestTimeout", + "maxRetries", + "maxBackOff", + "initialBackoff", + "backoffRate", + "authenticationTimeout", + "reauthenticationThreshold", + "sasl", + "onBackpressure", + "description", + "protobufLibraryId", + "protobufEncodingId", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_brokers", + "__template_topic", + "__template_format", + "__template_compression", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeKafka(str, Enum): + KAFKA = "kafka" + + +class CreateOutputPqControlsKafkaTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsKafka(BaseModel): + pass + + +class CreateOutputOutputKafkaTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeKafka + brokers: List[str] + r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" + topic: str + r"""The topic to publish events to. Can be overridden using the __topicOut field.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + ack: NotRequired[AcknowledgmentsOptionsAllLeader] + r"""Control the number of required acknowledgments.""" + format_: NotRequired[RecordDataFormatOptionsJSONProtobuf] + r"""Format to use to serialize events before writing to Kafka.""" + compression: NotRequired[CompressionOptionsGzipLz4] + r"""Codec to use to compress the data before sending to Kafka""" + max_record_size_kb: NotRequired[float] + r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" + flush_event_count: NotRequired[float] + r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" + flush_period_sec: NotRequired[float] + r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" + kafka_schema_registry: NotRequired[ + KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict + ] + connection_timeout: NotRequired[float] + r"""Maximum time to wait for a connection to complete successfully""" + request_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to a request""" + max_retries: NotRequired[float] + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + max_back_off: NotRequired[float] + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + initial_backoff: NotRequired[float] + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + backoff_rate: NotRequired[float] + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + authentication_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to an authentication request""" + reauthentication_threshold: NotRequired[float] + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + sasl: NotRequired[AuthenticationTypeTypedDict] + r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + protobuf_library_id: NotRequired[str] + r"""Select a set of Protobuf definitions for the events you want to send""" + protobuf_encoding_id: NotRequired[str] + r"""Select the type of object you want the Protobuf definitions to use for event encoding""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsKafkaTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_topic: NotRequired[str] + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_compression: NotRequired[str] + r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputOutputKafka(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeKafka + + brokers: List[str] + r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" + + topic: str + r"""The topic to publish events to. Can be overridden using the __topicOut field.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + ack: Optional[AcknowledgmentsOptionsAllLeader] = None + r"""Control the number of required acknowledgments.""" + + format_: Annotated[ + Optional[RecordDataFormatOptionsJSONProtobuf], pydantic.Field(alias="format") + ] = None + r"""Format to use to serialize events before writing to Kafka.""" + + compression: Optional[CompressionOptionsGzipLz4] = None + r"""Codec to use to compress the data before sending to Kafka""" + + max_record_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSizeKB") + ] = None + r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" + + flush_event_count: Annotated[ + Optional[float], pydantic.Field(alias="flushEventCount") + ] = None + r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" + + kafka_schema_registry: Annotated[ + Optional[KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth], + pydantic.Field(alias="kafkaSchemaRegistry"), + ] = None + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Maximum time to wait for a connection to complete successfully""" + + request_timeout: Annotated[ + Optional[float], pydantic.Field(alias="requestTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to a request""" + + max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + + max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + + initial_backoff: Annotated[ + Optional[float], pydantic.Field(alias="initialBackoff") + ] = None + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + + backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + + authentication_timeout: Annotated[ + Optional[float], pydantic.Field(alias="authenticationTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to an authentication request""" + + reauthentication_threshold: Annotated[ + Optional[float], pydantic.Field(alias="reauthenticationThreshold") + ] = None + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + + sasl: Optional[AuthenticationType] = None + r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + protobuf_library_id: Annotated[ + Optional[str], pydantic.Field(alias="protobufLibraryId") + ] = None + r"""Select a set of Protobuf definitions for the events you want to send""" + + protobuf_encoding_id: Annotated[ + Optional[str], pydantic.Field(alias="protobufEncodingId") + ] = None + r"""Select the type of object you want the Protobuf definitions to use for event encoding""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsKafka], pydantic.Field(alias="pqControls") + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_topic: Annotated[ + Optional[str], pydantic.Field(alias="__template_topic") + ] = None + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_compression: Annotated[ + Optional[str], pydantic.Field(alias="__template_compression") + ] = None + r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("ack") + def serialize_ack(self, value): + if isinstance(value, str): + try: + return models.AcknowledgmentsOptionsAllLeader(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.RecordDataFormatOptionsJSONProtobuf(value) + except ValueError: + return value + return value + + @field_serializer("compression") + def serialize_compression(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsGzipLz4(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "ack", + "format", + "compression", + "maxRecordSizeKB", + "flushEventCount", + "flushPeriodSec", + "kafkaSchemaRegistry", + "connectionTimeout", + "requestTimeout", + "maxRetries", + "maxBackOff", + "initialBackoff", + "backoffRate", + "authenticationTimeout", + "reauthenticationThreshold", + "sasl", + "tls", + "onBackpressure", + "description", + "protobufLibraryId", + "protobufEncodingId", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_topic", + "__template_format", + "__template_compression", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeExabeam(str, Enum): + EXABEAM = "exabeam" + + +class CreateOutputOutputExabeamTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeExabeam + bucket: str + r"""Name of the destination bucket. A constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a JavaScript Global Variable: `myBucket-${C.vars.myVar}`.""" + region: str + r"""Region where the bucket is located""" + stage_path: str + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + endpoint: str + r"""Google Cloud Storage service endpoint""" + collector_instance_id: str + r"""ID of the Exabeam Collector where data should be sent. Example: 11112222-3333-4444-5555-666677778888 + + """ + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + object_acl: NotRequired[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol] + r"""Object ACL to assign to uploaded objects""" + storage_class: NotRequired[StorageClassOptionsArchiveColdline] + r"""Storage class to select for uploaded objects""" + reuse_connections: NotRequired[bool] + r"""Reuse connections between requests, which can improve performance""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + add_id_to_stage_path: NotRequired[bool] + r"""Add the Output ID value to staging location""" + remove_empty_dirs: NotRequired[bool] + r"""Remove empty staging directories after moving files""" + max_file_open_time_sec: NotRequired[float] + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + max_file_idle_time_sec: NotRequired[float] + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + max_open_files: NotRequired[float] + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] + r"""How to handle events when all receivers are exerting backpressure""" + deadletter_enabled: NotRequired[bool] + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + retry_settings: NotRequired[RetrySettingsTypeTypedDict] + orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] + max_file_size_mb: NotRequired[float] + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + encoded_configuration: NotRequired[str] + r"""Enter an encoded string containing Exabeam configurations""" + site_name: NotRequired[str] + r"""Constant or JavaScript expression to create an Exabeam site name. Values that aren't successfully evaluated will be treated as string constants.""" + site_id: NotRequired[str] + r"""Exabeam site ID. If left blank, @{product} will use the value of the Exabeam site name.""" + timezone_offset: NotRequired[str] + aws_api_key: NotRequired[str] + r"""HMAC access key. Can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" + aws_secret_key: NotRequired[str] + r"""HMAC secret. Can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" + description: NotRequired[str] + empty_dir_cleanup_sec: NotRequired[float] + r"""How frequently, in seconds, to clean up empty directories""" + directory_batch_size: NotRequired[float] + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + deadletter_path: NotRequired[str] + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + max_retry_num: NotRequired[float] + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_endpoint: NotRequired[str] + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + template_object_acl: NotRequired[str] + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + template_storage_class: NotRequired[str] + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputOutputExabeam(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeExabeam + + bucket: str + r"""Name of the destination bucket. A constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a JavaScript Global Variable: `myBucket-${C.vars.myVar}`.""" + + region: str + r"""Region where the bucket is located""" + + stage_path: Annotated[str, pydantic.Field(alias="stagePath")] + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + + endpoint: str + r"""Google Cloud Storage service endpoint""" + + collector_instance_id: Annotated[str, pydantic.Field(alias="collectorInstanceId")] + r"""ID of the Exabeam Collector where data should be sent. Example: 11112222-3333-4444-5555-666677778888 + + """ + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + object_acl: Annotated[ + Optional[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol], + pydantic.Field(alias="objectACL"), + ] = None + r"""Object ACL to assign to uploaded objects""" + + storage_class: Annotated[ + Optional[StorageClassOptionsArchiveColdline], + pydantic.Field(alias="storageClass"), + ] = None + r"""Storage class to select for uploaded objects""" + + reuse_connections: Annotated[ + Optional[bool], pydantic.Field(alias="reuseConnections") + ] = None + r"""Reuse connections between requests, which can improve performance""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + + add_id_to_stage_path: Annotated[ + Optional[bool], pydantic.Field(alias="addIdToStagePath") + ] = None + r"""Add the Output ID value to staging location""" + + remove_empty_dirs: Annotated[ + Optional[bool], pydantic.Field(alias="removeEmptyDirs") + ] = None + r"""Remove empty staging directories after moving files""" + + max_file_open_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") + ] = None + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + + max_file_idle_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") + ] = None + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + + max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( + None + ) + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptionsBlockDrop], + pydantic.Field(alias="onBackpressure"), + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + deadletter_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="deadletterEnabled") + ] = None + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + + on_disk_full_backpressure: Annotated[ + Optional[DiskSpaceProtectionOptions], + pydantic.Field(alias="onDiskFullBackpressure"), + ] = None + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + + retry_settings: Annotated[ + Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") + ] = None + + orphans: Optional[OrphanFileRecoveryType] = None + + max_file_size_mb: Annotated[ + Optional[float], pydantic.Field(alias="maxFileSizeMB") + ] = None + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + + encoded_configuration: Annotated[ + Optional[str], pydantic.Field(alias="encodedConfiguration") + ] = None + r"""Enter an encoded string containing Exabeam configurations""" + + site_name: Annotated[Optional[str], pydantic.Field(alias="siteName")] = None + r"""Constant or JavaScript expression to create an Exabeam site name. Values that aren't successfully evaluated will be treated as string constants.""" + + site_id: Annotated[Optional[str], pydantic.Field(alias="siteId")] = None + r"""Exabeam site ID. If left blank, @{product} will use the value of the Exabeam site name.""" + + timezone_offset: Annotated[ + Optional[str], pydantic.Field(alias="timezoneOffset") + ] = None + + aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None + r"""HMAC access key. Can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" + + aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( + None + ) + r"""HMAC secret. Can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" + + description: Optional[str] = None + + empty_dir_cleanup_sec: Annotated[ + Optional[float], pydantic.Field(alias="emptyDirCleanupSec") + ] = None + r"""How frequently, in seconds, to clean up empty directories""" + + directory_batch_size: Annotated[ + Optional[float], pydantic.Field(alias="directoryBatchSize") + ] = None + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + + deadletter_path: Annotated[ + Optional[str], pydantic.Field(alias="deadletterPath") + ] = None + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + + max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( + None + ) + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_endpoint") + ] = None + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + + template_object_acl: Annotated[ + Optional[str], pydantic.Field(alias="__template_objectACL") + ] = None + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + + template_storage_class: Annotated[ + Optional[str], pydantic.Field(alias="__template_storageClass") + ] = None + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("object_acl") + def serialize_object_acl(self, value): + if isinstance(value, str): + try: + return models.ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol( + value + ) + except ValueError: + return value + return value + + @field_serializer("storage_class") + def serialize_storage_class(self, value): + if isinstance(value, str): + try: + return models.StorageClassOptionsArchiveColdline(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptionsBlockDrop(value) + except ValueError: + return value + return value + + @field_serializer("on_disk_full_backpressure") + def serialize_on_disk_full_backpressure(self, value): + if isinstance(value, str): + try: + return models.DiskSpaceProtectionOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "objectACL", + "storageClass", + "reuseConnections", + "rejectUnauthorized", + "addIdToStagePath", + "removeEmptyDirs", + "maxFileOpenTimeSec", + "maxFileIdleTimeSec", + "maxOpenFiles", + "onBackpressure", + "deadletterEnabled", + "onDiskFullBackpressure", + "retrySettings", + "orphans", + "maxFileSizeMB", + "encodedConfiguration", + "siteName", + "siteId", + "timezoneOffset", + "awsApiKey", + "awsSecretKey", + "description", + "emptyDirCleanupSec", + "directoryBatchSize", + "deadletterPath", + "maxRetryNum", + "__template_streamtags", + "__template_region", + "__template_endpoint", + "__template_objectACL", + "__template_storageClass", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeGooglePubsub(str, Enum): + GOOGLE_PUBSUB = "google_pubsub" + + +class CreateOutputPqControlsGooglePubsubTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsGooglePubsub(BaseModel): + pass + + +class CreateOutputOutputGooglePubsubTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeGooglePubsub + topic_name: str + r"""ID of the topic to send events to.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + create_topic: NotRequired[bool] + r"""If enabled, create topic if it does not exist.""" + ordered_delivery: NotRequired[bool] + r"""If enabled, send events in the order they were added to the queue. For this to work correctly, the process receiving events must have ordering enabled.""" + region: NotRequired[str] + r"""Region to publish messages to. Select 'default' to allow Google to auto-select the nearest region. When using ordered delivery, the selected region must be allowed by message storage policy.""" + google_auth_method: NotRequired[GoogleAuthenticationMethodOptions] + r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" + service_account_credentials: NotRequired[str] + r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" + secret: NotRequired[str] + r"""Select or create a stored text secret""" + batch_size: NotRequired[float] + r"""The maximum number of items the Google API should batch before it sends them to the topic.""" + batch_timeout: NotRequired[float] + r"""The maximum amount of time, in milliseconds, that the Google API should wait to send a batch (if the Batch size is not reached).""" + max_queue_size: NotRequired[float] + r"""Maximum number of queued batches before blocking.""" + max_record_size_kb: NotRequired[float] + r"""Maximum size (KB) of batches to send.""" + flush_period: NotRequired[float] + r"""Maximum time to wait before sending a batch (when batch size limit is not reached)""" + max_in_progress: NotRequired[float] + r"""The maximum number of in-progress API requests before backpressure is applied.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsGooglePubsubTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_topic_name: NotRequired[str] + r"""Binds 'topicName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicName' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputOutputGooglePubsub(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeGooglePubsub + + topic_name: Annotated[str, pydantic.Field(alias="topicName")] + r"""ID of the topic to send events to.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + create_topic: Annotated[Optional[bool], pydantic.Field(alias="createTopic")] = None + r"""If enabled, create topic if it does not exist.""" + + ordered_delivery: Annotated[ + Optional[bool], pydantic.Field(alias="orderedDelivery") + ] = None + r"""If enabled, send events in the order they were added to the queue. For this to work correctly, the process receiving events must have ordering enabled.""" + + region: Optional[str] = None + r"""Region to publish messages to. Select 'default' to allow Google to auto-select the nearest region. When using ordered delivery, the selected region must be allowed by message storage policy.""" + + google_auth_method: Annotated[ + Optional[GoogleAuthenticationMethodOptions], + pydantic.Field(alias="googleAuthMethod"), + ] = None + r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" + + service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="serviceAccountCredentials") + ] = None + r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" + + secret: Optional[str] = None + r"""Select or create a stored text secret""" + + batch_size: Annotated[Optional[float], pydantic.Field(alias="batchSize")] = None + r"""The maximum number of items the Google API should batch before it sends them to the topic.""" + + batch_timeout: Annotated[Optional[float], pydantic.Field(alias="batchTimeout")] = ( + None + ) + r"""The maximum amount of time, in milliseconds, that the Google API should wait to send a batch (if the Batch size is not reached).""" + + max_queue_size: Annotated[Optional[float], pydantic.Field(alias="maxQueueSize")] = ( + None + ) + r"""Maximum number of queued batches before blocking.""" + + max_record_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSizeKB") + ] = None + r"""Maximum size (KB) of batches to send.""" + + flush_period: Annotated[Optional[float], pydantic.Field(alias="flushPeriod")] = None + r"""Maximum time to wait before sending a batch (when batch size limit is not reached)""" + + max_in_progress: Annotated[ + Optional[float], pydantic.Field(alias="maxInProgress") + ] = None + r"""The maximum number of in-progress API requests before backpressure is applied.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsGooglePubsub], pydantic.Field(alias="pqControls") + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_topic_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_topicName") + ] = None + r"""Binds 'topicName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicName' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("google_auth_method") + def serialize_google_auth_method(self, value): + if isinstance(value, str): + try: + return models.GoogleAuthenticationMethodOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "createTopic", + "orderedDelivery", + "region", + "googleAuthMethod", + "serviceAccountCredentials", + "secret", + "batchSize", + "batchTimeout", + "maxQueueSize", + "maxRecordSizeKB", + "flushPeriod", + "maxInProgress", + "onBackpressure", + "description", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_topicName", + "__template_region", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeGoogleCloudObservability(str, Enum): + GOOGLE_CLOUD_OBSERVABILITY = "google_cloud_observability" + + +class CreateOutputProtocolGoogleCloudObservability( + str, Enum, metaclass=utils.OpenEnumMeta +): + GRPC = "grpc" + + +class CreateOutputOtlpVersionGoogleCloudObservability( + str, Enum, metaclass=utils.OpenEnumMeta +): + ONE_DOT_3_DOT_1 = "1.3.1" + + +class CreateOutputEndpointGoogleCloudObservability( + str, Enum, metaclass=utils.OpenEnumMeta +): + r"""Fixed Google Cloud Observability gRPC endpoint. All three signals share this transport; the OTLP service path determines whether the call lands on traces, metrics, or logs.""" + + TELEMETRY_GOOGLEAPIS_COM_443 = "telemetry.googleapis.com:443" + + +class CreateOutputGoogleAuthenticationMethod(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Choose Auto to use Google Application Default Credentials (ADC). Choose Secret to select or create a stored secret that references Google service account credentials.""" + + # Auto + AUTO = "auto" + # Secret + SECRET = "secret" + + +class CreateOutputPqControlsGoogleCloudObservabilityTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsGoogleCloudObservability(BaseModel): + pass + + +class CreateOutputOutputGoogleCloudObservabilityTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeGoogleCloudObservability + google_auth_method: CreateOutputGoogleAuthenticationMethod + r"""Choose Auto to use Google Application Default Credentials (ADC). Choose Secret to select or create a stored secret that references Google service account credentials.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + protocol: NotRequired[CreateOutputProtocolGoogleCloudObservability] + otlp_version: NotRequired[CreateOutputOtlpVersionGoogleCloudObservability] + endpoint: NotRequired[CreateOutputEndpointGoogleCloudObservability] + r"""Fixed Google Cloud Observability gRPC endpoint. All three signals share this transport; the OTLP service path determines whether the call lands on traces, metrics, or logs.""" + metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""List of key-value pairs to send with each gRPC request. Value supports JavaScript expressions that are evaluated just once, when the destination gets started. To pass credentials as metadata, use 'C.Secret'.""" + dynamic_headers_enabled: NotRequired[bool] + r"""Batch event data upon dynamic metadata (whether presented or not)""" + dynamic_headers_field: NotRequired[str] + r"""When presented, this field which contains metadata, will be injected into the Destination metadata and used to batch events.""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body sent to Google Cloud Observability""" + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + connection_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + keep_alive_time: NotRequired[float] + r"""How often the sender should ping the peer to keep the connection open""" + tls: NotRequired[TLSSettingsClientSideTypeExtendedTypedDict] + max_payload_events: NotRequired[float] + r"""Max number of events to include in the request body. Default is 0 (unlimited). Use to keep outgoing data points within GCO request limits. For metrics, combine with the OTLP Metrics function batchSize.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + secret: NotRequired[str] + r"""Select or create a stored text secret""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsGoogleCloudObservabilityTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputOutputGoogleCloudObservability(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeGoogleCloudObservability + + google_auth_method: Annotated[ + CreateOutputGoogleAuthenticationMethod, pydantic.Field(alias="googleAuthMethod") + ] + r"""Choose Auto to use Google Application Default Credentials (ADC). Choose Secret to select or create a stored secret that references Google service account credentials.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + protocol: Optional[CreateOutputProtocolGoogleCloudObservability] = None + + otlp_version: Annotated[ + Optional[CreateOutputOtlpVersionGoogleCloudObservability], + pydantic.Field(alias="otlpVersion"), + ] = None + + endpoint: Optional[CreateOutputEndpointGoogleCloudObservability] = None + r"""Fixed Google Cloud Observability gRPC endpoint. All three signals share this transport; the OTLP service path determines whether the call lands on traces, metrics, or logs.""" + + metadata: Optional[List[KeyValueMetadataConfOutputFilesystem]] = None + r"""List of key-value pairs to send with each gRPC request. Value supports JavaScript expressions that are evaluated just once, when the destination gets started. To pass credentials as metadata, use 'C.Secret'.""" + + dynamic_headers_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="dynamicHeadersEnabled") + ] = None + r"""Batch event data upon dynamic metadata (whether presented or not)""" + + dynamic_headers_field: Annotated[ + Optional[str], pydantic.Field(alias="dynamicHeadersField") + ] = None + r"""When presented, this field which contains metadata, will be injected into the Destination metadata and used to batch events.""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body sent to Google Cloud Observability""" + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + + keep_alive_time: Annotated[ + Optional[float], pydantic.Field(alias="keepAliveTime") + ] = None + r"""How often the sender should ping the peer to keep the connection open""" + + tls: Optional[TLSSettingsClientSideTypeExtended] = None + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Max number of events to include in the request body. Default is 0 (unlimited). Use to keep outgoing data points within GCO request limits. For metrics, combine with the OTLP Metrics function batchSize.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + secret: Optional[str] = None + r"""Select or create a stored text secret""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsGoogleCloudObservability], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("protocol") + def serialize_protocol(self, value): + if isinstance(value, str): + try: + return models.CreateOutputProtocolGoogleCloudObservability(value) + except ValueError: + return value + return value + + @field_serializer("otlp_version") + def serialize_otlp_version(self, value): + if isinstance(value, str): + try: + return models.CreateOutputOtlpVersionGoogleCloudObservability(value) + except ValueError: + return value + return value + + @field_serializer("endpoint") + def serialize_endpoint(self, value): + if isinstance(value, str): + try: + return models.CreateOutputEndpointGoogleCloudObservability(value) + except ValueError: + return value + return value + + @field_serializer("google_auth_method") + def serialize_google_auth_method(self, value): + if isinstance(value, str): + try: + return models.CreateOutputGoogleAuthenticationMethod(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "protocol", + "otlpVersion", + "endpoint", + "metadata", + "dynamicHeadersEnabled", + "dynamicHeadersField", + "concurrency", + "maxPayloadSizeKB", + "timeoutSec", + "flushPeriodSec", + "failedRequestLoggingMode", + "connectionTimeout", + "keepAliveTime", + "tls", + "maxPayloadEvents", + "onBackpressure", + "description", + "secret", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeGoogleCloudLogging(str, Enum): + GOOGLE_CLOUD_LOGGING = "google_cloud_logging" + + +class CreateOutputLogLocationType(str, Enum, metaclass=utils.OpenEnumMeta): + # Project + PROJECT = "project" + # Organization + ORGANIZATION = "organization" + # Billing Account + BILLING_ACCOUNT = "billingAccount" + # Folder + FOLDER = "folder" + + +class CreateOutputPayloadFormat(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Format to use when sending payload. Defaults to Text.""" + + # Text + TEXT = "text" + # JSON + JSON = "json" + + +class CreateOutputPqControlsGoogleCloudLoggingTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsGoogleCloudLogging(BaseModel): + pass + + +class CreateOutputOutputGoogleCloudLoggingTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeGoogleCloudLogging + log_location_type: CreateOutputLogLocationType + log_name_expression: str + r"""JavaScript expression to compute the value of the log name. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" + log_location_expression: str + r"""JavaScript expression to compute the value of the folder ID with which log entries should be associated. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + sanitize_log_names: NotRequired[bool] + payload_format: NotRequired[CreateOutputPayloadFormat] + r"""Format to use when sending payload. Defaults to Text.""" + log_labels: NotRequired[List[LogLabelConfOutputGoogleCloudLoggingTypedDict]] + r"""Labels to apply to the log entry""" + resource_type_expression: NotRequired[str] + r"""JavaScript expression to compute the value of the managed resource type field. Must evaluate to one of the valid values [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types). Defaults to \"global\".""" + resource_type_labels: NotRequired[ + List[LogLabelConfOutputGoogleCloudLoggingTypedDict] + ] + r"""Labels to apply to the managed resource. These must correspond to the valid labels for the specified resource type (see [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types)). Otherwise, they will be dropped by Google Cloud Logging.""" + severity_expression: NotRequired[str] + r"""JavaScript expression to compute the value of the severity field. Must evaluate to one of the severity values supported by Google Cloud Logging [here](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logseverity) (case insensitive). Defaults to \"DEFAULT\".""" + insert_id_expression: NotRequired[str] + r"""JavaScript expression to compute the value of the insert ID field.""" + google_auth_method: NotRequired[GoogleAuthenticationMethodOptions] + r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" + service_account_credentials: NotRequired[str] + r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" + secret: NotRequired[str] + r"""Select or create a stored text secret""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body.""" + max_payload_events: NotRequired[float] + r"""Max number of events to include in the request body. Default is 0 (unlimited).""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking.""" + connection_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it.""" + throttle_rate_req_per_sec: NotRequired[int] + r"""Maximum number of requests to limit to per second.""" + request_method_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request method as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + request_url_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request URL as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + request_size_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + status_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request method as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + response_size_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP response size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + user_agent_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request user agent as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + remote_ip_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request remote IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + server_ip_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request server IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + referer_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request referer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + latency_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request latency, formatted as .s (for example, 1.23s). See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + cache_lookup_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request cache lookup as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + cache_hit_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request cache hit as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + cache_validated_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request cache validated with origin server as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + cache_fill_bytes_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request cache fill bytes as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + protocol_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request protocol as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + id_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry operation ID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + producer_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry operation producer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + first_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry operation first flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + last_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry operation last flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + file_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry source location file as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" + line_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry source location line as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" + function_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry source location function as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" + uid_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry log split UID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" + index_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry log split index as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" + total_splits_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry log split total splits as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" + trace_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the REST resource name of the trace being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" + span_id_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the ID of the cloud trace span associated with the current operation in which the log is being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" + trace_sampled_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the the sampling decision of the span associated with the log entry. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + total_memory_limit_kb: NotRequired[float] + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + description: NotRequired[str] + payload_expression: NotRequired[str] + r"""JavaScript expression to compute the value of the payload. Must evaluate to a JavaScript object value. If an invalid value is encountered it will result in the default value instead. Defaults to the entire event.""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsGoogleCloudLoggingTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_log_location_type: NotRequired[str] + r"""Binds 'logLocationType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationType' at runtime.""" + template_log_name_expression: NotRequired[str] + r"""Binds 'logNameExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logNameExpression' at runtime.""" + template_payload_format: NotRequired[str] + r"""Binds 'payloadFormat' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadFormat' at runtime.""" + template_resource_type_expression: NotRequired[str] + r"""Binds 'resourceTypeExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'resourceTypeExpression' at runtime.""" + template_severity_expression: NotRequired[str] + r"""Binds 'severityExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'severityExpression' at runtime.""" + template_insert_id_expression: NotRequired[str] + r"""Binds 'insertIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'insertIdExpression' at runtime.""" + template_trace_expression: NotRequired[str] + r"""Binds 'traceExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceExpression' at runtime.""" + template_span_id_expression: NotRequired[str] + r"""Binds 'spanIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'spanIdExpression' at runtime.""" + template_trace_sampled_expression: NotRequired[str] + r"""Binds 'traceSampledExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceSampledExpression' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_log_location_expression: NotRequired[str] + r"""Binds 'logLocationExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationExpression' at runtime.""" + template_payload_expression: NotRequired[str] + r"""Binds 'payloadExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadExpression' at runtime.""" + + +class CreateOutputOutputGoogleCloudLogging(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeGoogleCloudLogging + + log_location_type: Annotated[ + CreateOutputLogLocationType, pydantic.Field(alias="logLocationType") + ] + + log_name_expression: Annotated[str, pydantic.Field(alias="logNameExpression")] + r"""JavaScript expression to compute the value of the log name. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" + + log_location_expression: Annotated[ + str, pydantic.Field(alias="logLocationExpression") + ] + r"""JavaScript expression to compute the value of the folder ID with which log entries should be associated. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + sanitize_log_names: Annotated[ + Optional[bool], pydantic.Field(alias="sanitizeLogNames") + ] = None + + payload_format: Annotated[ + Optional[CreateOutputPayloadFormat], pydantic.Field(alias="payloadFormat") + ] = None + r"""Format to use when sending payload. Defaults to Text.""" + + log_labels: Annotated[ + Optional[List[LogLabelConfOutputGoogleCloudLogging]], + pydantic.Field(alias="logLabels"), + ] = None + r"""Labels to apply to the log entry""" + + resource_type_expression: Annotated[ + Optional[str], pydantic.Field(alias="resourceTypeExpression") + ] = None + r"""JavaScript expression to compute the value of the managed resource type field. Must evaluate to one of the valid values [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types). Defaults to \"global\".""" + + resource_type_labels: Annotated[ + Optional[List[LogLabelConfOutputGoogleCloudLogging]], + pydantic.Field(alias="resourceTypeLabels"), + ] = None + r"""Labels to apply to the managed resource. These must correspond to the valid labels for the specified resource type (see [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types)). Otherwise, they will be dropped by Google Cloud Logging.""" + + severity_expression: Annotated[ + Optional[str], pydantic.Field(alias="severityExpression") + ] = None + r"""JavaScript expression to compute the value of the severity field. Must evaluate to one of the severity values supported by Google Cloud Logging [here](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logseverity) (case insensitive). Defaults to \"DEFAULT\".""" + + insert_id_expression: Annotated[ + Optional[str], pydantic.Field(alias="insertIdExpression") + ] = None + r"""JavaScript expression to compute the value of the insert ID field.""" + + google_auth_method: Annotated[ + Optional[GoogleAuthenticationMethodOptions], + pydantic.Field(alias="googleAuthMethod"), + ] = None + r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" + + service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="serviceAccountCredentials") + ] = None + r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" + + secret: Optional[str] = None + r"""Select or create a stored text secret""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body.""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Max number of events to include in the request body. Default is 0 (unlimited).""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking.""" + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it.""" + + throttle_rate_req_per_sec: Annotated[ + Optional[int], pydantic.Field(alias="throttleRateReqPerSec") + ] = None + r"""Maximum number of requests to limit to per second.""" + + request_method_expression: Annotated[ + Optional[str], pydantic.Field(alias="requestMethodExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request method as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + request_url_expression: Annotated[ + Optional[str], pydantic.Field(alias="requestUrlExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request URL as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + request_size_expression: Annotated[ + Optional[str], pydantic.Field(alias="requestSizeExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + status_expression: Annotated[ + Optional[str], pydantic.Field(alias="statusExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request method as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + response_size_expression: Annotated[ + Optional[str], pydantic.Field(alias="responseSizeExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP response size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + user_agent_expression: Annotated[ + Optional[str], pydantic.Field(alias="userAgentExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request user agent as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + remote_ip_expression: Annotated[ + Optional[str], pydantic.Field(alias="remoteIpExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request remote IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + server_ip_expression: Annotated[ + Optional[str], pydantic.Field(alias="serverIpExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request server IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + referer_expression: Annotated[ + Optional[str], pydantic.Field(alias="refererExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request referer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + latency_expression: Annotated[ + Optional[str], pydantic.Field(alias="latencyExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request latency, formatted as .s (for example, 1.23s). See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + cache_lookup_expression: Annotated[ + Optional[str], pydantic.Field(alias="cacheLookupExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request cache lookup as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + cache_hit_expression: Annotated[ + Optional[str], pydantic.Field(alias="cacheHitExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request cache hit as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + cache_validated_expression: Annotated[ + Optional[str], pydantic.Field(alias="cacheValidatedExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request cache validated with origin server as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + cache_fill_bytes_expression: Annotated[ + Optional[str], pydantic.Field(alias="cacheFillBytesExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request cache fill bytes as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + protocol_expression: Annotated[ + Optional[str], pydantic.Field(alias="protocolExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request protocol as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + id_expression: Annotated[Optional[str], pydantic.Field(alias="idExpression")] = None + r"""A JavaScript expression that evaluates to the log entry operation ID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + + producer_expression: Annotated[ + Optional[str], pydantic.Field(alias="producerExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry operation producer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + + first_expression: Annotated[ + Optional[str], pydantic.Field(alias="firstExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry operation first flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + + last_expression: Annotated[ + Optional[str], pydantic.Field(alias="lastExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry operation last flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + + file_expression: Annotated[ + Optional[str], pydantic.Field(alias="fileExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry source location file as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" + + line_expression: Annotated[ + Optional[str], pydantic.Field(alias="lineExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry source location line as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" + + function_expression: Annotated[ + Optional[str], pydantic.Field(alias="functionExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry source location function as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" + + uid_expression: Annotated[Optional[str], pydantic.Field(alias="uidExpression")] = ( + None + ) + r"""A JavaScript expression that evaluates to the log entry log split UID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" + + index_expression: Annotated[ + Optional[str], pydantic.Field(alias="indexExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry log split index as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" + + total_splits_expression: Annotated[ + Optional[str], pydantic.Field(alias="totalSplitsExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry log split total splits as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" + + trace_expression: Annotated[ + Optional[str], pydantic.Field(alias="traceExpression") + ] = None + r"""A JavaScript expression that evaluates to the REST resource name of the trace being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" + + span_id_expression: Annotated[ + Optional[str], pydantic.Field(alias="spanIdExpression") + ] = None + r"""A JavaScript expression that evaluates to the ID of the cloud trace span associated with the current operation in which the log is being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" + + trace_sampled_expression: Annotated[ + Optional[str], pydantic.Field(alias="traceSampledExpression") + ] = None + r"""A JavaScript expression that evaluates to the the sampling decision of the span associated with the log entry. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + total_memory_limit_kb: Annotated[ + Optional[float], pydantic.Field(alias="totalMemoryLimitKB") + ] = None + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + + description: Optional[str] = None + + payload_expression: Annotated[ + Optional[str], pydantic.Field(alias="payloadExpression") + ] = None + r"""JavaScript expression to compute the value of the payload. Must evaluate to a JavaScript object value. If an invalid value is encountered it will result in the default value instead. Defaults to the entire event.""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsGoogleCloudLogging], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_log_location_type: Annotated[ + Optional[str], pydantic.Field(alias="__template_logLocationType") + ] = None + r"""Binds 'logLocationType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationType' at runtime.""" + + template_log_name_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_logNameExpression") + ] = None + r"""Binds 'logNameExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logNameExpression' at runtime.""" + + template_payload_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_payloadFormat") + ] = None + r"""Binds 'payloadFormat' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadFormat' at runtime.""" + + template_resource_type_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_resourceTypeExpression") + ] = None + r"""Binds 'resourceTypeExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'resourceTypeExpression' at runtime.""" + + template_severity_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_severityExpression") + ] = None + r"""Binds 'severityExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'severityExpression' at runtime.""" + + template_insert_id_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_insertIdExpression") + ] = None + r"""Binds 'insertIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'insertIdExpression' at runtime.""" + + template_trace_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_traceExpression") + ] = None + r"""Binds 'traceExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceExpression' at runtime.""" + + template_span_id_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_spanIdExpression") + ] = None + r"""Binds 'spanIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'spanIdExpression' at runtime.""" + + template_trace_sampled_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_traceSampledExpression") + ] = None + r"""Binds 'traceSampledExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceSampledExpression' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_log_location_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_logLocationExpression") + ] = None + r"""Binds 'logLocationExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationExpression' at runtime.""" + + template_payload_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_payloadExpression") + ] = None + r"""Binds 'payloadExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadExpression' at runtime.""" + + @field_serializer("log_location_type") + def serialize_log_location_type(self, value): + if isinstance(value, str): + try: + return models.CreateOutputLogLocationType(value) + except ValueError: + return value + return value + + @field_serializer("payload_format") + def serialize_payload_format(self, value): + if isinstance(value, str): + try: + return models.CreateOutputPayloadFormat(value) + except ValueError: + return value + return value + + @field_serializer("google_auth_method") + def serialize_google_auth_method(self, value): + if isinstance(value, str): + try: + return models.GoogleAuthenticationMethodOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "sanitizeLogNames", + "payloadFormat", + "logLabels", + "resourceTypeExpression", + "resourceTypeLabels", + "severityExpression", + "insertIdExpression", + "googleAuthMethod", + "serviceAccountCredentials", + "secret", + "maxPayloadSizeKB", + "maxPayloadEvents", + "flushPeriodSec", + "concurrency", + "connectionTimeout", + "timeoutSec", + "throttleRateReqPerSec", + "requestMethodExpression", + "requestUrlExpression", + "requestSizeExpression", + "statusExpression", + "responseSizeExpression", + "userAgentExpression", + "remoteIpExpression", + "serverIpExpression", + "refererExpression", + "latencyExpression", + "cacheLookupExpression", + "cacheHitExpression", + "cacheValidatedExpression", + "cacheFillBytesExpression", + "protocolExpression", + "idExpression", + "producerExpression", + "firstExpression", + "lastExpression", + "fileExpression", + "lineExpression", + "functionExpression", + "uidExpression", + "indexExpression", + "totalSplitsExpression", + "traceExpression", + "spanIdExpression", + "traceSampledExpression", + "onBackpressure", + "totalMemoryLimitKB", + "description", + "payloadExpression", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_logLocationType", + "__template_logNameExpression", + "__template_payloadFormat", + "__template_resourceTypeExpression", + "__template_severityExpression", + "__template_insertIdExpression", + "__template_traceExpression", + "__template_spanIdExpression", + "__template_traceSampledExpression", + "__template_onBackpressure", + "__template_logLocationExpression", + "__template_payloadExpression", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeGoogleCloudStorage(str, Enum): + GOOGLE_CLOUD_STORAGE = "google_cloud_storage" + + +class CreateOutputAuthenticationMethodGoogleCloudStorage( + str, Enum, metaclass=utils.OpenEnumMeta +): + # auto + AUTO = "auto" + # manual + MANUAL = "manual" + # Secret Key pair + SECRET = "secret" + + +class CreateOutputOutputGoogleCloudStorageTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeGoogleCloudStorage + bucket: str + r"""Name of the destination bucket. This value can be a constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a Global Variable: `myBucket-${C.vars.myVar}`.""" + region: str + r"""Region where the bucket is located""" + endpoint: str + r"""Google Cloud Storage service endpoint""" + stage_path: str + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + aws_authentication_method: NotRequired[ + CreateOutputAuthenticationMethodGoogleCloudStorage + ] + dest_path: NotRequired[str] + r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" + verify_permissions: NotRequired[bool] + r"""Disable if you can access files within the bucket but not the bucket itself""" + object_acl: NotRequired[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol] + r"""Object ACL to assign to uploaded objects""" + storage_class: NotRequired[StorageClassOptionsArchiveColdline] + r"""Storage class to select for uploaded objects""" + reuse_connections: NotRequired[bool] + r"""Reuse connections between requests, which can improve performance""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + add_id_to_stage_path: NotRequired[bool] + r"""Add the Output ID value to staging location""" + remove_empty_dirs: NotRequired[bool] + r"""Remove empty staging directories after moving files""" + partition_expr: NotRequired[str] + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + format_: NotRequired[DataFormatOptions] + r"""Format of the output data""" + base_file_name: NotRequired[str] + r"""JavaScript expression to define the output filename prefix (can be constant)""" + file_name_suffix: NotRequired[str] + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + max_file_size_mb: NotRequired[float] + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + max_file_open_time_sec: NotRequired[float] + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + max_file_idle_time_sec: NotRequired[float] + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + max_open_files: NotRequired[float] + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + header_line: NotRequired[str] + r"""If set, this line will be written to the beginning of each output file""" + write_high_water_mark: NotRequired[float] + r"""Buffer size used to write to a file""" + on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] + r"""How to handle events when all receivers are exerting backpressure""" + deadletter_enabled: NotRequired[bool] + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + force_close_on_shutdown: NotRequired[bool] + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + retry_settings: NotRequired[RetrySettingsTypeTypedDict] + orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] + description: NotRequired[str] + compress: NotRequired[CompressionOptionsHTTP] + r"""Data compression format to apply to HTTP content before it is delivered""" + compression_level: NotRequired[CompressionLevelOptions] + r"""Compression level to apply before moving files to final destination""" + automatic_schema: NotRequired[bool] + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + parquet_schema: NotRequired[str] + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + parquet_version: NotRequired[ParquetVersionOptions] + r"""Determines which data types are supported and how they are represented""" + parquet_data_page_version: NotRequired[DataPageVersionOptions] + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + parquet_row_group_length: NotRequired[float] + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + parquet_page_size: NotRequired[str] + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + should_log_invalid_rows: NotRequired[bool] + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + enable_statistics: NotRequired[bool] + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + enable_write_page_index: NotRequired[bool] + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + enable_page_checksum: NotRequired[bool] + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + empty_dir_cleanup_sec: NotRequired[float] + r"""How frequently, in seconds, to clean up empty directories""" + directory_batch_size: NotRequired[float] + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + deadletter_path: NotRequired[str] + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + max_retry_num: NotRequired[float] + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + aws_api_key: NotRequired[str] + r"""HMAC access key. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" + aws_secret_key: NotRequired[str] + r"""HMAC secret. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" + aws_secret: NotRequired[str] + r"""Select or create a stored secret that references your access key and secret key""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_bucket: NotRequired[str] + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_endpoint: NotRequired[str] + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + template_dest_path: NotRequired[str] + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + template_object_acl: NotRequired[str] + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + template_storage_class: NotRequired[str] + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + template_partition_expr: NotRequired[str] + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_base_file_name: NotRequired[str] + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + template_file_name_suffix: NotRequired[str] + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + template_parquet_schema: NotRequired[str] + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + template_aws_api_key: NotRequired[str] + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + template_aws_secret_key: NotRequired[str] + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + + +class CreateOutputOutputGoogleCloudStorage(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeGoogleCloudStorage + + bucket: str + r"""Name of the destination bucket. This value can be a constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a Global Variable: `myBucket-${C.vars.myVar}`.""" + + region: str + r"""Region where the bucket is located""" + + endpoint: str + r"""Google Cloud Storage service endpoint""" + + stage_path: Annotated[str, pydantic.Field(alias="stagePath")] + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + aws_authentication_method: Annotated[ + Optional[CreateOutputAuthenticationMethodGoogleCloudStorage], + pydantic.Field(alias="awsAuthenticationMethod"), + ] = None + + dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None + r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" + + verify_permissions: Annotated[ + Optional[bool], pydantic.Field(alias="verifyPermissions") + ] = None + r"""Disable if you can access files within the bucket but not the bucket itself""" + + object_acl: Annotated[ + Optional[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol], + pydantic.Field(alias="objectACL"), + ] = None + r"""Object ACL to assign to uploaded objects""" + + storage_class: Annotated[ + Optional[StorageClassOptionsArchiveColdline], + pydantic.Field(alias="storageClass"), + ] = None + r"""Storage class to select for uploaded objects""" + + reuse_connections: Annotated[ + Optional[bool], pydantic.Field(alias="reuseConnections") + ] = None + r"""Reuse connections between requests, which can improve performance""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + + add_id_to_stage_path: Annotated[ + Optional[bool], pydantic.Field(alias="addIdToStagePath") + ] = None + r"""Add the Output ID value to staging location""" + + remove_empty_dirs: Annotated[ + Optional[bool], pydantic.Field(alias="removeEmptyDirs") + ] = None + r"""Remove empty staging directories after moving files""" + + partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( + None + ) + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + + format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( + None + ) + r"""Format of the output data""" + + base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( + None + ) + r"""JavaScript expression to define the output filename prefix (can be constant)""" + + file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="fileNameSuffix") + ] = None + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + + max_file_size_mb: Annotated[ + Optional[float], pydantic.Field(alias="maxFileSizeMB") + ] = None + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + + max_file_open_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") + ] = None + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + + max_file_idle_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") + ] = None + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + + max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( + None + ) + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + + header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None + r"""If set, this line will be written to the beginning of each output file""" + + write_high_water_mark: Annotated[ + Optional[float], pydantic.Field(alias="writeHighWaterMark") + ] = None + r"""Buffer size used to write to a file""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptionsBlockDrop], + pydantic.Field(alias="onBackpressure"), + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + deadletter_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="deadletterEnabled") + ] = None + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + + on_disk_full_backpressure: Annotated[ + Optional[DiskSpaceProtectionOptions], + pydantic.Field(alias="onDiskFullBackpressure"), + ] = None + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + + force_close_on_shutdown: Annotated[ + Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") + ] = None + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + + retry_settings: Annotated[ + Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") + ] = None + + orphans: Optional[OrphanFileRecoveryType] = None + + description: Optional[str] = None + + compress: Optional[CompressionOptionsHTTP] = None + r"""Data compression format to apply to HTTP content before it is delivered""" + + compression_level: Annotated[ + Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") + ] = None + r"""Compression level to apply before moving files to final destination""" + + automatic_schema: Annotated[ + Optional[bool], pydantic.Field(alias="automaticSchema") + ] = None + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + + parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( + None + ) + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + + parquet_version: Annotated[ + Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") + ] = None + r"""Determines which data types are supported and how they are represented""" + + parquet_data_page_version: Annotated[ + Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") + ] = None + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + + parquet_row_group_length: Annotated[ + Optional[float], pydantic.Field(alias="parquetRowGroupLength") + ] = None + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + + parquet_page_size: Annotated[ + Optional[str], pydantic.Field(alias="parquetPageSize") + ] = None + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + + should_log_invalid_rows: Annotated[ + Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") + ] = None + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + + key_value_metadata: Annotated[ + Optional[List[KeyValueMetadataConfOutputFilesystem]], + pydantic.Field(alias="keyValueMetadata"), + ] = None + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + + enable_statistics: Annotated[ + Optional[bool], pydantic.Field(alias="enableStatistics") + ] = None + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + + enable_write_page_index: Annotated[ + Optional[bool], pydantic.Field(alias="enableWritePageIndex") + ] = None + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + + enable_page_checksum: Annotated[ + Optional[bool], pydantic.Field(alias="enablePageChecksum") + ] = None + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + + empty_dir_cleanup_sec: Annotated[ + Optional[float], pydantic.Field(alias="emptyDirCleanupSec") + ] = None + r"""How frequently, in seconds, to clean up empty directories""" + + directory_batch_size: Annotated[ + Optional[float], pydantic.Field(alias="directoryBatchSize") + ] = None + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + + deadletter_path: Annotated[ + Optional[str], pydantic.Field(alias="deadletterPath") + ] = None + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + + max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( + None + ) + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + + aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None + r"""HMAC access key. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" + + aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( + None + ) + r"""HMAC secret. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" + + aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None + r"""Select or create a stored secret that references your access key and secret key""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_bucket: Annotated[ + Optional[str], pydantic.Field(alias="__template_bucket") + ] = None + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_endpoint") + ] = None + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + + template_dest_path: Annotated[ + Optional[str], pydantic.Field(alias="__template_destPath") + ] = None + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + + template_object_acl: Annotated[ + Optional[str], pydantic.Field(alias="__template_objectACL") + ] = None + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + + template_storage_class: Annotated[ + Optional[str], pydantic.Field(alias="__template_storageClass") + ] = None + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + + template_partition_expr: Annotated[ + Optional[str], pydantic.Field(alias="__template_partitionExpr") + ] = None + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_base_file_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_baseFileName") + ] = None + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + + template_file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="__template_fileNameSuffix") + ] = None + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + template_parquet_schema: Annotated[ + Optional[str], pydantic.Field(alias="__template_parquetSchema") + ] = None + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + template_aws_api_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsApiKey") + ] = None + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + template_aws_secret_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsSecretKey") + ] = None + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + + @field_serializer("aws_authentication_method") + def serialize_aws_authentication_method(self, value): + if isinstance(value, str): + try: + return models.CreateOutputAuthenticationMethodGoogleCloudStorage(value) + except ValueError: + return value + return value + + @field_serializer("object_acl") + def serialize_object_acl(self, value): + if isinstance(value, str): + try: + return models.ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol( + value + ) + except ValueError: + return value + return value + + @field_serializer("storage_class") + def serialize_storage_class(self, value): + if isinstance(value, str): + try: + return models.StorageClassOptionsArchiveColdline(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.DataFormatOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptionsBlockDrop(value) + except ValueError: + return value + return value + + @field_serializer("on_disk_full_backpressure") + def serialize_on_disk_full_backpressure(self, value): + if isinstance(value, str): + try: + return models.DiskSpaceProtectionOptions(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsHTTP(value) + except ValueError: + return value + return value + + @field_serializer("compression_level") + def serialize_compression_level(self, value): + if isinstance(value, str): + try: + return models.CompressionLevelOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_version") + def serialize_parquet_version(self, value): + if isinstance(value, str): + try: + return models.ParquetVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_data_page_version") + def serialize_parquet_data_page_version(self, value): + if isinstance(value, str): + try: + return models.DataPageVersionOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "awsAuthenticationMethod", + "destPath", + "verifyPermissions", + "objectACL", + "storageClass", + "reuseConnections", + "rejectUnauthorized", + "addIdToStagePath", + "removeEmptyDirs", + "partitionExpr", + "format", + "baseFileName", + "fileNameSuffix", + "maxFileSizeMB", + "maxFileOpenTimeSec", + "maxFileIdleTimeSec", + "maxOpenFiles", + "headerLine", + "writeHighWaterMark", + "onBackpressure", + "deadletterEnabled", + "onDiskFullBackpressure", + "forceCloseOnShutdown", + "retrySettings", + "orphans", + "description", + "compress", + "compressionLevel", + "automaticSchema", + "parquetSchema", + "parquetVersion", + "parquetDataPageVersion", + "parquetRowGroupLength", + "parquetPageSize", + "shouldLogInvalidRows", + "keyValueMetadata", + "enableStatistics", + "enableWritePageIndex", + "enablePageChecksum", + "emptyDirCleanupSec", + "directoryBatchSize", + "deadletterPath", + "maxRetryNum", + "awsApiKey", + "awsSecretKey", + "awsSecret", + "__template_streamtags", + "__template_bucket", + "__template_region", + "__template_endpoint", + "__template_destPath", + "__template_objectACL", + "__template_storageClass", + "__template_partitionExpr", + "__template_format", + "__template_baseFileName", + "__template_fileNameSuffix", + "__template_onBackpressure", + "__template_compress", + "__template_parquetSchema", + "__template_awsApiKey", + "__template_awsSecretKey", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeGoogleChronicle(str, Enum): + GOOGLE_CHRONICLE = "google_chronicle" + + +class CreateOutputAPIVersion(str, Enum, metaclass=utils.OpenEnumMeta): + # V1 + V1 = "v1" + # V2 + V2 = "v2" + + +class CreateOutputAuthenticationMethodGoogleChronicle( + str, Enum, metaclass=utils.OpenEnumMeta +): + # API key + MANUAL = "manual" + # API key secret + SECRET = "secret" + # Service account credentials + SERVICE_ACCOUNT = "serviceAccount" + # Service account credentials secret + SERVICE_ACCOUNT_SECRET = "serviceAccountSecret" + + +class CreateOutputSendEventsAs(str, Enum, metaclass=utils.OpenEnumMeta): + # Unstructured + UNSTRUCTURED = "unstructured" + # UDM + UDM = "udm" + + +class CreateOutputExtraLogTypeTypedDict(TypedDict): + log_type: str + description: NotRequired[str] + + +class CreateOutputExtraLogType(BaseModel): + log_type: Annotated[str, pydantic.Field(alias="logType")] + + description: Optional[str] = None + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["description"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputUDMType(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Defines the specific format for UDM events sent to Google SecOps. This must match the type of UDM data being sent.""" + + ENTITIES = "entities" + LOGS = "logs" + + +class CreateOutputPqControlsGoogleChronicleTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsGoogleChronicle(BaseModel): + pass + + +class CreateOutputOutputGoogleChronicleTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeGoogleChronicle + log_format_type: CreateOutputSendEventsAs + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + api_version: NotRequired[CreateOutputAPIVersion] + authentication_method: NotRequired[CreateOutputAuthenticationMethodGoogleChronicle] + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + region: NotRequired[str] + r"""Regional endpoint to send events to""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + total_memory_limit_kb: NotRequired[float] + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + description: NotRequired[str] + extra_log_types: NotRequired[List[CreateOutputExtraLogTypeTypedDict]] + r"""Custom log types. If the value \"Custom\" is selected in the setting \"Default log type\" above, the first custom log type in this table will be automatically selected as default log type.""" + log_type: NotRequired[str] + r"""Default log type value to send to SecOps. Can be overwritten by event field __logType.""" + log_text_field: NotRequired[str] + r"""Name of the event field that contains the log text to send. If not specified, Stream sends a JSON representation of the whole event.""" + customer_id: NotRequired[str] + r"""A unique identifier (UUID) for your Google SecOps instance. This is provided by your Google representative and is required for API V2 authentication.""" + namespace: NotRequired[str] + r"""User-configured environment namespace to identify the data domain the logs originated from. Use namespace as a tag to identify the appropriate data domain for indexing and enrichment functionality. Can be overwritten by event field __namespace.""" + custom_labels: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""Custom labels to be added to every batch""" + udm_type: NotRequired[CreateOutputUDMType] + r"""Defines the specific format for UDM events sent to Google SecOps. This must match the type of UDM data being sent.""" + api_key: NotRequired[str] + r"""Organization's API key in Google SecOps""" + api_key_secret: NotRequired[str] + r"""Select or create a stored text secret""" + service_account_credentials: NotRequired[str] + r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" + service_account_credentials_secret: NotRequired[str] + r"""Select or create a stored text secret""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsGoogleChronicleTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_api_version: NotRequired[str] + r"""Binds 'apiVersion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'apiVersion' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_customer_id: NotRequired[str] + r"""Binds 'customerId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customerId' at runtime.""" + + +class CreateOutputOutputGoogleChronicle(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeGoogleChronicle + + log_format_type: Annotated[ + CreateOutputSendEventsAs, pydantic.Field(alias="logFormatType") + ] + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + api_version: Annotated[ + Optional[CreateOutputAPIVersion], pydantic.Field(alias="apiVersion") + ] = None + + authentication_method: Annotated[ + Optional[CreateOutputAuthenticationMethodGoogleChronicle], + pydantic.Field(alias="authenticationMethod"), + ] = None + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + region: Optional[str] = None + r"""Regional endpoint to send events to""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + total_memory_limit_kb: Annotated[ + Optional[float], pydantic.Field(alias="totalMemoryLimitKB") + ] = None + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + + description: Optional[str] = None + + extra_log_types: Annotated[ + Optional[List[CreateOutputExtraLogType]], pydantic.Field(alias="extraLogTypes") + ] = None + r"""Custom log types. If the value \"Custom\" is selected in the setting \"Default log type\" above, the first custom log type in this table will be automatically selected as default log type.""" + + log_type: Annotated[Optional[str], pydantic.Field(alias="logType")] = None + r"""Default log type value to send to SecOps. Can be overwritten by event field __logType.""" + + log_text_field: Annotated[Optional[str], pydantic.Field(alias="logTextField")] = ( + None + ) + r"""Name of the event field that contains the log text to send. If not specified, Stream sends a JSON representation of the whole event.""" + + customer_id: Annotated[Optional[str], pydantic.Field(alias="customerId")] = None + r"""A unique identifier (UUID) for your Google SecOps instance. This is provided by your Google representative and is required for API V2 authentication.""" + + namespace: Optional[str] = None + r"""User-configured environment namespace to identify the data domain the logs originated from. Use namespace as a tag to identify the appropriate data domain for indexing and enrichment functionality. Can be overwritten by event field __namespace.""" + + custom_labels: Annotated[ + Optional[List[KeyValueMetadataConfOutputFilesystem]], + pydantic.Field(alias="customLabels"), + ] = None + r"""Custom labels to be added to every batch""" + + udm_type: Annotated[ + Optional[CreateOutputUDMType], pydantic.Field(alias="udmType") + ] = None + r"""Defines the specific format for UDM events sent to Google SecOps. This must match the type of UDM data being sent.""" + + api_key: Annotated[Optional[str], pydantic.Field(alias="apiKey")] = None + r"""Organization's API key in Google SecOps""" + + api_key_secret: Annotated[Optional[str], pydantic.Field(alias="apiKeySecret")] = ( + None + ) + r"""Select or create a stored text secret""" + + service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="serviceAccountCredentials") + ] = None + r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" + + service_account_credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="serviceAccountCredentialsSecret") + ] = None + r"""Select or create a stored text secret""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsGoogleChronicle], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_api_version: Annotated[ + Optional[str], pydantic.Field(alias="__template_apiVersion") + ] = None + r"""Binds 'apiVersion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'apiVersion' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_customer_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_customerId") + ] = None + r"""Binds 'customerId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customerId' at runtime.""" + + @field_serializer("api_version") + def serialize_api_version(self, value): + if isinstance(value, str): + try: + return models.CreateOutputAPIVersion(value) + except ValueError: + return value + return value + + @field_serializer("authentication_method") + def serialize_authentication_method(self, value): + if isinstance(value, str): + try: + return models.CreateOutputAuthenticationMethodGoogleChronicle(value) + except ValueError: + return value + return value + + @field_serializer("log_format_type") + def serialize_log_format_type(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSendEventsAs(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("udm_type") + def serialize_udm_type(self, value): + if isinstance(value, str): + try: + return models.CreateOutputUDMType(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "apiVersion", + "authenticationMethod", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "region", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "failedRequestLoggingMode", + "safeHeaders", + "useRoundRobinDns", + "onBackpressure", + "totalMemoryLimitKB", + "description", + "extraLogTypes", + "logType", + "logTextField", + "customerId", + "namespace", + "customLabels", + "udmType", + "apiKey", + "apiKeySecret", + "serviceAccountCredentials", + "serviceAccountCredentialsSecret", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_apiVersion", + "__template_region", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_customerId", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeAzureEventhub(str, Enum): + AZURE_EVENTHUB = "azure_eventhub" + + +class CreateOutputPqControlsAzureEventhubTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsAzureEventhub(BaseModel): + pass + + +class CreateOutputOutputAzureEventhubTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeAzureEventhub + brokers: List[str] + r"""List of Event Hubs Kafka brokers to connect to, eg. yourdomain.servicebus.windows.net:9093. The hostname can be found in the host portion of the primary or secondary connection string in Shared Access Policies.""" + topic: str + r"""The name of the Event Hub (Kafka Topic) to publish events. Can be overwritten using field __topicOut.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + ack: NotRequired[AcknowledgmentsOptions] + r"""Control the number of required acknowledgments""" + format_: NotRequired[RecordDataFormatOptions] + r"""Format to use to serialize events before writing to the Event Hubs Kafka brokers""" + max_record_size_kb: NotRequired[float] + r"""Maximum size of each record batch before compression. Setting should be < message.max.bytes settings in Event Hubs brokers.""" + flush_event_count: NotRequired[float] + r"""Maximum number of events in a batch before forcing a flush""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + connection_timeout: NotRequired[float] + r"""Maximum time to wait for a connection to complete successfully""" + request_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to a request""" + max_retries: NotRequired[float] + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + max_back_off: NotRequired[float] + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + initial_backoff: NotRequired[float] + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + backoff_rate: NotRequired[float] + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + authentication_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to an authentication request""" + reauthentication_threshold: NotRequired[float] + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + sasl: NotRequired[AuthenticationTypeUseTypedDict] + r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" + tls: NotRequired[TLSSettingsClientSideTypeTypedDict] + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsAzureEventhubTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_brokers: NotRequired[str] + r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" + template_topic: NotRequired[str] + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputOutputAzureEventhub(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeAzureEventhub + + brokers: List[str] + r"""List of Event Hubs Kafka brokers to connect to, eg. yourdomain.servicebus.windows.net:9093. The hostname can be found in the host portion of the primary or secondary connection string in Shared Access Policies.""" + + topic: str + r"""The name of the Event Hub (Kafka Topic) to publish events. Can be overwritten using field __topicOut.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + ack: Optional[AcknowledgmentsOptions] = None + r"""Control the number of required acknowledgments""" + + format_: Annotated[ + Optional[RecordDataFormatOptions], pydantic.Field(alias="format") + ] = None + r"""Format to use to serialize events before writing to the Event Hubs Kafka brokers""" + + max_record_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSizeKB") + ] = None + r"""Maximum size of each record batch before compression. Setting should be < message.max.bytes settings in Event Hubs brokers.""" + + flush_event_count: Annotated[ + Optional[float], pydantic.Field(alias="flushEventCount") + ] = None + r"""Maximum number of events in a batch before forcing a flush""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Maximum time to wait for a connection to complete successfully""" + + request_timeout: Annotated[ + Optional[float], pydantic.Field(alias="requestTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to a request""" + + max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + + max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + + initial_backoff: Annotated[ + Optional[float], pydantic.Field(alias="initialBackoff") + ] = None + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + + backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + + authentication_timeout: Annotated[ + Optional[float], pydantic.Field(alias="authenticationTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to an authentication request""" + + reauthentication_threshold: Annotated[ + Optional[float], pydantic.Field(alias="reauthenticationThreshold") + ] = None + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + + sasl: Optional[AuthenticationTypeUse] = None + r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" + + tls: Optional[TLSSettingsClientSideType] = None + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsAzureEventhub], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_brokers: Annotated[ + Optional[str], pydantic.Field(alias="__template_brokers") + ] = None + r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" + + template_topic: Annotated[ + Optional[str], pydantic.Field(alias="__template_topic") + ] = None + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("ack") + def serialize_ack(self, value): + if isinstance(value, str): + try: + return models.AcknowledgmentsOptions(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.RecordDataFormatOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "ack", + "format", + "maxRecordSizeKB", + "flushEventCount", + "flushPeriodSec", + "connectionTimeout", + "requestTimeout", + "maxRetries", + "maxBackOff", + "initialBackoff", + "backoffRate", + "authenticationTimeout", + "reauthenticationThreshold", + "sasl", + "tls", + "onBackpressure", + "description", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_brokers", + "__template_topic", + "__template_format", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeHoneycomb(str, Enum): + HONEYCOMB = "honeycomb" + + +class CreateOutputPqControlsHoneycombTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsHoneycomb(BaseModel): + pass + + +class CreateOutputOutputHoneycombTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeHoneycomb + dataset: str + r"""Name of the dataset to send events to – e.g., observability""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[AuthenticationMethodOptionsAPI] + r"""Enter API key directly, or select a stored secret""" + description: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsHoneycombTypedDict] + team: NotRequired[str] + r"""Team API key where the dataset belongs""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputOutputHoneycomb(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeHoneycomb + + dataset: str + r"""Name of the dataset to send events to – e.g., observability""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAPI], pydantic.Field(alias="authType") + ] = None + r"""Enter API key directly, or select a stored secret""" + + description: Optional[str] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsHoneycomb], pydantic.Field(alias="pqControls") + ] = None + + team: Optional[str] = None + r"""Team API key where the dataset belongs""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAPI(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "authType", + "description", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "team", + "textSecret", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeKinesis(str, Enum): + KINESIS = "kinesis" + + +class CreateOutputCompression(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Compression type to use for records""" + + # None + NONE = "none" + # Gzip + GZIP = "gzip" + + +class CreateOutputPqControlsKinesisTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsKinesis(BaseModel): + pass + + +class CreateOutputOutputKinesisTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeKinesis + stream_name: str + r"""Kinesis stream name to send events to.""" + region: str + r"""Region where the Kinesis stream is located""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] + r"""AWS authentication method. Choose Auto to use IAM roles.""" + aws_secret_key: NotRequired[str] + endpoint: NotRequired[str] + r"""Kinesis stream service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to Kinesis stream-compatible endpoint.""" + reuse_connections: NotRequired[bool] + r"""Reuse connections between requests, which can improve performance""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + enable_assume_role: NotRequired[bool] + r"""Use Assume Role credentials to access Kinesis stream""" + assume_role_arn: NotRequired[str] + r"""Amazon Resource Name (ARN) of the role to assume""" + assume_role_external_id: NotRequired[str] + r"""External ID to use when assuming role""" + duration_seconds: NotRequired[float] + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing put requests before blocking.""" + max_record_size_kb: NotRequired[float] + r"""Maximum size (KB) of each individual record before compression. For uncompressed or non-compressible data 1MB is the max recommended size""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + compression: NotRequired[CreateOutputCompression] + r"""Compression type to use for records""" + use_list_shards: NotRequired[bool] + r"""Provides higher stream rate limits, improving delivery speed and reliability by minimizing throttling. See the [ListShards API](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_ListShards.html) documentation for details.""" + as_ndjson: NotRequired[bool] + r"""Batch events into a single record as NDJSON""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + aws_api_key: NotRequired[str] + aws_secret: NotRequired[str] + r"""Select or create a stored secret that references your access key and secret key""" + max_events_per_flush: NotRequired[float] + r"""Maximum number of records to send in a single request""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsKinesisTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_stream_name: NotRequired[str] + r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" + template_aws_secret_key: NotRequired[str] + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_endpoint: NotRequired[str] + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + template_assume_role_arn: NotRequired[str] + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + template_assume_role_external_id: NotRequired[str] + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_aws_api_key: NotRequired[str] + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + +class CreateOutputOutputKinesis(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeKinesis + + stream_name: Annotated[str, pydantic.Field(alias="streamName")] + r"""Kinesis stream name to send events to.""" + + region: str + r"""Region where the Kinesis stream is located""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + aws_authentication_method: Annotated[ + Optional[AuthenticationMethodOptionsS3CollectorConf], + pydantic.Field(alias="awsAuthenticationMethod"), + ] = None + r"""AWS authentication method. Choose Auto to use IAM roles.""" + + aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( + None + ) + + endpoint: Optional[str] = None + r"""Kinesis stream service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to Kinesis stream-compatible endpoint.""" + + reuse_connections: Annotated[ + Optional[bool], pydantic.Field(alias="reuseConnections") + ] = None + r"""Reuse connections between requests, which can improve performance""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + + enable_assume_role: Annotated[ + Optional[bool], pydantic.Field(alias="enableAssumeRole") + ] = None + r"""Use Assume Role credentials to access Kinesis stream""" + + assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( + None + ) + r"""Amazon Resource Name (ARN) of the role to assume""" + + assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="assumeRoleExternalId") + ] = None + r"""External ID to use when assuming role""" + + duration_seconds: Annotated[ + Optional[float], pydantic.Field(alias="durationSeconds") + ] = None + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing put requests before blocking.""" + + max_record_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSizeKB") + ] = None + r"""Maximum size (KB) of each individual record before compression. For uncompressed or non-compressible data 1MB is the max recommended size""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + + compression: Optional[CreateOutputCompression] = None + r"""Compression type to use for records""" + + use_list_shards: Annotated[ + Optional[bool], pydantic.Field(alias="useListShards") + ] = None + r"""Provides higher stream rate limits, improving delivery speed and reliability by minimizing throttling. See the [ListShards API](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_ListShards.html) documentation for details.""" + + as_ndjson: Annotated[Optional[bool], pydantic.Field(alias="asNdjson")] = None + r"""Batch events into a single record as NDJSON""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None + + aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None + r"""Select or create a stored secret that references your access key and secret key""" + + max_events_per_flush: Annotated[ + Optional[float], pydantic.Field(alias="maxEventsPerFlush") + ] = None + r"""Maximum number of records to send in a single request""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsKinesis], pydantic.Field(alias="pqControls") + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_stream_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamName") + ] = None + r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" + + template_aws_secret_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsSecretKey") + ] = None + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_endpoint") + ] = None + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + + template_assume_role_arn: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleArn") + ] = None + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + + template_assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") + ] = None + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_aws_api_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsApiKey") + ] = None + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + @field_serializer("aws_authentication_method") + def serialize_aws_authentication_method(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsS3CollectorConf(value) + except ValueError: + return value + return value + + @field_serializer("compression") + def serialize_compression(self, value): + if isinstance(value, str): + try: + return models.CreateOutputCompression(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "awsAuthenticationMethod", + "awsSecretKey", + "endpoint", + "reuseConnections", + "rejectUnauthorized", + "enableAssumeRole", + "assumeRoleArn", + "assumeRoleExternalId", + "durationSeconds", + "concurrency", + "maxRecordSizeKB", + "flushPeriodSec", + "compression", + "useListShards", + "asNdjson", + "onBackpressure", + "description", + "awsApiKey", + "awsSecret", + "maxEventsPerFlush", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_streamName", + "__template_awsSecretKey", + "__template_region", + "__template_endpoint", + "__template_assumeRoleArn", + "__template_assumeRoleExternalId", + "__template_onBackpressure", + "__template_awsApiKey", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeAzureLogs(str, Enum): + AZURE_LOGS = "azure_logs" + + +class CreateOutputAuthenticationMethodAzureLogs( + str, Enum, metaclass=utils.OpenEnumMeta +): + r"""Enter workspace ID and workspace key directly, or select a stored secret""" + + MANUAL = "manual" + SECRET = "secret" + + +class CreateOutputPqControlsAzureLogsTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsAzureLogs(BaseModel): + pass + + +class CreateOutputOutputAzureLogsTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeAzureLogs + log_type: str + r"""The Log Type of events sent to this LogAnalytics workspace. Defaults to `Cribl`. Use only letters, numbers, and `_` characters, and can't exceed 100 characters. Can be overwritten by event field __logType.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + resource_id: NotRequired[str] + r"""Optional Resource ID of the Azure resource to associate the data with. Can be overridden by the __resourceId event field. This ID populates the _ResourceId property, allowing the data to be included in resource-centric queries. If the ID is neither specified nor overridden, resource-centric queries will omit the data.""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + api_url: NotRequired[str] + r"""The DNS name of the Log API endpoint that sends log data to a Log Analytics workspace in Azure Monitor. Defaults to .ods.opinsights.azure.com. @{product} will add a prefix and suffix to construct a URI in this format: /api/logs?api-version=.""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[CreateOutputAuthenticationMethodAzureLogs] + r"""Enter workspace ID and workspace key directly, or select a stored secret""" + description: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsAzureLogsTypedDict] + workspace_id: NotRequired[str] + r"""Azure Log Analytics Workspace ID. See Azure Dashboard Workspace > Advanced settings.""" + workspace_key: NotRequired[str] + r"""Azure Log Analytics Workspace Primary or Secondary Shared Key. See Azure Dashboard Workspace > Advanced settings.""" + keypair_secret: NotRequired[str] + r"""Select or create a stored secret that references your access key and secret key""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_workspace_id: NotRequired[str] + r"""Binds 'workspaceId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceId' at runtime.""" + template_workspace_key: NotRequired[str] + r"""Binds 'workspaceKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceKey' at runtime.""" + + +class CreateOutputOutputAzureLogs(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeAzureLogs + + log_type: Annotated[str, pydantic.Field(alias="logType")] + r"""The Log Type of events sent to this LogAnalytics workspace. Defaults to `Cribl`. Use only letters, numbers, and `_` characters, and can't exceed 100 characters. Can be overwritten by event field __logType.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + resource_id: Annotated[Optional[str], pydantic.Field(alias="resourceId")] = None + r"""Optional Resource ID of the Azure resource to associate the data with. Can be overridden by the __resourceId event field. This ID populates the _ResourceId property, allowing the data to be included in resource-centric queries. If the ID is neither specified nor overridden, resource-centric queries will omit the data.""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + api_url: Annotated[Optional[str], pydantic.Field(alias="apiUrl")] = None + r"""The DNS name of the Log API endpoint that sends log data to a Log Analytics workspace in Azure Monitor. Defaults to .ods.opinsights.azure.com. @{product} will add a prefix and suffix to construct a URI in this format: /api/logs?api-version=.""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[CreateOutputAuthenticationMethodAzureLogs], + pydantic.Field(alias="authType"), + ] = None + r"""Enter workspace ID and workspace key directly, or select a stored secret""" + + description: Optional[str] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsAzureLogs], pydantic.Field(alias="pqControls") + ] = None + + workspace_id: Annotated[Optional[str], pydantic.Field(alias="workspaceId")] = None + r"""Azure Log Analytics Workspace ID. See Azure Dashboard Workspace > Advanced settings.""" + + workspace_key: Annotated[Optional[str], pydantic.Field(alias="workspaceKey")] = None + r"""Azure Log Analytics Workspace Primary or Secondary Shared Key. See Azure Dashboard Workspace > Advanced settings.""" + + keypair_secret: Annotated[Optional[str], pydantic.Field(alias="keypairSecret")] = ( + None + ) + r"""Select or create a stored secret that references your access key and secret key""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_workspace_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_workspaceId") + ] = None + r"""Binds 'workspaceId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceId' at runtime.""" + + template_workspace_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_workspaceKey") + ] = None + r"""Binds 'workspaceKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceKey' at runtime.""" + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.CreateOutputAuthenticationMethodAzureLogs(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "resourceId", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "apiUrl", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "authType", + "description", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "workspaceId", + "workspaceKey", + "keypairSecret", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_workspaceId", + "__template_workspaceKey", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeAzureDataExplorer(str, Enum): + AZURE_DATA_EXPLORER = "azure_data_explorer" + + +class CreateOutputIngestionMode(str, Enum, metaclass=utils.OpenEnumMeta): + # Batching + BATCHING = "batching" + # Streaming + STREAMING = "streaming" + + +class CreateOutputAuthenticationMethodAzureDataExplorer( + str, Enum, metaclass=utils.OpenEnumMeta +): + r"""The type of OAuth 2.0 client credentials grant flow to use""" + + # Client secret + CLIENT_SECRET = "clientSecret" + # Client secret (text secret) + CLIENT_TEXT_SECRET = "clientTextSecret" + # Certificate + CERTIFICATE = "certificate" + + +class CreateOutputCertificateTypedDict(TypedDict): + certificate_name: NotRequired[str] + r"""The certificate you registered as credentials for your app in the Azure portal""" + + +class CreateOutputCertificate(BaseModel): + certificate_name: Annotated[ + Optional[str], pydantic.Field(alias="certificateName") + ] = None + r"""The certificate you registered as credentials for your app in the Azure portal""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["certificateName"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputPrefixOptional(str, Enum, metaclass=utils.OpenEnumMeta): + # drop-by + DROP_BY = "dropBy" + # ingest-by + INGEST_BY = "ingestBy" + + +class CreateOutputExtentTagTypedDict(TypedDict): + value: str + prefix: NotRequired[CreateOutputPrefixOptional] + + +class CreateOutputExtentTag(BaseModel): + value: str + + prefix: Optional[CreateOutputPrefixOptional] = None + + @field_serializer("prefix") + def serialize_prefix(self, value): + if isinstance(value, str): + try: + return models.CreateOutputPrefixOptional(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["prefix"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputIngestIfNotExistTypedDict(TypedDict): + value: str + + +class CreateOutputIngestIfNotExist(BaseModel): + value: str + + +class CreateOutputReportLevel(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Level of ingestion status reporting. Defaults to FailuresOnly.""" + + # FailuresOnly + FAILURES_ONLY = "failuresOnly" + # DoNotReport + DO_NOT_REPORT = "doNotReport" + # FailuresAndSuccesses + FAILURES_AND_SUCCESSES = "failuresAndSuccesses" + + +class CreateOutputReportMethod(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Target of the ingestion status reporting. Defaults to Queue.""" + + # Queue + QUEUE = "queue" + # Table + TABLE = "table" + # QueueAndTable + QUEUE_AND_TABLE = "queueAndTable" + + +class CreateOutputAdditionalPropertyTypedDict(TypedDict): + key: str + value: str + + +class CreateOutputAdditionalProperty(BaseModel): + key: str + + value: str + + +class CreateOutputPqControlsAzureDataExplorerTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsAzureDataExplorer(BaseModel): + pass + + +class CreateOutputOutputAzureDataExplorerTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeAzureDataExplorer + cluster_url: str + r"""The base URI for your cluster. Typically, `https://..kusto.windows.net`.""" + database: str + r"""Name of the database containing the table where data will be ingested""" + table: str + r"""Name of the table to ingest data into""" + oauth_endpoint: MicrosoftEntraIDAuthenticationEndpointOptionsSasl + r"""Endpoint used to acquire authentication tokens from Azure""" + tenant_id: str + r"""Directory ID (tenant identifier) in Azure Active Directory""" + client_id: str + r"""client_id to pass in the OAuth request parameter""" + scope: str + r"""Scope to pass in the OAuth request parameter""" + oauth_type: CreateOutputAuthenticationMethodAzureDataExplorer + r"""The type of OAuth 2.0 client credentials grant flow to use""" + compress: CompressionOptionsHTTP + r"""Data compression format to apply to HTTP content before it is delivered""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + validate_database_settings: NotRequired[bool] + r"""When saving or starting the Destination, validate the database name and credentials; also validate table name, except when creating a new table. Disable if your Azure app does not have both the Database Viewer and the Table Viewer role.""" + ingest_mode: NotRequired[CreateOutputIngestionMode] + description: NotRequired[str] + client_secret: NotRequired[str] + r"""The client secret that you generated for your app in the Azure portal""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + certificate: NotRequired[CreateOutputCertificateTypedDict] + format_: NotRequired[DataFormatOptions] + r"""Format of the output data""" + compression_level: NotRequired[CompressionLevelOptions] + r"""Compression level to apply before moving files to final destination""" + automatic_schema: NotRequired[bool] + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + parquet_schema: NotRequired[str] + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + parquet_version: NotRequired[ParquetVersionOptions] + r"""Determines which data types are supported and how they are represented""" + parquet_data_page_version: NotRequired[DataPageVersionOptions] + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + parquet_row_group_length: NotRequired[float] + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + parquet_page_size: NotRequired[str] + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + should_log_invalid_rows: NotRequired[bool] + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + enable_statistics: NotRequired[bool] + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + enable_write_page_index: NotRequired[bool] + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + enable_page_checksum: NotRequired[bool] + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + remove_empty_dirs: NotRequired[bool] + r"""Remove empty staging directories after moving files""" + empty_dir_cleanup_sec: NotRequired[float] + r"""How frequently, in seconds, to clean up empty directories""" + directory_batch_size: NotRequired[float] + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + deadletter_enabled: NotRequired[bool] + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + deadletter_path: NotRequired[str] + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + max_retry_num: NotRequired[float] + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + is_mapping_obj: NotRequired[bool] + r"""Send a JSON mapping object instead of specifying an existing named data mapping""" + mapping_obj: NotRequired[str] + r"""Enter a JSON object that defines your desired data mapping""" + mapping_ref: NotRequired[str] + r"""Enter the name of a data mapping associated with your target table. Or, if incoming event and target table fields match exactly, you can leave the field empty.""" + ingest_url: NotRequired[str] + r"""The ingestion service URI for your cluster. Typically, `https://ingest-..kusto.windows.net`.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + stage_path: NotRequired[str] + r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" + file_name_suffix: NotRequired[str] + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + max_file_size_mb: NotRequired[float] + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + max_file_open_time_sec: NotRequired[float] + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + max_file_idle_time_sec: NotRequired[float] + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + max_open_files: NotRequired[float] + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + max_concurrent_file_parts: NotRequired[float] + r"""Maximum number of parts to upload in parallel per file""" + on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + add_id_to_stage_path: NotRequired[bool] + r"""Add the Output ID value to staging location""" + retry_settings: NotRequired[RetrySettingsTypeTypedDict] + orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_immediately: NotRequired[bool] + r"""Bypass the data management service's aggregation mechanism""" + retain_blob_on_success: NotRequired[bool] + r"""Prevent blob deletion after ingestion is complete""" + extent_tags: NotRequired[List[CreateOutputExtentTagTypedDict]] + r"""Strings or tags associated with the extent (ingested data shard)""" + ingest_if_not_exists: NotRequired[List[CreateOutputIngestIfNotExistTypedDict]] + r"""Prevents duplicate ingestion by verifying whether an extent with the specified ingest-by tag already exists""" + report_level: NotRequired[CreateOutputReportLevel] + r"""Level of ingestion status reporting. Defaults to FailuresOnly.""" + report_method: NotRequired[CreateOutputReportMethod] + r"""Target of the ingestion status reporting. Defaults to Queue.""" + additional_properties: NotRequired[List[CreateOutputAdditionalPropertyTypedDict]] + r"""Optionally, enter additional configuration properties to send to the ingestion service""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + keep_alive: NotRequired[bool] + r"""Disable to close the connection immediately after sending the outgoing request""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsAzureDataExplorerTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_cluster_url: NotRequired[str] + r"""Binds 'clusterUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clusterUrl' at runtime.""" + template_database: NotRequired[str] + r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" + template_table: NotRequired[str] + r"""Binds 'table' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'table' at runtime.""" + template_oauth_endpoint: NotRequired[str] + r"""Binds 'oauthEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'oauthEndpoint' at runtime.""" + template_tenant_id: NotRequired[str] + r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" + template_client_id: NotRequired[str] + r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" + template_scope: NotRequired[str] + r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" + template_client_secret: NotRequired[str] + r"""Binds 'clientSecret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecret' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + template_parquet_schema: NotRequired[str] + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + template_mapping_ref: NotRequired[str] + r"""Binds 'mappingRef' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'mappingRef' at runtime.""" + template_ingest_url: NotRequired[str] + r"""Binds 'ingestUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'ingestUrl' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_file_name_suffix: NotRequired[str] + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + + +class CreateOutputOutputAzureDataExplorer(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeAzureDataExplorer + + cluster_url: Annotated[str, pydantic.Field(alias="clusterUrl")] + r"""The base URI for your cluster. Typically, `https://..kusto.windows.net`.""" + + database: str + r"""Name of the database containing the table where data will be ingested""" + + table: str + r"""Name of the table to ingest data into""" + + oauth_endpoint: Annotated[ + MicrosoftEntraIDAuthenticationEndpointOptionsSasl, + pydantic.Field(alias="oauthEndpoint"), + ] + r"""Endpoint used to acquire authentication tokens from Azure""" + + tenant_id: Annotated[str, pydantic.Field(alias="tenantId")] + r"""Directory ID (tenant identifier) in Azure Active Directory""" + + client_id: Annotated[str, pydantic.Field(alias="clientId")] + r"""client_id to pass in the OAuth request parameter""" + + scope: str + r"""Scope to pass in the OAuth request parameter""" + + oauth_type: Annotated[ + CreateOutputAuthenticationMethodAzureDataExplorer, + pydantic.Field(alias="oauthType"), + ] + r"""The type of OAuth 2.0 client credentials grant flow to use""" + + compress: CompressionOptionsHTTP + r"""Data compression format to apply to HTTP content before it is delivered""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + validate_database_settings: Annotated[ + Optional[bool], pydantic.Field(alias="validateDatabaseSettings") + ] = None + r"""When saving or starting the Destination, validate the database name and credentials; also validate table name, except when creating a new table. Disable if your Azure app does not have both the Database Viewer and the Table Viewer role.""" + + ingest_mode: Annotated[ + Optional[CreateOutputIngestionMode], pydantic.Field(alias="ingestMode") + ] = None + + description: Optional[str] = None + + client_secret: Annotated[Optional[str], pydantic.Field(alias="clientSecret")] = None + r"""The client secret that you generated for your app in the Azure portal""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + certificate: Optional[CreateOutputCertificate] = None + + format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( + None + ) + r"""Format of the output data""" + + compression_level: Annotated[ + Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") + ] = None + r"""Compression level to apply before moving files to final destination""" + + automatic_schema: Annotated[ + Optional[bool], pydantic.Field(alias="automaticSchema") + ] = None + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + + parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( + None + ) + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + + parquet_version: Annotated[ + Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") + ] = None + r"""Determines which data types are supported and how they are represented""" + + parquet_data_page_version: Annotated[ + Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") + ] = None + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + + parquet_row_group_length: Annotated[ + Optional[float], pydantic.Field(alias="parquetRowGroupLength") + ] = None + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + + parquet_page_size: Annotated[ + Optional[str], pydantic.Field(alias="parquetPageSize") + ] = None + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + + should_log_invalid_rows: Annotated[ + Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") + ] = None + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + + key_value_metadata: Annotated[ + Optional[List[KeyValueMetadataConfOutputFilesystem]], + pydantic.Field(alias="keyValueMetadata"), + ] = None + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + + enable_statistics: Annotated[ + Optional[bool], pydantic.Field(alias="enableStatistics") + ] = None + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + + enable_write_page_index: Annotated[ + Optional[bool], pydantic.Field(alias="enableWritePageIndex") + ] = None + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + + enable_page_checksum: Annotated[ + Optional[bool], pydantic.Field(alias="enablePageChecksum") + ] = None + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + + remove_empty_dirs: Annotated[ + Optional[bool], pydantic.Field(alias="removeEmptyDirs") + ] = None + r"""Remove empty staging directories after moving files""" + + empty_dir_cleanup_sec: Annotated[ + Optional[float], pydantic.Field(alias="emptyDirCleanupSec") + ] = None + r"""How frequently, in seconds, to clean up empty directories""" + + directory_batch_size: Annotated[ + Optional[float], pydantic.Field(alias="directoryBatchSize") + ] = None + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + + deadletter_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="deadletterEnabled") + ] = None + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + + deadletter_path: Annotated[ + Optional[str], pydantic.Field(alias="deadletterPath") + ] = None + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + + max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( + None + ) + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + + is_mapping_obj: Annotated[Optional[bool], pydantic.Field(alias="isMappingObj")] = ( + None + ) + r"""Send a JSON mapping object instead of specifying an existing named data mapping""" + + mapping_obj: Annotated[Optional[str], pydantic.Field(alias="mappingObj")] = None + r"""Enter a JSON object that defines your desired data mapping""" + + mapping_ref: Annotated[Optional[str], pydantic.Field(alias="mappingRef")] = None + r"""Enter the name of a data mapping associated with your target table. Or, if incoming event and target table fields match exactly, you can leave the field empty.""" + + ingest_url: Annotated[Optional[str], pydantic.Field(alias="ingestUrl")] = None + r"""The ingestion service URI for your cluster. Typically, `https://ingest-..kusto.windows.net`.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + stage_path: Annotated[Optional[str], pydantic.Field(alias="stagePath")] = None + r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" + + file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="fileNameSuffix") + ] = None + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + + max_file_size_mb: Annotated[ + Optional[float], pydantic.Field(alias="maxFileSizeMB") + ] = None + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + + max_file_open_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") + ] = None + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + + max_file_idle_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") + ] = None + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + + max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( + None + ) + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + + max_concurrent_file_parts: Annotated[ + Optional[float], pydantic.Field(alias="maxConcurrentFileParts") + ] = None + r"""Maximum number of parts to upload in parallel per file""" + + on_disk_full_backpressure: Annotated[ + Optional[DiskSpaceProtectionOptions], + pydantic.Field(alias="onDiskFullBackpressure"), + ] = None + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + + add_id_to_stage_path: Annotated[ + Optional[bool], pydantic.Field(alias="addIdToStagePath") + ] = None + r"""Add the Output ID value to staging location""" + + retry_settings: Annotated[ + Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") + ] = None + + orphans: Optional[OrphanFileRecoveryType] = None + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_immediately: Annotated[ + Optional[bool], pydantic.Field(alias="flushImmediately") + ] = None + r"""Bypass the data management service's aggregation mechanism""" + + retain_blob_on_success: Annotated[ + Optional[bool], pydantic.Field(alias="retainBlobOnSuccess") + ] = None + r"""Prevent blob deletion after ingestion is complete""" + + extent_tags: Annotated[ + Optional[List[CreateOutputExtentTag]], pydantic.Field(alias="extentTags") + ] = None + r"""Strings or tags associated with the extent (ingested data shard)""" + + ingest_if_not_exists: Annotated[ + Optional[List[CreateOutputIngestIfNotExist]], + pydantic.Field(alias="ingestIfNotExists"), + ] = None + r"""Prevents duplicate ingestion by verifying whether an extent with the specified ingest-by tag already exists""" + + report_level: Annotated[ + Optional[CreateOutputReportLevel], pydantic.Field(alias="reportLevel") + ] = None + r"""Level of ingestion status reporting. Defaults to FailuresOnly.""" + + report_method: Annotated[ + Optional[CreateOutputReportMethod], pydantic.Field(alias="reportMethod") + ] = None + r"""Target of the ingestion status reporting. Defaults to Queue.""" + + additional_properties: Annotated[ + Optional[List[CreateOutputAdditionalProperty]], + pydantic.Field(alias="additionalProperties"), + ] = None + r"""Optionally, enter additional configuration properties to send to the ingestion service""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + keep_alive: Annotated[Optional[bool], pydantic.Field(alias="keepAlive")] = None + r"""Disable to close the connection immediately after sending the outgoing request""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsAzureDataExplorer], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_cluster_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_clusterUrl") + ] = None + r"""Binds 'clusterUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clusterUrl' at runtime.""" + + template_database: Annotated[ + Optional[str], pydantic.Field(alias="__template_database") + ] = None + r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" + + template_table: Annotated[ + Optional[str], pydantic.Field(alias="__template_table") + ] = None + r"""Binds 'table' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'table' at runtime.""" + + template_oauth_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_oauthEndpoint") + ] = None + r"""Binds 'oauthEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'oauthEndpoint' at runtime.""" + + template_tenant_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_tenantId") + ] = None + r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" + + template_client_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientId") + ] = None + r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" + + template_scope: Annotated[ + Optional[str], pydantic.Field(alias="__template_scope") + ] = None + r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" + + template_client_secret: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientSecret") + ] = None + r"""Binds 'clientSecret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecret' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + template_parquet_schema: Annotated[ + Optional[str], pydantic.Field(alias="__template_parquetSchema") + ] = None + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + template_mapping_ref: Annotated[ + Optional[str], pydantic.Field(alias="__template_mappingRef") + ] = None + r"""Binds 'mappingRef' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'mappingRef' at runtime.""" + + template_ingest_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_ingestUrl") + ] = None + r"""Binds 'ingestUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'ingestUrl' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="__template_fileNameSuffix") + ] = None + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + + @field_serializer("ingest_mode") + def serialize_ingest_mode(self, value): + if isinstance(value, str): + try: + return models.CreateOutputIngestionMode(value) + except ValueError: + return value + return value + + @field_serializer("oauth_endpoint") + def serialize_oauth_endpoint(self, value): + if isinstance(value, str): + try: + return models.MicrosoftEntraIDAuthenticationEndpointOptionsSasl(value) + except ValueError: + return value + return value + + @field_serializer("oauth_type") + def serialize_oauth_type(self, value): + if isinstance(value, str): + try: + return models.CreateOutputAuthenticationMethodAzureDataExplorer(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.DataFormatOptions(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsHTTP(value) + except ValueError: + return value + return value + + @field_serializer("compression_level") + def serialize_compression_level(self, value): + if isinstance(value, str): + try: + return models.CompressionLevelOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_version") + def serialize_parquet_version(self, value): + if isinstance(value, str): + try: + return models.ParquetVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_data_page_version") + def serialize_parquet_data_page_version(self, value): + if isinstance(value, str): + try: + return models.DataPageVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_disk_full_backpressure") + def serialize_on_disk_full_backpressure(self, value): + if isinstance(value, str): + try: + return models.DiskSpaceProtectionOptions(value) + except ValueError: + return value + return value + + @field_serializer("report_level") + def serialize_report_level(self, value): + if isinstance(value, str): + try: + return models.CreateOutputReportLevel(value) + except ValueError: + return value + return value + + @field_serializer("report_method") + def serialize_report_method(self, value): + if isinstance(value, str): + try: + return models.CreateOutputReportMethod(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "validateDatabaseSettings", + "ingestMode", + "description", + "clientSecret", + "textSecret", + "certificate", + "format", + "compressionLevel", + "automaticSchema", + "parquetSchema", + "parquetVersion", + "parquetDataPageVersion", + "parquetRowGroupLength", + "parquetPageSize", + "shouldLogInvalidRows", + "keyValueMetadata", + "enableStatistics", + "enableWritePageIndex", + "enablePageChecksum", + "removeEmptyDirs", + "emptyDirCleanupSec", + "directoryBatchSize", + "deadletterEnabled", + "deadletterPath", + "maxRetryNum", + "isMappingObj", + "mappingObj", + "mappingRef", + "ingestUrl", + "onBackpressure", + "stagePath", + "fileNameSuffix", + "maxFileSizeMB", + "maxFileOpenTimeSec", + "maxFileIdleTimeSec", + "maxOpenFiles", + "maxConcurrentFileParts", + "onDiskFullBackpressure", + "addIdToStagePath", + "retrySettings", + "orphans", + "timeoutSec", + "flushImmediately", + "retainBlobOnSuccess", + "extentTags", + "ingestIfNotExists", + "reportLevel", + "reportMethod", + "additionalProperties", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "flushPeriodSec", + "rejectUnauthorized", + "useRoundRobinDns", + "keepAlive", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_clusterUrl", + "__template_database", + "__template_table", + "__template_oauthEndpoint", + "__template_tenantId", + "__template_clientId", + "__template_scope", + "__template_clientSecret", + "__template_format", + "__template_compress", + "__template_parquetSchema", + "__template_mappingRef", + "__template_ingestUrl", + "__template_onBackpressure", + "__template_fileNameSuffix", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeAzureBlob(str, Enum): + AZURE_BLOB = "azure_blob" + + +class CreateOutputBlobAccessTier(str, Enum, metaclass=utils.OpenEnumMeta): + # Default account access tier + INFERRED = "Inferred" + # Hot tier + HOT = "Hot" + # Cool tier + COOL = "Cool" + # Cold tier + COLD = "Cold" + # Archive tier + ARCHIVE = "Archive" + + +class CreateOutputOutputAzureBlobTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeAzureBlob + container_name: str + r"""The Azure Blob Storage container name. Name can include only lowercase letters, numbers, and hyphens. For dynamic container names, enter a JavaScript expression within quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myContainer-${C.env[\"CRIBL_WORKER_ID\"]}`.""" + stage_path: str + r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + create_container: NotRequired[bool] + r"""Create the configured container in Azure Blob Storage if it does not already exist""" + dest_path: NotRequired[str] + r"""Root directory prepended to path before uploading. Value can be a JavaScript expression enclosed in quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myBlobPrefix-${C.env[\"CRIBL_WORKER_ID\"]}`.""" + add_id_to_stage_path: NotRequired[bool] + r"""Add the Output ID value to staging location""" + max_concurrent_file_parts: NotRequired[float] + r"""Maximum number of parts to upload in parallel per file""" + remove_empty_dirs: NotRequired[bool] + r"""Remove empty staging directories after moving files""" + partition_expr: NotRequired[str] + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + format_: NotRequired[DataFormatOptions] + r"""Format of the output data""" + base_file_name: NotRequired[str] + r"""JavaScript expression to define the output filename prefix (can be constant)""" + file_name_suffix: NotRequired[str] + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + max_file_size_mb: NotRequired[float] + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + max_file_open_time_sec: NotRequired[float] + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + max_file_idle_time_sec: NotRequired[float] + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + max_open_files: NotRequired[float] + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + header_line: NotRequired[str] + r"""If set, this line will be written to the beginning of each output file""" + write_high_water_mark: NotRequired[float] + r"""Buffer size used to write to a file""" + on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] + r"""How to handle events when all receivers are exerting backpressure""" + deadletter_enabled: NotRequired[bool] + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + force_close_on_shutdown: NotRequired[bool] + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + retry_settings: NotRequired[RetrySettingsTypeTypedDict] + orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] + auth_type: NotRequired[AuthenticationMethodOptions] + storage_class: NotRequired[CreateOutputBlobAccessTier] + description: NotRequired[str] + compress: NotRequired[CompressionOptionsHTTP] + r"""Data compression format to apply to HTTP content before it is delivered""" + compression_level: NotRequired[CompressionLevelOptions] + r"""Compression level to apply before moving files to final destination""" + automatic_schema: NotRequired[bool] + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + parquet_schema: NotRequired[str] + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + parquet_version: NotRequired[ParquetVersionOptions] + r"""Determines which data types are supported and how they are represented""" + parquet_data_page_version: NotRequired[DataPageVersionOptions] + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + parquet_row_group_length: NotRequired[float] + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + parquet_page_size: NotRequired[str] + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + should_log_invalid_rows: NotRequired[bool] + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + enable_statistics: NotRequired[bool] + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + enable_write_page_index: NotRequired[bool] + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + enable_page_checksum: NotRequired[bool] + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + empty_dir_cleanup_sec: NotRequired[float] + r"""How frequently, in seconds, to clean up empty directories""" + directory_batch_size: NotRequired[float] + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + deadletter_path: NotRequired[str] + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + max_retry_num: NotRequired[float] + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + connection_string: NotRequired[str] + r"""Enter your Azure Storage account connection string. If left blank, Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING.""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + storage_account_name: NotRequired[str] + r"""The name of your Azure storage account""" + tenant_id: NotRequired[str] + r"""The service principal's tenant ID""" + client_id: NotRequired[str] + r"""The service principal's client ID""" + azure_cloud: NotRequired[str] + r"""The Azure cloud to use. Defaults to Azure Public Cloud.""" + endpoint_suffix: NotRequired[str] + r"""Endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net.""" + client_text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + certificate: NotRequired[CertificateTypeAzureBlobAuthTypeClientCertTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_container_name: NotRequired[str] + r"""Binds 'containerName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'containerName' at runtime.""" + template_dest_path: NotRequired[str] + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + template_partition_expr: NotRequired[str] + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_base_file_name: NotRequired[str] + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + template_file_name_suffix: NotRequired[str] + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + template_parquet_schema: NotRequired[str] + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + template_connection_string: NotRequired[str] + r"""Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime.""" + template_storage_account_name: NotRequired[str] + r"""Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime.""" + template_tenant_id: NotRequired[str] + r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" + template_client_id: NotRequired[str] + r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" + template_azure_cloud: NotRequired[str] + r"""Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime.""" + + +class CreateOutputOutputAzureBlob(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeAzureBlob + + container_name: Annotated[str, pydantic.Field(alias="containerName")] + r"""The Azure Blob Storage container name. Name can include only lowercase letters, numbers, and hyphens. For dynamic container names, enter a JavaScript expression within quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myContainer-${C.env[\"CRIBL_WORKER_ID\"]}`.""" + + stage_path: Annotated[str, pydantic.Field(alias="stagePath")] + r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + create_container: Annotated[ + Optional[bool], pydantic.Field(alias="createContainer") + ] = None + r"""Create the configured container in Azure Blob Storage if it does not already exist""" + + dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None + r"""Root directory prepended to path before uploading. Value can be a JavaScript expression enclosed in quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myBlobPrefix-${C.env[\"CRIBL_WORKER_ID\"]}`.""" + + add_id_to_stage_path: Annotated[ + Optional[bool], pydantic.Field(alias="addIdToStagePath") + ] = None + r"""Add the Output ID value to staging location""" + + max_concurrent_file_parts: Annotated[ + Optional[float], pydantic.Field(alias="maxConcurrentFileParts") + ] = None + r"""Maximum number of parts to upload in parallel per file""" + + remove_empty_dirs: Annotated[ + Optional[bool], pydantic.Field(alias="removeEmptyDirs") + ] = None + r"""Remove empty staging directories after moving files""" + + partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( + None + ) + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + + format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( + None + ) + r"""Format of the output data""" + + base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( + None + ) + r"""JavaScript expression to define the output filename prefix (can be constant)""" + + file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="fileNameSuffix") + ] = None + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + + max_file_size_mb: Annotated[ + Optional[float], pydantic.Field(alias="maxFileSizeMB") + ] = None + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + + max_file_open_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") + ] = None + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + + max_file_idle_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") + ] = None + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + + max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( + None + ) + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + + header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None + r"""If set, this line will be written to the beginning of each output file""" + + write_high_water_mark: Annotated[ + Optional[float], pydantic.Field(alias="writeHighWaterMark") + ] = None + r"""Buffer size used to write to a file""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptionsBlockDrop], + pydantic.Field(alias="onBackpressure"), + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + deadletter_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="deadletterEnabled") + ] = None + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + + on_disk_full_backpressure: Annotated[ + Optional[DiskSpaceProtectionOptions], + pydantic.Field(alias="onDiskFullBackpressure"), + ] = None + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + + force_close_on_shutdown: Annotated[ + Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") + ] = None + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + + retry_settings: Annotated[ + Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") + ] = None + + orphans: Optional[OrphanFileRecoveryType] = None + + auth_type: Annotated[ + Optional[AuthenticationMethodOptions], pydantic.Field(alias="authType") + ] = None + + storage_class: Annotated[ + Optional[CreateOutputBlobAccessTier], pydantic.Field(alias="storageClass") + ] = None + + description: Optional[str] = None + + compress: Optional[CompressionOptionsHTTP] = None + r"""Data compression format to apply to HTTP content before it is delivered""" + + compression_level: Annotated[ + Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") + ] = None + r"""Compression level to apply before moving files to final destination""" + + automatic_schema: Annotated[ + Optional[bool], pydantic.Field(alias="automaticSchema") + ] = None + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + + parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( + None + ) + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + + parquet_version: Annotated[ + Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") + ] = None + r"""Determines which data types are supported and how they are represented""" + + parquet_data_page_version: Annotated[ + Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") + ] = None + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + + parquet_row_group_length: Annotated[ + Optional[float], pydantic.Field(alias="parquetRowGroupLength") + ] = None + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + + parquet_page_size: Annotated[ + Optional[str], pydantic.Field(alias="parquetPageSize") + ] = None + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + + should_log_invalid_rows: Annotated[ + Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") + ] = None + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + + key_value_metadata: Annotated[ + Optional[List[KeyValueMetadataConfOutputFilesystem]], + pydantic.Field(alias="keyValueMetadata"), + ] = None + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + + enable_statistics: Annotated[ + Optional[bool], pydantic.Field(alias="enableStatistics") + ] = None + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + + enable_write_page_index: Annotated[ + Optional[bool], pydantic.Field(alias="enableWritePageIndex") + ] = None + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + + enable_page_checksum: Annotated[ + Optional[bool], pydantic.Field(alias="enablePageChecksum") + ] = None + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + + empty_dir_cleanup_sec: Annotated[ + Optional[float], pydantic.Field(alias="emptyDirCleanupSec") + ] = None + r"""How frequently, in seconds, to clean up empty directories""" + + directory_batch_size: Annotated[ + Optional[float], pydantic.Field(alias="directoryBatchSize") + ] = None + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + + deadletter_path: Annotated[ + Optional[str], pydantic.Field(alias="deadletterPath") + ] = None + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + + max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( + None + ) + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + + connection_string: Annotated[ + Optional[str], pydantic.Field(alias="connectionString") + ] = None + r"""Enter your Azure Storage account connection string. If left blank, Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + storage_account_name: Annotated[ + Optional[str], pydantic.Field(alias="storageAccountName") + ] = None + r"""The name of your Azure storage account""" + + tenant_id: Annotated[Optional[str], pydantic.Field(alias="tenantId")] = None + r"""The service principal's tenant ID""" + + client_id: Annotated[Optional[str], pydantic.Field(alias="clientId")] = None + r"""The service principal's client ID""" + + azure_cloud: Annotated[Optional[str], pydantic.Field(alias="azureCloud")] = None + r"""The Azure cloud to use. Defaults to Azure Public Cloud.""" + + endpoint_suffix: Annotated[ + Optional[str], pydantic.Field(alias="endpointSuffix") + ] = None + r"""Endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net.""" + + client_text_secret: Annotated[ + Optional[str], pydantic.Field(alias="clientTextSecret") + ] = None + r"""Select or create a stored text secret""" + + certificate: Optional[CertificateTypeAzureBlobAuthTypeClientCert] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_container_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_containerName") + ] = None + r"""Binds 'containerName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'containerName' at runtime.""" + + template_dest_path: Annotated[ + Optional[str], pydantic.Field(alias="__template_destPath") + ] = None + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + + template_partition_expr: Annotated[ + Optional[str], pydantic.Field(alias="__template_partitionExpr") + ] = None + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_base_file_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_baseFileName") + ] = None + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + + template_file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="__template_fileNameSuffix") + ] = None + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + template_parquet_schema: Annotated[ + Optional[str], pydantic.Field(alias="__template_parquetSchema") + ] = None + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + template_connection_string: Annotated[ + Optional[str], pydantic.Field(alias="__template_connectionString") + ] = None + r"""Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime.""" + + template_storage_account_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_storageAccountName") + ] = None + r"""Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime.""" + + template_tenant_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_tenantId") + ] = None + r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" + + template_client_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientId") + ] = None + r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" + + template_azure_cloud: Annotated[ + Optional[str], pydantic.Field(alias="__template_azureCloud") + ] = None + r"""Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime.""" + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.DataFormatOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptionsBlockDrop(value) + except ValueError: + return value + return value + + @field_serializer("on_disk_full_backpressure") + def serialize_on_disk_full_backpressure(self, value): + if isinstance(value, str): + try: + return models.DiskSpaceProtectionOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptions(value) + except ValueError: + return value + return value + + @field_serializer("storage_class") + def serialize_storage_class(self, value): + if isinstance(value, str): + try: + return models.CreateOutputBlobAccessTier(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsHTTP(value) + except ValueError: + return value + return value + + @field_serializer("compression_level") + def serialize_compression_level(self, value): + if isinstance(value, str): + try: + return models.CompressionLevelOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_version") + def serialize_parquet_version(self, value): + if isinstance(value, str): + try: + return models.ParquetVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_data_page_version") + def serialize_parquet_data_page_version(self, value): + if isinstance(value, str): + try: + return models.DataPageVersionOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "createContainer", + "destPath", + "addIdToStagePath", + "maxConcurrentFileParts", + "removeEmptyDirs", + "partitionExpr", + "format", + "baseFileName", + "fileNameSuffix", + "maxFileSizeMB", + "maxFileOpenTimeSec", + "maxFileIdleTimeSec", + "maxOpenFiles", + "headerLine", + "writeHighWaterMark", + "onBackpressure", + "deadletterEnabled", + "onDiskFullBackpressure", + "forceCloseOnShutdown", + "retrySettings", + "orphans", + "authType", + "storageClass", + "description", + "compress", + "compressionLevel", + "automaticSchema", + "parquetSchema", + "parquetVersion", + "parquetDataPageVersion", + "parquetRowGroupLength", + "parquetPageSize", + "shouldLogInvalidRows", + "keyValueMetadata", + "enableStatistics", + "enableWritePageIndex", + "enablePageChecksum", + "emptyDirCleanupSec", + "directoryBatchSize", + "deadletterPath", + "maxRetryNum", + "connectionString", + "textSecret", + "storageAccountName", + "tenantId", + "clientId", + "azureCloud", + "endpointSuffix", + "clientTextSecret", + "certificate", + "__template_streamtags", + "__template_containerName", + "__template_destPath", + "__template_partitionExpr", + "__template_format", + "__template_baseFileName", + "__template_fileNameSuffix", + "__template_onBackpressure", + "__template_compress", + "__template_parquetSchema", + "__template_connectionString", + "__template_storageAccountName", + "__template_tenantId", + "__template_clientId", + "__template_azureCloud", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeS3(str, Enum): + S3 = "s3" + + +class CreateOutputOutputS3TypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeS3 + bucket: str + r"""Name of the destination S3 bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + stage_path: str + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + endpoint: NotRequired[str] + r"""S3 service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to S3-compatible endpoint.""" + enable_assume_role: NotRequired[bool] + r"""Use Assume Role credentials to access S3""" + assume_role_arn: NotRequired[str] + r"""Amazon Resource Name (ARN) of the role to assume""" + assume_role_external_id: NotRequired[str] + r"""External ID to use when assuming role""" + duration_seconds: NotRequired[float] + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] + r"""AWS authentication method. Choose Auto to use IAM roles.""" + reuse_connections: NotRequired[bool] + r"""Reuse connections between requests, which can improve performance""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + region: NotRequired[str] + r"""Region where the S3 bucket is located""" + dest_path: NotRequired[str] + r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" + max_concurrent_file_parts: NotRequired[float] + r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" + verify_permissions: NotRequired[bool] + r"""Disable if you can access files within the bucket but not the bucket itself""" + max_closing_files_to_backpressure: NotRequired[float] + r"""Maximum number of files that can be waiting for upload before backpressure is applied""" + add_id_to_stage_path: NotRequired[bool] + r"""Add the Output ID value to staging location""" + remove_empty_dirs: NotRequired[bool] + r"""Remove empty staging directories after moving files""" + partition_expr: NotRequired[str] + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + format_: NotRequired[DataFormatOptions] + r"""Format of the output data""" + base_file_name: NotRequired[str] + r"""JavaScript expression to define the output filename prefix (can be constant)""" + file_name_suffix: NotRequired[str] + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + max_file_size_mb: NotRequired[float] + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + max_file_open_time_sec: NotRequired[float] + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + max_file_idle_time_sec: NotRequired[float] + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + max_open_files: NotRequired[float] + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + header_line: NotRequired[str] + r"""If set, this line will be written to the beginning of each output file""" + write_high_water_mark: NotRequired[float] + r"""Buffer size used to write to a file""" + on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] + r"""How to handle events when all receivers are exerting backpressure""" + deadletter_enabled: NotRequired[bool] + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + force_close_on_shutdown: NotRequired[bool] + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + retry_settings: NotRequired[RetrySettingsTypeTypedDict] + orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] + aws_secret_key: NotRequired[str] + r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" + object_acl: NotRequired[ObjectACLOptions] + r"""Object ACL to assign to uploaded objects""" + storage_class: NotRequired[StorageClassOptions] + r"""Storage class to select for uploaded objects""" + server_side_encryption: NotRequired[ServerSideEncryptionForUploadedObjectsOptions] + r"""Server-side encryption to use for uploaded objects""" + kms_key_id: NotRequired[str] + r"""ID or ARN of the KMS customer-managed key to use for encryption""" + description: NotRequired[str] + aws_api_key: NotRequired[str] + r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" + aws_secret: NotRequired[str] + r"""Select or create a stored secret that references your access key and secret key""" + compress: NotRequired[CompressionOptionsHTTP] + r"""Data compression format to apply to HTTP content before it is delivered""" + compression_level: NotRequired[CompressionLevelOptions] + r"""Compression level to apply before moving files to final destination""" + automatic_schema: NotRequired[bool] + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + parquet_schema: NotRequired[str] + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + parquet_version: NotRequired[ParquetVersionOptions] + r"""Determines which data types are supported and how they are represented""" + parquet_data_page_version: NotRequired[DataPageVersionOptions] + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + parquet_row_group_length: NotRequired[float] + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + parquet_page_size: NotRequired[str] + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + should_log_invalid_rows: NotRequired[bool] + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + enable_statistics: NotRequired[bool] + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + enable_write_page_index: NotRequired[bool] + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + enable_page_checksum: NotRequired[bool] + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + empty_dir_cleanup_sec: NotRequired[float] + r"""How frequently, in seconds, to clean up empty directories""" + directory_batch_size: NotRequired[float] + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + deadletter_path: NotRequired[str] + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + max_retry_num: NotRequired[float] + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_endpoint: NotRequired[str] + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + template_assume_role_arn: NotRequired[str] + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + template_assume_role_external_id: NotRequired[str] + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + template_bucket: NotRequired[str] + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_dest_path: NotRequired[str] + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + template_partition_expr: NotRequired[str] + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_base_file_name: NotRequired[str] + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + template_file_name_suffix: NotRequired[str] + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_aws_secret_key: NotRequired[str] + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + template_object_acl: NotRequired[str] + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + template_storage_class: NotRequired[str] + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + template_server_side_encryption: NotRequired[str] + r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" + template_kms_key_id: NotRequired[str] + r"""Binds 'kmsKeyId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'kmsKeyId' at runtime.""" + template_aws_api_key: NotRequired[str] + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + template_parquet_schema: NotRequired[str] + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + +class CreateOutputOutputS3(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeS3 + + bucket: str + r"""Name of the destination S3 bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + + stage_path: Annotated[str, pydantic.Field(alias="stagePath")] + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + endpoint: Optional[str] = None + r"""S3 service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to S3-compatible endpoint.""" + + enable_assume_role: Annotated[ + Optional[bool], pydantic.Field(alias="enableAssumeRole") + ] = None + r"""Use Assume Role credentials to access S3""" + + assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( + None + ) + r"""Amazon Resource Name (ARN) of the role to assume""" + + assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="assumeRoleExternalId") + ] = None + r"""External ID to use when assuming role""" + + duration_seconds: Annotated[ + Optional[float], pydantic.Field(alias="durationSeconds") + ] = None + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + + aws_authentication_method: Annotated[ + Optional[AuthenticationMethodOptionsS3CollectorConf], + pydantic.Field(alias="awsAuthenticationMethod"), + ] = None + r"""AWS authentication method. Choose Auto to use IAM roles.""" + + reuse_connections: Annotated[ + Optional[bool], pydantic.Field(alias="reuseConnections") + ] = None + r"""Reuse connections between requests, which can improve performance""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + + region: Optional[str] = None + r"""Region where the S3 bucket is located""" + + dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None + r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" + + max_concurrent_file_parts: Annotated[ + Optional[float], pydantic.Field(alias="maxConcurrentFileParts") + ] = None + r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" + + verify_permissions: Annotated[ + Optional[bool], pydantic.Field(alias="verifyPermissions") + ] = None + r"""Disable if you can access files within the bucket but not the bucket itself""" + + max_closing_files_to_backpressure: Annotated[ + Optional[float], pydantic.Field(alias="maxClosingFilesToBackpressure") + ] = None + r"""Maximum number of files that can be waiting for upload before backpressure is applied""" + + add_id_to_stage_path: Annotated[ + Optional[bool], pydantic.Field(alias="addIdToStagePath") + ] = None + r"""Add the Output ID value to staging location""" + + remove_empty_dirs: Annotated[ + Optional[bool], pydantic.Field(alias="removeEmptyDirs") + ] = None + r"""Remove empty staging directories after moving files""" + + partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( + None + ) + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + + format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( + None + ) + r"""Format of the output data""" + + base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( + None + ) + r"""JavaScript expression to define the output filename prefix (can be constant)""" + + file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="fileNameSuffix") + ] = None + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + + max_file_size_mb: Annotated[ + Optional[float], pydantic.Field(alias="maxFileSizeMB") + ] = None + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + + max_file_open_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") + ] = None + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + + max_file_idle_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") + ] = None + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + + max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( + None + ) + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + + header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None + r"""If set, this line will be written to the beginning of each output file""" + + write_high_water_mark: Annotated[ + Optional[float], pydantic.Field(alias="writeHighWaterMark") + ] = None + r"""Buffer size used to write to a file""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptionsBlockDrop], + pydantic.Field(alias="onBackpressure"), + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + deadletter_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="deadletterEnabled") + ] = None + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + + on_disk_full_backpressure: Annotated[ + Optional[DiskSpaceProtectionOptions], + pydantic.Field(alias="onDiskFullBackpressure"), + ] = None + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + + force_close_on_shutdown: Annotated[ + Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") + ] = None + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + + retry_settings: Annotated[ + Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") + ] = None + + orphans: Optional[OrphanFileRecoveryType] = None + + aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( + None + ) + r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" + + object_acl: Annotated[ + Optional[ObjectACLOptions], pydantic.Field(alias="objectACL") + ] = None + r"""Object ACL to assign to uploaded objects""" + + storage_class: Annotated[ + Optional[StorageClassOptions], pydantic.Field(alias="storageClass") + ] = None + r"""Storage class to select for uploaded objects""" + + server_side_encryption: Annotated[ + Optional[ServerSideEncryptionForUploadedObjectsOptions], + pydantic.Field(alias="serverSideEncryption"), + ] = None + r"""Server-side encryption to use for uploaded objects""" + + kms_key_id: Annotated[Optional[str], pydantic.Field(alias="kmsKeyId")] = None + r"""ID or ARN of the KMS customer-managed key to use for encryption""" + + description: Optional[str] = None + + aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None + r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" + + aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None + r"""Select or create a stored secret that references your access key and secret key""" + + compress: Optional[CompressionOptionsHTTP] = None + r"""Data compression format to apply to HTTP content before it is delivered""" + + compression_level: Annotated[ + Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") + ] = None + r"""Compression level to apply before moving files to final destination""" + + automatic_schema: Annotated[ + Optional[bool], pydantic.Field(alias="automaticSchema") + ] = None + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + + parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( + None + ) + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + + parquet_version: Annotated[ + Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") + ] = None + r"""Determines which data types are supported and how they are represented""" + + parquet_data_page_version: Annotated[ + Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") + ] = None + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + + parquet_row_group_length: Annotated[ + Optional[float], pydantic.Field(alias="parquetRowGroupLength") + ] = None + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + + parquet_page_size: Annotated[ + Optional[str], pydantic.Field(alias="parquetPageSize") + ] = None + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + + should_log_invalid_rows: Annotated[ + Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") + ] = None + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + + key_value_metadata: Annotated[ + Optional[List[KeyValueMetadataConfOutputFilesystem]], + pydantic.Field(alias="keyValueMetadata"), + ] = None + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + + enable_statistics: Annotated[ + Optional[bool], pydantic.Field(alias="enableStatistics") + ] = None + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + + enable_write_page_index: Annotated[ + Optional[bool], pydantic.Field(alias="enableWritePageIndex") + ] = None + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + + enable_page_checksum: Annotated[ + Optional[bool], pydantic.Field(alias="enablePageChecksum") + ] = None + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + + empty_dir_cleanup_sec: Annotated[ + Optional[float], pydantic.Field(alias="emptyDirCleanupSec") + ] = None + r"""How frequently, in seconds, to clean up empty directories""" + + directory_batch_size: Annotated[ + Optional[float], pydantic.Field(alias="directoryBatchSize") + ] = None + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + + deadletter_path: Annotated[ + Optional[str], pydantic.Field(alias="deadletterPath") + ] = None + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + + max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( + None + ) + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_endpoint") + ] = None + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + + template_assume_role_arn: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleArn") + ] = None + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + + template_assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") + ] = None + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + + template_bucket: Annotated[ + Optional[str], pydantic.Field(alias="__template_bucket") + ] = None + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_dest_path: Annotated[ + Optional[str], pydantic.Field(alias="__template_destPath") + ] = None + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + + template_partition_expr: Annotated[ + Optional[str], pydantic.Field(alias="__template_partitionExpr") + ] = None + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_base_file_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_baseFileName") + ] = None + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + + template_file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="__template_fileNameSuffix") + ] = None + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_aws_secret_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsSecretKey") + ] = None + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + + template_object_acl: Annotated[ + Optional[str], pydantic.Field(alias="__template_objectACL") + ] = None + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + + template_storage_class: Annotated[ + Optional[str], pydantic.Field(alias="__template_storageClass") + ] = None + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + + template_server_side_encryption: Annotated[ + Optional[str], pydantic.Field(alias="__template_serverSideEncryption") + ] = None + r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" + + template_kms_key_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_kmsKeyId") + ] = None + r"""Binds 'kmsKeyId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'kmsKeyId' at runtime.""" + + template_aws_api_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsApiKey") + ] = None + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + template_parquet_schema: Annotated[ + Optional[str], pydantic.Field(alias="__template_parquetSchema") + ] = None + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + @field_serializer("aws_authentication_method") + def serialize_aws_authentication_method(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsS3CollectorConf(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.DataFormatOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptionsBlockDrop(value) + except ValueError: + return value + return value + + @field_serializer("on_disk_full_backpressure") + def serialize_on_disk_full_backpressure(self, value): + if isinstance(value, str): + try: + return models.DiskSpaceProtectionOptions(value) + except ValueError: + return value + return value + + @field_serializer("object_acl") + def serialize_object_acl(self, value): + if isinstance(value, str): + try: + return models.ObjectACLOptions(value) + except ValueError: + return value + return value + + @field_serializer("storage_class") + def serialize_storage_class(self, value): + if isinstance(value, str): + try: + return models.StorageClassOptions(value) + except ValueError: + return value + return value + + @field_serializer("server_side_encryption") + def serialize_server_side_encryption(self, value): + if isinstance(value, str): + try: + return models.ServerSideEncryptionForUploadedObjectsOptions(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsHTTP(value) + except ValueError: + return value + return value + + @field_serializer("compression_level") + def serialize_compression_level(self, value): + if isinstance(value, str): + try: + return models.CompressionLevelOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_version") + def serialize_parquet_version(self, value): + if isinstance(value, str): + try: + return models.ParquetVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_data_page_version") + def serialize_parquet_data_page_version(self, value): + if isinstance(value, str): + try: + return models.DataPageVersionOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "endpoint", + "enableAssumeRole", + "assumeRoleArn", + "assumeRoleExternalId", + "durationSeconds", + "awsAuthenticationMethod", + "reuseConnections", + "rejectUnauthorized", + "region", + "destPath", + "maxConcurrentFileParts", + "verifyPermissions", + "maxClosingFilesToBackpressure", + "addIdToStagePath", + "removeEmptyDirs", + "partitionExpr", + "format", + "baseFileName", + "fileNameSuffix", + "maxFileSizeMB", + "maxFileOpenTimeSec", + "maxFileIdleTimeSec", + "maxOpenFiles", + "headerLine", + "writeHighWaterMark", + "onBackpressure", + "deadletterEnabled", + "onDiskFullBackpressure", + "forceCloseOnShutdown", + "retrySettings", + "orphans", + "awsSecretKey", + "objectACL", + "storageClass", + "serverSideEncryption", + "kmsKeyId", + "description", + "awsApiKey", + "awsSecret", + "compress", + "compressionLevel", + "automaticSchema", + "parquetSchema", + "parquetVersion", + "parquetDataPageVersion", + "parquetRowGroupLength", + "parquetPageSize", + "shouldLogInvalidRows", + "keyValueMetadata", + "enableStatistics", + "enableWritePageIndex", + "enablePageChecksum", + "emptyDirCleanupSec", + "directoryBatchSize", + "deadletterPath", + "maxRetryNum", + "__template_streamtags", + "__template_endpoint", + "__template_assumeRoleArn", + "__template_assumeRoleExternalId", + "__template_bucket", + "__template_region", + "__template_destPath", + "__template_partitionExpr", + "__template_format", + "__template_baseFileName", + "__template_fileNameSuffix", + "__template_onBackpressure", + "__template_awsSecretKey", + "__template_objectACL", + "__template_storageClass", + "__template_serverSideEncryption", + "__template_kmsKeyId", + "__template_awsApiKey", + "__template_compress", + "__template_parquetSchema", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeFilesystem(str, Enum): + FILESYSTEM = "filesystem" + + +class CreateOutputOutputFilesystemTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeFilesystem + dest_path: str + r"""Final destination for the output files""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + stage_path: NotRequired[str] + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + add_id_to_stage_path: NotRequired[bool] + r"""Add the Output ID value to staging location""" + remove_empty_dirs: NotRequired[bool] + r"""Remove empty staging directories after moving files""" + partition_expr: NotRequired[str] + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + format_: NotRequired[DataFormatOptions] + r"""Format of the output data""" + base_file_name: NotRequired[str] + r"""JavaScript expression to define the output filename prefix (can be constant)""" + file_name_suffix: NotRequired[str] + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + max_file_size_mb: NotRequired[float] + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + max_file_open_time_sec: NotRequired[float] + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + max_file_idle_time_sec: NotRequired[float] + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + max_open_files: NotRequired[float] + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + header_line: NotRequired[str] + r"""If set, this line will be written to the beginning of each output file""" + write_high_water_mark: NotRequired[float] + r"""Buffer size used to write to a file""" + on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] + r"""How to handle events when all receivers are exerting backpressure""" + deadletter_enabled: NotRequired[bool] + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + force_close_on_shutdown: NotRequired[bool] + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + retry_settings: NotRequired[RetrySettingsTypeTypedDict] + orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] + description: NotRequired[str] + compress: NotRequired[CompressionOptionsHTTP] + r"""Data compression format to apply to HTTP content before it is delivered""" + compression_level: NotRequired[CompressionLevelOptions] + r"""Compression level to apply before moving files to final destination""" + automatic_schema: NotRequired[bool] + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + parquet_schema: NotRequired[str] + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + parquet_version: NotRequired[ParquetVersionOptions] + r"""Determines which data types are supported and how they are represented""" + parquet_data_page_version: NotRequired[DataPageVersionOptions] + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + parquet_row_group_length: NotRequired[float] + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + parquet_page_size: NotRequired[str] + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + should_log_invalid_rows: NotRequired[bool] + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + enable_statistics: NotRequired[bool] + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + enable_write_page_index: NotRequired[bool] + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + enable_page_checksum: NotRequired[bool] + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + empty_dir_cleanup_sec: NotRequired[float] + r"""How frequently, in seconds, to clean up empty directories""" + directory_batch_size: NotRequired[float] + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + deadletter_path: NotRequired[str] + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + max_retry_num: NotRequired[float] + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_partition_expr: NotRequired[str] + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_base_file_name: NotRequired[str] + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + template_file_name_suffix: NotRequired[str] + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + template_parquet_schema: NotRequired[str] + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + +class CreateOutputOutputFilesystem(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeFilesystem + + dest_path: Annotated[str, pydantic.Field(alias="destPath")] + r"""Final destination for the output files""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + stage_path: Annotated[Optional[str], pydantic.Field(alias="stagePath")] = None + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + + add_id_to_stage_path: Annotated[ + Optional[bool], pydantic.Field(alias="addIdToStagePath") + ] = None + r"""Add the Output ID value to staging location""" + + remove_empty_dirs: Annotated[ + Optional[bool], pydantic.Field(alias="removeEmptyDirs") + ] = None + r"""Remove empty staging directories after moving files""" + + partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( + None + ) + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + + format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( + None + ) + r"""Format of the output data""" + + base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( + None + ) + r"""JavaScript expression to define the output filename prefix (can be constant)""" + + file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="fileNameSuffix") + ] = None + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + + max_file_size_mb: Annotated[ + Optional[float], pydantic.Field(alias="maxFileSizeMB") + ] = None + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + + max_file_open_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") + ] = None + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + + max_file_idle_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") + ] = None + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + + max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( + None + ) + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + + header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None + r"""If set, this line will be written to the beginning of each output file""" + + write_high_water_mark: Annotated[ + Optional[float], pydantic.Field(alias="writeHighWaterMark") + ] = None + r"""Buffer size used to write to a file""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptionsBlockDrop], + pydantic.Field(alias="onBackpressure"), + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + deadletter_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="deadletterEnabled") + ] = None + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + + on_disk_full_backpressure: Annotated[ + Optional[DiskSpaceProtectionOptions], + pydantic.Field(alias="onDiskFullBackpressure"), + ] = None + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + + force_close_on_shutdown: Annotated[ + Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") + ] = None + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + + retry_settings: Annotated[ + Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") + ] = None + + orphans: Optional[OrphanFileRecoveryType] = None + + description: Optional[str] = None + + compress: Optional[CompressionOptionsHTTP] = None + r"""Data compression format to apply to HTTP content before it is delivered""" + + compression_level: Annotated[ + Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") + ] = None + r"""Compression level to apply before moving files to final destination""" + + automatic_schema: Annotated[ + Optional[bool], pydantic.Field(alias="automaticSchema") + ] = None + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + + parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( + None + ) + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + + parquet_version: Annotated[ + Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") + ] = None + r"""Determines which data types are supported and how they are represented""" + + parquet_data_page_version: Annotated[ + Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") + ] = None + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + + parquet_row_group_length: Annotated[ + Optional[float], pydantic.Field(alias="parquetRowGroupLength") + ] = None + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + + parquet_page_size: Annotated[ + Optional[str], pydantic.Field(alias="parquetPageSize") + ] = None + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + + should_log_invalid_rows: Annotated[ + Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") + ] = None + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + + key_value_metadata: Annotated[ + Optional[List[KeyValueMetadataConfOutputFilesystem]], + pydantic.Field(alias="keyValueMetadata"), + ] = None + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + + enable_statistics: Annotated[ + Optional[bool], pydantic.Field(alias="enableStatistics") + ] = None + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + + enable_write_page_index: Annotated[ + Optional[bool], pydantic.Field(alias="enableWritePageIndex") + ] = None + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + + enable_page_checksum: Annotated[ + Optional[bool], pydantic.Field(alias="enablePageChecksum") + ] = None + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + + empty_dir_cleanup_sec: Annotated[ + Optional[float], pydantic.Field(alias="emptyDirCleanupSec") + ] = None + r"""How frequently, in seconds, to clean up empty directories""" + + directory_batch_size: Annotated[ + Optional[float], pydantic.Field(alias="directoryBatchSize") + ] = None + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + + deadletter_path: Annotated[ + Optional[str], pydantic.Field(alias="deadletterPath") + ] = None + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + + max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( + None + ) + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_partition_expr: Annotated[ + Optional[str], pydantic.Field(alias="__template_partitionExpr") + ] = None + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_base_file_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_baseFileName") + ] = None + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + + template_file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="__template_fileNameSuffix") + ] = None + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + template_parquet_schema: Annotated[ + Optional[str], pydantic.Field(alias="__template_parquetSchema") + ] = None + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.DataFormatOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptionsBlockDrop(value) + except ValueError: + return value + return value + + @field_serializer("on_disk_full_backpressure") + def serialize_on_disk_full_backpressure(self, value): + if isinstance(value, str): + try: + return models.DiskSpaceProtectionOptions(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsHTTP(value) + except ValueError: + return value + return value + + @field_serializer("compression_level") + def serialize_compression_level(self, value): + if isinstance(value, str): + try: + return models.CompressionLevelOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_version") + def serialize_parquet_version(self, value): + if isinstance(value, str): + try: + return models.ParquetVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_data_page_version") + def serialize_parquet_data_page_version(self, value): + if isinstance(value, str): + try: + return models.DataPageVersionOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "stagePath", + "addIdToStagePath", + "removeEmptyDirs", + "partitionExpr", + "format", + "baseFileName", + "fileNameSuffix", + "maxFileSizeMB", + "maxFileOpenTimeSec", + "maxFileIdleTimeSec", + "maxOpenFiles", + "headerLine", + "writeHighWaterMark", + "onBackpressure", + "deadletterEnabled", + "onDiskFullBackpressure", + "forceCloseOnShutdown", + "retrySettings", + "orphans", + "description", + "compress", + "compressionLevel", + "automaticSchema", + "parquetSchema", + "parquetVersion", + "parquetDataPageVersion", + "parquetRowGroupLength", + "parquetPageSize", + "shouldLogInvalidRows", + "keyValueMetadata", + "enableStatistics", + "enableWritePageIndex", + "enablePageChecksum", + "emptyDirCleanupSec", + "directoryBatchSize", + "deadletterPath", + "maxRetryNum", + "__template_streamtags", + "__template_partitionExpr", + "__template_format", + "__template_baseFileName", + "__template_fileNameSuffix", + "__template_onBackpressure", + "__template_compress", + "__template_parquetSchema", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeSignalfx(str, Enum): + SIGNALFX = "signalfx" + + +class CreateOutputPqControlsSignalfxTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsSignalfx(BaseModel): + pass + + +class CreateOutputOutputSignalfxTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeSignalfx + realm: str + r"""SignalFx realm name, e.g. \"us0\". For a complete list of available SignalFx realm names, please check [here](https://docs.splunk.com/observability/en/get-started/service-description.html#sd-regions).""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + token: NotRequired[str] + r"""SignalFx API access token (see [here](https://docs.signalfx.com/en/latest/admin-guide/tokens.html#working-with-access-tokens))""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsSignalfxTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputOutputSignalfx(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeSignalfx + + realm: str + r"""SignalFx realm name, e.g. \"us0\". For a complete list of available SignalFx realm names, please check [here](https://docs.splunk.com/observability/en/get-started/service-description.html#sd-regions).""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + token: Optional[str] = None + r"""SignalFx API access token (see [here](https://docs.signalfx.com/en/latest/admin-guide/tokens.html#working-with-access-tokens))""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsSignalfx], pydantic.Field(alias="pqControls") + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "authType", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "description", + "token", + "textSecret", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeWavefront(str, Enum): + WAVEFRONT = "wavefront" + + +class CreateOutputPqControlsWavefrontTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsWavefront(BaseModel): + pass + + +class CreateOutputOutputWavefrontTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeWavefront + domain: str + r"""WaveFront domain name, e.g. \"longboard\" """ + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + token: NotRequired[str] + r"""WaveFront API authentication token (see [here](https://docs.wavefront.com/wavefront_api.html#generating-an-api-token))""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsWavefrontTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputOutputWavefront(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeWavefront + + domain: str + r"""WaveFront domain name, e.g. \"longboard\" """ + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + token: Optional[str] = None + r"""WaveFront API authentication token (see [here](https://docs.wavefront.com/wavefront_api.html#generating-an-api-token))""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsWavefront], pydantic.Field(alias="pqControls") + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "authType", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "description", + "token", + "textSecret", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeTcpjson(str, Enum): + TCPJSON = "tcpjson" + + +class CreateOutputPqControlsTcpjsonTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsTcpjson(BaseModel): + pass + + +class CreateOutputOutputTcpjsonTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeTcpjson + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + load_balanced: NotRequired[bool] + r"""Use load-balanced destinations""" + compression: NotRequired[CompressionOptionsGzipNone] + r"""Codec to use to compress the data before sending""" + log_failed_requests: NotRequired[bool] + r"""Use to troubleshoot issues with sending data""" + throttle_rate_per_sec: NotRequired[str] + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] + connection_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + write_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + token_ttl_minutes: NotRequired[float] + r"""The number of minutes before the internally generated authentication token expires, valid values between 1 and 60""" + send_header: NotRequired[bool] + r"""Upon connection, send a header-like record containing the auth token and other metadata.This record will not contain an actual event – only subsequent records will.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + description: NotRequired[str] + host: NotRequired[str] + r"""The hostname of the receiver""" + port: NotRequired[float] + r"""The port to connect to on the provided host""" + exclude_self: NotRequired[bool] + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + hosts: NotRequired[List[HostConfOutputSyslogTypedDict]] + r"""Set of hosts to load-balance data to""" + dns_resolve_period_sec: NotRequired[float] + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + load_balance_stats_period_sec: NotRequired[float] + r"""How far back in time to keep traffic stats for load balancing purposes""" + max_concurrent_senders: NotRequired[float] + r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsTcpjsonTypedDict] + auth_token: NotRequired[str] + r"""Optional authentication token to include as part of the connection header""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_host: NotRequired[str] + r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" + template_port: NotRequired[str] + r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" + + +class CreateOutputOutputTcpjson(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeTcpjson + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( + None + ) + r"""Use load-balanced destinations""" + + compression: Optional[CompressionOptionsGzipNone] = None + r"""Codec to use to compress the data before sending""" + + log_failed_requests: Annotated[ + Optional[bool], pydantic.Field(alias="logFailedRequests") + ] = None + r"""Use to troubleshoot issues with sending data""" + + throttle_rate_per_sec: Annotated[ + Optional[str], pydantic.Field(alias="throttleRatePerSec") + ] = None + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + + write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( + None + ) + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + + token_ttl_minutes: Annotated[ + Optional[float], pydantic.Field(alias="tokenTTLMinutes") + ] = None + r"""The number of minutes before the internally generated authentication token expires, valid values between 1 and 60""" + + send_header: Annotated[Optional[bool], pydantic.Field(alias="sendHeader")] = None + r"""Upon connection, send a header-like record containing the auth token and other metadata.This record will not contain an actual event – only subsequent records will.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + description: Optional[str] = None + + host: Optional[str] = None + r"""The hostname of the receiver""" + + port: Optional[float] = None + r"""The port to connect to on the provided host""" + + exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + + hosts: Optional[List[HostConfOutputSyslog]] = None + r"""Set of hosts to load-balance data to""" + + dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") + ] = None + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + + load_balance_stats_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") + ] = None + r"""How far back in time to keep traffic stats for load balancing purposes""" + + max_concurrent_senders: Annotated[ + Optional[float], pydantic.Field(alias="maxConcurrentSenders") + ] = None + r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsTcpjson], pydantic.Field(alias="pqControls") + ] = None + + auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None + r"""Optional authentication token to include as part of the connection header""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_host: Annotated[Optional[str], pydantic.Field(alias="__template_host")] = ( + None + ) + r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" + + template_port: Annotated[Optional[str], pydantic.Field(alias="__template_port")] = ( + None + ) + r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" + + @field_serializer("compression") + def serialize_compression(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsGzipNone(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "loadBalanced", + "compression", + "logFailedRequests", + "throttleRatePerSec", + "tls", + "connectionTimeout", + "writeTimeout", + "tokenTTLMinutes", + "sendHeader", + "onBackpressure", + "authType", + "description", + "host", + "port", + "excludeSelf", + "hosts", + "dnsResolvePeriodSec", + "loadBalanceStatsPeriodSec", + "maxConcurrentSenders", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "authToken", + "textSecret", + "__template_streamtags", + "__template_onBackpressure", + "__template_host", + "__template_port", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeWizHec(str, Enum): + WIZ_HEC = "wiz_hec" + + +class CreateOutputPqControlsWizHecTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsWizHec(BaseModel): + pass + + +class CreateOutputOutputWizHecTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeWizHec + wiz_connector_id: str + r"""The unique identifier for the specific Cribl connector defined in your Wiz Settings. This is used to cross-validate the bearer token and ensure traffic is originating from the authorized integration.""" + wiz_environment: str + r"""Your Wiz deployment environment.""" + data_center: str + r"""Your Wiz deployment data center (e.g., us1, us8, eu1). From Tenant Info → Data Center and Regions → Tenant Data Center in your Wiz console.""" + wiz_sourcetype: str + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + next_queue: NotRequired[str] + r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" + tcp_routing: NotRequired[str] + r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict] + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsWizHecTypedDict] + token: NotRequired[str] + r"""Wiz Defend Auth token""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_wiz_environment: NotRequired[str] + r"""Binds 'wiz_environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_environment' at runtime.""" + template_data_center: NotRequired[str] + r"""Binds 'data_center' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'data_center' at runtime.""" + template_wiz_sourcetype: NotRequired[str] + r"""Binds 'wiz_sourcetype' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_sourcetype' at runtime.""" + + +class CreateOutputOutputWizHec(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeWizHec + + wiz_connector_id: str + r"""The unique identifier for the specific Cribl connector defined in your Wiz Settings. This is used to cross-validate the bearer token and ensure traffic is originating from the authorized integration.""" + + wiz_environment: str + r"""Your Wiz deployment environment.""" + + data_center: str + r"""Your Wiz deployment data center (e.g., us1, us8, eu1). From Tenant Info → Data Center and Regions → Tenant Data Center in your Wiz console.""" + + wiz_sourcetype: str + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + next_queue: Annotated[Optional[str], pydantic.Field(alias="nextQueue")] = None + r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" + + tcp_routing: Annotated[Optional[str], pydantic.Field(alias="tcpRouting")] = None + r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPathExtended] = None + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsWizHec], pydantic.Field(alias="pqControls") + ] = None + + token: Optional[str] = None + r"""Wiz Defend Auth token""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_wiz_environment: Annotated[ + Optional[str], pydantic.Field(alias="__template_wiz_environment") + ] = None + r"""Binds 'wiz_environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_environment' at runtime.""" + + template_data_center: Annotated[ + Optional[str], pydantic.Field(alias="__template_data_center") + ] = None + r"""Binds 'data_center' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'data_center' at runtime.""" + + template_wiz_sourcetype: Annotated[ + Optional[str], pydantic.Field(alias="__template_wiz_sourcetype") + ] = None + r"""Binds 'wiz_sourcetype' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_sourcetype' at runtime.""" + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "nextQueue", + "tcpRouting", + "tls", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "failedRequestLoggingMode", + "safeHeaders", + "authType", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "description", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "token", + "textSecret", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_wiz_environment", + "__template_data_center", + "__template_wiz_sourcetype", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeSplunkHec(str, Enum): + SPLUNK_HEC = "splunk_hec" + + +class CreateOutputURLSplunkHecTypedDict(TypedDict): + url: str + r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" + weight: NotRequired[float] + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + +class CreateOutputURLSplunkHec(BaseModel): + url: str + r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" + + weight: Optional[float] = None + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["weight", "__template_url"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputPqControlsSplunkHecTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsSplunkHec(BaseModel): + pass + + +class CreateOutputOutputSplunkHecTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeSplunkHec + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + load_balanced: NotRequired[bool] + r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" + next_queue: NotRequired[str] + r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" + tcp_routing: NotRequired[str] + r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict] + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + enable_multi_metrics: NotRequired[bool] + r"""Output metrics in multiple-metric format, supported in Splunk 8.0 and above to allow multiple metrics in a single event.""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + url: NotRequired[str] + r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + exclude_self: NotRequired[bool] + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + urls: NotRequired[List[CreateOutputURLSplunkHecTypedDict]] + dns_resolve_period_sec: NotRequired[float] + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + load_balance_stats_period_sec: NotRequired[float] + r"""How far back in time to keep traffic stats for load balancing purposes""" + token: NotRequired[str] + r"""Splunk HEC authentication token""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsSplunkHecTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + +class CreateOutputOutputSplunkHec(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeSplunkHec + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( + None + ) + r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" + + next_queue: Annotated[Optional[str], pydantic.Field(alias="nextQueue")] = None + r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" + + tcp_routing: Annotated[Optional[str], pydantic.Field(alias="tcpRouting")] = None + r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPathExtended] = None + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + enable_multi_metrics: Annotated[ + Optional[bool], pydantic.Field(alias="enableMultiMetrics") + ] = None + r"""Output metrics in multiple-metric format, supported in Splunk 8.0 and above to allow multiple metrics in a single event.""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + url: Optional[str] = None + r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + + urls: Optional[List[CreateOutputURLSplunkHec]] = None + + dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") + ] = None + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + + load_balance_stats_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") + ] = None + r"""How far back in time to keep traffic stats for load balancing purposes""" + + token: Optional[str] = None + r"""Splunk HEC authentication token""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsSplunkHec], pydantic.Field(alias="pqControls") + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "loadBalanced", + "nextQueue", + "tcpRouting", + "tls", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "failedRequestLoggingMode", + "safeHeaders", + "enableMultiMetrics", + "authType", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "description", + "url", + "useRoundRobinDns", + "excludeSelf", + "urls", + "dnsResolvePeriodSec", + "loadBalanceStatsPeriodSec", + "token", + "textSecret", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_url", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeSplunkLb(str, Enum): + SPLUNK_LB = "splunk_lb" + + +class CreateOutputAuthTokenTypedDict(TypedDict): + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + auth_token: NotRequired[str] + r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + + +class CreateOutputAuthToken(BaseModel): + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None + r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["authType", "authToken", "textSecret"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputIndexerDiscoveryConfigsTypedDict(TypedDict): + r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" + + site: str + r"""Clustering site of the indexers from where indexers need to be discovered. In case of single site cluster, it defaults to 'default' site.""" + master_uri: str + r"""Full URI of Splunk cluster manager (scheme://host:port). Example: https://managerAddress:8089""" + refresh_interval_sec: float + r"""Time interval, in seconds, between two consecutive indexer list fetches from cluster manager""" + reject_unauthorized: NotRequired[bool] + r"""During indexer discovery, reject cluster manager certificates that are not authorized by the system's CA. Disable to allow untrusted (for example, self-signed) certificates.""" + auth_tokens: NotRequired[List[CreateOutputAuthTokenTypedDict]] + r"""Tokens required to authenticate to cluster manager for indexer discovery""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + auth_token: NotRequired[str] + r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + + +class CreateOutputIndexerDiscoveryConfigs(BaseModel): + r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" + + site: str + r"""Clustering site of the indexers from where indexers need to be discovered. In case of single site cluster, it defaults to 'default' site.""" + + master_uri: Annotated[str, pydantic.Field(alias="masterUri")] + r"""Full URI of Splunk cluster manager (scheme://host:port). Example: https://managerAddress:8089""" + + refresh_interval_sec: Annotated[float, pydantic.Field(alias="refreshIntervalSec")] + r"""Time interval, in seconds, between two consecutive indexer list fetches from cluster manager""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""During indexer discovery, reject cluster manager certificates that are not authorized by the system's CA. Disable to allow untrusted (for example, self-signed) certificates.""" + + auth_tokens: Annotated[ + Optional[List[CreateOutputAuthToken]], pydantic.Field(alias="authTokens") + ] = None + r"""Tokens required to authenticate to cluster manager for indexer discovery""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None + r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + ["rejectUnauthorized", "authTokens", "authType", "authToken", "textSecret"] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputPqControlsSplunkLbTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsSplunkLb(BaseModel): + pass + + +class CreateOutputOutputSplunkLbTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeSplunkLb + hosts: List[HostConfOutputSyslogTypedDict] + r"""Set of Splunk indexers to load-balance data to.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + dns_resolve_period_sec: NotRequired[float] + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + load_balance_stats_period_sec: NotRequired[float] + r"""How far back in time to keep traffic stats for load balancing purposes""" + max_concurrent_senders: NotRequired[float] + r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" + nested_fields: NotRequired[NestedFieldSerializationOptions] + r"""How to serialize nested fields into index-time fields""" + throttle_rate_per_sec: NotRequired[str] + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + connection_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + write_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] + enable_multi_metrics: NotRequired[bool] + r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" + enable_ack: NotRequired[bool] + r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" + log_failed_requests: NotRequired[bool] + r"""Use to troubleshoot issues with sending data""" + max_s2_sversion: NotRequired[MaxS2SVersionOptions] + r"""The highest S2S protocol version to advertise during handshake""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + indexer_discovery: NotRequired[bool] + r"""Automatically discover indexers in indexer clustering environment.""" + sender_unhealthy_time_allowance: NotRequired[float] + r"""How long (in milliseconds) each LB endpoint can report blocked before the Destination reports unhealthy, blocking the sender. (Grace period for fluctuations.) Use 0 to disable; max 1 minute.""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + description: NotRequired[str] + max_failed_health_checks: NotRequired[float] + r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" + compress: NotRequired[CompressionOptions] + r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" + indexer_discovery_configs: NotRequired[CreateOutputIndexerDiscoveryConfigsTypedDict] + r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" + exclude_self: NotRequired[bool] + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsSplunkLbTypedDict] + auth_token: NotRequired[str] + r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_nested_fields: NotRequired[str] + r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" + template_max_s2_sversion: NotRequired[str] + r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + +class CreateOutputOutputSplunkLb(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeSplunkLb + + hosts: List[HostConfOutputSyslog] + r"""Set of Splunk indexers to load-balance data to.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") + ] = None + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + + load_balance_stats_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") + ] = None + r"""How far back in time to keep traffic stats for load balancing purposes""" + + max_concurrent_senders: Annotated[ + Optional[float], pydantic.Field(alias="maxConcurrentSenders") + ] = None + r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" + + nested_fields: Annotated[ + Optional[NestedFieldSerializationOptions], pydantic.Field(alias="nestedFields") + ] = None + r"""How to serialize nested fields into index-time fields""" + + throttle_rate_per_sec: Annotated[ + Optional[str], pydantic.Field(alias="throttleRatePerSec") + ] = None + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + + write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( + None + ) + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None + + enable_multi_metrics: Annotated[ + Optional[bool], pydantic.Field(alias="enableMultiMetrics") + ] = None + r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" + + enable_ack: Annotated[Optional[bool], pydantic.Field(alias="enableACK")] = None + r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" + + log_failed_requests: Annotated[ + Optional[bool], pydantic.Field(alias="logFailedRequests") + ] = None + r"""Use to troubleshoot issues with sending data""" + + max_s2_sversion: Annotated[ + Optional[MaxS2SVersionOptions], pydantic.Field(alias="maxS2Sversion") + ] = None + r"""The highest S2S protocol version to advertise during handshake""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + indexer_discovery: Annotated[ + Optional[bool], pydantic.Field(alias="indexerDiscovery") + ] = None + r"""Automatically discover indexers in indexer clustering environment.""" + + sender_unhealthy_time_allowance: Annotated[ + Optional[float], pydantic.Field(alias="senderUnhealthyTimeAllowance") + ] = None + r"""How long (in milliseconds) each LB endpoint can report blocked before the Destination reports unhealthy, blocking the sender. (Grace period for fluctuations.) Use 0 to disable; max 1 minute.""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + description: Optional[str] = None + + max_failed_health_checks: Annotated[ + Optional[float], pydantic.Field(alias="maxFailedHealthChecks") + ] = None + r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" + + compress: Optional[CompressionOptions] = None + r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" + + indexer_discovery_configs: Annotated[ + Optional[CreateOutputIndexerDiscoveryConfigs], + pydantic.Field(alias="indexerDiscoveryConfigs"), + ] = None + r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" + + exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsSplunkLb], pydantic.Field(alias="pqControls") + ] = None + + auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None + r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_nested_fields: Annotated[ + Optional[str], pydantic.Field(alias="__template_nestedFields") + ] = None + r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" + + template_max_s2_sversion: Annotated[ + Optional[str], pydantic.Field(alias="__template_maxS2Sversion") + ] = None + r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + @field_serializer("nested_fields") + def serialize_nested_fields(self, value): + if isinstance(value, str): + try: + return models.NestedFieldSerializationOptions(value) + except ValueError: + return value + return value + + @field_serializer("max_s2_sversion") + def serialize_max_s2_sversion(self, value): + if isinstance(value, str): + try: + return models.MaxS2SVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "dnsResolvePeriodSec", + "loadBalanceStatsPeriodSec", + "maxConcurrentSenders", + "nestedFields", + "throttleRatePerSec", + "connectionTimeout", + "writeTimeout", + "tls", + "enableMultiMetrics", + "enableACK", + "logFailedRequests", + "maxS2Sversion", + "onBackpressure", + "indexerDiscovery", + "senderUnhealthyTimeAllowance", + "authType", + "description", + "maxFailedHealthChecks", + "compress", + "indexerDiscoveryConfigs", + "excludeSelf", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "authToken", + "textSecret", + "__template_streamtags", + "__template_nestedFields", + "__template_maxS2Sversion", + "__template_onBackpressure", + "__template_compress", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeSplunk(str, Enum): + SPLUNK = "splunk" + + +class CreateOutputPqControlsSplunkTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsSplunk(BaseModel): + pass + + +class CreateOutputOutputSplunkTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeSplunk + host: str + r"""The hostname of the receiver""" + port: float + r"""The port to connect to on the provided host""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + nested_fields: NotRequired[NestedFieldSerializationOptions] + r"""How to serialize nested fields into index-time fields""" + throttle_rate_per_sec: NotRequired[str] + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + connection_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + write_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] + enable_multi_metrics: NotRequired[bool] + r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" + enable_ack: NotRequired[bool] + r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" + log_failed_requests: NotRequired[bool] + r"""Use to troubleshoot issues with sending data""" + max_s2_sversion: NotRequired[MaxS2SVersionOptions] + r"""The highest S2S protocol version to advertise during handshake""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + description: NotRequired[str] + max_failed_health_checks: NotRequired[float] + r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" + compress: NotRequired[CompressionOptions] + r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsSplunkTypedDict] + auth_token: NotRequired[str] + r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_host: NotRequired[str] + r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" + template_port: NotRequired[str] + r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" + template_nested_fields: NotRequired[str] + r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" + template_max_s2_sversion: NotRequired[str] + r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + +class CreateOutputOutputSplunk(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeSplunk + + host: str + r"""The hostname of the receiver""" + + port: float + r"""The port to connect to on the provided host""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + nested_fields: Annotated[ + Optional[NestedFieldSerializationOptions], pydantic.Field(alias="nestedFields") + ] = None + r"""How to serialize nested fields into index-time fields""" + + throttle_rate_per_sec: Annotated[ + Optional[str], pydantic.Field(alias="throttleRatePerSec") + ] = None + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + + write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( + None + ) + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None + + enable_multi_metrics: Annotated[ + Optional[bool], pydantic.Field(alias="enableMultiMetrics") + ] = None + r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" + + enable_ack: Annotated[Optional[bool], pydantic.Field(alias="enableACK")] = None + r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" + + log_failed_requests: Annotated[ + Optional[bool], pydantic.Field(alias="logFailedRequests") + ] = None + r"""Use to troubleshoot issues with sending data""" + + max_s2_sversion: Annotated[ + Optional[MaxS2SVersionOptions], pydantic.Field(alias="maxS2Sversion") + ] = None + r"""The highest S2S protocol version to advertise during handshake""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + description: Optional[str] = None + + max_failed_health_checks: Annotated[ + Optional[float], pydantic.Field(alias="maxFailedHealthChecks") + ] = None + r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" + + compress: Optional[CompressionOptions] = None + r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsSplunk], pydantic.Field(alias="pqControls") + ] = None + + auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None + r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_host: Annotated[Optional[str], pydantic.Field(alias="__template_host")] = ( + None + ) + r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" + + template_port: Annotated[Optional[str], pydantic.Field(alias="__template_port")] = ( + None + ) + r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" + + template_nested_fields: Annotated[ + Optional[str], pydantic.Field(alias="__template_nestedFields") + ] = None + r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" + + template_max_s2_sversion: Annotated[ + Optional[str], pydantic.Field(alias="__template_maxS2Sversion") + ] = None + r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + @field_serializer("nested_fields") + def serialize_nested_fields(self, value): + if isinstance(value, str): + try: + return models.NestedFieldSerializationOptions(value) + except ValueError: + return value + return value + + @field_serializer("max_s2_sversion") + def serialize_max_s2_sversion(self, value): + if isinstance(value, str): + try: + return models.MaxS2SVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "nestedFields", + "throttleRatePerSec", + "connectionTimeout", + "writeTimeout", + "tls", + "enableMultiMetrics", + "enableACK", + "logFailedRequests", + "maxS2Sversion", + "onBackpressure", + "authType", + "description", + "maxFailedHealthChecks", + "compress", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "authToken", + "textSecret", + "__template_streamtags", + "__template_host", + "__template_port", + "__template_nestedFields", + "__template_maxS2Sversion", + "__template_onBackpressure", + "__template_compress", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeSyslog(str, Enum): + SYSLOG = "syslog" + + +class CreateOutputProtocolSyslog(str, Enum, metaclass=utils.OpenEnumMeta): + r"""The network protocol to use for sending out syslog messages""" + + # TCP + TCP = "tcp" + # UDP + UDP = "udp" + + +class CreateOutputFacility(int, Enum, metaclass=utils.OpenEnumMeta): + r"""Default value for message facility. Will be overwritten by value of __facility if set. Defaults to user.""" + + # kern + KERN = 0 + # user + USER = 1 + # mail + MAIL = 2 + # daemon + DAEMON = 3 + # auth + AUTH = 4 + # syslog + SYSLOG = 5 + # lpr + LPR = 6 + # news + NEWS = 7 + # uucp + UUCP = 8 + # cron + CRON = 9 + # authpriv + AUTHPRIV = 10 + # ftp + FTP = 11 + # ntp + NTP = 12 + # security + SECURITY = 13 + # console + CONSOLE = 14 + # solaris-cron + SOLARIS_CRON = 15 + # local0 + LOCAL0 = 16 + # local1 + LOCAL1 = 17 + # local2 + LOCAL2 = 18 + # local3 + LOCAL3 = 19 + # local4 + LOCAL4 = 20 + # local5 + LOCAL5 = 21 + + +class CreateOutputSeveritySyslog(int, Enum, metaclass=utils.OpenEnumMeta): + r"""Default value for message severity. Will be overwritten by value of __severity if set. Defaults to notice.""" + + # emergency + EMERGENCY = 0 + # alert + ALERT = 1 + # critical + CRITICAL = 2 + # error + ERROR = 3 + # warning + WARNING = 4 + # notice + NOTICE = 5 + # info + INFO = 6 + # debug + DEBUG = 7 + + +class CreateOutputMessageFormat(str, Enum, metaclass=utils.OpenEnumMeta): + r"""The syslog message format depending on the receiver's support""" + + # RFC3164 + RFC3164 = "rfc3164" + # RFC5424 + RFC5424 = "rfc5424" + + +class CreateOutputTimestampFormat(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Timestamp format to use when serializing event's time field""" + + # Syslog + SYSLOG = "syslog" + # ISO8601 + ISO8601 = "iso8601" + + +class CreateOutputPqControlsSyslogTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsSyslog(BaseModel): + pass + + +class CreateOutputOutputSyslogTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeSyslog + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + protocol: NotRequired[CreateOutputProtocolSyslog] + r"""The network protocol to use for sending out syslog messages""" + facility: NotRequired[CreateOutputFacility] + r"""Default value for message facility. Will be overwritten by value of __facility if set. Defaults to user.""" + severity: NotRequired[CreateOutputSeveritySyslog] + r"""Default value for message severity. Will be overwritten by value of __severity if set. Defaults to notice.""" + app_name: NotRequired[str] + r"""Default name for device or application that originated the message. Defaults to Cribl, but will be overwritten by value of __appname if set.""" + message_format: NotRequired[CreateOutputMessageFormat] + r"""The syslog message format depending on the receiver's support""" + timestamp_format: NotRequired[CreateOutputTimestampFormat] + r"""Timestamp format to use when serializing event's time field""" + throttle_rate_per_sec: NotRequired[str] + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + octet_count_framing: NotRequired[bool] + r"""Prefix messages with the byte count of the message. If disabled, no prefix will be set, and the message will be appended with a \n.""" + log_failed_requests: NotRequired[bool] + r"""Use to troubleshoot issues with sending data""" + description: NotRequired[str] + load_balanced: NotRequired[bool] + r"""For optimal performance, enable load balancing even if you have one hostname, as it can expand to multiple IPs. If this setting is disabled, consider enabling round-robin DNS.""" + host: NotRequired[str] + r"""The hostname of the receiver""" + port: NotRequired[float] + r"""The port to connect to on the provided host""" + exclude_self: NotRequired[bool] + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + hosts: NotRequired[List[HostConfOutputSyslogTypedDict]] + r"""Set of hosts to load-balance data to""" + dns_resolve_period_sec: NotRequired[float] + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + load_balance_stats_period_sec: NotRequired[float] + r"""How far back in time to keep traffic stats for load balancing purposes""" + max_concurrent_senders: NotRequired[float] + r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" + connection_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + write_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + max_record_size: NotRequired[float] + r"""Maximum size of syslog messages. Make sure this value is less than or equal to the MTU to avoid UDP packet fragmentation.""" + udp_dns_resolve_period_sec: NotRequired[float] + r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every message sent will incur a DNS lookup.""" + enable_ip_spoofing: NotRequired[bool] + r"""Send Syslog traffic using the original event's Source IP and port. To enable this, you must install the external `udp-sender` helper binary at `/usr/bin/udp-sender` on all Worker Nodes and grant it the `CAP_NET_RAW` capability.""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsSyslogTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_host: NotRequired[str] + r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" + template_port: NotRequired[str] + r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputOutputSyslog(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeSyslog + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + protocol: Optional[CreateOutputProtocolSyslog] = None + r"""The network protocol to use for sending out syslog messages""" + + facility: Optional[CreateOutputFacility] = None + r"""Default value for message facility. Will be overwritten by value of __facility if set. Defaults to user.""" + + severity: Optional[CreateOutputSeveritySyslog] = None + r"""Default value for message severity. Will be overwritten by value of __severity if set. Defaults to notice.""" + + app_name: Annotated[Optional[str], pydantic.Field(alias="appName")] = None + r"""Default name for device or application that originated the message. Defaults to Cribl, but will be overwritten by value of __appname if set.""" + + message_format: Annotated[ + Optional[CreateOutputMessageFormat], pydantic.Field(alias="messageFormat") + ] = None + r"""The syslog message format depending on the receiver's support""" + + timestamp_format: Annotated[ + Optional[CreateOutputTimestampFormat], pydantic.Field(alias="timestampFormat") + ] = None + r"""Timestamp format to use when serializing event's time field""" + + throttle_rate_per_sec: Annotated[ + Optional[str], pydantic.Field(alias="throttleRatePerSec") + ] = None + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + + octet_count_framing: Annotated[ + Optional[bool], pydantic.Field(alias="octetCountFraming") + ] = None + r"""Prefix messages with the byte count of the message. If disabled, no prefix will be set, and the message will be appended with a \n.""" + + log_failed_requests: Annotated[ + Optional[bool], pydantic.Field(alias="logFailedRequests") + ] = None + r"""Use to troubleshoot issues with sending data""" + + description: Optional[str] = None + + load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( + None + ) + r"""For optimal performance, enable load balancing even if you have one hostname, as it can expand to multiple IPs. If this setting is disabled, consider enabling round-robin DNS.""" + + host: Optional[str] = None + r"""The hostname of the receiver""" + + port: Optional[float] = None + r"""The port to connect to on the provided host""" + + exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + + hosts: Optional[List[HostConfOutputSyslog]] = None + r"""Set of hosts to load-balance data to""" + + dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") + ] = None + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + + load_balance_stats_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") + ] = None + r"""How far back in time to keep traffic stats for load balancing purposes""" + + max_concurrent_senders: Annotated[ + Optional[float], pydantic.Field(alias="maxConcurrentSenders") + ] = None + r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + + write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( + None + ) + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + max_record_size: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSize") + ] = None + r"""Maximum size of syslog messages. Make sure this value is less than or equal to the MTU to avoid UDP packet fragmentation.""" + + udp_dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="udpDnsResolvePeriodSec") + ] = None + r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every message sent will incur a DNS lookup.""" + + enable_ip_spoofing: Annotated[ + Optional[bool], pydantic.Field(alias="enableIpSpoofing") + ] = None + r"""Send Syslog traffic using the original event's Source IP and port. To enable this, you must install the external `udp-sender` helper binary at `/usr/bin/udp-sender` on all Worker Nodes and grant it the `CAP_NET_RAW` capability.""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsSyslog], pydantic.Field(alias="pqControls") + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_host: Annotated[Optional[str], pydantic.Field(alias="__template_host")] = ( + None + ) + r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" + + template_port: Annotated[Optional[str], pydantic.Field(alias="__template_port")] = ( + None + ) + r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("protocol") + def serialize_protocol(self, value): + if isinstance(value, str): + try: + return models.CreateOutputProtocolSyslog(value) + except ValueError: + return value + return value + + @field_serializer("facility") + def serialize_facility(self, value): + if isinstance(value, str): + try: + return models.CreateOutputFacility(value) + except ValueError: + return value + return value + + @field_serializer("severity") + def serialize_severity(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSeveritySyslog(value) + except ValueError: + return value + return value + + @field_serializer("message_format") + def serialize_message_format(self, value): + if isinstance(value, str): + try: + return models.CreateOutputMessageFormat(value) + except ValueError: + return value + return value + + @field_serializer("timestamp_format") + def serialize_timestamp_format(self, value): + if isinstance(value, str): + try: + return models.CreateOutputTimestampFormat(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "protocol", + "facility", + "severity", + "appName", + "messageFormat", + "timestampFormat", + "throttleRatePerSec", + "octetCountFraming", + "logFailedRequests", + "description", + "loadBalanced", + "host", + "port", + "excludeSelf", + "hosts", + "dnsResolvePeriodSec", + "loadBalanceStatsPeriodSec", + "maxConcurrentSenders", + "connectionTimeout", + "writeTimeout", + "tls", + "onBackpressure", + "maxRecordSize", + "udpDnsResolvePeriodSec", + "enableIpSpoofing", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_host", + "__template_port", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeDevnull(str, Enum): + DEVNULL = "devnull" + + +class CreateOutputOutputDevnullTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeDevnull + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + +class CreateOutputOutputDevnull(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeDevnull + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "__template_streamtags", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputTypeSentinel(str, Enum): + SENTINEL = "sentinel" + + +class CreateOutputAuthType(str, Enum, metaclass=utils.OpenEnumMeta): + OAUTH = "oauth" + + +class CreateOutputEndpointConfiguration(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Enter the data collection endpoint URL or the individual ID""" + + # URL + URL = "url" + # ID + ID = "ID" + + +class CreateOutputFormatSentinel(str, Enum, metaclass=utils.OpenEnumMeta): + NDJSON = "ndjson" + JSON_ARRAY = "json_array" + CUSTOM = "custom" + ADVANCED = "advanced" + + +class CreateOutputPqControlsSentinelTypedDict(TypedDict): + pass + + +class CreateOutputPqControlsSentinel(BaseModel): + pass + + +class CreateOutputOutputSentinelTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputTypeSentinel + login_url: str + r"""URL for OAuth""" + secret: str + r"""Secret parameter value to pass in request body""" + client_id: str + r"""JavaScript expression to compute the Client ID for the Azure application. Can be a constant.""" + endpoint_url_configuration: CreateOutputEndpointConfiguration + r"""Enter the data collection endpoint URL or the individual ID""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + keep_alive: NotRequired[bool] + r"""Disable to close the connection immediately after sending the outgoing request""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size (KB) of the request body (defaults to the API's maximum limit of 1000 KB)""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[CreateOutputAuthType] + scope: NotRequired[str] + r"""Scope to pass in the OAuth request""" + total_memory_limit_kb: NotRequired[float] + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + description: NotRequired[str] + format_: NotRequired[CreateOutputFormatSentinel] + custom_source_expression: NotRequired[str] + r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" + custom_drop_when_null: NotRequired[bool] + r"""Whether to drop events when the source expression evaluates to null""" + custom_event_delimiter: NotRequired[str] + r"""Delimiter string to insert between individual events. Defaults to newline character.""" + custom_content_type: NotRequired[str] + r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" + custom_payload_expression: NotRequired[str] + r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" + advanced_content_type: NotRequired[str] + r"""HTTP content-type header value""" + format_event_code: NotRequired[str] + r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + format_payload_code: NotRequired[str] + r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputPqControlsSentinelTypedDict] + url: NotRequired[str] + r"""URL to send events to. Can be overwritten by an event's __url field.""" + dcr_id: NotRequired[str] + r"""Immutable ID for the Data Collection Rule (DCR)""" + dce_endpoint: NotRequired[str] + r"""Data collection endpoint (DCE) URL. In the format: `https://-..ingest.monitor.azure.com`""" + stream_name: NotRequired[str] + r"""The name of the stream (Sentinel table) in which to store the events""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + template_secret: NotRequired[str] + r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" + template_client_id: NotRequired[str] + r"""Binds 'client_id' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'client_id' at runtime.""" + template_scope: NotRequired[str] + r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + template_dcr_id: NotRequired[str] + r"""Binds 'dcrID' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dcrID' at runtime.""" + template_dce_endpoint: NotRequired[str] + r"""Binds 'dceEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dceEndpoint' at runtime.""" + template_stream_name: NotRequired[str] + r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" + + +class CreateOutputOutputSentinel(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputTypeSentinel + + login_url: Annotated[str, pydantic.Field(alias="loginUrl")] + r"""URL for OAuth""" + + secret: str + r"""Secret parameter value to pass in request body""" + + client_id: str + r"""JavaScript expression to compute the Client ID for the Azure application. Can be a constant.""" + + endpoint_url_configuration: Annotated[ + CreateOutputEndpointConfiguration, + pydantic.Field(alias="endpointURLConfiguration"), + ] + r"""Enter the data collection endpoint URL or the individual ID""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + keep_alive: Annotated[Optional[bool], pydantic.Field(alias="keepAlive")] = None + r"""Disable to close the connection immediately after sending the outgoing request""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size (KB) of the request body (defaults to the API's maximum limit of 1000 KB)""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[CreateOutputAuthType], pydantic.Field(alias="authType") + ] = None + + scope: Optional[str] = None + r"""Scope to pass in the OAuth request""" + + total_memory_limit_kb: Annotated[ + Optional[float], pydantic.Field(alias="totalMemoryLimitKB") + ] = None + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + + description: Optional[str] = None + + format_: Annotated[ + Optional[CreateOutputFormatSentinel], pydantic.Field(alias="format") + ] = None + + custom_source_expression: Annotated[ + Optional[str], pydantic.Field(alias="customSourceExpression") + ] = None + r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" + + custom_drop_when_null: Annotated[ + Optional[bool], pydantic.Field(alias="customDropWhenNull") + ] = None + r"""Whether to drop events when the source expression evaluates to null""" + + custom_event_delimiter: Annotated[ + Optional[str], pydantic.Field(alias="customEventDelimiter") + ] = None + r"""Delimiter string to insert between individual events. Defaults to newline character.""" + + custom_content_type: Annotated[ + Optional[str], pydantic.Field(alias="customContentType") + ] = None + r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" + + custom_payload_expression: Annotated[ + Optional[str], pydantic.Field(alias="customPayloadExpression") + ] = None + r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" + + advanced_content_type: Annotated[ + Optional[str], pydantic.Field(alias="advancedContentType") + ] = None + r"""HTTP content-type header value""" + + format_event_code: Annotated[ + Optional[str], pydantic.Field(alias="formatEventCode") + ] = None + r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + + format_payload_code: Annotated[ + Optional[str], pydantic.Field(alias="formatPayloadCode") + ] = None + r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputPqControlsSentinel], pydantic.Field(alias="pqControls") + ] = None + + url: Optional[str] = None + r"""URL to send events to. Can be overwritten by an event's __url field.""" + + dcr_id: Annotated[Optional[str], pydantic.Field(alias="dcrID")] = None + r"""Immutable ID for the Data Collection Rule (DCR)""" + + dce_endpoint: Annotated[Optional[str], pydantic.Field(alias="dceEndpoint")] = None + r"""Data collection endpoint (DCE) URL. In the format: `https://-..ingest.monitor.azure.com`""" + + stream_name: Annotated[Optional[str], pydantic.Field(alias="streamName")] = None + r"""The name of the stream (Sentinel table) in which to store the events""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + template_secret: Annotated[ + Optional[str], pydantic.Field(alias="__template_secret") + ] = None + r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" + + template_client_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_client_id") + ] = None + r"""Binds 'client_id' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'client_id' at runtime.""" + + template_scope: Annotated[ + Optional[str], pydantic.Field(alias="__template_scope") + ] = None + r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + template_dcr_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_dcrID") + ] = None + r"""Binds 'dcrID' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dcrID' at runtime.""" + + template_dce_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_dceEndpoint") + ] = None + r"""Binds 'dceEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dceEndpoint' at runtime.""" + + template_stream_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamName") + ] = None + r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.CreateOutputAuthType(value) + except ValueError: + return value + return value + + @field_serializer("endpoint_url_configuration") + def serialize_endpoint_url_configuration(self, value): + if isinstance(value, str): + try: + return models.CreateOutputEndpointConfiguration(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.CreateOutputFormatSentinel(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "keepAlive", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "authType", + "scope", + "totalMemoryLimitKB", + "description", + "format", + "customSourceExpression", + "customDropWhenNull", + "customEventDelimiter", + "customContentType", + "customPayloadExpression", + "advancedContentType", + "formatEventCode", + "formatPayloadCode", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "url", + "dcrID", + "dceEndpoint", + "streamName", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_loginUrl", + "__template_secret", + "__template_client_id", + "__template_scope", + "__template_url", + "__template_dcrID", + "__template_dceEndpoint", + "__template_streamName", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputOutputWebhookType2(str, Enum): + WEBHOOK = "webhook" + + +class CreateOutputOutputWebhookFormat2(str, Enum, metaclass=utils.OpenEnumMeta): + r"""How to format events before sending out""" + + # NDJSON (Newline Delimited JSON) + NDJSON = "ndjson" + # JSON Array + JSON_ARRAY = "json_array" + # Custom + CUSTOM = "custom" + # Advanced + ADVANCED = "advanced" + + +class CreateOutputOutputWebhookAuthenticationType2( + str, Enum, metaclass=utils.OpenEnumMeta +): + r"""Authentication method to use for the HTTP request""" + + # None + NONE = "none" + # Basic + BASIC = "basic" + # Basic (credentials secret) + CREDENTIALS_SECRET = "credentialsSecret" + # Token + TOKEN = "token" + # Token (text secret) + TEXT_SECRET = "textSecret" + # OAuth + OAUTH = "oauth" + + +class CreateOutputOutputWebhookPqControls2TypedDict(TypedDict): + pass + + +class CreateOutputOutputWebhookPqControls2(BaseModel): + pass + + +class CreateOutputOutputWebhookURL2TypedDict(TypedDict): + url: str + r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" + weight: NotRequired[float] + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + +class CreateOutputOutputWebhookURL2(BaseModel): + url: str + r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" + + weight: Optional[float] = None + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["weight", "__template_url"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputOutputWebhookWebhook2TypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputOutputWebhookType2 + urls: List[CreateOutputOutputWebhookURL2TypedDict] + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + method: NotRequired[MethodOptions] + r"""The method to use when sending events""" + format_: NotRequired[CreateOutputOutputWebhookFormat2] + r"""How to format events before sending out""" + keep_alive: NotRequired[bool] + r"""Disable to close the connection immediately after sending the outgoing request""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[CreateOutputOutputWebhookAuthenticationType2] + r"""Authentication method to use for the HTTP request""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict] + total_memory_limit_kb: NotRequired[float] + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + load_balanced: NotRequired[bool] + r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" + description: NotRequired[str] + custom_source_expression: NotRequired[str] + r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" + custom_drop_when_null: NotRequired[bool] + r"""Whether to drop events when the source expression evaluates to null""" + custom_event_delimiter: NotRequired[str] + r"""Delimiter string to insert between individual events. Defaults to newline character.""" + custom_content_type: NotRequired[str] + r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" + custom_payload_expression: NotRequired[str] + r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" + advanced_content_type: NotRequired[str] + r"""HTTP content-type header value""" + format_event_code: NotRequired[str] + r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + format_payload_code: NotRequired[str] + r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputOutputWebhookPqControls2TypedDict] + username: NotRequired[str] + password: NotRequired[str] + token: NotRequired[str] + r"""Bearer token to include in the authorization header""" + credentials_secret: NotRequired[str] + r"""Select or create a secret that references your credentials""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + login_url: NotRequired[str] + r"""URL for OAuth""" + secret_param_name: NotRequired[str] + r"""Secret parameter name to pass in request body""" + secret: NotRequired[str] + r"""Secret parameter value to pass in request body""" + token_attribute_name: NotRequired[str] + r"""Name of the auth token attribute in the OAuth response. Can be top-level (e.g., 'token'); or nested, using a period (e.g., 'data.token').""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression to compute the Authorization header value to pass in requests. The value `${token}` is used to reference the token obtained from authentication, e.g.: `Bearer ${token}`.""" + token_timeout_secs: NotRequired[float] + r"""How often the OAuth token should be refreshed.""" + oauth_params: NotRequired[List[OauthParamConfInputServicenowTableTypedDict]] + r"""Additional parameters to send in the OAuth login request. @{product} will combine the secret with these parameters, and will send the URL-encoded result in a POST request to the endpoint specified in the 'Login URL'. We'll automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" + oauth_headers: NotRequired[List[OauthHeaderConfInputServicenowTableTypedDict]] + r"""Additional headers to send in the OAuth login request. @{product} will automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" + url: NotRequired[str] + r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" + exclude_self: NotRequired[bool] + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + dns_resolve_period_sec: NotRequired[float] + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + load_balance_stats_period_sec: NotRequired[float] + r"""How far back in time to keep traffic stats for load balancing purposes""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + template_secret: NotRequired[str] + r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + +class CreateOutputOutputWebhookWebhook2(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputOutputWebhookType2 + + urls: List[CreateOutputOutputWebhookURL2] + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + method: Optional[MethodOptions] = None + r"""The method to use when sending events""" + + format_: Annotated[ + Optional[CreateOutputOutputWebhookFormat2], pydantic.Field(alias="format") + ] = None + r"""How to format events before sending out""" + + keep_alive: Annotated[Optional[bool], pydantic.Field(alias="keepAlive")] = None + r"""Disable to close the connection immediately after sending the outgoing request""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[CreateOutputOutputWebhookAuthenticationType2], + pydantic.Field(alias="authType"), + ] = None + r"""Authentication method to use for the HTTP request""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPathExtended] = None + + total_memory_limit_kb: Annotated[ + Optional[float], pydantic.Field(alias="totalMemoryLimitKB") + ] = None + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + + load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( + None + ) + r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" + + description: Optional[str] = None + + custom_source_expression: Annotated[ + Optional[str], pydantic.Field(alias="customSourceExpression") + ] = None + r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" + + custom_drop_when_null: Annotated[ + Optional[bool], pydantic.Field(alias="customDropWhenNull") + ] = None + r"""Whether to drop events when the source expression evaluates to null""" + + custom_event_delimiter: Annotated[ + Optional[str], pydantic.Field(alias="customEventDelimiter") + ] = None + r"""Delimiter string to insert between individual events. Defaults to newline character.""" + + custom_content_type: Annotated[ + Optional[str], pydantic.Field(alias="customContentType") + ] = None + r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" + + custom_payload_expression: Annotated[ + Optional[str], pydantic.Field(alias="customPayloadExpression") + ] = None + r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" + + advanced_content_type: Annotated[ + Optional[str], pydantic.Field(alias="advancedContentType") + ] = None + r"""HTTP content-type header value""" + + format_event_code: Annotated[ + Optional[str], pydantic.Field(alias="formatEventCode") + ] = None + r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + + format_payload_code: Annotated[ + Optional[str], pydantic.Field(alias="formatPayloadCode") + ] = None + r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputOutputWebhookPqControls2], + pydantic.Field(alias="pqControls"), + ] = None + + username: Optional[str] = None + + password: Optional[str] = None + + token: Optional[str] = None + r"""Bearer token to include in the authorization header""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a secret that references your credentials""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL for OAuth""" + + secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="secretParamName") + ] = None + r"""Secret parameter name to pass in request body""" + + secret: Optional[str] = None + r"""Secret parameter value to pass in request body""" + + token_attribute_name: Annotated[ + Optional[str], pydantic.Field(alias="tokenAttributeName") + ] = None + r"""Name of the auth token attribute in the OAuth response. Can be top-level (e.g., 'token'); or nested, using a period (e.g., 'data.token').""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression to compute the Authorization header value to pass in requests. The value `${token}` is used to reference the token obtained from authentication, e.g.: `Bearer ${token}`.""" + + token_timeout_secs: Annotated[ + Optional[float], pydantic.Field(alias="tokenTimeoutSecs") + ] = None + r"""How often the OAuth token should be refreshed.""" + + oauth_params: Annotated[ + Optional[List[OauthParamConfInputServicenowTable]], + pydantic.Field(alias="oauthParams"), + ] = None + r"""Additional parameters to send in the OAuth login request. @{product} will combine the secret with these parameters, and will send the URL-encoded result in a POST request to the endpoint specified in the 'Login URL'. We'll automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" + + oauth_headers: Annotated[ + Optional[List[OauthHeaderConfInputServicenowTable]], + pydantic.Field(alias="oauthHeaders"), + ] = None + r"""Additional headers to send in the OAuth login request. @{product} will automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" + + url: Optional[str] = None + r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" + + exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + + dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") + ] = None + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + + load_balance_stats_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") + ] = None + r"""How far back in time to keep traffic stats for load balancing purposes""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + template_secret: Annotated[ + Optional[str], pydantic.Field(alias="__template_secret") + ] = None + r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + @field_serializer("method") + def serialize_method(self, value): + if isinstance(value, str): + try: + return models.MethodOptions(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.CreateOutputOutputWebhookFormat2(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.CreateOutputOutputWebhookAuthenticationType2(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "method", + "format", + "keepAlive", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "authType", + "tls", + "totalMemoryLimitKB", + "loadBalanced", + "description", + "customSourceExpression", + "customDropWhenNull", + "customEventDelimiter", + "customContentType", + "customPayloadExpression", + "advancedContentType", + "formatEventCode", + "formatPayloadCode", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "username", + "password", + "token", + "credentialsSecret", + "textSecret", + "loginUrl", + "secretParamName", + "secret", + "tokenAttributeName", + "authHeaderExpr", + "tokenTimeoutSecs", + "oauthParams", + "oauthHeaders", + "url", + "excludeSelf", + "dnsResolvePeriodSec", + "loadBalanceStatsPeriodSec", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_loginUrl", + "__template_secret", + "__template_url", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputOutputWebhookType1(str, Enum): + WEBHOOK = "webhook" + + +class CreateOutputOutputWebhookFormat1(str, Enum, metaclass=utils.OpenEnumMeta): + r"""How to format events before sending out""" + + # NDJSON (Newline Delimited JSON) + NDJSON = "ndjson" + # JSON Array + JSON_ARRAY = "json_array" + # Custom + CUSTOM = "custom" + # Advanced + ADVANCED = "advanced" + + +class CreateOutputOutputWebhookAuthenticationType1( + str, Enum, metaclass=utils.OpenEnumMeta +): + r"""Authentication method to use for the HTTP request""" + + # None + NONE = "none" + # Basic + BASIC = "basic" + # Basic (credentials secret) + CREDENTIALS_SECRET = "credentialsSecret" + # Token + TOKEN = "token" + # Token (text secret) + TEXT_SECRET = "textSecret" + # OAuth + OAUTH = "oauth" + + +class CreateOutputOutputWebhookPqControls1TypedDict(TypedDict): + pass + + +class CreateOutputOutputWebhookPqControls1(BaseModel): + pass + + +class CreateOutputOutputWebhookURL1TypedDict(TypedDict): + url: str + r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" + weight: NotRequired[float] + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + +class CreateOutputOutputWebhookURL1(BaseModel): + url: str + r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" + + weight: Optional[float] = None + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["weight", "__template_url"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +try: + CreateOutputOutputStatsd.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputMinio.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputCloudwatch.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputInfluxdb.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputNewrelicEvents.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputNewrelic.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputElasticCloud.model_rebuild() +except NameError: + pass +try: + CreateOutputURLElastic.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputElastic.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputMsk.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputConfluentCloud.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputKafka.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputExabeam.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputGooglePubsub.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputGoogleCloudObservability.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputGoogleCloudLogging.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputGoogleCloudStorage.model_rebuild() +except NameError: + pass +try: + CreateOutputExtraLogType.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputGoogleChronicle.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputAzureEventhub.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputHoneycomb.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputKinesis.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputAzureLogs.model_rebuild() +except NameError: + pass +try: + CreateOutputCertificate.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputAzureDataExplorer.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputAzureBlob.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputS3.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputFilesystem.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputSignalfx.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputWavefront.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputTcpjson.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputWizHec.model_rebuild() +except NameError: + pass +try: + CreateOutputURLSplunkHec.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputSplunkHec.model_rebuild() +except NameError: + pass +try: + CreateOutputAuthToken.model_rebuild() +except NameError: + pass +try: + CreateOutputIndexerDiscoveryConfigs.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputSplunkLb.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputSplunk.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputSyslog.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputDevnull.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputSentinel.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputWebhookURL2.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputWebhookWebhook2.model_rebuild() +except NameError: + pass +try: + CreateOutputOutputWebhookURL1.model_rebuild() +except NameError: + pass diff --git a/src/cribl_control_plane/models/createoutput_request.py b/src/cribl_control_plane/models/createoutput_request.py index c279773e1..3c0d47190 100644 --- a/src/cribl_control_plane/models/createoutput_request.py +++ b/src/cribl_control_plane/models/createoutput_request.py @@ -1,34 +1,89 @@ """Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" from __future__ import annotations -from .acknowledgmentsoptions import AcknowledgmentsOptions -from .acknowledgmentsoptionsallleader import AcknowledgmentsOptionsAllLeader -from .authenticationmethodoptions import AuthenticationMethodOptions -from .authenticationmethodoptionsapi import AuthenticationMethodOptionsAPI -from .authenticationmethodoptionsauthtokensitems import ( - AuthenticationMethodOptionsAuthTokensItems, -) -from .authenticationmethodoptionss3collectorconf import ( - AuthenticationMethodOptionsS3CollectorConf, -) -from .authenticationtype import AuthenticationType, AuthenticationTypeTypedDict -from .authenticationtypeuse import AuthenticationTypeUse, AuthenticationTypeUseTypedDict -from .authtypetemplatemanualapikeyauthtype import ( - AuthTypeTemplatemanualAPIKeyAuthType, - AuthTypeTemplatemanualAPIKeyAuthTypeTypedDict, -) from .backpressurebehavioroptions import BackpressureBehaviorOptions -from .backpressurebehavioroptionsblockdrop import BackpressureBehaviorOptionsBlockDrop -from .certificatetypeazureblobauthtypeclientcert import ( - CertificateTypeAzureBlobAuthTypeClientCert, - CertificateTypeAzureBlobAuthTypeClientCertTypedDict, -) -from .compressionleveloptions import CompressionLevelOptions -from .compressionoptions import CompressionOptions -from .compressionoptionsgziplz4 import CompressionOptionsGzipLz4 -from .compressionoptionsgzipnone import CompressionOptionsGzipNone -from .compressionoptionshttp import CompressionOptionsHTTP from .compressionoptionspq import CompressionOptionsPq +from .createoutput_outputwebhook_url_1 import ( + CreateOutputOutputAzureBlob, + CreateOutputOutputAzureBlobTypedDict, + CreateOutputOutputAzureDataExplorer, + CreateOutputOutputAzureDataExplorerTypedDict, + CreateOutputOutputAzureEventhub, + CreateOutputOutputAzureEventhubTypedDict, + CreateOutputOutputAzureLogs, + CreateOutputOutputAzureLogsTypedDict, + CreateOutputOutputCloudwatch, + CreateOutputOutputCloudwatchTypedDict, + CreateOutputOutputConfluentCloud, + CreateOutputOutputConfluentCloudTypedDict, + CreateOutputOutputDevnull, + CreateOutputOutputDevnullTypedDict, + CreateOutputOutputElastic, + CreateOutputOutputElasticCloud, + CreateOutputOutputElasticCloudTypedDict, + CreateOutputOutputElasticTypedDict, + CreateOutputOutputExabeam, + CreateOutputOutputExabeamTypedDict, + CreateOutputOutputFilesystem, + CreateOutputOutputFilesystemTypedDict, + CreateOutputOutputGoogleChronicle, + CreateOutputOutputGoogleChronicleTypedDict, + CreateOutputOutputGoogleCloudLogging, + CreateOutputOutputGoogleCloudLoggingTypedDict, + CreateOutputOutputGoogleCloudObservability, + CreateOutputOutputGoogleCloudObservabilityTypedDict, + CreateOutputOutputGoogleCloudStorage, + CreateOutputOutputGoogleCloudStorageTypedDict, + CreateOutputOutputGooglePubsub, + CreateOutputOutputGooglePubsubTypedDict, + CreateOutputOutputHoneycomb, + CreateOutputOutputHoneycombTypedDict, + CreateOutputOutputInfluxdb, + CreateOutputOutputInfluxdbTypedDict, + CreateOutputOutputKafka, + CreateOutputOutputKafkaTypedDict, + CreateOutputOutputKinesis, + CreateOutputOutputKinesisTypedDict, + CreateOutputOutputMinio, + CreateOutputOutputMinioTypedDict, + CreateOutputOutputMsk, + CreateOutputOutputMskTypedDict, + CreateOutputOutputNewrelic, + CreateOutputOutputNewrelicEvents, + CreateOutputOutputNewrelicEventsTypedDict, + CreateOutputOutputNewrelicTypedDict, + CreateOutputOutputS3, + CreateOutputOutputS3TypedDict, + CreateOutputOutputSentinel, + CreateOutputOutputSentinelTypedDict, + CreateOutputOutputSignalfx, + CreateOutputOutputSignalfxTypedDict, + CreateOutputOutputSplunk, + CreateOutputOutputSplunkHec, + CreateOutputOutputSplunkHecTypedDict, + CreateOutputOutputSplunkLb, + CreateOutputOutputSplunkLbTypedDict, + CreateOutputOutputSplunkTypedDict, + CreateOutputOutputStatsd, + CreateOutputOutputStatsdTypedDict, + CreateOutputOutputSyslog, + CreateOutputOutputSyslogTypedDict, + CreateOutputOutputTcpjson, + CreateOutputOutputTcpjsonTypedDict, + CreateOutputOutputWavefront, + CreateOutputOutputWavefrontTypedDict, + CreateOutputOutputWebhookAuthenticationType1, + CreateOutputOutputWebhookFormat1, + CreateOutputOutputWebhookPqControls1, + CreateOutputOutputWebhookPqControls1TypedDict, + CreateOutputOutputWebhookType1, + CreateOutputOutputWebhookURL1, + CreateOutputOutputWebhookURL1TypedDict, + CreateOutputOutputWebhookWebhook2, + CreateOutputOutputWebhookWebhook2TypedDict, + CreateOutputOutputWizHec, + CreateOutputOutputWizHecTypedDict, +) from .createoutput_type_statsd import ( CreateOutputOutputAlibabaCloudS3, CreateOutputOutputAlibabaCloudS3TypedDict, @@ -55,17767 +110,102 @@ CreateOutputOutputDatabricks, CreateOutputOutputDatabricksTypedDict, CreateOutputOutputDatadog, - CreateOutputOutputDatadogTypedDict, - CreateOutputOutputDataset, - CreateOutputOutputDatasetTypedDict, - CreateOutputOutputDellS3, - CreateOutputOutputDellS3TypedDict, - CreateOutputOutputDiskSpool, - CreateOutputOutputDiskSpoolTypedDict, - CreateOutputOutputDlS3, - CreateOutputOutputDlS3TypedDict, - CreateOutputOutputDynatraceHTTP, - CreateOutputOutputDynatraceHTTPTypedDict, - CreateOutputOutputDynatraceOtlp, - CreateOutputOutputDynatraceOtlpTypedDict, - CreateOutputOutputGrafanaCloudUnion, - CreateOutputOutputGrafanaCloudUnionTypedDict, - CreateOutputOutputGraphite, - CreateOutputOutputGraphiteTypedDict, - CreateOutputOutputHumioHec, - CreateOutputOutputHumioHecTypedDict, - CreateOutputOutputLocalSearchStorage, - CreateOutputOutputLocalSearchStorageTypedDict, - CreateOutputOutputLoki, - CreateOutputOutputLokiTypedDict, - CreateOutputOutputMicrosoftFabric, - CreateOutputOutputMicrosoftFabricTypedDict, - CreateOutputOutputNetflow, - CreateOutputOutputNetflowTypedDict, - CreateOutputOutputNutanixObjects, - CreateOutputOutputNutanixObjectsTypedDict, - CreateOutputOutputOpenTelemetry, - CreateOutputOutputOpenTelemetryTypedDict, - CreateOutputOutputPrometheus, - CreateOutputOutputPrometheusTypedDict, - CreateOutputOutputRing, - CreateOutputOutputRingTypedDict, - CreateOutputOutputRouter, - CreateOutputOutputRouterTypedDict, - CreateOutputOutputScalityS3, - CreateOutputOutputScalityS3TypedDict, - CreateOutputOutputSecurityLake, - CreateOutputOutputSecurityLakeTypedDict, - CreateOutputOutputSentinelOneAiSiem, - CreateOutputOutputSentinelOneAiSiemTypedDict, - CreateOutputOutputServiceNow, - CreateOutputOutputServiceNowTypedDict, - CreateOutputOutputSnmp, - CreateOutputOutputSnmpTypedDict, - CreateOutputOutputSns, - CreateOutputOutputSnsTypedDict, - CreateOutputOutputSqs, - CreateOutputOutputSqsTypedDict, - CreateOutputOutputStatsdExt, - CreateOutputOutputStatsdExtTypedDict, - CreateOutputOutputStorjS3, - CreateOutputOutputStorjS3TypedDict, - CreateOutputOutputSumoLogic, - CreateOutputOutputSumoLogicTypedDict, - CreateOutputOutputXsiam, - CreateOutputOutputXsiamTypedDict, - CreateOutputTypeStatsd, -) -from .dataformatoptions import DataFormatOptions -from .datapageversionoptions import DataPageVersionOptions -from .destinationprotocoloptions import DestinationProtocolOptions -from .diskspaceprotectionoptions import DiskSpaceProtectionOptions -from .extrahttpheaderconfinputelastic import ( - ExtraHTTPHeaderConfInputElastic, - ExtraHTTPHeaderConfInputElasticTypedDict, -) -from .failedrequestloggingmodeoptions import FailedRequestLoggingModeOptions -from .googleauthenticationmethodoptions import GoogleAuthenticationMethodOptions -from .hostconfoutputsyslog import HostConfOutputSyslog, HostConfOutputSyslogTypedDict -from .kafkaschemaregistryauthenticationtypetemplateschemaregistryurlauth import ( - KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth, - KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict, -) -from .keyvaluemetadataconfoutputfilesystem import ( - KeyValueMetadataConfOutputFilesystem, - KeyValueMetadataConfOutputFilesystemTypedDict, -) -from .loglabelconfoutputgooglecloudlogging import ( - LogLabelConfOutputGoogleCloudLogging, - LogLabelConfOutputGoogleCloudLoggingTypedDict, -) -from .maxs2sversionoptions import MaxS2SVersionOptions -from .methodoptions import MethodOptions -from .microsoftentraidauthenticationendpointoptionssasl import ( - MicrosoftEntraIDAuthenticationEndpointOptionsSasl, -) -from .modeoptions import ModeOptions -from .nestedfieldserializationoptions import NestedFieldSerializationOptions -from .oauthheaderconfinputservicenowtable import ( - OauthHeaderConfInputServicenowTable, - OauthHeaderConfInputServicenowTableTypedDict, -) -from .oauthparamconfinputservicenowtable import ( - OauthParamConfInputServicenowTable, - OauthParamConfInputServicenowTableTypedDict, -) -from .objectacloptions import ObjectACLOptions -from .objectacloptionsauthenticatedreadbucketownerfullcontrol import ( - ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol, -) -from .orphanfilerecoverytype import ( - OrphanFileRecoveryType, - OrphanFileRecoveryTypeTypedDict, -) -from .parquetversionoptions import ParquetVersionOptions -from .queuefullbehavioroptions import QueueFullBehaviorOptions -from .recorddataformatoptions import RecordDataFormatOptions -from .recorddataformatoptionsjsonprotobuf import RecordDataFormatOptionsJSONProtobuf -from .regionoptions import RegionOptions -from .responseretrysettingconfoutputwebhook import ( - ResponseRetrySettingConfOutputWebhook, - ResponseRetrySettingConfOutputWebhookTypedDict, -) -from .retrysettingstype import RetrySettingsType, RetrySettingsTypeTypedDict -from .saslextensionconfinputkafka import ( - SaslExtensionConfInputKafka, - SaslExtensionConfInputKafkaTypedDict, -) -from .serversideencryptionforuploadedobjectsoptions import ( - ServerSideEncryptionForUploadedObjectsOptions, -) -from .serversideencryptionforuploadedobjectsoptionsaes256 import ( - ServerSideEncryptionForUploadedObjectsOptionsAes256, -) -from .storageclassoptions import StorageClassOptions -from .storageclassoptionsarchivecoldline import StorageClassOptionsArchiveColdline -from .storageclassoptionsreducedredundancystandard import ( - StorageClassOptionsReducedredundancyStandard, -) -from .timeoutretrysettingstype import ( - TimeoutRetrySettingsType, - TimeoutRetrySettingsTypeTypedDict, -) -from .tlssettingsclientsidetype import ( - TLSSettingsClientSideType, - TLSSettingsClientSideTypeTypedDict, -) -from .tlssettingsclientsidetypecapathcertpath import ( - TLSSettingsClientSideTypeCaPathCertPath, - TLSSettingsClientSideTypeCaPathCertPathTypedDict, -) -from .tlssettingsclientsidetypecapathcertpathextended import ( - TLSSettingsClientSideTypeCaPathCertPathExtended, - TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict, -) -from cribl_control_plane import models, utils -from cribl_control_plane.types import BaseModel, Nullable, UNSET_SENTINEL -from cribl_control_plane.utils import get_discriminator -from enum import Enum -import pydantic -from pydantic import Discriminator, Tag, field_serializer, model_serializer -from typing import List, Optional, Union -from typing_extensions import Annotated, NotRequired, TypeAliasType, TypedDict - - -class CreateOutputPqControlsStatsdTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsStatsd(BaseModel): - pass - - -class CreateOutputOutputStatsdTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeStatsd - protocol: DestinationProtocolOptions - r"""Protocol to use when communicating with the destination.""" - host: str - r"""The hostname of the destination.""" - port: float - r"""Destination port.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - mtu: NotRequired[float] - r"""When protocol is UDP, specifies the maximum size of packets sent to the destination. Also known as the MTU for the network path to the destination system.""" - flush_period_sec: NotRequired[float] - r"""When protocol is TCP, specifies how often buffers should be flushed, resulting in records sent to the destination.""" - dns_resolve_period_sec: NotRequired[float] - r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every batch sent will incur a DNS lookup.""" - description: NotRequired[str] - throttle_rate_per_sec: NotRequired[str] - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - connection_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - write_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsStatsdTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputOutputStatsd(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeStatsd - - protocol: DestinationProtocolOptions - r"""Protocol to use when communicating with the destination.""" - - host: str - r"""The hostname of the destination.""" - - port: float - r"""Destination port.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - mtu: Optional[float] = None - r"""When protocol is UDP, specifies the maximum size of packets sent to the destination. Also known as the MTU for the network path to the destination system.""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""When protocol is TCP, specifies how often buffers should be flushed, resulting in records sent to the destination.""" - - dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") - ] = None - r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every batch sent will incur a DNS lookup.""" - - description: Optional[str] = None - - throttle_rate_per_sec: Annotated[ - Optional[str], pydantic.Field(alias="throttleRatePerSec") - ] = None - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - - write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( - None - ) - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsStatsd], pydantic.Field(alias="pqControls") - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("protocol") - def serialize_protocol(self, value): - if isinstance(value, str): - try: - return models.DestinationProtocolOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "mtu", - "flushPeriodSec", - "dnsResolvePeriodSec", - "description", - "throttleRatePerSec", - "connectionTimeout", - "writeTimeout", - "onBackpressure", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeMinio(str, Enum): - MINIO = "minio" - - -class CreateOutputOutputMinioTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeMinio - bucket: str - r"""Name of the destination MinIO bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" - stage_path: str - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - endpoint: str - r"""MinIO service url (e.g. http://minioHost:9000)""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] - r"""AWS authentication method. Choose Auto to use IAM roles.""" - reuse_connections: NotRequired[bool] - r"""Reuse connections between requests, which can improve performance""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - region: NotRequired[str] - r"""Region where the MinIO bucket is located""" - dest_path: NotRequired[str] - r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" - max_concurrent_file_parts: NotRequired[float] - r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" - verify_permissions: NotRequired[bool] - r"""Disable if you can access files within the bucket but not the bucket itself""" - max_closing_files_to_backpressure: NotRequired[float] - r"""Maximum number of files that can be waiting for upload before backpressure is applied""" - add_id_to_stage_path: NotRequired[bool] - r"""Add the Output ID value to staging location""" - remove_empty_dirs: NotRequired[bool] - r"""Remove empty staging directories after moving files""" - partition_expr: NotRequired[str] - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - format_: NotRequired[DataFormatOptions] - r"""Format of the output data""" - base_file_name: NotRequired[str] - r"""JavaScript expression to define the output filename prefix (can be constant)""" - file_name_suffix: NotRequired[str] - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - max_file_size_mb: NotRequired[float] - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - max_file_open_time_sec: NotRequired[float] - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - max_file_idle_time_sec: NotRequired[float] - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - max_open_files: NotRequired[float] - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - header_line: NotRequired[str] - r"""If set, this line will be written to the beginning of each output file""" - write_high_water_mark: NotRequired[float] - r"""Buffer size used to write to a file""" - on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] - r"""How to handle events when all receivers are exerting backpressure""" - deadletter_enabled: NotRequired[bool] - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - force_close_on_shutdown: NotRequired[bool] - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - retry_settings: NotRequired[RetrySettingsTypeTypedDict] - orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] - aws_secret_key: NotRequired[str] - r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" - object_acl: NotRequired[ObjectACLOptions] - r"""Object ACL to assign to uploaded objects""" - storage_class: NotRequired[StorageClassOptionsReducedredundancyStandard] - r"""Storage class to select for uploaded objects""" - server_side_encryption: NotRequired[ - ServerSideEncryptionForUploadedObjectsOptionsAes256 - ] - r"""Server-side encryption to use for uploaded objects""" - description: NotRequired[str] - aws_api_key: NotRequired[str] - r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" - aws_secret: NotRequired[str] - r"""Select or create a stored secret that references your access key and secret key""" - compress: NotRequired[CompressionOptionsHTTP] - r"""Data compression format to apply to HTTP content before it is delivered""" - compression_level: NotRequired[CompressionLevelOptions] - r"""Compression level to apply before moving files to final destination""" - automatic_schema: NotRequired[bool] - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - parquet_schema: NotRequired[str] - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - parquet_version: NotRequired[ParquetVersionOptions] - r"""Determines which data types are supported and how they are represented""" - parquet_data_page_version: NotRequired[DataPageVersionOptions] - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - parquet_row_group_length: NotRequired[float] - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - parquet_page_size: NotRequired[str] - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - should_log_invalid_rows: NotRequired[bool] - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - enable_statistics: NotRequired[bool] - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - enable_write_page_index: NotRequired[bool] - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - enable_page_checksum: NotRequired[bool] - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - empty_dir_cleanup_sec: NotRequired[float] - r"""How frequently, in seconds, to clean up empty directories""" - directory_batch_size: NotRequired[float] - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - deadletter_path: NotRequired[str] - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - max_retry_num: NotRequired[float] - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_bucket: NotRequired[str] - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_dest_path: NotRequired[str] - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - template_partition_expr: NotRequired[str] - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_base_file_name: NotRequired[str] - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - template_file_name_suffix: NotRequired[str] - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_aws_secret_key: NotRequired[str] - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - template_object_acl: NotRequired[str] - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - template_storage_class: NotRequired[str] - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - template_server_side_encryption: NotRequired[str] - r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" - template_aws_api_key: NotRequired[str] - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - template_parquet_schema: NotRequired[str] - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - -class CreateOutputOutputMinio(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeMinio - - bucket: str - r"""Name of the destination MinIO bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" - - stage_path: Annotated[str, pydantic.Field(alias="stagePath")] - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - - endpoint: str - r"""MinIO service url (e.g. http://minioHost:9000)""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - aws_authentication_method: Annotated[ - Optional[AuthenticationMethodOptionsS3CollectorConf], - pydantic.Field(alias="awsAuthenticationMethod"), - ] = None - r"""AWS authentication method. Choose Auto to use IAM roles.""" - - reuse_connections: Annotated[ - Optional[bool], pydantic.Field(alias="reuseConnections") - ] = None - r"""Reuse connections between requests, which can improve performance""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - - region: Optional[str] = None - r"""Region where the MinIO bucket is located""" - - dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None - r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" - - max_concurrent_file_parts: Annotated[ - Optional[float], pydantic.Field(alias="maxConcurrentFileParts") - ] = None - r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" - - verify_permissions: Annotated[ - Optional[bool], pydantic.Field(alias="verifyPermissions") - ] = None - r"""Disable if you can access files within the bucket but not the bucket itself""" - - max_closing_files_to_backpressure: Annotated[ - Optional[float], pydantic.Field(alias="maxClosingFilesToBackpressure") - ] = None - r"""Maximum number of files that can be waiting for upload before backpressure is applied""" - - add_id_to_stage_path: Annotated[ - Optional[bool], pydantic.Field(alias="addIdToStagePath") - ] = None - r"""Add the Output ID value to staging location""" - - remove_empty_dirs: Annotated[ - Optional[bool], pydantic.Field(alias="removeEmptyDirs") - ] = None - r"""Remove empty staging directories after moving files""" - - partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( - None - ) - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - - format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( - None - ) - r"""Format of the output data""" - - base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( - None - ) - r"""JavaScript expression to define the output filename prefix (can be constant)""" - - file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="fileNameSuffix") - ] = None - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - - max_file_size_mb: Annotated[ - Optional[float], pydantic.Field(alias="maxFileSizeMB") - ] = None - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - - max_file_open_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") - ] = None - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - - max_file_idle_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") - ] = None - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - - max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( - None - ) - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - - header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None - r"""If set, this line will be written to the beginning of each output file""" - - write_high_water_mark: Annotated[ - Optional[float], pydantic.Field(alias="writeHighWaterMark") - ] = None - r"""Buffer size used to write to a file""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptionsBlockDrop], - pydantic.Field(alias="onBackpressure"), - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - deadletter_enabled: Annotated[ - Optional[bool], pydantic.Field(alias="deadletterEnabled") - ] = None - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - - on_disk_full_backpressure: Annotated[ - Optional[DiskSpaceProtectionOptions], - pydantic.Field(alias="onDiskFullBackpressure"), - ] = None - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - - force_close_on_shutdown: Annotated[ - Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") - ] = None - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - - retry_settings: Annotated[ - Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") - ] = None - - orphans: Optional[OrphanFileRecoveryType] = None - - aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( - None - ) - r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" - - object_acl: Annotated[ - Optional[ObjectACLOptions], pydantic.Field(alias="objectACL") - ] = None - r"""Object ACL to assign to uploaded objects""" - - storage_class: Annotated[ - Optional[StorageClassOptionsReducedredundancyStandard], - pydantic.Field(alias="storageClass"), - ] = None - r"""Storage class to select for uploaded objects""" - - server_side_encryption: Annotated[ - Optional[ServerSideEncryptionForUploadedObjectsOptionsAes256], - pydantic.Field(alias="serverSideEncryption"), - ] = None - r"""Server-side encryption to use for uploaded objects""" - - description: Optional[str] = None - - aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None - r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" - - aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None - r"""Select or create a stored secret that references your access key and secret key""" - - compress: Optional[CompressionOptionsHTTP] = None - r"""Data compression format to apply to HTTP content before it is delivered""" - - compression_level: Annotated[ - Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") - ] = None - r"""Compression level to apply before moving files to final destination""" - - automatic_schema: Annotated[ - Optional[bool], pydantic.Field(alias="automaticSchema") - ] = None - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - - parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( - None - ) - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - - parquet_version: Annotated[ - Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") - ] = None - r"""Determines which data types are supported and how they are represented""" - - parquet_data_page_version: Annotated[ - Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") - ] = None - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - - parquet_row_group_length: Annotated[ - Optional[float], pydantic.Field(alias="parquetRowGroupLength") - ] = None - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - - parquet_page_size: Annotated[ - Optional[str], pydantic.Field(alias="parquetPageSize") - ] = None - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - - should_log_invalid_rows: Annotated[ - Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") - ] = None - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - - key_value_metadata: Annotated[ - Optional[List[KeyValueMetadataConfOutputFilesystem]], - pydantic.Field(alias="keyValueMetadata"), - ] = None - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - - enable_statistics: Annotated[ - Optional[bool], pydantic.Field(alias="enableStatistics") - ] = None - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - - enable_write_page_index: Annotated[ - Optional[bool], pydantic.Field(alias="enableWritePageIndex") - ] = None - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - - enable_page_checksum: Annotated[ - Optional[bool], pydantic.Field(alias="enablePageChecksum") - ] = None - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - - empty_dir_cleanup_sec: Annotated[ - Optional[float], pydantic.Field(alias="emptyDirCleanupSec") - ] = None - r"""How frequently, in seconds, to clean up empty directories""" - - directory_batch_size: Annotated[ - Optional[float], pydantic.Field(alias="directoryBatchSize") - ] = None - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - - deadletter_path: Annotated[ - Optional[str], pydantic.Field(alias="deadletterPath") - ] = None - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - - max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( - None - ) - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_bucket: Annotated[ - Optional[str], pydantic.Field(alias="__template_bucket") - ] = None - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_dest_path: Annotated[ - Optional[str], pydantic.Field(alias="__template_destPath") - ] = None - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - - template_partition_expr: Annotated[ - Optional[str], pydantic.Field(alias="__template_partitionExpr") - ] = None - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_base_file_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_baseFileName") - ] = None - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - - template_file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="__template_fileNameSuffix") - ] = None - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_aws_secret_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsSecretKey") - ] = None - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - - template_object_acl: Annotated[ - Optional[str], pydantic.Field(alias="__template_objectACL") - ] = None - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - - template_storage_class: Annotated[ - Optional[str], pydantic.Field(alias="__template_storageClass") - ] = None - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - - template_server_side_encryption: Annotated[ - Optional[str], pydantic.Field(alias="__template_serverSideEncryption") - ] = None - r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" - - template_aws_api_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsApiKey") - ] = None - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - template_parquet_schema: Annotated[ - Optional[str], pydantic.Field(alias="__template_parquetSchema") - ] = None - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - @field_serializer("aws_authentication_method") - def serialize_aws_authentication_method(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsS3CollectorConf(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.DataFormatOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptionsBlockDrop(value) - except ValueError: - return value - return value - - @field_serializer("on_disk_full_backpressure") - def serialize_on_disk_full_backpressure(self, value): - if isinstance(value, str): - try: - return models.DiskSpaceProtectionOptions(value) - except ValueError: - return value - return value - - @field_serializer("object_acl") - def serialize_object_acl(self, value): - if isinstance(value, str): - try: - return models.ObjectACLOptions(value) - except ValueError: - return value - return value - - @field_serializer("storage_class") - def serialize_storage_class(self, value): - if isinstance(value, str): - try: - return models.StorageClassOptionsReducedredundancyStandard(value) - except ValueError: - return value - return value - - @field_serializer("server_side_encryption") - def serialize_server_side_encryption(self, value): - if isinstance(value, str): - try: - return models.ServerSideEncryptionForUploadedObjectsOptionsAes256(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsHTTP(value) - except ValueError: - return value - return value - - @field_serializer("compression_level") - def serialize_compression_level(self, value): - if isinstance(value, str): - try: - return models.CompressionLevelOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_version") - def serialize_parquet_version(self, value): - if isinstance(value, str): - try: - return models.ParquetVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_data_page_version") - def serialize_parquet_data_page_version(self, value): - if isinstance(value, str): - try: - return models.DataPageVersionOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "awsAuthenticationMethod", - "reuseConnections", - "rejectUnauthorized", - "region", - "destPath", - "maxConcurrentFileParts", - "verifyPermissions", - "maxClosingFilesToBackpressure", - "addIdToStagePath", - "removeEmptyDirs", - "partitionExpr", - "format", - "baseFileName", - "fileNameSuffix", - "maxFileSizeMB", - "maxFileOpenTimeSec", - "maxFileIdleTimeSec", - "maxOpenFiles", - "headerLine", - "writeHighWaterMark", - "onBackpressure", - "deadletterEnabled", - "onDiskFullBackpressure", - "forceCloseOnShutdown", - "retrySettings", - "orphans", - "awsSecretKey", - "objectACL", - "storageClass", - "serverSideEncryption", - "description", - "awsApiKey", - "awsSecret", - "compress", - "compressionLevel", - "automaticSchema", - "parquetSchema", - "parquetVersion", - "parquetDataPageVersion", - "parquetRowGroupLength", - "parquetPageSize", - "shouldLogInvalidRows", - "keyValueMetadata", - "enableStatistics", - "enableWritePageIndex", - "enablePageChecksum", - "emptyDirCleanupSec", - "directoryBatchSize", - "deadletterPath", - "maxRetryNum", - "__template_streamtags", - "__template_bucket", - "__template_region", - "__template_destPath", - "__template_partitionExpr", - "__template_format", - "__template_baseFileName", - "__template_fileNameSuffix", - "__template_onBackpressure", - "__template_awsSecretKey", - "__template_objectACL", - "__template_storageClass", - "__template_serverSideEncryption", - "__template_awsApiKey", - "__template_compress", - "__template_parquetSchema", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeCloudwatch(str, Enum): - CLOUDWATCH = "cloudwatch" - - -class CreateOutputPqControlsCloudwatchTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsCloudwatch(BaseModel): - pass - - -class CreateOutputOutputCloudwatchTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeCloudwatch - log_group_name: str - r"""CloudWatch log group to associate events with""" - log_stream_name: str - r"""Prefix for CloudWatch log stream name. This prefix will be used to generate a unique log stream name per cribl instance, for example: myStream_myHost_myOutputId""" - region: str - r"""Region where the CloudWatchLogs is located""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] - r"""AWS authentication method. Choose Auto to use IAM roles.""" - aws_secret_key: NotRequired[str] - endpoint: NotRequired[str] - r"""CloudWatchLogs service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to CloudWatchLogs-compatible endpoint.""" - reuse_connections: NotRequired[bool] - r"""Reuse connections between requests, which can improve performance""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - enable_assume_role: NotRequired[bool] - r"""Use Assume Role credentials to access CloudWatchLogs""" - assume_role_arn: NotRequired[str] - r"""Amazon Resource Name (ARN) of the role to assume""" - assume_role_external_id: NotRequired[str] - r"""External ID to use when assuming role""" - duration_seconds: NotRequired[float] - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - max_queue_size: NotRequired[float] - r"""Maximum number of queued batches before blocking""" - max_record_size_kb: NotRequired[float] - r"""Maximum size (KB) of each individual record before compression. For non compressible data 1MB is the max recommended size""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - aws_api_key: NotRequired[str] - aws_secret: NotRequired[str] - r"""Select or create a stored secret that references your access key and secret key""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsCloudwatchTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_log_group_name: NotRequired[str] - r"""Binds 'logGroupName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logGroupName' at runtime.""" - template_log_stream_name: NotRequired[str] - r"""Binds 'logStreamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logStreamName' at runtime.""" - template_aws_secret_key: NotRequired[str] - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_endpoint: NotRequired[str] - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - template_assume_role_arn: NotRequired[str] - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - template_assume_role_external_id: NotRequired[str] - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_aws_api_key: NotRequired[str] - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - -class CreateOutputOutputCloudwatch(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeCloudwatch - - log_group_name: Annotated[str, pydantic.Field(alias="logGroupName")] - r"""CloudWatch log group to associate events with""" - - log_stream_name: Annotated[str, pydantic.Field(alias="logStreamName")] - r"""Prefix for CloudWatch log stream name. This prefix will be used to generate a unique log stream name per cribl instance, for example: myStream_myHost_myOutputId""" - - region: str - r"""Region where the CloudWatchLogs is located""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - aws_authentication_method: Annotated[ - Optional[AuthenticationMethodOptionsS3CollectorConf], - pydantic.Field(alias="awsAuthenticationMethod"), - ] = None - r"""AWS authentication method. Choose Auto to use IAM roles.""" - - aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( - None - ) - - endpoint: Optional[str] = None - r"""CloudWatchLogs service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to CloudWatchLogs-compatible endpoint.""" - - reuse_connections: Annotated[ - Optional[bool], pydantic.Field(alias="reuseConnections") - ] = None - r"""Reuse connections between requests, which can improve performance""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - - enable_assume_role: Annotated[ - Optional[bool], pydantic.Field(alias="enableAssumeRole") - ] = None - r"""Use Assume Role credentials to access CloudWatchLogs""" - - assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( - None - ) - r"""Amazon Resource Name (ARN) of the role to assume""" - - assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="assumeRoleExternalId") - ] = None - r"""External ID to use when assuming role""" - - duration_seconds: Annotated[ - Optional[float], pydantic.Field(alias="durationSeconds") - ] = None - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - - max_queue_size: Annotated[Optional[float], pydantic.Field(alias="maxQueueSize")] = ( - None - ) - r"""Maximum number of queued batches before blocking""" - - max_record_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSizeKB") - ] = None - r"""Maximum size (KB) of each individual record before compression. For non compressible data 1MB is the max recommended size""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None - - aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None - r"""Select or create a stored secret that references your access key and secret key""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsCloudwatch], pydantic.Field(alias="pqControls") - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_log_group_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_logGroupName") - ] = None - r"""Binds 'logGroupName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logGroupName' at runtime.""" - - template_log_stream_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_logStreamName") - ] = None - r"""Binds 'logStreamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logStreamName' at runtime.""" - - template_aws_secret_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsSecretKey") - ] = None - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_endpoint") - ] = None - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - - template_assume_role_arn: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleArn") - ] = None - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - - template_assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") - ] = None - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_aws_api_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsApiKey") - ] = None - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - @field_serializer("aws_authentication_method") - def serialize_aws_authentication_method(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsS3CollectorConf(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "awsAuthenticationMethod", - "awsSecretKey", - "endpoint", - "reuseConnections", - "rejectUnauthorized", - "enableAssumeRole", - "assumeRoleArn", - "assumeRoleExternalId", - "durationSeconds", - "maxQueueSize", - "maxRecordSizeKB", - "flushPeriodSec", - "onBackpressure", - "description", - "awsApiKey", - "awsSecret", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_logGroupName", - "__template_logStreamName", - "__template_awsSecretKey", - "__template_region", - "__template_endpoint", - "__template_assumeRoleArn", - "__template_assumeRoleExternalId", - "__template_onBackpressure", - "__template_awsApiKey", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeInfluxdb(str, Enum): - INFLUXDB = "influxdb" - - -class CreateOutputTimestampPrecision(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Sets the precision for the supplied Unix time values. Defaults to milliseconds.""" - - # Nanoseconds - NS = "ns" - # Microseconds - U = "u" - # Milliseconds - MS = "ms" - # Seconds - S = "s" - # Minutes - M = "m" - # Hours - H = "h" - - -class CreateOutputAuthenticationTypeInfluxdb(str, Enum, metaclass=utils.OpenEnumMeta): - r"""InfluxDB authentication type""" - - # None - NONE = "none" - # Basic - BASIC = "basic" - # Basic (credentials secret) - CREDENTIALS_SECRET = "credentialsSecret" - # Token - TOKEN = "token" - # Token (text secret) - TEXT_SECRET = "textSecret" - - -class CreateOutputPqControlsInfluxdbTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsInfluxdb(BaseModel): - pass - - -class CreateOutputOutputInfluxdbTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeInfluxdb - url: str - r"""URL of an InfluxDB cluster to send events to, e.g., http://localhost:8086/write""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - use_v2_api: NotRequired[bool] - r"""The v2 API can be enabled with InfluxDB versions 1.8 and later.""" - timestamp_precision: NotRequired[CreateOutputTimestampPrecision] - r"""Sets the precision for the supplied Unix time values. Defaults to milliseconds.""" - dynamic_value_field_name: NotRequired[bool] - r"""Enabling this will pull the value field from the metric name. E,g, 'db.query.user' will use 'db.query' as the measurement and 'user' as the value field.""" - value_field_name: NotRequired[str] - r"""Name of the field in which to store the metric when sending to InfluxDB. If dynamic generation is enabled and fails, this will be used as a fallback.""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[CreateOutputAuthenticationTypeInfluxdb] - r"""InfluxDB authentication type""" - description: NotRequired[str] - database: NotRequired[str] - r"""Database to write to.""" - bucket: NotRequired[str] - r"""Bucket to write to.""" - org: NotRequired[str] - r"""Organization ID for this bucket.""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsInfluxdbTypedDict] - username: NotRequired[str] - password: NotRequired[str] - token: NotRequired[str] - r"""Bearer token to include in the authorization header""" - credentials_secret: NotRequired[str] - r"""Select or create a secret that references your credentials""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_database: NotRequired[str] - r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" - template_bucket: NotRequired[str] - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - - -class CreateOutputOutputInfluxdb(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeInfluxdb - - url: str - r"""URL of an InfluxDB cluster to send events to, e.g., http://localhost:8086/write""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - use_v2_api: Annotated[Optional[bool], pydantic.Field(alias="useV2API")] = None - r"""The v2 API can be enabled with InfluxDB versions 1.8 and later.""" - - timestamp_precision: Annotated[ - Optional[CreateOutputTimestampPrecision], - pydantic.Field(alias="timestampPrecision"), - ] = None - r"""Sets the precision for the supplied Unix time values. Defaults to milliseconds.""" - - dynamic_value_field_name: Annotated[ - Optional[bool], pydantic.Field(alias="dynamicValueFieldName") - ] = None - r"""Enabling this will pull the value field from the metric name. E,g, 'db.query.user' will use 'db.query' as the measurement and 'user' as the value field.""" - - value_field_name: Annotated[ - Optional[str], pydantic.Field(alias="valueFieldName") - ] = None - r"""Name of the field in which to store the metric when sending to InfluxDB. If dynamic generation is enabled and fails, this will be used as a fallback.""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[CreateOutputAuthenticationTypeInfluxdb], - pydantic.Field(alias="authType"), - ] = None - r"""InfluxDB authentication type""" - - description: Optional[str] = None - - database: Optional[str] = None - r"""Database to write to.""" - - bucket: Optional[str] = None - r"""Bucket to write to.""" - - org: Optional[str] = None - r"""Organization ID for this bucket.""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsInfluxdb], pydantic.Field(alias="pqControls") - ] = None - - username: Optional[str] = None - - password: Optional[str] = None - - token: Optional[str] = None - r"""Bearer token to include in the authorization header""" - - credentials_secret: Annotated[ - Optional[str], pydantic.Field(alias="credentialsSecret") - ] = None - r"""Select or create a secret that references your credentials""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_database: Annotated[ - Optional[str], pydantic.Field(alias="__template_database") - ] = None - r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" - - template_bucket: Annotated[ - Optional[str], pydantic.Field(alias="__template_bucket") - ] = None - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - - @field_serializer("timestamp_precision") - def serialize_timestamp_precision(self, value): - if isinstance(value, str): - try: - return models.CreateOutputTimestampPrecision(value) - except ValueError: - return value - return value - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.CreateOutputAuthenticationTypeInfluxdb(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "useV2API", - "timestampPrecision", - "dynamicValueFieldName", - "valueFieldName", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "authType", - "description", - "database", - "bucket", - "org", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "username", - "password", - "token", - "credentialsSecret", - "textSecret", - "__template_streamtags", - "__template_url", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_database", - "__template_bucket", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeNewrelicEvents(str, Enum): - NEWRELIC_EVENTS = "newrelic_events" - - -class CreateOutputPqControlsNewrelicEventsTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsNewrelicEvents(BaseModel): - pass - - -class CreateOutputOutputNewrelicEventsTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeNewrelicEvents - account_id: str - r"""New Relic account ID""" - event_type: str - r"""Default New Relic eventType to use when event type is not present. For more information, see the [New Relic eventType documentation](https://docs.newrelic.com/docs/telemetry-data-platform/custom-data/custom-events/data-requirements-limits-custom-event-data/#reserved-words).""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - region: NotRequired[RegionOptions] - r"""Which New Relic region endpoint to use.""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[AuthenticationMethodOptionsAPI] - r"""Enter API key directly, or select a stored secret""" - description: NotRequired[str] - custom_url: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsNewrelicEventsTypedDict] - api_key: NotRequired[str] - r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_account_id: NotRequired[str] - r"""Binds 'accountId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'accountId' at runtime.""" - template_event_type: NotRequired[str] - r"""Binds 'eventType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'eventType' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_custom_url: NotRequired[str] - r"""Binds 'customUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customUrl' at runtime.""" - - -class CreateOutputOutputNewrelicEvents(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeNewrelicEvents - - account_id: Annotated[str, pydantic.Field(alias="accountId")] - r"""New Relic account ID""" - - event_type: Annotated[str, pydantic.Field(alias="eventType")] - r"""Default New Relic eventType to use when event type is not present. For more information, see the [New Relic eventType documentation](https://docs.newrelic.com/docs/telemetry-data-platform/custom-data/custom-events/data-requirements-limits-custom-event-data/#reserved-words).""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - region: Optional[RegionOptions] = None - r"""Which New Relic region endpoint to use.""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAPI], pydantic.Field(alias="authType") - ] = None - r"""Enter API key directly, or select a stored secret""" - - description: Optional[str] = None - - custom_url: Annotated[Optional[str], pydantic.Field(alias="customUrl")] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsNewrelicEvents], - pydantic.Field(alias="pqControls"), - ] = None - - api_key: Annotated[Optional[str], pydantic.Field(alias="apiKey")] = None - r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_account_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_accountId") - ] = None - r"""Binds 'accountId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'accountId' at runtime.""" - - template_event_type: Annotated[ - Optional[str], pydantic.Field(alias="__template_eventType") - ] = None - r"""Binds 'eventType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'eventType' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_custom_url: Annotated[ - Optional[str], pydantic.Field(alias="__template_customUrl") - ] = None - r"""Binds 'customUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customUrl' at runtime.""" - - @field_serializer("region") - def serialize_region(self, value): - if isinstance(value, str): - try: - return models.RegionOptions(value) - except ValueError: - return value - return value - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAPI(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "region", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "authType", - "description", - "customUrl", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "apiKey", - "textSecret", - "__template_streamtags", - "__template_region", - "__template_accountId", - "__template_eventType", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_customUrl", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeNewrelic(str, Enum): - NEWRELIC = "newrelic" - - -class CreateOutputFieldName(str, Enum, metaclass=utils.OpenEnumMeta): - SERVICE = "service" - HOSTNAME = "hostname" - TIMESTAMP = "timestamp" - AUDIT_ID = "auditId" - - -class CreateOutputMetadatumTypedDict(TypedDict): - name: CreateOutputFieldName - value: str - r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)""" - - -class CreateOutputMetadatum(BaseModel): - name: CreateOutputFieldName - - value: str - r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)""" - - @field_serializer("name") - def serialize_name(self, value): - if isinstance(value, str): - try: - return models.CreateOutputFieldName(value) - except ValueError: - return value - return value - - -class CreateOutputPqControlsNewrelicTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsNewrelic(BaseModel): - pass - - -class CreateOutputOutputNewrelicTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeNewrelic - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - region: NotRequired[RegionOptions] - r"""Which New Relic region endpoint to use.""" - log_type: NotRequired[str] - r"""Name of the logtype to send with events, e.g.: observability, access_log. The event's 'sourcetype' field (if set) will override this value.""" - message_field: NotRequired[str] - r"""Name of field to send as log message value. If not present, event will be serialized and sent as JSON.""" - metadata: NotRequired[List[CreateOutputMetadatumTypedDict]] - r"""Fields to add to events from this input""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[AuthenticationMethodOptionsAPI] - r"""Enter API key directly, or select a stored secret""" - total_memory_limit_kb: NotRequired[float] - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - description: NotRequired[str] - custom_url: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsNewrelicTypedDict] - api_key: NotRequired[str] - r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_log_type: NotRequired[str] - r"""Binds 'logType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logType' at runtime.""" - template_message_field: NotRequired[str] - r"""Binds 'messageField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'messageField' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputOutputNewrelic(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeNewrelic - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - region: Optional[RegionOptions] = None - r"""Which New Relic region endpoint to use.""" - - log_type: Annotated[Optional[str], pydantic.Field(alias="logType")] = None - r"""Name of the logtype to send with events, e.g.: observability, access_log. The event's 'sourcetype' field (if set) will override this value.""" - - message_field: Annotated[Optional[str], pydantic.Field(alias="messageField")] = None - r"""Name of field to send as log message value. If not present, event will be serialized and sent as JSON.""" - - metadata: Optional[List[CreateOutputMetadatum]] = None - r"""Fields to add to events from this input""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAPI], pydantic.Field(alias="authType") - ] = None - r"""Enter API key directly, or select a stored secret""" - - total_memory_limit_kb: Annotated[ - Optional[float], pydantic.Field(alias="totalMemoryLimitKB") - ] = None - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - - description: Optional[str] = None - - custom_url: Annotated[Optional[str], pydantic.Field(alias="customUrl")] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsNewrelic], pydantic.Field(alias="pqControls") - ] = None - - api_key: Annotated[Optional[str], pydantic.Field(alias="apiKey")] = None - r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_log_type: Annotated[ - Optional[str], pydantic.Field(alias="__template_logType") - ] = None - r"""Binds 'logType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logType' at runtime.""" - - template_message_field: Annotated[ - Optional[str], pydantic.Field(alias="__template_messageField") - ] = None - r"""Binds 'messageField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'messageField' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("region") - def serialize_region(self, value): - if isinstance(value, str): - try: - return models.RegionOptions(value) - except ValueError: - return value - return value - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAPI(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "region", - "logType", - "messageField", - "metadata", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "authType", - "totalMemoryLimitKB", - "description", - "customUrl", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "apiKey", - "textSecret", - "__template_streamtags", - "__template_region", - "__template_logType", - "__template_messageField", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeElasticCloud(str, Enum): - ELASTIC_CLOUD = "elastic_cloud" - - -class CreateOutputPqControlsElasticCloudTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsElasticCloud(BaseModel): - pass - - -class CreateOutputOutputElasticCloudTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeElasticCloud - url: str - r"""Enter Cloud ID of the Elastic Cloud environment to send events to""" - index: str - r"""Data stream or index to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - extra_params: NotRequired[List[SaslExtensionConfInputKafkaTypedDict]] - r"""Extra parameters to use in HTTP requests""" - auth: NotRequired[AuthTypeTemplatemanualAPIKeyAuthTypeTypedDict] - elastic_pipeline: NotRequired[str] - r"""Optional Elastic Cloud Destination pipeline""" - include_doc_id: NotRequired[bool] - r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsElasticCloudTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - template_index: NotRequired[str] - r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_elastic_pipeline: NotRequired[str] - r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputOutputElasticCloud(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeElasticCloud - - url: str - r"""Enter Cloud ID of the Elastic Cloud environment to send events to""" - - index: str - r"""Data stream or index to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - extra_params: Annotated[ - Optional[List[SaslExtensionConfInputKafka]], pydantic.Field(alias="extraParams") - ] = None - r"""Extra parameters to use in HTTP requests""" - - auth: Optional[AuthTypeTemplatemanualAPIKeyAuthType] = None - - elastic_pipeline: Annotated[ - Optional[str], pydantic.Field(alias="elasticPipeline") - ] = None - r"""Optional Elastic Cloud Destination pipeline""" - - include_doc_id: Annotated[Optional[bool], pydantic.Field(alias="includeDocId")] = ( - None - ) - r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsElasticCloud], pydantic.Field(alias="pqControls") - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - template_index: Annotated[ - Optional[str], pydantic.Field(alias="__template_index") - ] = None - r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_elastic_pipeline: Annotated[ - Optional[str], pydantic.Field(alias="__template_elasticPipeline") - ] = None - r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "failedRequestLoggingMode", - "safeHeaders", - "extraParams", - "auth", - "elasticPipeline", - "includeDocId", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "description", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_url", - "__template_index", - "__template_failedRequestLoggingMode", - "__template_elasticPipeline", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeElastic(str, Enum): - ELASTIC = "elastic" - - -class CreateOutputElasticVersion(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Optional Elasticsearch version, used to format events. If not specified, will auto-discover version.""" - - # Auto - AUTO = "auto" - # 6.x - SIX = "6" - # 7.x - SEVEN = "7" - - -class CreateOutputWriteAction(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Action to use when writing events. Must be set to `Create` when writing to a data stream.""" - - # Index - INDEX = "index" - # Create - CREATE = "create" - - -class CreateOutputURLElasticTypedDict(TypedDict): - url: str - r"""The URL to an Elastic node to send events to. Example: http://elastic:9200/_bulk""" - weight: NotRequired[float] - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - -class CreateOutputURLElastic(BaseModel): - url: str - r"""The URL to an Elastic node to send events to. Example: http://elastic:9200/_bulk""" - - weight: Optional[float] = None - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["weight", "__template_url"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputPqControlsElasticTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsElastic(BaseModel): - pass - - -class CreateOutputOutputElasticTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeElastic - index: str - r"""Index or data stream to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - load_balanced: NotRequired[bool] - r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" - doc_type: NotRequired[str] - r"""Document type to use for events. Can be overwritten by an event's __type field.""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - extra_params: NotRequired[List[SaslExtensionConfInputKafkaTypedDict]] - auth: NotRequired[AuthTypeTemplatemanualAPIKeyAuthTypeTypedDict] - elastic_version: NotRequired[CreateOutputElasticVersion] - r"""Optional Elasticsearch version, used to format events. If not specified, will auto-discover version.""" - elastic_pipeline: NotRequired[str] - r"""Optional Elasticsearch destination pipeline""" - include_doc_id: NotRequired[bool] - r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" - write_action: NotRequired[CreateOutputWriteAction] - r"""Action to use when writing events. Must be set to `Create` when writing to a data stream.""" - retry_partial_errors: NotRequired[bool] - r"""Retry failed events when a bulk request to Elastic is successful, but the response body returns an error for one or more events in the batch""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - url: NotRequired[str] - r"""The Cloud ID or URL to an Elastic cluster to send events to. Example: http://elastic:9200/_bulk""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - exclude_self: NotRequired[bool] - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - urls: NotRequired[List[CreateOutputURLElasticTypedDict]] - dns_resolve_period_sec: NotRequired[float] - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - load_balance_stats_period_sec: NotRequired[float] - r"""How far back in time to keep traffic stats for load balancing purposes""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsElasticTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_index: NotRequired[str] - r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" - template_doc_type: NotRequired[str] - r"""Binds 'docType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'docType' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_elastic_pipeline: NotRequired[str] - r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - -class CreateOutputOutputElastic(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeElastic - - index: str - r"""Index or data stream to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( - None - ) - r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" - - doc_type: Annotated[Optional[str], pydantic.Field(alias="docType")] = None - r"""Document type to use for events. Can be overwritten by an event's __type field.""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - extra_params: Annotated[ - Optional[List[SaslExtensionConfInputKafka]], pydantic.Field(alias="extraParams") - ] = None - - auth: Optional[AuthTypeTemplatemanualAPIKeyAuthType] = None - - elastic_version: Annotated[ - Optional[CreateOutputElasticVersion], pydantic.Field(alias="elasticVersion") - ] = None - r"""Optional Elasticsearch version, used to format events. If not specified, will auto-discover version.""" - - elastic_pipeline: Annotated[ - Optional[str], pydantic.Field(alias="elasticPipeline") - ] = None - r"""Optional Elasticsearch destination pipeline""" - - include_doc_id: Annotated[Optional[bool], pydantic.Field(alias="includeDocId")] = ( - None - ) - r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" - - write_action: Annotated[ - Optional[CreateOutputWriteAction], pydantic.Field(alias="writeAction") - ] = None - r"""Action to use when writing events. Must be set to `Create` when writing to a data stream.""" - - retry_partial_errors: Annotated[ - Optional[bool], pydantic.Field(alias="retryPartialErrors") - ] = None - r"""Retry failed events when a bulk request to Elastic is successful, but the response body returns an error for one or more events in the batch""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - url: Optional[str] = None - r"""The Cloud ID or URL to an Elastic cluster to send events to. Example: http://elastic:9200/_bulk""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - - urls: Optional[List[CreateOutputURLElastic]] = None - - dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") - ] = None - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - - load_balance_stats_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") - ] = None - r"""How far back in time to keep traffic stats for load balancing purposes""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsElastic], pydantic.Field(alias="pqControls") - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_index: Annotated[ - Optional[str], pydantic.Field(alias="__template_index") - ] = None - r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" - - template_doc_type: Annotated[ - Optional[str], pydantic.Field(alias="__template_docType") - ] = None - r"""Binds 'docType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'docType' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_elastic_pipeline: Annotated[ - Optional[str], pydantic.Field(alias="__template_elasticPipeline") - ] = None - r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("elastic_version") - def serialize_elastic_version(self, value): - if isinstance(value, str): - try: - return models.CreateOutputElasticVersion(value) - except ValueError: - return value - return value - - @field_serializer("write_action") - def serialize_write_action(self, value): - if isinstance(value, str): - try: - return models.CreateOutputWriteAction(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "loadBalanced", - "docType", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "extraParams", - "auth", - "elasticVersion", - "elasticPipeline", - "includeDocId", - "writeAction", - "retryPartialErrors", - "onBackpressure", - "description", - "url", - "useRoundRobinDns", - "excludeSelf", - "urls", - "dnsResolvePeriodSec", - "loadBalanceStatsPeriodSec", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_index", - "__template_docType", - "__template_failedRequestLoggingMode", - "__template_elasticPipeline", - "__template_onBackpressure", - "__template_url", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeMsk(str, Enum): - MSK = "msk" - - -class CreateOutputPqControlsMskTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsMsk(BaseModel): - pass - - -class CreateOutputOutputMskTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeMsk - brokers: List[str] - r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" - topic: str - r"""The topic to publish events to. Can be overridden using the __topicOut field.""" - aws_authentication_method: AuthenticationMethodOptionsS3CollectorConf - r"""AWS authentication method. Choose Auto to use IAM roles.""" - region: str - r"""Region where the MSK cluster is located""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - ack: NotRequired[AcknowledgmentsOptionsAllLeader] - r"""Control the number of required acknowledgments.""" - format_: NotRequired[RecordDataFormatOptionsJSONProtobuf] - r"""Format to use to serialize events before writing to Kafka.""" - compression: NotRequired[CompressionOptionsGzipLz4] - r"""Codec to use to compress the data before sending to Kafka""" - max_record_size_kb: NotRequired[float] - r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" - flush_event_count: NotRequired[float] - r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" - flush_period_sec: NotRequired[float] - r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" - kafka_schema_registry: NotRequired[ - KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict - ] - connection_timeout: NotRequired[float] - r"""Maximum time to wait for a connection to complete successfully""" - request_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to a request""" - max_retries: NotRequired[float] - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - max_back_off: NotRequired[float] - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - initial_backoff: NotRequired[float] - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - backoff_rate: NotRequired[float] - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - authentication_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to an authentication request""" - reauthentication_threshold: NotRequired[float] - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - aws_secret_key: NotRequired[str] - endpoint: NotRequired[str] - r"""MSK cluster service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to MSK cluster-compatible endpoint.""" - reuse_connections: NotRequired[bool] - r"""Reuse connections between requests, which can improve performance""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - enable_assume_role: NotRequired[bool] - r"""Use Assume Role credentials to access MSK""" - assume_role_arn: NotRequired[str] - r"""Amazon Resource Name (ARN) of the role to assume""" - assume_role_external_id: NotRequired[str] - r"""External ID to use when assuming role""" - duration_seconds: NotRequired[float] - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - aws_api_key: NotRequired[str] - aws_secret: NotRequired[str] - r"""Select or create a stored secret that references your access key and secret key""" - protobuf_library_id: NotRequired[str] - r"""Select a set of Protobuf definitions for the events you want to send""" - protobuf_encoding_id: NotRequired[str] - r"""Select the type of object you want the Protobuf definitions to use for event encoding""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsMskTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_topic: NotRequired[str] - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_compression: NotRequired[str] - r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" - template_aws_secret_key: NotRequired[str] - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_endpoint: NotRequired[str] - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - template_assume_role_arn: NotRequired[str] - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - template_assume_role_external_id: NotRequired[str] - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_aws_api_key: NotRequired[str] - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - -class CreateOutputOutputMsk(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeMsk - - brokers: List[str] - r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" - - topic: str - r"""The topic to publish events to. Can be overridden using the __topicOut field.""" - - aws_authentication_method: Annotated[ - AuthenticationMethodOptionsS3CollectorConf, - pydantic.Field(alias="awsAuthenticationMethod"), - ] - r"""AWS authentication method. Choose Auto to use IAM roles.""" - - region: str - r"""Region where the MSK cluster is located""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - ack: Optional[AcknowledgmentsOptionsAllLeader] = None - r"""Control the number of required acknowledgments.""" - - format_: Annotated[ - Optional[RecordDataFormatOptionsJSONProtobuf], pydantic.Field(alias="format") - ] = None - r"""Format to use to serialize events before writing to Kafka.""" - - compression: Optional[CompressionOptionsGzipLz4] = None - r"""Codec to use to compress the data before sending to Kafka""" - - max_record_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSizeKB") - ] = None - r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" - - flush_event_count: Annotated[ - Optional[float], pydantic.Field(alias="flushEventCount") - ] = None - r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" - - kafka_schema_registry: Annotated[ - Optional[KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth], - pydantic.Field(alias="kafkaSchemaRegistry"), - ] = None - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Maximum time to wait for a connection to complete successfully""" - - request_timeout: Annotated[ - Optional[float], pydantic.Field(alias="requestTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to a request""" - - max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - - max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - - initial_backoff: Annotated[ - Optional[float], pydantic.Field(alias="initialBackoff") - ] = None - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - - backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - - authentication_timeout: Annotated[ - Optional[float], pydantic.Field(alias="authenticationTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to an authentication request""" - - reauthentication_threshold: Annotated[ - Optional[float], pydantic.Field(alias="reauthenticationThreshold") - ] = None - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - - aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( - None - ) - - endpoint: Optional[str] = None - r"""MSK cluster service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to MSK cluster-compatible endpoint.""" - - reuse_connections: Annotated[ - Optional[bool], pydantic.Field(alias="reuseConnections") - ] = None - r"""Reuse connections between requests, which can improve performance""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - - enable_assume_role: Annotated[ - Optional[bool], pydantic.Field(alias="enableAssumeRole") - ] = None - r"""Use Assume Role credentials to access MSK""" - - assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( - None - ) - r"""Amazon Resource Name (ARN) of the role to assume""" - - assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="assumeRoleExternalId") - ] = None - r"""External ID to use when assuming role""" - - duration_seconds: Annotated[ - Optional[float], pydantic.Field(alias="durationSeconds") - ] = None - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None - - aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None - r"""Select or create a stored secret that references your access key and secret key""" - - protobuf_library_id: Annotated[ - Optional[str], pydantic.Field(alias="protobufLibraryId") - ] = None - r"""Select a set of Protobuf definitions for the events you want to send""" - - protobuf_encoding_id: Annotated[ - Optional[str], pydantic.Field(alias="protobufEncodingId") - ] = None - r"""Select the type of object you want the Protobuf definitions to use for event encoding""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsMsk], pydantic.Field(alias="pqControls") - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_topic: Annotated[ - Optional[str], pydantic.Field(alias="__template_topic") - ] = None - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_compression: Annotated[ - Optional[str], pydantic.Field(alias="__template_compression") - ] = None - r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" - - template_aws_secret_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsSecretKey") - ] = None - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_endpoint") - ] = None - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - - template_assume_role_arn: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleArn") - ] = None - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - - template_assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") - ] = None - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_aws_api_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsApiKey") - ] = None - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - @field_serializer("ack") - def serialize_ack(self, value): - if isinstance(value, str): - try: - return models.AcknowledgmentsOptionsAllLeader(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.RecordDataFormatOptionsJSONProtobuf(value) - except ValueError: - return value - return value - - @field_serializer("compression") - def serialize_compression(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsGzipLz4(value) - except ValueError: - return value - return value - - @field_serializer("aws_authentication_method") - def serialize_aws_authentication_method(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsS3CollectorConf(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "ack", - "format", - "compression", - "maxRecordSizeKB", - "flushEventCount", - "flushPeriodSec", - "kafkaSchemaRegistry", - "connectionTimeout", - "requestTimeout", - "maxRetries", - "maxBackOff", - "initialBackoff", - "backoffRate", - "authenticationTimeout", - "reauthenticationThreshold", - "awsSecretKey", - "endpoint", - "reuseConnections", - "rejectUnauthorized", - "enableAssumeRole", - "assumeRoleArn", - "assumeRoleExternalId", - "durationSeconds", - "tls", - "onBackpressure", - "description", - "awsApiKey", - "awsSecret", - "protobufLibraryId", - "protobufEncodingId", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_topic", - "__template_format", - "__template_compression", - "__template_awsSecretKey", - "__template_region", - "__template_endpoint", - "__template_assumeRoleArn", - "__template_assumeRoleExternalId", - "__template_onBackpressure", - "__template_awsApiKey", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeConfluentCloud(str, Enum): - CONFLUENT_CLOUD = "confluent_cloud" - - -class CreateOutputPqControlsConfluentCloudTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsConfluentCloud(BaseModel): - pass - - -class CreateOutputOutputConfluentCloudTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeConfluentCloud - brokers: List[str] - r"""List of Confluent Cloud bootstrap servers to use, such as yourAccount.confluent.cloud:9092.""" - topic: str - r"""The topic to publish events to. Can be overridden using the __topicOut field.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] - ack: NotRequired[AcknowledgmentsOptionsAllLeader] - r"""Control the number of required acknowledgments.""" - format_: NotRequired[RecordDataFormatOptionsJSONProtobuf] - r"""Format to use to serialize events before writing to Kafka.""" - compression: NotRequired[CompressionOptionsGzipLz4] - r"""Codec to use to compress the data before sending to Kafka""" - max_record_size_kb: NotRequired[float] - r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" - flush_event_count: NotRequired[float] - r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" - flush_period_sec: NotRequired[float] - r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" - kafka_schema_registry: NotRequired[ - KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict - ] - connection_timeout: NotRequired[float] - r"""Maximum time to wait for a connection to complete successfully""" - request_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to a request""" - max_retries: NotRequired[float] - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - max_back_off: NotRequired[float] - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - initial_backoff: NotRequired[float] - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - backoff_rate: NotRequired[float] - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - authentication_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to an authentication request""" - reauthentication_threshold: NotRequired[float] - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - sasl: NotRequired[AuthenticationTypeTypedDict] - r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - protobuf_library_id: NotRequired[str] - r"""Select a set of Protobuf definitions for the events you want to send""" - protobuf_encoding_id: NotRequired[str] - r"""Select the type of object you want the Protobuf definitions to use for event encoding""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsConfluentCloudTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_brokers: NotRequired[str] - r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" - template_topic: NotRequired[str] - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_compression: NotRequired[str] - r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputOutputConfluentCloud(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeConfluentCloud - - brokers: List[str] - r"""List of Confluent Cloud bootstrap servers to use, such as yourAccount.confluent.cloud:9092.""" - - topic: str - r"""The topic to publish events to. Can be overridden using the __topicOut field.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None - - ack: Optional[AcknowledgmentsOptionsAllLeader] = None - r"""Control the number of required acknowledgments.""" - - format_: Annotated[ - Optional[RecordDataFormatOptionsJSONProtobuf], pydantic.Field(alias="format") - ] = None - r"""Format to use to serialize events before writing to Kafka.""" - - compression: Optional[CompressionOptionsGzipLz4] = None - r"""Codec to use to compress the data before sending to Kafka""" - - max_record_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSizeKB") - ] = None - r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" - - flush_event_count: Annotated[ - Optional[float], pydantic.Field(alias="flushEventCount") - ] = None - r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" - - kafka_schema_registry: Annotated[ - Optional[KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth], - pydantic.Field(alias="kafkaSchemaRegistry"), - ] = None - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Maximum time to wait for a connection to complete successfully""" - - request_timeout: Annotated[ - Optional[float], pydantic.Field(alias="requestTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to a request""" - - max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - - max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - - initial_backoff: Annotated[ - Optional[float], pydantic.Field(alias="initialBackoff") - ] = None - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - - backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - - authentication_timeout: Annotated[ - Optional[float], pydantic.Field(alias="authenticationTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to an authentication request""" - - reauthentication_threshold: Annotated[ - Optional[float], pydantic.Field(alias="reauthenticationThreshold") - ] = None - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - - sasl: Optional[AuthenticationType] = None - r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - protobuf_library_id: Annotated[ - Optional[str], pydantic.Field(alias="protobufLibraryId") - ] = None - r"""Select a set of Protobuf definitions for the events you want to send""" - - protobuf_encoding_id: Annotated[ - Optional[str], pydantic.Field(alias="protobufEncodingId") - ] = None - r"""Select the type of object you want the Protobuf definitions to use for event encoding""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsConfluentCloud], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_brokers: Annotated[ - Optional[str], pydantic.Field(alias="__template_brokers") - ] = None - r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" - - template_topic: Annotated[ - Optional[str], pydantic.Field(alias="__template_topic") - ] = None - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_compression: Annotated[ - Optional[str], pydantic.Field(alias="__template_compression") - ] = None - r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("ack") - def serialize_ack(self, value): - if isinstance(value, str): - try: - return models.AcknowledgmentsOptionsAllLeader(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.RecordDataFormatOptionsJSONProtobuf(value) - except ValueError: - return value - return value - - @field_serializer("compression") - def serialize_compression(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsGzipLz4(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "tls", - "ack", - "format", - "compression", - "maxRecordSizeKB", - "flushEventCount", - "flushPeriodSec", - "kafkaSchemaRegistry", - "connectionTimeout", - "requestTimeout", - "maxRetries", - "maxBackOff", - "initialBackoff", - "backoffRate", - "authenticationTimeout", - "reauthenticationThreshold", - "sasl", - "onBackpressure", - "description", - "protobufLibraryId", - "protobufEncodingId", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_brokers", - "__template_topic", - "__template_format", - "__template_compression", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeKafka(str, Enum): - KAFKA = "kafka" - - -class CreateOutputPqControlsKafkaTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsKafka(BaseModel): - pass - - -class CreateOutputOutputKafkaTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeKafka - brokers: List[str] - r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" - topic: str - r"""The topic to publish events to. Can be overridden using the __topicOut field.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - ack: NotRequired[AcknowledgmentsOptionsAllLeader] - r"""Control the number of required acknowledgments.""" - format_: NotRequired[RecordDataFormatOptionsJSONProtobuf] - r"""Format to use to serialize events before writing to Kafka.""" - compression: NotRequired[CompressionOptionsGzipLz4] - r"""Codec to use to compress the data before sending to Kafka""" - max_record_size_kb: NotRequired[float] - r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" - flush_event_count: NotRequired[float] - r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" - flush_period_sec: NotRequired[float] - r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" - kafka_schema_registry: NotRequired[ - KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict - ] - connection_timeout: NotRequired[float] - r"""Maximum time to wait for a connection to complete successfully""" - request_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to a request""" - max_retries: NotRequired[float] - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - max_back_off: NotRequired[float] - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - initial_backoff: NotRequired[float] - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - backoff_rate: NotRequired[float] - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - authentication_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to an authentication request""" - reauthentication_threshold: NotRequired[float] - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - sasl: NotRequired[AuthenticationTypeTypedDict] - r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - protobuf_library_id: NotRequired[str] - r"""Select a set of Protobuf definitions for the events you want to send""" - protobuf_encoding_id: NotRequired[str] - r"""Select the type of object you want the Protobuf definitions to use for event encoding""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsKafkaTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_topic: NotRequired[str] - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_compression: NotRequired[str] - r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputOutputKafka(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeKafka - - brokers: List[str] - r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" - - topic: str - r"""The topic to publish events to. Can be overridden using the __topicOut field.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - ack: Optional[AcknowledgmentsOptionsAllLeader] = None - r"""Control the number of required acknowledgments.""" - - format_: Annotated[ - Optional[RecordDataFormatOptionsJSONProtobuf], pydantic.Field(alias="format") - ] = None - r"""Format to use to serialize events before writing to Kafka.""" - - compression: Optional[CompressionOptionsGzipLz4] = None - r"""Codec to use to compress the data before sending to Kafka""" - - max_record_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSizeKB") - ] = None - r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" - - flush_event_count: Annotated[ - Optional[float], pydantic.Field(alias="flushEventCount") - ] = None - r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" - - kafka_schema_registry: Annotated[ - Optional[KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth], - pydantic.Field(alias="kafkaSchemaRegistry"), - ] = None - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Maximum time to wait for a connection to complete successfully""" - - request_timeout: Annotated[ - Optional[float], pydantic.Field(alias="requestTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to a request""" - - max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - - max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - - initial_backoff: Annotated[ - Optional[float], pydantic.Field(alias="initialBackoff") - ] = None - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - - backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - - authentication_timeout: Annotated[ - Optional[float], pydantic.Field(alias="authenticationTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to an authentication request""" - - reauthentication_threshold: Annotated[ - Optional[float], pydantic.Field(alias="reauthenticationThreshold") - ] = None - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - - sasl: Optional[AuthenticationType] = None - r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - protobuf_library_id: Annotated[ - Optional[str], pydantic.Field(alias="protobufLibraryId") - ] = None - r"""Select a set of Protobuf definitions for the events you want to send""" - - protobuf_encoding_id: Annotated[ - Optional[str], pydantic.Field(alias="protobufEncodingId") - ] = None - r"""Select the type of object you want the Protobuf definitions to use for event encoding""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsKafka], pydantic.Field(alias="pqControls") - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_topic: Annotated[ - Optional[str], pydantic.Field(alias="__template_topic") - ] = None - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_compression: Annotated[ - Optional[str], pydantic.Field(alias="__template_compression") - ] = None - r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("ack") - def serialize_ack(self, value): - if isinstance(value, str): - try: - return models.AcknowledgmentsOptionsAllLeader(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.RecordDataFormatOptionsJSONProtobuf(value) - except ValueError: - return value - return value - - @field_serializer("compression") - def serialize_compression(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsGzipLz4(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "ack", - "format", - "compression", - "maxRecordSizeKB", - "flushEventCount", - "flushPeriodSec", - "kafkaSchemaRegistry", - "connectionTimeout", - "requestTimeout", - "maxRetries", - "maxBackOff", - "initialBackoff", - "backoffRate", - "authenticationTimeout", - "reauthenticationThreshold", - "sasl", - "tls", - "onBackpressure", - "description", - "protobufLibraryId", - "protobufEncodingId", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_topic", - "__template_format", - "__template_compression", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeExabeam(str, Enum): - EXABEAM = "exabeam" - - -class CreateOutputOutputExabeamTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeExabeam - bucket: str - r"""Name of the destination bucket. A constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a JavaScript Global Variable: `myBucket-${C.vars.myVar}`.""" - region: str - r"""Region where the bucket is located""" - stage_path: str - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - endpoint: str - r"""Google Cloud Storage service endpoint""" - collector_instance_id: str - r"""ID of the Exabeam Collector where data should be sent. Example: 11112222-3333-4444-5555-666677778888 - - """ - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - object_acl: NotRequired[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol] - r"""Object ACL to assign to uploaded objects""" - storage_class: NotRequired[StorageClassOptionsArchiveColdline] - r"""Storage class to select for uploaded objects""" - reuse_connections: NotRequired[bool] - r"""Reuse connections between requests, which can improve performance""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - add_id_to_stage_path: NotRequired[bool] - r"""Add the Output ID value to staging location""" - remove_empty_dirs: NotRequired[bool] - r"""Remove empty staging directories after moving files""" - max_file_open_time_sec: NotRequired[float] - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - max_file_idle_time_sec: NotRequired[float] - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - max_open_files: NotRequired[float] - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] - r"""How to handle events when all receivers are exerting backpressure""" - deadletter_enabled: NotRequired[bool] - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - retry_settings: NotRequired[RetrySettingsTypeTypedDict] - orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] - max_file_size_mb: NotRequired[float] - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - encoded_configuration: NotRequired[str] - r"""Enter an encoded string containing Exabeam configurations""" - site_name: NotRequired[str] - r"""Constant or JavaScript expression to create an Exabeam site name. Values that aren't successfully evaluated will be treated as string constants.""" - site_id: NotRequired[str] - r"""Exabeam site ID. If left blank, @{product} will use the value of the Exabeam site name.""" - timezone_offset: NotRequired[str] - aws_api_key: NotRequired[str] - r"""HMAC access key. Can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" - aws_secret_key: NotRequired[str] - r"""HMAC secret. Can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" - description: NotRequired[str] - empty_dir_cleanup_sec: NotRequired[float] - r"""How frequently, in seconds, to clean up empty directories""" - directory_batch_size: NotRequired[float] - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - deadletter_path: NotRequired[str] - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - max_retry_num: NotRequired[float] - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_endpoint: NotRequired[str] - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - template_object_acl: NotRequired[str] - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - template_storage_class: NotRequired[str] - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputOutputExabeam(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeExabeam - - bucket: str - r"""Name of the destination bucket. A constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a JavaScript Global Variable: `myBucket-${C.vars.myVar}`.""" - - region: str - r"""Region where the bucket is located""" - - stage_path: Annotated[str, pydantic.Field(alias="stagePath")] - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - - endpoint: str - r"""Google Cloud Storage service endpoint""" - - collector_instance_id: Annotated[str, pydantic.Field(alias="collectorInstanceId")] - r"""ID of the Exabeam Collector where data should be sent. Example: 11112222-3333-4444-5555-666677778888 - - """ - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - object_acl: Annotated[ - Optional[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol], - pydantic.Field(alias="objectACL"), - ] = None - r"""Object ACL to assign to uploaded objects""" - - storage_class: Annotated[ - Optional[StorageClassOptionsArchiveColdline], - pydantic.Field(alias="storageClass"), - ] = None - r"""Storage class to select for uploaded objects""" - - reuse_connections: Annotated[ - Optional[bool], pydantic.Field(alias="reuseConnections") - ] = None - r"""Reuse connections between requests, which can improve performance""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - - add_id_to_stage_path: Annotated[ - Optional[bool], pydantic.Field(alias="addIdToStagePath") - ] = None - r"""Add the Output ID value to staging location""" - - remove_empty_dirs: Annotated[ - Optional[bool], pydantic.Field(alias="removeEmptyDirs") - ] = None - r"""Remove empty staging directories after moving files""" - - max_file_open_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") - ] = None - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - - max_file_idle_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") - ] = None - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - - max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( - None - ) - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptionsBlockDrop], - pydantic.Field(alias="onBackpressure"), - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - deadletter_enabled: Annotated[ - Optional[bool], pydantic.Field(alias="deadletterEnabled") - ] = None - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - - on_disk_full_backpressure: Annotated[ - Optional[DiskSpaceProtectionOptions], - pydantic.Field(alias="onDiskFullBackpressure"), - ] = None - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - - retry_settings: Annotated[ - Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") - ] = None - - orphans: Optional[OrphanFileRecoveryType] = None - - max_file_size_mb: Annotated[ - Optional[float], pydantic.Field(alias="maxFileSizeMB") - ] = None - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - - encoded_configuration: Annotated[ - Optional[str], pydantic.Field(alias="encodedConfiguration") - ] = None - r"""Enter an encoded string containing Exabeam configurations""" - - site_name: Annotated[Optional[str], pydantic.Field(alias="siteName")] = None - r"""Constant or JavaScript expression to create an Exabeam site name. Values that aren't successfully evaluated will be treated as string constants.""" - - site_id: Annotated[Optional[str], pydantic.Field(alias="siteId")] = None - r"""Exabeam site ID. If left blank, @{product} will use the value of the Exabeam site name.""" - - timezone_offset: Annotated[ - Optional[str], pydantic.Field(alias="timezoneOffset") - ] = None - - aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None - r"""HMAC access key. Can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" - - aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( - None - ) - r"""HMAC secret. Can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" - - description: Optional[str] = None - - empty_dir_cleanup_sec: Annotated[ - Optional[float], pydantic.Field(alias="emptyDirCleanupSec") - ] = None - r"""How frequently, in seconds, to clean up empty directories""" - - directory_batch_size: Annotated[ - Optional[float], pydantic.Field(alias="directoryBatchSize") - ] = None - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - - deadletter_path: Annotated[ - Optional[str], pydantic.Field(alias="deadletterPath") - ] = None - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - - max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( - None - ) - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_endpoint") - ] = None - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - - template_object_acl: Annotated[ - Optional[str], pydantic.Field(alias="__template_objectACL") - ] = None - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - - template_storage_class: Annotated[ - Optional[str], pydantic.Field(alias="__template_storageClass") - ] = None - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("object_acl") - def serialize_object_acl(self, value): - if isinstance(value, str): - try: - return models.ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol( - value - ) - except ValueError: - return value - return value - - @field_serializer("storage_class") - def serialize_storage_class(self, value): - if isinstance(value, str): - try: - return models.StorageClassOptionsArchiveColdline(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptionsBlockDrop(value) - except ValueError: - return value - return value - - @field_serializer("on_disk_full_backpressure") - def serialize_on_disk_full_backpressure(self, value): - if isinstance(value, str): - try: - return models.DiskSpaceProtectionOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "objectACL", - "storageClass", - "reuseConnections", - "rejectUnauthorized", - "addIdToStagePath", - "removeEmptyDirs", - "maxFileOpenTimeSec", - "maxFileIdleTimeSec", - "maxOpenFiles", - "onBackpressure", - "deadletterEnabled", - "onDiskFullBackpressure", - "retrySettings", - "orphans", - "maxFileSizeMB", - "encodedConfiguration", - "siteName", - "siteId", - "timezoneOffset", - "awsApiKey", - "awsSecretKey", - "description", - "emptyDirCleanupSec", - "directoryBatchSize", - "deadletterPath", - "maxRetryNum", - "__template_streamtags", - "__template_region", - "__template_endpoint", - "__template_objectACL", - "__template_storageClass", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeGooglePubsub(str, Enum): - GOOGLE_PUBSUB = "google_pubsub" - - -class CreateOutputPqControlsGooglePubsubTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsGooglePubsub(BaseModel): - pass - - -class CreateOutputOutputGooglePubsubTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeGooglePubsub - topic_name: str - r"""ID of the topic to send events to.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - create_topic: NotRequired[bool] - r"""If enabled, create topic if it does not exist.""" - ordered_delivery: NotRequired[bool] - r"""If enabled, send events in the order they were added to the queue. For this to work correctly, the process receiving events must have ordering enabled.""" - region: NotRequired[str] - r"""Region to publish messages to. Select 'default' to allow Google to auto-select the nearest region. When using ordered delivery, the selected region must be allowed by message storage policy.""" - google_auth_method: NotRequired[GoogleAuthenticationMethodOptions] - r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" - service_account_credentials: NotRequired[str] - r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" - secret: NotRequired[str] - r"""Select or create a stored text secret""" - batch_size: NotRequired[float] - r"""The maximum number of items the Google API should batch before it sends them to the topic.""" - batch_timeout: NotRequired[float] - r"""The maximum amount of time, in milliseconds, that the Google API should wait to send a batch (if the Batch size is not reached).""" - max_queue_size: NotRequired[float] - r"""Maximum number of queued batches before blocking.""" - max_record_size_kb: NotRequired[float] - r"""Maximum size (KB) of batches to send.""" - flush_period: NotRequired[float] - r"""Maximum time to wait before sending a batch (when batch size limit is not reached)""" - max_in_progress: NotRequired[float] - r"""The maximum number of in-progress API requests before backpressure is applied.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsGooglePubsubTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_topic_name: NotRequired[str] - r"""Binds 'topicName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicName' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputOutputGooglePubsub(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeGooglePubsub - - topic_name: Annotated[str, pydantic.Field(alias="topicName")] - r"""ID of the topic to send events to.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - create_topic: Annotated[Optional[bool], pydantic.Field(alias="createTopic")] = None - r"""If enabled, create topic if it does not exist.""" - - ordered_delivery: Annotated[ - Optional[bool], pydantic.Field(alias="orderedDelivery") - ] = None - r"""If enabled, send events in the order they were added to the queue. For this to work correctly, the process receiving events must have ordering enabled.""" - - region: Optional[str] = None - r"""Region to publish messages to. Select 'default' to allow Google to auto-select the nearest region. When using ordered delivery, the selected region must be allowed by message storage policy.""" - - google_auth_method: Annotated[ - Optional[GoogleAuthenticationMethodOptions], - pydantic.Field(alias="googleAuthMethod"), - ] = None - r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" - - service_account_credentials: Annotated[ - Optional[str], pydantic.Field(alias="serviceAccountCredentials") - ] = None - r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" - - secret: Optional[str] = None - r"""Select or create a stored text secret""" - - batch_size: Annotated[Optional[float], pydantic.Field(alias="batchSize")] = None - r"""The maximum number of items the Google API should batch before it sends them to the topic.""" - - batch_timeout: Annotated[Optional[float], pydantic.Field(alias="batchTimeout")] = ( - None - ) - r"""The maximum amount of time, in milliseconds, that the Google API should wait to send a batch (if the Batch size is not reached).""" - - max_queue_size: Annotated[Optional[float], pydantic.Field(alias="maxQueueSize")] = ( - None - ) - r"""Maximum number of queued batches before blocking.""" - - max_record_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSizeKB") - ] = None - r"""Maximum size (KB) of batches to send.""" - - flush_period: Annotated[Optional[float], pydantic.Field(alias="flushPeriod")] = None - r"""Maximum time to wait before sending a batch (when batch size limit is not reached)""" - - max_in_progress: Annotated[ - Optional[float], pydantic.Field(alias="maxInProgress") - ] = None - r"""The maximum number of in-progress API requests before backpressure is applied.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsGooglePubsub], pydantic.Field(alias="pqControls") - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_topic_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_topicName") - ] = None - r"""Binds 'topicName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicName' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("google_auth_method") - def serialize_google_auth_method(self, value): - if isinstance(value, str): - try: - return models.GoogleAuthenticationMethodOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "createTopic", - "orderedDelivery", - "region", - "googleAuthMethod", - "serviceAccountCredentials", - "secret", - "batchSize", - "batchTimeout", - "maxQueueSize", - "maxRecordSizeKB", - "flushPeriod", - "maxInProgress", - "onBackpressure", - "description", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_topicName", - "__template_region", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeGoogleCloudLogging(str, Enum): - GOOGLE_CLOUD_LOGGING = "google_cloud_logging" - - -class CreateOutputLogLocationType(str, Enum, metaclass=utils.OpenEnumMeta): - # Project - PROJECT = "project" - # Organization - ORGANIZATION = "organization" - # Billing Account - BILLING_ACCOUNT = "billingAccount" - # Folder - FOLDER = "folder" - - -class CreateOutputPayloadFormat(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Format to use when sending payload. Defaults to Text.""" - - # Text - TEXT = "text" - # JSON - JSON = "json" - - -class CreateOutputPqControlsGoogleCloudLoggingTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsGoogleCloudLogging(BaseModel): - pass - - -class CreateOutputOutputGoogleCloudLoggingTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeGoogleCloudLogging - log_location_type: CreateOutputLogLocationType - log_name_expression: str - r"""JavaScript expression to compute the value of the log name. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" - log_location_expression: str - r"""JavaScript expression to compute the value of the folder ID with which log entries should be associated. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - sanitize_log_names: NotRequired[bool] - payload_format: NotRequired[CreateOutputPayloadFormat] - r"""Format to use when sending payload. Defaults to Text.""" - log_labels: NotRequired[List[LogLabelConfOutputGoogleCloudLoggingTypedDict]] - r"""Labels to apply to the log entry""" - resource_type_expression: NotRequired[str] - r"""JavaScript expression to compute the value of the managed resource type field. Must evaluate to one of the valid values [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types). Defaults to \"global\".""" - resource_type_labels: NotRequired[ - List[LogLabelConfOutputGoogleCloudLoggingTypedDict] - ] - r"""Labels to apply to the managed resource. These must correspond to the valid labels for the specified resource type (see [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types)). Otherwise, they will be dropped by Google Cloud Logging.""" - severity_expression: NotRequired[str] - r"""JavaScript expression to compute the value of the severity field. Must evaluate to one of the severity values supported by Google Cloud Logging [here](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logseverity) (case insensitive). Defaults to \"DEFAULT\".""" - insert_id_expression: NotRequired[str] - r"""JavaScript expression to compute the value of the insert ID field.""" - google_auth_method: NotRequired[GoogleAuthenticationMethodOptions] - r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" - service_account_credentials: NotRequired[str] - r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" - secret: NotRequired[str] - r"""Select or create a stored text secret""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body.""" - max_payload_events: NotRequired[float] - r"""Max number of events to include in the request body. Default is 0 (unlimited).""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking.""" - connection_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it.""" - throttle_rate_req_per_sec: NotRequired[int] - r"""Maximum number of requests to limit to per second.""" - request_method_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request method as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - request_url_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request URL as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - request_size_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - status_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request method as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - response_size_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP response size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - user_agent_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request user agent as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - remote_ip_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request remote IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - server_ip_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request server IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - referer_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request referer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - latency_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request latency, formatted as .s (for example, 1.23s). See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - cache_lookup_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request cache lookup as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - cache_hit_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request cache hit as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - cache_validated_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request cache validated with origin server as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - cache_fill_bytes_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request cache fill bytes as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - protocol_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request protocol as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - id_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry operation ID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - producer_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry operation producer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - first_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry operation first flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - last_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry operation last flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - file_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry source location file as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" - line_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry source location line as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" - function_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry source location function as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" - uid_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry log split UID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" - index_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry log split index as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" - total_splits_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry log split total splits as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" - trace_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the REST resource name of the trace being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" - span_id_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the ID of the cloud trace span associated with the current operation in which the log is being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" - trace_sampled_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the the sampling decision of the span associated with the log entry. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - total_memory_limit_kb: NotRequired[float] - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - description: NotRequired[str] - payload_expression: NotRequired[str] - r"""JavaScript expression to compute the value of the payload. Must evaluate to a JavaScript object value. If an invalid value is encountered it will result in the default value instead. Defaults to the entire event.""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsGoogleCloudLoggingTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_log_location_type: NotRequired[str] - r"""Binds 'logLocationType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationType' at runtime.""" - template_log_name_expression: NotRequired[str] - r"""Binds 'logNameExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logNameExpression' at runtime.""" - template_payload_format: NotRequired[str] - r"""Binds 'payloadFormat' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadFormat' at runtime.""" - template_resource_type_expression: NotRequired[str] - r"""Binds 'resourceTypeExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'resourceTypeExpression' at runtime.""" - template_severity_expression: NotRequired[str] - r"""Binds 'severityExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'severityExpression' at runtime.""" - template_insert_id_expression: NotRequired[str] - r"""Binds 'insertIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'insertIdExpression' at runtime.""" - template_trace_expression: NotRequired[str] - r"""Binds 'traceExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceExpression' at runtime.""" - template_span_id_expression: NotRequired[str] - r"""Binds 'spanIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'spanIdExpression' at runtime.""" - template_trace_sampled_expression: NotRequired[str] - r"""Binds 'traceSampledExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceSampledExpression' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_log_location_expression: NotRequired[str] - r"""Binds 'logLocationExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationExpression' at runtime.""" - template_payload_expression: NotRequired[str] - r"""Binds 'payloadExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadExpression' at runtime.""" - - -class CreateOutputOutputGoogleCloudLogging(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeGoogleCloudLogging - - log_location_type: Annotated[ - CreateOutputLogLocationType, pydantic.Field(alias="logLocationType") - ] - - log_name_expression: Annotated[str, pydantic.Field(alias="logNameExpression")] - r"""JavaScript expression to compute the value of the log name. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" - - log_location_expression: Annotated[ - str, pydantic.Field(alias="logLocationExpression") - ] - r"""JavaScript expression to compute the value of the folder ID with which log entries should be associated. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - sanitize_log_names: Annotated[ - Optional[bool], pydantic.Field(alias="sanitizeLogNames") - ] = None - - payload_format: Annotated[ - Optional[CreateOutputPayloadFormat], pydantic.Field(alias="payloadFormat") - ] = None - r"""Format to use when sending payload. Defaults to Text.""" - - log_labels: Annotated[ - Optional[List[LogLabelConfOutputGoogleCloudLogging]], - pydantic.Field(alias="logLabels"), - ] = None - r"""Labels to apply to the log entry""" - - resource_type_expression: Annotated[ - Optional[str], pydantic.Field(alias="resourceTypeExpression") - ] = None - r"""JavaScript expression to compute the value of the managed resource type field. Must evaluate to one of the valid values [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types). Defaults to \"global\".""" - - resource_type_labels: Annotated[ - Optional[List[LogLabelConfOutputGoogleCloudLogging]], - pydantic.Field(alias="resourceTypeLabels"), - ] = None - r"""Labels to apply to the managed resource. These must correspond to the valid labels for the specified resource type (see [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types)). Otherwise, they will be dropped by Google Cloud Logging.""" - - severity_expression: Annotated[ - Optional[str], pydantic.Field(alias="severityExpression") - ] = None - r"""JavaScript expression to compute the value of the severity field. Must evaluate to one of the severity values supported by Google Cloud Logging [here](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logseverity) (case insensitive). Defaults to \"DEFAULT\".""" - - insert_id_expression: Annotated[ - Optional[str], pydantic.Field(alias="insertIdExpression") - ] = None - r"""JavaScript expression to compute the value of the insert ID field.""" - - google_auth_method: Annotated[ - Optional[GoogleAuthenticationMethodOptions], - pydantic.Field(alias="googleAuthMethod"), - ] = None - r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" - - service_account_credentials: Annotated[ - Optional[str], pydantic.Field(alias="serviceAccountCredentials") - ] = None - r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" - - secret: Optional[str] = None - r"""Select or create a stored text secret""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body.""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Max number of events to include in the request body. Default is 0 (unlimited).""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking.""" - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it.""" - - throttle_rate_req_per_sec: Annotated[ - Optional[int], pydantic.Field(alias="throttleRateReqPerSec") - ] = None - r"""Maximum number of requests to limit to per second.""" - - request_method_expression: Annotated[ - Optional[str], pydantic.Field(alias="requestMethodExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request method as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - request_url_expression: Annotated[ - Optional[str], pydantic.Field(alias="requestUrlExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request URL as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - request_size_expression: Annotated[ - Optional[str], pydantic.Field(alias="requestSizeExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - status_expression: Annotated[ - Optional[str], pydantic.Field(alias="statusExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request method as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - response_size_expression: Annotated[ - Optional[str], pydantic.Field(alias="responseSizeExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP response size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - user_agent_expression: Annotated[ - Optional[str], pydantic.Field(alias="userAgentExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request user agent as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - remote_ip_expression: Annotated[ - Optional[str], pydantic.Field(alias="remoteIpExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request remote IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - server_ip_expression: Annotated[ - Optional[str], pydantic.Field(alias="serverIpExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request server IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - referer_expression: Annotated[ - Optional[str], pydantic.Field(alias="refererExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request referer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - latency_expression: Annotated[ - Optional[str], pydantic.Field(alias="latencyExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request latency, formatted as .s (for example, 1.23s). See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - cache_lookup_expression: Annotated[ - Optional[str], pydantic.Field(alias="cacheLookupExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request cache lookup as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - cache_hit_expression: Annotated[ - Optional[str], pydantic.Field(alias="cacheHitExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request cache hit as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - cache_validated_expression: Annotated[ - Optional[str], pydantic.Field(alias="cacheValidatedExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request cache validated with origin server as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - cache_fill_bytes_expression: Annotated[ - Optional[str], pydantic.Field(alias="cacheFillBytesExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request cache fill bytes as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - protocol_expression: Annotated[ - Optional[str], pydantic.Field(alias="protocolExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request protocol as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - id_expression: Annotated[Optional[str], pydantic.Field(alias="idExpression")] = None - r"""A JavaScript expression that evaluates to the log entry operation ID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - - producer_expression: Annotated[ - Optional[str], pydantic.Field(alias="producerExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry operation producer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - - first_expression: Annotated[ - Optional[str], pydantic.Field(alias="firstExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry operation first flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - - last_expression: Annotated[ - Optional[str], pydantic.Field(alias="lastExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry operation last flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - - file_expression: Annotated[ - Optional[str], pydantic.Field(alias="fileExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry source location file as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" - - line_expression: Annotated[ - Optional[str], pydantic.Field(alias="lineExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry source location line as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" - - function_expression: Annotated[ - Optional[str], pydantic.Field(alias="functionExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry source location function as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" - - uid_expression: Annotated[Optional[str], pydantic.Field(alias="uidExpression")] = ( - None - ) - r"""A JavaScript expression that evaluates to the log entry log split UID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" - - index_expression: Annotated[ - Optional[str], pydantic.Field(alias="indexExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry log split index as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" - - total_splits_expression: Annotated[ - Optional[str], pydantic.Field(alias="totalSplitsExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry log split total splits as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" - - trace_expression: Annotated[ - Optional[str], pydantic.Field(alias="traceExpression") - ] = None - r"""A JavaScript expression that evaluates to the REST resource name of the trace being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" - - span_id_expression: Annotated[ - Optional[str], pydantic.Field(alias="spanIdExpression") - ] = None - r"""A JavaScript expression that evaluates to the ID of the cloud trace span associated with the current operation in which the log is being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" - - trace_sampled_expression: Annotated[ - Optional[str], pydantic.Field(alias="traceSampledExpression") - ] = None - r"""A JavaScript expression that evaluates to the the sampling decision of the span associated with the log entry. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - total_memory_limit_kb: Annotated[ - Optional[float], pydantic.Field(alias="totalMemoryLimitKB") - ] = None - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - - description: Optional[str] = None - - payload_expression: Annotated[ - Optional[str], pydantic.Field(alias="payloadExpression") - ] = None - r"""JavaScript expression to compute the value of the payload. Must evaluate to a JavaScript object value. If an invalid value is encountered it will result in the default value instead. Defaults to the entire event.""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsGoogleCloudLogging], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_log_location_type: Annotated[ - Optional[str], pydantic.Field(alias="__template_logLocationType") - ] = None - r"""Binds 'logLocationType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationType' at runtime.""" - - template_log_name_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_logNameExpression") - ] = None - r"""Binds 'logNameExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logNameExpression' at runtime.""" - - template_payload_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_payloadFormat") - ] = None - r"""Binds 'payloadFormat' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadFormat' at runtime.""" - - template_resource_type_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_resourceTypeExpression") - ] = None - r"""Binds 'resourceTypeExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'resourceTypeExpression' at runtime.""" - - template_severity_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_severityExpression") - ] = None - r"""Binds 'severityExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'severityExpression' at runtime.""" - - template_insert_id_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_insertIdExpression") - ] = None - r"""Binds 'insertIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'insertIdExpression' at runtime.""" - - template_trace_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_traceExpression") - ] = None - r"""Binds 'traceExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceExpression' at runtime.""" - - template_span_id_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_spanIdExpression") - ] = None - r"""Binds 'spanIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'spanIdExpression' at runtime.""" - - template_trace_sampled_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_traceSampledExpression") - ] = None - r"""Binds 'traceSampledExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceSampledExpression' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_log_location_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_logLocationExpression") - ] = None - r"""Binds 'logLocationExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationExpression' at runtime.""" - - template_payload_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_payloadExpression") - ] = None - r"""Binds 'payloadExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadExpression' at runtime.""" - - @field_serializer("log_location_type") - def serialize_log_location_type(self, value): - if isinstance(value, str): - try: - return models.CreateOutputLogLocationType(value) - except ValueError: - return value - return value - - @field_serializer("payload_format") - def serialize_payload_format(self, value): - if isinstance(value, str): - try: - return models.CreateOutputPayloadFormat(value) - except ValueError: - return value - return value - - @field_serializer("google_auth_method") - def serialize_google_auth_method(self, value): - if isinstance(value, str): - try: - return models.GoogleAuthenticationMethodOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "sanitizeLogNames", - "payloadFormat", - "logLabels", - "resourceTypeExpression", - "resourceTypeLabels", - "severityExpression", - "insertIdExpression", - "googleAuthMethod", - "serviceAccountCredentials", - "secret", - "maxPayloadSizeKB", - "maxPayloadEvents", - "flushPeriodSec", - "concurrency", - "connectionTimeout", - "timeoutSec", - "throttleRateReqPerSec", - "requestMethodExpression", - "requestUrlExpression", - "requestSizeExpression", - "statusExpression", - "responseSizeExpression", - "userAgentExpression", - "remoteIpExpression", - "serverIpExpression", - "refererExpression", - "latencyExpression", - "cacheLookupExpression", - "cacheHitExpression", - "cacheValidatedExpression", - "cacheFillBytesExpression", - "protocolExpression", - "idExpression", - "producerExpression", - "firstExpression", - "lastExpression", - "fileExpression", - "lineExpression", - "functionExpression", - "uidExpression", - "indexExpression", - "totalSplitsExpression", - "traceExpression", - "spanIdExpression", - "traceSampledExpression", - "onBackpressure", - "totalMemoryLimitKB", - "description", - "payloadExpression", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_logLocationType", - "__template_logNameExpression", - "__template_payloadFormat", - "__template_resourceTypeExpression", - "__template_severityExpression", - "__template_insertIdExpression", - "__template_traceExpression", - "__template_spanIdExpression", - "__template_traceSampledExpression", - "__template_onBackpressure", - "__template_logLocationExpression", - "__template_payloadExpression", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeGoogleCloudStorage(str, Enum): - GOOGLE_CLOUD_STORAGE = "google_cloud_storage" - - -class CreateOutputAuthenticationMethodGoogleCloudStorage( - str, Enum, metaclass=utils.OpenEnumMeta -): - # auto - AUTO = "auto" - # manual - MANUAL = "manual" - # Secret Key pair - SECRET = "secret" - - -class CreateOutputOutputGoogleCloudStorageTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeGoogleCloudStorage - bucket: str - r"""Name of the destination bucket. This value can be a constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a Global Variable: `myBucket-${C.vars.myVar}`.""" - region: str - r"""Region where the bucket is located""" - endpoint: str - r"""Google Cloud Storage service endpoint""" - stage_path: str - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - aws_authentication_method: NotRequired[ - CreateOutputAuthenticationMethodGoogleCloudStorage - ] - dest_path: NotRequired[str] - r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" - verify_permissions: NotRequired[bool] - r"""Disable if you can access files within the bucket but not the bucket itself""" - object_acl: NotRequired[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol] - r"""Object ACL to assign to uploaded objects""" - storage_class: NotRequired[StorageClassOptionsArchiveColdline] - r"""Storage class to select for uploaded objects""" - reuse_connections: NotRequired[bool] - r"""Reuse connections between requests, which can improve performance""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - add_id_to_stage_path: NotRequired[bool] - r"""Add the Output ID value to staging location""" - remove_empty_dirs: NotRequired[bool] - r"""Remove empty staging directories after moving files""" - partition_expr: NotRequired[str] - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - format_: NotRequired[DataFormatOptions] - r"""Format of the output data""" - base_file_name: NotRequired[str] - r"""JavaScript expression to define the output filename prefix (can be constant)""" - file_name_suffix: NotRequired[str] - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - max_file_size_mb: NotRequired[float] - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - max_file_open_time_sec: NotRequired[float] - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - max_file_idle_time_sec: NotRequired[float] - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - max_open_files: NotRequired[float] - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - header_line: NotRequired[str] - r"""If set, this line will be written to the beginning of each output file""" - write_high_water_mark: NotRequired[float] - r"""Buffer size used to write to a file""" - on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] - r"""How to handle events when all receivers are exerting backpressure""" - deadletter_enabled: NotRequired[bool] - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - force_close_on_shutdown: NotRequired[bool] - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - retry_settings: NotRequired[RetrySettingsTypeTypedDict] - orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] - description: NotRequired[str] - compress: NotRequired[CompressionOptionsHTTP] - r"""Data compression format to apply to HTTP content before it is delivered""" - compression_level: NotRequired[CompressionLevelOptions] - r"""Compression level to apply before moving files to final destination""" - automatic_schema: NotRequired[bool] - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - parquet_schema: NotRequired[str] - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - parquet_version: NotRequired[ParquetVersionOptions] - r"""Determines which data types are supported and how they are represented""" - parquet_data_page_version: NotRequired[DataPageVersionOptions] - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - parquet_row_group_length: NotRequired[float] - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - parquet_page_size: NotRequired[str] - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - should_log_invalid_rows: NotRequired[bool] - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - enable_statistics: NotRequired[bool] - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - enable_write_page_index: NotRequired[bool] - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - enable_page_checksum: NotRequired[bool] - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - empty_dir_cleanup_sec: NotRequired[float] - r"""How frequently, in seconds, to clean up empty directories""" - directory_batch_size: NotRequired[float] - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - deadletter_path: NotRequired[str] - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - max_retry_num: NotRequired[float] - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - aws_api_key: NotRequired[str] - r"""HMAC access key. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" - aws_secret_key: NotRequired[str] - r"""HMAC secret. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" - aws_secret: NotRequired[str] - r"""Select or create a stored secret that references your access key and secret key""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_bucket: NotRequired[str] - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_endpoint: NotRequired[str] - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - template_dest_path: NotRequired[str] - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - template_object_acl: NotRequired[str] - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - template_storage_class: NotRequired[str] - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - template_partition_expr: NotRequired[str] - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_base_file_name: NotRequired[str] - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - template_file_name_suffix: NotRequired[str] - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - template_parquet_schema: NotRequired[str] - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - template_aws_api_key: NotRequired[str] - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - template_aws_secret_key: NotRequired[str] - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - - -class CreateOutputOutputGoogleCloudStorage(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeGoogleCloudStorage - - bucket: str - r"""Name of the destination bucket. This value can be a constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a Global Variable: `myBucket-${C.vars.myVar}`.""" - - region: str - r"""Region where the bucket is located""" - - endpoint: str - r"""Google Cloud Storage service endpoint""" - - stage_path: Annotated[str, pydantic.Field(alias="stagePath")] - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - aws_authentication_method: Annotated[ - Optional[CreateOutputAuthenticationMethodGoogleCloudStorage], - pydantic.Field(alias="awsAuthenticationMethod"), - ] = None - - dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None - r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" - - verify_permissions: Annotated[ - Optional[bool], pydantic.Field(alias="verifyPermissions") - ] = None - r"""Disable if you can access files within the bucket but not the bucket itself""" - - object_acl: Annotated[ - Optional[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol], - pydantic.Field(alias="objectACL"), - ] = None - r"""Object ACL to assign to uploaded objects""" - - storage_class: Annotated[ - Optional[StorageClassOptionsArchiveColdline], - pydantic.Field(alias="storageClass"), - ] = None - r"""Storage class to select for uploaded objects""" - - reuse_connections: Annotated[ - Optional[bool], pydantic.Field(alias="reuseConnections") - ] = None - r"""Reuse connections between requests, which can improve performance""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - - add_id_to_stage_path: Annotated[ - Optional[bool], pydantic.Field(alias="addIdToStagePath") - ] = None - r"""Add the Output ID value to staging location""" - - remove_empty_dirs: Annotated[ - Optional[bool], pydantic.Field(alias="removeEmptyDirs") - ] = None - r"""Remove empty staging directories after moving files""" - - partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( - None - ) - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - - format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( - None - ) - r"""Format of the output data""" - - base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( - None - ) - r"""JavaScript expression to define the output filename prefix (can be constant)""" - - file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="fileNameSuffix") - ] = None - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - - max_file_size_mb: Annotated[ - Optional[float], pydantic.Field(alias="maxFileSizeMB") - ] = None - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - - max_file_open_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") - ] = None - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - - max_file_idle_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") - ] = None - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - - max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( - None - ) - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - - header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None - r"""If set, this line will be written to the beginning of each output file""" - - write_high_water_mark: Annotated[ - Optional[float], pydantic.Field(alias="writeHighWaterMark") - ] = None - r"""Buffer size used to write to a file""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptionsBlockDrop], - pydantic.Field(alias="onBackpressure"), - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - deadletter_enabled: Annotated[ - Optional[bool], pydantic.Field(alias="deadletterEnabled") - ] = None - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - - on_disk_full_backpressure: Annotated[ - Optional[DiskSpaceProtectionOptions], - pydantic.Field(alias="onDiskFullBackpressure"), - ] = None - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - - force_close_on_shutdown: Annotated[ - Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") - ] = None - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - - retry_settings: Annotated[ - Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") - ] = None - - orphans: Optional[OrphanFileRecoveryType] = None - - description: Optional[str] = None - - compress: Optional[CompressionOptionsHTTP] = None - r"""Data compression format to apply to HTTP content before it is delivered""" - - compression_level: Annotated[ - Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") - ] = None - r"""Compression level to apply before moving files to final destination""" - - automatic_schema: Annotated[ - Optional[bool], pydantic.Field(alias="automaticSchema") - ] = None - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - - parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( - None - ) - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - - parquet_version: Annotated[ - Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") - ] = None - r"""Determines which data types are supported and how they are represented""" - - parquet_data_page_version: Annotated[ - Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") - ] = None - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - - parquet_row_group_length: Annotated[ - Optional[float], pydantic.Field(alias="parquetRowGroupLength") - ] = None - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - - parquet_page_size: Annotated[ - Optional[str], pydantic.Field(alias="parquetPageSize") - ] = None - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - - should_log_invalid_rows: Annotated[ - Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") - ] = None - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - - key_value_metadata: Annotated[ - Optional[List[KeyValueMetadataConfOutputFilesystem]], - pydantic.Field(alias="keyValueMetadata"), - ] = None - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - - enable_statistics: Annotated[ - Optional[bool], pydantic.Field(alias="enableStatistics") - ] = None - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - - enable_write_page_index: Annotated[ - Optional[bool], pydantic.Field(alias="enableWritePageIndex") - ] = None - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - - enable_page_checksum: Annotated[ - Optional[bool], pydantic.Field(alias="enablePageChecksum") - ] = None - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - - empty_dir_cleanup_sec: Annotated[ - Optional[float], pydantic.Field(alias="emptyDirCleanupSec") - ] = None - r"""How frequently, in seconds, to clean up empty directories""" - - directory_batch_size: Annotated[ - Optional[float], pydantic.Field(alias="directoryBatchSize") - ] = None - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - - deadletter_path: Annotated[ - Optional[str], pydantic.Field(alias="deadletterPath") - ] = None - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - - max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( - None - ) - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - - aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None - r"""HMAC access key. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" - - aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( - None - ) - r"""HMAC secret. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" - - aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None - r"""Select or create a stored secret that references your access key and secret key""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_bucket: Annotated[ - Optional[str], pydantic.Field(alias="__template_bucket") - ] = None - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_endpoint") - ] = None - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - - template_dest_path: Annotated[ - Optional[str], pydantic.Field(alias="__template_destPath") - ] = None - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - - template_object_acl: Annotated[ - Optional[str], pydantic.Field(alias="__template_objectACL") - ] = None - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - - template_storage_class: Annotated[ - Optional[str], pydantic.Field(alias="__template_storageClass") - ] = None - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - - template_partition_expr: Annotated[ - Optional[str], pydantic.Field(alias="__template_partitionExpr") - ] = None - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_base_file_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_baseFileName") - ] = None - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - - template_file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="__template_fileNameSuffix") - ] = None - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - template_parquet_schema: Annotated[ - Optional[str], pydantic.Field(alias="__template_parquetSchema") - ] = None - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - template_aws_api_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsApiKey") - ] = None - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - template_aws_secret_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsSecretKey") - ] = None - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - - @field_serializer("aws_authentication_method") - def serialize_aws_authentication_method(self, value): - if isinstance(value, str): - try: - return models.CreateOutputAuthenticationMethodGoogleCloudStorage(value) - except ValueError: - return value - return value - - @field_serializer("object_acl") - def serialize_object_acl(self, value): - if isinstance(value, str): - try: - return models.ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol( - value - ) - except ValueError: - return value - return value - - @field_serializer("storage_class") - def serialize_storage_class(self, value): - if isinstance(value, str): - try: - return models.StorageClassOptionsArchiveColdline(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.DataFormatOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptionsBlockDrop(value) - except ValueError: - return value - return value - - @field_serializer("on_disk_full_backpressure") - def serialize_on_disk_full_backpressure(self, value): - if isinstance(value, str): - try: - return models.DiskSpaceProtectionOptions(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsHTTP(value) - except ValueError: - return value - return value - - @field_serializer("compression_level") - def serialize_compression_level(self, value): - if isinstance(value, str): - try: - return models.CompressionLevelOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_version") - def serialize_parquet_version(self, value): - if isinstance(value, str): - try: - return models.ParquetVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_data_page_version") - def serialize_parquet_data_page_version(self, value): - if isinstance(value, str): - try: - return models.DataPageVersionOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "awsAuthenticationMethod", - "destPath", - "verifyPermissions", - "objectACL", - "storageClass", - "reuseConnections", - "rejectUnauthorized", - "addIdToStagePath", - "removeEmptyDirs", - "partitionExpr", - "format", - "baseFileName", - "fileNameSuffix", - "maxFileSizeMB", - "maxFileOpenTimeSec", - "maxFileIdleTimeSec", - "maxOpenFiles", - "headerLine", - "writeHighWaterMark", - "onBackpressure", - "deadletterEnabled", - "onDiskFullBackpressure", - "forceCloseOnShutdown", - "retrySettings", - "orphans", - "description", - "compress", - "compressionLevel", - "automaticSchema", - "parquetSchema", - "parquetVersion", - "parquetDataPageVersion", - "parquetRowGroupLength", - "parquetPageSize", - "shouldLogInvalidRows", - "keyValueMetadata", - "enableStatistics", - "enableWritePageIndex", - "enablePageChecksum", - "emptyDirCleanupSec", - "directoryBatchSize", - "deadletterPath", - "maxRetryNum", - "awsApiKey", - "awsSecretKey", - "awsSecret", - "__template_streamtags", - "__template_bucket", - "__template_region", - "__template_endpoint", - "__template_destPath", - "__template_objectACL", - "__template_storageClass", - "__template_partitionExpr", - "__template_format", - "__template_baseFileName", - "__template_fileNameSuffix", - "__template_onBackpressure", - "__template_compress", - "__template_parquetSchema", - "__template_awsApiKey", - "__template_awsSecretKey", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeGoogleChronicle(str, Enum): - GOOGLE_CHRONICLE = "google_chronicle" - - -class CreateOutputAPIVersion(str, Enum, metaclass=utils.OpenEnumMeta): - # V1 - V1 = "v1" - # V2 - V2 = "v2" - - -class CreateOutputAuthenticationMethodGoogleChronicle( - str, Enum, metaclass=utils.OpenEnumMeta -): - # API key - MANUAL = "manual" - # API key secret - SECRET = "secret" - # Service account credentials - SERVICE_ACCOUNT = "serviceAccount" - # Service account credentials secret - SERVICE_ACCOUNT_SECRET = "serviceAccountSecret" - - -class CreateOutputSendEventsAs(str, Enum, metaclass=utils.OpenEnumMeta): - # Unstructured - UNSTRUCTURED = "unstructured" - # UDM - UDM = "udm" - - -class CreateOutputExtraLogTypeTypedDict(TypedDict): - log_type: str - description: NotRequired[str] - - -class CreateOutputExtraLogType(BaseModel): - log_type: Annotated[str, pydantic.Field(alias="logType")] - - description: Optional[str] = None - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["description"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputUDMType(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Defines the specific format for UDM events sent to Google SecOps. This must match the type of UDM data being sent.""" - - ENTITIES = "entities" - LOGS = "logs" - - -class CreateOutputPqControlsGoogleChronicleTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsGoogleChronicle(BaseModel): - pass - - -class CreateOutputOutputGoogleChronicleTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeGoogleChronicle - log_format_type: CreateOutputSendEventsAs - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - api_version: NotRequired[CreateOutputAPIVersion] - authentication_method: NotRequired[CreateOutputAuthenticationMethodGoogleChronicle] - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - region: NotRequired[str] - r"""Regional endpoint to send events to""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - total_memory_limit_kb: NotRequired[float] - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - description: NotRequired[str] - extra_log_types: NotRequired[List[CreateOutputExtraLogTypeTypedDict]] - r"""Custom log types. If the value \"Custom\" is selected in the setting \"Default log type\" above, the first custom log type in this table will be automatically selected as default log type.""" - log_type: NotRequired[str] - r"""Default log type value to send to SecOps. Can be overwritten by event field __logType.""" - log_text_field: NotRequired[str] - r"""Name of the event field that contains the log text to send. If not specified, Stream sends a JSON representation of the whole event.""" - customer_id: NotRequired[str] - r"""A unique identifier (UUID) for your Google SecOps instance. This is provided by your Google representative and is required for API V2 authentication.""" - namespace: NotRequired[str] - r"""User-configured environment namespace to identify the data domain the logs originated from. Use namespace as a tag to identify the appropriate data domain for indexing and enrichment functionality. Can be overwritten by event field __namespace.""" - custom_labels: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] - r"""Custom labels to be added to every batch""" - udm_type: NotRequired[CreateOutputUDMType] - r"""Defines the specific format for UDM events sent to Google SecOps. This must match the type of UDM data being sent.""" - api_key: NotRequired[str] - r"""Organization's API key in Google SecOps""" - api_key_secret: NotRequired[str] - r"""Select or create a stored text secret""" - service_account_credentials: NotRequired[str] - r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" - service_account_credentials_secret: NotRequired[str] - r"""Select or create a stored text secret""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsGoogleChronicleTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_api_version: NotRequired[str] - r"""Binds 'apiVersion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'apiVersion' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_customer_id: NotRequired[str] - r"""Binds 'customerId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customerId' at runtime.""" - - -class CreateOutputOutputGoogleChronicle(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeGoogleChronicle - - log_format_type: Annotated[ - CreateOutputSendEventsAs, pydantic.Field(alias="logFormatType") - ] - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - api_version: Annotated[ - Optional[CreateOutputAPIVersion], pydantic.Field(alias="apiVersion") - ] = None - - authentication_method: Annotated[ - Optional[CreateOutputAuthenticationMethodGoogleChronicle], - pydantic.Field(alias="authenticationMethod"), - ] = None - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - region: Optional[str] = None - r"""Regional endpoint to send events to""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - total_memory_limit_kb: Annotated[ - Optional[float], pydantic.Field(alias="totalMemoryLimitKB") - ] = None - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - - description: Optional[str] = None - - extra_log_types: Annotated[ - Optional[List[CreateOutputExtraLogType]], pydantic.Field(alias="extraLogTypes") - ] = None - r"""Custom log types. If the value \"Custom\" is selected in the setting \"Default log type\" above, the first custom log type in this table will be automatically selected as default log type.""" - - log_type: Annotated[Optional[str], pydantic.Field(alias="logType")] = None - r"""Default log type value to send to SecOps. Can be overwritten by event field __logType.""" - - log_text_field: Annotated[Optional[str], pydantic.Field(alias="logTextField")] = ( - None - ) - r"""Name of the event field that contains the log text to send. If not specified, Stream sends a JSON representation of the whole event.""" - - customer_id: Annotated[Optional[str], pydantic.Field(alias="customerId")] = None - r"""A unique identifier (UUID) for your Google SecOps instance. This is provided by your Google representative and is required for API V2 authentication.""" - - namespace: Optional[str] = None - r"""User-configured environment namespace to identify the data domain the logs originated from. Use namespace as a tag to identify the appropriate data domain for indexing and enrichment functionality. Can be overwritten by event field __namespace.""" - - custom_labels: Annotated[ - Optional[List[KeyValueMetadataConfOutputFilesystem]], - pydantic.Field(alias="customLabels"), - ] = None - r"""Custom labels to be added to every batch""" - - udm_type: Annotated[ - Optional[CreateOutputUDMType], pydantic.Field(alias="udmType") - ] = None - r"""Defines the specific format for UDM events sent to Google SecOps. This must match the type of UDM data being sent.""" - - api_key: Annotated[Optional[str], pydantic.Field(alias="apiKey")] = None - r"""Organization's API key in Google SecOps""" - - api_key_secret: Annotated[Optional[str], pydantic.Field(alias="apiKeySecret")] = ( - None - ) - r"""Select or create a stored text secret""" - - service_account_credentials: Annotated[ - Optional[str], pydantic.Field(alias="serviceAccountCredentials") - ] = None - r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" - - service_account_credentials_secret: Annotated[ - Optional[str], pydantic.Field(alias="serviceAccountCredentialsSecret") - ] = None - r"""Select or create a stored text secret""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsGoogleChronicle], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_api_version: Annotated[ - Optional[str], pydantic.Field(alias="__template_apiVersion") - ] = None - r"""Binds 'apiVersion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'apiVersion' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_customer_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_customerId") - ] = None - r"""Binds 'customerId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customerId' at runtime.""" - - @field_serializer("api_version") - def serialize_api_version(self, value): - if isinstance(value, str): - try: - return models.CreateOutputAPIVersion(value) - except ValueError: - return value - return value - - @field_serializer("authentication_method") - def serialize_authentication_method(self, value): - if isinstance(value, str): - try: - return models.CreateOutputAuthenticationMethodGoogleChronicle(value) - except ValueError: - return value - return value - - @field_serializer("log_format_type") - def serialize_log_format_type(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSendEventsAs(value) - except ValueError: - return value - return value - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("udm_type") - def serialize_udm_type(self, value): - if isinstance(value, str): - try: - return models.CreateOutputUDMType(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "apiVersion", - "authenticationMethod", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "region", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "failedRequestLoggingMode", - "safeHeaders", - "useRoundRobinDns", - "onBackpressure", - "totalMemoryLimitKB", - "description", - "extraLogTypes", - "logType", - "logTextField", - "customerId", - "namespace", - "customLabels", - "udmType", - "apiKey", - "apiKeySecret", - "serviceAccountCredentials", - "serviceAccountCredentialsSecret", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_apiVersion", - "__template_region", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_customerId", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeAzureEventhub(str, Enum): - AZURE_EVENTHUB = "azure_eventhub" - - -class CreateOutputPqControlsAzureEventhubTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsAzureEventhub(BaseModel): - pass - - -class CreateOutputOutputAzureEventhubTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeAzureEventhub - brokers: List[str] - r"""List of Event Hubs Kafka brokers to connect to, eg. yourdomain.servicebus.windows.net:9093. The hostname can be found in the host portion of the primary or secondary connection string in Shared Access Policies.""" - topic: str - r"""The name of the Event Hub (Kafka Topic) to publish events. Can be overwritten using field __topicOut.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - ack: NotRequired[AcknowledgmentsOptions] - r"""Control the number of required acknowledgments""" - format_: NotRequired[RecordDataFormatOptions] - r"""Format to use to serialize events before writing to the Event Hubs Kafka brokers""" - max_record_size_kb: NotRequired[float] - r"""Maximum size of each record batch before compression. Setting should be < message.max.bytes settings in Event Hubs brokers.""" - flush_event_count: NotRequired[float] - r"""Maximum number of events in a batch before forcing a flush""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - connection_timeout: NotRequired[float] - r"""Maximum time to wait for a connection to complete successfully""" - request_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to a request""" - max_retries: NotRequired[float] - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - max_back_off: NotRequired[float] - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - initial_backoff: NotRequired[float] - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - backoff_rate: NotRequired[float] - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - authentication_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to an authentication request""" - reauthentication_threshold: NotRequired[float] - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - sasl: NotRequired[AuthenticationTypeUseTypedDict] - r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" - tls: NotRequired[TLSSettingsClientSideTypeTypedDict] - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsAzureEventhubTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_brokers: NotRequired[str] - r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" - template_topic: NotRequired[str] - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputOutputAzureEventhub(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeAzureEventhub - - brokers: List[str] - r"""List of Event Hubs Kafka brokers to connect to, eg. yourdomain.servicebus.windows.net:9093. The hostname can be found in the host portion of the primary or secondary connection string in Shared Access Policies.""" - - topic: str - r"""The name of the Event Hub (Kafka Topic) to publish events. Can be overwritten using field __topicOut.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - ack: Optional[AcknowledgmentsOptions] = None - r"""Control the number of required acknowledgments""" - - format_: Annotated[ - Optional[RecordDataFormatOptions], pydantic.Field(alias="format") - ] = None - r"""Format to use to serialize events before writing to the Event Hubs Kafka brokers""" - - max_record_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSizeKB") - ] = None - r"""Maximum size of each record batch before compression. Setting should be < message.max.bytes settings in Event Hubs brokers.""" - - flush_event_count: Annotated[ - Optional[float], pydantic.Field(alias="flushEventCount") - ] = None - r"""Maximum number of events in a batch before forcing a flush""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Maximum time to wait for a connection to complete successfully""" - - request_timeout: Annotated[ - Optional[float], pydantic.Field(alias="requestTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to a request""" - - max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - - max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - - initial_backoff: Annotated[ - Optional[float], pydantic.Field(alias="initialBackoff") - ] = None - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - - backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - - authentication_timeout: Annotated[ - Optional[float], pydantic.Field(alias="authenticationTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to an authentication request""" - - reauthentication_threshold: Annotated[ - Optional[float], pydantic.Field(alias="reauthenticationThreshold") - ] = None - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - - sasl: Optional[AuthenticationTypeUse] = None - r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" - - tls: Optional[TLSSettingsClientSideType] = None - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsAzureEventhub], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_brokers: Annotated[ - Optional[str], pydantic.Field(alias="__template_brokers") - ] = None - r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" - - template_topic: Annotated[ - Optional[str], pydantic.Field(alias="__template_topic") - ] = None - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("ack") - def serialize_ack(self, value): - if isinstance(value, str): - try: - return models.AcknowledgmentsOptions(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.RecordDataFormatOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "ack", - "format", - "maxRecordSizeKB", - "flushEventCount", - "flushPeriodSec", - "connectionTimeout", - "requestTimeout", - "maxRetries", - "maxBackOff", - "initialBackoff", - "backoffRate", - "authenticationTimeout", - "reauthenticationThreshold", - "sasl", - "tls", - "onBackpressure", - "description", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_brokers", - "__template_topic", - "__template_format", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeHoneycomb(str, Enum): - HONEYCOMB = "honeycomb" - - -class CreateOutputPqControlsHoneycombTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsHoneycomb(BaseModel): - pass - - -class CreateOutputOutputHoneycombTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeHoneycomb - dataset: str - r"""Name of the dataset to send events to – e.g., observability""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[AuthenticationMethodOptionsAPI] - r"""Enter API key directly, or select a stored secret""" - description: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsHoneycombTypedDict] - team: NotRequired[str] - r"""Team API key where the dataset belongs""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputOutputHoneycomb(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeHoneycomb - - dataset: str - r"""Name of the dataset to send events to – e.g., observability""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAPI], pydantic.Field(alias="authType") - ] = None - r"""Enter API key directly, or select a stored secret""" - - description: Optional[str] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsHoneycomb], pydantic.Field(alias="pqControls") - ] = None - - team: Optional[str] = None - r"""Team API key where the dataset belongs""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAPI(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "authType", - "description", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "team", - "textSecret", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeKinesis(str, Enum): - KINESIS = "kinesis" - - -class CreateOutputCompression(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Compression type to use for records""" - - # None - NONE = "none" - # Gzip - GZIP = "gzip" - - -class CreateOutputPqControlsKinesisTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsKinesis(BaseModel): - pass - - -class CreateOutputOutputKinesisTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeKinesis - stream_name: str - r"""Kinesis stream name to send events to.""" - region: str - r"""Region where the Kinesis stream is located""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] - r"""AWS authentication method. Choose Auto to use IAM roles.""" - aws_secret_key: NotRequired[str] - endpoint: NotRequired[str] - r"""Kinesis stream service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to Kinesis stream-compatible endpoint.""" - reuse_connections: NotRequired[bool] - r"""Reuse connections between requests, which can improve performance""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - enable_assume_role: NotRequired[bool] - r"""Use Assume Role credentials to access Kinesis stream""" - assume_role_arn: NotRequired[str] - r"""Amazon Resource Name (ARN) of the role to assume""" - assume_role_external_id: NotRequired[str] - r"""External ID to use when assuming role""" - duration_seconds: NotRequired[float] - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing put requests before blocking.""" - max_record_size_kb: NotRequired[float] - r"""Maximum size (KB) of each individual record before compression. For uncompressed or non-compressible data 1MB is the max recommended size""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - compression: NotRequired[CreateOutputCompression] - r"""Compression type to use for records""" - use_list_shards: NotRequired[bool] - r"""Provides higher stream rate limits, improving delivery speed and reliability by minimizing throttling. See the [ListShards API](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_ListShards.html) documentation for details.""" - as_ndjson: NotRequired[bool] - r"""Batch events into a single record as NDJSON""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - aws_api_key: NotRequired[str] - aws_secret: NotRequired[str] - r"""Select or create a stored secret that references your access key and secret key""" - max_events_per_flush: NotRequired[float] - r"""Maximum number of records to send in a single request""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsKinesisTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_stream_name: NotRequired[str] - r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" - template_aws_secret_key: NotRequired[str] - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_endpoint: NotRequired[str] - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - template_assume_role_arn: NotRequired[str] - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - template_assume_role_external_id: NotRequired[str] - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_aws_api_key: NotRequired[str] - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - -class CreateOutputOutputKinesis(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeKinesis - - stream_name: Annotated[str, pydantic.Field(alias="streamName")] - r"""Kinesis stream name to send events to.""" - - region: str - r"""Region where the Kinesis stream is located""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - aws_authentication_method: Annotated[ - Optional[AuthenticationMethodOptionsS3CollectorConf], - pydantic.Field(alias="awsAuthenticationMethod"), - ] = None - r"""AWS authentication method. Choose Auto to use IAM roles.""" - - aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( - None - ) - - endpoint: Optional[str] = None - r"""Kinesis stream service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to Kinesis stream-compatible endpoint.""" - - reuse_connections: Annotated[ - Optional[bool], pydantic.Field(alias="reuseConnections") - ] = None - r"""Reuse connections between requests, which can improve performance""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - - enable_assume_role: Annotated[ - Optional[bool], pydantic.Field(alias="enableAssumeRole") - ] = None - r"""Use Assume Role credentials to access Kinesis stream""" - - assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( - None - ) - r"""Amazon Resource Name (ARN) of the role to assume""" - - assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="assumeRoleExternalId") - ] = None - r"""External ID to use when assuming role""" - - duration_seconds: Annotated[ - Optional[float], pydantic.Field(alias="durationSeconds") - ] = None - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing put requests before blocking.""" - - max_record_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSizeKB") - ] = None - r"""Maximum size (KB) of each individual record before compression. For uncompressed or non-compressible data 1MB is the max recommended size""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - - compression: Optional[CreateOutputCompression] = None - r"""Compression type to use for records""" - - use_list_shards: Annotated[ - Optional[bool], pydantic.Field(alias="useListShards") - ] = None - r"""Provides higher stream rate limits, improving delivery speed and reliability by minimizing throttling. See the [ListShards API](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_ListShards.html) documentation for details.""" - - as_ndjson: Annotated[Optional[bool], pydantic.Field(alias="asNdjson")] = None - r"""Batch events into a single record as NDJSON""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None - - aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None - r"""Select or create a stored secret that references your access key and secret key""" - - max_events_per_flush: Annotated[ - Optional[float], pydantic.Field(alias="maxEventsPerFlush") - ] = None - r"""Maximum number of records to send in a single request""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsKinesis], pydantic.Field(alias="pqControls") - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_stream_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamName") - ] = None - r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" - - template_aws_secret_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsSecretKey") - ] = None - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_endpoint") - ] = None - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - - template_assume_role_arn: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleArn") - ] = None - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - - template_assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") - ] = None - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_aws_api_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsApiKey") - ] = None - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - @field_serializer("aws_authentication_method") - def serialize_aws_authentication_method(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsS3CollectorConf(value) - except ValueError: - return value - return value - - @field_serializer("compression") - def serialize_compression(self, value): - if isinstance(value, str): - try: - return models.CreateOutputCompression(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "awsAuthenticationMethod", - "awsSecretKey", - "endpoint", - "reuseConnections", - "rejectUnauthorized", - "enableAssumeRole", - "assumeRoleArn", - "assumeRoleExternalId", - "durationSeconds", - "concurrency", - "maxRecordSizeKB", - "flushPeriodSec", - "compression", - "useListShards", - "asNdjson", - "onBackpressure", - "description", - "awsApiKey", - "awsSecret", - "maxEventsPerFlush", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_streamName", - "__template_awsSecretKey", - "__template_region", - "__template_endpoint", - "__template_assumeRoleArn", - "__template_assumeRoleExternalId", - "__template_onBackpressure", - "__template_awsApiKey", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeAzureLogs(str, Enum): - AZURE_LOGS = "azure_logs" - - -class CreateOutputAuthenticationMethodAzureLogs( - str, Enum, metaclass=utils.OpenEnumMeta -): - r"""Enter workspace ID and workspace key directly, or select a stored secret""" - - MANUAL = "manual" - SECRET = "secret" - - -class CreateOutputPqControlsAzureLogsTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsAzureLogs(BaseModel): - pass - - -class CreateOutputOutputAzureLogsTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeAzureLogs - log_type: str - r"""The Log Type of events sent to this LogAnalytics workspace. Defaults to `Cribl`. Use only letters, numbers, and `_` characters, and can't exceed 100 characters. Can be overwritten by event field __logType.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - resource_id: NotRequired[str] - r"""Optional Resource ID of the Azure resource to associate the data with. Can be overridden by the __resourceId event field. This ID populates the _ResourceId property, allowing the data to be included in resource-centric queries. If the ID is neither specified nor overridden, resource-centric queries will omit the data.""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - api_url: NotRequired[str] - r"""The DNS name of the Log API endpoint that sends log data to a Log Analytics workspace in Azure Monitor. Defaults to .ods.opinsights.azure.com. @{product} will add a prefix and suffix to construct a URI in this format: /api/logs?api-version=.""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[CreateOutputAuthenticationMethodAzureLogs] - r"""Enter workspace ID and workspace key directly, or select a stored secret""" - description: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsAzureLogsTypedDict] - workspace_id: NotRequired[str] - r"""Azure Log Analytics Workspace ID. See Azure Dashboard Workspace > Advanced settings.""" - workspace_key: NotRequired[str] - r"""Azure Log Analytics Workspace Primary or Secondary Shared Key. See Azure Dashboard Workspace > Advanced settings.""" - keypair_secret: NotRequired[str] - r"""Select or create a stored secret that references your access key and secret key""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_workspace_id: NotRequired[str] - r"""Binds 'workspaceId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceId' at runtime.""" - template_workspace_key: NotRequired[str] - r"""Binds 'workspaceKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceKey' at runtime.""" - - -class CreateOutputOutputAzureLogs(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeAzureLogs - - log_type: Annotated[str, pydantic.Field(alias="logType")] - r"""The Log Type of events sent to this LogAnalytics workspace. Defaults to `Cribl`. Use only letters, numbers, and `_` characters, and can't exceed 100 characters. Can be overwritten by event field __logType.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - resource_id: Annotated[Optional[str], pydantic.Field(alias="resourceId")] = None - r"""Optional Resource ID of the Azure resource to associate the data with. Can be overridden by the __resourceId event field. This ID populates the _ResourceId property, allowing the data to be included in resource-centric queries. If the ID is neither specified nor overridden, resource-centric queries will omit the data.""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - api_url: Annotated[Optional[str], pydantic.Field(alias="apiUrl")] = None - r"""The DNS name of the Log API endpoint that sends log data to a Log Analytics workspace in Azure Monitor. Defaults to .ods.opinsights.azure.com. @{product} will add a prefix and suffix to construct a URI in this format: /api/logs?api-version=.""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[CreateOutputAuthenticationMethodAzureLogs], - pydantic.Field(alias="authType"), - ] = None - r"""Enter workspace ID and workspace key directly, or select a stored secret""" - - description: Optional[str] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsAzureLogs], pydantic.Field(alias="pqControls") - ] = None - - workspace_id: Annotated[Optional[str], pydantic.Field(alias="workspaceId")] = None - r"""Azure Log Analytics Workspace ID. See Azure Dashboard Workspace > Advanced settings.""" - - workspace_key: Annotated[Optional[str], pydantic.Field(alias="workspaceKey")] = None - r"""Azure Log Analytics Workspace Primary or Secondary Shared Key. See Azure Dashboard Workspace > Advanced settings.""" - - keypair_secret: Annotated[Optional[str], pydantic.Field(alias="keypairSecret")] = ( - None - ) - r"""Select or create a stored secret that references your access key and secret key""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_workspace_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_workspaceId") - ] = None - r"""Binds 'workspaceId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceId' at runtime.""" - - template_workspace_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_workspaceKey") - ] = None - r"""Binds 'workspaceKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceKey' at runtime.""" - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.CreateOutputAuthenticationMethodAzureLogs(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "resourceId", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "apiUrl", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "authType", - "description", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "workspaceId", - "workspaceKey", - "keypairSecret", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_workspaceId", - "__template_workspaceKey", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeAzureDataExplorer(str, Enum): - AZURE_DATA_EXPLORER = "azure_data_explorer" - - -class CreateOutputIngestionMode(str, Enum, metaclass=utils.OpenEnumMeta): - # Batching - BATCHING = "batching" - # Streaming - STREAMING = "streaming" - - -class CreateOutputAuthenticationMethodAzureDataExplorer( - str, Enum, metaclass=utils.OpenEnumMeta -): - r"""The type of OAuth 2.0 client credentials grant flow to use""" - - # Client secret - CLIENT_SECRET = "clientSecret" - # Client secret (text secret) - CLIENT_TEXT_SECRET = "clientTextSecret" - # Certificate - CERTIFICATE = "certificate" - - -class CreateOutputCertificateTypedDict(TypedDict): - certificate_name: NotRequired[str] - r"""The certificate you registered as credentials for your app in the Azure portal""" - - -class CreateOutputCertificate(BaseModel): - certificate_name: Annotated[ - Optional[str], pydantic.Field(alias="certificateName") - ] = None - r"""The certificate you registered as credentials for your app in the Azure portal""" - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["certificateName"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputPrefixOptional(str, Enum, metaclass=utils.OpenEnumMeta): - # drop-by - DROP_BY = "dropBy" - # ingest-by - INGEST_BY = "ingestBy" - - -class CreateOutputExtentTagTypedDict(TypedDict): - value: str - prefix: NotRequired[CreateOutputPrefixOptional] - - -class CreateOutputExtentTag(BaseModel): - value: str - - prefix: Optional[CreateOutputPrefixOptional] = None - - @field_serializer("prefix") - def serialize_prefix(self, value): - if isinstance(value, str): - try: - return models.CreateOutputPrefixOptional(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["prefix"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputIngestIfNotExistTypedDict(TypedDict): - value: str - - -class CreateOutputIngestIfNotExist(BaseModel): - value: str - - -class CreateOutputReportLevel(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Level of ingestion status reporting. Defaults to FailuresOnly.""" - - # FailuresOnly - FAILURES_ONLY = "failuresOnly" - # DoNotReport - DO_NOT_REPORT = "doNotReport" - # FailuresAndSuccesses - FAILURES_AND_SUCCESSES = "failuresAndSuccesses" - - -class CreateOutputReportMethod(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Target of the ingestion status reporting. Defaults to Queue.""" - - # Queue - QUEUE = "queue" - # Table - TABLE = "table" - # QueueAndTable - QUEUE_AND_TABLE = "queueAndTable" - - -class CreateOutputAdditionalPropertyTypedDict(TypedDict): - key: str - value: str - - -class CreateOutputAdditionalProperty(BaseModel): - key: str - - value: str - - -class CreateOutputPqControlsAzureDataExplorerTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsAzureDataExplorer(BaseModel): - pass - - -class CreateOutputOutputAzureDataExplorerTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeAzureDataExplorer - cluster_url: str - r"""The base URI for your cluster. Typically, `https://..kusto.windows.net`.""" - database: str - r"""Name of the database containing the table where data will be ingested""" - table: str - r"""Name of the table to ingest data into""" - oauth_endpoint: MicrosoftEntraIDAuthenticationEndpointOptionsSasl - r"""Endpoint used to acquire authentication tokens from Azure""" - tenant_id: str - r"""Directory ID (tenant identifier) in Azure Active Directory""" - client_id: str - r"""client_id to pass in the OAuth request parameter""" - scope: str - r"""Scope to pass in the OAuth request parameter""" - oauth_type: CreateOutputAuthenticationMethodAzureDataExplorer - r"""The type of OAuth 2.0 client credentials grant flow to use""" - compress: CompressionOptionsHTTP - r"""Data compression format to apply to HTTP content before it is delivered""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - validate_database_settings: NotRequired[bool] - r"""When saving or starting the Destination, validate the database name and credentials; also validate table name, except when creating a new table. Disable if your Azure app does not have both the Database Viewer and the Table Viewer role.""" - ingest_mode: NotRequired[CreateOutputIngestionMode] - description: NotRequired[str] - client_secret: NotRequired[str] - r"""The client secret that you generated for your app in the Azure portal""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - certificate: NotRequired[CreateOutputCertificateTypedDict] - format_: NotRequired[DataFormatOptions] - r"""Format of the output data""" - compression_level: NotRequired[CompressionLevelOptions] - r"""Compression level to apply before moving files to final destination""" - automatic_schema: NotRequired[bool] - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - parquet_schema: NotRequired[str] - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - parquet_version: NotRequired[ParquetVersionOptions] - r"""Determines which data types are supported and how they are represented""" - parquet_data_page_version: NotRequired[DataPageVersionOptions] - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - parquet_row_group_length: NotRequired[float] - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - parquet_page_size: NotRequired[str] - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - should_log_invalid_rows: NotRequired[bool] - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - enable_statistics: NotRequired[bool] - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - enable_write_page_index: NotRequired[bool] - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - enable_page_checksum: NotRequired[bool] - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - remove_empty_dirs: NotRequired[bool] - r"""Remove empty staging directories after moving files""" - empty_dir_cleanup_sec: NotRequired[float] - r"""How frequently, in seconds, to clean up empty directories""" - directory_batch_size: NotRequired[float] - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - deadletter_enabled: NotRequired[bool] - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - deadletter_path: NotRequired[str] - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - max_retry_num: NotRequired[float] - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - is_mapping_obj: NotRequired[bool] - r"""Send a JSON mapping object instead of specifying an existing named data mapping""" - mapping_obj: NotRequired[str] - r"""Enter a JSON object that defines your desired data mapping""" - mapping_ref: NotRequired[str] - r"""Enter the name of a data mapping associated with your target table. Or, if incoming event and target table fields match exactly, you can leave the field empty.""" - ingest_url: NotRequired[str] - r"""The ingestion service URI for your cluster. Typically, `https://ingest-..kusto.windows.net`.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - stage_path: NotRequired[str] - r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" - file_name_suffix: NotRequired[str] - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - max_file_size_mb: NotRequired[float] - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - max_file_open_time_sec: NotRequired[float] - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - max_file_idle_time_sec: NotRequired[float] - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - max_open_files: NotRequired[float] - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - max_concurrent_file_parts: NotRequired[float] - r"""Maximum number of parts to upload in parallel per file""" - on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - add_id_to_stage_path: NotRequired[bool] - r"""Add the Output ID value to staging location""" - retry_settings: NotRequired[RetrySettingsTypeTypedDict] - orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_immediately: NotRequired[bool] - r"""Bypass the data management service's aggregation mechanism""" - retain_blob_on_success: NotRequired[bool] - r"""Prevent blob deletion after ingestion is complete""" - extent_tags: NotRequired[List[CreateOutputExtentTagTypedDict]] - r"""Strings or tags associated with the extent (ingested data shard)""" - ingest_if_not_exists: NotRequired[List[CreateOutputIngestIfNotExistTypedDict]] - r"""Prevents duplicate ingestion by verifying whether an extent with the specified ingest-by tag already exists""" - report_level: NotRequired[CreateOutputReportLevel] - r"""Level of ingestion status reporting. Defaults to FailuresOnly.""" - report_method: NotRequired[CreateOutputReportMethod] - r"""Target of the ingestion status reporting. Defaults to Queue.""" - additional_properties: NotRequired[List[CreateOutputAdditionalPropertyTypedDict]] - r"""Optionally, enter additional configuration properties to send to the ingestion service""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - keep_alive: NotRequired[bool] - r"""Disable to close the connection immediately after sending the outgoing request""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsAzureDataExplorerTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_cluster_url: NotRequired[str] - r"""Binds 'clusterUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clusterUrl' at runtime.""" - template_database: NotRequired[str] - r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" - template_table: NotRequired[str] - r"""Binds 'table' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'table' at runtime.""" - template_oauth_endpoint: NotRequired[str] - r"""Binds 'oauthEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'oauthEndpoint' at runtime.""" - template_tenant_id: NotRequired[str] - r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" - template_client_id: NotRequired[str] - r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" - template_scope: NotRequired[str] - r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" - template_client_secret: NotRequired[str] - r"""Binds 'clientSecret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecret' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - template_parquet_schema: NotRequired[str] - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - template_mapping_ref: NotRequired[str] - r"""Binds 'mappingRef' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'mappingRef' at runtime.""" - template_ingest_url: NotRequired[str] - r"""Binds 'ingestUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'ingestUrl' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_file_name_suffix: NotRequired[str] - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - - -class CreateOutputOutputAzureDataExplorer(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeAzureDataExplorer - - cluster_url: Annotated[str, pydantic.Field(alias="clusterUrl")] - r"""The base URI for your cluster. Typically, `https://..kusto.windows.net`.""" - - database: str - r"""Name of the database containing the table where data will be ingested""" - - table: str - r"""Name of the table to ingest data into""" - - oauth_endpoint: Annotated[ - MicrosoftEntraIDAuthenticationEndpointOptionsSasl, - pydantic.Field(alias="oauthEndpoint"), - ] - r"""Endpoint used to acquire authentication tokens from Azure""" - - tenant_id: Annotated[str, pydantic.Field(alias="tenantId")] - r"""Directory ID (tenant identifier) in Azure Active Directory""" - - client_id: Annotated[str, pydantic.Field(alias="clientId")] - r"""client_id to pass in the OAuth request parameter""" - - scope: str - r"""Scope to pass in the OAuth request parameter""" - - oauth_type: Annotated[ - CreateOutputAuthenticationMethodAzureDataExplorer, - pydantic.Field(alias="oauthType"), - ] - r"""The type of OAuth 2.0 client credentials grant flow to use""" - - compress: CompressionOptionsHTTP - r"""Data compression format to apply to HTTP content before it is delivered""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - validate_database_settings: Annotated[ - Optional[bool], pydantic.Field(alias="validateDatabaseSettings") - ] = None - r"""When saving or starting the Destination, validate the database name and credentials; also validate table name, except when creating a new table. Disable if your Azure app does not have both the Database Viewer and the Table Viewer role.""" - - ingest_mode: Annotated[ - Optional[CreateOutputIngestionMode], pydantic.Field(alias="ingestMode") - ] = None - - description: Optional[str] = None - - client_secret: Annotated[Optional[str], pydantic.Field(alias="clientSecret")] = None - r"""The client secret that you generated for your app in the Azure portal""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - certificate: Optional[CreateOutputCertificate] = None - - format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( - None - ) - r"""Format of the output data""" - - compression_level: Annotated[ - Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") - ] = None - r"""Compression level to apply before moving files to final destination""" - - automatic_schema: Annotated[ - Optional[bool], pydantic.Field(alias="automaticSchema") - ] = None - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - - parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( - None - ) - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - - parquet_version: Annotated[ - Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") - ] = None - r"""Determines which data types are supported and how they are represented""" - - parquet_data_page_version: Annotated[ - Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") - ] = None - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - - parquet_row_group_length: Annotated[ - Optional[float], pydantic.Field(alias="parquetRowGroupLength") - ] = None - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - - parquet_page_size: Annotated[ - Optional[str], pydantic.Field(alias="parquetPageSize") - ] = None - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - - should_log_invalid_rows: Annotated[ - Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") - ] = None - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - - key_value_metadata: Annotated[ - Optional[List[KeyValueMetadataConfOutputFilesystem]], - pydantic.Field(alias="keyValueMetadata"), - ] = None - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - - enable_statistics: Annotated[ - Optional[bool], pydantic.Field(alias="enableStatistics") - ] = None - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - - enable_write_page_index: Annotated[ - Optional[bool], pydantic.Field(alias="enableWritePageIndex") - ] = None - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - - enable_page_checksum: Annotated[ - Optional[bool], pydantic.Field(alias="enablePageChecksum") - ] = None - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - - remove_empty_dirs: Annotated[ - Optional[bool], pydantic.Field(alias="removeEmptyDirs") - ] = None - r"""Remove empty staging directories after moving files""" - - empty_dir_cleanup_sec: Annotated[ - Optional[float], pydantic.Field(alias="emptyDirCleanupSec") - ] = None - r"""How frequently, in seconds, to clean up empty directories""" - - directory_batch_size: Annotated[ - Optional[float], pydantic.Field(alias="directoryBatchSize") - ] = None - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - - deadletter_enabled: Annotated[ - Optional[bool], pydantic.Field(alias="deadletterEnabled") - ] = None - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - - deadletter_path: Annotated[ - Optional[str], pydantic.Field(alias="deadletterPath") - ] = None - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - - max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( - None - ) - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - - is_mapping_obj: Annotated[Optional[bool], pydantic.Field(alias="isMappingObj")] = ( - None - ) - r"""Send a JSON mapping object instead of specifying an existing named data mapping""" - - mapping_obj: Annotated[Optional[str], pydantic.Field(alias="mappingObj")] = None - r"""Enter a JSON object that defines your desired data mapping""" - - mapping_ref: Annotated[Optional[str], pydantic.Field(alias="mappingRef")] = None - r"""Enter the name of a data mapping associated with your target table. Or, if incoming event and target table fields match exactly, you can leave the field empty.""" - - ingest_url: Annotated[Optional[str], pydantic.Field(alias="ingestUrl")] = None - r"""The ingestion service URI for your cluster. Typically, `https://ingest-..kusto.windows.net`.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - stage_path: Annotated[Optional[str], pydantic.Field(alias="stagePath")] = None - r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" - - file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="fileNameSuffix") - ] = None - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - - max_file_size_mb: Annotated[ - Optional[float], pydantic.Field(alias="maxFileSizeMB") - ] = None - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - - max_file_open_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") - ] = None - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - - max_file_idle_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") - ] = None - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - - max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( - None - ) - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - - max_concurrent_file_parts: Annotated[ - Optional[float], pydantic.Field(alias="maxConcurrentFileParts") - ] = None - r"""Maximum number of parts to upload in parallel per file""" - - on_disk_full_backpressure: Annotated[ - Optional[DiskSpaceProtectionOptions], - pydantic.Field(alias="onDiskFullBackpressure"), - ] = None - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - - add_id_to_stage_path: Annotated[ - Optional[bool], pydantic.Field(alias="addIdToStagePath") - ] = None - r"""Add the Output ID value to staging location""" - - retry_settings: Annotated[ - Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") - ] = None - - orphans: Optional[OrphanFileRecoveryType] = None - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_immediately: Annotated[ - Optional[bool], pydantic.Field(alias="flushImmediately") - ] = None - r"""Bypass the data management service's aggregation mechanism""" - - retain_blob_on_success: Annotated[ - Optional[bool], pydantic.Field(alias="retainBlobOnSuccess") - ] = None - r"""Prevent blob deletion after ingestion is complete""" - - extent_tags: Annotated[ - Optional[List[CreateOutputExtentTag]], pydantic.Field(alias="extentTags") - ] = None - r"""Strings or tags associated with the extent (ingested data shard)""" - - ingest_if_not_exists: Annotated[ - Optional[List[CreateOutputIngestIfNotExist]], - pydantic.Field(alias="ingestIfNotExists"), - ] = None - r"""Prevents duplicate ingestion by verifying whether an extent with the specified ingest-by tag already exists""" - - report_level: Annotated[ - Optional[CreateOutputReportLevel], pydantic.Field(alias="reportLevel") - ] = None - r"""Level of ingestion status reporting. Defaults to FailuresOnly.""" - - report_method: Annotated[ - Optional[CreateOutputReportMethod], pydantic.Field(alias="reportMethod") - ] = None - r"""Target of the ingestion status reporting. Defaults to Queue.""" - - additional_properties: Annotated[ - Optional[List[CreateOutputAdditionalProperty]], - pydantic.Field(alias="additionalProperties"), - ] = None - r"""Optionally, enter additional configuration properties to send to the ingestion service""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - keep_alive: Annotated[Optional[bool], pydantic.Field(alias="keepAlive")] = None - r"""Disable to close the connection immediately after sending the outgoing request""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsAzureDataExplorer], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_cluster_url: Annotated[ - Optional[str], pydantic.Field(alias="__template_clusterUrl") - ] = None - r"""Binds 'clusterUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clusterUrl' at runtime.""" - - template_database: Annotated[ - Optional[str], pydantic.Field(alias="__template_database") - ] = None - r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" - - template_table: Annotated[ - Optional[str], pydantic.Field(alias="__template_table") - ] = None - r"""Binds 'table' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'table' at runtime.""" - - template_oauth_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_oauthEndpoint") - ] = None - r"""Binds 'oauthEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'oauthEndpoint' at runtime.""" - - template_tenant_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_tenantId") - ] = None - r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" - - template_client_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_clientId") - ] = None - r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" - - template_scope: Annotated[ - Optional[str], pydantic.Field(alias="__template_scope") - ] = None - r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" - - template_client_secret: Annotated[ - Optional[str], pydantic.Field(alias="__template_clientSecret") - ] = None - r"""Binds 'clientSecret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecret' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - template_parquet_schema: Annotated[ - Optional[str], pydantic.Field(alias="__template_parquetSchema") - ] = None - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - template_mapping_ref: Annotated[ - Optional[str], pydantic.Field(alias="__template_mappingRef") - ] = None - r"""Binds 'mappingRef' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'mappingRef' at runtime.""" - - template_ingest_url: Annotated[ - Optional[str], pydantic.Field(alias="__template_ingestUrl") - ] = None - r"""Binds 'ingestUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'ingestUrl' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="__template_fileNameSuffix") - ] = None - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - - @field_serializer("ingest_mode") - def serialize_ingest_mode(self, value): - if isinstance(value, str): - try: - return models.CreateOutputIngestionMode(value) - except ValueError: - return value - return value - - @field_serializer("oauth_endpoint") - def serialize_oauth_endpoint(self, value): - if isinstance(value, str): - try: - return models.MicrosoftEntraIDAuthenticationEndpointOptionsSasl(value) - except ValueError: - return value - return value - - @field_serializer("oauth_type") - def serialize_oauth_type(self, value): - if isinstance(value, str): - try: - return models.CreateOutputAuthenticationMethodAzureDataExplorer(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.DataFormatOptions(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsHTTP(value) - except ValueError: - return value - return value - - @field_serializer("compression_level") - def serialize_compression_level(self, value): - if isinstance(value, str): - try: - return models.CompressionLevelOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_version") - def serialize_parquet_version(self, value): - if isinstance(value, str): - try: - return models.ParquetVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_data_page_version") - def serialize_parquet_data_page_version(self, value): - if isinstance(value, str): - try: - return models.DataPageVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_disk_full_backpressure") - def serialize_on_disk_full_backpressure(self, value): - if isinstance(value, str): - try: - return models.DiskSpaceProtectionOptions(value) - except ValueError: - return value - return value - - @field_serializer("report_level") - def serialize_report_level(self, value): - if isinstance(value, str): - try: - return models.CreateOutputReportLevel(value) - except ValueError: - return value - return value - - @field_serializer("report_method") - def serialize_report_method(self, value): - if isinstance(value, str): - try: - return models.CreateOutputReportMethod(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "validateDatabaseSettings", - "ingestMode", - "description", - "clientSecret", - "textSecret", - "certificate", - "format", - "compressionLevel", - "automaticSchema", - "parquetSchema", - "parquetVersion", - "parquetDataPageVersion", - "parquetRowGroupLength", - "parquetPageSize", - "shouldLogInvalidRows", - "keyValueMetadata", - "enableStatistics", - "enableWritePageIndex", - "enablePageChecksum", - "removeEmptyDirs", - "emptyDirCleanupSec", - "directoryBatchSize", - "deadletterEnabled", - "deadletterPath", - "maxRetryNum", - "isMappingObj", - "mappingObj", - "mappingRef", - "ingestUrl", - "onBackpressure", - "stagePath", - "fileNameSuffix", - "maxFileSizeMB", - "maxFileOpenTimeSec", - "maxFileIdleTimeSec", - "maxOpenFiles", - "maxConcurrentFileParts", - "onDiskFullBackpressure", - "addIdToStagePath", - "retrySettings", - "orphans", - "timeoutSec", - "flushImmediately", - "retainBlobOnSuccess", - "extentTags", - "ingestIfNotExists", - "reportLevel", - "reportMethod", - "additionalProperties", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "flushPeriodSec", - "rejectUnauthorized", - "useRoundRobinDns", - "keepAlive", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_clusterUrl", - "__template_database", - "__template_table", - "__template_oauthEndpoint", - "__template_tenantId", - "__template_clientId", - "__template_scope", - "__template_clientSecret", - "__template_format", - "__template_compress", - "__template_parquetSchema", - "__template_mappingRef", - "__template_ingestUrl", - "__template_onBackpressure", - "__template_fileNameSuffix", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeAzureBlob(str, Enum): - AZURE_BLOB = "azure_blob" - - -class CreateOutputBlobAccessTier(str, Enum, metaclass=utils.OpenEnumMeta): - # Default account access tier - INFERRED = "Inferred" - # Hot tier - HOT = "Hot" - # Cool tier - COOL = "Cool" - # Cold tier - COLD = "Cold" - # Archive tier - ARCHIVE = "Archive" - - -class CreateOutputOutputAzureBlobTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeAzureBlob - container_name: str - r"""The Azure Blob Storage container name. Name can include only lowercase letters, numbers, and hyphens. For dynamic container names, enter a JavaScript expression within quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myContainer-${C.env[\"CRIBL_WORKER_ID\"]}`.""" - stage_path: str - r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - create_container: NotRequired[bool] - r"""Create the configured container in Azure Blob Storage if it does not already exist""" - dest_path: NotRequired[str] - r"""Root directory prepended to path before uploading. Value can be a JavaScript expression enclosed in quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myBlobPrefix-${C.env[\"CRIBL_WORKER_ID\"]}`.""" - add_id_to_stage_path: NotRequired[bool] - r"""Add the Output ID value to staging location""" - max_concurrent_file_parts: NotRequired[float] - r"""Maximum number of parts to upload in parallel per file""" - remove_empty_dirs: NotRequired[bool] - r"""Remove empty staging directories after moving files""" - partition_expr: NotRequired[str] - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - format_: NotRequired[DataFormatOptions] - r"""Format of the output data""" - base_file_name: NotRequired[str] - r"""JavaScript expression to define the output filename prefix (can be constant)""" - file_name_suffix: NotRequired[str] - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - max_file_size_mb: NotRequired[float] - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - max_file_open_time_sec: NotRequired[float] - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - max_file_idle_time_sec: NotRequired[float] - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - max_open_files: NotRequired[float] - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - header_line: NotRequired[str] - r"""If set, this line will be written to the beginning of each output file""" - write_high_water_mark: NotRequired[float] - r"""Buffer size used to write to a file""" - on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] - r"""How to handle events when all receivers are exerting backpressure""" - deadletter_enabled: NotRequired[bool] - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - force_close_on_shutdown: NotRequired[bool] - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - retry_settings: NotRequired[RetrySettingsTypeTypedDict] - orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] - auth_type: NotRequired[AuthenticationMethodOptions] - storage_class: NotRequired[CreateOutputBlobAccessTier] - description: NotRequired[str] - compress: NotRequired[CompressionOptionsHTTP] - r"""Data compression format to apply to HTTP content before it is delivered""" - compression_level: NotRequired[CompressionLevelOptions] - r"""Compression level to apply before moving files to final destination""" - automatic_schema: NotRequired[bool] - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - parquet_schema: NotRequired[str] - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - parquet_version: NotRequired[ParquetVersionOptions] - r"""Determines which data types are supported and how they are represented""" - parquet_data_page_version: NotRequired[DataPageVersionOptions] - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - parquet_row_group_length: NotRequired[float] - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - parquet_page_size: NotRequired[str] - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - should_log_invalid_rows: NotRequired[bool] - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - enable_statistics: NotRequired[bool] - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - enable_write_page_index: NotRequired[bool] - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - enable_page_checksum: NotRequired[bool] - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - empty_dir_cleanup_sec: NotRequired[float] - r"""How frequently, in seconds, to clean up empty directories""" - directory_batch_size: NotRequired[float] - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - deadletter_path: NotRequired[str] - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - max_retry_num: NotRequired[float] - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - connection_string: NotRequired[str] - r"""Enter your Azure Storage account connection string. If left blank, Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING.""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - storage_account_name: NotRequired[str] - r"""The name of your Azure storage account""" - tenant_id: NotRequired[str] - r"""The service principal's tenant ID""" - client_id: NotRequired[str] - r"""The service principal's client ID""" - azure_cloud: NotRequired[str] - r"""The Azure cloud to use. Defaults to Azure Public Cloud.""" - endpoint_suffix: NotRequired[str] - r"""Endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net.""" - client_text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - certificate: NotRequired[CertificateTypeAzureBlobAuthTypeClientCertTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_container_name: NotRequired[str] - r"""Binds 'containerName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'containerName' at runtime.""" - template_dest_path: NotRequired[str] - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - template_partition_expr: NotRequired[str] - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_base_file_name: NotRequired[str] - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - template_file_name_suffix: NotRequired[str] - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - template_parquet_schema: NotRequired[str] - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - template_connection_string: NotRequired[str] - r"""Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime.""" - template_storage_account_name: NotRequired[str] - r"""Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime.""" - template_tenant_id: NotRequired[str] - r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" - template_client_id: NotRequired[str] - r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" - template_azure_cloud: NotRequired[str] - r"""Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime.""" - - -class CreateOutputOutputAzureBlob(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeAzureBlob - - container_name: Annotated[str, pydantic.Field(alias="containerName")] - r"""The Azure Blob Storage container name. Name can include only lowercase letters, numbers, and hyphens. For dynamic container names, enter a JavaScript expression within quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myContainer-${C.env[\"CRIBL_WORKER_ID\"]}`.""" - - stage_path: Annotated[str, pydantic.Field(alias="stagePath")] - r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - create_container: Annotated[ - Optional[bool], pydantic.Field(alias="createContainer") - ] = None - r"""Create the configured container in Azure Blob Storage if it does not already exist""" - - dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None - r"""Root directory prepended to path before uploading. Value can be a JavaScript expression enclosed in quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myBlobPrefix-${C.env[\"CRIBL_WORKER_ID\"]}`.""" - - add_id_to_stage_path: Annotated[ - Optional[bool], pydantic.Field(alias="addIdToStagePath") - ] = None - r"""Add the Output ID value to staging location""" - - max_concurrent_file_parts: Annotated[ - Optional[float], pydantic.Field(alias="maxConcurrentFileParts") - ] = None - r"""Maximum number of parts to upload in parallel per file""" - - remove_empty_dirs: Annotated[ - Optional[bool], pydantic.Field(alias="removeEmptyDirs") - ] = None - r"""Remove empty staging directories after moving files""" - - partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( - None - ) - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - - format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( - None - ) - r"""Format of the output data""" - - base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( - None - ) - r"""JavaScript expression to define the output filename prefix (can be constant)""" - - file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="fileNameSuffix") - ] = None - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - - max_file_size_mb: Annotated[ - Optional[float], pydantic.Field(alias="maxFileSizeMB") - ] = None - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - - max_file_open_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") - ] = None - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - - max_file_idle_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") - ] = None - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - - max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( - None - ) - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - - header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None - r"""If set, this line will be written to the beginning of each output file""" - - write_high_water_mark: Annotated[ - Optional[float], pydantic.Field(alias="writeHighWaterMark") - ] = None - r"""Buffer size used to write to a file""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptionsBlockDrop], - pydantic.Field(alias="onBackpressure"), - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - deadletter_enabled: Annotated[ - Optional[bool], pydantic.Field(alias="deadletterEnabled") - ] = None - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - - on_disk_full_backpressure: Annotated[ - Optional[DiskSpaceProtectionOptions], - pydantic.Field(alias="onDiskFullBackpressure"), - ] = None - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - - force_close_on_shutdown: Annotated[ - Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") - ] = None - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - - retry_settings: Annotated[ - Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") - ] = None - - orphans: Optional[OrphanFileRecoveryType] = None - - auth_type: Annotated[ - Optional[AuthenticationMethodOptions], pydantic.Field(alias="authType") - ] = None - - storage_class: Annotated[ - Optional[CreateOutputBlobAccessTier], pydantic.Field(alias="storageClass") - ] = None - - description: Optional[str] = None - - compress: Optional[CompressionOptionsHTTP] = None - r"""Data compression format to apply to HTTP content before it is delivered""" - - compression_level: Annotated[ - Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") - ] = None - r"""Compression level to apply before moving files to final destination""" - - automatic_schema: Annotated[ - Optional[bool], pydantic.Field(alias="automaticSchema") - ] = None - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - - parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( - None - ) - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - - parquet_version: Annotated[ - Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") - ] = None - r"""Determines which data types are supported and how they are represented""" - - parquet_data_page_version: Annotated[ - Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") - ] = None - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - - parquet_row_group_length: Annotated[ - Optional[float], pydantic.Field(alias="parquetRowGroupLength") - ] = None - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - - parquet_page_size: Annotated[ - Optional[str], pydantic.Field(alias="parquetPageSize") - ] = None - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - - should_log_invalid_rows: Annotated[ - Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") - ] = None - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - - key_value_metadata: Annotated[ - Optional[List[KeyValueMetadataConfOutputFilesystem]], - pydantic.Field(alias="keyValueMetadata"), - ] = None - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - - enable_statistics: Annotated[ - Optional[bool], pydantic.Field(alias="enableStatistics") - ] = None - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - - enable_write_page_index: Annotated[ - Optional[bool], pydantic.Field(alias="enableWritePageIndex") - ] = None - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - - enable_page_checksum: Annotated[ - Optional[bool], pydantic.Field(alias="enablePageChecksum") - ] = None - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - - empty_dir_cleanup_sec: Annotated[ - Optional[float], pydantic.Field(alias="emptyDirCleanupSec") - ] = None - r"""How frequently, in seconds, to clean up empty directories""" - - directory_batch_size: Annotated[ - Optional[float], pydantic.Field(alias="directoryBatchSize") - ] = None - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - - deadletter_path: Annotated[ - Optional[str], pydantic.Field(alias="deadletterPath") - ] = None - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - - max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( - None - ) - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - - connection_string: Annotated[ - Optional[str], pydantic.Field(alias="connectionString") - ] = None - r"""Enter your Azure Storage account connection string. If left blank, Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING.""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - storage_account_name: Annotated[ - Optional[str], pydantic.Field(alias="storageAccountName") - ] = None - r"""The name of your Azure storage account""" - - tenant_id: Annotated[Optional[str], pydantic.Field(alias="tenantId")] = None - r"""The service principal's tenant ID""" - - client_id: Annotated[Optional[str], pydantic.Field(alias="clientId")] = None - r"""The service principal's client ID""" - - azure_cloud: Annotated[Optional[str], pydantic.Field(alias="azureCloud")] = None - r"""The Azure cloud to use. Defaults to Azure Public Cloud.""" - - endpoint_suffix: Annotated[ - Optional[str], pydantic.Field(alias="endpointSuffix") - ] = None - r"""Endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net.""" - - client_text_secret: Annotated[ - Optional[str], pydantic.Field(alias="clientTextSecret") - ] = None - r"""Select or create a stored text secret""" - - certificate: Optional[CertificateTypeAzureBlobAuthTypeClientCert] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_container_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_containerName") - ] = None - r"""Binds 'containerName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'containerName' at runtime.""" - - template_dest_path: Annotated[ - Optional[str], pydantic.Field(alias="__template_destPath") - ] = None - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - - template_partition_expr: Annotated[ - Optional[str], pydantic.Field(alias="__template_partitionExpr") - ] = None - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_base_file_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_baseFileName") - ] = None - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - - template_file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="__template_fileNameSuffix") - ] = None - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - template_parquet_schema: Annotated[ - Optional[str], pydantic.Field(alias="__template_parquetSchema") - ] = None - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - template_connection_string: Annotated[ - Optional[str], pydantic.Field(alias="__template_connectionString") - ] = None - r"""Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime.""" - - template_storage_account_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_storageAccountName") - ] = None - r"""Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime.""" - - template_tenant_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_tenantId") - ] = None - r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" - - template_client_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_clientId") - ] = None - r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" - - template_azure_cloud: Annotated[ - Optional[str], pydantic.Field(alias="__template_azureCloud") - ] = None - r"""Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime.""" - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.DataFormatOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptionsBlockDrop(value) - except ValueError: - return value - return value - - @field_serializer("on_disk_full_backpressure") - def serialize_on_disk_full_backpressure(self, value): - if isinstance(value, str): - try: - return models.DiskSpaceProtectionOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptions(value) - except ValueError: - return value - return value - - @field_serializer("storage_class") - def serialize_storage_class(self, value): - if isinstance(value, str): - try: - return models.CreateOutputBlobAccessTier(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsHTTP(value) - except ValueError: - return value - return value - - @field_serializer("compression_level") - def serialize_compression_level(self, value): - if isinstance(value, str): - try: - return models.CompressionLevelOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_version") - def serialize_parquet_version(self, value): - if isinstance(value, str): - try: - return models.ParquetVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_data_page_version") - def serialize_parquet_data_page_version(self, value): - if isinstance(value, str): - try: - return models.DataPageVersionOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "createContainer", - "destPath", - "addIdToStagePath", - "maxConcurrentFileParts", - "removeEmptyDirs", - "partitionExpr", - "format", - "baseFileName", - "fileNameSuffix", - "maxFileSizeMB", - "maxFileOpenTimeSec", - "maxFileIdleTimeSec", - "maxOpenFiles", - "headerLine", - "writeHighWaterMark", - "onBackpressure", - "deadletterEnabled", - "onDiskFullBackpressure", - "forceCloseOnShutdown", - "retrySettings", - "orphans", - "authType", - "storageClass", - "description", - "compress", - "compressionLevel", - "automaticSchema", - "parquetSchema", - "parquetVersion", - "parquetDataPageVersion", - "parquetRowGroupLength", - "parquetPageSize", - "shouldLogInvalidRows", - "keyValueMetadata", - "enableStatistics", - "enableWritePageIndex", - "enablePageChecksum", - "emptyDirCleanupSec", - "directoryBatchSize", - "deadletterPath", - "maxRetryNum", - "connectionString", - "textSecret", - "storageAccountName", - "tenantId", - "clientId", - "azureCloud", - "endpointSuffix", - "clientTextSecret", - "certificate", - "__template_streamtags", - "__template_containerName", - "__template_destPath", - "__template_partitionExpr", - "__template_format", - "__template_baseFileName", - "__template_fileNameSuffix", - "__template_onBackpressure", - "__template_compress", - "__template_parquetSchema", - "__template_connectionString", - "__template_storageAccountName", - "__template_tenantId", - "__template_clientId", - "__template_azureCloud", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeS3(str, Enum): - S3 = "s3" - - -class CreateOutputOutputS3TypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeS3 - bucket: str - r"""Name of the destination S3 bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" - stage_path: str - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - endpoint: NotRequired[str] - r"""S3 service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to S3-compatible endpoint.""" - enable_assume_role: NotRequired[bool] - r"""Use Assume Role credentials to access S3""" - assume_role_arn: NotRequired[str] - r"""Amazon Resource Name (ARN) of the role to assume""" - assume_role_external_id: NotRequired[str] - r"""External ID to use when assuming role""" - duration_seconds: NotRequired[float] - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] - r"""AWS authentication method. Choose Auto to use IAM roles.""" - reuse_connections: NotRequired[bool] - r"""Reuse connections between requests, which can improve performance""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - region: NotRequired[str] - r"""Region where the S3 bucket is located""" - dest_path: NotRequired[str] - r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" - max_concurrent_file_parts: NotRequired[float] - r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" - verify_permissions: NotRequired[bool] - r"""Disable if you can access files within the bucket but not the bucket itself""" - max_closing_files_to_backpressure: NotRequired[float] - r"""Maximum number of files that can be waiting for upload before backpressure is applied""" - add_id_to_stage_path: NotRequired[bool] - r"""Add the Output ID value to staging location""" - remove_empty_dirs: NotRequired[bool] - r"""Remove empty staging directories after moving files""" - partition_expr: NotRequired[str] - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - format_: NotRequired[DataFormatOptions] - r"""Format of the output data""" - base_file_name: NotRequired[str] - r"""JavaScript expression to define the output filename prefix (can be constant)""" - file_name_suffix: NotRequired[str] - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - max_file_size_mb: NotRequired[float] - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - max_file_open_time_sec: NotRequired[float] - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - max_file_idle_time_sec: NotRequired[float] - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - max_open_files: NotRequired[float] - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - header_line: NotRequired[str] - r"""If set, this line will be written to the beginning of each output file""" - write_high_water_mark: NotRequired[float] - r"""Buffer size used to write to a file""" - on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] - r"""How to handle events when all receivers are exerting backpressure""" - deadletter_enabled: NotRequired[bool] - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - force_close_on_shutdown: NotRequired[bool] - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - retry_settings: NotRequired[RetrySettingsTypeTypedDict] - orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] - aws_secret_key: NotRequired[str] - r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" - object_acl: NotRequired[ObjectACLOptions] - r"""Object ACL to assign to uploaded objects""" - storage_class: NotRequired[StorageClassOptions] - r"""Storage class to select for uploaded objects""" - server_side_encryption: NotRequired[ServerSideEncryptionForUploadedObjectsOptions] - r"""Server-side encryption to use for uploaded objects""" - kms_key_id: NotRequired[str] - r"""ID or ARN of the KMS customer-managed key to use for encryption""" - description: NotRequired[str] - aws_api_key: NotRequired[str] - r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" - aws_secret: NotRequired[str] - r"""Select or create a stored secret that references your access key and secret key""" - compress: NotRequired[CompressionOptionsHTTP] - r"""Data compression format to apply to HTTP content before it is delivered""" - compression_level: NotRequired[CompressionLevelOptions] - r"""Compression level to apply before moving files to final destination""" - automatic_schema: NotRequired[bool] - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - parquet_schema: NotRequired[str] - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - parquet_version: NotRequired[ParquetVersionOptions] - r"""Determines which data types are supported and how they are represented""" - parquet_data_page_version: NotRequired[DataPageVersionOptions] - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - parquet_row_group_length: NotRequired[float] - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - parquet_page_size: NotRequired[str] - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - should_log_invalid_rows: NotRequired[bool] - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - enable_statistics: NotRequired[bool] - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - enable_write_page_index: NotRequired[bool] - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - enable_page_checksum: NotRequired[bool] - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - empty_dir_cleanup_sec: NotRequired[float] - r"""How frequently, in seconds, to clean up empty directories""" - directory_batch_size: NotRequired[float] - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - deadletter_path: NotRequired[str] - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - max_retry_num: NotRequired[float] - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_endpoint: NotRequired[str] - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - template_assume_role_arn: NotRequired[str] - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - template_assume_role_external_id: NotRequired[str] - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - template_bucket: NotRequired[str] - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_dest_path: NotRequired[str] - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - template_partition_expr: NotRequired[str] - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_base_file_name: NotRequired[str] - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - template_file_name_suffix: NotRequired[str] - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_aws_secret_key: NotRequired[str] - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - template_object_acl: NotRequired[str] - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - template_storage_class: NotRequired[str] - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - template_server_side_encryption: NotRequired[str] - r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" - template_kms_key_id: NotRequired[str] - r"""Binds 'kmsKeyId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'kmsKeyId' at runtime.""" - template_aws_api_key: NotRequired[str] - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - template_parquet_schema: NotRequired[str] - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - -class CreateOutputOutputS3(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeS3 - - bucket: str - r"""Name of the destination S3 bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" - - stage_path: Annotated[str, pydantic.Field(alias="stagePath")] - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - endpoint: Optional[str] = None - r"""S3 service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to S3-compatible endpoint.""" - - enable_assume_role: Annotated[ - Optional[bool], pydantic.Field(alias="enableAssumeRole") - ] = None - r"""Use Assume Role credentials to access S3""" - - assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( - None - ) - r"""Amazon Resource Name (ARN) of the role to assume""" - - assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="assumeRoleExternalId") - ] = None - r"""External ID to use when assuming role""" - - duration_seconds: Annotated[ - Optional[float], pydantic.Field(alias="durationSeconds") - ] = None - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - - aws_authentication_method: Annotated[ - Optional[AuthenticationMethodOptionsS3CollectorConf], - pydantic.Field(alias="awsAuthenticationMethod"), - ] = None - r"""AWS authentication method. Choose Auto to use IAM roles.""" - - reuse_connections: Annotated[ - Optional[bool], pydantic.Field(alias="reuseConnections") - ] = None - r"""Reuse connections between requests, which can improve performance""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - - region: Optional[str] = None - r"""Region where the S3 bucket is located""" - - dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None - r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" - - max_concurrent_file_parts: Annotated[ - Optional[float], pydantic.Field(alias="maxConcurrentFileParts") - ] = None - r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" - - verify_permissions: Annotated[ - Optional[bool], pydantic.Field(alias="verifyPermissions") - ] = None - r"""Disable if you can access files within the bucket but not the bucket itself""" - - max_closing_files_to_backpressure: Annotated[ - Optional[float], pydantic.Field(alias="maxClosingFilesToBackpressure") - ] = None - r"""Maximum number of files that can be waiting for upload before backpressure is applied""" - - add_id_to_stage_path: Annotated[ - Optional[bool], pydantic.Field(alias="addIdToStagePath") - ] = None - r"""Add the Output ID value to staging location""" - - remove_empty_dirs: Annotated[ - Optional[bool], pydantic.Field(alias="removeEmptyDirs") - ] = None - r"""Remove empty staging directories after moving files""" - - partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( - None - ) - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - - format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( - None - ) - r"""Format of the output data""" - - base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( - None - ) - r"""JavaScript expression to define the output filename prefix (can be constant)""" - - file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="fileNameSuffix") - ] = None - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - - max_file_size_mb: Annotated[ - Optional[float], pydantic.Field(alias="maxFileSizeMB") - ] = None - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - - max_file_open_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") - ] = None - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - - max_file_idle_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") - ] = None - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - - max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( - None - ) - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - - header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None - r"""If set, this line will be written to the beginning of each output file""" - - write_high_water_mark: Annotated[ - Optional[float], pydantic.Field(alias="writeHighWaterMark") - ] = None - r"""Buffer size used to write to a file""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptionsBlockDrop], - pydantic.Field(alias="onBackpressure"), - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - deadletter_enabled: Annotated[ - Optional[bool], pydantic.Field(alias="deadletterEnabled") - ] = None - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - - on_disk_full_backpressure: Annotated[ - Optional[DiskSpaceProtectionOptions], - pydantic.Field(alias="onDiskFullBackpressure"), - ] = None - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - - force_close_on_shutdown: Annotated[ - Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") - ] = None - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - - retry_settings: Annotated[ - Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") - ] = None - - orphans: Optional[OrphanFileRecoveryType] = None - - aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( - None - ) - r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" - - object_acl: Annotated[ - Optional[ObjectACLOptions], pydantic.Field(alias="objectACL") - ] = None - r"""Object ACL to assign to uploaded objects""" - - storage_class: Annotated[ - Optional[StorageClassOptions], pydantic.Field(alias="storageClass") - ] = None - r"""Storage class to select for uploaded objects""" - - server_side_encryption: Annotated[ - Optional[ServerSideEncryptionForUploadedObjectsOptions], - pydantic.Field(alias="serverSideEncryption"), - ] = None - r"""Server-side encryption to use for uploaded objects""" - - kms_key_id: Annotated[Optional[str], pydantic.Field(alias="kmsKeyId")] = None - r"""ID or ARN of the KMS customer-managed key to use for encryption""" - - description: Optional[str] = None - - aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None - r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" - - aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None - r"""Select or create a stored secret that references your access key and secret key""" - - compress: Optional[CompressionOptionsHTTP] = None - r"""Data compression format to apply to HTTP content before it is delivered""" - - compression_level: Annotated[ - Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") - ] = None - r"""Compression level to apply before moving files to final destination""" - - automatic_schema: Annotated[ - Optional[bool], pydantic.Field(alias="automaticSchema") - ] = None - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - - parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( - None - ) - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - - parquet_version: Annotated[ - Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") - ] = None - r"""Determines which data types are supported and how they are represented""" - - parquet_data_page_version: Annotated[ - Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") - ] = None - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - - parquet_row_group_length: Annotated[ - Optional[float], pydantic.Field(alias="parquetRowGroupLength") - ] = None - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - - parquet_page_size: Annotated[ - Optional[str], pydantic.Field(alias="parquetPageSize") - ] = None - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - - should_log_invalid_rows: Annotated[ - Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") - ] = None - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - - key_value_metadata: Annotated[ - Optional[List[KeyValueMetadataConfOutputFilesystem]], - pydantic.Field(alias="keyValueMetadata"), - ] = None - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - - enable_statistics: Annotated[ - Optional[bool], pydantic.Field(alias="enableStatistics") - ] = None - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - - enable_write_page_index: Annotated[ - Optional[bool], pydantic.Field(alias="enableWritePageIndex") - ] = None - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - - enable_page_checksum: Annotated[ - Optional[bool], pydantic.Field(alias="enablePageChecksum") - ] = None - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - - empty_dir_cleanup_sec: Annotated[ - Optional[float], pydantic.Field(alias="emptyDirCleanupSec") - ] = None - r"""How frequently, in seconds, to clean up empty directories""" - - directory_batch_size: Annotated[ - Optional[float], pydantic.Field(alias="directoryBatchSize") - ] = None - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - - deadletter_path: Annotated[ - Optional[str], pydantic.Field(alias="deadletterPath") - ] = None - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - - max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( - None - ) - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_endpoint") - ] = None - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - - template_assume_role_arn: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleArn") - ] = None - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - - template_assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") - ] = None - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - - template_bucket: Annotated[ - Optional[str], pydantic.Field(alias="__template_bucket") - ] = None - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_dest_path: Annotated[ - Optional[str], pydantic.Field(alias="__template_destPath") - ] = None - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - - template_partition_expr: Annotated[ - Optional[str], pydantic.Field(alias="__template_partitionExpr") - ] = None - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_base_file_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_baseFileName") - ] = None - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - - template_file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="__template_fileNameSuffix") - ] = None - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_aws_secret_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsSecretKey") - ] = None - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - - template_object_acl: Annotated[ - Optional[str], pydantic.Field(alias="__template_objectACL") - ] = None - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - - template_storage_class: Annotated[ - Optional[str], pydantic.Field(alias="__template_storageClass") - ] = None - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - - template_server_side_encryption: Annotated[ - Optional[str], pydantic.Field(alias="__template_serverSideEncryption") - ] = None - r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" - - template_kms_key_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_kmsKeyId") - ] = None - r"""Binds 'kmsKeyId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'kmsKeyId' at runtime.""" - - template_aws_api_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsApiKey") - ] = None - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - template_parquet_schema: Annotated[ - Optional[str], pydantic.Field(alias="__template_parquetSchema") - ] = None - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - @field_serializer("aws_authentication_method") - def serialize_aws_authentication_method(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsS3CollectorConf(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.DataFormatOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptionsBlockDrop(value) - except ValueError: - return value - return value - - @field_serializer("on_disk_full_backpressure") - def serialize_on_disk_full_backpressure(self, value): - if isinstance(value, str): - try: - return models.DiskSpaceProtectionOptions(value) - except ValueError: - return value - return value - - @field_serializer("object_acl") - def serialize_object_acl(self, value): - if isinstance(value, str): - try: - return models.ObjectACLOptions(value) - except ValueError: - return value - return value - - @field_serializer("storage_class") - def serialize_storage_class(self, value): - if isinstance(value, str): - try: - return models.StorageClassOptions(value) - except ValueError: - return value - return value - - @field_serializer("server_side_encryption") - def serialize_server_side_encryption(self, value): - if isinstance(value, str): - try: - return models.ServerSideEncryptionForUploadedObjectsOptions(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsHTTP(value) - except ValueError: - return value - return value - - @field_serializer("compression_level") - def serialize_compression_level(self, value): - if isinstance(value, str): - try: - return models.CompressionLevelOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_version") - def serialize_parquet_version(self, value): - if isinstance(value, str): - try: - return models.ParquetVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_data_page_version") - def serialize_parquet_data_page_version(self, value): - if isinstance(value, str): - try: - return models.DataPageVersionOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "endpoint", - "enableAssumeRole", - "assumeRoleArn", - "assumeRoleExternalId", - "durationSeconds", - "awsAuthenticationMethod", - "reuseConnections", - "rejectUnauthorized", - "region", - "destPath", - "maxConcurrentFileParts", - "verifyPermissions", - "maxClosingFilesToBackpressure", - "addIdToStagePath", - "removeEmptyDirs", - "partitionExpr", - "format", - "baseFileName", - "fileNameSuffix", - "maxFileSizeMB", - "maxFileOpenTimeSec", - "maxFileIdleTimeSec", - "maxOpenFiles", - "headerLine", - "writeHighWaterMark", - "onBackpressure", - "deadletterEnabled", - "onDiskFullBackpressure", - "forceCloseOnShutdown", - "retrySettings", - "orphans", - "awsSecretKey", - "objectACL", - "storageClass", - "serverSideEncryption", - "kmsKeyId", - "description", - "awsApiKey", - "awsSecret", - "compress", - "compressionLevel", - "automaticSchema", - "parquetSchema", - "parquetVersion", - "parquetDataPageVersion", - "parquetRowGroupLength", - "parquetPageSize", - "shouldLogInvalidRows", - "keyValueMetadata", - "enableStatistics", - "enableWritePageIndex", - "enablePageChecksum", - "emptyDirCleanupSec", - "directoryBatchSize", - "deadletterPath", - "maxRetryNum", - "__template_streamtags", - "__template_endpoint", - "__template_assumeRoleArn", - "__template_assumeRoleExternalId", - "__template_bucket", - "__template_region", - "__template_destPath", - "__template_partitionExpr", - "__template_format", - "__template_baseFileName", - "__template_fileNameSuffix", - "__template_onBackpressure", - "__template_awsSecretKey", - "__template_objectACL", - "__template_storageClass", - "__template_serverSideEncryption", - "__template_kmsKeyId", - "__template_awsApiKey", - "__template_compress", - "__template_parquetSchema", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeFilesystem(str, Enum): - FILESYSTEM = "filesystem" - - -class CreateOutputOutputFilesystemTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeFilesystem - dest_path: str - r"""Final destination for the output files""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - stage_path: NotRequired[str] - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - add_id_to_stage_path: NotRequired[bool] - r"""Add the Output ID value to staging location""" - remove_empty_dirs: NotRequired[bool] - r"""Remove empty staging directories after moving files""" - partition_expr: NotRequired[str] - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - format_: NotRequired[DataFormatOptions] - r"""Format of the output data""" - base_file_name: NotRequired[str] - r"""JavaScript expression to define the output filename prefix (can be constant)""" - file_name_suffix: NotRequired[str] - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - max_file_size_mb: NotRequired[float] - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - max_file_open_time_sec: NotRequired[float] - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - max_file_idle_time_sec: NotRequired[float] - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - max_open_files: NotRequired[float] - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - header_line: NotRequired[str] - r"""If set, this line will be written to the beginning of each output file""" - write_high_water_mark: NotRequired[float] - r"""Buffer size used to write to a file""" - on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] - r"""How to handle events when all receivers are exerting backpressure""" - deadletter_enabled: NotRequired[bool] - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - force_close_on_shutdown: NotRequired[bool] - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - retry_settings: NotRequired[RetrySettingsTypeTypedDict] - orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] - description: NotRequired[str] - compress: NotRequired[CompressionOptionsHTTP] - r"""Data compression format to apply to HTTP content before it is delivered""" - compression_level: NotRequired[CompressionLevelOptions] - r"""Compression level to apply before moving files to final destination""" - automatic_schema: NotRequired[bool] - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - parquet_schema: NotRequired[str] - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - parquet_version: NotRequired[ParquetVersionOptions] - r"""Determines which data types are supported and how they are represented""" - parquet_data_page_version: NotRequired[DataPageVersionOptions] - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - parquet_row_group_length: NotRequired[float] - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - parquet_page_size: NotRequired[str] - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - should_log_invalid_rows: NotRequired[bool] - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - enable_statistics: NotRequired[bool] - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - enable_write_page_index: NotRequired[bool] - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - enable_page_checksum: NotRequired[bool] - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - empty_dir_cleanup_sec: NotRequired[float] - r"""How frequently, in seconds, to clean up empty directories""" - directory_batch_size: NotRequired[float] - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - deadletter_path: NotRequired[str] - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - max_retry_num: NotRequired[float] - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_partition_expr: NotRequired[str] - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_base_file_name: NotRequired[str] - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - template_file_name_suffix: NotRequired[str] - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - template_parquet_schema: NotRequired[str] - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - -class CreateOutputOutputFilesystem(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeFilesystem - - dest_path: Annotated[str, pydantic.Field(alias="destPath")] - r"""Final destination for the output files""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - stage_path: Annotated[Optional[str], pydantic.Field(alias="stagePath")] = None - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - - add_id_to_stage_path: Annotated[ - Optional[bool], pydantic.Field(alias="addIdToStagePath") - ] = None - r"""Add the Output ID value to staging location""" - - remove_empty_dirs: Annotated[ - Optional[bool], pydantic.Field(alias="removeEmptyDirs") - ] = None - r"""Remove empty staging directories after moving files""" - - partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( - None - ) - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - - format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( - None - ) - r"""Format of the output data""" - - base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( - None - ) - r"""JavaScript expression to define the output filename prefix (can be constant)""" - - file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="fileNameSuffix") - ] = None - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - - max_file_size_mb: Annotated[ - Optional[float], pydantic.Field(alias="maxFileSizeMB") - ] = None - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - - max_file_open_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") - ] = None - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - - max_file_idle_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") - ] = None - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - - max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( - None - ) - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - - header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None - r"""If set, this line will be written to the beginning of each output file""" - - write_high_water_mark: Annotated[ - Optional[float], pydantic.Field(alias="writeHighWaterMark") - ] = None - r"""Buffer size used to write to a file""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptionsBlockDrop], - pydantic.Field(alias="onBackpressure"), - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - deadletter_enabled: Annotated[ - Optional[bool], pydantic.Field(alias="deadletterEnabled") - ] = None - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - - on_disk_full_backpressure: Annotated[ - Optional[DiskSpaceProtectionOptions], - pydantic.Field(alias="onDiskFullBackpressure"), - ] = None - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - - force_close_on_shutdown: Annotated[ - Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") - ] = None - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - - retry_settings: Annotated[ - Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") - ] = None - - orphans: Optional[OrphanFileRecoveryType] = None - - description: Optional[str] = None - - compress: Optional[CompressionOptionsHTTP] = None - r"""Data compression format to apply to HTTP content before it is delivered""" - - compression_level: Annotated[ - Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") - ] = None - r"""Compression level to apply before moving files to final destination""" - - automatic_schema: Annotated[ - Optional[bool], pydantic.Field(alias="automaticSchema") - ] = None - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - - parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( - None - ) - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - - parquet_version: Annotated[ - Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") - ] = None - r"""Determines which data types are supported and how they are represented""" - - parquet_data_page_version: Annotated[ - Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") - ] = None - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - - parquet_row_group_length: Annotated[ - Optional[float], pydantic.Field(alias="parquetRowGroupLength") - ] = None - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - - parquet_page_size: Annotated[ - Optional[str], pydantic.Field(alias="parquetPageSize") - ] = None - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - - should_log_invalid_rows: Annotated[ - Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") - ] = None - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - - key_value_metadata: Annotated[ - Optional[List[KeyValueMetadataConfOutputFilesystem]], - pydantic.Field(alias="keyValueMetadata"), - ] = None - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - - enable_statistics: Annotated[ - Optional[bool], pydantic.Field(alias="enableStatistics") - ] = None - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - - enable_write_page_index: Annotated[ - Optional[bool], pydantic.Field(alias="enableWritePageIndex") - ] = None - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - - enable_page_checksum: Annotated[ - Optional[bool], pydantic.Field(alias="enablePageChecksum") - ] = None - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - - empty_dir_cleanup_sec: Annotated[ - Optional[float], pydantic.Field(alias="emptyDirCleanupSec") - ] = None - r"""How frequently, in seconds, to clean up empty directories""" - - directory_batch_size: Annotated[ - Optional[float], pydantic.Field(alias="directoryBatchSize") - ] = None - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - - deadletter_path: Annotated[ - Optional[str], pydantic.Field(alias="deadletterPath") - ] = None - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - - max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( - None - ) - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_partition_expr: Annotated[ - Optional[str], pydantic.Field(alias="__template_partitionExpr") - ] = None - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_base_file_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_baseFileName") - ] = None - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - - template_file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="__template_fileNameSuffix") - ] = None - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - template_parquet_schema: Annotated[ - Optional[str], pydantic.Field(alias="__template_parquetSchema") - ] = None - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.DataFormatOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptionsBlockDrop(value) - except ValueError: - return value - return value - - @field_serializer("on_disk_full_backpressure") - def serialize_on_disk_full_backpressure(self, value): - if isinstance(value, str): - try: - return models.DiskSpaceProtectionOptions(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsHTTP(value) - except ValueError: - return value - return value - - @field_serializer("compression_level") - def serialize_compression_level(self, value): - if isinstance(value, str): - try: - return models.CompressionLevelOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_version") - def serialize_parquet_version(self, value): - if isinstance(value, str): - try: - return models.ParquetVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_data_page_version") - def serialize_parquet_data_page_version(self, value): - if isinstance(value, str): - try: - return models.DataPageVersionOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "stagePath", - "addIdToStagePath", - "removeEmptyDirs", - "partitionExpr", - "format", - "baseFileName", - "fileNameSuffix", - "maxFileSizeMB", - "maxFileOpenTimeSec", - "maxFileIdleTimeSec", - "maxOpenFiles", - "headerLine", - "writeHighWaterMark", - "onBackpressure", - "deadletterEnabled", - "onDiskFullBackpressure", - "forceCloseOnShutdown", - "retrySettings", - "orphans", - "description", - "compress", - "compressionLevel", - "automaticSchema", - "parquetSchema", - "parquetVersion", - "parquetDataPageVersion", - "parquetRowGroupLength", - "parquetPageSize", - "shouldLogInvalidRows", - "keyValueMetadata", - "enableStatistics", - "enableWritePageIndex", - "enablePageChecksum", - "emptyDirCleanupSec", - "directoryBatchSize", - "deadletterPath", - "maxRetryNum", - "__template_streamtags", - "__template_partitionExpr", - "__template_format", - "__template_baseFileName", - "__template_fileNameSuffix", - "__template_onBackpressure", - "__template_compress", - "__template_parquetSchema", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeSignalfx(str, Enum): - SIGNALFX = "signalfx" - - -class CreateOutputPqControlsSignalfxTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsSignalfx(BaseModel): - pass - - -class CreateOutputOutputSignalfxTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeSignalfx - realm: str - r"""SignalFx realm name, e.g. \"us0\". For a complete list of available SignalFx realm names, please check [here](https://docs.splunk.com/observability/en/get-started/service-description.html#sd-regions).""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - token: NotRequired[str] - r"""SignalFx API access token (see [here](https://docs.signalfx.com/en/latest/admin-guide/tokens.html#working-with-access-tokens))""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsSignalfxTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputOutputSignalfx(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeSignalfx - - realm: str - r"""SignalFx realm name, e.g. \"us0\". For a complete list of available SignalFx realm names, please check [here](https://docs.splunk.com/observability/en/get-started/service-description.html#sd-regions).""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - token: Optional[str] = None - r"""SignalFx API access token (see [here](https://docs.signalfx.com/en/latest/admin-guide/tokens.html#working-with-access-tokens))""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsSignalfx], pydantic.Field(alias="pqControls") - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "authType", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "description", - "token", - "textSecret", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeWavefront(str, Enum): - WAVEFRONT = "wavefront" - - -class CreateOutputPqControlsWavefrontTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsWavefront(BaseModel): - pass - - -class CreateOutputOutputWavefrontTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeWavefront - domain: str - r"""WaveFront domain name, e.g. \"longboard\" """ - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - token: NotRequired[str] - r"""WaveFront API authentication token (see [here](https://docs.wavefront.com/wavefront_api.html#generating-an-api-token))""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsWavefrontTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputOutputWavefront(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeWavefront - - domain: str - r"""WaveFront domain name, e.g. \"longboard\" """ - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - token: Optional[str] = None - r"""WaveFront API authentication token (see [here](https://docs.wavefront.com/wavefront_api.html#generating-an-api-token))""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsWavefront], pydantic.Field(alias="pqControls") - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "authType", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "description", - "token", - "textSecret", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeTcpjson(str, Enum): - TCPJSON = "tcpjson" - - -class CreateOutputPqControlsTcpjsonTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsTcpjson(BaseModel): - pass - - -class CreateOutputOutputTcpjsonTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeTcpjson - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - load_balanced: NotRequired[bool] - r"""Use load-balanced destinations""" - compression: NotRequired[CompressionOptionsGzipNone] - r"""Codec to use to compress the data before sending""" - log_failed_requests: NotRequired[bool] - r"""Use to troubleshoot issues with sending data""" - throttle_rate_per_sec: NotRequired[str] - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] - connection_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - write_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - token_ttl_minutes: NotRequired[float] - r"""The number of minutes before the internally generated authentication token expires, valid values between 1 and 60""" - send_header: NotRequired[bool] - r"""Upon connection, send a header-like record containing the auth token and other metadata.This record will not contain an actual event – only subsequent records will.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - description: NotRequired[str] - host: NotRequired[str] - r"""The hostname of the receiver""" - port: NotRequired[float] - r"""The port to connect to on the provided host""" - exclude_self: NotRequired[bool] - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - hosts: NotRequired[List[HostConfOutputSyslogTypedDict]] - r"""Set of hosts to load-balance data to""" - dns_resolve_period_sec: NotRequired[float] - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - load_balance_stats_period_sec: NotRequired[float] - r"""How far back in time to keep traffic stats for load balancing purposes""" - max_concurrent_senders: NotRequired[float] - r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsTcpjsonTypedDict] - auth_token: NotRequired[str] - r"""Optional authentication token to include as part of the connection header""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_host: NotRequired[str] - r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" - template_port: NotRequired[str] - r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" - - -class CreateOutputOutputTcpjson(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeTcpjson - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( - None - ) - r"""Use load-balanced destinations""" - - compression: Optional[CompressionOptionsGzipNone] = None - r"""Codec to use to compress the data before sending""" - - log_failed_requests: Annotated[ - Optional[bool], pydantic.Field(alias="logFailedRequests") - ] = None - r"""Use to troubleshoot issues with sending data""" - - throttle_rate_per_sec: Annotated[ - Optional[str], pydantic.Field(alias="throttleRatePerSec") - ] = None - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - - write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( - None - ) - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - - token_ttl_minutes: Annotated[ - Optional[float], pydantic.Field(alias="tokenTTLMinutes") - ] = None - r"""The number of minutes before the internally generated authentication token expires, valid values between 1 and 60""" - - send_header: Annotated[Optional[bool], pydantic.Field(alias="sendHeader")] = None - r"""Upon connection, send a header-like record containing the auth token and other metadata.This record will not contain an actual event – only subsequent records will.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - description: Optional[str] = None - - host: Optional[str] = None - r"""The hostname of the receiver""" - - port: Optional[float] = None - r"""The port to connect to on the provided host""" - - exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - - hosts: Optional[List[HostConfOutputSyslog]] = None - r"""Set of hosts to load-balance data to""" - - dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") - ] = None - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - - load_balance_stats_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") - ] = None - r"""How far back in time to keep traffic stats for load balancing purposes""" - - max_concurrent_senders: Annotated[ - Optional[float], pydantic.Field(alias="maxConcurrentSenders") - ] = None - r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsTcpjson], pydantic.Field(alias="pqControls") - ] = None - - auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None - r"""Optional authentication token to include as part of the connection header""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_host: Annotated[Optional[str], pydantic.Field(alias="__template_host")] = ( - None - ) - r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" - - template_port: Annotated[Optional[str], pydantic.Field(alias="__template_port")] = ( - None - ) - r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" - - @field_serializer("compression") - def serialize_compression(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsGzipNone(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "loadBalanced", - "compression", - "logFailedRequests", - "throttleRatePerSec", - "tls", - "connectionTimeout", - "writeTimeout", - "tokenTTLMinutes", - "sendHeader", - "onBackpressure", - "authType", - "description", - "host", - "port", - "excludeSelf", - "hosts", - "dnsResolvePeriodSec", - "loadBalanceStatsPeriodSec", - "maxConcurrentSenders", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "authToken", - "textSecret", - "__template_streamtags", - "__template_onBackpressure", - "__template_host", - "__template_port", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeWizHec(str, Enum): - WIZ_HEC = "wiz_hec" - - -class CreateOutputPqControlsWizHecTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsWizHec(BaseModel): - pass - - -class CreateOutputOutputWizHecTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeWizHec - wiz_connector_id: str - r"""The unique identifier for the specific Cribl connector defined in your Wiz Settings. This is used to cross-validate the bearer token and ensure traffic is originating from the authorized integration.""" - wiz_environment: str - r"""Your Wiz deployment environment.""" - data_center: str - r"""Your Wiz deployment data center (e.g., us1, us8, eu1). From Tenant Info → Data Center and Regions → Tenant Data Center in your Wiz console.""" - wiz_sourcetype: str - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - next_queue: NotRequired[str] - r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" - tcp_routing: NotRequired[str] - r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict] - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsWizHecTypedDict] - token: NotRequired[str] - r"""Wiz Defend Auth token""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_wiz_environment: NotRequired[str] - r"""Binds 'wiz_environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_environment' at runtime.""" - template_data_center: NotRequired[str] - r"""Binds 'data_center' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'data_center' at runtime.""" - template_wiz_sourcetype: NotRequired[str] - r"""Binds 'wiz_sourcetype' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_sourcetype' at runtime.""" - - -class CreateOutputOutputWizHec(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeWizHec - - wiz_connector_id: str - r"""The unique identifier for the specific Cribl connector defined in your Wiz Settings. This is used to cross-validate the bearer token and ensure traffic is originating from the authorized integration.""" - - wiz_environment: str - r"""Your Wiz deployment environment.""" - - data_center: str - r"""Your Wiz deployment data center (e.g., us1, us8, eu1). From Tenant Info → Data Center and Regions → Tenant Data Center in your Wiz console.""" - - wiz_sourcetype: str - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - next_queue: Annotated[Optional[str], pydantic.Field(alias="nextQueue")] = None - r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" - - tcp_routing: Annotated[Optional[str], pydantic.Field(alias="tcpRouting")] = None - r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPathExtended] = None - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsWizHec], pydantic.Field(alias="pqControls") - ] = None - - token: Optional[str] = None - r"""Wiz Defend Auth token""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_wiz_environment: Annotated[ - Optional[str], pydantic.Field(alias="__template_wiz_environment") - ] = None - r"""Binds 'wiz_environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_environment' at runtime.""" - - template_data_center: Annotated[ - Optional[str], pydantic.Field(alias="__template_data_center") - ] = None - r"""Binds 'data_center' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'data_center' at runtime.""" - - template_wiz_sourcetype: Annotated[ - Optional[str], pydantic.Field(alias="__template_wiz_sourcetype") - ] = None - r"""Binds 'wiz_sourcetype' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_sourcetype' at runtime.""" - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "nextQueue", - "tcpRouting", - "tls", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "failedRequestLoggingMode", - "safeHeaders", - "authType", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "description", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "token", - "textSecret", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_wiz_environment", - "__template_data_center", - "__template_wiz_sourcetype", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeSplunkHec(str, Enum): - SPLUNK_HEC = "splunk_hec" - - -class CreateOutputURLSplunkHecTypedDict(TypedDict): - url: str - r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" - weight: NotRequired[float] - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - -class CreateOutputURLSplunkHec(BaseModel): - url: str - r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" - - weight: Optional[float] = None - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["weight", "__template_url"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputPqControlsSplunkHecTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsSplunkHec(BaseModel): - pass - - -class CreateOutputOutputSplunkHecTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeSplunkHec - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - load_balanced: NotRequired[bool] - r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" - next_queue: NotRequired[str] - r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" - tcp_routing: NotRequired[str] - r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict] - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - enable_multi_metrics: NotRequired[bool] - r"""Output metrics in multiple-metric format, supported in Splunk 8.0 and above to allow multiple metrics in a single event.""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - url: NotRequired[str] - r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - exclude_self: NotRequired[bool] - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - urls: NotRequired[List[CreateOutputURLSplunkHecTypedDict]] - dns_resolve_period_sec: NotRequired[float] - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - load_balance_stats_period_sec: NotRequired[float] - r"""How far back in time to keep traffic stats for load balancing purposes""" - token: NotRequired[str] - r"""Splunk HEC authentication token""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsSplunkHecTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - -class CreateOutputOutputSplunkHec(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeSplunkHec - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( - None - ) - r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" - - next_queue: Annotated[Optional[str], pydantic.Field(alias="nextQueue")] = None - r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" - - tcp_routing: Annotated[Optional[str], pydantic.Field(alias="tcpRouting")] = None - r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPathExtended] = None - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - enable_multi_metrics: Annotated[ - Optional[bool], pydantic.Field(alias="enableMultiMetrics") - ] = None - r"""Output metrics in multiple-metric format, supported in Splunk 8.0 and above to allow multiple metrics in a single event.""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - url: Optional[str] = None - r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - - urls: Optional[List[CreateOutputURLSplunkHec]] = None - - dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") - ] = None - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - - load_balance_stats_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") - ] = None - r"""How far back in time to keep traffic stats for load balancing purposes""" - - token: Optional[str] = None - r"""Splunk HEC authentication token""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsSplunkHec], pydantic.Field(alias="pqControls") - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "loadBalanced", - "nextQueue", - "tcpRouting", - "tls", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "failedRequestLoggingMode", - "safeHeaders", - "enableMultiMetrics", - "authType", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "description", - "url", - "useRoundRobinDns", - "excludeSelf", - "urls", - "dnsResolvePeriodSec", - "loadBalanceStatsPeriodSec", - "token", - "textSecret", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_url", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeSplunkLb(str, Enum): - SPLUNK_LB = "splunk_lb" - - -class CreateOutputAuthTokenTypedDict(TypedDict): - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - auth_token: NotRequired[str] - r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - - -class CreateOutputAuthToken(BaseModel): - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None - r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["authType", "authToken", "textSecret"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputIndexerDiscoveryConfigsTypedDict(TypedDict): - r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" - - site: str - r"""Clustering site of the indexers from where indexers need to be discovered. In case of single site cluster, it defaults to 'default' site.""" - master_uri: str - r"""Full URI of Splunk cluster manager (scheme://host:port). Example: https://managerAddress:8089""" - refresh_interval_sec: float - r"""Time interval, in seconds, between two consecutive indexer list fetches from cluster manager""" - reject_unauthorized: NotRequired[bool] - r"""During indexer discovery, reject cluster manager certificates that are not authorized by the system's CA. Disable to allow untrusted (for example, self-signed) certificates.""" - auth_tokens: NotRequired[List[CreateOutputAuthTokenTypedDict]] - r"""Tokens required to authenticate to cluster manager for indexer discovery""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - auth_token: NotRequired[str] - r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - - -class CreateOutputIndexerDiscoveryConfigs(BaseModel): - r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" - - site: str - r"""Clustering site of the indexers from where indexers need to be discovered. In case of single site cluster, it defaults to 'default' site.""" - - master_uri: Annotated[str, pydantic.Field(alias="masterUri")] - r"""Full URI of Splunk cluster manager (scheme://host:port). Example: https://managerAddress:8089""" - - refresh_interval_sec: Annotated[float, pydantic.Field(alias="refreshIntervalSec")] - r"""Time interval, in seconds, between two consecutive indexer list fetches from cluster manager""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""During indexer discovery, reject cluster manager certificates that are not authorized by the system's CA. Disable to allow untrusted (for example, self-signed) certificates.""" - - auth_tokens: Annotated[ - Optional[List[CreateOutputAuthToken]], pydantic.Field(alias="authTokens") - ] = None - r"""Tokens required to authenticate to cluster manager for indexer discovery""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None - r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - ["rejectUnauthorized", "authTokens", "authType", "authToken", "textSecret"] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputPqControlsSplunkLbTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsSplunkLb(BaseModel): - pass - - -class CreateOutputOutputSplunkLbTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeSplunkLb - hosts: List[HostConfOutputSyslogTypedDict] - r"""Set of Splunk indexers to load-balance data to.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - dns_resolve_period_sec: NotRequired[float] - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - load_balance_stats_period_sec: NotRequired[float] - r"""How far back in time to keep traffic stats for load balancing purposes""" - max_concurrent_senders: NotRequired[float] - r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" - nested_fields: NotRequired[NestedFieldSerializationOptions] - r"""How to serialize nested fields into index-time fields""" - throttle_rate_per_sec: NotRequired[str] - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - connection_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - write_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] - enable_multi_metrics: NotRequired[bool] - r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" - enable_ack: NotRequired[bool] - r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" - log_failed_requests: NotRequired[bool] - r"""Use to troubleshoot issues with sending data""" - max_s2_sversion: NotRequired[MaxS2SVersionOptions] - r"""The highest S2S protocol version to advertise during handshake""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - indexer_discovery: NotRequired[bool] - r"""Automatically discover indexers in indexer clustering environment.""" - sender_unhealthy_time_allowance: NotRequired[float] - r"""How long (in milliseconds) each LB endpoint can report blocked before the Destination reports unhealthy, blocking the sender. (Grace period for fluctuations.) Use 0 to disable; max 1 minute.""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - description: NotRequired[str] - max_failed_health_checks: NotRequired[float] - r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" - compress: NotRequired[CompressionOptions] - r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" - indexer_discovery_configs: NotRequired[CreateOutputIndexerDiscoveryConfigsTypedDict] - r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" - exclude_self: NotRequired[bool] - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsSplunkLbTypedDict] - auth_token: NotRequired[str] - r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_nested_fields: NotRequired[str] - r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" - template_max_s2_sversion: NotRequired[str] - r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - -class CreateOutputOutputSplunkLb(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeSplunkLb - - hosts: List[HostConfOutputSyslog] - r"""Set of Splunk indexers to load-balance data to.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") - ] = None - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - - load_balance_stats_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") - ] = None - r"""How far back in time to keep traffic stats for load balancing purposes""" - - max_concurrent_senders: Annotated[ - Optional[float], pydantic.Field(alias="maxConcurrentSenders") - ] = None - r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" - - nested_fields: Annotated[ - Optional[NestedFieldSerializationOptions], pydantic.Field(alias="nestedFields") - ] = None - r"""How to serialize nested fields into index-time fields""" - - throttle_rate_per_sec: Annotated[ - Optional[str], pydantic.Field(alias="throttleRatePerSec") - ] = None - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - - write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( - None - ) - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None - - enable_multi_metrics: Annotated[ - Optional[bool], pydantic.Field(alias="enableMultiMetrics") - ] = None - r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" - - enable_ack: Annotated[Optional[bool], pydantic.Field(alias="enableACK")] = None - r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" - - log_failed_requests: Annotated[ - Optional[bool], pydantic.Field(alias="logFailedRequests") - ] = None - r"""Use to troubleshoot issues with sending data""" - - max_s2_sversion: Annotated[ - Optional[MaxS2SVersionOptions], pydantic.Field(alias="maxS2Sversion") - ] = None - r"""The highest S2S protocol version to advertise during handshake""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - indexer_discovery: Annotated[ - Optional[bool], pydantic.Field(alias="indexerDiscovery") - ] = None - r"""Automatically discover indexers in indexer clustering environment.""" - - sender_unhealthy_time_allowance: Annotated[ - Optional[float], pydantic.Field(alias="senderUnhealthyTimeAllowance") - ] = None - r"""How long (in milliseconds) each LB endpoint can report blocked before the Destination reports unhealthy, blocking the sender. (Grace period for fluctuations.) Use 0 to disable; max 1 minute.""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - description: Optional[str] = None - - max_failed_health_checks: Annotated[ - Optional[float], pydantic.Field(alias="maxFailedHealthChecks") - ] = None - r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" - - compress: Optional[CompressionOptions] = None - r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" - - indexer_discovery_configs: Annotated[ - Optional[CreateOutputIndexerDiscoveryConfigs], - pydantic.Field(alias="indexerDiscoveryConfigs"), - ] = None - r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" - - exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsSplunkLb], pydantic.Field(alias="pqControls") - ] = None - - auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None - r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_nested_fields: Annotated[ - Optional[str], pydantic.Field(alias="__template_nestedFields") - ] = None - r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" - - template_max_s2_sversion: Annotated[ - Optional[str], pydantic.Field(alias="__template_maxS2Sversion") - ] = None - r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - @field_serializer("nested_fields") - def serialize_nested_fields(self, value): - if isinstance(value, str): - try: - return models.NestedFieldSerializationOptions(value) - except ValueError: - return value - return value - - @field_serializer("max_s2_sversion") - def serialize_max_s2_sversion(self, value): - if isinstance(value, str): - try: - return models.MaxS2SVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "dnsResolvePeriodSec", - "loadBalanceStatsPeriodSec", - "maxConcurrentSenders", - "nestedFields", - "throttleRatePerSec", - "connectionTimeout", - "writeTimeout", - "tls", - "enableMultiMetrics", - "enableACK", - "logFailedRequests", - "maxS2Sversion", - "onBackpressure", - "indexerDiscovery", - "senderUnhealthyTimeAllowance", - "authType", - "description", - "maxFailedHealthChecks", - "compress", - "indexerDiscoveryConfigs", - "excludeSelf", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "authToken", - "textSecret", - "__template_streamtags", - "__template_nestedFields", - "__template_maxS2Sversion", - "__template_onBackpressure", - "__template_compress", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeSplunk(str, Enum): - SPLUNK = "splunk" - - -class CreateOutputPqControlsSplunkTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsSplunk(BaseModel): - pass - - -class CreateOutputOutputSplunkTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeSplunk - host: str - r"""The hostname of the receiver""" - port: float - r"""The port to connect to on the provided host""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - nested_fields: NotRequired[NestedFieldSerializationOptions] - r"""How to serialize nested fields into index-time fields""" - throttle_rate_per_sec: NotRequired[str] - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - connection_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - write_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] - enable_multi_metrics: NotRequired[bool] - r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" - enable_ack: NotRequired[bool] - r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" - log_failed_requests: NotRequired[bool] - r"""Use to troubleshoot issues with sending data""" - max_s2_sversion: NotRequired[MaxS2SVersionOptions] - r"""The highest S2S protocol version to advertise during handshake""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - description: NotRequired[str] - max_failed_health_checks: NotRequired[float] - r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" - compress: NotRequired[CompressionOptions] - r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsSplunkTypedDict] - auth_token: NotRequired[str] - r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_host: NotRequired[str] - r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" - template_port: NotRequired[str] - r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" - template_nested_fields: NotRequired[str] - r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" - template_max_s2_sversion: NotRequired[str] - r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - -class CreateOutputOutputSplunk(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeSplunk - - host: str - r"""The hostname of the receiver""" - - port: float - r"""The port to connect to on the provided host""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - nested_fields: Annotated[ - Optional[NestedFieldSerializationOptions], pydantic.Field(alias="nestedFields") - ] = None - r"""How to serialize nested fields into index-time fields""" - - throttle_rate_per_sec: Annotated[ - Optional[str], pydantic.Field(alias="throttleRatePerSec") - ] = None - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - - write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( - None - ) - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None - - enable_multi_metrics: Annotated[ - Optional[bool], pydantic.Field(alias="enableMultiMetrics") - ] = None - r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" - - enable_ack: Annotated[Optional[bool], pydantic.Field(alias="enableACK")] = None - r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" - - log_failed_requests: Annotated[ - Optional[bool], pydantic.Field(alias="logFailedRequests") - ] = None - r"""Use to troubleshoot issues with sending data""" - - max_s2_sversion: Annotated[ - Optional[MaxS2SVersionOptions], pydantic.Field(alias="maxS2Sversion") - ] = None - r"""The highest S2S protocol version to advertise during handshake""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - description: Optional[str] = None - - max_failed_health_checks: Annotated[ - Optional[float], pydantic.Field(alias="maxFailedHealthChecks") - ] = None - r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" - - compress: Optional[CompressionOptions] = None - r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsSplunk], pydantic.Field(alias="pqControls") - ] = None - - auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None - r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_host: Annotated[Optional[str], pydantic.Field(alias="__template_host")] = ( - None - ) - r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" - - template_port: Annotated[Optional[str], pydantic.Field(alias="__template_port")] = ( - None - ) - r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" - - template_nested_fields: Annotated[ - Optional[str], pydantic.Field(alias="__template_nestedFields") - ] = None - r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" - - template_max_s2_sversion: Annotated[ - Optional[str], pydantic.Field(alias="__template_maxS2Sversion") - ] = None - r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - @field_serializer("nested_fields") - def serialize_nested_fields(self, value): - if isinstance(value, str): - try: - return models.NestedFieldSerializationOptions(value) - except ValueError: - return value - return value - - @field_serializer("max_s2_sversion") - def serialize_max_s2_sversion(self, value): - if isinstance(value, str): - try: - return models.MaxS2SVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "nestedFields", - "throttleRatePerSec", - "connectionTimeout", - "writeTimeout", - "tls", - "enableMultiMetrics", - "enableACK", - "logFailedRequests", - "maxS2Sversion", - "onBackpressure", - "authType", - "description", - "maxFailedHealthChecks", - "compress", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "authToken", - "textSecret", - "__template_streamtags", - "__template_host", - "__template_port", - "__template_nestedFields", - "__template_maxS2Sversion", - "__template_onBackpressure", - "__template_compress", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeSyslog(str, Enum): - SYSLOG = "syslog" - - -class CreateOutputProtocolSyslog(str, Enum, metaclass=utils.OpenEnumMeta): - r"""The network protocol to use for sending out syslog messages""" - - # TCP - TCP = "tcp" - # UDP - UDP = "udp" - - -class CreateOutputFacility(int, Enum, metaclass=utils.OpenEnumMeta): - r"""Default value for message facility. Will be overwritten by value of __facility if set. Defaults to user.""" - - # kern - KERN = 0 - # user - USER = 1 - # mail - MAIL = 2 - # daemon - DAEMON = 3 - # auth - AUTH = 4 - # syslog - SYSLOG = 5 - # lpr - LPR = 6 - # news - NEWS = 7 - # uucp - UUCP = 8 - # cron - CRON = 9 - # authpriv - AUTHPRIV = 10 - # ftp - FTP = 11 - # ntp - NTP = 12 - # security - SECURITY = 13 - # console - CONSOLE = 14 - # solaris-cron - SOLARIS_CRON = 15 - # local0 - LOCAL0 = 16 - # local1 - LOCAL1 = 17 - # local2 - LOCAL2 = 18 - # local3 - LOCAL3 = 19 - # local4 - LOCAL4 = 20 - # local5 - LOCAL5 = 21 - - -class CreateOutputSeveritySyslog(int, Enum, metaclass=utils.OpenEnumMeta): - r"""Default value for message severity. Will be overwritten by value of __severity if set. Defaults to notice.""" - - # emergency - EMERGENCY = 0 - # alert - ALERT = 1 - # critical - CRITICAL = 2 - # error - ERROR = 3 - # warning - WARNING = 4 - # notice - NOTICE = 5 - # info - INFO = 6 - # debug - DEBUG = 7 - - -class CreateOutputMessageFormat(str, Enum, metaclass=utils.OpenEnumMeta): - r"""The syslog message format depending on the receiver's support""" - - # RFC3164 - RFC3164 = "rfc3164" - # RFC5424 - RFC5424 = "rfc5424" - - -class CreateOutputTimestampFormat(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Timestamp format to use when serializing event's time field""" - - # Syslog - SYSLOG = "syslog" - # ISO8601 - ISO8601 = "iso8601" - - -class CreateOutputPqControlsSyslogTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsSyslog(BaseModel): - pass - - -class CreateOutputOutputSyslogTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeSyslog - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - protocol: NotRequired[CreateOutputProtocolSyslog] - r"""The network protocol to use for sending out syslog messages""" - facility: NotRequired[CreateOutputFacility] - r"""Default value for message facility. Will be overwritten by value of __facility if set. Defaults to user.""" - severity: NotRequired[CreateOutputSeveritySyslog] - r"""Default value for message severity. Will be overwritten by value of __severity if set. Defaults to notice.""" - app_name: NotRequired[str] - r"""Default name for device or application that originated the message. Defaults to Cribl, but will be overwritten by value of __appname if set.""" - message_format: NotRequired[CreateOutputMessageFormat] - r"""The syslog message format depending on the receiver's support""" - timestamp_format: NotRequired[CreateOutputTimestampFormat] - r"""Timestamp format to use when serializing event's time field""" - throttle_rate_per_sec: NotRequired[str] - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - octet_count_framing: NotRequired[bool] - r"""Prefix messages with the byte count of the message. If disabled, no prefix will be set, and the message will be appended with a \n.""" - log_failed_requests: NotRequired[bool] - r"""Use to troubleshoot issues with sending data""" - description: NotRequired[str] - load_balanced: NotRequired[bool] - r"""For optimal performance, enable load balancing even if you have one hostname, as it can expand to multiple IPs. If this setting is disabled, consider enabling round-robin DNS.""" - host: NotRequired[str] - r"""The hostname of the receiver""" - port: NotRequired[float] - r"""The port to connect to on the provided host""" - exclude_self: NotRequired[bool] - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - hosts: NotRequired[List[HostConfOutputSyslogTypedDict]] - r"""Set of hosts to load-balance data to""" - dns_resolve_period_sec: NotRequired[float] - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - load_balance_stats_period_sec: NotRequired[float] - r"""How far back in time to keep traffic stats for load balancing purposes""" - max_concurrent_senders: NotRequired[float] - r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" - connection_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - write_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - max_record_size: NotRequired[float] - r"""Maximum size of syslog messages. Make sure this value is less than or equal to the MTU to avoid UDP packet fragmentation.""" - udp_dns_resolve_period_sec: NotRequired[float] - r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every message sent will incur a DNS lookup.""" - enable_ip_spoofing: NotRequired[bool] - r"""Send Syslog traffic using the original event's Source IP and port. To enable this, you must install the external `udp-sender` helper binary at `/usr/bin/udp-sender` on all Worker Nodes and grant it the `CAP_NET_RAW` capability.""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsSyslogTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_host: NotRequired[str] - r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" - template_port: NotRequired[str] - r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputOutputSyslog(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeSyslog - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - protocol: Optional[CreateOutputProtocolSyslog] = None - r"""The network protocol to use for sending out syslog messages""" - - facility: Optional[CreateOutputFacility] = None - r"""Default value for message facility. Will be overwritten by value of __facility if set. Defaults to user.""" - - severity: Optional[CreateOutputSeveritySyslog] = None - r"""Default value for message severity. Will be overwritten by value of __severity if set. Defaults to notice.""" - - app_name: Annotated[Optional[str], pydantic.Field(alias="appName")] = None - r"""Default name for device or application that originated the message. Defaults to Cribl, but will be overwritten by value of __appname if set.""" - - message_format: Annotated[ - Optional[CreateOutputMessageFormat], pydantic.Field(alias="messageFormat") - ] = None - r"""The syslog message format depending on the receiver's support""" - - timestamp_format: Annotated[ - Optional[CreateOutputTimestampFormat], pydantic.Field(alias="timestampFormat") - ] = None - r"""Timestamp format to use when serializing event's time field""" - - throttle_rate_per_sec: Annotated[ - Optional[str], pydantic.Field(alias="throttleRatePerSec") - ] = None - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - - octet_count_framing: Annotated[ - Optional[bool], pydantic.Field(alias="octetCountFraming") - ] = None - r"""Prefix messages with the byte count of the message. If disabled, no prefix will be set, and the message will be appended with a \n.""" - - log_failed_requests: Annotated[ - Optional[bool], pydantic.Field(alias="logFailedRequests") - ] = None - r"""Use to troubleshoot issues with sending data""" - - description: Optional[str] = None - - load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( - None - ) - r"""For optimal performance, enable load balancing even if you have one hostname, as it can expand to multiple IPs. If this setting is disabled, consider enabling round-robin DNS.""" - - host: Optional[str] = None - r"""The hostname of the receiver""" - - port: Optional[float] = None - r"""The port to connect to on the provided host""" - - exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - - hosts: Optional[List[HostConfOutputSyslog]] = None - r"""Set of hosts to load-balance data to""" - - dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") - ] = None - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - - load_balance_stats_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") - ] = None - r"""How far back in time to keep traffic stats for load balancing purposes""" - - max_concurrent_senders: Annotated[ - Optional[float], pydantic.Field(alias="maxConcurrentSenders") - ] = None - r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - - write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( - None - ) - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - max_record_size: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSize") - ] = None - r"""Maximum size of syslog messages. Make sure this value is less than or equal to the MTU to avoid UDP packet fragmentation.""" - - udp_dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="udpDnsResolvePeriodSec") - ] = None - r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every message sent will incur a DNS lookup.""" - - enable_ip_spoofing: Annotated[ - Optional[bool], pydantic.Field(alias="enableIpSpoofing") - ] = None - r"""Send Syslog traffic using the original event's Source IP and port. To enable this, you must install the external `udp-sender` helper binary at `/usr/bin/udp-sender` on all Worker Nodes and grant it the `CAP_NET_RAW` capability.""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsSyslog], pydantic.Field(alias="pqControls") - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_host: Annotated[Optional[str], pydantic.Field(alias="__template_host")] = ( - None - ) - r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" - - template_port: Annotated[Optional[str], pydantic.Field(alias="__template_port")] = ( - None - ) - r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("protocol") - def serialize_protocol(self, value): - if isinstance(value, str): - try: - return models.CreateOutputProtocolSyslog(value) - except ValueError: - return value - return value - - @field_serializer("facility") - def serialize_facility(self, value): - if isinstance(value, str): - try: - return models.CreateOutputFacility(value) - except ValueError: - return value - return value - - @field_serializer("severity") - def serialize_severity(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSeveritySyslog(value) - except ValueError: - return value - return value - - @field_serializer("message_format") - def serialize_message_format(self, value): - if isinstance(value, str): - try: - return models.CreateOutputMessageFormat(value) - except ValueError: - return value - return value - - @field_serializer("timestamp_format") - def serialize_timestamp_format(self, value): - if isinstance(value, str): - try: - return models.CreateOutputTimestampFormat(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "protocol", - "facility", - "severity", - "appName", - "messageFormat", - "timestampFormat", - "throttleRatePerSec", - "octetCountFraming", - "logFailedRequests", - "description", - "loadBalanced", - "host", - "port", - "excludeSelf", - "hosts", - "dnsResolvePeriodSec", - "loadBalanceStatsPeriodSec", - "maxConcurrentSenders", - "connectionTimeout", - "writeTimeout", - "tls", - "onBackpressure", - "maxRecordSize", - "udpDnsResolvePeriodSec", - "enableIpSpoofing", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_host", - "__template_port", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeDevnull(str, Enum): - DEVNULL = "devnull" - - -class CreateOutputOutputDevnullTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeDevnull - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - -class CreateOutputOutputDevnull(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeDevnull - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "__template_streamtags", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputTypeSentinel(str, Enum): - SENTINEL = "sentinel" - - -class CreateOutputAuthType(str, Enum, metaclass=utils.OpenEnumMeta): - OAUTH = "oauth" - - -class CreateOutputEndpointConfiguration(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Enter the data collection endpoint URL or the individual ID""" - - # URL - URL = "url" - # ID - ID = "ID" - - -class CreateOutputFormatSentinel(str, Enum, metaclass=utils.OpenEnumMeta): - NDJSON = "ndjson" - JSON_ARRAY = "json_array" - CUSTOM = "custom" - ADVANCED = "advanced" - - -class CreateOutputPqControlsSentinelTypedDict(TypedDict): - pass - - -class CreateOutputPqControlsSentinel(BaseModel): - pass - - -class CreateOutputOutputSentinelTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputTypeSentinel - login_url: str - r"""URL for OAuth""" - secret: str - r"""Secret parameter value to pass in request body""" - client_id: str - r"""JavaScript expression to compute the Client ID for the Azure application. Can be a constant.""" - endpoint_url_configuration: CreateOutputEndpointConfiguration - r"""Enter the data collection endpoint URL or the individual ID""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - keep_alive: NotRequired[bool] - r"""Disable to close the connection immediately after sending the outgoing request""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size (KB) of the request body (defaults to the API's maximum limit of 1000 KB)""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[CreateOutputAuthType] - scope: NotRequired[str] - r"""Scope to pass in the OAuth request""" - total_memory_limit_kb: NotRequired[float] - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - description: NotRequired[str] - format_: NotRequired[CreateOutputFormatSentinel] - custom_source_expression: NotRequired[str] - r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" - custom_drop_when_null: NotRequired[bool] - r"""Whether to drop events when the source expression evaluates to null""" - custom_event_delimiter: NotRequired[str] - r"""Delimiter string to insert between individual events. Defaults to newline character.""" - custom_content_type: NotRequired[str] - r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" - custom_payload_expression: NotRequired[str] - r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" - advanced_content_type: NotRequired[str] - r"""HTTP content-type header value""" - format_event_code: NotRequired[str] - r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - format_payload_code: NotRequired[str] - r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputPqControlsSentinelTypedDict] - url: NotRequired[str] - r"""URL to send events to. Can be overwritten by an event's __url field.""" - dcr_id: NotRequired[str] - r"""Immutable ID for the Data Collection Rule (DCR)""" - dce_endpoint: NotRequired[str] - r"""Data collection endpoint (DCE) URL. In the format: `https://-..ingest.monitor.azure.com`""" - stream_name: NotRequired[str] - r"""The name of the stream (Sentinel table) in which to store the events""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_login_url: NotRequired[str] - r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" - template_secret: NotRequired[str] - r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" - template_client_id: NotRequired[str] - r"""Binds 'client_id' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'client_id' at runtime.""" - template_scope: NotRequired[str] - r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - template_dcr_id: NotRequired[str] - r"""Binds 'dcrID' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dcrID' at runtime.""" - template_dce_endpoint: NotRequired[str] - r"""Binds 'dceEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dceEndpoint' at runtime.""" - template_stream_name: NotRequired[str] - r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" - - -class CreateOutputOutputSentinel(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputTypeSentinel - - login_url: Annotated[str, pydantic.Field(alias="loginUrl")] - r"""URL for OAuth""" - - secret: str - r"""Secret parameter value to pass in request body""" - - client_id: str - r"""JavaScript expression to compute the Client ID for the Azure application. Can be a constant.""" - - endpoint_url_configuration: Annotated[ - CreateOutputEndpointConfiguration, - pydantic.Field(alias="endpointURLConfiguration"), - ] - r"""Enter the data collection endpoint URL or the individual ID""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - keep_alive: Annotated[Optional[bool], pydantic.Field(alias="keepAlive")] = None - r"""Disable to close the connection immediately after sending the outgoing request""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size (KB) of the request body (defaults to the API's maximum limit of 1000 KB)""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[CreateOutputAuthType], pydantic.Field(alias="authType") - ] = None - - scope: Optional[str] = None - r"""Scope to pass in the OAuth request""" - - total_memory_limit_kb: Annotated[ - Optional[float], pydantic.Field(alias="totalMemoryLimitKB") - ] = None - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - - description: Optional[str] = None - - format_: Annotated[ - Optional[CreateOutputFormatSentinel], pydantic.Field(alias="format") - ] = None - - custom_source_expression: Annotated[ - Optional[str], pydantic.Field(alias="customSourceExpression") - ] = None - r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" - - custom_drop_when_null: Annotated[ - Optional[bool], pydantic.Field(alias="customDropWhenNull") - ] = None - r"""Whether to drop events when the source expression evaluates to null""" - - custom_event_delimiter: Annotated[ - Optional[str], pydantic.Field(alias="customEventDelimiter") - ] = None - r"""Delimiter string to insert between individual events. Defaults to newline character.""" - - custom_content_type: Annotated[ - Optional[str], pydantic.Field(alias="customContentType") - ] = None - r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" - - custom_payload_expression: Annotated[ - Optional[str], pydantic.Field(alias="customPayloadExpression") - ] = None - r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" - - advanced_content_type: Annotated[ - Optional[str], pydantic.Field(alias="advancedContentType") - ] = None - r"""HTTP content-type header value""" - - format_event_code: Annotated[ - Optional[str], pydantic.Field(alias="formatEventCode") - ] = None - r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - - format_payload_code: Annotated[ - Optional[str], pydantic.Field(alias="formatPayloadCode") - ] = None - r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputPqControlsSentinel], pydantic.Field(alias="pqControls") - ] = None - - url: Optional[str] = None - r"""URL to send events to. Can be overwritten by an event's __url field.""" - - dcr_id: Annotated[Optional[str], pydantic.Field(alias="dcrID")] = None - r"""Immutable ID for the Data Collection Rule (DCR)""" - - dce_endpoint: Annotated[Optional[str], pydantic.Field(alias="dceEndpoint")] = None - r"""Data collection endpoint (DCE) URL. In the format: `https://-..ingest.monitor.azure.com`""" - - stream_name: Annotated[Optional[str], pydantic.Field(alias="streamName")] = None - r"""The name of the stream (Sentinel table) in which to store the events""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_login_url: Annotated[ - Optional[str], pydantic.Field(alias="__template_loginUrl") - ] = None - r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" - - template_secret: Annotated[ - Optional[str], pydantic.Field(alias="__template_secret") - ] = None - r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" - - template_client_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_client_id") - ] = None - r"""Binds 'client_id' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'client_id' at runtime.""" - - template_scope: Annotated[ - Optional[str], pydantic.Field(alias="__template_scope") - ] = None - r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - template_dcr_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_dcrID") - ] = None - r"""Binds 'dcrID' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dcrID' at runtime.""" - - template_dce_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_dceEndpoint") - ] = None - r"""Binds 'dceEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dceEndpoint' at runtime.""" - - template_stream_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamName") - ] = None - r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.CreateOutputAuthType(value) - except ValueError: - return value - return value - - @field_serializer("endpoint_url_configuration") - def serialize_endpoint_url_configuration(self, value): - if isinstance(value, str): - try: - return models.CreateOutputEndpointConfiguration(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.CreateOutputFormatSentinel(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "keepAlive", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "authType", - "scope", - "totalMemoryLimitKB", - "description", - "format", - "customSourceExpression", - "customDropWhenNull", - "customEventDelimiter", - "customContentType", - "customPayloadExpression", - "advancedContentType", - "formatEventCode", - "formatPayloadCode", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "url", - "dcrID", - "dceEndpoint", - "streamName", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_loginUrl", - "__template_secret", - "__template_client_id", - "__template_scope", - "__template_url", - "__template_dcrID", - "__template_dceEndpoint", - "__template_streamName", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputOutputWebhookType2(str, Enum): - WEBHOOK = "webhook" - - -class CreateOutputOutputWebhookFormat2(str, Enum, metaclass=utils.OpenEnumMeta): - r"""How to format events before sending out""" - - # NDJSON (Newline Delimited JSON) - NDJSON = "ndjson" - # JSON Array - JSON_ARRAY = "json_array" - # Custom - CUSTOM = "custom" - # Advanced - ADVANCED = "advanced" - - -class CreateOutputOutputWebhookAuthenticationType2( - str, Enum, metaclass=utils.OpenEnumMeta -): - r"""Authentication method to use for the HTTP request""" - - # None - NONE = "none" - # Basic - BASIC = "basic" - # Basic (credentials secret) - CREDENTIALS_SECRET = "credentialsSecret" - # Token - TOKEN = "token" - # Token (text secret) - TEXT_SECRET = "textSecret" - # OAuth - OAUTH = "oauth" - - -class CreateOutputOutputWebhookPqControls2TypedDict(TypedDict): - pass - - -class CreateOutputOutputWebhookPqControls2(BaseModel): - pass - - -class CreateOutputOutputWebhookURL2TypedDict(TypedDict): - url: str - r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" - weight: NotRequired[float] - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - -class CreateOutputOutputWebhookURL2(BaseModel): - url: str - r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" - - weight: Optional[float] = None - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["weight", "__template_url"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputOutputWebhookWebhook2TypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputOutputWebhookType2 - urls: List[CreateOutputOutputWebhookURL2TypedDict] - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - method: NotRequired[MethodOptions] - r"""The method to use when sending events""" - format_: NotRequired[CreateOutputOutputWebhookFormat2] - r"""How to format events before sending out""" - keep_alive: NotRequired[bool] - r"""Disable to close the connection immediately after sending the outgoing request""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[CreateOutputOutputWebhookAuthenticationType2] - r"""Authentication method to use for the HTTP request""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict] - total_memory_limit_kb: NotRequired[float] - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - load_balanced: NotRequired[bool] - r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" - description: NotRequired[str] - custom_source_expression: NotRequired[str] - r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" - custom_drop_when_null: NotRequired[bool] - r"""Whether to drop events when the source expression evaluates to null""" - custom_event_delimiter: NotRequired[str] - r"""Delimiter string to insert between individual events. Defaults to newline character.""" - custom_content_type: NotRequired[str] - r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" - custom_payload_expression: NotRequired[str] - r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" - advanced_content_type: NotRequired[str] - r"""HTTP content-type header value""" - format_event_code: NotRequired[str] - r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - format_payload_code: NotRequired[str] - r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputOutputWebhookPqControls2TypedDict] - username: NotRequired[str] - password: NotRequired[str] - token: NotRequired[str] - r"""Bearer token to include in the authorization header""" - credentials_secret: NotRequired[str] - r"""Select or create a secret that references your credentials""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - login_url: NotRequired[str] - r"""URL for OAuth""" - secret_param_name: NotRequired[str] - r"""Secret parameter name to pass in request body""" - secret: NotRequired[str] - r"""Secret parameter value to pass in request body""" - token_attribute_name: NotRequired[str] - r"""Name of the auth token attribute in the OAuth response. Can be top-level (e.g., 'token'); or nested, using a period (e.g., 'data.token').""" - auth_header_expr: NotRequired[str] - r"""JavaScript expression to compute the Authorization header value to pass in requests. The value `${token}` is used to reference the token obtained from authentication, e.g.: `Bearer ${token}`.""" - token_timeout_secs: NotRequired[float] - r"""How often the OAuth token should be refreshed.""" - oauth_params: NotRequired[List[OauthParamConfInputServicenowTableTypedDict]] - r"""Additional parameters to send in the OAuth login request. @{product} will combine the secret with these parameters, and will send the URL-encoded result in a POST request to the endpoint specified in the 'Login URL'. We'll automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" - oauth_headers: NotRequired[List[OauthHeaderConfInputServicenowTableTypedDict]] - r"""Additional headers to send in the OAuth login request. @{product} will automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" - url: NotRequired[str] - r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" - exclude_self: NotRequired[bool] - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - dns_resolve_period_sec: NotRequired[float] - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - load_balance_stats_period_sec: NotRequired[float] - r"""How far back in time to keep traffic stats for load balancing purposes""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_login_url: NotRequired[str] - r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" - template_secret: NotRequired[str] - r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - -class CreateOutputOutputWebhookWebhook2(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputOutputWebhookType2 - - urls: List[CreateOutputOutputWebhookURL2] - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - method: Optional[MethodOptions] = None - r"""The method to use when sending events""" - - format_: Annotated[ - Optional[CreateOutputOutputWebhookFormat2], pydantic.Field(alias="format") - ] = None - r"""How to format events before sending out""" - - keep_alive: Annotated[Optional[bool], pydantic.Field(alias="keepAlive")] = None - r"""Disable to close the connection immediately after sending the outgoing request""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[CreateOutputOutputWebhookAuthenticationType2], - pydantic.Field(alias="authType"), - ] = None - r"""Authentication method to use for the HTTP request""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPathExtended] = None - - total_memory_limit_kb: Annotated[ - Optional[float], pydantic.Field(alias="totalMemoryLimitKB") - ] = None - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - - load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( - None - ) - r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" - - description: Optional[str] = None - - custom_source_expression: Annotated[ - Optional[str], pydantic.Field(alias="customSourceExpression") - ] = None - r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" - - custom_drop_when_null: Annotated[ - Optional[bool], pydantic.Field(alias="customDropWhenNull") - ] = None - r"""Whether to drop events when the source expression evaluates to null""" - - custom_event_delimiter: Annotated[ - Optional[str], pydantic.Field(alias="customEventDelimiter") - ] = None - r"""Delimiter string to insert between individual events. Defaults to newline character.""" - - custom_content_type: Annotated[ - Optional[str], pydantic.Field(alias="customContentType") - ] = None - r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" - - custom_payload_expression: Annotated[ - Optional[str], pydantic.Field(alias="customPayloadExpression") - ] = None - r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" - - advanced_content_type: Annotated[ - Optional[str], pydantic.Field(alias="advancedContentType") - ] = None - r"""HTTP content-type header value""" - - format_event_code: Annotated[ - Optional[str], pydantic.Field(alias="formatEventCode") - ] = None - r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - - format_payload_code: Annotated[ - Optional[str], pydantic.Field(alias="formatPayloadCode") - ] = None - r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputOutputWebhookPqControls2], - pydantic.Field(alias="pqControls"), - ] = None - - username: Optional[str] = None - - password: Optional[str] = None - - token: Optional[str] = None - r"""Bearer token to include in the authorization header""" - - credentials_secret: Annotated[ - Optional[str], pydantic.Field(alias="credentialsSecret") - ] = None - r"""Select or create a secret that references your credentials""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None - r"""URL for OAuth""" - - secret_param_name: Annotated[ - Optional[str], pydantic.Field(alias="secretParamName") - ] = None - r"""Secret parameter name to pass in request body""" - - secret: Optional[str] = None - r"""Secret parameter value to pass in request body""" - - token_attribute_name: Annotated[ - Optional[str], pydantic.Field(alias="tokenAttributeName") - ] = None - r"""Name of the auth token attribute in the OAuth response. Can be top-level (e.g., 'token'); or nested, using a period (e.g., 'data.token').""" - - auth_header_expr: Annotated[ - Optional[str], pydantic.Field(alias="authHeaderExpr") - ] = None - r"""JavaScript expression to compute the Authorization header value to pass in requests. The value `${token}` is used to reference the token obtained from authentication, e.g.: `Bearer ${token}`.""" - - token_timeout_secs: Annotated[ - Optional[float], pydantic.Field(alias="tokenTimeoutSecs") - ] = None - r"""How often the OAuth token should be refreshed.""" - - oauth_params: Annotated[ - Optional[List[OauthParamConfInputServicenowTable]], - pydantic.Field(alias="oauthParams"), - ] = None - r"""Additional parameters to send in the OAuth login request. @{product} will combine the secret with these parameters, and will send the URL-encoded result in a POST request to the endpoint specified in the 'Login URL'. We'll automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" - - oauth_headers: Annotated[ - Optional[List[OauthHeaderConfInputServicenowTable]], - pydantic.Field(alias="oauthHeaders"), - ] = None - r"""Additional headers to send in the OAuth login request. @{product} will automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" - - url: Optional[str] = None - r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" - - exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - - dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") - ] = None - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - - load_balance_stats_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") - ] = None - r"""How far back in time to keep traffic stats for load balancing purposes""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_login_url: Annotated[ - Optional[str], pydantic.Field(alias="__template_loginUrl") - ] = None - r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" - - template_secret: Annotated[ - Optional[str], pydantic.Field(alias="__template_secret") - ] = None - r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - @field_serializer("method") - def serialize_method(self, value): - if isinstance(value, str): - try: - return models.MethodOptions(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.CreateOutputOutputWebhookFormat2(value) - except ValueError: - return value - return value - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.CreateOutputOutputWebhookAuthenticationType2(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "method", - "format", - "keepAlive", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "authType", - "tls", - "totalMemoryLimitKB", - "loadBalanced", - "description", - "customSourceExpression", - "customDropWhenNull", - "customEventDelimiter", - "customContentType", - "customPayloadExpression", - "advancedContentType", - "formatEventCode", - "formatPayloadCode", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "username", - "password", - "token", - "credentialsSecret", - "textSecret", - "loginUrl", - "secretParamName", - "secret", - "tokenAttributeName", - "authHeaderExpr", - "tokenTimeoutSecs", - "oauthParams", - "oauthHeaders", - "url", - "excludeSelf", - "dnsResolvePeriodSec", - "loadBalanceStatsPeriodSec", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_loginUrl", - "__template_secret", - "__template_url", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputOutputWebhookType1(str, Enum): - WEBHOOK = "webhook" - - -class CreateOutputOutputWebhookFormat1(str, Enum, metaclass=utils.OpenEnumMeta): - r"""How to format events before sending out""" - - # NDJSON (Newline Delimited JSON) - NDJSON = "ndjson" - # JSON Array - JSON_ARRAY = "json_array" - # Custom - CUSTOM = "custom" - # Advanced - ADVANCED = "advanced" - - -class CreateOutputOutputWebhookAuthenticationType1( - str, Enum, metaclass=utils.OpenEnumMeta -): - r"""Authentication method to use for the HTTP request""" - - # None - NONE = "none" - # Basic - BASIC = "basic" - # Basic (credentials secret) - CREDENTIALS_SECRET = "credentialsSecret" - # Token - TOKEN = "token" - # Token (text secret) - TEXT_SECRET = "textSecret" - # OAuth - OAUTH = "oauth" - - -class CreateOutputOutputWebhookPqControls1TypedDict(TypedDict): - pass - - -class CreateOutputOutputWebhookPqControls1(BaseModel): - pass - - -class CreateOutputOutputWebhookURL1TypedDict(TypedDict): - url: str - r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" - weight: NotRequired[float] - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - -class CreateOutputOutputWebhookURL1(BaseModel): - url: str - r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" - - weight: Optional[float] = None - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["weight", "__template_url"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m + CreateOutputOutputDatadogTypedDict, + CreateOutputOutputDataset, + CreateOutputOutputDatasetTypedDict, + CreateOutputOutputDellS3, + CreateOutputOutputDellS3TypedDict, + CreateOutputOutputDiskSpool, + CreateOutputOutputDiskSpoolTypedDict, + CreateOutputOutputDlS3, + CreateOutputOutputDlS3TypedDict, + CreateOutputOutputDynatraceHTTP, + CreateOutputOutputDynatraceHTTPTypedDict, + CreateOutputOutputDynatraceOtlp, + CreateOutputOutputDynatraceOtlpTypedDict, + CreateOutputOutputGrafanaCloudUnion, + CreateOutputOutputGrafanaCloudUnionTypedDict, + CreateOutputOutputGraphite, + CreateOutputOutputGraphiteTypedDict, + CreateOutputOutputHumioHec, + CreateOutputOutputHumioHecTypedDict, + CreateOutputOutputLocalSearchStorage, + CreateOutputOutputLocalSearchStorageTypedDict, + CreateOutputOutputLoki, + CreateOutputOutputLokiTypedDict, + CreateOutputOutputMicrosoftFabric, + CreateOutputOutputMicrosoftFabricTypedDict, + CreateOutputOutputNetflow, + CreateOutputOutputNetflowTypedDict, + CreateOutputOutputNutanixObjects, + CreateOutputOutputNutanixObjectsTypedDict, + CreateOutputOutputOpenTelemetry, + CreateOutputOutputOpenTelemetryTypedDict, + CreateOutputOutputPrometheus, + CreateOutputOutputPrometheusTypedDict, + CreateOutputOutputRing, + CreateOutputOutputRingTypedDict, + CreateOutputOutputRouter, + CreateOutputOutputRouterTypedDict, + CreateOutputOutputScalityS3, + CreateOutputOutputScalityS3TypedDict, + CreateOutputOutputSecurityLake, + CreateOutputOutputSecurityLakeTypedDict, + CreateOutputOutputSentinelOneAiSiem, + CreateOutputOutputSentinelOneAiSiemTypedDict, + CreateOutputOutputServiceNow, + CreateOutputOutputServiceNowTypedDict, + CreateOutputOutputSnmp, + CreateOutputOutputSnmpTypedDict, + CreateOutputOutputSns, + CreateOutputOutputSnsTypedDict, + CreateOutputOutputSqs, + CreateOutputOutputSqsTypedDict, + CreateOutputOutputStatsdExt, + CreateOutputOutputStatsdExtTypedDict, + CreateOutputOutputStorjS3, + CreateOutputOutputStorjS3TypedDict, + CreateOutputOutputSumoLogic, + CreateOutputOutputSumoLogicTypedDict, + CreateOutputOutputXsiam, + CreateOutputOutputXsiamTypedDict, +) +from .extrahttpheaderconfinputelastic import ( + ExtraHTTPHeaderConfInputElastic, + ExtraHTTPHeaderConfInputElasticTypedDict, +) +from .failedrequestloggingmodeoptions import FailedRequestLoggingModeOptions +from .methodoptions import MethodOptions +from .modeoptions import ModeOptions +from .oauthheaderconfinputservicenowtable import ( + OauthHeaderConfInputServicenowTable, + OauthHeaderConfInputServicenowTableTypedDict, +) +from .oauthparamconfinputservicenowtable import ( + OauthParamConfInputServicenowTable, + OauthParamConfInputServicenowTableTypedDict, +) +from .queuefullbehavioroptions import QueueFullBehaviorOptions +from .responseretrysettingconfoutputwebhook import ( + ResponseRetrySettingConfOutputWebhook, + ResponseRetrySettingConfOutputWebhookTypedDict, +) +from .timeoutretrysettingstype import ( + TimeoutRetrySettingsType, + TimeoutRetrySettingsTypeTypedDict, +) +from .tlssettingsclientsidetypecapathcertpathextended import ( + TLSSettingsClientSideTypeCaPathCertPathExtended, + TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict, +) +from cribl_control_plane import models +from cribl_control_plane.types import BaseModel, Nullable, UNSET_SENTINEL +from cribl_control_plane.utils import get_discriminator +from enum import Enum +import pydantic +from pydantic import Discriminator, Tag, field_serializer, model_serializer +from typing import List, Optional, Union +from typing_extensions import Annotated, NotRequired, TypeAliasType, TypedDict class CreateOutputOutputWebhookWebhook1TypedDict(TypedDict): @@ -17917,7 +307,7 @@ class CreateOutputOutputWebhookWebhook1TypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputOutputWebhookPqControls1TypedDict] username: NotRequired[str] password: NotRequired[str] @@ -18179,7 +569,7 @@ class CreateOutputOutputWebhookWebhook1(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputOutputWebhookPqControls1], @@ -18555,40 +945,41 @@ def serialize_model(self, handler): CreateOutputOutputNetflowTypedDict, CreateOutputOutputDiskSpoolTypedDict, CreateOutputOutputRingTypedDict, + CreateOutputOutputStatsdTypedDict, CreateOutputOutputGraphiteTypedDict, CreateOutputOutputStatsdExtTypedDict, - CreateOutputOutputStatsdTypedDict, CreateOutputOutputGooglePubsubTypedDict, - CreateOutputOutputCriblTCPTypedDict, - CreateOutputOutputHoneycombTypedDict, + CreateOutputOutputGoogleCloudObservabilityTypedDict, CreateOutputOutputWavefrontTypedDict, CreateOutputOutputSignalfxTypedDict, + CreateOutputOutputHoneycombTypedDict, + CreateOutputOutputCriblTCPTypedDict, CreateOutputOutputAzureEventhubTypedDict, CreateOutputOutputMicrosoftFabricTypedDict, + CreateOutputOutputExabeamTypedDict, CreateOutputOutputSumoLogicTypedDict, CreateOutputOutputCrowdstrikeNextGenSiemTypedDict, CreateOutputOutputHumioHecTypedDict, CreateOutputOutputTcpjsonTypedDict, CreateOutputOutputSplunkTypedDict, - CreateOutputOutputExabeamTypedDict, CreateOutputOutputSnsTypedDict, CreateOutputOutputElasticCloudTypedDict, - CreateOutputOutputKafkaTypedDict, CreateOutputOutputAzureLogsTypedDict, - CreateOutputOutputConfluentCloudTypedDict, + CreateOutputOutputKafkaTypedDict, + CreateOutputOutputSyslogTypedDict, CreateOutputOutputSplunkLbTypedDict, CreateOutputOutputCloudwatchTypedDict, - CreateOutputOutputSyslogTypedDict, - CreateOutputOutputPrometheusTypedDict, + CreateOutputOutputConfluentCloudTypedDict, CreateOutputOutputNewrelicEventsTypedDict, + CreateOutputOutputPrometheusTypedDict, CreateOutputOutputNewrelicTypedDict, CreateOutputOutputLokiTypedDict, - CreateOutputOutputCriblHTTPTypedDict, + CreateOutputOutputCriblSearchEngineTypedDict, CreateOutputOutputDatasetTypedDict, CreateOutputOutputWizHecTypedDict, - CreateOutputOutputCriblSearchEngineTypedDict, - CreateOutputOutputXsiamTypedDict, + CreateOutputOutputCriblHTTPTypedDict, CreateOutputOutputKinesisTypedDict, + CreateOutputOutputXsiamTypedDict, CreateOutputOutputDynatraceHTTPTypedDict, CreateOutputOutputSplunkHecTypedDict, CreateOutputOutputDynatraceOtlpTypedDict, @@ -18600,19 +991,19 @@ def serialize_model(self, handler): CreateOutputOutputSentinelOneAiSiemTypedDict, CreateOutputOutputElasticTypedDict, CreateOutputOutputGoogleChronicleTypedDict, - CreateOutputOutputClickHouseTypedDict, CreateOutputOutputChronicleTypedDict, + CreateOutputOutputClickHouseTypedDict, CreateOutputOutputLocalSearchStorageTypedDict, CreateOutputOutputDatabricksTypedDict, CreateOutputOutputAlphasocS3TypedDict, - CreateOutputOutputMskTypedDict, CreateOutputOutputCriblLakeTypedDict, + CreateOutputOutputMskTypedDict, CreateOutputOutputStorjS3TypedDict, CreateOutputOutputOpenTelemetryTypedDict, + CreateOutputOutputNutanixObjectsTypedDict, + CreateOutputOutputSentinelTypedDict, CreateOutputOutputAlibabaCloudS3TypedDict, CreateOutputOutputScalityS3TypedDict, - CreateOutputOutputSentinelTypedDict, - CreateOutputOutputNutanixObjectsTypedDict, CreateOutputOutputDellS3TypedDict, CreateOutputOutputCloudflareR2TypedDict, CreateOutputOutputGoogleCloudStorageTypedDict, @@ -18656,6 +1047,10 @@ def serialize_model(self, handler): Annotated[CreateOutputOutputGoogleChronicle, Tag("google_chronicle")], Annotated[CreateOutputOutputGoogleCloudStorage, Tag("google_cloud_storage")], Annotated[CreateOutputOutputGoogleCloudLogging, Tag("google_cloud_logging")], + Annotated[ + CreateOutputOutputGoogleCloudObservability, + Tag("google_cloud_observability"), + ], Annotated[CreateOutputOutputGooglePubsub, Tag("google_pubsub")], Annotated[CreateOutputOutputExabeam, Tag("exabeam")], Annotated[CreateOutputOutputKafka, Tag("kafka")], @@ -18719,178 +1114,6 @@ def serialize_model(self, handler): r"""Output object.""" -try: - CreateOutputOutputStatsd.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputMinio.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputCloudwatch.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputInfluxdb.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputNewrelicEvents.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputNewrelic.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputElasticCloud.model_rebuild() -except NameError: - pass -try: - CreateOutputURLElastic.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputElastic.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputMsk.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputConfluentCloud.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputKafka.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputExabeam.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputGooglePubsub.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputGoogleCloudLogging.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputGoogleCloudStorage.model_rebuild() -except NameError: - pass -try: - CreateOutputExtraLogType.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputGoogleChronicle.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputAzureEventhub.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputHoneycomb.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputKinesis.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputAzureLogs.model_rebuild() -except NameError: - pass -try: - CreateOutputCertificate.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputAzureDataExplorer.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputAzureBlob.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputS3.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputFilesystem.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputSignalfx.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputWavefront.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputTcpjson.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputWizHec.model_rebuild() -except NameError: - pass -try: - CreateOutputURLSplunkHec.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputSplunkHec.model_rebuild() -except NameError: - pass -try: - CreateOutputAuthToken.model_rebuild() -except NameError: - pass -try: - CreateOutputIndexerDiscoveryConfigs.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputSplunkLb.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputSplunk.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputSyslog.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputDevnull.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputSentinel.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputWebhookURL2.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputWebhookWebhook2.model_rebuild() -except NameError: - pass -try: - CreateOutputOutputWebhookURL1.model_rebuild() -except NameError: - pass try: CreateOutputOutputWebhookWebhook1.model_rebuild() except NameError: diff --git a/src/cribl_control_plane/models/createoutput_type_statsd.py b/src/cribl_control_plane/models/createoutput_type_statsd.py index 7ef5d8228..914706a8a 100644 --- a/src/cribl_control_plane/models/createoutput_type_statsd.py +++ b/src/cribl_control_plane/models/createoutput_type_statsd.py @@ -48,6 +48,10 @@ ) from .failedrequestloggingmodeoptions import FailedRequestLoggingModeOptions from .hostconfoutputsyslog import HostConfOutputSyslog, HostConfOutputSyslogTypedDict +from .httpdiscoveryheaderconfinputprometheus import ( + HTTPDiscoveryHeaderConfInputPrometheus, + HTTPDiscoveryHeaderConfInputPrometheusTypedDict, +) from .keyvaluemetadataconfoutputfilesystem import ( KeyValueMetadataConfOutputFilesystem, KeyValueMetadataConfOutputFilesystemTypedDict, @@ -78,10 +82,6 @@ from .queuefullbehavioroptions import QueueFullBehaviorOptions from .recorddataformatoptions import RecordDataFormatOptions from .requestformatoptions import RequestFormatOptions -from .requestparamconfinputopenai import ( - RequestParamConfInputOpenai, - RequestParamConfInputOpenaiTypedDict, -) from .responseretrysettingconfoutputwebhook import ( ResponseRetrySettingConfOutputWebhook, ResponseRetrySettingConfOutputWebhookTypedDict, @@ -5252,7 +5252,7 @@ class CreateOutputOutputMicrosoftFabricTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsMicrosoftFabricTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -5408,7 +5408,7 @@ class CreateOutputOutputMicrosoftFabric(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsMicrosoftFabric], @@ -6223,7 +6223,7 @@ class CreateOutputOutputChronicleTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsChronicleTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -6444,7 +6444,7 @@ class CreateOutputOutputChronicle(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsChronicle], pydantic.Field(alias="pqControls") @@ -6763,7 +6763,7 @@ class CreateOutputOutputSentinelOneAiSiemTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsSentinelOneAiSiemTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -6994,7 +6994,7 @@ class CreateOutputOutputSentinelOneAiSiem(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsSentinelOneAiSiem], @@ -7285,7 +7285,7 @@ class CreateOutputOutputDynatraceOtlpTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsDynatraceOtlpTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -7500,7 +7500,7 @@ class CreateOutputOutputDynatraceOtlp(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsDynatraceOtlp], @@ -7699,7 +7699,7 @@ class CreateOutputFormatDynatraceHTTP(str, Enum, metaclass=utils.OpenEnumMeta): PLAINTEXT = "plaintext" -class CreateOutputEndpoint(str, Enum, metaclass=utils.OpenEnumMeta): +class CreateOutputEndpointDynatraceHTTP(str, Enum, metaclass=utils.OpenEnumMeta): # Cloud CLOUD = "cloud" # ActiveGate @@ -7729,7 +7729,7 @@ class CreateOutputOutputDynatraceHTTPTypedDict(TypedDict): type: CreateOutputTypeDynatraceHTTP format_: CreateOutputFormatDynatraceHTTP r"""How to format events before sending. Defaults to JSON. Plaintext is not currently supported.""" - endpoint: CreateOutputEndpoint + endpoint: CreateOutputEndpointDynatraceHTTP telemetry_type: CreateOutputTelemetryType pipeline: NotRequired[str] r"""Pipeline to process data before sending out to this output""" @@ -7802,7 +7802,7 @@ class CreateOutputOutputDynatraceHTTPTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsDynatraceHTTPTypedDict] token: NotRequired[str] r"""Bearer token to include in the authorization header""" @@ -7833,7 +7833,7 @@ class CreateOutputOutputDynatraceHTTP(BaseModel): format_: Annotated[CreateOutputFormatDynatraceHTTP, pydantic.Field(alias="format")] r"""How to format events before sending. Defaults to JSON. Plaintext is not currently supported.""" - endpoint: CreateOutputEndpoint + endpoint: CreateOutputEndpointDynatraceHTTP telemetry_type: Annotated[ CreateOutputTelemetryType, pydantic.Field(alias="telemetryType") @@ -7992,7 +7992,7 @@ class CreateOutputOutputDynatraceHTTP(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsDynatraceHTTP], @@ -8087,7 +8087,7 @@ def serialize_format_(self, value): def serialize_endpoint(self, value): if isinstance(value, str): try: - return models.CreateOutputEndpoint(value) + return models.CreateOutputEndpointDynatraceHTTP(value) except ValueError: return value return value @@ -8475,7 +8475,7 @@ class CreateOutputOutputXsiamTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsXsiamTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -8675,7 +8675,7 @@ class CreateOutputOutputXsiam(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsXsiam], pydantic.Field(alias="pqControls") @@ -8854,6 +8854,8 @@ class CreateOutputStatsDestinationTypedDict(TypedDict): username: NotRequired[str] sql_username: NotRequired[str] password: NotRequired[str] + wait_for_async_inserts: NotRequired[bool] + concurrency: NotRequired[float] class CreateOutputStatsDestination(BaseModel): @@ -8871,6 +8873,12 @@ class CreateOutputStatsDestination(BaseModel): password: Optional[str] = None + wait_for_async_inserts: Annotated[ + Optional[bool], pydantic.Field(alias="waitForAsyncInserts") + ] = None + + concurrency: Optional[float] = None + @model_serializer(mode="wrap") def serialize_model(self, handler): optional_fields = set( @@ -8882,6 +8890,8 @@ def serialize_model(self, handler): "username", "sqlUsername", "password", + "waitForAsyncInserts", + "concurrency", ] ) serialized = handler(self) @@ -9001,6 +9011,8 @@ class CreateOutputOutputLocalSearchStorageTypedDict(TypedDict): timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] response_honor_retry_after_header: NotRequired[bool] r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + workload: NotRequired[str] + r"""Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification.""" dump_format_errors_to_disk: NotRequired[bool] r"""Log the most recent event that fails to match the table schema""" on_backpressure: NotRequired[BackpressureBehaviorOptions] @@ -9043,7 +9055,7 @@ class CreateOutputOutputLocalSearchStorageTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsLocalSearchStorageTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -9178,6 +9190,9 @@ class CreateOutputOutputLocalSearchStorage(BaseModel): ] = None r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + workload: Optional[str] = None + r"""Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification.""" + dump_format_errors_to_disk: Annotated[ Optional[bool], pydantic.Field(alias="dumpFormatErrorsToDisk") ] = None @@ -9273,7 +9288,7 @@ class CreateOutputOutputLocalSearchStorage(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsLocalSearchStorage], @@ -9409,6 +9424,7 @@ def serialize_model(self, handler): "responseRetrySettings", "timeoutRetrySettings", "responseHonorRetryAfterHeader", + "workload", "dumpFormatErrorsToDisk", "onBackpressure", "statsDestination", @@ -9580,6 +9596,8 @@ class CreateOutputOutputClickHouseTypedDict(TypedDict): timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] response_honor_retry_after_header: NotRequired[bool] r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + workload: NotRequired[str] + r"""Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification.""" dump_format_errors_to_disk: NotRequired[bool] r"""Log the most recent event that fails to match the table schema""" on_backpressure: NotRequired[BackpressureBehaviorOptions] @@ -9619,7 +9637,7 @@ class CreateOutputOutputClickHouseTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsClickHouseTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -9753,6 +9771,9 @@ class CreateOutputOutputClickHouse(BaseModel): ] = None r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + workload: Optional[str] = None + r"""Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification.""" + dump_format_errors_to_disk: Annotated[ Optional[bool], pydantic.Field(alias="dumpFormatErrorsToDisk") ] = None @@ -9844,7 +9865,7 @@ class CreateOutputOutputClickHouse(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsClickHouse], pydantic.Field(alias="pqControls") @@ -9979,6 +10000,7 @@ def serialize_model(self, handler): "responseRetrySettings", "timeoutRetrySettings", "responseHonorRetryAfterHeader", + "workload", "dumpFormatErrorsToDisk", "onBackpressure", "description", @@ -10153,6 +10175,7 @@ class CreateOutputFormatCriblLake(str, Enum, metaclass=utils.OpenEnumMeta): JSON = "json" PARQUET = "parquet" DDSS = "ddss" + NETSKOPE = "netskope" class CreateOutputOutputCriblLakeTypedDict(TypedDict): @@ -12224,7 +12247,7 @@ class CreateOutputOutputCrowdstrikeNextGenSiemTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsCrowdstrikeNextGenSiemTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -12398,7 +12421,7 @@ class CreateOutputOutputCrowdstrikeNextGenSiem(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsCrowdstrikeNextGenSiem], @@ -12637,7 +12660,7 @@ class CreateOutputOutputHumioHecTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsHumioHecTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -12810,7 +12833,7 @@ class CreateOutputOutputHumioHec(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsHumioHec], pydantic.Field(alias="pqControls") @@ -13058,7 +13081,7 @@ class CreateOutputOutputCriblSearchEngineTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsCriblSearchEngineTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -13258,7 +13281,7 @@ class CreateOutputOutputCriblSearchEngine(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsCriblSearchEngine], @@ -13506,7 +13529,7 @@ class CreateOutputOutputCriblHTTPTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsCriblHTTPTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -13706,7 +13729,7 @@ class CreateOutputOutputCriblHTTP(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsCriblHTTP], pydantic.Field(alias="pqControls") @@ -13934,7 +13957,7 @@ class CreateOutputOutputCriblTCPTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsCriblTCPTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -14092,7 +14115,7 @@ class CreateOutputOutputCriblTCP(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsCriblTCP], pydantic.Field(alias="pqControls") @@ -14349,7 +14372,7 @@ class CreateOutputOutputDatasetTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsDatasetTypedDict] api_key: NotRequired[str] r"""A 'Log Write Access' API key for the DataSet account""" @@ -14546,7 +14569,7 @@ class CreateOutputOutputDataset(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsDataset], pydantic.Field(alias="pqControls") @@ -14825,7 +14848,7 @@ class CreateOutputOutputServiceNowTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsServiceNowTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -15037,7 +15060,7 @@ class CreateOutputOutputServiceNow(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsServiceNow], pydantic.Field(alias="pqControls") @@ -15209,7 +15232,7 @@ class CreateOutputTypeOpenTelemetry(str, Enum): OPEN_TELEMETRY = "open_telemetry" -class CreateOutputOTLPVersion(str, Enum, metaclass=utils.OpenEnumMeta): +class CreateOutputOTLPVersionOpenTelemetry(str, Enum, metaclass=utils.OpenEnumMeta): r"""The version of OTLP Protobuf definitions to use when structuring data to send""" # 0.10.0 @@ -15259,7 +15282,7 @@ class CreateOutputOutputOpenTelemetryTypedDict(TypedDict): r"""Tags for filtering and grouping in @{product}""" protocol: NotRequired[ProtocolOptions] r"""Select a transport option for OpenTelemetry""" - otlp_version: NotRequired[CreateOutputOTLPVersion] + otlp_version: NotRequired[CreateOutputOTLPVersionOpenTelemetry] r"""The version of OTLP Protobuf definitions to use when structuring data to send""" compress: NotRequired[CompressionOptionsDeflateGzip] r"""Type of compression to apply to messages sent to the OpenTelemetry endpoint""" @@ -15361,7 +15384,7 @@ class CreateOutputOutputOpenTelemetryTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsOpenTelemetryTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -15400,7 +15423,8 @@ class CreateOutputOutputOpenTelemetry(BaseModel): r"""Select a transport option for OpenTelemetry""" otlp_version: Annotated[ - Optional[CreateOutputOTLPVersion], pydantic.Field(alias="otlpVersion") + Optional[CreateOutputOTLPVersionOpenTelemetry], + pydantic.Field(alias="otlpVersion"), ] = None r"""The version of OTLP Protobuf definitions to use when structuring data to send""" @@ -15630,7 +15654,7 @@ class CreateOutputOutputOpenTelemetry(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsOpenTelemetry], @@ -15670,7 +15694,7 @@ def serialize_protocol(self, value): def serialize_otlp_version(self, value): if isinstance(value, str): try: - return models.CreateOutputOTLPVersion(value) + return models.CreateOutputOTLPVersionOpenTelemetry(value) except ValueError: return value return value @@ -16082,7 +16106,7 @@ class CreateOutputOutputPrometheusTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsPrometheusTypedDict] username: NotRequired[str] password: NotRequired[str] @@ -16271,7 +16295,7 @@ class CreateOutputOutputPrometheus(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsPrometheus], pydantic.Field(alias="pqControls") @@ -16461,7 +16485,7 @@ class CreateOutputOutputLokiTypedDict(TypedDict): r"""Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event.""" message_format: NotRequired[MessageFormatOptions] r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: NotRequired[List[RequestParamConfInputOpenaiTypedDict]] + labels: NotRequired[List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict]] r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" auth_type: NotRequired[ AuthenticationTypeOptionsPrometheusAuthBasicCredentialsSecret @@ -16536,7 +16560,7 @@ class CreateOutputOutputLokiTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsLokiTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -16577,7 +16601,7 @@ class CreateOutputOutputLoki(BaseModel): ] = None r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: Optional[List[RequestParamConfInputOpenai]] = None + labels: Optional[List[HTTPDiscoveryHeaderConfInputPrometheus]] = None r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" auth_type: Annotated[ @@ -16735,7 +16759,7 @@ class CreateOutputOutputLoki(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsLoki], pydantic.Field(alias="pqControls") @@ -16919,7 +16943,7 @@ class CreateOutputOutputGrafanaCloudGrafanaCloud2TypedDict(TypedDict): r"""Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event.""" message_format: NotRequired[MessageFormatOptions] r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: NotRequired[List[RequestParamConfInputOpenaiTypedDict]] + labels: NotRequired[List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict]] r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" metric_rename_expr: NotRequired[str] r"""JavaScript expression that can be used to rename metrics. For example, name.replace(/\./g, '_') will replace all '.' characters in a metric's name with the supported '_' character. Use the 'name' global variable to access the metric's name. You can access event fields' values via __e..""" @@ -16981,7 +17005,7 @@ class CreateOutputOutputGrafanaCloudGrafanaCloud2TypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputOutputGrafanaCloudPqControls2TypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -17029,7 +17053,7 @@ class CreateOutputOutputGrafanaCloudGrafanaCloud2(BaseModel): ] = None r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: Optional[List[RequestParamConfInputOpenai]] = None + labels: Optional[List[HTTPDiscoveryHeaderConfInputPrometheus]] = None r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" metric_rename_expr: Annotated[ @@ -17168,7 +17192,7 @@ class CreateOutputOutputGrafanaCloudGrafanaCloud2(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputOutputGrafanaCloudPqControls2], @@ -17350,7 +17374,7 @@ class CreateOutputOutputGrafanaCloudGrafanaCloud1TypedDict(TypedDict): r"""Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event.""" message_format: NotRequired[MessageFormatOptions] r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: NotRequired[List[RequestParamConfInputOpenaiTypedDict]] + labels: NotRequired[List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict]] r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" metric_rename_expr: NotRequired[str] r"""JavaScript expression that can be used to rename metrics. For example, name.replace(/\./g, '_') will replace all '.' characters in a metric's name with the supported '_' character. Use the 'name' global variable to access the metric's name. You can access event fields' values via __e..""" @@ -17412,7 +17436,7 @@ class CreateOutputOutputGrafanaCloudGrafanaCloud1TypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputOutputGrafanaCloudPqControls1TypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -17462,7 +17486,7 @@ class CreateOutputOutputGrafanaCloudGrafanaCloud1(BaseModel): ] = None r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: Optional[List[RequestParamConfInputOpenai]] = None + labels: Optional[List[HTTPDiscoveryHeaderConfInputPrometheus]] = None r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" metric_rename_expr: Annotated[ @@ -17601,7 +17625,7 @@ class CreateOutputOutputGrafanaCloudGrafanaCloud1(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputOutputGrafanaCloudPqControls1], @@ -17925,7 +17949,7 @@ class CreateOutputOutputDatadogTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsDatadogTypedDict] api_key: NotRequired[str] r"""Organization's API key in Datadog""" @@ -18135,7 +18159,7 @@ class CreateOutputOutputDatadog(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsDatadog], pydantic.Field(alias="pqControls") @@ -18419,7 +18443,7 @@ class CreateOutputOutputSumoLogicTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsSumoLogicTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -18595,7 +18619,7 @@ class CreateOutputOutputSumoLogic(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsSumoLogic], pydantic.Field(alias="pqControls") @@ -18964,7 +18988,7 @@ class CreateOutputOutputSqsTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsSqsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -19156,7 +19180,7 @@ class CreateOutputOutputSqs(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsSqs], pydantic.Field(alias="pqControls") @@ -19421,7 +19445,7 @@ class CreateOutputOutputSnsTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsSnsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -19579,7 +19603,7 @@ class CreateOutputOutputSns(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsSns], pydantic.Field(alias="pqControls") @@ -19927,7 +19951,7 @@ class CreateOutputOutputGraphiteTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsGraphiteTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -20046,7 +20070,7 @@ class CreateOutputOutputGraphite(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsGraphite], pydantic.Field(alias="pqControls") @@ -20219,7 +20243,7 @@ class CreateOutputOutputStatsdExtTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputPqControlsStatsdExtTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -20338,7 +20362,7 @@ class CreateOutputOutputStatsdExt(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputPqControlsStatsdExt], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/createoutputsystembypack_outputwebhook_url_1.py b/src/cribl_control_plane/models/createoutputsystembypack_outputwebhook_url_1.py new file mode 100644 index 000000000..5e70f3739 --- /dev/null +++ b/src/cribl_control_plane/models/createoutputsystembypack_outputwebhook_url_1.py @@ -0,0 +1,18418 @@ +"""Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" + +from __future__ import annotations +from .acknowledgmentsoptions import AcknowledgmentsOptions +from .acknowledgmentsoptionsallleader import AcknowledgmentsOptionsAllLeader +from .authenticationmethodoptions import AuthenticationMethodOptions +from .authenticationmethodoptionsapi import AuthenticationMethodOptionsAPI +from .authenticationmethodoptionsauthtokensitems import ( + AuthenticationMethodOptionsAuthTokensItems, +) +from .authenticationmethodoptionss3collectorconf import ( + AuthenticationMethodOptionsS3CollectorConf, +) +from .authenticationtype import AuthenticationType, AuthenticationTypeTypedDict +from .authenticationtypeuse import AuthenticationTypeUse, AuthenticationTypeUseTypedDict +from .authtypetemplatemanualapikeyauthtype import ( + AuthTypeTemplatemanualAPIKeyAuthType, + AuthTypeTemplatemanualAPIKeyAuthTypeTypedDict, +) +from .backpressurebehavioroptions import BackpressureBehaviorOptions +from .backpressurebehavioroptionsblockdrop import BackpressureBehaviorOptionsBlockDrop +from .certificatetypeazureblobauthtypeclientcert import ( + CertificateTypeAzureBlobAuthTypeClientCert, + CertificateTypeAzureBlobAuthTypeClientCertTypedDict, +) +from .compressionleveloptions import CompressionLevelOptions +from .compressionoptions import CompressionOptions +from .compressionoptionsgziplz4 import CompressionOptionsGzipLz4 +from .compressionoptionsgzipnone import CompressionOptionsGzipNone +from .compressionoptionshttp import CompressionOptionsHTTP +from .compressionoptionspq import CompressionOptionsPq +from .createoutputsystembypack_type_statsd import CreateOutputSystemByPackTypeStatsd +from .dataformatoptions import DataFormatOptions +from .datapageversionoptions import DataPageVersionOptions +from .destinationprotocoloptions import DestinationProtocolOptions +from .diskspaceprotectionoptions import DiskSpaceProtectionOptions +from .extrahttpheaderconfinputelastic import ( + ExtraHTTPHeaderConfInputElastic, + ExtraHTTPHeaderConfInputElasticTypedDict, +) +from .failedrequestloggingmodeoptions import FailedRequestLoggingModeOptions +from .googleauthenticationmethodoptions import GoogleAuthenticationMethodOptions +from .hostconfoutputsyslog import HostConfOutputSyslog, HostConfOutputSyslogTypedDict +from .kafkaschemaregistryauthenticationtypetemplateschemaregistryurlauth import ( + KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth, + KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict, +) +from .keyvaluemetadataconfoutputfilesystem import ( + KeyValueMetadataConfOutputFilesystem, + KeyValueMetadataConfOutputFilesystemTypedDict, +) +from .loglabelconfoutputgooglecloudlogging import ( + LogLabelConfOutputGoogleCloudLogging, + LogLabelConfOutputGoogleCloudLoggingTypedDict, +) +from .maxs2sversionoptions import MaxS2SVersionOptions +from .methodoptions import MethodOptions +from .microsoftentraidauthenticationendpointoptionssasl import ( + MicrosoftEntraIDAuthenticationEndpointOptionsSasl, +) +from .modeoptions import ModeOptions +from .nestedfieldserializationoptions import NestedFieldSerializationOptions +from .oauthheaderconfinputservicenowtable import ( + OauthHeaderConfInputServicenowTable, + OauthHeaderConfInputServicenowTableTypedDict, +) +from .oauthparamconfinputservicenowtable import ( + OauthParamConfInputServicenowTable, + OauthParamConfInputServicenowTableTypedDict, +) +from .objectacloptions import ObjectACLOptions +from .objectacloptionsauthenticatedreadbucketownerfullcontrol import ( + ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol, +) +from .orphanfilerecoverytype import ( + OrphanFileRecoveryType, + OrphanFileRecoveryTypeTypedDict, +) +from .parquetversionoptions import ParquetVersionOptions +from .queuefullbehavioroptions import QueueFullBehaviorOptions +from .recorddataformatoptions import RecordDataFormatOptions +from .recorddataformatoptionsjsonprotobuf import RecordDataFormatOptionsJSONProtobuf +from .regionoptions import RegionOptions +from .responseretrysettingconfoutputwebhook import ( + ResponseRetrySettingConfOutputWebhook, + ResponseRetrySettingConfOutputWebhookTypedDict, +) +from .retrysettingstype import RetrySettingsType, RetrySettingsTypeTypedDict +from .saslextensionconfinputkafka import ( + SaslExtensionConfInputKafka, + SaslExtensionConfInputKafkaTypedDict, +) +from .serversideencryptionforuploadedobjectsoptions import ( + ServerSideEncryptionForUploadedObjectsOptions, +) +from .serversideencryptionforuploadedobjectsoptionsaes256 import ( + ServerSideEncryptionForUploadedObjectsOptionsAes256, +) +from .storageclassoptions import StorageClassOptions +from .storageclassoptionsarchivecoldline import StorageClassOptionsArchiveColdline +from .storageclassoptionsreducedredundancystandard import ( + StorageClassOptionsReducedredundancyStandard, +) +from .timeoutretrysettingstype import ( + TimeoutRetrySettingsType, + TimeoutRetrySettingsTypeTypedDict, +) +from .tlssettingsclientsidetype import ( + TLSSettingsClientSideType, + TLSSettingsClientSideTypeTypedDict, +) +from .tlssettingsclientsidetypecapathcertpath import ( + TLSSettingsClientSideTypeCaPathCertPath, + TLSSettingsClientSideTypeCaPathCertPathTypedDict, +) +from .tlssettingsclientsidetypecapathcertpathextended import ( + TLSSettingsClientSideTypeCaPathCertPathExtended, + TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict, +) +from .tlssettingsclientsidetypeextended import ( + TLSSettingsClientSideTypeExtended, + TLSSettingsClientSideTypeExtendedTypedDict, +) +from cribl_control_plane import models, utils +from cribl_control_plane.types import BaseModel, UNSET_SENTINEL +from enum import Enum +import pydantic +from pydantic import field_serializer, model_serializer +from typing import List, Optional +from typing_extensions import Annotated, NotRequired, TypedDict + + +class CreateOutputSystemByPackPqControlsStatsdTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsStatsd(BaseModel): + pass + + +class CreateOutputSystemByPackOutputStatsdTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeStatsd + protocol: DestinationProtocolOptions + r"""Protocol to use when communicating with the destination.""" + host: str + r"""The hostname of the destination.""" + port: float + r"""Destination port.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + mtu: NotRequired[float] + r"""When protocol is UDP, specifies the maximum size of packets sent to the destination. Also known as the MTU for the network path to the destination system.""" + flush_period_sec: NotRequired[float] + r"""When protocol is TCP, specifies how often buffers should be flushed, resulting in records sent to the destination.""" + dns_resolve_period_sec: NotRequired[float] + r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every batch sent will incur a DNS lookup.""" + description: NotRequired[str] + throttle_rate_per_sec: NotRequired[str] + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + connection_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + write_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsStatsdTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputSystemByPackOutputStatsd(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeStatsd + + protocol: DestinationProtocolOptions + r"""Protocol to use when communicating with the destination.""" + + host: str + r"""The hostname of the destination.""" + + port: float + r"""Destination port.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + mtu: Optional[float] = None + r"""When protocol is UDP, specifies the maximum size of packets sent to the destination. Also known as the MTU for the network path to the destination system.""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""When protocol is TCP, specifies how often buffers should be flushed, resulting in records sent to the destination.""" + + dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") + ] = None + r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every batch sent will incur a DNS lookup.""" + + description: Optional[str] = None + + throttle_rate_per_sec: Annotated[ + Optional[str], pydantic.Field(alias="throttleRatePerSec") + ] = None + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + + write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( + None + ) + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsStatsd], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("protocol") + def serialize_protocol(self, value): + if isinstance(value, str): + try: + return models.DestinationProtocolOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "mtu", + "flushPeriodSec", + "dnsResolvePeriodSec", + "description", + "throttleRatePerSec", + "connectionTimeout", + "writeTimeout", + "onBackpressure", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeMinio(str, Enum): + MINIO = "minio" + + +class CreateOutputSystemByPackOutputMinioTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeMinio + bucket: str + r"""Name of the destination MinIO bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + stage_path: str + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + endpoint: str + r"""MinIO service url (e.g. http://minioHost:9000)""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] + r"""AWS authentication method. Choose Auto to use IAM roles.""" + reuse_connections: NotRequired[bool] + r"""Reuse connections between requests, which can improve performance""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + region: NotRequired[str] + r"""Region where the MinIO bucket is located""" + dest_path: NotRequired[str] + r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" + max_concurrent_file_parts: NotRequired[float] + r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" + verify_permissions: NotRequired[bool] + r"""Disable if you can access files within the bucket but not the bucket itself""" + max_closing_files_to_backpressure: NotRequired[float] + r"""Maximum number of files that can be waiting for upload before backpressure is applied""" + add_id_to_stage_path: NotRequired[bool] + r"""Add the Output ID value to staging location""" + remove_empty_dirs: NotRequired[bool] + r"""Remove empty staging directories after moving files""" + partition_expr: NotRequired[str] + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + format_: NotRequired[DataFormatOptions] + r"""Format of the output data""" + base_file_name: NotRequired[str] + r"""JavaScript expression to define the output filename prefix (can be constant)""" + file_name_suffix: NotRequired[str] + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + max_file_size_mb: NotRequired[float] + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + max_file_open_time_sec: NotRequired[float] + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + max_file_idle_time_sec: NotRequired[float] + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + max_open_files: NotRequired[float] + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + header_line: NotRequired[str] + r"""If set, this line will be written to the beginning of each output file""" + write_high_water_mark: NotRequired[float] + r"""Buffer size used to write to a file""" + on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] + r"""How to handle events when all receivers are exerting backpressure""" + deadletter_enabled: NotRequired[bool] + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + force_close_on_shutdown: NotRequired[bool] + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + retry_settings: NotRequired[RetrySettingsTypeTypedDict] + orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] + aws_secret_key: NotRequired[str] + r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" + object_acl: NotRequired[ObjectACLOptions] + r"""Object ACL to assign to uploaded objects""" + storage_class: NotRequired[StorageClassOptionsReducedredundancyStandard] + r"""Storage class to select for uploaded objects""" + server_side_encryption: NotRequired[ + ServerSideEncryptionForUploadedObjectsOptionsAes256 + ] + r"""Server-side encryption to use for uploaded objects""" + description: NotRequired[str] + aws_api_key: NotRequired[str] + r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" + aws_secret: NotRequired[str] + r"""Select or create a stored secret that references your access key and secret key""" + compress: NotRequired[CompressionOptionsHTTP] + r"""Data compression format to apply to HTTP content before it is delivered""" + compression_level: NotRequired[CompressionLevelOptions] + r"""Compression level to apply before moving files to final destination""" + automatic_schema: NotRequired[bool] + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + parquet_schema: NotRequired[str] + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + parquet_version: NotRequired[ParquetVersionOptions] + r"""Determines which data types are supported and how they are represented""" + parquet_data_page_version: NotRequired[DataPageVersionOptions] + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + parquet_row_group_length: NotRequired[float] + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + parquet_page_size: NotRequired[str] + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + should_log_invalid_rows: NotRequired[bool] + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + enable_statistics: NotRequired[bool] + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + enable_write_page_index: NotRequired[bool] + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + enable_page_checksum: NotRequired[bool] + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + empty_dir_cleanup_sec: NotRequired[float] + r"""How frequently, in seconds, to clean up empty directories""" + directory_batch_size: NotRequired[float] + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + deadletter_path: NotRequired[str] + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + max_retry_num: NotRequired[float] + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_bucket: NotRequired[str] + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_dest_path: NotRequired[str] + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + template_partition_expr: NotRequired[str] + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_base_file_name: NotRequired[str] + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + template_file_name_suffix: NotRequired[str] + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_aws_secret_key: NotRequired[str] + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + template_object_acl: NotRequired[str] + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + template_storage_class: NotRequired[str] + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + template_server_side_encryption: NotRequired[str] + r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" + template_aws_api_key: NotRequired[str] + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + template_parquet_schema: NotRequired[str] + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + +class CreateOutputSystemByPackOutputMinio(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeMinio + + bucket: str + r"""Name of the destination MinIO bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + + stage_path: Annotated[str, pydantic.Field(alias="stagePath")] + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + + endpoint: str + r"""MinIO service url (e.g. http://minioHost:9000)""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + aws_authentication_method: Annotated[ + Optional[AuthenticationMethodOptionsS3CollectorConf], + pydantic.Field(alias="awsAuthenticationMethod"), + ] = None + r"""AWS authentication method. Choose Auto to use IAM roles.""" + + reuse_connections: Annotated[ + Optional[bool], pydantic.Field(alias="reuseConnections") + ] = None + r"""Reuse connections between requests, which can improve performance""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + + region: Optional[str] = None + r"""Region where the MinIO bucket is located""" + + dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None + r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" + + max_concurrent_file_parts: Annotated[ + Optional[float], pydantic.Field(alias="maxConcurrentFileParts") + ] = None + r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" + + verify_permissions: Annotated[ + Optional[bool], pydantic.Field(alias="verifyPermissions") + ] = None + r"""Disable if you can access files within the bucket but not the bucket itself""" + + max_closing_files_to_backpressure: Annotated[ + Optional[float], pydantic.Field(alias="maxClosingFilesToBackpressure") + ] = None + r"""Maximum number of files that can be waiting for upload before backpressure is applied""" + + add_id_to_stage_path: Annotated[ + Optional[bool], pydantic.Field(alias="addIdToStagePath") + ] = None + r"""Add the Output ID value to staging location""" + + remove_empty_dirs: Annotated[ + Optional[bool], pydantic.Field(alias="removeEmptyDirs") + ] = None + r"""Remove empty staging directories after moving files""" + + partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( + None + ) + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + + format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( + None + ) + r"""Format of the output data""" + + base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( + None + ) + r"""JavaScript expression to define the output filename prefix (can be constant)""" + + file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="fileNameSuffix") + ] = None + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + + max_file_size_mb: Annotated[ + Optional[float], pydantic.Field(alias="maxFileSizeMB") + ] = None + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + + max_file_open_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") + ] = None + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + + max_file_idle_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") + ] = None + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + + max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( + None + ) + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + + header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None + r"""If set, this line will be written to the beginning of each output file""" + + write_high_water_mark: Annotated[ + Optional[float], pydantic.Field(alias="writeHighWaterMark") + ] = None + r"""Buffer size used to write to a file""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptionsBlockDrop], + pydantic.Field(alias="onBackpressure"), + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + deadletter_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="deadletterEnabled") + ] = None + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + + on_disk_full_backpressure: Annotated[ + Optional[DiskSpaceProtectionOptions], + pydantic.Field(alias="onDiskFullBackpressure"), + ] = None + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + + force_close_on_shutdown: Annotated[ + Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") + ] = None + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + + retry_settings: Annotated[ + Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") + ] = None + + orphans: Optional[OrphanFileRecoveryType] = None + + aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( + None + ) + r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" + + object_acl: Annotated[ + Optional[ObjectACLOptions], pydantic.Field(alias="objectACL") + ] = None + r"""Object ACL to assign to uploaded objects""" + + storage_class: Annotated[ + Optional[StorageClassOptionsReducedredundancyStandard], + pydantic.Field(alias="storageClass"), + ] = None + r"""Storage class to select for uploaded objects""" + + server_side_encryption: Annotated[ + Optional[ServerSideEncryptionForUploadedObjectsOptionsAes256], + pydantic.Field(alias="serverSideEncryption"), + ] = None + r"""Server-side encryption to use for uploaded objects""" + + description: Optional[str] = None + + aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None + r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" + + aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None + r"""Select or create a stored secret that references your access key and secret key""" + + compress: Optional[CompressionOptionsHTTP] = None + r"""Data compression format to apply to HTTP content before it is delivered""" + + compression_level: Annotated[ + Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") + ] = None + r"""Compression level to apply before moving files to final destination""" + + automatic_schema: Annotated[ + Optional[bool], pydantic.Field(alias="automaticSchema") + ] = None + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + + parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( + None + ) + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + + parquet_version: Annotated[ + Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") + ] = None + r"""Determines which data types are supported and how they are represented""" + + parquet_data_page_version: Annotated[ + Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") + ] = None + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + + parquet_row_group_length: Annotated[ + Optional[float], pydantic.Field(alias="parquetRowGroupLength") + ] = None + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + + parquet_page_size: Annotated[ + Optional[str], pydantic.Field(alias="parquetPageSize") + ] = None + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + + should_log_invalid_rows: Annotated[ + Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") + ] = None + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + + key_value_metadata: Annotated[ + Optional[List[KeyValueMetadataConfOutputFilesystem]], + pydantic.Field(alias="keyValueMetadata"), + ] = None + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + + enable_statistics: Annotated[ + Optional[bool], pydantic.Field(alias="enableStatistics") + ] = None + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + + enable_write_page_index: Annotated[ + Optional[bool], pydantic.Field(alias="enableWritePageIndex") + ] = None + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + + enable_page_checksum: Annotated[ + Optional[bool], pydantic.Field(alias="enablePageChecksum") + ] = None + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + + empty_dir_cleanup_sec: Annotated[ + Optional[float], pydantic.Field(alias="emptyDirCleanupSec") + ] = None + r"""How frequently, in seconds, to clean up empty directories""" + + directory_batch_size: Annotated[ + Optional[float], pydantic.Field(alias="directoryBatchSize") + ] = None + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + + deadletter_path: Annotated[ + Optional[str], pydantic.Field(alias="deadletterPath") + ] = None + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + + max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( + None + ) + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_bucket: Annotated[ + Optional[str], pydantic.Field(alias="__template_bucket") + ] = None + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_dest_path: Annotated[ + Optional[str], pydantic.Field(alias="__template_destPath") + ] = None + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + + template_partition_expr: Annotated[ + Optional[str], pydantic.Field(alias="__template_partitionExpr") + ] = None + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_base_file_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_baseFileName") + ] = None + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + + template_file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="__template_fileNameSuffix") + ] = None + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_aws_secret_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsSecretKey") + ] = None + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + + template_object_acl: Annotated[ + Optional[str], pydantic.Field(alias="__template_objectACL") + ] = None + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + + template_storage_class: Annotated[ + Optional[str], pydantic.Field(alias="__template_storageClass") + ] = None + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + + template_server_side_encryption: Annotated[ + Optional[str], pydantic.Field(alias="__template_serverSideEncryption") + ] = None + r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" + + template_aws_api_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsApiKey") + ] = None + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + template_parquet_schema: Annotated[ + Optional[str], pydantic.Field(alias="__template_parquetSchema") + ] = None + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + @field_serializer("aws_authentication_method") + def serialize_aws_authentication_method(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsS3CollectorConf(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.DataFormatOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptionsBlockDrop(value) + except ValueError: + return value + return value + + @field_serializer("on_disk_full_backpressure") + def serialize_on_disk_full_backpressure(self, value): + if isinstance(value, str): + try: + return models.DiskSpaceProtectionOptions(value) + except ValueError: + return value + return value + + @field_serializer("object_acl") + def serialize_object_acl(self, value): + if isinstance(value, str): + try: + return models.ObjectACLOptions(value) + except ValueError: + return value + return value + + @field_serializer("storage_class") + def serialize_storage_class(self, value): + if isinstance(value, str): + try: + return models.StorageClassOptionsReducedredundancyStandard(value) + except ValueError: + return value + return value + + @field_serializer("server_side_encryption") + def serialize_server_side_encryption(self, value): + if isinstance(value, str): + try: + return models.ServerSideEncryptionForUploadedObjectsOptionsAes256(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsHTTP(value) + except ValueError: + return value + return value + + @field_serializer("compression_level") + def serialize_compression_level(self, value): + if isinstance(value, str): + try: + return models.CompressionLevelOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_version") + def serialize_parquet_version(self, value): + if isinstance(value, str): + try: + return models.ParquetVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_data_page_version") + def serialize_parquet_data_page_version(self, value): + if isinstance(value, str): + try: + return models.DataPageVersionOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "awsAuthenticationMethod", + "reuseConnections", + "rejectUnauthorized", + "region", + "destPath", + "maxConcurrentFileParts", + "verifyPermissions", + "maxClosingFilesToBackpressure", + "addIdToStagePath", + "removeEmptyDirs", + "partitionExpr", + "format", + "baseFileName", + "fileNameSuffix", + "maxFileSizeMB", + "maxFileOpenTimeSec", + "maxFileIdleTimeSec", + "maxOpenFiles", + "headerLine", + "writeHighWaterMark", + "onBackpressure", + "deadletterEnabled", + "onDiskFullBackpressure", + "forceCloseOnShutdown", + "retrySettings", + "orphans", + "awsSecretKey", + "objectACL", + "storageClass", + "serverSideEncryption", + "description", + "awsApiKey", + "awsSecret", + "compress", + "compressionLevel", + "automaticSchema", + "parquetSchema", + "parquetVersion", + "parquetDataPageVersion", + "parquetRowGroupLength", + "parquetPageSize", + "shouldLogInvalidRows", + "keyValueMetadata", + "enableStatistics", + "enableWritePageIndex", + "enablePageChecksum", + "emptyDirCleanupSec", + "directoryBatchSize", + "deadletterPath", + "maxRetryNum", + "__template_streamtags", + "__template_bucket", + "__template_region", + "__template_destPath", + "__template_partitionExpr", + "__template_format", + "__template_baseFileName", + "__template_fileNameSuffix", + "__template_onBackpressure", + "__template_awsSecretKey", + "__template_objectACL", + "__template_storageClass", + "__template_serverSideEncryption", + "__template_awsApiKey", + "__template_compress", + "__template_parquetSchema", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeCloudwatch(str, Enum): + CLOUDWATCH = "cloudwatch" + + +class CreateOutputSystemByPackPqControlsCloudwatchTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsCloudwatch(BaseModel): + pass + + +class CreateOutputSystemByPackOutputCloudwatchTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeCloudwatch + log_group_name: str + r"""CloudWatch log group to associate events with""" + log_stream_name: str + r"""Prefix for CloudWatch log stream name. This prefix will be used to generate a unique log stream name per cribl instance, for example: myStream_myHost_myOutputId""" + region: str + r"""Region where the CloudWatchLogs is located""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] + r"""AWS authentication method. Choose Auto to use IAM roles.""" + aws_secret_key: NotRequired[str] + endpoint: NotRequired[str] + r"""CloudWatchLogs service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to CloudWatchLogs-compatible endpoint.""" + reuse_connections: NotRequired[bool] + r"""Reuse connections between requests, which can improve performance""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + enable_assume_role: NotRequired[bool] + r"""Use Assume Role credentials to access CloudWatchLogs""" + assume_role_arn: NotRequired[str] + r"""Amazon Resource Name (ARN) of the role to assume""" + assume_role_external_id: NotRequired[str] + r"""External ID to use when assuming role""" + duration_seconds: NotRequired[float] + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + max_queue_size: NotRequired[float] + r"""Maximum number of queued batches before blocking""" + max_record_size_kb: NotRequired[float] + r"""Maximum size (KB) of each individual record before compression. For non compressible data 1MB is the max recommended size""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + aws_api_key: NotRequired[str] + aws_secret: NotRequired[str] + r"""Select or create a stored secret that references your access key and secret key""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsCloudwatchTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_log_group_name: NotRequired[str] + r"""Binds 'logGroupName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logGroupName' at runtime.""" + template_log_stream_name: NotRequired[str] + r"""Binds 'logStreamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logStreamName' at runtime.""" + template_aws_secret_key: NotRequired[str] + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_endpoint: NotRequired[str] + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + template_assume_role_arn: NotRequired[str] + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + template_assume_role_external_id: NotRequired[str] + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_aws_api_key: NotRequired[str] + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + +class CreateOutputSystemByPackOutputCloudwatch(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeCloudwatch + + log_group_name: Annotated[str, pydantic.Field(alias="logGroupName")] + r"""CloudWatch log group to associate events with""" + + log_stream_name: Annotated[str, pydantic.Field(alias="logStreamName")] + r"""Prefix for CloudWatch log stream name. This prefix will be used to generate a unique log stream name per cribl instance, for example: myStream_myHost_myOutputId""" + + region: str + r"""Region where the CloudWatchLogs is located""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + aws_authentication_method: Annotated[ + Optional[AuthenticationMethodOptionsS3CollectorConf], + pydantic.Field(alias="awsAuthenticationMethod"), + ] = None + r"""AWS authentication method. Choose Auto to use IAM roles.""" + + aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( + None + ) + + endpoint: Optional[str] = None + r"""CloudWatchLogs service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to CloudWatchLogs-compatible endpoint.""" + + reuse_connections: Annotated[ + Optional[bool], pydantic.Field(alias="reuseConnections") + ] = None + r"""Reuse connections between requests, which can improve performance""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + + enable_assume_role: Annotated[ + Optional[bool], pydantic.Field(alias="enableAssumeRole") + ] = None + r"""Use Assume Role credentials to access CloudWatchLogs""" + + assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( + None + ) + r"""Amazon Resource Name (ARN) of the role to assume""" + + assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="assumeRoleExternalId") + ] = None + r"""External ID to use when assuming role""" + + duration_seconds: Annotated[ + Optional[float], pydantic.Field(alias="durationSeconds") + ] = None + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + + max_queue_size: Annotated[Optional[float], pydantic.Field(alias="maxQueueSize")] = ( + None + ) + r"""Maximum number of queued batches before blocking""" + + max_record_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSizeKB") + ] = None + r"""Maximum size (KB) of each individual record before compression. For non compressible data 1MB is the max recommended size""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None + + aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None + r"""Select or create a stored secret that references your access key and secret key""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsCloudwatch], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_log_group_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_logGroupName") + ] = None + r"""Binds 'logGroupName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logGroupName' at runtime.""" + + template_log_stream_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_logStreamName") + ] = None + r"""Binds 'logStreamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logStreamName' at runtime.""" + + template_aws_secret_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsSecretKey") + ] = None + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_endpoint") + ] = None + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + + template_assume_role_arn: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleArn") + ] = None + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + + template_assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") + ] = None + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_aws_api_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsApiKey") + ] = None + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + @field_serializer("aws_authentication_method") + def serialize_aws_authentication_method(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsS3CollectorConf(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "awsAuthenticationMethod", + "awsSecretKey", + "endpoint", + "reuseConnections", + "rejectUnauthorized", + "enableAssumeRole", + "assumeRoleArn", + "assumeRoleExternalId", + "durationSeconds", + "maxQueueSize", + "maxRecordSizeKB", + "flushPeriodSec", + "onBackpressure", + "description", + "awsApiKey", + "awsSecret", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_logGroupName", + "__template_logStreamName", + "__template_awsSecretKey", + "__template_region", + "__template_endpoint", + "__template_assumeRoleArn", + "__template_assumeRoleExternalId", + "__template_onBackpressure", + "__template_awsApiKey", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeInfluxdb(str, Enum): + INFLUXDB = "influxdb" + + +class CreateOutputSystemByPackTimestampPrecision( + str, Enum, metaclass=utils.OpenEnumMeta +): + r"""Sets the precision for the supplied Unix time values. Defaults to milliseconds.""" + + # Nanoseconds + NS = "ns" + # Microseconds + U = "u" + # Milliseconds + MS = "ms" + # Seconds + S = "s" + # Minutes + M = "m" + # Hours + H = "h" + + +class CreateOutputSystemByPackAuthenticationTypeInfluxdb( + str, Enum, metaclass=utils.OpenEnumMeta +): + r"""InfluxDB authentication type""" + + # None + NONE = "none" + # Basic + BASIC = "basic" + # Basic (credentials secret) + CREDENTIALS_SECRET = "credentialsSecret" + # Token + TOKEN = "token" + # Token (text secret) + TEXT_SECRET = "textSecret" + + +class CreateOutputSystemByPackPqControlsInfluxdbTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsInfluxdb(BaseModel): + pass + + +class CreateOutputSystemByPackOutputInfluxdbTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeInfluxdb + url: str + r"""URL of an InfluxDB cluster to send events to, e.g., http://localhost:8086/write""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + use_v2_api: NotRequired[bool] + r"""The v2 API can be enabled with InfluxDB versions 1.8 and later.""" + timestamp_precision: NotRequired[CreateOutputSystemByPackTimestampPrecision] + r"""Sets the precision for the supplied Unix time values. Defaults to milliseconds.""" + dynamic_value_field_name: NotRequired[bool] + r"""Enabling this will pull the value field from the metric name. E,g, 'db.query.user' will use 'db.query' as the measurement and 'user' as the value field.""" + value_field_name: NotRequired[str] + r"""Name of the field in which to store the metric when sending to InfluxDB. If dynamic generation is enabled and fails, this will be used as a fallback.""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[CreateOutputSystemByPackAuthenticationTypeInfluxdb] + r"""InfluxDB authentication type""" + description: NotRequired[str] + database: NotRequired[str] + r"""Database to write to.""" + bucket: NotRequired[str] + r"""Bucket to write to.""" + org: NotRequired[str] + r"""Organization ID for this bucket.""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsInfluxdbTypedDict] + username: NotRequired[str] + password: NotRequired[str] + token: NotRequired[str] + r"""Bearer token to include in the authorization header""" + credentials_secret: NotRequired[str] + r"""Select or create a secret that references your credentials""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_database: NotRequired[str] + r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" + template_bucket: NotRequired[str] + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + + +class CreateOutputSystemByPackOutputInfluxdb(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeInfluxdb + + url: str + r"""URL of an InfluxDB cluster to send events to, e.g., http://localhost:8086/write""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + use_v2_api: Annotated[Optional[bool], pydantic.Field(alias="useV2API")] = None + r"""The v2 API can be enabled with InfluxDB versions 1.8 and later.""" + + timestamp_precision: Annotated[ + Optional[CreateOutputSystemByPackTimestampPrecision], + pydantic.Field(alias="timestampPrecision"), + ] = None + r"""Sets the precision for the supplied Unix time values. Defaults to milliseconds.""" + + dynamic_value_field_name: Annotated[ + Optional[bool], pydantic.Field(alias="dynamicValueFieldName") + ] = None + r"""Enabling this will pull the value field from the metric name. E,g, 'db.query.user' will use 'db.query' as the measurement and 'user' as the value field.""" + + value_field_name: Annotated[ + Optional[str], pydantic.Field(alias="valueFieldName") + ] = None + r"""Name of the field in which to store the metric when sending to InfluxDB. If dynamic generation is enabled and fails, this will be used as a fallback.""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[CreateOutputSystemByPackAuthenticationTypeInfluxdb], + pydantic.Field(alias="authType"), + ] = None + r"""InfluxDB authentication type""" + + description: Optional[str] = None + + database: Optional[str] = None + r"""Database to write to.""" + + bucket: Optional[str] = None + r"""Bucket to write to.""" + + org: Optional[str] = None + r"""Organization ID for this bucket.""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsInfluxdb], + pydantic.Field(alias="pqControls"), + ] = None + + username: Optional[str] = None + + password: Optional[str] = None + + token: Optional[str] = None + r"""Bearer token to include in the authorization header""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a secret that references your credentials""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_database: Annotated[ + Optional[str], pydantic.Field(alias="__template_database") + ] = None + r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" + + template_bucket: Annotated[ + Optional[str], pydantic.Field(alias="__template_bucket") + ] = None + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + + @field_serializer("timestamp_precision") + def serialize_timestamp_precision(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackTimestampPrecision(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackAuthenticationTypeInfluxdb(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "useV2API", + "timestampPrecision", + "dynamicValueFieldName", + "valueFieldName", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "authType", + "description", + "database", + "bucket", + "org", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "username", + "password", + "token", + "credentialsSecret", + "textSecret", + "__template_streamtags", + "__template_url", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_database", + "__template_bucket", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeNewrelicEvents(str, Enum): + NEWRELIC_EVENTS = "newrelic_events" + + +class CreateOutputSystemByPackPqControlsNewrelicEventsTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsNewrelicEvents(BaseModel): + pass + + +class CreateOutputSystemByPackOutputNewrelicEventsTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeNewrelicEvents + account_id: str + r"""New Relic account ID""" + event_type: str + r"""Default New Relic eventType to use when event type is not present. For more information, see the [New Relic eventType documentation](https://docs.newrelic.com/docs/telemetry-data-platform/custom-data/custom-events/data-requirements-limits-custom-event-data/#reserved-words).""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + region: NotRequired[RegionOptions] + r"""Which New Relic region endpoint to use.""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[AuthenticationMethodOptionsAPI] + r"""Enter API key directly, or select a stored secret""" + description: NotRequired[str] + custom_url: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsNewrelicEventsTypedDict] + api_key: NotRequired[str] + r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_account_id: NotRequired[str] + r"""Binds 'accountId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'accountId' at runtime.""" + template_event_type: NotRequired[str] + r"""Binds 'eventType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'eventType' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_custom_url: NotRequired[str] + r"""Binds 'customUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customUrl' at runtime.""" + + +class CreateOutputSystemByPackOutputNewrelicEvents(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeNewrelicEvents + + account_id: Annotated[str, pydantic.Field(alias="accountId")] + r"""New Relic account ID""" + + event_type: Annotated[str, pydantic.Field(alias="eventType")] + r"""Default New Relic eventType to use when event type is not present. For more information, see the [New Relic eventType documentation](https://docs.newrelic.com/docs/telemetry-data-platform/custom-data/custom-events/data-requirements-limits-custom-event-data/#reserved-words).""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + region: Optional[RegionOptions] = None + r"""Which New Relic region endpoint to use.""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAPI], pydantic.Field(alias="authType") + ] = None + r"""Enter API key directly, or select a stored secret""" + + description: Optional[str] = None + + custom_url: Annotated[Optional[str], pydantic.Field(alias="customUrl")] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsNewrelicEvents], + pydantic.Field(alias="pqControls"), + ] = None + + api_key: Annotated[Optional[str], pydantic.Field(alias="apiKey")] = None + r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_account_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_accountId") + ] = None + r"""Binds 'accountId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'accountId' at runtime.""" + + template_event_type: Annotated[ + Optional[str], pydantic.Field(alias="__template_eventType") + ] = None + r"""Binds 'eventType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'eventType' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_custom_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_customUrl") + ] = None + r"""Binds 'customUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customUrl' at runtime.""" + + @field_serializer("region") + def serialize_region(self, value): + if isinstance(value, str): + try: + return models.RegionOptions(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAPI(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "region", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "authType", + "description", + "customUrl", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "apiKey", + "textSecret", + "__template_streamtags", + "__template_region", + "__template_accountId", + "__template_eventType", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_customUrl", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeNewrelic(str, Enum): + NEWRELIC = "newrelic" + + +class CreateOutputSystemByPackFieldName(str, Enum, metaclass=utils.OpenEnumMeta): + SERVICE = "service" + HOSTNAME = "hostname" + TIMESTAMP = "timestamp" + AUDIT_ID = "auditId" + + +class CreateOutputSystemByPackMetadatumTypedDict(TypedDict): + name: CreateOutputSystemByPackFieldName + value: str + r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)""" + + +class CreateOutputSystemByPackMetadatum(BaseModel): + name: CreateOutputSystemByPackFieldName + + value: str + r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)""" + + @field_serializer("name") + def serialize_name(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackFieldName(value) + except ValueError: + return value + return value + + +class CreateOutputSystemByPackPqControlsNewrelicTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsNewrelic(BaseModel): + pass + + +class CreateOutputSystemByPackOutputNewrelicTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeNewrelic + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + region: NotRequired[RegionOptions] + r"""Which New Relic region endpoint to use.""" + log_type: NotRequired[str] + r"""Name of the logtype to send with events, e.g.: observability, access_log. The event's 'sourcetype' field (if set) will override this value.""" + message_field: NotRequired[str] + r"""Name of field to send as log message value. If not present, event will be serialized and sent as JSON.""" + metadata: NotRequired[List[CreateOutputSystemByPackMetadatumTypedDict]] + r"""Fields to add to events from this input""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[AuthenticationMethodOptionsAPI] + r"""Enter API key directly, or select a stored secret""" + total_memory_limit_kb: NotRequired[float] + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + description: NotRequired[str] + custom_url: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsNewrelicTypedDict] + api_key: NotRequired[str] + r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_log_type: NotRequired[str] + r"""Binds 'logType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logType' at runtime.""" + template_message_field: NotRequired[str] + r"""Binds 'messageField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'messageField' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputSystemByPackOutputNewrelic(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeNewrelic + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + region: Optional[RegionOptions] = None + r"""Which New Relic region endpoint to use.""" + + log_type: Annotated[Optional[str], pydantic.Field(alias="logType")] = None + r"""Name of the logtype to send with events, e.g.: observability, access_log. The event's 'sourcetype' field (if set) will override this value.""" + + message_field: Annotated[Optional[str], pydantic.Field(alias="messageField")] = None + r"""Name of field to send as log message value. If not present, event will be serialized and sent as JSON.""" + + metadata: Optional[List[CreateOutputSystemByPackMetadatum]] = None + r"""Fields to add to events from this input""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAPI], pydantic.Field(alias="authType") + ] = None + r"""Enter API key directly, or select a stored secret""" + + total_memory_limit_kb: Annotated[ + Optional[float], pydantic.Field(alias="totalMemoryLimitKB") + ] = None + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + + description: Optional[str] = None + + custom_url: Annotated[Optional[str], pydantic.Field(alias="customUrl")] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsNewrelic], + pydantic.Field(alias="pqControls"), + ] = None + + api_key: Annotated[Optional[str], pydantic.Field(alias="apiKey")] = None + r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_log_type: Annotated[ + Optional[str], pydantic.Field(alias="__template_logType") + ] = None + r"""Binds 'logType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logType' at runtime.""" + + template_message_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_messageField") + ] = None + r"""Binds 'messageField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'messageField' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("region") + def serialize_region(self, value): + if isinstance(value, str): + try: + return models.RegionOptions(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAPI(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "region", + "logType", + "messageField", + "metadata", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "authType", + "totalMemoryLimitKB", + "description", + "customUrl", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "apiKey", + "textSecret", + "__template_streamtags", + "__template_region", + "__template_logType", + "__template_messageField", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeElasticCloud(str, Enum): + ELASTIC_CLOUD = "elastic_cloud" + + +class CreateOutputSystemByPackPqControlsElasticCloudTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsElasticCloud(BaseModel): + pass + + +class CreateOutputSystemByPackOutputElasticCloudTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeElasticCloud + url: str + r"""Enter Cloud ID of the Elastic Cloud environment to send events to""" + index: str + r"""Data stream or index to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + extra_params: NotRequired[List[SaslExtensionConfInputKafkaTypedDict]] + r"""Extra parameters to use in HTTP requests""" + auth: NotRequired[AuthTypeTemplatemanualAPIKeyAuthTypeTypedDict] + elastic_pipeline: NotRequired[str] + r"""Optional Elastic Cloud Destination pipeline""" + include_doc_id: NotRequired[bool] + r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsElasticCloudTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + template_index: NotRequired[str] + r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_elastic_pipeline: NotRequired[str] + r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputSystemByPackOutputElasticCloud(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeElasticCloud + + url: str + r"""Enter Cloud ID of the Elastic Cloud environment to send events to""" + + index: str + r"""Data stream or index to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + extra_params: Annotated[ + Optional[List[SaslExtensionConfInputKafka]], pydantic.Field(alias="extraParams") + ] = None + r"""Extra parameters to use in HTTP requests""" + + auth: Optional[AuthTypeTemplatemanualAPIKeyAuthType] = None + + elastic_pipeline: Annotated[ + Optional[str], pydantic.Field(alias="elasticPipeline") + ] = None + r"""Optional Elastic Cloud Destination pipeline""" + + include_doc_id: Annotated[Optional[bool], pydantic.Field(alias="includeDocId")] = ( + None + ) + r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsElasticCloud], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + template_index: Annotated[ + Optional[str], pydantic.Field(alias="__template_index") + ] = None + r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_elastic_pipeline: Annotated[ + Optional[str], pydantic.Field(alias="__template_elasticPipeline") + ] = None + r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "failedRequestLoggingMode", + "safeHeaders", + "extraParams", + "auth", + "elasticPipeline", + "includeDocId", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "description", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_url", + "__template_index", + "__template_failedRequestLoggingMode", + "__template_elasticPipeline", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeElastic(str, Enum): + ELASTIC = "elastic" + + +class CreateOutputSystemByPackElasticVersion(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Optional Elasticsearch version, used to format events. If not specified, will auto-discover version.""" + + # Auto + AUTO = "auto" + # 6.x + SIX = "6" + # 7.x + SEVEN = "7" + + +class CreateOutputSystemByPackWriteAction(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Action to use when writing events. Must be set to `Create` when writing to a data stream.""" + + # Index + INDEX = "index" + # Create + CREATE = "create" + + +class CreateOutputSystemByPackURLElasticTypedDict(TypedDict): + url: str + r"""The URL to an Elastic node to send events to. Example: http://elastic:9200/_bulk""" + weight: NotRequired[float] + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + +class CreateOutputSystemByPackURLElastic(BaseModel): + url: str + r"""The URL to an Elastic node to send events to. Example: http://elastic:9200/_bulk""" + + weight: Optional[float] = None + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["weight", "__template_url"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackPqControlsElasticTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsElastic(BaseModel): + pass + + +class CreateOutputSystemByPackOutputElasticTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeElastic + index: str + r"""Index or data stream to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + load_balanced: NotRequired[bool] + r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" + doc_type: NotRequired[str] + r"""Document type to use for events. Can be overwritten by an event's __type field.""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + extra_params: NotRequired[List[SaslExtensionConfInputKafkaTypedDict]] + auth: NotRequired[AuthTypeTemplatemanualAPIKeyAuthTypeTypedDict] + elastic_version: NotRequired[CreateOutputSystemByPackElasticVersion] + r"""Optional Elasticsearch version, used to format events. If not specified, will auto-discover version.""" + elastic_pipeline: NotRequired[str] + r"""Optional Elasticsearch destination pipeline""" + include_doc_id: NotRequired[bool] + r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" + write_action: NotRequired[CreateOutputSystemByPackWriteAction] + r"""Action to use when writing events. Must be set to `Create` when writing to a data stream.""" + retry_partial_errors: NotRequired[bool] + r"""Retry failed events when a bulk request to Elastic is successful, but the response body returns an error for one or more events in the batch""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + url: NotRequired[str] + r"""The Cloud ID or URL to an Elastic cluster to send events to. Example: http://elastic:9200/_bulk""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + exclude_self: NotRequired[bool] + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + urls: NotRequired[List[CreateOutputSystemByPackURLElasticTypedDict]] + dns_resolve_period_sec: NotRequired[float] + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + load_balance_stats_period_sec: NotRequired[float] + r"""How far back in time to keep traffic stats for load balancing purposes""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsElasticTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_index: NotRequired[str] + r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" + template_doc_type: NotRequired[str] + r"""Binds 'docType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'docType' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_elastic_pipeline: NotRequired[str] + r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + +class CreateOutputSystemByPackOutputElastic(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeElastic + + index: str + r"""Index or data stream to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( + None + ) + r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" + + doc_type: Annotated[Optional[str], pydantic.Field(alias="docType")] = None + r"""Document type to use for events. Can be overwritten by an event's __type field.""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + extra_params: Annotated[ + Optional[List[SaslExtensionConfInputKafka]], pydantic.Field(alias="extraParams") + ] = None + + auth: Optional[AuthTypeTemplatemanualAPIKeyAuthType] = None + + elastic_version: Annotated[ + Optional[CreateOutputSystemByPackElasticVersion], + pydantic.Field(alias="elasticVersion"), + ] = None + r"""Optional Elasticsearch version, used to format events. If not specified, will auto-discover version.""" + + elastic_pipeline: Annotated[ + Optional[str], pydantic.Field(alias="elasticPipeline") + ] = None + r"""Optional Elasticsearch destination pipeline""" + + include_doc_id: Annotated[Optional[bool], pydantic.Field(alias="includeDocId")] = ( + None + ) + r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" + + write_action: Annotated[ + Optional[CreateOutputSystemByPackWriteAction], + pydantic.Field(alias="writeAction"), + ] = None + r"""Action to use when writing events. Must be set to `Create` when writing to a data stream.""" + + retry_partial_errors: Annotated[ + Optional[bool], pydantic.Field(alias="retryPartialErrors") + ] = None + r"""Retry failed events when a bulk request to Elastic is successful, but the response body returns an error for one or more events in the batch""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + url: Optional[str] = None + r"""The Cloud ID or URL to an Elastic cluster to send events to. Example: http://elastic:9200/_bulk""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + + urls: Optional[List[CreateOutputSystemByPackURLElastic]] = None + + dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") + ] = None + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + + load_balance_stats_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") + ] = None + r"""How far back in time to keep traffic stats for load balancing purposes""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsElastic], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_index: Annotated[ + Optional[str], pydantic.Field(alias="__template_index") + ] = None + r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" + + template_doc_type: Annotated[ + Optional[str], pydantic.Field(alias="__template_docType") + ] = None + r"""Binds 'docType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'docType' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_elastic_pipeline: Annotated[ + Optional[str], pydantic.Field(alias="__template_elasticPipeline") + ] = None + r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("elastic_version") + def serialize_elastic_version(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackElasticVersion(value) + except ValueError: + return value + return value + + @field_serializer("write_action") + def serialize_write_action(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackWriteAction(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "loadBalanced", + "docType", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "extraParams", + "auth", + "elasticVersion", + "elasticPipeline", + "includeDocId", + "writeAction", + "retryPartialErrors", + "onBackpressure", + "description", + "url", + "useRoundRobinDns", + "excludeSelf", + "urls", + "dnsResolvePeriodSec", + "loadBalanceStatsPeriodSec", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_index", + "__template_docType", + "__template_failedRequestLoggingMode", + "__template_elasticPipeline", + "__template_onBackpressure", + "__template_url", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeMsk(str, Enum): + MSK = "msk" + + +class CreateOutputSystemByPackPqControlsMskTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsMsk(BaseModel): + pass + + +class CreateOutputSystemByPackOutputMskTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeMsk + brokers: List[str] + r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" + topic: str + r"""The topic to publish events to. Can be overridden using the __topicOut field.""" + aws_authentication_method: AuthenticationMethodOptionsS3CollectorConf + r"""AWS authentication method. Choose Auto to use IAM roles.""" + region: str + r"""Region where the MSK cluster is located""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + ack: NotRequired[AcknowledgmentsOptionsAllLeader] + r"""Control the number of required acknowledgments.""" + format_: NotRequired[RecordDataFormatOptionsJSONProtobuf] + r"""Format to use to serialize events before writing to Kafka.""" + compression: NotRequired[CompressionOptionsGzipLz4] + r"""Codec to use to compress the data before sending to Kafka""" + max_record_size_kb: NotRequired[float] + r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" + flush_event_count: NotRequired[float] + r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" + flush_period_sec: NotRequired[float] + r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" + kafka_schema_registry: NotRequired[ + KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict + ] + connection_timeout: NotRequired[float] + r"""Maximum time to wait for a connection to complete successfully""" + request_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to a request""" + max_retries: NotRequired[float] + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + max_back_off: NotRequired[float] + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + initial_backoff: NotRequired[float] + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + backoff_rate: NotRequired[float] + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + authentication_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to an authentication request""" + reauthentication_threshold: NotRequired[float] + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + aws_secret_key: NotRequired[str] + endpoint: NotRequired[str] + r"""MSK cluster service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to MSK cluster-compatible endpoint.""" + reuse_connections: NotRequired[bool] + r"""Reuse connections between requests, which can improve performance""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + enable_assume_role: NotRequired[bool] + r"""Use Assume Role credentials to access MSK""" + assume_role_arn: NotRequired[str] + r"""Amazon Resource Name (ARN) of the role to assume""" + assume_role_external_id: NotRequired[str] + r"""External ID to use when assuming role""" + duration_seconds: NotRequired[float] + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + aws_api_key: NotRequired[str] + aws_secret: NotRequired[str] + r"""Select or create a stored secret that references your access key and secret key""" + protobuf_library_id: NotRequired[str] + r"""Select a set of Protobuf definitions for the events you want to send""" + protobuf_encoding_id: NotRequired[str] + r"""Select the type of object you want the Protobuf definitions to use for event encoding""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsMskTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_topic: NotRequired[str] + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_compression: NotRequired[str] + r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" + template_aws_secret_key: NotRequired[str] + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_endpoint: NotRequired[str] + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + template_assume_role_arn: NotRequired[str] + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + template_assume_role_external_id: NotRequired[str] + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_aws_api_key: NotRequired[str] + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + +class CreateOutputSystemByPackOutputMsk(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeMsk + + brokers: List[str] + r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" + + topic: str + r"""The topic to publish events to. Can be overridden using the __topicOut field.""" + + aws_authentication_method: Annotated[ + AuthenticationMethodOptionsS3CollectorConf, + pydantic.Field(alias="awsAuthenticationMethod"), + ] + r"""AWS authentication method. Choose Auto to use IAM roles.""" + + region: str + r"""Region where the MSK cluster is located""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + ack: Optional[AcknowledgmentsOptionsAllLeader] = None + r"""Control the number of required acknowledgments.""" + + format_: Annotated[ + Optional[RecordDataFormatOptionsJSONProtobuf], pydantic.Field(alias="format") + ] = None + r"""Format to use to serialize events before writing to Kafka.""" + + compression: Optional[CompressionOptionsGzipLz4] = None + r"""Codec to use to compress the data before sending to Kafka""" + + max_record_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSizeKB") + ] = None + r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" + + flush_event_count: Annotated[ + Optional[float], pydantic.Field(alias="flushEventCount") + ] = None + r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" + + kafka_schema_registry: Annotated[ + Optional[KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth], + pydantic.Field(alias="kafkaSchemaRegistry"), + ] = None + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Maximum time to wait for a connection to complete successfully""" + + request_timeout: Annotated[ + Optional[float], pydantic.Field(alias="requestTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to a request""" + + max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + + max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + + initial_backoff: Annotated[ + Optional[float], pydantic.Field(alias="initialBackoff") + ] = None + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + + backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + + authentication_timeout: Annotated[ + Optional[float], pydantic.Field(alias="authenticationTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to an authentication request""" + + reauthentication_threshold: Annotated[ + Optional[float], pydantic.Field(alias="reauthenticationThreshold") + ] = None + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + + aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( + None + ) + + endpoint: Optional[str] = None + r"""MSK cluster service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to MSK cluster-compatible endpoint.""" + + reuse_connections: Annotated[ + Optional[bool], pydantic.Field(alias="reuseConnections") + ] = None + r"""Reuse connections between requests, which can improve performance""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + + enable_assume_role: Annotated[ + Optional[bool], pydantic.Field(alias="enableAssumeRole") + ] = None + r"""Use Assume Role credentials to access MSK""" + + assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( + None + ) + r"""Amazon Resource Name (ARN) of the role to assume""" + + assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="assumeRoleExternalId") + ] = None + r"""External ID to use when assuming role""" + + duration_seconds: Annotated[ + Optional[float], pydantic.Field(alias="durationSeconds") + ] = None + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None + + aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None + r"""Select or create a stored secret that references your access key and secret key""" + + protobuf_library_id: Annotated[ + Optional[str], pydantic.Field(alias="protobufLibraryId") + ] = None + r"""Select a set of Protobuf definitions for the events you want to send""" + + protobuf_encoding_id: Annotated[ + Optional[str], pydantic.Field(alias="protobufEncodingId") + ] = None + r"""Select the type of object you want the Protobuf definitions to use for event encoding""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsMsk], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_topic: Annotated[ + Optional[str], pydantic.Field(alias="__template_topic") + ] = None + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_compression: Annotated[ + Optional[str], pydantic.Field(alias="__template_compression") + ] = None + r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" + + template_aws_secret_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsSecretKey") + ] = None + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_endpoint") + ] = None + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + + template_assume_role_arn: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleArn") + ] = None + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + + template_assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") + ] = None + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_aws_api_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsApiKey") + ] = None + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + @field_serializer("ack") + def serialize_ack(self, value): + if isinstance(value, str): + try: + return models.AcknowledgmentsOptionsAllLeader(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.RecordDataFormatOptionsJSONProtobuf(value) + except ValueError: + return value + return value + + @field_serializer("compression") + def serialize_compression(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsGzipLz4(value) + except ValueError: + return value + return value + + @field_serializer("aws_authentication_method") + def serialize_aws_authentication_method(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsS3CollectorConf(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "ack", + "format", + "compression", + "maxRecordSizeKB", + "flushEventCount", + "flushPeriodSec", + "kafkaSchemaRegistry", + "connectionTimeout", + "requestTimeout", + "maxRetries", + "maxBackOff", + "initialBackoff", + "backoffRate", + "authenticationTimeout", + "reauthenticationThreshold", + "awsSecretKey", + "endpoint", + "reuseConnections", + "rejectUnauthorized", + "enableAssumeRole", + "assumeRoleArn", + "assumeRoleExternalId", + "durationSeconds", + "tls", + "onBackpressure", + "description", + "awsApiKey", + "awsSecret", + "protobufLibraryId", + "protobufEncodingId", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_topic", + "__template_format", + "__template_compression", + "__template_awsSecretKey", + "__template_region", + "__template_endpoint", + "__template_assumeRoleArn", + "__template_assumeRoleExternalId", + "__template_onBackpressure", + "__template_awsApiKey", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeConfluentCloud(str, Enum): + CONFLUENT_CLOUD = "confluent_cloud" + + +class CreateOutputSystemByPackPqControlsConfluentCloudTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsConfluentCloud(BaseModel): + pass + + +class CreateOutputSystemByPackOutputConfluentCloudTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeConfluentCloud + brokers: List[str] + r"""List of Confluent Cloud bootstrap servers to use, such as yourAccount.confluent.cloud:9092.""" + topic: str + r"""The topic to publish events to. Can be overridden using the __topicOut field.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] + ack: NotRequired[AcknowledgmentsOptionsAllLeader] + r"""Control the number of required acknowledgments.""" + format_: NotRequired[RecordDataFormatOptionsJSONProtobuf] + r"""Format to use to serialize events before writing to Kafka.""" + compression: NotRequired[CompressionOptionsGzipLz4] + r"""Codec to use to compress the data before sending to Kafka""" + max_record_size_kb: NotRequired[float] + r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" + flush_event_count: NotRequired[float] + r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" + flush_period_sec: NotRequired[float] + r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" + kafka_schema_registry: NotRequired[ + KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict + ] + connection_timeout: NotRequired[float] + r"""Maximum time to wait for a connection to complete successfully""" + request_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to a request""" + max_retries: NotRequired[float] + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + max_back_off: NotRequired[float] + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + initial_backoff: NotRequired[float] + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + backoff_rate: NotRequired[float] + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + authentication_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to an authentication request""" + reauthentication_threshold: NotRequired[float] + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + sasl: NotRequired[AuthenticationTypeTypedDict] + r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + protobuf_library_id: NotRequired[str] + r"""Select a set of Protobuf definitions for the events you want to send""" + protobuf_encoding_id: NotRequired[str] + r"""Select the type of object you want the Protobuf definitions to use for event encoding""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsConfluentCloudTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_brokers: NotRequired[str] + r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" + template_topic: NotRequired[str] + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_compression: NotRequired[str] + r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputSystemByPackOutputConfluentCloud(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeConfluentCloud + + brokers: List[str] + r"""List of Confluent Cloud bootstrap servers to use, such as yourAccount.confluent.cloud:9092.""" + + topic: str + r"""The topic to publish events to. Can be overridden using the __topicOut field.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None + + ack: Optional[AcknowledgmentsOptionsAllLeader] = None + r"""Control the number of required acknowledgments.""" + + format_: Annotated[ + Optional[RecordDataFormatOptionsJSONProtobuf], pydantic.Field(alias="format") + ] = None + r"""Format to use to serialize events before writing to Kafka.""" + + compression: Optional[CompressionOptionsGzipLz4] = None + r"""Codec to use to compress the data before sending to Kafka""" + + max_record_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSizeKB") + ] = None + r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" + + flush_event_count: Annotated[ + Optional[float], pydantic.Field(alias="flushEventCount") + ] = None + r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" + + kafka_schema_registry: Annotated[ + Optional[KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth], + pydantic.Field(alias="kafkaSchemaRegistry"), + ] = None + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Maximum time to wait for a connection to complete successfully""" + + request_timeout: Annotated[ + Optional[float], pydantic.Field(alias="requestTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to a request""" + + max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + + max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + + initial_backoff: Annotated[ + Optional[float], pydantic.Field(alias="initialBackoff") + ] = None + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + + backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + + authentication_timeout: Annotated[ + Optional[float], pydantic.Field(alias="authenticationTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to an authentication request""" + + reauthentication_threshold: Annotated[ + Optional[float], pydantic.Field(alias="reauthenticationThreshold") + ] = None + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + + sasl: Optional[AuthenticationType] = None + r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + protobuf_library_id: Annotated[ + Optional[str], pydantic.Field(alias="protobufLibraryId") + ] = None + r"""Select a set of Protobuf definitions for the events you want to send""" + + protobuf_encoding_id: Annotated[ + Optional[str], pydantic.Field(alias="protobufEncodingId") + ] = None + r"""Select the type of object you want the Protobuf definitions to use for event encoding""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsConfluentCloud], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_brokers: Annotated[ + Optional[str], pydantic.Field(alias="__template_brokers") + ] = None + r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" + + template_topic: Annotated[ + Optional[str], pydantic.Field(alias="__template_topic") + ] = None + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_compression: Annotated[ + Optional[str], pydantic.Field(alias="__template_compression") + ] = None + r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("ack") + def serialize_ack(self, value): + if isinstance(value, str): + try: + return models.AcknowledgmentsOptionsAllLeader(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.RecordDataFormatOptionsJSONProtobuf(value) + except ValueError: + return value + return value + + @field_serializer("compression") + def serialize_compression(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsGzipLz4(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "tls", + "ack", + "format", + "compression", + "maxRecordSizeKB", + "flushEventCount", + "flushPeriodSec", + "kafkaSchemaRegistry", + "connectionTimeout", + "requestTimeout", + "maxRetries", + "maxBackOff", + "initialBackoff", + "backoffRate", + "authenticationTimeout", + "reauthenticationThreshold", + "sasl", + "onBackpressure", + "description", + "protobufLibraryId", + "protobufEncodingId", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_brokers", + "__template_topic", + "__template_format", + "__template_compression", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeKafka(str, Enum): + KAFKA = "kafka" + + +class CreateOutputSystemByPackPqControlsKafkaTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsKafka(BaseModel): + pass + + +class CreateOutputSystemByPackOutputKafkaTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeKafka + brokers: List[str] + r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" + topic: str + r"""The topic to publish events to. Can be overridden using the __topicOut field.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + ack: NotRequired[AcknowledgmentsOptionsAllLeader] + r"""Control the number of required acknowledgments.""" + format_: NotRequired[RecordDataFormatOptionsJSONProtobuf] + r"""Format to use to serialize events before writing to Kafka.""" + compression: NotRequired[CompressionOptionsGzipLz4] + r"""Codec to use to compress the data before sending to Kafka""" + max_record_size_kb: NotRequired[float] + r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" + flush_event_count: NotRequired[float] + r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" + flush_period_sec: NotRequired[float] + r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" + kafka_schema_registry: NotRequired[ + KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict + ] + connection_timeout: NotRequired[float] + r"""Maximum time to wait for a connection to complete successfully""" + request_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to a request""" + max_retries: NotRequired[float] + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + max_back_off: NotRequired[float] + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + initial_backoff: NotRequired[float] + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + backoff_rate: NotRequired[float] + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + authentication_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to an authentication request""" + reauthentication_threshold: NotRequired[float] + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + sasl: NotRequired[AuthenticationTypeTypedDict] + r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + protobuf_library_id: NotRequired[str] + r"""Select a set of Protobuf definitions for the events you want to send""" + protobuf_encoding_id: NotRequired[str] + r"""Select the type of object you want the Protobuf definitions to use for event encoding""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsKafkaTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_topic: NotRequired[str] + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_compression: NotRequired[str] + r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputSystemByPackOutputKafka(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeKafka + + brokers: List[str] + r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" + + topic: str + r"""The topic to publish events to. Can be overridden using the __topicOut field.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + ack: Optional[AcknowledgmentsOptionsAllLeader] = None + r"""Control the number of required acknowledgments.""" + + format_: Annotated[ + Optional[RecordDataFormatOptionsJSONProtobuf], pydantic.Field(alias="format") + ] = None + r"""Format to use to serialize events before writing to Kafka.""" + + compression: Optional[CompressionOptionsGzipLz4] = None + r"""Codec to use to compress the data before sending to Kafka""" + + max_record_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSizeKB") + ] = None + r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" + + flush_event_count: Annotated[ + Optional[float], pydantic.Field(alias="flushEventCount") + ] = None + r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" + + kafka_schema_registry: Annotated[ + Optional[KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth], + pydantic.Field(alias="kafkaSchemaRegistry"), + ] = None + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Maximum time to wait for a connection to complete successfully""" + + request_timeout: Annotated[ + Optional[float], pydantic.Field(alias="requestTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to a request""" + + max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + + max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + + initial_backoff: Annotated[ + Optional[float], pydantic.Field(alias="initialBackoff") + ] = None + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + + backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + + authentication_timeout: Annotated[ + Optional[float], pydantic.Field(alias="authenticationTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to an authentication request""" + + reauthentication_threshold: Annotated[ + Optional[float], pydantic.Field(alias="reauthenticationThreshold") + ] = None + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + + sasl: Optional[AuthenticationType] = None + r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + protobuf_library_id: Annotated[ + Optional[str], pydantic.Field(alias="protobufLibraryId") + ] = None + r"""Select a set of Protobuf definitions for the events you want to send""" + + protobuf_encoding_id: Annotated[ + Optional[str], pydantic.Field(alias="protobufEncodingId") + ] = None + r"""Select the type of object you want the Protobuf definitions to use for event encoding""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsKafka], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_topic: Annotated[ + Optional[str], pydantic.Field(alias="__template_topic") + ] = None + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_compression: Annotated[ + Optional[str], pydantic.Field(alias="__template_compression") + ] = None + r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("ack") + def serialize_ack(self, value): + if isinstance(value, str): + try: + return models.AcknowledgmentsOptionsAllLeader(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.RecordDataFormatOptionsJSONProtobuf(value) + except ValueError: + return value + return value + + @field_serializer("compression") + def serialize_compression(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsGzipLz4(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "ack", + "format", + "compression", + "maxRecordSizeKB", + "flushEventCount", + "flushPeriodSec", + "kafkaSchemaRegistry", + "connectionTimeout", + "requestTimeout", + "maxRetries", + "maxBackOff", + "initialBackoff", + "backoffRate", + "authenticationTimeout", + "reauthenticationThreshold", + "sasl", + "tls", + "onBackpressure", + "description", + "protobufLibraryId", + "protobufEncodingId", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_topic", + "__template_format", + "__template_compression", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeExabeam(str, Enum): + EXABEAM = "exabeam" + + +class CreateOutputSystemByPackOutputExabeamTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeExabeam + bucket: str + r"""Name of the destination bucket. A constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a JavaScript Global Variable: `myBucket-${C.vars.myVar}`.""" + region: str + r"""Region where the bucket is located""" + stage_path: str + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + endpoint: str + r"""Google Cloud Storage service endpoint""" + collector_instance_id: str + r"""ID of the Exabeam Collector where data should be sent. Example: 11112222-3333-4444-5555-666677778888 + + """ + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + object_acl: NotRequired[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol] + r"""Object ACL to assign to uploaded objects""" + storage_class: NotRequired[StorageClassOptionsArchiveColdline] + r"""Storage class to select for uploaded objects""" + reuse_connections: NotRequired[bool] + r"""Reuse connections between requests, which can improve performance""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + add_id_to_stage_path: NotRequired[bool] + r"""Add the Output ID value to staging location""" + remove_empty_dirs: NotRequired[bool] + r"""Remove empty staging directories after moving files""" + max_file_open_time_sec: NotRequired[float] + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + max_file_idle_time_sec: NotRequired[float] + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + max_open_files: NotRequired[float] + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] + r"""How to handle events when all receivers are exerting backpressure""" + deadletter_enabled: NotRequired[bool] + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + retry_settings: NotRequired[RetrySettingsTypeTypedDict] + orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] + max_file_size_mb: NotRequired[float] + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + encoded_configuration: NotRequired[str] + r"""Enter an encoded string containing Exabeam configurations""" + site_name: NotRequired[str] + r"""Constant or JavaScript expression to create an Exabeam site name. Values that aren't successfully evaluated will be treated as string constants.""" + site_id: NotRequired[str] + r"""Exabeam site ID. If left blank, @{product} will use the value of the Exabeam site name.""" + timezone_offset: NotRequired[str] + aws_api_key: NotRequired[str] + r"""HMAC access key. Can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" + aws_secret_key: NotRequired[str] + r"""HMAC secret. Can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" + description: NotRequired[str] + empty_dir_cleanup_sec: NotRequired[float] + r"""How frequently, in seconds, to clean up empty directories""" + directory_batch_size: NotRequired[float] + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + deadletter_path: NotRequired[str] + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + max_retry_num: NotRequired[float] + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_endpoint: NotRequired[str] + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + template_object_acl: NotRequired[str] + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + template_storage_class: NotRequired[str] + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputSystemByPackOutputExabeam(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeExabeam + + bucket: str + r"""Name of the destination bucket. A constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a JavaScript Global Variable: `myBucket-${C.vars.myVar}`.""" + + region: str + r"""Region where the bucket is located""" + + stage_path: Annotated[str, pydantic.Field(alias="stagePath")] + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + + endpoint: str + r"""Google Cloud Storage service endpoint""" + + collector_instance_id: Annotated[str, pydantic.Field(alias="collectorInstanceId")] + r"""ID of the Exabeam Collector where data should be sent. Example: 11112222-3333-4444-5555-666677778888 + + """ + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + object_acl: Annotated[ + Optional[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol], + pydantic.Field(alias="objectACL"), + ] = None + r"""Object ACL to assign to uploaded objects""" + + storage_class: Annotated[ + Optional[StorageClassOptionsArchiveColdline], + pydantic.Field(alias="storageClass"), + ] = None + r"""Storage class to select for uploaded objects""" + + reuse_connections: Annotated[ + Optional[bool], pydantic.Field(alias="reuseConnections") + ] = None + r"""Reuse connections between requests, which can improve performance""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + + add_id_to_stage_path: Annotated[ + Optional[bool], pydantic.Field(alias="addIdToStagePath") + ] = None + r"""Add the Output ID value to staging location""" + + remove_empty_dirs: Annotated[ + Optional[bool], pydantic.Field(alias="removeEmptyDirs") + ] = None + r"""Remove empty staging directories after moving files""" + + max_file_open_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") + ] = None + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + + max_file_idle_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") + ] = None + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + + max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( + None + ) + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptionsBlockDrop], + pydantic.Field(alias="onBackpressure"), + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + deadletter_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="deadletterEnabled") + ] = None + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + + on_disk_full_backpressure: Annotated[ + Optional[DiskSpaceProtectionOptions], + pydantic.Field(alias="onDiskFullBackpressure"), + ] = None + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + + retry_settings: Annotated[ + Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") + ] = None + + orphans: Optional[OrphanFileRecoveryType] = None + + max_file_size_mb: Annotated[ + Optional[float], pydantic.Field(alias="maxFileSizeMB") + ] = None + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + + encoded_configuration: Annotated[ + Optional[str], pydantic.Field(alias="encodedConfiguration") + ] = None + r"""Enter an encoded string containing Exabeam configurations""" + + site_name: Annotated[Optional[str], pydantic.Field(alias="siteName")] = None + r"""Constant or JavaScript expression to create an Exabeam site name. Values that aren't successfully evaluated will be treated as string constants.""" + + site_id: Annotated[Optional[str], pydantic.Field(alias="siteId")] = None + r"""Exabeam site ID. If left blank, @{product} will use the value of the Exabeam site name.""" + + timezone_offset: Annotated[ + Optional[str], pydantic.Field(alias="timezoneOffset") + ] = None + + aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None + r"""HMAC access key. Can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" + + aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( + None + ) + r"""HMAC secret. Can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" + + description: Optional[str] = None + + empty_dir_cleanup_sec: Annotated[ + Optional[float], pydantic.Field(alias="emptyDirCleanupSec") + ] = None + r"""How frequently, in seconds, to clean up empty directories""" + + directory_batch_size: Annotated[ + Optional[float], pydantic.Field(alias="directoryBatchSize") + ] = None + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + + deadletter_path: Annotated[ + Optional[str], pydantic.Field(alias="deadletterPath") + ] = None + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + + max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( + None + ) + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_endpoint") + ] = None + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + + template_object_acl: Annotated[ + Optional[str], pydantic.Field(alias="__template_objectACL") + ] = None + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + + template_storage_class: Annotated[ + Optional[str], pydantic.Field(alias="__template_storageClass") + ] = None + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("object_acl") + def serialize_object_acl(self, value): + if isinstance(value, str): + try: + return models.ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol( + value + ) + except ValueError: + return value + return value + + @field_serializer("storage_class") + def serialize_storage_class(self, value): + if isinstance(value, str): + try: + return models.StorageClassOptionsArchiveColdline(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptionsBlockDrop(value) + except ValueError: + return value + return value + + @field_serializer("on_disk_full_backpressure") + def serialize_on_disk_full_backpressure(self, value): + if isinstance(value, str): + try: + return models.DiskSpaceProtectionOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "objectACL", + "storageClass", + "reuseConnections", + "rejectUnauthorized", + "addIdToStagePath", + "removeEmptyDirs", + "maxFileOpenTimeSec", + "maxFileIdleTimeSec", + "maxOpenFiles", + "onBackpressure", + "deadletterEnabled", + "onDiskFullBackpressure", + "retrySettings", + "orphans", + "maxFileSizeMB", + "encodedConfiguration", + "siteName", + "siteId", + "timezoneOffset", + "awsApiKey", + "awsSecretKey", + "description", + "emptyDirCleanupSec", + "directoryBatchSize", + "deadletterPath", + "maxRetryNum", + "__template_streamtags", + "__template_region", + "__template_endpoint", + "__template_objectACL", + "__template_storageClass", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeGooglePubsub(str, Enum): + GOOGLE_PUBSUB = "google_pubsub" + + +class CreateOutputSystemByPackPqControlsGooglePubsubTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsGooglePubsub(BaseModel): + pass + + +class CreateOutputSystemByPackOutputGooglePubsubTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeGooglePubsub + topic_name: str + r"""ID of the topic to send events to.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + create_topic: NotRequired[bool] + r"""If enabled, create topic if it does not exist.""" + ordered_delivery: NotRequired[bool] + r"""If enabled, send events in the order they were added to the queue. For this to work correctly, the process receiving events must have ordering enabled.""" + region: NotRequired[str] + r"""Region to publish messages to. Select 'default' to allow Google to auto-select the nearest region. When using ordered delivery, the selected region must be allowed by message storage policy.""" + google_auth_method: NotRequired[GoogleAuthenticationMethodOptions] + r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" + service_account_credentials: NotRequired[str] + r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" + secret: NotRequired[str] + r"""Select or create a stored text secret""" + batch_size: NotRequired[float] + r"""The maximum number of items the Google API should batch before it sends them to the topic.""" + batch_timeout: NotRequired[float] + r"""The maximum amount of time, in milliseconds, that the Google API should wait to send a batch (if the Batch size is not reached).""" + max_queue_size: NotRequired[float] + r"""Maximum number of queued batches before blocking.""" + max_record_size_kb: NotRequired[float] + r"""Maximum size (KB) of batches to send.""" + flush_period: NotRequired[float] + r"""Maximum time to wait before sending a batch (when batch size limit is not reached)""" + max_in_progress: NotRequired[float] + r"""The maximum number of in-progress API requests before backpressure is applied.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsGooglePubsubTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_topic_name: NotRequired[str] + r"""Binds 'topicName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicName' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputSystemByPackOutputGooglePubsub(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeGooglePubsub + + topic_name: Annotated[str, pydantic.Field(alias="topicName")] + r"""ID of the topic to send events to.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + create_topic: Annotated[Optional[bool], pydantic.Field(alias="createTopic")] = None + r"""If enabled, create topic if it does not exist.""" + + ordered_delivery: Annotated[ + Optional[bool], pydantic.Field(alias="orderedDelivery") + ] = None + r"""If enabled, send events in the order they were added to the queue. For this to work correctly, the process receiving events must have ordering enabled.""" + + region: Optional[str] = None + r"""Region to publish messages to. Select 'default' to allow Google to auto-select the nearest region. When using ordered delivery, the selected region must be allowed by message storage policy.""" + + google_auth_method: Annotated[ + Optional[GoogleAuthenticationMethodOptions], + pydantic.Field(alias="googleAuthMethod"), + ] = None + r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" + + service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="serviceAccountCredentials") + ] = None + r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" + + secret: Optional[str] = None + r"""Select or create a stored text secret""" + + batch_size: Annotated[Optional[float], pydantic.Field(alias="batchSize")] = None + r"""The maximum number of items the Google API should batch before it sends them to the topic.""" + + batch_timeout: Annotated[Optional[float], pydantic.Field(alias="batchTimeout")] = ( + None + ) + r"""The maximum amount of time, in milliseconds, that the Google API should wait to send a batch (if the Batch size is not reached).""" + + max_queue_size: Annotated[Optional[float], pydantic.Field(alias="maxQueueSize")] = ( + None + ) + r"""Maximum number of queued batches before blocking.""" + + max_record_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSizeKB") + ] = None + r"""Maximum size (KB) of batches to send.""" + + flush_period: Annotated[Optional[float], pydantic.Field(alias="flushPeriod")] = None + r"""Maximum time to wait before sending a batch (when batch size limit is not reached)""" + + max_in_progress: Annotated[ + Optional[float], pydantic.Field(alias="maxInProgress") + ] = None + r"""The maximum number of in-progress API requests before backpressure is applied.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsGooglePubsub], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_topic_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_topicName") + ] = None + r"""Binds 'topicName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicName' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("google_auth_method") + def serialize_google_auth_method(self, value): + if isinstance(value, str): + try: + return models.GoogleAuthenticationMethodOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "createTopic", + "orderedDelivery", + "region", + "googleAuthMethod", + "serviceAccountCredentials", + "secret", + "batchSize", + "batchTimeout", + "maxQueueSize", + "maxRecordSizeKB", + "flushPeriod", + "maxInProgress", + "onBackpressure", + "description", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_topicName", + "__template_region", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeGoogleCloudObservability(str, Enum): + GOOGLE_CLOUD_OBSERVABILITY = "google_cloud_observability" + + +class CreateOutputSystemByPackProtocolGoogleCloudObservability( + str, Enum, metaclass=utils.OpenEnumMeta +): + GRPC = "grpc" + + +class CreateOutputSystemByPackOtlpVersionGoogleCloudObservability( + str, Enum, metaclass=utils.OpenEnumMeta +): + ONE_DOT_3_DOT_1 = "1.3.1" + + +class CreateOutputSystemByPackEndpointGoogleCloudObservability( + str, Enum, metaclass=utils.OpenEnumMeta +): + r"""Fixed Google Cloud Observability gRPC endpoint. All three signals share this transport; the OTLP service path determines whether the call lands on traces, metrics, or logs.""" + + TELEMETRY_GOOGLEAPIS_COM_443 = "telemetry.googleapis.com:443" + + +class CreateOutputSystemByPackGoogleAuthenticationMethod( + str, Enum, metaclass=utils.OpenEnumMeta +): + r"""Choose Auto to use Google Application Default Credentials (ADC). Choose Secret to select or create a stored secret that references Google service account credentials.""" + + # Auto + AUTO = "auto" + # Secret + SECRET = "secret" + + +class CreateOutputSystemByPackPqControlsGoogleCloudObservabilityTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsGoogleCloudObservability(BaseModel): + pass + + +class CreateOutputSystemByPackOutputGoogleCloudObservabilityTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeGoogleCloudObservability + google_auth_method: CreateOutputSystemByPackGoogleAuthenticationMethod + r"""Choose Auto to use Google Application Default Credentials (ADC). Choose Secret to select or create a stored secret that references Google service account credentials.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + protocol: NotRequired[CreateOutputSystemByPackProtocolGoogleCloudObservability] + otlp_version: NotRequired[ + CreateOutputSystemByPackOtlpVersionGoogleCloudObservability + ] + endpoint: NotRequired[CreateOutputSystemByPackEndpointGoogleCloudObservability] + r"""Fixed Google Cloud Observability gRPC endpoint. All three signals share this transport; the OTLP service path determines whether the call lands on traces, metrics, or logs.""" + metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""List of key-value pairs to send with each gRPC request. Value supports JavaScript expressions that are evaluated just once, when the destination gets started. To pass credentials as metadata, use 'C.Secret'.""" + dynamic_headers_enabled: NotRequired[bool] + r"""Batch event data upon dynamic metadata (whether presented or not)""" + dynamic_headers_field: NotRequired[str] + r"""When presented, this field which contains metadata, will be injected into the Destination metadata and used to batch events.""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body sent to Google Cloud Observability""" + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + connection_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + keep_alive_time: NotRequired[float] + r"""How often the sender should ping the peer to keep the connection open""" + tls: NotRequired[TLSSettingsClientSideTypeExtendedTypedDict] + max_payload_events: NotRequired[float] + r"""Max number of events to include in the request body. Default is 0 (unlimited). Use to keep outgoing data points within GCO request limits. For metrics, combine with the OTLP Metrics function batchSize.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + secret: NotRequired[str] + r"""Select or create a stored text secret""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[ + CreateOutputSystemByPackPqControlsGoogleCloudObservabilityTypedDict + ] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputSystemByPackOutputGoogleCloudObservability(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeGoogleCloudObservability + + google_auth_method: Annotated[ + CreateOutputSystemByPackGoogleAuthenticationMethod, + pydantic.Field(alias="googleAuthMethod"), + ] + r"""Choose Auto to use Google Application Default Credentials (ADC). Choose Secret to select or create a stored secret that references Google service account credentials.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + protocol: Optional[CreateOutputSystemByPackProtocolGoogleCloudObservability] = None + + otlp_version: Annotated[ + Optional[CreateOutputSystemByPackOtlpVersionGoogleCloudObservability], + pydantic.Field(alias="otlpVersion"), + ] = None + + endpoint: Optional[CreateOutputSystemByPackEndpointGoogleCloudObservability] = None + r"""Fixed Google Cloud Observability gRPC endpoint. All three signals share this transport; the OTLP service path determines whether the call lands on traces, metrics, or logs.""" + + metadata: Optional[List[KeyValueMetadataConfOutputFilesystem]] = None + r"""List of key-value pairs to send with each gRPC request. Value supports JavaScript expressions that are evaluated just once, when the destination gets started. To pass credentials as metadata, use 'C.Secret'.""" + + dynamic_headers_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="dynamicHeadersEnabled") + ] = None + r"""Batch event data upon dynamic metadata (whether presented or not)""" + + dynamic_headers_field: Annotated[ + Optional[str], pydantic.Field(alias="dynamicHeadersField") + ] = None + r"""When presented, this field which contains metadata, will be injected into the Destination metadata and used to batch events.""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body sent to Google Cloud Observability""" + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + + keep_alive_time: Annotated[ + Optional[float], pydantic.Field(alias="keepAliveTime") + ] = None + r"""How often the sender should ping the peer to keep the connection open""" + + tls: Optional[TLSSettingsClientSideTypeExtended] = None + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Max number of events to include in the request body. Default is 0 (unlimited). Use to keep outgoing data points within GCO request limits. For metrics, combine with the OTLP Metrics function batchSize.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + secret: Optional[str] = None + r"""Select or create a stored text secret""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsGoogleCloudObservability], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("protocol") + def serialize_protocol(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackProtocolGoogleCloudObservability( + value + ) + except ValueError: + return value + return value + + @field_serializer("otlp_version") + def serialize_otlp_version(self, value): + if isinstance(value, str): + try: + return ( + models.CreateOutputSystemByPackOtlpVersionGoogleCloudObservability( + value + ) + ) + except ValueError: + return value + return value + + @field_serializer("endpoint") + def serialize_endpoint(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackEndpointGoogleCloudObservability( + value + ) + except ValueError: + return value + return value + + @field_serializer("google_auth_method") + def serialize_google_auth_method(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackGoogleAuthenticationMethod(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "protocol", + "otlpVersion", + "endpoint", + "metadata", + "dynamicHeadersEnabled", + "dynamicHeadersField", + "concurrency", + "maxPayloadSizeKB", + "timeoutSec", + "flushPeriodSec", + "failedRequestLoggingMode", + "connectionTimeout", + "keepAliveTime", + "tls", + "maxPayloadEvents", + "onBackpressure", + "description", + "secret", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeGoogleCloudLogging(str, Enum): + GOOGLE_CLOUD_LOGGING = "google_cloud_logging" + + +class CreateOutputSystemByPackLogLocationType(str, Enum, metaclass=utils.OpenEnumMeta): + # Project + PROJECT = "project" + # Organization + ORGANIZATION = "organization" + # Billing Account + BILLING_ACCOUNT = "billingAccount" + # Folder + FOLDER = "folder" + + +class CreateOutputSystemByPackPayloadFormat(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Format to use when sending payload. Defaults to Text.""" + + # Text + TEXT = "text" + # JSON + JSON = "json" + + +class CreateOutputSystemByPackPqControlsGoogleCloudLoggingTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsGoogleCloudLogging(BaseModel): + pass + + +class CreateOutputSystemByPackOutputGoogleCloudLoggingTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeGoogleCloudLogging + log_location_type: CreateOutputSystemByPackLogLocationType + log_name_expression: str + r"""JavaScript expression to compute the value of the log name. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" + log_location_expression: str + r"""JavaScript expression to compute the value of the folder ID with which log entries should be associated. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + sanitize_log_names: NotRequired[bool] + payload_format: NotRequired[CreateOutputSystemByPackPayloadFormat] + r"""Format to use when sending payload. Defaults to Text.""" + log_labels: NotRequired[List[LogLabelConfOutputGoogleCloudLoggingTypedDict]] + r"""Labels to apply to the log entry""" + resource_type_expression: NotRequired[str] + r"""JavaScript expression to compute the value of the managed resource type field. Must evaluate to one of the valid values [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types). Defaults to \"global\".""" + resource_type_labels: NotRequired[ + List[LogLabelConfOutputGoogleCloudLoggingTypedDict] + ] + r"""Labels to apply to the managed resource. These must correspond to the valid labels for the specified resource type (see [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types)). Otherwise, they will be dropped by Google Cloud Logging.""" + severity_expression: NotRequired[str] + r"""JavaScript expression to compute the value of the severity field. Must evaluate to one of the severity values supported by Google Cloud Logging [here](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logseverity) (case insensitive). Defaults to \"DEFAULT\".""" + insert_id_expression: NotRequired[str] + r"""JavaScript expression to compute the value of the insert ID field.""" + google_auth_method: NotRequired[GoogleAuthenticationMethodOptions] + r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" + service_account_credentials: NotRequired[str] + r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" + secret: NotRequired[str] + r"""Select or create a stored text secret""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body.""" + max_payload_events: NotRequired[float] + r"""Max number of events to include in the request body. Default is 0 (unlimited).""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking.""" + connection_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it.""" + throttle_rate_req_per_sec: NotRequired[int] + r"""Maximum number of requests to limit to per second.""" + request_method_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request method as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + request_url_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request URL as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + request_size_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + status_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request method as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + response_size_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP response size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + user_agent_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request user agent as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + remote_ip_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request remote IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + server_ip_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request server IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + referer_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request referer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + latency_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request latency, formatted as .s (for example, 1.23s). See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + cache_lookup_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request cache lookup as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + cache_hit_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request cache hit as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + cache_validated_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request cache validated with origin server as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + cache_fill_bytes_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request cache fill bytes as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + protocol_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request protocol as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + id_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry operation ID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + producer_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry operation producer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + first_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry operation first flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + last_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry operation last flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + file_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry source location file as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" + line_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry source location line as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" + function_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry source location function as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" + uid_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry log split UID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" + index_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry log split index as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" + total_splits_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry log split total splits as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" + trace_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the REST resource name of the trace being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" + span_id_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the ID of the cloud trace span associated with the current operation in which the log is being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" + trace_sampled_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the the sampling decision of the span associated with the log entry. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + total_memory_limit_kb: NotRequired[float] + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + description: NotRequired[str] + payload_expression: NotRequired[str] + r"""JavaScript expression to compute the value of the payload. Must evaluate to a JavaScript object value. If an invalid value is encountered it will result in the default value instead. Defaults to the entire event.""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[ + CreateOutputSystemByPackPqControlsGoogleCloudLoggingTypedDict + ] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_log_location_type: NotRequired[str] + r"""Binds 'logLocationType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationType' at runtime.""" + template_log_name_expression: NotRequired[str] + r"""Binds 'logNameExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logNameExpression' at runtime.""" + template_payload_format: NotRequired[str] + r"""Binds 'payloadFormat' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadFormat' at runtime.""" + template_resource_type_expression: NotRequired[str] + r"""Binds 'resourceTypeExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'resourceTypeExpression' at runtime.""" + template_severity_expression: NotRequired[str] + r"""Binds 'severityExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'severityExpression' at runtime.""" + template_insert_id_expression: NotRequired[str] + r"""Binds 'insertIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'insertIdExpression' at runtime.""" + template_trace_expression: NotRequired[str] + r"""Binds 'traceExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceExpression' at runtime.""" + template_span_id_expression: NotRequired[str] + r"""Binds 'spanIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'spanIdExpression' at runtime.""" + template_trace_sampled_expression: NotRequired[str] + r"""Binds 'traceSampledExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceSampledExpression' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_log_location_expression: NotRequired[str] + r"""Binds 'logLocationExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationExpression' at runtime.""" + template_payload_expression: NotRequired[str] + r"""Binds 'payloadExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadExpression' at runtime.""" + + +class CreateOutputSystemByPackOutputGoogleCloudLogging(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeGoogleCloudLogging + + log_location_type: Annotated[ + CreateOutputSystemByPackLogLocationType, pydantic.Field(alias="logLocationType") + ] + + log_name_expression: Annotated[str, pydantic.Field(alias="logNameExpression")] + r"""JavaScript expression to compute the value of the log name. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" + + log_location_expression: Annotated[ + str, pydantic.Field(alias="logLocationExpression") + ] + r"""JavaScript expression to compute the value of the folder ID with which log entries should be associated. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + sanitize_log_names: Annotated[ + Optional[bool], pydantic.Field(alias="sanitizeLogNames") + ] = None + + payload_format: Annotated[ + Optional[CreateOutputSystemByPackPayloadFormat], + pydantic.Field(alias="payloadFormat"), + ] = None + r"""Format to use when sending payload. Defaults to Text.""" + + log_labels: Annotated[ + Optional[List[LogLabelConfOutputGoogleCloudLogging]], + pydantic.Field(alias="logLabels"), + ] = None + r"""Labels to apply to the log entry""" + + resource_type_expression: Annotated[ + Optional[str], pydantic.Field(alias="resourceTypeExpression") + ] = None + r"""JavaScript expression to compute the value of the managed resource type field. Must evaluate to one of the valid values [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types). Defaults to \"global\".""" + + resource_type_labels: Annotated[ + Optional[List[LogLabelConfOutputGoogleCloudLogging]], + pydantic.Field(alias="resourceTypeLabels"), + ] = None + r"""Labels to apply to the managed resource. These must correspond to the valid labels for the specified resource type (see [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types)). Otherwise, they will be dropped by Google Cloud Logging.""" + + severity_expression: Annotated[ + Optional[str], pydantic.Field(alias="severityExpression") + ] = None + r"""JavaScript expression to compute the value of the severity field. Must evaluate to one of the severity values supported by Google Cloud Logging [here](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logseverity) (case insensitive). Defaults to \"DEFAULT\".""" + + insert_id_expression: Annotated[ + Optional[str], pydantic.Field(alias="insertIdExpression") + ] = None + r"""JavaScript expression to compute the value of the insert ID field.""" + + google_auth_method: Annotated[ + Optional[GoogleAuthenticationMethodOptions], + pydantic.Field(alias="googleAuthMethod"), + ] = None + r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" + + service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="serviceAccountCredentials") + ] = None + r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" + + secret: Optional[str] = None + r"""Select or create a stored text secret""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body.""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Max number of events to include in the request body. Default is 0 (unlimited).""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking.""" + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it.""" + + throttle_rate_req_per_sec: Annotated[ + Optional[int], pydantic.Field(alias="throttleRateReqPerSec") + ] = None + r"""Maximum number of requests to limit to per second.""" + + request_method_expression: Annotated[ + Optional[str], pydantic.Field(alias="requestMethodExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request method as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + request_url_expression: Annotated[ + Optional[str], pydantic.Field(alias="requestUrlExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request URL as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + request_size_expression: Annotated[ + Optional[str], pydantic.Field(alias="requestSizeExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + status_expression: Annotated[ + Optional[str], pydantic.Field(alias="statusExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request method as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + response_size_expression: Annotated[ + Optional[str], pydantic.Field(alias="responseSizeExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP response size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + user_agent_expression: Annotated[ + Optional[str], pydantic.Field(alias="userAgentExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request user agent as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + remote_ip_expression: Annotated[ + Optional[str], pydantic.Field(alias="remoteIpExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request remote IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + server_ip_expression: Annotated[ + Optional[str], pydantic.Field(alias="serverIpExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request server IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + referer_expression: Annotated[ + Optional[str], pydantic.Field(alias="refererExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request referer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + latency_expression: Annotated[ + Optional[str], pydantic.Field(alias="latencyExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request latency, formatted as .s (for example, 1.23s). See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + cache_lookup_expression: Annotated[ + Optional[str], pydantic.Field(alias="cacheLookupExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request cache lookup as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + cache_hit_expression: Annotated[ + Optional[str], pydantic.Field(alias="cacheHitExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request cache hit as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + cache_validated_expression: Annotated[ + Optional[str], pydantic.Field(alias="cacheValidatedExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request cache validated with origin server as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + cache_fill_bytes_expression: Annotated[ + Optional[str], pydantic.Field(alias="cacheFillBytesExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request cache fill bytes as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + protocol_expression: Annotated[ + Optional[str], pydantic.Field(alias="protocolExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request protocol as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + id_expression: Annotated[Optional[str], pydantic.Field(alias="idExpression")] = None + r"""A JavaScript expression that evaluates to the log entry operation ID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + + producer_expression: Annotated[ + Optional[str], pydantic.Field(alias="producerExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry operation producer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + + first_expression: Annotated[ + Optional[str], pydantic.Field(alias="firstExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry operation first flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + + last_expression: Annotated[ + Optional[str], pydantic.Field(alias="lastExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry operation last flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + + file_expression: Annotated[ + Optional[str], pydantic.Field(alias="fileExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry source location file as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" + + line_expression: Annotated[ + Optional[str], pydantic.Field(alias="lineExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry source location line as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" + + function_expression: Annotated[ + Optional[str], pydantic.Field(alias="functionExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry source location function as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" + + uid_expression: Annotated[Optional[str], pydantic.Field(alias="uidExpression")] = ( + None + ) + r"""A JavaScript expression that evaluates to the log entry log split UID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" + + index_expression: Annotated[ + Optional[str], pydantic.Field(alias="indexExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry log split index as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" + + total_splits_expression: Annotated[ + Optional[str], pydantic.Field(alias="totalSplitsExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry log split total splits as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" + + trace_expression: Annotated[ + Optional[str], pydantic.Field(alias="traceExpression") + ] = None + r"""A JavaScript expression that evaluates to the REST resource name of the trace being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" + + span_id_expression: Annotated[ + Optional[str], pydantic.Field(alias="spanIdExpression") + ] = None + r"""A JavaScript expression that evaluates to the ID of the cloud trace span associated with the current operation in which the log is being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" + + trace_sampled_expression: Annotated[ + Optional[str], pydantic.Field(alias="traceSampledExpression") + ] = None + r"""A JavaScript expression that evaluates to the the sampling decision of the span associated with the log entry. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + total_memory_limit_kb: Annotated[ + Optional[float], pydantic.Field(alias="totalMemoryLimitKB") + ] = None + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + + description: Optional[str] = None + + payload_expression: Annotated[ + Optional[str], pydantic.Field(alias="payloadExpression") + ] = None + r"""JavaScript expression to compute the value of the payload. Must evaluate to a JavaScript object value. If an invalid value is encountered it will result in the default value instead. Defaults to the entire event.""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsGoogleCloudLogging], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_log_location_type: Annotated[ + Optional[str], pydantic.Field(alias="__template_logLocationType") + ] = None + r"""Binds 'logLocationType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationType' at runtime.""" + + template_log_name_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_logNameExpression") + ] = None + r"""Binds 'logNameExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logNameExpression' at runtime.""" + + template_payload_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_payloadFormat") + ] = None + r"""Binds 'payloadFormat' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadFormat' at runtime.""" + + template_resource_type_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_resourceTypeExpression") + ] = None + r"""Binds 'resourceTypeExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'resourceTypeExpression' at runtime.""" + + template_severity_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_severityExpression") + ] = None + r"""Binds 'severityExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'severityExpression' at runtime.""" + + template_insert_id_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_insertIdExpression") + ] = None + r"""Binds 'insertIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'insertIdExpression' at runtime.""" + + template_trace_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_traceExpression") + ] = None + r"""Binds 'traceExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceExpression' at runtime.""" + + template_span_id_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_spanIdExpression") + ] = None + r"""Binds 'spanIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'spanIdExpression' at runtime.""" + + template_trace_sampled_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_traceSampledExpression") + ] = None + r"""Binds 'traceSampledExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceSampledExpression' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_log_location_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_logLocationExpression") + ] = None + r"""Binds 'logLocationExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationExpression' at runtime.""" + + template_payload_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_payloadExpression") + ] = None + r"""Binds 'payloadExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadExpression' at runtime.""" + + @field_serializer("log_location_type") + def serialize_log_location_type(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackLogLocationType(value) + except ValueError: + return value + return value + + @field_serializer("payload_format") + def serialize_payload_format(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackPayloadFormat(value) + except ValueError: + return value + return value + + @field_serializer("google_auth_method") + def serialize_google_auth_method(self, value): + if isinstance(value, str): + try: + return models.GoogleAuthenticationMethodOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "sanitizeLogNames", + "payloadFormat", + "logLabels", + "resourceTypeExpression", + "resourceTypeLabels", + "severityExpression", + "insertIdExpression", + "googleAuthMethod", + "serviceAccountCredentials", + "secret", + "maxPayloadSizeKB", + "maxPayloadEvents", + "flushPeriodSec", + "concurrency", + "connectionTimeout", + "timeoutSec", + "throttleRateReqPerSec", + "requestMethodExpression", + "requestUrlExpression", + "requestSizeExpression", + "statusExpression", + "responseSizeExpression", + "userAgentExpression", + "remoteIpExpression", + "serverIpExpression", + "refererExpression", + "latencyExpression", + "cacheLookupExpression", + "cacheHitExpression", + "cacheValidatedExpression", + "cacheFillBytesExpression", + "protocolExpression", + "idExpression", + "producerExpression", + "firstExpression", + "lastExpression", + "fileExpression", + "lineExpression", + "functionExpression", + "uidExpression", + "indexExpression", + "totalSplitsExpression", + "traceExpression", + "spanIdExpression", + "traceSampledExpression", + "onBackpressure", + "totalMemoryLimitKB", + "description", + "payloadExpression", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_logLocationType", + "__template_logNameExpression", + "__template_payloadFormat", + "__template_resourceTypeExpression", + "__template_severityExpression", + "__template_insertIdExpression", + "__template_traceExpression", + "__template_spanIdExpression", + "__template_traceSampledExpression", + "__template_onBackpressure", + "__template_logLocationExpression", + "__template_payloadExpression", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeGoogleCloudStorage(str, Enum): + GOOGLE_CLOUD_STORAGE = "google_cloud_storage" + + +class CreateOutputSystemByPackAuthenticationMethodGoogleCloudStorage( + str, Enum, metaclass=utils.OpenEnumMeta +): + # auto + AUTO = "auto" + # manual + MANUAL = "manual" + # Secret Key pair + SECRET = "secret" + + +class CreateOutputSystemByPackOutputGoogleCloudStorageTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeGoogleCloudStorage + bucket: str + r"""Name of the destination bucket. This value can be a constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a Global Variable: `myBucket-${C.vars.myVar}`.""" + region: str + r"""Region where the bucket is located""" + endpoint: str + r"""Google Cloud Storage service endpoint""" + stage_path: str + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + aws_authentication_method: NotRequired[ + CreateOutputSystemByPackAuthenticationMethodGoogleCloudStorage + ] + dest_path: NotRequired[str] + r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" + verify_permissions: NotRequired[bool] + r"""Disable if you can access files within the bucket but not the bucket itself""" + object_acl: NotRequired[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol] + r"""Object ACL to assign to uploaded objects""" + storage_class: NotRequired[StorageClassOptionsArchiveColdline] + r"""Storage class to select for uploaded objects""" + reuse_connections: NotRequired[bool] + r"""Reuse connections between requests, which can improve performance""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + add_id_to_stage_path: NotRequired[bool] + r"""Add the Output ID value to staging location""" + remove_empty_dirs: NotRequired[bool] + r"""Remove empty staging directories after moving files""" + partition_expr: NotRequired[str] + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + format_: NotRequired[DataFormatOptions] + r"""Format of the output data""" + base_file_name: NotRequired[str] + r"""JavaScript expression to define the output filename prefix (can be constant)""" + file_name_suffix: NotRequired[str] + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + max_file_size_mb: NotRequired[float] + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + max_file_open_time_sec: NotRequired[float] + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + max_file_idle_time_sec: NotRequired[float] + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + max_open_files: NotRequired[float] + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + header_line: NotRequired[str] + r"""If set, this line will be written to the beginning of each output file""" + write_high_water_mark: NotRequired[float] + r"""Buffer size used to write to a file""" + on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] + r"""How to handle events when all receivers are exerting backpressure""" + deadletter_enabled: NotRequired[bool] + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + force_close_on_shutdown: NotRequired[bool] + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + retry_settings: NotRequired[RetrySettingsTypeTypedDict] + orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] + description: NotRequired[str] + compress: NotRequired[CompressionOptionsHTTP] + r"""Data compression format to apply to HTTP content before it is delivered""" + compression_level: NotRequired[CompressionLevelOptions] + r"""Compression level to apply before moving files to final destination""" + automatic_schema: NotRequired[bool] + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + parquet_schema: NotRequired[str] + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + parquet_version: NotRequired[ParquetVersionOptions] + r"""Determines which data types are supported and how they are represented""" + parquet_data_page_version: NotRequired[DataPageVersionOptions] + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + parquet_row_group_length: NotRequired[float] + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + parquet_page_size: NotRequired[str] + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + should_log_invalid_rows: NotRequired[bool] + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + enable_statistics: NotRequired[bool] + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + enable_write_page_index: NotRequired[bool] + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + enable_page_checksum: NotRequired[bool] + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + empty_dir_cleanup_sec: NotRequired[float] + r"""How frequently, in seconds, to clean up empty directories""" + directory_batch_size: NotRequired[float] + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + deadletter_path: NotRequired[str] + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + max_retry_num: NotRequired[float] + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + aws_api_key: NotRequired[str] + r"""HMAC access key. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" + aws_secret_key: NotRequired[str] + r"""HMAC secret. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" + aws_secret: NotRequired[str] + r"""Select or create a stored secret that references your access key and secret key""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_bucket: NotRequired[str] + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_endpoint: NotRequired[str] + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + template_dest_path: NotRequired[str] + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + template_object_acl: NotRequired[str] + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + template_storage_class: NotRequired[str] + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + template_partition_expr: NotRequired[str] + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_base_file_name: NotRequired[str] + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + template_file_name_suffix: NotRequired[str] + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + template_parquet_schema: NotRequired[str] + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + template_aws_api_key: NotRequired[str] + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + template_aws_secret_key: NotRequired[str] + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + + +class CreateOutputSystemByPackOutputGoogleCloudStorage(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeGoogleCloudStorage + + bucket: str + r"""Name of the destination bucket. This value can be a constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a Global Variable: `myBucket-${C.vars.myVar}`.""" + + region: str + r"""Region where the bucket is located""" + + endpoint: str + r"""Google Cloud Storage service endpoint""" + + stage_path: Annotated[str, pydantic.Field(alias="stagePath")] + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + aws_authentication_method: Annotated[ + Optional[CreateOutputSystemByPackAuthenticationMethodGoogleCloudStorage], + pydantic.Field(alias="awsAuthenticationMethod"), + ] = None + + dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None + r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" + + verify_permissions: Annotated[ + Optional[bool], pydantic.Field(alias="verifyPermissions") + ] = None + r"""Disable if you can access files within the bucket but not the bucket itself""" + + object_acl: Annotated[ + Optional[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol], + pydantic.Field(alias="objectACL"), + ] = None + r"""Object ACL to assign to uploaded objects""" + + storage_class: Annotated[ + Optional[StorageClassOptionsArchiveColdline], + pydantic.Field(alias="storageClass"), + ] = None + r"""Storage class to select for uploaded objects""" + + reuse_connections: Annotated[ + Optional[bool], pydantic.Field(alias="reuseConnections") + ] = None + r"""Reuse connections between requests, which can improve performance""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + + add_id_to_stage_path: Annotated[ + Optional[bool], pydantic.Field(alias="addIdToStagePath") + ] = None + r"""Add the Output ID value to staging location""" + + remove_empty_dirs: Annotated[ + Optional[bool], pydantic.Field(alias="removeEmptyDirs") + ] = None + r"""Remove empty staging directories after moving files""" + + partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( + None + ) + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + + format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( + None + ) + r"""Format of the output data""" + + base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( + None + ) + r"""JavaScript expression to define the output filename prefix (can be constant)""" + + file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="fileNameSuffix") + ] = None + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + + max_file_size_mb: Annotated[ + Optional[float], pydantic.Field(alias="maxFileSizeMB") + ] = None + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + + max_file_open_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") + ] = None + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + + max_file_idle_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") + ] = None + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + + max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( + None + ) + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + + header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None + r"""If set, this line will be written to the beginning of each output file""" + + write_high_water_mark: Annotated[ + Optional[float], pydantic.Field(alias="writeHighWaterMark") + ] = None + r"""Buffer size used to write to a file""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptionsBlockDrop], + pydantic.Field(alias="onBackpressure"), + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + deadletter_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="deadletterEnabled") + ] = None + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + + on_disk_full_backpressure: Annotated[ + Optional[DiskSpaceProtectionOptions], + pydantic.Field(alias="onDiskFullBackpressure"), + ] = None + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + + force_close_on_shutdown: Annotated[ + Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") + ] = None + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + + retry_settings: Annotated[ + Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") + ] = None + + orphans: Optional[OrphanFileRecoveryType] = None + + description: Optional[str] = None + + compress: Optional[CompressionOptionsHTTP] = None + r"""Data compression format to apply to HTTP content before it is delivered""" + + compression_level: Annotated[ + Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") + ] = None + r"""Compression level to apply before moving files to final destination""" + + automatic_schema: Annotated[ + Optional[bool], pydantic.Field(alias="automaticSchema") + ] = None + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + + parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( + None + ) + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + + parquet_version: Annotated[ + Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") + ] = None + r"""Determines which data types are supported and how they are represented""" + + parquet_data_page_version: Annotated[ + Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") + ] = None + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + + parquet_row_group_length: Annotated[ + Optional[float], pydantic.Field(alias="parquetRowGroupLength") + ] = None + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + + parquet_page_size: Annotated[ + Optional[str], pydantic.Field(alias="parquetPageSize") + ] = None + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + + should_log_invalid_rows: Annotated[ + Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") + ] = None + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + + key_value_metadata: Annotated[ + Optional[List[KeyValueMetadataConfOutputFilesystem]], + pydantic.Field(alias="keyValueMetadata"), + ] = None + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + + enable_statistics: Annotated[ + Optional[bool], pydantic.Field(alias="enableStatistics") + ] = None + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + + enable_write_page_index: Annotated[ + Optional[bool], pydantic.Field(alias="enableWritePageIndex") + ] = None + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + + enable_page_checksum: Annotated[ + Optional[bool], pydantic.Field(alias="enablePageChecksum") + ] = None + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + + empty_dir_cleanup_sec: Annotated[ + Optional[float], pydantic.Field(alias="emptyDirCleanupSec") + ] = None + r"""How frequently, in seconds, to clean up empty directories""" + + directory_batch_size: Annotated[ + Optional[float], pydantic.Field(alias="directoryBatchSize") + ] = None + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + + deadletter_path: Annotated[ + Optional[str], pydantic.Field(alias="deadletterPath") + ] = None + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + + max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( + None + ) + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + + aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None + r"""HMAC access key. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" + + aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( + None + ) + r"""HMAC secret. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" + + aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None + r"""Select or create a stored secret that references your access key and secret key""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_bucket: Annotated[ + Optional[str], pydantic.Field(alias="__template_bucket") + ] = None + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_endpoint") + ] = None + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + + template_dest_path: Annotated[ + Optional[str], pydantic.Field(alias="__template_destPath") + ] = None + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + + template_object_acl: Annotated[ + Optional[str], pydantic.Field(alias="__template_objectACL") + ] = None + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + + template_storage_class: Annotated[ + Optional[str], pydantic.Field(alias="__template_storageClass") + ] = None + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + + template_partition_expr: Annotated[ + Optional[str], pydantic.Field(alias="__template_partitionExpr") + ] = None + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_base_file_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_baseFileName") + ] = None + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + + template_file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="__template_fileNameSuffix") + ] = None + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + template_parquet_schema: Annotated[ + Optional[str], pydantic.Field(alias="__template_parquetSchema") + ] = None + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + template_aws_api_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsApiKey") + ] = None + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + template_aws_secret_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsSecretKey") + ] = None + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + + @field_serializer("aws_authentication_method") + def serialize_aws_authentication_method(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackAuthenticationMethodGoogleCloudStorage( + value + ) + except ValueError: + return value + return value + + @field_serializer("object_acl") + def serialize_object_acl(self, value): + if isinstance(value, str): + try: + return models.ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol( + value + ) + except ValueError: + return value + return value + + @field_serializer("storage_class") + def serialize_storage_class(self, value): + if isinstance(value, str): + try: + return models.StorageClassOptionsArchiveColdline(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.DataFormatOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptionsBlockDrop(value) + except ValueError: + return value + return value + + @field_serializer("on_disk_full_backpressure") + def serialize_on_disk_full_backpressure(self, value): + if isinstance(value, str): + try: + return models.DiskSpaceProtectionOptions(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsHTTP(value) + except ValueError: + return value + return value + + @field_serializer("compression_level") + def serialize_compression_level(self, value): + if isinstance(value, str): + try: + return models.CompressionLevelOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_version") + def serialize_parquet_version(self, value): + if isinstance(value, str): + try: + return models.ParquetVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_data_page_version") + def serialize_parquet_data_page_version(self, value): + if isinstance(value, str): + try: + return models.DataPageVersionOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "awsAuthenticationMethod", + "destPath", + "verifyPermissions", + "objectACL", + "storageClass", + "reuseConnections", + "rejectUnauthorized", + "addIdToStagePath", + "removeEmptyDirs", + "partitionExpr", + "format", + "baseFileName", + "fileNameSuffix", + "maxFileSizeMB", + "maxFileOpenTimeSec", + "maxFileIdleTimeSec", + "maxOpenFiles", + "headerLine", + "writeHighWaterMark", + "onBackpressure", + "deadletterEnabled", + "onDiskFullBackpressure", + "forceCloseOnShutdown", + "retrySettings", + "orphans", + "description", + "compress", + "compressionLevel", + "automaticSchema", + "parquetSchema", + "parquetVersion", + "parquetDataPageVersion", + "parquetRowGroupLength", + "parquetPageSize", + "shouldLogInvalidRows", + "keyValueMetadata", + "enableStatistics", + "enableWritePageIndex", + "enablePageChecksum", + "emptyDirCleanupSec", + "directoryBatchSize", + "deadletterPath", + "maxRetryNum", + "awsApiKey", + "awsSecretKey", + "awsSecret", + "__template_streamtags", + "__template_bucket", + "__template_region", + "__template_endpoint", + "__template_destPath", + "__template_objectACL", + "__template_storageClass", + "__template_partitionExpr", + "__template_format", + "__template_baseFileName", + "__template_fileNameSuffix", + "__template_onBackpressure", + "__template_compress", + "__template_parquetSchema", + "__template_awsApiKey", + "__template_awsSecretKey", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeGoogleChronicle(str, Enum): + GOOGLE_CHRONICLE = "google_chronicle" + + +class CreateOutputSystemByPackAPIVersion(str, Enum, metaclass=utils.OpenEnumMeta): + # V1 + V1 = "v1" + # V2 + V2 = "v2" + + +class CreateOutputSystemByPackAuthenticationMethodGoogleChronicle( + str, Enum, metaclass=utils.OpenEnumMeta +): + # API key + MANUAL = "manual" + # API key secret + SECRET = "secret" + # Service account credentials + SERVICE_ACCOUNT = "serviceAccount" + # Service account credentials secret + SERVICE_ACCOUNT_SECRET = "serviceAccountSecret" + + +class CreateOutputSystemByPackSendEventsAs(str, Enum, metaclass=utils.OpenEnumMeta): + # Unstructured + UNSTRUCTURED = "unstructured" + # UDM + UDM = "udm" + + +class CreateOutputSystemByPackExtraLogTypeTypedDict(TypedDict): + log_type: str + description: NotRequired[str] + + +class CreateOutputSystemByPackExtraLogType(BaseModel): + log_type: Annotated[str, pydantic.Field(alias="logType")] + + description: Optional[str] = None + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["description"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackUDMType(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Defines the specific format for UDM events sent to Google SecOps. This must match the type of UDM data being sent.""" + + ENTITIES = "entities" + LOGS = "logs" + + +class CreateOutputSystemByPackPqControlsGoogleChronicleTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsGoogleChronicle(BaseModel): + pass + + +class CreateOutputSystemByPackOutputGoogleChronicleTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeGoogleChronicle + log_format_type: CreateOutputSystemByPackSendEventsAs + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + api_version: NotRequired[CreateOutputSystemByPackAPIVersion] + authentication_method: NotRequired[ + CreateOutputSystemByPackAuthenticationMethodGoogleChronicle + ] + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + region: NotRequired[str] + r"""Regional endpoint to send events to""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + total_memory_limit_kb: NotRequired[float] + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + description: NotRequired[str] + extra_log_types: NotRequired[List[CreateOutputSystemByPackExtraLogTypeTypedDict]] + r"""Custom log types. If the value \"Custom\" is selected in the setting \"Default log type\" above, the first custom log type in this table will be automatically selected as default log type.""" + log_type: NotRequired[str] + r"""Default log type value to send to SecOps. Can be overwritten by event field __logType.""" + log_text_field: NotRequired[str] + r"""Name of the event field that contains the log text to send. If not specified, Stream sends a JSON representation of the whole event.""" + customer_id: NotRequired[str] + r"""A unique identifier (UUID) for your Google SecOps instance. This is provided by your Google representative and is required for API V2 authentication.""" + namespace: NotRequired[str] + r"""User-configured environment namespace to identify the data domain the logs originated from. Use namespace as a tag to identify the appropriate data domain for indexing and enrichment functionality. Can be overwritten by event field __namespace.""" + custom_labels: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""Custom labels to be added to every batch""" + udm_type: NotRequired[CreateOutputSystemByPackUDMType] + r"""Defines the specific format for UDM events sent to Google SecOps. This must match the type of UDM data being sent.""" + api_key: NotRequired[str] + r"""Organization's API key in Google SecOps""" + api_key_secret: NotRequired[str] + r"""Select or create a stored text secret""" + service_account_credentials: NotRequired[str] + r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" + service_account_credentials_secret: NotRequired[str] + r"""Select or create a stored text secret""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsGoogleChronicleTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_api_version: NotRequired[str] + r"""Binds 'apiVersion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'apiVersion' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_customer_id: NotRequired[str] + r"""Binds 'customerId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customerId' at runtime.""" + + +class CreateOutputSystemByPackOutputGoogleChronicle(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeGoogleChronicle + + log_format_type: Annotated[ + CreateOutputSystemByPackSendEventsAs, pydantic.Field(alias="logFormatType") + ] + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + api_version: Annotated[ + Optional[CreateOutputSystemByPackAPIVersion], pydantic.Field(alias="apiVersion") + ] = None + + authentication_method: Annotated[ + Optional[CreateOutputSystemByPackAuthenticationMethodGoogleChronicle], + pydantic.Field(alias="authenticationMethod"), + ] = None + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + region: Optional[str] = None + r"""Regional endpoint to send events to""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + total_memory_limit_kb: Annotated[ + Optional[float], pydantic.Field(alias="totalMemoryLimitKB") + ] = None + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + + description: Optional[str] = None + + extra_log_types: Annotated[ + Optional[List[CreateOutputSystemByPackExtraLogType]], + pydantic.Field(alias="extraLogTypes"), + ] = None + r"""Custom log types. If the value \"Custom\" is selected in the setting \"Default log type\" above, the first custom log type in this table will be automatically selected as default log type.""" + + log_type: Annotated[Optional[str], pydantic.Field(alias="logType")] = None + r"""Default log type value to send to SecOps. Can be overwritten by event field __logType.""" + + log_text_field: Annotated[Optional[str], pydantic.Field(alias="logTextField")] = ( + None + ) + r"""Name of the event field that contains the log text to send. If not specified, Stream sends a JSON representation of the whole event.""" + + customer_id: Annotated[Optional[str], pydantic.Field(alias="customerId")] = None + r"""A unique identifier (UUID) for your Google SecOps instance. This is provided by your Google representative and is required for API V2 authentication.""" + + namespace: Optional[str] = None + r"""User-configured environment namespace to identify the data domain the logs originated from. Use namespace as a tag to identify the appropriate data domain for indexing and enrichment functionality. Can be overwritten by event field __namespace.""" + + custom_labels: Annotated[ + Optional[List[KeyValueMetadataConfOutputFilesystem]], + pydantic.Field(alias="customLabels"), + ] = None + r"""Custom labels to be added to every batch""" + + udm_type: Annotated[ + Optional[CreateOutputSystemByPackUDMType], pydantic.Field(alias="udmType") + ] = None + r"""Defines the specific format for UDM events sent to Google SecOps. This must match the type of UDM data being sent.""" + + api_key: Annotated[Optional[str], pydantic.Field(alias="apiKey")] = None + r"""Organization's API key in Google SecOps""" + + api_key_secret: Annotated[Optional[str], pydantic.Field(alias="apiKeySecret")] = ( + None + ) + r"""Select or create a stored text secret""" + + service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="serviceAccountCredentials") + ] = None + r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" + + service_account_credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="serviceAccountCredentialsSecret") + ] = None + r"""Select or create a stored text secret""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsGoogleChronicle], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_api_version: Annotated[ + Optional[str], pydantic.Field(alias="__template_apiVersion") + ] = None + r"""Binds 'apiVersion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'apiVersion' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_customer_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_customerId") + ] = None + r"""Binds 'customerId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customerId' at runtime.""" + + @field_serializer("api_version") + def serialize_api_version(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackAPIVersion(value) + except ValueError: + return value + return value + + @field_serializer("authentication_method") + def serialize_authentication_method(self, value): + if isinstance(value, str): + try: + return ( + models.CreateOutputSystemByPackAuthenticationMethodGoogleChronicle( + value + ) + ) + except ValueError: + return value + return value + + @field_serializer("log_format_type") + def serialize_log_format_type(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackSendEventsAs(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("udm_type") + def serialize_udm_type(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackUDMType(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "apiVersion", + "authenticationMethod", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "region", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "failedRequestLoggingMode", + "safeHeaders", + "useRoundRobinDns", + "onBackpressure", + "totalMemoryLimitKB", + "description", + "extraLogTypes", + "logType", + "logTextField", + "customerId", + "namespace", + "customLabels", + "udmType", + "apiKey", + "apiKeySecret", + "serviceAccountCredentials", + "serviceAccountCredentialsSecret", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_apiVersion", + "__template_region", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_customerId", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeAzureEventhub(str, Enum): + AZURE_EVENTHUB = "azure_eventhub" + + +class CreateOutputSystemByPackPqControlsAzureEventhubTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsAzureEventhub(BaseModel): + pass + + +class CreateOutputSystemByPackOutputAzureEventhubTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeAzureEventhub + brokers: List[str] + r"""List of Event Hubs Kafka brokers to connect to, eg. yourdomain.servicebus.windows.net:9093. The hostname can be found in the host portion of the primary or secondary connection string in Shared Access Policies.""" + topic: str + r"""The name of the Event Hub (Kafka Topic) to publish events. Can be overwritten using field __topicOut.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + ack: NotRequired[AcknowledgmentsOptions] + r"""Control the number of required acknowledgments""" + format_: NotRequired[RecordDataFormatOptions] + r"""Format to use to serialize events before writing to the Event Hubs Kafka brokers""" + max_record_size_kb: NotRequired[float] + r"""Maximum size of each record batch before compression. Setting should be < message.max.bytes settings in Event Hubs brokers.""" + flush_event_count: NotRequired[float] + r"""Maximum number of events in a batch before forcing a flush""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + connection_timeout: NotRequired[float] + r"""Maximum time to wait for a connection to complete successfully""" + request_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to a request""" + max_retries: NotRequired[float] + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + max_back_off: NotRequired[float] + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + initial_backoff: NotRequired[float] + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + backoff_rate: NotRequired[float] + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + authentication_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to an authentication request""" + reauthentication_threshold: NotRequired[float] + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + sasl: NotRequired[AuthenticationTypeUseTypedDict] + r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" + tls: NotRequired[TLSSettingsClientSideTypeTypedDict] + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsAzureEventhubTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_brokers: NotRequired[str] + r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" + template_topic: NotRequired[str] + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputSystemByPackOutputAzureEventhub(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeAzureEventhub + + brokers: List[str] + r"""List of Event Hubs Kafka brokers to connect to, eg. yourdomain.servicebus.windows.net:9093. The hostname can be found in the host portion of the primary or secondary connection string in Shared Access Policies.""" + + topic: str + r"""The name of the Event Hub (Kafka Topic) to publish events. Can be overwritten using field __topicOut.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + ack: Optional[AcknowledgmentsOptions] = None + r"""Control the number of required acknowledgments""" + + format_: Annotated[ + Optional[RecordDataFormatOptions], pydantic.Field(alias="format") + ] = None + r"""Format to use to serialize events before writing to the Event Hubs Kafka brokers""" + + max_record_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSizeKB") + ] = None + r"""Maximum size of each record batch before compression. Setting should be < message.max.bytes settings in Event Hubs brokers.""" + + flush_event_count: Annotated[ + Optional[float], pydantic.Field(alias="flushEventCount") + ] = None + r"""Maximum number of events in a batch before forcing a flush""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Maximum time to wait for a connection to complete successfully""" + + request_timeout: Annotated[ + Optional[float], pydantic.Field(alias="requestTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to a request""" + + max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + + max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + + initial_backoff: Annotated[ + Optional[float], pydantic.Field(alias="initialBackoff") + ] = None + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + + backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + + authentication_timeout: Annotated[ + Optional[float], pydantic.Field(alias="authenticationTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to an authentication request""" + + reauthentication_threshold: Annotated[ + Optional[float], pydantic.Field(alias="reauthenticationThreshold") + ] = None + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + + sasl: Optional[AuthenticationTypeUse] = None + r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" + + tls: Optional[TLSSettingsClientSideType] = None + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsAzureEventhub], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_brokers: Annotated[ + Optional[str], pydantic.Field(alias="__template_brokers") + ] = None + r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" + + template_topic: Annotated[ + Optional[str], pydantic.Field(alias="__template_topic") + ] = None + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("ack") + def serialize_ack(self, value): + if isinstance(value, str): + try: + return models.AcknowledgmentsOptions(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.RecordDataFormatOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "ack", + "format", + "maxRecordSizeKB", + "flushEventCount", + "flushPeriodSec", + "connectionTimeout", + "requestTimeout", + "maxRetries", + "maxBackOff", + "initialBackoff", + "backoffRate", + "authenticationTimeout", + "reauthenticationThreshold", + "sasl", + "tls", + "onBackpressure", + "description", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_brokers", + "__template_topic", + "__template_format", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeHoneycomb(str, Enum): + HONEYCOMB = "honeycomb" + + +class CreateOutputSystemByPackPqControlsHoneycombTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsHoneycomb(BaseModel): + pass + + +class CreateOutputSystemByPackOutputHoneycombTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeHoneycomb + dataset: str + r"""Name of the dataset to send events to – e.g., observability""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[AuthenticationMethodOptionsAPI] + r"""Enter API key directly, or select a stored secret""" + description: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsHoneycombTypedDict] + team: NotRequired[str] + r"""Team API key where the dataset belongs""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputSystemByPackOutputHoneycomb(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeHoneycomb + + dataset: str + r"""Name of the dataset to send events to – e.g., observability""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAPI], pydantic.Field(alias="authType") + ] = None + r"""Enter API key directly, or select a stored secret""" + + description: Optional[str] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsHoneycomb], + pydantic.Field(alias="pqControls"), + ] = None + + team: Optional[str] = None + r"""Team API key where the dataset belongs""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAPI(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "authType", + "description", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "team", + "textSecret", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeKinesis(str, Enum): + KINESIS = "kinesis" + + +class CreateOutputSystemByPackCompression(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Compression type to use for records""" + + # None + NONE = "none" + # Gzip + GZIP = "gzip" + + +class CreateOutputSystemByPackPqControlsKinesisTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsKinesis(BaseModel): + pass + + +class CreateOutputSystemByPackOutputKinesisTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeKinesis + stream_name: str + r"""Kinesis stream name to send events to.""" + region: str + r"""Region where the Kinesis stream is located""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] + r"""AWS authentication method. Choose Auto to use IAM roles.""" + aws_secret_key: NotRequired[str] + endpoint: NotRequired[str] + r"""Kinesis stream service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to Kinesis stream-compatible endpoint.""" + reuse_connections: NotRequired[bool] + r"""Reuse connections between requests, which can improve performance""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + enable_assume_role: NotRequired[bool] + r"""Use Assume Role credentials to access Kinesis stream""" + assume_role_arn: NotRequired[str] + r"""Amazon Resource Name (ARN) of the role to assume""" + assume_role_external_id: NotRequired[str] + r"""External ID to use when assuming role""" + duration_seconds: NotRequired[float] + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing put requests before blocking.""" + max_record_size_kb: NotRequired[float] + r"""Maximum size (KB) of each individual record before compression. For uncompressed or non-compressible data 1MB is the max recommended size""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + compression: NotRequired[CreateOutputSystemByPackCompression] + r"""Compression type to use for records""" + use_list_shards: NotRequired[bool] + r"""Provides higher stream rate limits, improving delivery speed and reliability by minimizing throttling. See the [ListShards API](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_ListShards.html) documentation for details.""" + as_ndjson: NotRequired[bool] + r"""Batch events into a single record as NDJSON""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + aws_api_key: NotRequired[str] + aws_secret: NotRequired[str] + r"""Select or create a stored secret that references your access key and secret key""" + max_events_per_flush: NotRequired[float] + r"""Maximum number of records to send in a single request""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsKinesisTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_stream_name: NotRequired[str] + r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" + template_aws_secret_key: NotRequired[str] + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_endpoint: NotRequired[str] + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + template_assume_role_arn: NotRequired[str] + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + template_assume_role_external_id: NotRequired[str] + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_aws_api_key: NotRequired[str] + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + +class CreateOutputSystemByPackOutputKinesis(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeKinesis + + stream_name: Annotated[str, pydantic.Field(alias="streamName")] + r"""Kinesis stream name to send events to.""" + + region: str + r"""Region where the Kinesis stream is located""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + aws_authentication_method: Annotated[ + Optional[AuthenticationMethodOptionsS3CollectorConf], + pydantic.Field(alias="awsAuthenticationMethod"), + ] = None + r"""AWS authentication method. Choose Auto to use IAM roles.""" + + aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( + None + ) + + endpoint: Optional[str] = None + r"""Kinesis stream service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to Kinesis stream-compatible endpoint.""" + + reuse_connections: Annotated[ + Optional[bool], pydantic.Field(alias="reuseConnections") + ] = None + r"""Reuse connections between requests, which can improve performance""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + + enable_assume_role: Annotated[ + Optional[bool], pydantic.Field(alias="enableAssumeRole") + ] = None + r"""Use Assume Role credentials to access Kinesis stream""" + + assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( + None + ) + r"""Amazon Resource Name (ARN) of the role to assume""" + + assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="assumeRoleExternalId") + ] = None + r"""External ID to use when assuming role""" + + duration_seconds: Annotated[ + Optional[float], pydantic.Field(alias="durationSeconds") + ] = None + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing put requests before blocking.""" + + max_record_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSizeKB") + ] = None + r"""Maximum size (KB) of each individual record before compression. For uncompressed or non-compressible data 1MB is the max recommended size""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + + compression: Optional[CreateOutputSystemByPackCompression] = None + r"""Compression type to use for records""" + + use_list_shards: Annotated[ + Optional[bool], pydantic.Field(alias="useListShards") + ] = None + r"""Provides higher stream rate limits, improving delivery speed and reliability by minimizing throttling. See the [ListShards API](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_ListShards.html) documentation for details.""" + + as_ndjson: Annotated[Optional[bool], pydantic.Field(alias="asNdjson")] = None + r"""Batch events into a single record as NDJSON""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None + + aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None + r"""Select or create a stored secret that references your access key and secret key""" + + max_events_per_flush: Annotated[ + Optional[float], pydantic.Field(alias="maxEventsPerFlush") + ] = None + r"""Maximum number of records to send in a single request""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsKinesis], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_stream_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamName") + ] = None + r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" + + template_aws_secret_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsSecretKey") + ] = None + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_endpoint") + ] = None + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + + template_assume_role_arn: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleArn") + ] = None + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + + template_assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") + ] = None + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_aws_api_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsApiKey") + ] = None + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + @field_serializer("aws_authentication_method") + def serialize_aws_authentication_method(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsS3CollectorConf(value) + except ValueError: + return value + return value + + @field_serializer("compression") + def serialize_compression(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackCompression(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "awsAuthenticationMethod", + "awsSecretKey", + "endpoint", + "reuseConnections", + "rejectUnauthorized", + "enableAssumeRole", + "assumeRoleArn", + "assumeRoleExternalId", + "durationSeconds", + "concurrency", + "maxRecordSizeKB", + "flushPeriodSec", + "compression", + "useListShards", + "asNdjson", + "onBackpressure", + "description", + "awsApiKey", + "awsSecret", + "maxEventsPerFlush", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_streamName", + "__template_awsSecretKey", + "__template_region", + "__template_endpoint", + "__template_assumeRoleArn", + "__template_assumeRoleExternalId", + "__template_onBackpressure", + "__template_awsApiKey", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeAzureLogs(str, Enum): + AZURE_LOGS = "azure_logs" + + +class CreateOutputSystemByPackAuthenticationMethodAzureLogs( + str, Enum, metaclass=utils.OpenEnumMeta +): + r"""Enter workspace ID and workspace key directly, or select a stored secret""" + + MANUAL = "manual" + SECRET = "secret" + + +class CreateOutputSystemByPackPqControlsAzureLogsTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsAzureLogs(BaseModel): + pass + + +class CreateOutputSystemByPackOutputAzureLogsTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeAzureLogs + log_type: str + r"""The Log Type of events sent to this LogAnalytics workspace. Defaults to `Cribl`. Use only letters, numbers, and `_` characters, and can't exceed 100 characters. Can be overwritten by event field __logType.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + resource_id: NotRequired[str] + r"""Optional Resource ID of the Azure resource to associate the data with. Can be overridden by the __resourceId event field. This ID populates the _ResourceId property, allowing the data to be included in resource-centric queries. If the ID is neither specified nor overridden, resource-centric queries will omit the data.""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + api_url: NotRequired[str] + r"""The DNS name of the Log API endpoint that sends log data to a Log Analytics workspace in Azure Monitor. Defaults to .ods.opinsights.azure.com. @{product} will add a prefix and suffix to construct a URI in this format: /api/logs?api-version=.""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[CreateOutputSystemByPackAuthenticationMethodAzureLogs] + r"""Enter workspace ID and workspace key directly, or select a stored secret""" + description: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsAzureLogsTypedDict] + workspace_id: NotRequired[str] + r"""Azure Log Analytics Workspace ID. See Azure Dashboard Workspace > Advanced settings.""" + workspace_key: NotRequired[str] + r"""Azure Log Analytics Workspace Primary or Secondary Shared Key. See Azure Dashboard Workspace > Advanced settings.""" + keypair_secret: NotRequired[str] + r"""Select or create a stored secret that references your access key and secret key""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_workspace_id: NotRequired[str] + r"""Binds 'workspaceId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceId' at runtime.""" + template_workspace_key: NotRequired[str] + r"""Binds 'workspaceKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceKey' at runtime.""" + + +class CreateOutputSystemByPackOutputAzureLogs(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeAzureLogs + + log_type: Annotated[str, pydantic.Field(alias="logType")] + r"""The Log Type of events sent to this LogAnalytics workspace. Defaults to `Cribl`. Use only letters, numbers, and `_` characters, and can't exceed 100 characters. Can be overwritten by event field __logType.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + resource_id: Annotated[Optional[str], pydantic.Field(alias="resourceId")] = None + r"""Optional Resource ID of the Azure resource to associate the data with. Can be overridden by the __resourceId event field. This ID populates the _ResourceId property, allowing the data to be included in resource-centric queries. If the ID is neither specified nor overridden, resource-centric queries will omit the data.""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + api_url: Annotated[Optional[str], pydantic.Field(alias="apiUrl")] = None + r"""The DNS name of the Log API endpoint that sends log data to a Log Analytics workspace in Azure Monitor. Defaults to .ods.opinsights.azure.com. @{product} will add a prefix and suffix to construct a URI in this format: /api/logs?api-version=.""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[CreateOutputSystemByPackAuthenticationMethodAzureLogs], + pydantic.Field(alias="authType"), + ] = None + r"""Enter workspace ID and workspace key directly, or select a stored secret""" + + description: Optional[str] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsAzureLogs], + pydantic.Field(alias="pqControls"), + ] = None + + workspace_id: Annotated[Optional[str], pydantic.Field(alias="workspaceId")] = None + r"""Azure Log Analytics Workspace ID. See Azure Dashboard Workspace > Advanced settings.""" + + workspace_key: Annotated[Optional[str], pydantic.Field(alias="workspaceKey")] = None + r"""Azure Log Analytics Workspace Primary or Secondary Shared Key. See Azure Dashboard Workspace > Advanced settings.""" + + keypair_secret: Annotated[Optional[str], pydantic.Field(alias="keypairSecret")] = ( + None + ) + r"""Select or create a stored secret that references your access key and secret key""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_workspace_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_workspaceId") + ] = None + r"""Binds 'workspaceId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceId' at runtime.""" + + template_workspace_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_workspaceKey") + ] = None + r"""Binds 'workspaceKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceKey' at runtime.""" + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackAuthenticationMethodAzureLogs( + value + ) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "resourceId", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "apiUrl", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "authType", + "description", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "workspaceId", + "workspaceKey", + "keypairSecret", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_workspaceId", + "__template_workspaceKey", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeAzureDataExplorer(str, Enum): + AZURE_DATA_EXPLORER = "azure_data_explorer" + + +class CreateOutputSystemByPackIngestionMode(str, Enum, metaclass=utils.OpenEnumMeta): + # Batching + BATCHING = "batching" + # Streaming + STREAMING = "streaming" + + +class CreateOutputSystemByPackAuthenticationMethodAzureDataExplorer( + str, Enum, metaclass=utils.OpenEnumMeta +): + r"""The type of OAuth 2.0 client credentials grant flow to use""" + + # Client secret + CLIENT_SECRET = "clientSecret" + # Client secret (text secret) + CLIENT_TEXT_SECRET = "clientTextSecret" + # Certificate + CERTIFICATE = "certificate" + + +class CreateOutputSystemByPackCertificateTypedDict(TypedDict): + certificate_name: NotRequired[str] + r"""The certificate you registered as credentials for your app in the Azure portal""" + + +class CreateOutputSystemByPackCertificate(BaseModel): + certificate_name: Annotated[ + Optional[str], pydantic.Field(alias="certificateName") + ] = None + r"""The certificate you registered as credentials for your app in the Azure portal""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["certificateName"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackPrefixOptional(str, Enum, metaclass=utils.OpenEnumMeta): + # drop-by + DROP_BY = "dropBy" + # ingest-by + INGEST_BY = "ingestBy" + + +class CreateOutputSystemByPackExtentTagTypedDict(TypedDict): + value: str + prefix: NotRequired[CreateOutputSystemByPackPrefixOptional] + + +class CreateOutputSystemByPackExtentTag(BaseModel): + value: str + + prefix: Optional[CreateOutputSystemByPackPrefixOptional] = None + + @field_serializer("prefix") + def serialize_prefix(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackPrefixOptional(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["prefix"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackIngestIfNotExistTypedDict(TypedDict): + value: str + + +class CreateOutputSystemByPackIngestIfNotExist(BaseModel): + value: str + + +class CreateOutputSystemByPackReportLevel(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Level of ingestion status reporting. Defaults to FailuresOnly.""" + + # FailuresOnly + FAILURES_ONLY = "failuresOnly" + # DoNotReport + DO_NOT_REPORT = "doNotReport" + # FailuresAndSuccesses + FAILURES_AND_SUCCESSES = "failuresAndSuccesses" + + +class CreateOutputSystemByPackReportMethod(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Target of the ingestion status reporting. Defaults to Queue.""" + + # Queue + QUEUE = "queue" + # Table + TABLE = "table" + # QueueAndTable + QUEUE_AND_TABLE = "queueAndTable" + + +class CreateOutputSystemByPackAdditionalPropertyTypedDict(TypedDict): + key: str + value: str + + +class CreateOutputSystemByPackAdditionalProperty(BaseModel): + key: str + + value: str + + +class CreateOutputSystemByPackPqControlsAzureDataExplorerTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsAzureDataExplorer(BaseModel): + pass + + +class CreateOutputSystemByPackOutputAzureDataExplorerTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeAzureDataExplorer + cluster_url: str + r"""The base URI for your cluster. Typically, `https://..kusto.windows.net`.""" + database: str + r"""Name of the database containing the table where data will be ingested""" + table: str + r"""Name of the table to ingest data into""" + oauth_endpoint: MicrosoftEntraIDAuthenticationEndpointOptionsSasl + r"""Endpoint used to acquire authentication tokens from Azure""" + tenant_id: str + r"""Directory ID (tenant identifier) in Azure Active Directory""" + client_id: str + r"""client_id to pass in the OAuth request parameter""" + scope: str + r"""Scope to pass in the OAuth request parameter""" + oauth_type: CreateOutputSystemByPackAuthenticationMethodAzureDataExplorer + r"""The type of OAuth 2.0 client credentials grant flow to use""" + compress: CompressionOptionsHTTP + r"""Data compression format to apply to HTTP content before it is delivered""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + validate_database_settings: NotRequired[bool] + r"""When saving or starting the Destination, validate the database name and credentials; also validate table name, except when creating a new table. Disable if your Azure app does not have both the Database Viewer and the Table Viewer role.""" + ingest_mode: NotRequired[CreateOutputSystemByPackIngestionMode] + description: NotRequired[str] + client_secret: NotRequired[str] + r"""The client secret that you generated for your app in the Azure portal""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + certificate: NotRequired[CreateOutputSystemByPackCertificateTypedDict] + format_: NotRequired[DataFormatOptions] + r"""Format of the output data""" + compression_level: NotRequired[CompressionLevelOptions] + r"""Compression level to apply before moving files to final destination""" + automatic_schema: NotRequired[bool] + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + parquet_schema: NotRequired[str] + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + parquet_version: NotRequired[ParquetVersionOptions] + r"""Determines which data types are supported and how they are represented""" + parquet_data_page_version: NotRequired[DataPageVersionOptions] + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + parquet_row_group_length: NotRequired[float] + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + parquet_page_size: NotRequired[str] + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + should_log_invalid_rows: NotRequired[bool] + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + enable_statistics: NotRequired[bool] + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + enable_write_page_index: NotRequired[bool] + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + enable_page_checksum: NotRequired[bool] + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + remove_empty_dirs: NotRequired[bool] + r"""Remove empty staging directories after moving files""" + empty_dir_cleanup_sec: NotRequired[float] + r"""How frequently, in seconds, to clean up empty directories""" + directory_batch_size: NotRequired[float] + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + deadletter_enabled: NotRequired[bool] + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + deadletter_path: NotRequired[str] + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + max_retry_num: NotRequired[float] + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + is_mapping_obj: NotRequired[bool] + r"""Send a JSON mapping object instead of specifying an existing named data mapping""" + mapping_obj: NotRequired[str] + r"""Enter a JSON object that defines your desired data mapping""" + mapping_ref: NotRequired[str] + r"""Enter the name of a data mapping associated with your target table. Or, if incoming event and target table fields match exactly, you can leave the field empty.""" + ingest_url: NotRequired[str] + r"""The ingestion service URI for your cluster. Typically, `https://ingest-..kusto.windows.net`.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + stage_path: NotRequired[str] + r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" + file_name_suffix: NotRequired[str] + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + max_file_size_mb: NotRequired[float] + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + max_file_open_time_sec: NotRequired[float] + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + max_file_idle_time_sec: NotRequired[float] + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + max_open_files: NotRequired[float] + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + max_concurrent_file_parts: NotRequired[float] + r"""Maximum number of parts to upload in parallel per file""" + on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + add_id_to_stage_path: NotRequired[bool] + r"""Add the Output ID value to staging location""" + retry_settings: NotRequired[RetrySettingsTypeTypedDict] + orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_immediately: NotRequired[bool] + r"""Bypass the data management service's aggregation mechanism""" + retain_blob_on_success: NotRequired[bool] + r"""Prevent blob deletion after ingestion is complete""" + extent_tags: NotRequired[List[CreateOutputSystemByPackExtentTagTypedDict]] + r"""Strings or tags associated with the extent (ingested data shard)""" + ingest_if_not_exists: NotRequired[ + List[CreateOutputSystemByPackIngestIfNotExistTypedDict] + ] + r"""Prevents duplicate ingestion by verifying whether an extent with the specified ingest-by tag already exists""" + report_level: NotRequired[CreateOutputSystemByPackReportLevel] + r"""Level of ingestion status reporting. Defaults to FailuresOnly.""" + report_method: NotRequired[CreateOutputSystemByPackReportMethod] + r"""Target of the ingestion status reporting. Defaults to Queue.""" + additional_properties: NotRequired[ + List[CreateOutputSystemByPackAdditionalPropertyTypedDict] + ] + r"""Optionally, enter additional configuration properties to send to the ingestion service""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + keep_alive: NotRequired[bool] + r"""Disable to close the connection immediately after sending the outgoing request""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[ + CreateOutputSystemByPackPqControlsAzureDataExplorerTypedDict + ] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_cluster_url: NotRequired[str] + r"""Binds 'clusterUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clusterUrl' at runtime.""" + template_database: NotRequired[str] + r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" + template_table: NotRequired[str] + r"""Binds 'table' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'table' at runtime.""" + template_oauth_endpoint: NotRequired[str] + r"""Binds 'oauthEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'oauthEndpoint' at runtime.""" + template_tenant_id: NotRequired[str] + r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" + template_client_id: NotRequired[str] + r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" + template_scope: NotRequired[str] + r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" + template_client_secret: NotRequired[str] + r"""Binds 'clientSecret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecret' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + template_parquet_schema: NotRequired[str] + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + template_mapping_ref: NotRequired[str] + r"""Binds 'mappingRef' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'mappingRef' at runtime.""" + template_ingest_url: NotRequired[str] + r"""Binds 'ingestUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'ingestUrl' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_file_name_suffix: NotRequired[str] + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + + +class CreateOutputSystemByPackOutputAzureDataExplorer(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeAzureDataExplorer + + cluster_url: Annotated[str, pydantic.Field(alias="clusterUrl")] + r"""The base URI for your cluster. Typically, `https://..kusto.windows.net`.""" + + database: str + r"""Name of the database containing the table where data will be ingested""" + + table: str + r"""Name of the table to ingest data into""" + + oauth_endpoint: Annotated[ + MicrosoftEntraIDAuthenticationEndpointOptionsSasl, + pydantic.Field(alias="oauthEndpoint"), + ] + r"""Endpoint used to acquire authentication tokens from Azure""" + + tenant_id: Annotated[str, pydantic.Field(alias="tenantId")] + r"""Directory ID (tenant identifier) in Azure Active Directory""" + + client_id: Annotated[str, pydantic.Field(alias="clientId")] + r"""client_id to pass in the OAuth request parameter""" + + scope: str + r"""Scope to pass in the OAuth request parameter""" + + oauth_type: Annotated[ + CreateOutputSystemByPackAuthenticationMethodAzureDataExplorer, + pydantic.Field(alias="oauthType"), + ] + r"""The type of OAuth 2.0 client credentials grant flow to use""" + + compress: CompressionOptionsHTTP + r"""Data compression format to apply to HTTP content before it is delivered""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + validate_database_settings: Annotated[ + Optional[bool], pydantic.Field(alias="validateDatabaseSettings") + ] = None + r"""When saving or starting the Destination, validate the database name and credentials; also validate table name, except when creating a new table. Disable if your Azure app does not have both the Database Viewer and the Table Viewer role.""" + + ingest_mode: Annotated[ + Optional[CreateOutputSystemByPackIngestionMode], + pydantic.Field(alias="ingestMode"), + ] = None + + description: Optional[str] = None + + client_secret: Annotated[Optional[str], pydantic.Field(alias="clientSecret")] = None + r"""The client secret that you generated for your app in the Azure portal""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + certificate: Optional[CreateOutputSystemByPackCertificate] = None + + format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( + None + ) + r"""Format of the output data""" + + compression_level: Annotated[ + Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") + ] = None + r"""Compression level to apply before moving files to final destination""" + + automatic_schema: Annotated[ + Optional[bool], pydantic.Field(alias="automaticSchema") + ] = None + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + + parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( + None + ) + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + + parquet_version: Annotated[ + Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") + ] = None + r"""Determines which data types are supported and how they are represented""" + + parquet_data_page_version: Annotated[ + Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") + ] = None + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + + parquet_row_group_length: Annotated[ + Optional[float], pydantic.Field(alias="parquetRowGroupLength") + ] = None + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + + parquet_page_size: Annotated[ + Optional[str], pydantic.Field(alias="parquetPageSize") + ] = None + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + + should_log_invalid_rows: Annotated[ + Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") + ] = None + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + + key_value_metadata: Annotated[ + Optional[List[KeyValueMetadataConfOutputFilesystem]], + pydantic.Field(alias="keyValueMetadata"), + ] = None + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + + enable_statistics: Annotated[ + Optional[bool], pydantic.Field(alias="enableStatistics") + ] = None + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + + enable_write_page_index: Annotated[ + Optional[bool], pydantic.Field(alias="enableWritePageIndex") + ] = None + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + + enable_page_checksum: Annotated[ + Optional[bool], pydantic.Field(alias="enablePageChecksum") + ] = None + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + + remove_empty_dirs: Annotated[ + Optional[bool], pydantic.Field(alias="removeEmptyDirs") + ] = None + r"""Remove empty staging directories after moving files""" + + empty_dir_cleanup_sec: Annotated[ + Optional[float], pydantic.Field(alias="emptyDirCleanupSec") + ] = None + r"""How frequently, in seconds, to clean up empty directories""" + + directory_batch_size: Annotated[ + Optional[float], pydantic.Field(alias="directoryBatchSize") + ] = None + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + + deadletter_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="deadletterEnabled") + ] = None + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + + deadletter_path: Annotated[ + Optional[str], pydantic.Field(alias="deadletterPath") + ] = None + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + + max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( + None + ) + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + + is_mapping_obj: Annotated[Optional[bool], pydantic.Field(alias="isMappingObj")] = ( + None + ) + r"""Send a JSON mapping object instead of specifying an existing named data mapping""" + + mapping_obj: Annotated[Optional[str], pydantic.Field(alias="mappingObj")] = None + r"""Enter a JSON object that defines your desired data mapping""" + + mapping_ref: Annotated[Optional[str], pydantic.Field(alias="mappingRef")] = None + r"""Enter the name of a data mapping associated with your target table. Or, if incoming event and target table fields match exactly, you can leave the field empty.""" + + ingest_url: Annotated[Optional[str], pydantic.Field(alias="ingestUrl")] = None + r"""The ingestion service URI for your cluster. Typically, `https://ingest-..kusto.windows.net`.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + stage_path: Annotated[Optional[str], pydantic.Field(alias="stagePath")] = None + r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" + + file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="fileNameSuffix") + ] = None + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + + max_file_size_mb: Annotated[ + Optional[float], pydantic.Field(alias="maxFileSizeMB") + ] = None + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + + max_file_open_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") + ] = None + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + + max_file_idle_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") + ] = None + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + + max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( + None + ) + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + + max_concurrent_file_parts: Annotated[ + Optional[float], pydantic.Field(alias="maxConcurrentFileParts") + ] = None + r"""Maximum number of parts to upload in parallel per file""" + + on_disk_full_backpressure: Annotated[ + Optional[DiskSpaceProtectionOptions], + pydantic.Field(alias="onDiskFullBackpressure"), + ] = None + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + + add_id_to_stage_path: Annotated[ + Optional[bool], pydantic.Field(alias="addIdToStagePath") + ] = None + r"""Add the Output ID value to staging location""" + + retry_settings: Annotated[ + Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") + ] = None + + orphans: Optional[OrphanFileRecoveryType] = None + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_immediately: Annotated[ + Optional[bool], pydantic.Field(alias="flushImmediately") + ] = None + r"""Bypass the data management service's aggregation mechanism""" + + retain_blob_on_success: Annotated[ + Optional[bool], pydantic.Field(alias="retainBlobOnSuccess") + ] = None + r"""Prevent blob deletion after ingestion is complete""" + + extent_tags: Annotated[ + Optional[List[CreateOutputSystemByPackExtentTag]], + pydantic.Field(alias="extentTags"), + ] = None + r"""Strings or tags associated with the extent (ingested data shard)""" + + ingest_if_not_exists: Annotated[ + Optional[List[CreateOutputSystemByPackIngestIfNotExist]], + pydantic.Field(alias="ingestIfNotExists"), + ] = None + r"""Prevents duplicate ingestion by verifying whether an extent with the specified ingest-by tag already exists""" + + report_level: Annotated[ + Optional[CreateOutputSystemByPackReportLevel], + pydantic.Field(alias="reportLevel"), + ] = None + r"""Level of ingestion status reporting. Defaults to FailuresOnly.""" + + report_method: Annotated[ + Optional[CreateOutputSystemByPackReportMethod], + pydantic.Field(alias="reportMethod"), + ] = None + r"""Target of the ingestion status reporting. Defaults to Queue.""" + + additional_properties: Annotated[ + Optional[List[CreateOutputSystemByPackAdditionalProperty]], + pydantic.Field(alias="additionalProperties"), + ] = None + r"""Optionally, enter additional configuration properties to send to the ingestion service""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + keep_alive: Annotated[Optional[bool], pydantic.Field(alias="keepAlive")] = None + r"""Disable to close the connection immediately after sending the outgoing request""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsAzureDataExplorer], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_cluster_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_clusterUrl") + ] = None + r"""Binds 'clusterUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clusterUrl' at runtime.""" + + template_database: Annotated[ + Optional[str], pydantic.Field(alias="__template_database") + ] = None + r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" + + template_table: Annotated[ + Optional[str], pydantic.Field(alias="__template_table") + ] = None + r"""Binds 'table' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'table' at runtime.""" + + template_oauth_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_oauthEndpoint") + ] = None + r"""Binds 'oauthEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'oauthEndpoint' at runtime.""" + + template_tenant_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_tenantId") + ] = None + r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" + + template_client_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientId") + ] = None + r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" + + template_scope: Annotated[ + Optional[str], pydantic.Field(alias="__template_scope") + ] = None + r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" + + template_client_secret: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientSecret") + ] = None + r"""Binds 'clientSecret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecret' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + template_parquet_schema: Annotated[ + Optional[str], pydantic.Field(alias="__template_parquetSchema") + ] = None + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + template_mapping_ref: Annotated[ + Optional[str], pydantic.Field(alias="__template_mappingRef") + ] = None + r"""Binds 'mappingRef' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'mappingRef' at runtime.""" + + template_ingest_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_ingestUrl") + ] = None + r"""Binds 'ingestUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'ingestUrl' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="__template_fileNameSuffix") + ] = None + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + + @field_serializer("ingest_mode") + def serialize_ingest_mode(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackIngestionMode(value) + except ValueError: + return value + return value + + @field_serializer("oauth_endpoint") + def serialize_oauth_endpoint(self, value): + if isinstance(value, str): + try: + return models.MicrosoftEntraIDAuthenticationEndpointOptionsSasl(value) + except ValueError: + return value + return value + + @field_serializer("oauth_type") + def serialize_oauth_type(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackAuthenticationMethodAzureDataExplorer( + value + ) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.DataFormatOptions(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsHTTP(value) + except ValueError: + return value + return value + + @field_serializer("compression_level") + def serialize_compression_level(self, value): + if isinstance(value, str): + try: + return models.CompressionLevelOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_version") + def serialize_parquet_version(self, value): + if isinstance(value, str): + try: + return models.ParquetVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_data_page_version") + def serialize_parquet_data_page_version(self, value): + if isinstance(value, str): + try: + return models.DataPageVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_disk_full_backpressure") + def serialize_on_disk_full_backpressure(self, value): + if isinstance(value, str): + try: + return models.DiskSpaceProtectionOptions(value) + except ValueError: + return value + return value + + @field_serializer("report_level") + def serialize_report_level(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackReportLevel(value) + except ValueError: + return value + return value + + @field_serializer("report_method") + def serialize_report_method(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackReportMethod(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "validateDatabaseSettings", + "ingestMode", + "description", + "clientSecret", + "textSecret", + "certificate", + "format", + "compressionLevel", + "automaticSchema", + "parquetSchema", + "parquetVersion", + "parquetDataPageVersion", + "parquetRowGroupLength", + "parquetPageSize", + "shouldLogInvalidRows", + "keyValueMetadata", + "enableStatistics", + "enableWritePageIndex", + "enablePageChecksum", + "removeEmptyDirs", + "emptyDirCleanupSec", + "directoryBatchSize", + "deadletterEnabled", + "deadletterPath", + "maxRetryNum", + "isMappingObj", + "mappingObj", + "mappingRef", + "ingestUrl", + "onBackpressure", + "stagePath", + "fileNameSuffix", + "maxFileSizeMB", + "maxFileOpenTimeSec", + "maxFileIdleTimeSec", + "maxOpenFiles", + "maxConcurrentFileParts", + "onDiskFullBackpressure", + "addIdToStagePath", + "retrySettings", + "orphans", + "timeoutSec", + "flushImmediately", + "retainBlobOnSuccess", + "extentTags", + "ingestIfNotExists", + "reportLevel", + "reportMethod", + "additionalProperties", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "flushPeriodSec", + "rejectUnauthorized", + "useRoundRobinDns", + "keepAlive", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_clusterUrl", + "__template_database", + "__template_table", + "__template_oauthEndpoint", + "__template_tenantId", + "__template_clientId", + "__template_scope", + "__template_clientSecret", + "__template_format", + "__template_compress", + "__template_parquetSchema", + "__template_mappingRef", + "__template_ingestUrl", + "__template_onBackpressure", + "__template_fileNameSuffix", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeAzureBlob(str, Enum): + AZURE_BLOB = "azure_blob" + + +class CreateOutputSystemByPackBlobAccessTier(str, Enum, metaclass=utils.OpenEnumMeta): + # Default account access tier + INFERRED = "Inferred" + # Hot tier + HOT = "Hot" + # Cool tier + COOL = "Cool" + # Cold tier + COLD = "Cold" + # Archive tier + ARCHIVE = "Archive" + + +class CreateOutputSystemByPackOutputAzureBlobTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeAzureBlob + container_name: str + r"""The Azure Blob Storage container name. Name can include only lowercase letters, numbers, and hyphens. For dynamic container names, enter a JavaScript expression within quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myContainer-${C.env[\"CRIBL_WORKER_ID\"]}`.""" + stage_path: str + r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + create_container: NotRequired[bool] + r"""Create the configured container in Azure Blob Storage if it does not already exist""" + dest_path: NotRequired[str] + r"""Root directory prepended to path before uploading. Value can be a JavaScript expression enclosed in quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myBlobPrefix-${C.env[\"CRIBL_WORKER_ID\"]}`.""" + add_id_to_stage_path: NotRequired[bool] + r"""Add the Output ID value to staging location""" + max_concurrent_file_parts: NotRequired[float] + r"""Maximum number of parts to upload in parallel per file""" + remove_empty_dirs: NotRequired[bool] + r"""Remove empty staging directories after moving files""" + partition_expr: NotRequired[str] + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + format_: NotRequired[DataFormatOptions] + r"""Format of the output data""" + base_file_name: NotRequired[str] + r"""JavaScript expression to define the output filename prefix (can be constant)""" + file_name_suffix: NotRequired[str] + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + max_file_size_mb: NotRequired[float] + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + max_file_open_time_sec: NotRequired[float] + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + max_file_idle_time_sec: NotRequired[float] + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + max_open_files: NotRequired[float] + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + header_line: NotRequired[str] + r"""If set, this line will be written to the beginning of each output file""" + write_high_water_mark: NotRequired[float] + r"""Buffer size used to write to a file""" + on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] + r"""How to handle events when all receivers are exerting backpressure""" + deadletter_enabled: NotRequired[bool] + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + force_close_on_shutdown: NotRequired[bool] + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + retry_settings: NotRequired[RetrySettingsTypeTypedDict] + orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] + auth_type: NotRequired[AuthenticationMethodOptions] + storage_class: NotRequired[CreateOutputSystemByPackBlobAccessTier] + description: NotRequired[str] + compress: NotRequired[CompressionOptionsHTTP] + r"""Data compression format to apply to HTTP content before it is delivered""" + compression_level: NotRequired[CompressionLevelOptions] + r"""Compression level to apply before moving files to final destination""" + automatic_schema: NotRequired[bool] + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + parquet_schema: NotRequired[str] + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + parquet_version: NotRequired[ParquetVersionOptions] + r"""Determines which data types are supported and how they are represented""" + parquet_data_page_version: NotRequired[DataPageVersionOptions] + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + parquet_row_group_length: NotRequired[float] + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + parquet_page_size: NotRequired[str] + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + should_log_invalid_rows: NotRequired[bool] + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + enable_statistics: NotRequired[bool] + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + enable_write_page_index: NotRequired[bool] + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + enable_page_checksum: NotRequired[bool] + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + empty_dir_cleanup_sec: NotRequired[float] + r"""How frequently, in seconds, to clean up empty directories""" + directory_batch_size: NotRequired[float] + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + deadletter_path: NotRequired[str] + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + max_retry_num: NotRequired[float] + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + connection_string: NotRequired[str] + r"""Enter your Azure Storage account connection string. If left blank, Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING.""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + storage_account_name: NotRequired[str] + r"""The name of your Azure storage account""" + tenant_id: NotRequired[str] + r"""The service principal's tenant ID""" + client_id: NotRequired[str] + r"""The service principal's client ID""" + azure_cloud: NotRequired[str] + r"""The Azure cloud to use. Defaults to Azure Public Cloud.""" + endpoint_suffix: NotRequired[str] + r"""Endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net.""" + client_text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + certificate: NotRequired[CertificateTypeAzureBlobAuthTypeClientCertTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_container_name: NotRequired[str] + r"""Binds 'containerName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'containerName' at runtime.""" + template_dest_path: NotRequired[str] + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + template_partition_expr: NotRequired[str] + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_base_file_name: NotRequired[str] + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + template_file_name_suffix: NotRequired[str] + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + template_parquet_schema: NotRequired[str] + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + template_connection_string: NotRequired[str] + r"""Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime.""" + template_storage_account_name: NotRequired[str] + r"""Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime.""" + template_tenant_id: NotRequired[str] + r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" + template_client_id: NotRequired[str] + r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" + template_azure_cloud: NotRequired[str] + r"""Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime.""" + + +class CreateOutputSystemByPackOutputAzureBlob(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeAzureBlob + + container_name: Annotated[str, pydantic.Field(alias="containerName")] + r"""The Azure Blob Storage container name. Name can include only lowercase letters, numbers, and hyphens. For dynamic container names, enter a JavaScript expression within quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myContainer-${C.env[\"CRIBL_WORKER_ID\"]}`.""" + + stage_path: Annotated[str, pydantic.Field(alias="stagePath")] + r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + create_container: Annotated[ + Optional[bool], pydantic.Field(alias="createContainer") + ] = None + r"""Create the configured container in Azure Blob Storage if it does not already exist""" + + dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None + r"""Root directory prepended to path before uploading. Value can be a JavaScript expression enclosed in quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myBlobPrefix-${C.env[\"CRIBL_WORKER_ID\"]}`.""" + + add_id_to_stage_path: Annotated[ + Optional[bool], pydantic.Field(alias="addIdToStagePath") + ] = None + r"""Add the Output ID value to staging location""" + + max_concurrent_file_parts: Annotated[ + Optional[float], pydantic.Field(alias="maxConcurrentFileParts") + ] = None + r"""Maximum number of parts to upload in parallel per file""" + + remove_empty_dirs: Annotated[ + Optional[bool], pydantic.Field(alias="removeEmptyDirs") + ] = None + r"""Remove empty staging directories after moving files""" + + partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( + None + ) + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + + format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( + None + ) + r"""Format of the output data""" + + base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( + None + ) + r"""JavaScript expression to define the output filename prefix (can be constant)""" + + file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="fileNameSuffix") + ] = None + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + + max_file_size_mb: Annotated[ + Optional[float], pydantic.Field(alias="maxFileSizeMB") + ] = None + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + + max_file_open_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") + ] = None + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + + max_file_idle_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") + ] = None + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + + max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( + None + ) + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + + header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None + r"""If set, this line will be written to the beginning of each output file""" + + write_high_water_mark: Annotated[ + Optional[float], pydantic.Field(alias="writeHighWaterMark") + ] = None + r"""Buffer size used to write to a file""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptionsBlockDrop], + pydantic.Field(alias="onBackpressure"), + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + deadletter_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="deadletterEnabled") + ] = None + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + + on_disk_full_backpressure: Annotated[ + Optional[DiskSpaceProtectionOptions], + pydantic.Field(alias="onDiskFullBackpressure"), + ] = None + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + + force_close_on_shutdown: Annotated[ + Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") + ] = None + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + + retry_settings: Annotated[ + Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") + ] = None + + orphans: Optional[OrphanFileRecoveryType] = None + + auth_type: Annotated[ + Optional[AuthenticationMethodOptions], pydantic.Field(alias="authType") + ] = None + + storage_class: Annotated[ + Optional[CreateOutputSystemByPackBlobAccessTier], + pydantic.Field(alias="storageClass"), + ] = None + + description: Optional[str] = None + + compress: Optional[CompressionOptionsHTTP] = None + r"""Data compression format to apply to HTTP content before it is delivered""" + + compression_level: Annotated[ + Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") + ] = None + r"""Compression level to apply before moving files to final destination""" + + automatic_schema: Annotated[ + Optional[bool], pydantic.Field(alias="automaticSchema") + ] = None + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + + parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( + None + ) + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + + parquet_version: Annotated[ + Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") + ] = None + r"""Determines which data types are supported and how they are represented""" + + parquet_data_page_version: Annotated[ + Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") + ] = None + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + + parquet_row_group_length: Annotated[ + Optional[float], pydantic.Field(alias="parquetRowGroupLength") + ] = None + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + + parquet_page_size: Annotated[ + Optional[str], pydantic.Field(alias="parquetPageSize") + ] = None + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + + should_log_invalid_rows: Annotated[ + Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") + ] = None + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + + key_value_metadata: Annotated[ + Optional[List[KeyValueMetadataConfOutputFilesystem]], + pydantic.Field(alias="keyValueMetadata"), + ] = None + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + + enable_statistics: Annotated[ + Optional[bool], pydantic.Field(alias="enableStatistics") + ] = None + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + + enable_write_page_index: Annotated[ + Optional[bool], pydantic.Field(alias="enableWritePageIndex") + ] = None + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + + enable_page_checksum: Annotated[ + Optional[bool], pydantic.Field(alias="enablePageChecksum") + ] = None + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + + empty_dir_cleanup_sec: Annotated[ + Optional[float], pydantic.Field(alias="emptyDirCleanupSec") + ] = None + r"""How frequently, in seconds, to clean up empty directories""" + + directory_batch_size: Annotated[ + Optional[float], pydantic.Field(alias="directoryBatchSize") + ] = None + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + + deadletter_path: Annotated[ + Optional[str], pydantic.Field(alias="deadletterPath") + ] = None + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + + max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( + None + ) + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + + connection_string: Annotated[ + Optional[str], pydantic.Field(alias="connectionString") + ] = None + r"""Enter your Azure Storage account connection string. If left blank, Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + storage_account_name: Annotated[ + Optional[str], pydantic.Field(alias="storageAccountName") + ] = None + r"""The name of your Azure storage account""" + + tenant_id: Annotated[Optional[str], pydantic.Field(alias="tenantId")] = None + r"""The service principal's tenant ID""" + + client_id: Annotated[Optional[str], pydantic.Field(alias="clientId")] = None + r"""The service principal's client ID""" + + azure_cloud: Annotated[Optional[str], pydantic.Field(alias="azureCloud")] = None + r"""The Azure cloud to use. Defaults to Azure Public Cloud.""" + + endpoint_suffix: Annotated[ + Optional[str], pydantic.Field(alias="endpointSuffix") + ] = None + r"""Endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net.""" + + client_text_secret: Annotated[ + Optional[str], pydantic.Field(alias="clientTextSecret") + ] = None + r"""Select or create a stored text secret""" + + certificate: Optional[CertificateTypeAzureBlobAuthTypeClientCert] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_container_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_containerName") + ] = None + r"""Binds 'containerName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'containerName' at runtime.""" + + template_dest_path: Annotated[ + Optional[str], pydantic.Field(alias="__template_destPath") + ] = None + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + + template_partition_expr: Annotated[ + Optional[str], pydantic.Field(alias="__template_partitionExpr") + ] = None + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_base_file_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_baseFileName") + ] = None + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + + template_file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="__template_fileNameSuffix") + ] = None + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + template_parquet_schema: Annotated[ + Optional[str], pydantic.Field(alias="__template_parquetSchema") + ] = None + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + template_connection_string: Annotated[ + Optional[str], pydantic.Field(alias="__template_connectionString") + ] = None + r"""Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime.""" + + template_storage_account_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_storageAccountName") + ] = None + r"""Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime.""" + + template_tenant_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_tenantId") + ] = None + r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" + + template_client_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientId") + ] = None + r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" + + template_azure_cloud: Annotated[ + Optional[str], pydantic.Field(alias="__template_azureCloud") + ] = None + r"""Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime.""" + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.DataFormatOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptionsBlockDrop(value) + except ValueError: + return value + return value + + @field_serializer("on_disk_full_backpressure") + def serialize_on_disk_full_backpressure(self, value): + if isinstance(value, str): + try: + return models.DiskSpaceProtectionOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptions(value) + except ValueError: + return value + return value + + @field_serializer("storage_class") + def serialize_storage_class(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackBlobAccessTier(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsHTTP(value) + except ValueError: + return value + return value + + @field_serializer("compression_level") + def serialize_compression_level(self, value): + if isinstance(value, str): + try: + return models.CompressionLevelOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_version") + def serialize_parquet_version(self, value): + if isinstance(value, str): + try: + return models.ParquetVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_data_page_version") + def serialize_parquet_data_page_version(self, value): + if isinstance(value, str): + try: + return models.DataPageVersionOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "createContainer", + "destPath", + "addIdToStagePath", + "maxConcurrentFileParts", + "removeEmptyDirs", + "partitionExpr", + "format", + "baseFileName", + "fileNameSuffix", + "maxFileSizeMB", + "maxFileOpenTimeSec", + "maxFileIdleTimeSec", + "maxOpenFiles", + "headerLine", + "writeHighWaterMark", + "onBackpressure", + "deadletterEnabled", + "onDiskFullBackpressure", + "forceCloseOnShutdown", + "retrySettings", + "orphans", + "authType", + "storageClass", + "description", + "compress", + "compressionLevel", + "automaticSchema", + "parquetSchema", + "parquetVersion", + "parquetDataPageVersion", + "parquetRowGroupLength", + "parquetPageSize", + "shouldLogInvalidRows", + "keyValueMetadata", + "enableStatistics", + "enableWritePageIndex", + "enablePageChecksum", + "emptyDirCleanupSec", + "directoryBatchSize", + "deadletterPath", + "maxRetryNum", + "connectionString", + "textSecret", + "storageAccountName", + "tenantId", + "clientId", + "azureCloud", + "endpointSuffix", + "clientTextSecret", + "certificate", + "__template_streamtags", + "__template_containerName", + "__template_destPath", + "__template_partitionExpr", + "__template_format", + "__template_baseFileName", + "__template_fileNameSuffix", + "__template_onBackpressure", + "__template_compress", + "__template_parquetSchema", + "__template_connectionString", + "__template_storageAccountName", + "__template_tenantId", + "__template_clientId", + "__template_azureCloud", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeS3(str, Enum): + S3 = "s3" + + +class CreateOutputSystemByPackOutputS3TypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeS3 + bucket: str + r"""Name of the destination S3 bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + stage_path: str + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + endpoint: NotRequired[str] + r"""S3 service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to S3-compatible endpoint.""" + enable_assume_role: NotRequired[bool] + r"""Use Assume Role credentials to access S3""" + assume_role_arn: NotRequired[str] + r"""Amazon Resource Name (ARN) of the role to assume""" + assume_role_external_id: NotRequired[str] + r"""External ID to use when assuming role""" + duration_seconds: NotRequired[float] + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] + r"""AWS authentication method. Choose Auto to use IAM roles.""" + reuse_connections: NotRequired[bool] + r"""Reuse connections between requests, which can improve performance""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + region: NotRequired[str] + r"""Region where the S3 bucket is located""" + dest_path: NotRequired[str] + r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" + max_concurrent_file_parts: NotRequired[float] + r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" + verify_permissions: NotRequired[bool] + r"""Disable if you can access files within the bucket but not the bucket itself""" + max_closing_files_to_backpressure: NotRequired[float] + r"""Maximum number of files that can be waiting for upload before backpressure is applied""" + add_id_to_stage_path: NotRequired[bool] + r"""Add the Output ID value to staging location""" + remove_empty_dirs: NotRequired[bool] + r"""Remove empty staging directories after moving files""" + partition_expr: NotRequired[str] + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + format_: NotRequired[DataFormatOptions] + r"""Format of the output data""" + base_file_name: NotRequired[str] + r"""JavaScript expression to define the output filename prefix (can be constant)""" + file_name_suffix: NotRequired[str] + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + max_file_size_mb: NotRequired[float] + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + max_file_open_time_sec: NotRequired[float] + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + max_file_idle_time_sec: NotRequired[float] + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + max_open_files: NotRequired[float] + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + header_line: NotRequired[str] + r"""If set, this line will be written to the beginning of each output file""" + write_high_water_mark: NotRequired[float] + r"""Buffer size used to write to a file""" + on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] + r"""How to handle events when all receivers are exerting backpressure""" + deadletter_enabled: NotRequired[bool] + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + force_close_on_shutdown: NotRequired[bool] + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + retry_settings: NotRequired[RetrySettingsTypeTypedDict] + orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] + aws_secret_key: NotRequired[str] + r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" + object_acl: NotRequired[ObjectACLOptions] + r"""Object ACL to assign to uploaded objects""" + storage_class: NotRequired[StorageClassOptions] + r"""Storage class to select for uploaded objects""" + server_side_encryption: NotRequired[ServerSideEncryptionForUploadedObjectsOptions] + r"""Server-side encryption to use for uploaded objects""" + kms_key_id: NotRequired[str] + r"""ID or ARN of the KMS customer-managed key to use for encryption""" + description: NotRequired[str] + aws_api_key: NotRequired[str] + r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" + aws_secret: NotRequired[str] + r"""Select or create a stored secret that references your access key and secret key""" + compress: NotRequired[CompressionOptionsHTTP] + r"""Data compression format to apply to HTTP content before it is delivered""" + compression_level: NotRequired[CompressionLevelOptions] + r"""Compression level to apply before moving files to final destination""" + automatic_schema: NotRequired[bool] + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + parquet_schema: NotRequired[str] + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + parquet_version: NotRequired[ParquetVersionOptions] + r"""Determines which data types are supported and how they are represented""" + parquet_data_page_version: NotRequired[DataPageVersionOptions] + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + parquet_row_group_length: NotRequired[float] + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + parquet_page_size: NotRequired[str] + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + should_log_invalid_rows: NotRequired[bool] + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + enable_statistics: NotRequired[bool] + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + enable_write_page_index: NotRequired[bool] + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + enable_page_checksum: NotRequired[bool] + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + empty_dir_cleanup_sec: NotRequired[float] + r"""How frequently, in seconds, to clean up empty directories""" + directory_batch_size: NotRequired[float] + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + deadletter_path: NotRequired[str] + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + max_retry_num: NotRequired[float] + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_endpoint: NotRequired[str] + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + template_assume_role_arn: NotRequired[str] + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + template_assume_role_external_id: NotRequired[str] + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + template_bucket: NotRequired[str] + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_dest_path: NotRequired[str] + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + template_partition_expr: NotRequired[str] + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_base_file_name: NotRequired[str] + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + template_file_name_suffix: NotRequired[str] + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_aws_secret_key: NotRequired[str] + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + template_object_acl: NotRequired[str] + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + template_storage_class: NotRequired[str] + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + template_server_side_encryption: NotRequired[str] + r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" + template_kms_key_id: NotRequired[str] + r"""Binds 'kmsKeyId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'kmsKeyId' at runtime.""" + template_aws_api_key: NotRequired[str] + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + template_parquet_schema: NotRequired[str] + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + +class CreateOutputSystemByPackOutputS3(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeS3 + + bucket: str + r"""Name of the destination S3 bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + + stage_path: Annotated[str, pydantic.Field(alias="stagePath")] + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + endpoint: Optional[str] = None + r"""S3 service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to S3-compatible endpoint.""" + + enable_assume_role: Annotated[ + Optional[bool], pydantic.Field(alias="enableAssumeRole") + ] = None + r"""Use Assume Role credentials to access S3""" + + assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( + None + ) + r"""Amazon Resource Name (ARN) of the role to assume""" + + assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="assumeRoleExternalId") + ] = None + r"""External ID to use when assuming role""" + + duration_seconds: Annotated[ + Optional[float], pydantic.Field(alias="durationSeconds") + ] = None + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + + aws_authentication_method: Annotated[ + Optional[AuthenticationMethodOptionsS3CollectorConf], + pydantic.Field(alias="awsAuthenticationMethod"), + ] = None + r"""AWS authentication method. Choose Auto to use IAM roles.""" + + reuse_connections: Annotated[ + Optional[bool], pydantic.Field(alias="reuseConnections") + ] = None + r"""Reuse connections between requests, which can improve performance""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + + region: Optional[str] = None + r"""Region where the S3 bucket is located""" + + dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None + r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" + + max_concurrent_file_parts: Annotated[ + Optional[float], pydantic.Field(alias="maxConcurrentFileParts") + ] = None + r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" + + verify_permissions: Annotated[ + Optional[bool], pydantic.Field(alias="verifyPermissions") + ] = None + r"""Disable if you can access files within the bucket but not the bucket itself""" + + max_closing_files_to_backpressure: Annotated[ + Optional[float], pydantic.Field(alias="maxClosingFilesToBackpressure") + ] = None + r"""Maximum number of files that can be waiting for upload before backpressure is applied""" + + add_id_to_stage_path: Annotated[ + Optional[bool], pydantic.Field(alias="addIdToStagePath") + ] = None + r"""Add the Output ID value to staging location""" + + remove_empty_dirs: Annotated[ + Optional[bool], pydantic.Field(alias="removeEmptyDirs") + ] = None + r"""Remove empty staging directories after moving files""" + + partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( + None + ) + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + + format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( + None + ) + r"""Format of the output data""" + + base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( + None + ) + r"""JavaScript expression to define the output filename prefix (can be constant)""" + + file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="fileNameSuffix") + ] = None + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + + max_file_size_mb: Annotated[ + Optional[float], pydantic.Field(alias="maxFileSizeMB") + ] = None + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + + max_file_open_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") + ] = None + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + + max_file_idle_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") + ] = None + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + + max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( + None + ) + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + + header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None + r"""If set, this line will be written to the beginning of each output file""" + + write_high_water_mark: Annotated[ + Optional[float], pydantic.Field(alias="writeHighWaterMark") + ] = None + r"""Buffer size used to write to a file""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptionsBlockDrop], + pydantic.Field(alias="onBackpressure"), + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + deadletter_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="deadletterEnabled") + ] = None + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + + on_disk_full_backpressure: Annotated[ + Optional[DiskSpaceProtectionOptions], + pydantic.Field(alias="onDiskFullBackpressure"), + ] = None + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + + force_close_on_shutdown: Annotated[ + Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") + ] = None + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + + retry_settings: Annotated[ + Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") + ] = None + + orphans: Optional[OrphanFileRecoveryType] = None + + aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( + None + ) + r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" + + object_acl: Annotated[ + Optional[ObjectACLOptions], pydantic.Field(alias="objectACL") + ] = None + r"""Object ACL to assign to uploaded objects""" + + storage_class: Annotated[ + Optional[StorageClassOptions], pydantic.Field(alias="storageClass") + ] = None + r"""Storage class to select for uploaded objects""" + + server_side_encryption: Annotated[ + Optional[ServerSideEncryptionForUploadedObjectsOptions], + pydantic.Field(alias="serverSideEncryption"), + ] = None + r"""Server-side encryption to use for uploaded objects""" + + kms_key_id: Annotated[Optional[str], pydantic.Field(alias="kmsKeyId")] = None + r"""ID or ARN of the KMS customer-managed key to use for encryption""" + + description: Optional[str] = None + + aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None + r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" + + aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None + r"""Select or create a stored secret that references your access key and secret key""" + + compress: Optional[CompressionOptionsHTTP] = None + r"""Data compression format to apply to HTTP content before it is delivered""" + + compression_level: Annotated[ + Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") + ] = None + r"""Compression level to apply before moving files to final destination""" + + automatic_schema: Annotated[ + Optional[bool], pydantic.Field(alias="automaticSchema") + ] = None + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + + parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( + None + ) + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + + parquet_version: Annotated[ + Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") + ] = None + r"""Determines which data types are supported and how they are represented""" + + parquet_data_page_version: Annotated[ + Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") + ] = None + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + + parquet_row_group_length: Annotated[ + Optional[float], pydantic.Field(alias="parquetRowGroupLength") + ] = None + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + + parquet_page_size: Annotated[ + Optional[str], pydantic.Field(alias="parquetPageSize") + ] = None + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + + should_log_invalid_rows: Annotated[ + Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") + ] = None + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + + key_value_metadata: Annotated[ + Optional[List[KeyValueMetadataConfOutputFilesystem]], + pydantic.Field(alias="keyValueMetadata"), + ] = None + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + + enable_statistics: Annotated[ + Optional[bool], pydantic.Field(alias="enableStatistics") + ] = None + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + + enable_write_page_index: Annotated[ + Optional[bool], pydantic.Field(alias="enableWritePageIndex") + ] = None + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + + enable_page_checksum: Annotated[ + Optional[bool], pydantic.Field(alias="enablePageChecksum") + ] = None + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + + empty_dir_cleanup_sec: Annotated[ + Optional[float], pydantic.Field(alias="emptyDirCleanupSec") + ] = None + r"""How frequently, in seconds, to clean up empty directories""" + + directory_batch_size: Annotated[ + Optional[float], pydantic.Field(alias="directoryBatchSize") + ] = None + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + + deadletter_path: Annotated[ + Optional[str], pydantic.Field(alias="deadletterPath") + ] = None + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + + max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( + None + ) + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_endpoint") + ] = None + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + + template_assume_role_arn: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleArn") + ] = None + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + + template_assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") + ] = None + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + + template_bucket: Annotated[ + Optional[str], pydantic.Field(alias="__template_bucket") + ] = None + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_dest_path: Annotated[ + Optional[str], pydantic.Field(alias="__template_destPath") + ] = None + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + + template_partition_expr: Annotated[ + Optional[str], pydantic.Field(alias="__template_partitionExpr") + ] = None + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_base_file_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_baseFileName") + ] = None + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + + template_file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="__template_fileNameSuffix") + ] = None + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_aws_secret_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsSecretKey") + ] = None + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + + template_object_acl: Annotated[ + Optional[str], pydantic.Field(alias="__template_objectACL") + ] = None + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + + template_storage_class: Annotated[ + Optional[str], pydantic.Field(alias="__template_storageClass") + ] = None + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + + template_server_side_encryption: Annotated[ + Optional[str], pydantic.Field(alias="__template_serverSideEncryption") + ] = None + r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" + + template_kms_key_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_kmsKeyId") + ] = None + r"""Binds 'kmsKeyId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'kmsKeyId' at runtime.""" + + template_aws_api_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsApiKey") + ] = None + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + template_parquet_schema: Annotated[ + Optional[str], pydantic.Field(alias="__template_parquetSchema") + ] = None + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + @field_serializer("aws_authentication_method") + def serialize_aws_authentication_method(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsS3CollectorConf(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.DataFormatOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptionsBlockDrop(value) + except ValueError: + return value + return value + + @field_serializer("on_disk_full_backpressure") + def serialize_on_disk_full_backpressure(self, value): + if isinstance(value, str): + try: + return models.DiskSpaceProtectionOptions(value) + except ValueError: + return value + return value + + @field_serializer("object_acl") + def serialize_object_acl(self, value): + if isinstance(value, str): + try: + return models.ObjectACLOptions(value) + except ValueError: + return value + return value + + @field_serializer("storage_class") + def serialize_storage_class(self, value): + if isinstance(value, str): + try: + return models.StorageClassOptions(value) + except ValueError: + return value + return value + + @field_serializer("server_side_encryption") + def serialize_server_side_encryption(self, value): + if isinstance(value, str): + try: + return models.ServerSideEncryptionForUploadedObjectsOptions(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsHTTP(value) + except ValueError: + return value + return value + + @field_serializer("compression_level") + def serialize_compression_level(self, value): + if isinstance(value, str): + try: + return models.CompressionLevelOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_version") + def serialize_parquet_version(self, value): + if isinstance(value, str): + try: + return models.ParquetVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_data_page_version") + def serialize_parquet_data_page_version(self, value): + if isinstance(value, str): + try: + return models.DataPageVersionOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "endpoint", + "enableAssumeRole", + "assumeRoleArn", + "assumeRoleExternalId", + "durationSeconds", + "awsAuthenticationMethod", + "reuseConnections", + "rejectUnauthorized", + "region", + "destPath", + "maxConcurrentFileParts", + "verifyPermissions", + "maxClosingFilesToBackpressure", + "addIdToStagePath", + "removeEmptyDirs", + "partitionExpr", + "format", + "baseFileName", + "fileNameSuffix", + "maxFileSizeMB", + "maxFileOpenTimeSec", + "maxFileIdleTimeSec", + "maxOpenFiles", + "headerLine", + "writeHighWaterMark", + "onBackpressure", + "deadletterEnabled", + "onDiskFullBackpressure", + "forceCloseOnShutdown", + "retrySettings", + "orphans", + "awsSecretKey", + "objectACL", + "storageClass", + "serverSideEncryption", + "kmsKeyId", + "description", + "awsApiKey", + "awsSecret", + "compress", + "compressionLevel", + "automaticSchema", + "parquetSchema", + "parquetVersion", + "parquetDataPageVersion", + "parquetRowGroupLength", + "parquetPageSize", + "shouldLogInvalidRows", + "keyValueMetadata", + "enableStatistics", + "enableWritePageIndex", + "enablePageChecksum", + "emptyDirCleanupSec", + "directoryBatchSize", + "deadletterPath", + "maxRetryNum", + "__template_streamtags", + "__template_endpoint", + "__template_assumeRoleArn", + "__template_assumeRoleExternalId", + "__template_bucket", + "__template_region", + "__template_destPath", + "__template_partitionExpr", + "__template_format", + "__template_baseFileName", + "__template_fileNameSuffix", + "__template_onBackpressure", + "__template_awsSecretKey", + "__template_objectACL", + "__template_storageClass", + "__template_serverSideEncryption", + "__template_kmsKeyId", + "__template_awsApiKey", + "__template_compress", + "__template_parquetSchema", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeFilesystem(str, Enum): + FILESYSTEM = "filesystem" + + +class CreateOutputSystemByPackOutputFilesystemTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeFilesystem + dest_path: str + r"""Final destination for the output files""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + stage_path: NotRequired[str] + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + add_id_to_stage_path: NotRequired[bool] + r"""Add the Output ID value to staging location""" + remove_empty_dirs: NotRequired[bool] + r"""Remove empty staging directories after moving files""" + partition_expr: NotRequired[str] + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + format_: NotRequired[DataFormatOptions] + r"""Format of the output data""" + base_file_name: NotRequired[str] + r"""JavaScript expression to define the output filename prefix (can be constant)""" + file_name_suffix: NotRequired[str] + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + max_file_size_mb: NotRequired[float] + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + max_file_open_time_sec: NotRequired[float] + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + max_file_idle_time_sec: NotRequired[float] + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + max_open_files: NotRequired[float] + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + header_line: NotRequired[str] + r"""If set, this line will be written to the beginning of each output file""" + write_high_water_mark: NotRequired[float] + r"""Buffer size used to write to a file""" + on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] + r"""How to handle events when all receivers are exerting backpressure""" + deadletter_enabled: NotRequired[bool] + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + force_close_on_shutdown: NotRequired[bool] + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + retry_settings: NotRequired[RetrySettingsTypeTypedDict] + orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] + description: NotRequired[str] + compress: NotRequired[CompressionOptionsHTTP] + r"""Data compression format to apply to HTTP content before it is delivered""" + compression_level: NotRequired[CompressionLevelOptions] + r"""Compression level to apply before moving files to final destination""" + automatic_schema: NotRequired[bool] + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + parquet_schema: NotRequired[str] + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + parquet_version: NotRequired[ParquetVersionOptions] + r"""Determines which data types are supported and how they are represented""" + parquet_data_page_version: NotRequired[DataPageVersionOptions] + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + parquet_row_group_length: NotRequired[float] + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + parquet_page_size: NotRequired[str] + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + should_log_invalid_rows: NotRequired[bool] + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + enable_statistics: NotRequired[bool] + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + enable_write_page_index: NotRequired[bool] + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + enable_page_checksum: NotRequired[bool] + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + empty_dir_cleanup_sec: NotRequired[float] + r"""How frequently, in seconds, to clean up empty directories""" + directory_batch_size: NotRequired[float] + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + deadletter_path: NotRequired[str] + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + max_retry_num: NotRequired[float] + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_partition_expr: NotRequired[str] + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_base_file_name: NotRequired[str] + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + template_file_name_suffix: NotRequired[str] + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + template_parquet_schema: NotRequired[str] + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + +class CreateOutputSystemByPackOutputFilesystem(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeFilesystem + + dest_path: Annotated[str, pydantic.Field(alias="destPath")] + r"""Final destination for the output files""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + stage_path: Annotated[Optional[str], pydantic.Field(alias="stagePath")] = None + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + + add_id_to_stage_path: Annotated[ + Optional[bool], pydantic.Field(alias="addIdToStagePath") + ] = None + r"""Add the Output ID value to staging location""" + + remove_empty_dirs: Annotated[ + Optional[bool], pydantic.Field(alias="removeEmptyDirs") + ] = None + r"""Remove empty staging directories after moving files""" + + partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( + None + ) + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + + format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( + None + ) + r"""Format of the output data""" + + base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( + None + ) + r"""JavaScript expression to define the output filename prefix (can be constant)""" + + file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="fileNameSuffix") + ] = None + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + + max_file_size_mb: Annotated[ + Optional[float], pydantic.Field(alias="maxFileSizeMB") + ] = None + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + + max_file_open_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") + ] = None + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + + max_file_idle_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") + ] = None + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + + max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( + None + ) + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + + header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None + r"""If set, this line will be written to the beginning of each output file""" + + write_high_water_mark: Annotated[ + Optional[float], pydantic.Field(alias="writeHighWaterMark") + ] = None + r"""Buffer size used to write to a file""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptionsBlockDrop], + pydantic.Field(alias="onBackpressure"), + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + deadletter_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="deadletterEnabled") + ] = None + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + + on_disk_full_backpressure: Annotated[ + Optional[DiskSpaceProtectionOptions], + pydantic.Field(alias="onDiskFullBackpressure"), + ] = None + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + + force_close_on_shutdown: Annotated[ + Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") + ] = None + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + + retry_settings: Annotated[ + Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") + ] = None + + orphans: Optional[OrphanFileRecoveryType] = None + + description: Optional[str] = None + + compress: Optional[CompressionOptionsHTTP] = None + r"""Data compression format to apply to HTTP content before it is delivered""" + + compression_level: Annotated[ + Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") + ] = None + r"""Compression level to apply before moving files to final destination""" + + automatic_schema: Annotated[ + Optional[bool], pydantic.Field(alias="automaticSchema") + ] = None + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + + parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( + None + ) + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + + parquet_version: Annotated[ + Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") + ] = None + r"""Determines which data types are supported and how they are represented""" + + parquet_data_page_version: Annotated[ + Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") + ] = None + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + + parquet_row_group_length: Annotated[ + Optional[float], pydantic.Field(alias="parquetRowGroupLength") + ] = None + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + + parquet_page_size: Annotated[ + Optional[str], pydantic.Field(alias="parquetPageSize") + ] = None + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + + should_log_invalid_rows: Annotated[ + Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") + ] = None + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + + key_value_metadata: Annotated[ + Optional[List[KeyValueMetadataConfOutputFilesystem]], + pydantic.Field(alias="keyValueMetadata"), + ] = None + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + + enable_statistics: Annotated[ + Optional[bool], pydantic.Field(alias="enableStatistics") + ] = None + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + + enable_write_page_index: Annotated[ + Optional[bool], pydantic.Field(alias="enableWritePageIndex") + ] = None + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + + enable_page_checksum: Annotated[ + Optional[bool], pydantic.Field(alias="enablePageChecksum") + ] = None + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + + empty_dir_cleanup_sec: Annotated[ + Optional[float], pydantic.Field(alias="emptyDirCleanupSec") + ] = None + r"""How frequently, in seconds, to clean up empty directories""" + + directory_batch_size: Annotated[ + Optional[float], pydantic.Field(alias="directoryBatchSize") + ] = None + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + + deadletter_path: Annotated[ + Optional[str], pydantic.Field(alias="deadletterPath") + ] = None + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + + max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( + None + ) + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_partition_expr: Annotated[ + Optional[str], pydantic.Field(alias="__template_partitionExpr") + ] = None + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_base_file_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_baseFileName") + ] = None + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + + template_file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="__template_fileNameSuffix") + ] = None + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + template_parquet_schema: Annotated[ + Optional[str], pydantic.Field(alias="__template_parquetSchema") + ] = None + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.DataFormatOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptionsBlockDrop(value) + except ValueError: + return value + return value + + @field_serializer("on_disk_full_backpressure") + def serialize_on_disk_full_backpressure(self, value): + if isinstance(value, str): + try: + return models.DiskSpaceProtectionOptions(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsHTTP(value) + except ValueError: + return value + return value + + @field_serializer("compression_level") + def serialize_compression_level(self, value): + if isinstance(value, str): + try: + return models.CompressionLevelOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_version") + def serialize_parquet_version(self, value): + if isinstance(value, str): + try: + return models.ParquetVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_data_page_version") + def serialize_parquet_data_page_version(self, value): + if isinstance(value, str): + try: + return models.DataPageVersionOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "stagePath", + "addIdToStagePath", + "removeEmptyDirs", + "partitionExpr", + "format", + "baseFileName", + "fileNameSuffix", + "maxFileSizeMB", + "maxFileOpenTimeSec", + "maxFileIdleTimeSec", + "maxOpenFiles", + "headerLine", + "writeHighWaterMark", + "onBackpressure", + "deadletterEnabled", + "onDiskFullBackpressure", + "forceCloseOnShutdown", + "retrySettings", + "orphans", + "description", + "compress", + "compressionLevel", + "automaticSchema", + "parquetSchema", + "parquetVersion", + "parquetDataPageVersion", + "parquetRowGroupLength", + "parquetPageSize", + "shouldLogInvalidRows", + "keyValueMetadata", + "enableStatistics", + "enableWritePageIndex", + "enablePageChecksum", + "emptyDirCleanupSec", + "directoryBatchSize", + "deadletterPath", + "maxRetryNum", + "__template_streamtags", + "__template_partitionExpr", + "__template_format", + "__template_baseFileName", + "__template_fileNameSuffix", + "__template_onBackpressure", + "__template_compress", + "__template_parquetSchema", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeSignalfx(str, Enum): + SIGNALFX = "signalfx" + + +class CreateOutputSystemByPackPqControlsSignalfxTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsSignalfx(BaseModel): + pass + + +class CreateOutputSystemByPackOutputSignalfxTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeSignalfx + realm: str + r"""SignalFx realm name, e.g. \"us0\". For a complete list of available SignalFx realm names, please check [here](https://docs.splunk.com/observability/en/get-started/service-description.html#sd-regions).""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + token: NotRequired[str] + r"""SignalFx API access token (see [here](https://docs.signalfx.com/en/latest/admin-guide/tokens.html#working-with-access-tokens))""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsSignalfxTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputSystemByPackOutputSignalfx(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeSignalfx + + realm: str + r"""SignalFx realm name, e.g. \"us0\". For a complete list of available SignalFx realm names, please check [here](https://docs.splunk.com/observability/en/get-started/service-description.html#sd-regions).""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + token: Optional[str] = None + r"""SignalFx API access token (see [here](https://docs.signalfx.com/en/latest/admin-guide/tokens.html#working-with-access-tokens))""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsSignalfx], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "authType", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "description", + "token", + "textSecret", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeWavefront(str, Enum): + WAVEFRONT = "wavefront" + + +class CreateOutputSystemByPackPqControlsWavefrontTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsWavefront(BaseModel): + pass + + +class CreateOutputSystemByPackOutputWavefrontTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeWavefront + domain: str + r"""WaveFront domain name, e.g. \"longboard\" """ + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + token: NotRequired[str] + r"""WaveFront API authentication token (see [here](https://docs.wavefront.com/wavefront_api.html#generating-an-api-token))""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsWavefrontTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputSystemByPackOutputWavefront(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeWavefront + + domain: str + r"""WaveFront domain name, e.g. \"longboard\" """ + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + token: Optional[str] = None + r"""WaveFront API authentication token (see [here](https://docs.wavefront.com/wavefront_api.html#generating-an-api-token))""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsWavefront], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "authType", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "description", + "token", + "textSecret", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeTcpjson(str, Enum): + TCPJSON = "tcpjson" + + +class CreateOutputSystemByPackPqControlsTcpjsonTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsTcpjson(BaseModel): + pass + + +class CreateOutputSystemByPackOutputTcpjsonTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeTcpjson + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + load_balanced: NotRequired[bool] + r"""Use load-balanced destinations""" + compression: NotRequired[CompressionOptionsGzipNone] + r"""Codec to use to compress the data before sending""" + log_failed_requests: NotRequired[bool] + r"""Use to troubleshoot issues with sending data""" + throttle_rate_per_sec: NotRequired[str] + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] + connection_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + write_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + token_ttl_minutes: NotRequired[float] + r"""The number of minutes before the internally generated authentication token expires, valid values between 1 and 60""" + send_header: NotRequired[bool] + r"""Upon connection, send a header-like record containing the auth token and other metadata.This record will not contain an actual event – only subsequent records will.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + description: NotRequired[str] + host: NotRequired[str] + r"""The hostname of the receiver""" + port: NotRequired[float] + r"""The port to connect to on the provided host""" + exclude_self: NotRequired[bool] + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + hosts: NotRequired[List[HostConfOutputSyslogTypedDict]] + r"""Set of hosts to load-balance data to""" + dns_resolve_period_sec: NotRequired[float] + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + load_balance_stats_period_sec: NotRequired[float] + r"""How far back in time to keep traffic stats for load balancing purposes""" + max_concurrent_senders: NotRequired[float] + r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsTcpjsonTypedDict] + auth_token: NotRequired[str] + r"""Optional authentication token to include as part of the connection header""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_host: NotRequired[str] + r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" + template_port: NotRequired[str] + r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" + + +class CreateOutputSystemByPackOutputTcpjson(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeTcpjson + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( + None + ) + r"""Use load-balanced destinations""" + + compression: Optional[CompressionOptionsGzipNone] = None + r"""Codec to use to compress the data before sending""" + + log_failed_requests: Annotated[ + Optional[bool], pydantic.Field(alias="logFailedRequests") + ] = None + r"""Use to troubleshoot issues with sending data""" + + throttle_rate_per_sec: Annotated[ + Optional[str], pydantic.Field(alias="throttleRatePerSec") + ] = None + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + + write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( + None + ) + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + + token_ttl_minutes: Annotated[ + Optional[float], pydantic.Field(alias="tokenTTLMinutes") + ] = None + r"""The number of minutes before the internally generated authentication token expires, valid values between 1 and 60""" + + send_header: Annotated[Optional[bool], pydantic.Field(alias="sendHeader")] = None + r"""Upon connection, send a header-like record containing the auth token and other metadata.This record will not contain an actual event – only subsequent records will.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + description: Optional[str] = None + + host: Optional[str] = None + r"""The hostname of the receiver""" + + port: Optional[float] = None + r"""The port to connect to on the provided host""" + + exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + + hosts: Optional[List[HostConfOutputSyslog]] = None + r"""Set of hosts to load-balance data to""" + + dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") + ] = None + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + + load_balance_stats_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") + ] = None + r"""How far back in time to keep traffic stats for load balancing purposes""" + + max_concurrent_senders: Annotated[ + Optional[float], pydantic.Field(alias="maxConcurrentSenders") + ] = None + r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsTcpjson], + pydantic.Field(alias="pqControls"), + ] = None + + auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None + r"""Optional authentication token to include as part of the connection header""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_host: Annotated[Optional[str], pydantic.Field(alias="__template_host")] = ( + None + ) + r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" + + template_port: Annotated[Optional[str], pydantic.Field(alias="__template_port")] = ( + None + ) + r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" + + @field_serializer("compression") + def serialize_compression(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsGzipNone(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "loadBalanced", + "compression", + "logFailedRequests", + "throttleRatePerSec", + "tls", + "connectionTimeout", + "writeTimeout", + "tokenTTLMinutes", + "sendHeader", + "onBackpressure", + "authType", + "description", + "host", + "port", + "excludeSelf", + "hosts", + "dnsResolvePeriodSec", + "loadBalanceStatsPeriodSec", + "maxConcurrentSenders", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "authToken", + "textSecret", + "__template_streamtags", + "__template_onBackpressure", + "__template_host", + "__template_port", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeWizHec(str, Enum): + WIZ_HEC = "wiz_hec" + + +class CreateOutputSystemByPackPqControlsWizHecTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsWizHec(BaseModel): + pass + + +class CreateOutputSystemByPackOutputWizHecTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeWizHec + wiz_connector_id: str + r"""The unique identifier for the specific Cribl connector defined in your Wiz Settings. This is used to cross-validate the bearer token and ensure traffic is originating from the authorized integration.""" + wiz_environment: str + r"""Your Wiz deployment environment.""" + data_center: str + r"""Your Wiz deployment data center (e.g., us1, us8, eu1). From Tenant Info → Data Center and Regions → Tenant Data Center in your Wiz console.""" + wiz_sourcetype: str + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + next_queue: NotRequired[str] + r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" + tcp_routing: NotRequired[str] + r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict] + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsWizHecTypedDict] + token: NotRequired[str] + r"""Wiz Defend Auth token""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_wiz_environment: NotRequired[str] + r"""Binds 'wiz_environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_environment' at runtime.""" + template_data_center: NotRequired[str] + r"""Binds 'data_center' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'data_center' at runtime.""" + template_wiz_sourcetype: NotRequired[str] + r"""Binds 'wiz_sourcetype' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_sourcetype' at runtime.""" + + +class CreateOutputSystemByPackOutputWizHec(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeWizHec + + wiz_connector_id: str + r"""The unique identifier for the specific Cribl connector defined in your Wiz Settings. This is used to cross-validate the bearer token and ensure traffic is originating from the authorized integration.""" + + wiz_environment: str + r"""Your Wiz deployment environment.""" + + data_center: str + r"""Your Wiz deployment data center (e.g., us1, us8, eu1). From Tenant Info → Data Center and Regions → Tenant Data Center in your Wiz console.""" + + wiz_sourcetype: str + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + next_queue: Annotated[Optional[str], pydantic.Field(alias="nextQueue")] = None + r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" + + tcp_routing: Annotated[Optional[str], pydantic.Field(alias="tcpRouting")] = None + r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPathExtended] = None + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsWizHec], + pydantic.Field(alias="pqControls"), + ] = None + + token: Optional[str] = None + r"""Wiz Defend Auth token""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_wiz_environment: Annotated[ + Optional[str], pydantic.Field(alias="__template_wiz_environment") + ] = None + r"""Binds 'wiz_environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_environment' at runtime.""" + + template_data_center: Annotated[ + Optional[str], pydantic.Field(alias="__template_data_center") + ] = None + r"""Binds 'data_center' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'data_center' at runtime.""" + + template_wiz_sourcetype: Annotated[ + Optional[str], pydantic.Field(alias="__template_wiz_sourcetype") + ] = None + r"""Binds 'wiz_sourcetype' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_sourcetype' at runtime.""" + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "nextQueue", + "tcpRouting", + "tls", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "failedRequestLoggingMode", + "safeHeaders", + "authType", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "description", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "token", + "textSecret", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_wiz_environment", + "__template_data_center", + "__template_wiz_sourcetype", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeSplunkHec(str, Enum): + SPLUNK_HEC = "splunk_hec" + + +class CreateOutputSystemByPackURLSplunkHecTypedDict(TypedDict): + url: str + r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" + weight: NotRequired[float] + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + +class CreateOutputSystemByPackURLSplunkHec(BaseModel): + url: str + r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" + + weight: Optional[float] = None + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["weight", "__template_url"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackPqControlsSplunkHecTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsSplunkHec(BaseModel): + pass + + +class CreateOutputSystemByPackOutputSplunkHecTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeSplunkHec + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + load_balanced: NotRequired[bool] + r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" + next_queue: NotRequired[str] + r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" + tcp_routing: NotRequired[str] + r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict] + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + enable_multi_metrics: NotRequired[bool] + r"""Output metrics in multiple-metric format, supported in Splunk 8.0 and above to allow multiple metrics in a single event.""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + url: NotRequired[str] + r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + exclude_self: NotRequired[bool] + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + urls: NotRequired[List[CreateOutputSystemByPackURLSplunkHecTypedDict]] + dns_resolve_period_sec: NotRequired[float] + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + load_balance_stats_period_sec: NotRequired[float] + r"""How far back in time to keep traffic stats for load balancing purposes""" + token: NotRequired[str] + r"""Splunk HEC authentication token""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsSplunkHecTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + +class CreateOutputSystemByPackOutputSplunkHec(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeSplunkHec + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( + None + ) + r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" + + next_queue: Annotated[Optional[str], pydantic.Field(alias="nextQueue")] = None + r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" + + tcp_routing: Annotated[Optional[str], pydantic.Field(alias="tcpRouting")] = None + r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPathExtended] = None + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + enable_multi_metrics: Annotated[ + Optional[bool], pydantic.Field(alias="enableMultiMetrics") + ] = None + r"""Output metrics in multiple-metric format, supported in Splunk 8.0 and above to allow multiple metrics in a single event.""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + url: Optional[str] = None + r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + + urls: Optional[List[CreateOutputSystemByPackURLSplunkHec]] = None + + dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") + ] = None + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + + load_balance_stats_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") + ] = None + r"""How far back in time to keep traffic stats for load balancing purposes""" + + token: Optional[str] = None + r"""Splunk HEC authentication token""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsSplunkHec], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "loadBalanced", + "nextQueue", + "tcpRouting", + "tls", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "failedRequestLoggingMode", + "safeHeaders", + "enableMultiMetrics", + "authType", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "description", + "url", + "useRoundRobinDns", + "excludeSelf", + "urls", + "dnsResolvePeriodSec", + "loadBalanceStatsPeriodSec", + "token", + "textSecret", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_url", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeSplunkLb(str, Enum): + SPLUNK_LB = "splunk_lb" + + +class CreateOutputSystemByPackAuthTokenTypedDict(TypedDict): + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + auth_token: NotRequired[str] + r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + + +class CreateOutputSystemByPackAuthToken(BaseModel): + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None + r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["authType", "authToken", "textSecret"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackIndexerDiscoveryConfigsTypedDict(TypedDict): + r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" + + site: str + r"""Clustering site of the indexers from where indexers need to be discovered. In case of single site cluster, it defaults to 'default' site.""" + master_uri: str + r"""Full URI of Splunk cluster manager (scheme://host:port). Example: https://managerAddress:8089""" + refresh_interval_sec: float + r"""Time interval, in seconds, between two consecutive indexer list fetches from cluster manager""" + reject_unauthorized: NotRequired[bool] + r"""During indexer discovery, reject cluster manager certificates that are not authorized by the system's CA. Disable to allow untrusted (for example, self-signed) certificates.""" + auth_tokens: NotRequired[List[CreateOutputSystemByPackAuthTokenTypedDict]] + r"""Tokens required to authenticate to cluster manager for indexer discovery""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + auth_token: NotRequired[str] + r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + + +class CreateOutputSystemByPackIndexerDiscoveryConfigs(BaseModel): + r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" + + site: str + r"""Clustering site of the indexers from where indexers need to be discovered. In case of single site cluster, it defaults to 'default' site.""" + + master_uri: Annotated[str, pydantic.Field(alias="masterUri")] + r"""Full URI of Splunk cluster manager (scheme://host:port). Example: https://managerAddress:8089""" + + refresh_interval_sec: Annotated[float, pydantic.Field(alias="refreshIntervalSec")] + r"""Time interval, in seconds, between two consecutive indexer list fetches from cluster manager""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""During indexer discovery, reject cluster manager certificates that are not authorized by the system's CA. Disable to allow untrusted (for example, self-signed) certificates.""" + + auth_tokens: Annotated[ + Optional[List[CreateOutputSystemByPackAuthToken]], + pydantic.Field(alias="authTokens"), + ] = None + r"""Tokens required to authenticate to cluster manager for indexer discovery""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None + r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + ["rejectUnauthorized", "authTokens", "authType", "authToken", "textSecret"] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackPqControlsSplunkLbTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsSplunkLb(BaseModel): + pass + + +class CreateOutputSystemByPackOutputSplunkLbTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeSplunkLb + hosts: List[HostConfOutputSyslogTypedDict] + r"""Set of Splunk indexers to load-balance data to.""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + dns_resolve_period_sec: NotRequired[float] + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + load_balance_stats_period_sec: NotRequired[float] + r"""How far back in time to keep traffic stats for load balancing purposes""" + max_concurrent_senders: NotRequired[float] + r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" + nested_fields: NotRequired[NestedFieldSerializationOptions] + r"""How to serialize nested fields into index-time fields""" + throttle_rate_per_sec: NotRequired[str] + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + connection_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + write_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] + enable_multi_metrics: NotRequired[bool] + r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" + enable_ack: NotRequired[bool] + r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" + log_failed_requests: NotRequired[bool] + r"""Use to troubleshoot issues with sending data""" + max_s2_sversion: NotRequired[MaxS2SVersionOptions] + r"""The highest S2S protocol version to advertise during handshake""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + indexer_discovery: NotRequired[bool] + r"""Automatically discover indexers in indexer clustering environment.""" + sender_unhealthy_time_allowance: NotRequired[float] + r"""How long (in milliseconds) each LB endpoint can report blocked before the Destination reports unhealthy, blocking the sender. (Grace period for fluctuations.) Use 0 to disable; max 1 minute.""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + description: NotRequired[str] + max_failed_health_checks: NotRequired[float] + r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" + compress: NotRequired[CompressionOptions] + r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" + indexer_discovery_configs: NotRequired[ + CreateOutputSystemByPackIndexerDiscoveryConfigsTypedDict + ] + r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" + exclude_self: NotRequired[bool] + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsSplunkLbTypedDict] + auth_token: NotRequired[str] + r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_nested_fields: NotRequired[str] + r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" + template_max_s2_sversion: NotRequired[str] + r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + +class CreateOutputSystemByPackOutputSplunkLb(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeSplunkLb + + hosts: List[HostConfOutputSyslog] + r"""Set of Splunk indexers to load-balance data to.""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") + ] = None + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + + load_balance_stats_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") + ] = None + r"""How far back in time to keep traffic stats for load balancing purposes""" + + max_concurrent_senders: Annotated[ + Optional[float], pydantic.Field(alias="maxConcurrentSenders") + ] = None + r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" + + nested_fields: Annotated[ + Optional[NestedFieldSerializationOptions], pydantic.Field(alias="nestedFields") + ] = None + r"""How to serialize nested fields into index-time fields""" + + throttle_rate_per_sec: Annotated[ + Optional[str], pydantic.Field(alias="throttleRatePerSec") + ] = None + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + + write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( + None + ) + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None + + enable_multi_metrics: Annotated[ + Optional[bool], pydantic.Field(alias="enableMultiMetrics") + ] = None + r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" + + enable_ack: Annotated[Optional[bool], pydantic.Field(alias="enableACK")] = None + r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" + + log_failed_requests: Annotated[ + Optional[bool], pydantic.Field(alias="logFailedRequests") + ] = None + r"""Use to troubleshoot issues with sending data""" + + max_s2_sversion: Annotated[ + Optional[MaxS2SVersionOptions], pydantic.Field(alias="maxS2Sversion") + ] = None + r"""The highest S2S protocol version to advertise during handshake""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + indexer_discovery: Annotated[ + Optional[bool], pydantic.Field(alias="indexerDiscovery") + ] = None + r"""Automatically discover indexers in indexer clustering environment.""" + + sender_unhealthy_time_allowance: Annotated[ + Optional[float], pydantic.Field(alias="senderUnhealthyTimeAllowance") + ] = None + r"""How long (in milliseconds) each LB endpoint can report blocked before the Destination reports unhealthy, blocking the sender. (Grace period for fluctuations.) Use 0 to disable; max 1 minute.""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + description: Optional[str] = None + + max_failed_health_checks: Annotated[ + Optional[float], pydantic.Field(alias="maxFailedHealthChecks") + ] = None + r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" + + compress: Optional[CompressionOptions] = None + r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" + + indexer_discovery_configs: Annotated[ + Optional[CreateOutputSystemByPackIndexerDiscoveryConfigs], + pydantic.Field(alias="indexerDiscoveryConfigs"), + ] = None + r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" + + exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsSplunkLb], + pydantic.Field(alias="pqControls"), + ] = None + + auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None + r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_nested_fields: Annotated[ + Optional[str], pydantic.Field(alias="__template_nestedFields") + ] = None + r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" + + template_max_s2_sversion: Annotated[ + Optional[str], pydantic.Field(alias="__template_maxS2Sversion") + ] = None + r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + @field_serializer("nested_fields") + def serialize_nested_fields(self, value): + if isinstance(value, str): + try: + return models.NestedFieldSerializationOptions(value) + except ValueError: + return value + return value + + @field_serializer("max_s2_sversion") + def serialize_max_s2_sversion(self, value): + if isinstance(value, str): + try: + return models.MaxS2SVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "dnsResolvePeriodSec", + "loadBalanceStatsPeriodSec", + "maxConcurrentSenders", + "nestedFields", + "throttleRatePerSec", + "connectionTimeout", + "writeTimeout", + "tls", + "enableMultiMetrics", + "enableACK", + "logFailedRequests", + "maxS2Sversion", + "onBackpressure", + "indexerDiscovery", + "senderUnhealthyTimeAllowance", + "authType", + "description", + "maxFailedHealthChecks", + "compress", + "indexerDiscoveryConfigs", + "excludeSelf", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "authToken", + "textSecret", + "__template_streamtags", + "__template_nestedFields", + "__template_maxS2Sversion", + "__template_onBackpressure", + "__template_compress", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeSplunk(str, Enum): + SPLUNK = "splunk" + + +class CreateOutputSystemByPackPqControlsSplunkTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsSplunk(BaseModel): + pass + + +class CreateOutputSystemByPackOutputSplunkTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeSplunk + host: str + r"""The hostname of the receiver""" + port: float + r"""The port to connect to on the provided host""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + nested_fields: NotRequired[NestedFieldSerializationOptions] + r"""How to serialize nested fields into index-time fields""" + throttle_rate_per_sec: NotRequired[str] + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + connection_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + write_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] + enable_multi_metrics: NotRequired[bool] + r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" + enable_ack: NotRequired[bool] + r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" + log_failed_requests: NotRequired[bool] + r"""Use to troubleshoot issues with sending data""" + max_s2_sversion: NotRequired[MaxS2SVersionOptions] + r"""The highest S2S protocol version to advertise during handshake""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + description: NotRequired[str] + max_failed_health_checks: NotRequired[float] + r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" + compress: NotRequired[CompressionOptions] + r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsSplunkTypedDict] + auth_token: NotRequired[str] + r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_host: NotRequired[str] + r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" + template_port: NotRequired[str] + r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" + template_nested_fields: NotRequired[str] + r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" + template_max_s2_sversion: NotRequired[str] + r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + +class CreateOutputSystemByPackOutputSplunk(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeSplunk + + host: str + r"""The hostname of the receiver""" + + port: float + r"""The port to connect to on the provided host""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + nested_fields: Annotated[ + Optional[NestedFieldSerializationOptions], pydantic.Field(alias="nestedFields") + ] = None + r"""How to serialize nested fields into index-time fields""" + + throttle_rate_per_sec: Annotated[ + Optional[str], pydantic.Field(alias="throttleRatePerSec") + ] = None + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + + write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( + None + ) + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None + + enable_multi_metrics: Annotated[ + Optional[bool], pydantic.Field(alias="enableMultiMetrics") + ] = None + r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" + + enable_ack: Annotated[Optional[bool], pydantic.Field(alias="enableACK")] = None + r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" + + log_failed_requests: Annotated[ + Optional[bool], pydantic.Field(alias="logFailedRequests") + ] = None + r"""Use to troubleshoot issues with sending data""" + + max_s2_sversion: Annotated[ + Optional[MaxS2SVersionOptions], pydantic.Field(alias="maxS2Sversion") + ] = None + r"""The highest S2S protocol version to advertise during handshake""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + description: Optional[str] = None + + max_failed_health_checks: Annotated[ + Optional[float], pydantic.Field(alias="maxFailedHealthChecks") + ] = None + r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" + + compress: Optional[CompressionOptions] = None + r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsSplunk], + pydantic.Field(alias="pqControls"), + ] = None + + auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None + r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_host: Annotated[Optional[str], pydantic.Field(alias="__template_host")] = ( + None + ) + r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" + + template_port: Annotated[Optional[str], pydantic.Field(alias="__template_port")] = ( + None + ) + r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" + + template_nested_fields: Annotated[ + Optional[str], pydantic.Field(alias="__template_nestedFields") + ] = None + r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" + + template_max_s2_sversion: Annotated[ + Optional[str], pydantic.Field(alias="__template_maxS2Sversion") + ] = None + r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + @field_serializer("nested_fields") + def serialize_nested_fields(self, value): + if isinstance(value, str): + try: + return models.NestedFieldSerializationOptions(value) + except ValueError: + return value + return value + + @field_serializer("max_s2_sversion") + def serialize_max_s2_sversion(self, value): + if isinstance(value, str): + try: + return models.MaxS2SVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "nestedFields", + "throttleRatePerSec", + "connectionTimeout", + "writeTimeout", + "tls", + "enableMultiMetrics", + "enableACK", + "logFailedRequests", + "maxS2Sversion", + "onBackpressure", + "authType", + "description", + "maxFailedHealthChecks", + "compress", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "authToken", + "textSecret", + "__template_streamtags", + "__template_host", + "__template_port", + "__template_nestedFields", + "__template_maxS2Sversion", + "__template_onBackpressure", + "__template_compress", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeSyslog(str, Enum): + SYSLOG = "syslog" + + +class CreateOutputSystemByPackProtocolSyslog(str, Enum, metaclass=utils.OpenEnumMeta): + r"""The network protocol to use for sending out syslog messages""" + + # TCP + TCP = "tcp" + # UDP + UDP = "udp" + + +class CreateOutputSystemByPackFacility(int, Enum, metaclass=utils.OpenEnumMeta): + r"""Default value for message facility. Will be overwritten by value of __facility if set. Defaults to user.""" + + # kern + KERN = 0 + # user + USER = 1 + # mail + MAIL = 2 + # daemon + DAEMON = 3 + # auth + AUTH = 4 + # syslog + SYSLOG = 5 + # lpr + LPR = 6 + # news + NEWS = 7 + # uucp + UUCP = 8 + # cron + CRON = 9 + # authpriv + AUTHPRIV = 10 + # ftp + FTP = 11 + # ntp + NTP = 12 + # security + SECURITY = 13 + # console + CONSOLE = 14 + # solaris-cron + SOLARIS_CRON = 15 + # local0 + LOCAL0 = 16 + # local1 + LOCAL1 = 17 + # local2 + LOCAL2 = 18 + # local3 + LOCAL3 = 19 + # local4 + LOCAL4 = 20 + # local5 + LOCAL5 = 21 + + +class CreateOutputSystemByPackSeveritySyslog(int, Enum, metaclass=utils.OpenEnumMeta): + r"""Default value for message severity. Will be overwritten by value of __severity if set. Defaults to notice.""" + + # emergency + EMERGENCY = 0 + # alert + ALERT = 1 + # critical + CRITICAL = 2 + # error + ERROR = 3 + # warning + WARNING = 4 + # notice + NOTICE = 5 + # info + INFO = 6 + # debug + DEBUG = 7 + + +class CreateOutputSystemByPackMessageFormat(str, Enum, metaclass=utils.OpenEnumMeta): + r"""The syslog message format depending on the receiver's support""" + + # RFC3164 + RFC3164 = "rfc3164" + # RFC5424 + RFC5424 = "rfc5424" + + +class CreateOutputSystemByPackTimestampFormat(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Timestamp format to use when serializing event's time field""" + + # Syslog + SYSLOG = "syslog" + # ISO8601 + ISO8601 = "iso8601" + + +class CreateOutputSystemByPackPqControlsSyslogTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsSyslog(BaseModel): + pass + + +class CreateOutputSystemByPackOutputSyslogTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeSyslog + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + protocol: NotRequired[CreateOutputSystemByPackProtocolSyslog] + r"""The network protocol to use for sending out syslog messages""" + facility: NotRequired[CreateOutputSystemByPackFacility] + r"""Default value for message facility. Will be overwritten by value of __facility if set. Defaults to user.""" + severity: NotRequired[CreateOutputSystemByPackSeveritySyslog] + r"""Default value for message severity. Will be overwritten by value of __severity if set. Defaults to notice.""" + app_name: NotRequired[str] + r"""Default name for device or application that originated the message. Defaults to Cribl, but will be overwritten by value of __appname if set.""" + message_format: NotRequired[CreateOutputSystemByPackMessageFormat] + r"""The syslog message format depending on the receiver's support""" + timestamp_format: NotRequired[CreateOutputSystemByPackTimestampFormat] + r"""Timestamp format to use when serializing event's time field""" + throttle_rate_per_sec: NotRequired[str] + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + octet_count_framing: NotRequired[bool] + r"""Prefix messages with the byte count of the message. If disabled, no prefix will be set, and the message will be appended with a \n.""" + log_failed_requests: NotRequired[bool] + r"""Use to troubleshoot issues with sending data""" + description: NotRequired[str] + load_balanced: NotRequired[bool] + r"""For optimal performance, enable load balancing even if you have one hostname, as it can expand to multiple IPs. If this setting is disabled, consider enabling round-robin DNS.""" + host: NotRequired[str] + r"""The hostname of the receiver""" + port: NotRequired[float] + r"""The port to connect to on the provided host""" + exclude_self: NotRequired[bool] + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + hosts: NotRequired[List[HostConfOutputSyslogTypedDict]] + r"""Set of hosts to load-balance data to""" + dns_resolve_period_sec: NotRequired[float] + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + load_balance_stats_period_sec: NotRequired[float] + r"""How far back in time to keep traffic stats for load balancing purposes""" + max_concurrent_senders: NotRequired[float] + r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" + connection_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + write_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + max_record_size: NotRequired[float] + r"""Maximum size of syslog messages. Make sure this value is less than or equal to the MTU to avoid UDP packet fragmentation.""" + udp_dns_resolve_period_sec: NotRequired[float] + r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every message sent will incur a DNS lookup.""" + enable_ip_spoofing: NotRequired[bool] + r"""Send Syslog traffic using the original event's Source IP and port. To enable this, you must install the external `udp-sender` helper binary at `/usr/bin/udp-sender` on all Worker Nodes and grant it the `CAP_NET_RAW` capability.""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsSyslogTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_host: NotRequired[str] + r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" + template_port: NotRequired[str] + r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class CreateOutputSystemByPackOutputSyslog(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeSyslog + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + protocol: Optional[CreateOutputSystemByPackProtocolSyslog] = None + r"""The network protocol to use for sending out syslog messages""" + + facility: Optional[CreateOutputSystemByPackFacility] = None + r"""Default value for message facility. Will be overwritten by value of __facility if set. Defaults to user.""" + + severity: Optional[CreateOutputSystemByPackSeveritySyslog] = None + r"""Default value for message severity. Will be overwritten by value of __severity if set. Defaults to notice.""" + + app_name: Annotated[Optional[str], pydantic.Field(alias="appName")] = None + r"""Default name for device or application that originated the message. Defaults to Cribl, but will be overwritten by value of __appname if set.""" + + message_format: Annotated[ + Optional[CreateOutputSystemByPackMessageFormat], + pydantic.Field(alias="messageFormat"), + ] = None + r"""The syslog message format depending on the receiver's support""" + + timestamp_format: Annotated[ + Optional[CreateOutputSystemByPackTimestampFormat], + pydantic.Field(alias="timestampFormat"), + ] = None + r"""Timestamp format to use when serializing event's time field""" + + throttle_rate_per_sec: Annotated[ + Optional[str], pydantic.Field(alias="throttleRatePerSec") + ] = None + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + + octet_count_framing: Annotated[ + Optional[bool], pydantic.Field(alias="octetCountFraming") + ] = None + r"""Prefix messages with the byte count of the message. If disabled, no prefix will be set, and the message will be appended with a \n.""" + + log_failed_requests: Annotated[ + Optional[bool], pydantic.Field(alias="logFailedRequests") + ] = None + r"""Use to troubleshoot issues with sending data""" + + description: Optional[str] = None + + load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( + None + ) + r"""For optimal performance, enable load balancing even if you have one hostname, as it can expand to multiple IPs. If this setting is disabled, consider enabling round-robin DNS.""" + + host: Optional[str] = None + r"""The hostname of the receiver""" + + port: Optional[float] = None + r"""The port to connect to on the provided host""" + + exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + + hosts: Optional[List[HostConfOutputSyslog]] = None + r"""Set of hosts to load-balance data to""" + + dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") + ] = None + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + + load_balance_stats_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") + ] = None + r"""How far back in time to keep traffic stats for load balancing purposes""" + + max_concurrent_senders: Annotated[ + Optional[float], pydantic.Field(alias="maxConcurrentSenders") + ] = None + r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + + write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( + None + ) + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + max_record_size: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSize") + ] = None + r"""Maximum size of syslog messages. Make sure this value is less than or equal to the MTU to avoid UDP packet fragmentation.""" + + udp_dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="udpDnsResolvePeriodSec") + ] = None + r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every message sent will incur a DNS lookup.""" + + enable_ip_spoofing: Annotated[ + Optional[bool], pydantic.Field(alias="enableIpSpoofing") + ] = None + r"""Send Syslog traffic using the original event's Source IP and port. To enable this, you must install the external `udp-sender` helper binary at `/usr/bin/udp-sender` on all Worker Nodes and grant it the `CAP_NET_RAW` capability.""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsSyslog], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_host: Annotated[Optional[str], pydantic.Field(alias="__template_host")] = ( + None + ) + r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" + + template_port: Annotated[Optional[str], pydantic.Field(alias="__template_port")] = ( + None + ) + r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("protocol") + def serialize_protocol(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackProtocolSyslog(value) + except ValueError: + return value + return value + + @field_serializer("facility") + def serialize_facility(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackFacility(value) + except ValueError: + return value + return value + + @field_serializer("severity") + def serialize_severity(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackSeveritySyslog(value) + except ValueError: + return value + return value + + @field_serializer("message_format") + def serialize_message_format(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackMessageFormat(value) + except ValueError: + return value + return value + + @field_serializer("timestamp_format") + def serialize_timestamp_format(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackTimestampFormat(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "protocol", + "facility", + "severity", + "appName", + "messageFormat", + "timestampFormat", + "throttleRatePerSec", + "octetCountFraming", + "logFailedRequests", + "description", + "loadBalanced", + "host", + "port", + "excludeSelf", + "hosts", + "dnsResolvePeriodSec", + "loadBalanceStatsPeriodSec", + "maxConcurrentSenders", + "connectionTimeout", + "writeTimeout", + "tls", + "onBackpressure", + "maxRecordSize", + "udpDnsResolvePeriodSec", + "enableIpSpoofing", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_host", + "__template_port", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeDevnull(str, Enum): + DEVNULL = "devnull" + + +class CreateOutputSystemByPackOutputDevnullTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeDevnull + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + +class CreateOutputSystemByPackOutputDevnull(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeDevnull + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "__template_streamtags", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackTypeSentinel(str, Enum): + SENTINEL = "sentinel" + + +class CreateOutputSystemByPackAuthType(str, Enum, metaclass=utils.OpenEnumMeta): + OAUTH = "oauth" + + +class CreateOutputSystemByPackEndpointConfiguration( + str, Enum, metaclass=utils.OpenEnumMeta +): + r"""Enter the data collection endpoint URL or the individual ID""" + + # URL + URL = "url" + # ID + ID = "ID" + + +class CreateOutputSystemByPackFormatSentinel(str, Enum, metaclass=utils.OpenEnumMeta): + NDJSON = "ndjson" + JSON_ARRAY = "json_array" + CUSTOM = "custom" + ADVANCED = "advanced" + + +class CreateOutputSystemByPackPqControlsSentinelTypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackPqControlsSentinel(BaseModel): + pass + + +class CreateOutputSystemByPackOutputSentinelTypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackTypeSentinel + login_url: str + r"""URL for OAuth""" + secret: str + r"""Secret parameter value to pass in request body""" + client_id: str + r"""JavaScript expression to compute the Client ID for the Azure application. Can be a constant.""" + endpoint_url_configuration: CreateOutputSystemByPackEndpointConfiguration + r"""Enter the data collection endpoint URL or the individual ID""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + keep_alive: NotRequired[bool] + r"""Disable to close the connection immediately after sending the outgoing request""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size (KB) of the request body (defaults to the API's maximum limit of 1000 KB)""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[CreateOutputSystemByPackAuthType] + scope: NotRequired[str] + r"""Scope to pass in the OAuth request""" + total_memory_limit_kb: NotRequired[float] + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + description: NotRequired[str] + format_: NotRequired[CreateOutputSystemByPackFormatSentinel] + custom_source_expression: NotRequired[str] + r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" + custom_drop_when_null: NotRequired[bool] + r"""Whether to drop events when the source expression evaluates to null""" + custom_event_delimiter: NotRequired[str] + r"""Delimiter string to insert between individual events. Defaults to newline character.""" + custom_content_type: NotRequired[str] + r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" + custom_payload_expression: NotRequired[str] + r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" + advanced_content_type: NotRequired[str] + r"""HTTP content-type header value""" + format_event_code: NotRequired[str] + r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + format_payload_code: NotRequired[str] + r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackPqControlsSentinelTypedDict] + url: NotRequired[str] + r"""URL to send events to. Can be overwritten by an event's __url field.""" + dcr_id: NotRequired[str] + r"""Immutable ID for the Data Collection Rule (DCR)""" + dce_endpoint: NotRequired[str] + r"""Data collection endpoint (DCE) URL. In the format: `https://-..ingest.monitor.azure.com`""" + stream_name: NotRequired[str] + r"""The name of the stream (Sentinel table) in which to store the events""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + template_secret: NotRequired[str] + r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" + template_client_id: NotRequired[str] + r"""Binds 'client_id' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'client_id' at runtime.""" + template_scope: NotRequired[str] + r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + template_dcr_id: NotRequired[str] + r"""Binds 'dcrID' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dcrID' at runtime.""" + template_dce_endpoint: NotRequired[str] + r"""Binds 'dceEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dceEndpoint' at runtime.""" + template_stream_name: NotRequired[str] + r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" + + +class CreateOutputSystemByPackOutputSentinel(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackTypeSentinel + + login_url: Annotated[str, pydantic.Field(alias="loginUrl")] + r"""URL for OAuth""" + + secret: str + r"""Secret parameter value to pass in request body""" + + client_id: str + r"""JavaScript expression to compute the Client ID for the Azure application. Can be a constant.""" + + endpoint_url_configuration: Annotated[ + CreateOutputSystemByPackEndpointConfiguration, + pydantic.Field(alias="endpointURLConfiguration"), + ] + r"""Enter the data collection endpoint URL or the individual ID""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + keep_alive: Annotated[Optional[bool], pydantic.Field(alias="keepAlive")] = None + r"""Disable to close the connection immediately after sending the outgoing request""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size (KB) of the request body (defaults to the API's maximum limit of 1000 KB)""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[CreateOutputSystemByPackAuthType], pydantic.Field(alias="authType") + ] = None + + scope: Optional[str] = None + r"""Scope to pass in the OAuth request""" + + total_memory_limit_kb: Annotated[ + Optional[float], pydantic.Field(alias="totalMemoryLimitKB") + ] = None + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + + description: Optional[str] = None + + format_: Annotated[ + Optional[CreateOutputSystemByPackFormatSentinel], pydantic.Field(alias="format") + ] = None + + custom_source_expression: Annotated[ + Optional[str], pydantic.Field(alias="customSourceExpression") + ] = None + r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" + + custom_drop_when_null: Annotated[ + Optional[bool], pydantic.Field(alias="customDropWhenNull") + ] = None + r"""Whether to drop events when the source expression evaluates to null""" + + custom_event_delimiter: Annotated[ + Optional[str], pydantic.Field(alias="customEventDelimiter") + ] = None + r"""Delimiter string to insert between individual events. Defaults to newline character.""" + + custom_content_type: Annotated[ + Optional[str], pydantic.Field(alias="customContentType") + ] = None + r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" + + custom_payload_expression: Annotated[ + Optional[str], pydantic.Field(alias="customPayloadExpression") + ] = None + r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" + + advanced_content_type: Annotated[ + Optional[str], pydantic.Field(alias="advancedContentType") + ] = None + r"""HTTP content-type header value""" + + format_event_code: Annotated[ + Optional[str], pydantic.Field(alias="formatEventCode") + ] = None + r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + + format_payload_code: Annotated[ + Optional[str], pydantic.Field(alias="formatPayloadCode") + ] = None + r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackPqControlsSentinel], + pydantic.Field(alias="pqControls"), + ] = None + + url: Optional[str] = None + r"""URL to send events to. Can be overwritten by an event's __url field.""" + + dcr_id: Annotated[Optional[str], pydantic.Field(alias="dcrID")] = None + r"""Immutable ID for the Data Collection Rule (DCR)""" + + dce_endpoint: Annotated[Optional[str], pydantic.Field(alias="dceEndpoint")] = None + r"""Data collection endpoint (DCE) URL. In the format: `https://-..ingest.monitor.azure.com`""" + + stream_name: Annotated[Optional[str], pydantic.Field(alias="streamName")] = None + r"""The name of the stream (Sentinel table) in which to store the events""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + template_secret: Annotated[ + Optional[str], pydantic.Field(alias="__template_secret") + ] = None + r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" + + template_client_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_client_id") + ] = None + r"""Binds 'client_id' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'client_id' at runtime.""" + + template_scope: Annotated[ + Optional[str], pydantic.Field(alias="__template_scope") + ] = None + r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + template_dcr_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_dcrID") + ] = None + r"""Binds 'dcrID' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dcrID' at runtime.""" + + template_dce_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_dceEndpoint") + ] = None + r"""Binds 'dceEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dceEndpoint' at runtime.""" + + template_stream_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamName") + ] = None + r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackAuthType(value) + except ValueError: + return value + return value + + @field_serializer("endpoint_url_configuration") + def serialize_endpoint_url_configuration(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackEndpointConfiguration(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackFormatSentinel(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "keepAlive", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "authType", + "scope", + "totalMemoryLimitKB", + "description", + "format", + "customSourceExpression", + "customDropWhenNull", + "customEventDelimiter", + "customContentType", + "customPayloadExpression", + "advancedContentType", + "formatEventCode", + "formatPayloadCode", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "url", + "dcrID", + "dceEndpoint", + "streamName", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_loginUrl", + "__template_secret", + "__template_client_id", + "__template_scope", + "__template_url", + "__template_dcrID", + "__template_dceEndpoint", + "__template_streamName", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackOutputWebhookType2(str, Enum): + WEBHOOK = "webhook" + + +class CreateOutputSystemByPackOutputWebhookFormat2( + str, Enum, metaclass=utils.OpenEnumMeta +): + r"""How to format events before sending out""" + + # NDJSON (Newline Delimited JSON) + NDJSON = "ndjson" + # JSON Array + JSON_ARRAY = "json_array" + # Custom + CUSTOM = "custom" + # Advanced + ADVANCED = "advanced" + + +class CreateOutputSystemByPackOutputWebhookAuthenticationType2( + str, Enum, metaclass=utils.OpenEnumMeta +): + r"""Authentication method to use for the HTTP request""" + + # None + NONE = "none" + # Basic + BASIC = "basic" + # Basic (credentials secret) + CREDENTIALS_SECRET = "credentialsSecret" + # Token + TOKEN = "token" + # Token (text secret) + TEXT_SECRET = "textSecret" + # OAuth + OAUTH = "oauth" + + +class CreateOutputSystemByPackOutputWebhookPqControls2TypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackOutputWebhookPqControls2(BaseModel): + pass + + +class CreateOutputSystemByPackOutputWebhookURL2TypedDict(TypedDict): + url: str + r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" + weight: NotRequired[float] + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + +class CreateOutputSystemByPackOutputWebhookURL2(BaseModel): + url: str + r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" + + weight: Optional[float] = None + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["weight", "__template_url"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackOutputWebhookWebhook2TypedDict(TypedDict): + id: str + r"""Unique ID for this output""" + type: CreateOutputSystemByPackOutputWebhookType2 + urls: List[CreateOutputSystemByPackOutputWebhookURL2TypedDict] + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + method: NotRequired[MethodOptions] + r"""The method to use when sending events""" + format_: NotRequired[CreateOutputSystemByPackOutputWebhookFormat2] + r"""How to format events before sending out""" + keep_alive: NotRequired[bool] + r"""Disable to close the connection immediately after sending the outgoing request""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[CreateOutputSystemByPackOutputWebhookAuthenticationType2] + r"""Authentication method to use for the HTTP request""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict] + total_memory_limit_kb: NotRequired[float] + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + load_balanced: NotRequired[bool] + r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" + description: NotRequired[str] + custom_source_expression: NotRequired[str] + r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" + custom_drop_when_null: NotRequired[bool] + r"""Whether to drop events when the source expression evaluates to null""" + custom_event_delimiter: NotRequired[str] + r"""Delimiter string to insert between individual events. Defaults to newline character.""" + custom_content_type: NotRequired[str] + r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" + custom_payload_expression: NotRequired[str] + r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" + advanced_content_type: NotRequired[str] + r"""HTTP content-type header value""" + format_event_code: NotRequired[str] + r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + format_payload_code: NotRequired[str] + r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[CreateOutputSystemByPackOutputWebhookPqControls2TypedDict] + username: NotRequired[str] + password: NotRequired[str] + token: NotRequired[str] + r"""Bearer token to include in the authorization header""" + credentials_secret: NotRequired[str] + r"""Select or create a secret that references your credentials""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + login_url: NotRequired[str] + r"""URL for OAuth""" + secret_param_name: NotRequired[str] + r"""Secret parameter name to pass in request body""" + secret: NotRequired[str] + r"""Secret parameter value to pass in request body""" + token_attribute_name: NotRequired[str] + r"""Name of the auth token attribute in the OAuth response. Can be top-level (e.g., 'token'); or nested, using a period (e.g., 'data.token').""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression to compute the Authorization header value to pass in requests. The value `${token}` is used to reference the token obtained from authentication, e.g.: `Bearer ${token}`.""" + token_timeout_secs: NotRequired[float] + r"""How often the OAuth token should be refreshed.""" + oauth_params: NotRequired[List[OauthParamConfInputServicenowTableTypedDict]] + r"""Additional parameters to send in the OAuth login request. @{product} will combine the secret with these parameters, and will send the URL-encoded result in a POST request to the endpoint specified in the 'Login URL'. We'll automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" + oauth_headers: NotRequired[List[OauthHeaderConfInputServicenowTableTypedDict]] + r"""Additional headers to send in the OAuth login request. @{product} will automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" + url: NotRequired[str] + r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" + exclude_self: NotRequired[bool] + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + dns_resolve_period_sec: NotRequired[float] + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + load_balance_stats_period_sec: NotRequired[float] + r"""How far back in time to keep traffic stats for load balancing purposes""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + template_secret: NotRequired[str] + r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + +class CreateOutputSystemByPackOutputWebhookWebhook2(BaseModel): + id: str + r"""Unique ID for this output""" + + type: CreateOutputSystemByPackOutputWebhookType2 + + urls: List[CreateOutputSystemByPackOutputWebhookURL2] + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + method: Optional[MethodOptions] = None + r"""The method to use when sending events""" + + format_: Annotated[ + Optional[CreateOutputSystemByPackOutputWebhookFormat2], + pydantic.Field(alias="format"), + ] = None + r"""How to format events before sending out""" + + keep_alive: Annotated[Optional[bool], pydantic.Field(alias="keepAlive")] = None + r"""Disable to close the connection immediately after sending the outgoing request""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[CreateOutputSystemByPackOutputWebhookAuthenticationType2], + pydantic.Field(alias="authType"), + ] = None + r"""Authentication method to use for the HTTP request""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPathExtended] = None + + total_memory_limit_kb: Annotated[ + Optional[float], pydantic.Field(alias="totalMemoryLimitKB") + ] = None + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + + load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( + None + ) + r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" + + description: Optional[str] = None + + custom_source_expression: Annotated[ + Optional[str], pydantic.Field(alias="customSourceExpression") + ] = None + r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" + + custom_drop_when_null: Annotated[ + Optional[bool], pydantic.Field(alias="customDropWhenNull") + ] = None + r"""Whether to drop events when the source expression evaluates to null""" + + custom_event_delimiter: Annotated[ + Optional[str], pydantic.Field(alias="customEventDelimiter") + ] = None + r"""Delimiter string to insert between individual events. Defaults to newline character.""" + + custom_content_type: Annotated[ + Optional[str], pydantic.Field(alias="customContentType") + ] = None + r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" + + custom_payload_expression: Annotated[ + Optional[str], pydantic.Field(alias="customPayloadExpression") + ] = None + r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" + + advanced_content_type: Annotated[ + Optional[str], pydantic.Field(alias="advancedContentType") + ] = None + r"""HTTP content-type header value""" + + format_event_code: Annotated[ + Optional[str], pydantic.Field(alias="formatEventCode") + ] = None + r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + + format_payload_code: Annotated[ + Optional[str], pydantic.Field(alias="formatPayloadCode") + ] = None + r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[CreateOutputSystemByPackOutputWebhookPqControls2], + pydantic.Field(alias="pqControls"), + ] = None + + username: Optional[str] = None + + password: Optional[str] = None + + token: Optional[str] = None + r"""Bearer token to include in the authorization header""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a secret that references your credentials""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL for OAuth""" + + secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="secretParamName") + ] = None + r"""Secret parameter name to pass in request body""" + + secret: Optional[str] = None + r"""Secret parameter value to pass in request body""" + + token_attribute_name: Annotated[ + Optional[str], pydantic.Field(alias="tokenAttributeName") + ] = None + r"""Name of the auth token attribute in the OAuth response. Can be top-level (e.g., 'token'); or nested, using a period (e.g., 'data.token').""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression to compute the Authorization header value to pass in requests. The value `${token}` is used to reference the token obtained from authentication, e.g.: `Bearer ${token}`.""" + + token_timeout_secs: Annotated[ + Optional[float], pydantic.Field(alias="tokenTimeoutSecs") + ] = None + r"""How often the OAuth token should be refreshed.""" + + oauth_params: Annotated[ + Optional[List[OauthParamConfInputServicenowTable]], + pydantic.Field(alias="oauthParams"), + ] = None + r"""Additional parameters to send in the OAuth login request. @{product} will combine the secret with these parameters, and will send the URL-encoded result in a POST request to the endpoint specified in the 'Login URL'. We'll automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" + + oauth_headers: Annotated[ + Optional[List[OauthHeaderConfInputServicenowTable]], + pydantic.Field(alias="oauthHeaders"), + ] = None + r"""Additional headers to send in the OAuth login request. @{product} will automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" + + url: Optional[str] = None + r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" + + exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + + dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") + ] = None + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + + load_balance_stats_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") + ] = None + r"""How far back in time to keep traffic stats for load balancing purposes""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + template_secret: Annotated[ + Optional[str], pydantic.Field(alias="__template_secret") + ] = None + r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + @field_serializer("method") + def serialize_method(self, value): + if isinstance(value, str): + try: + return models.MethodOptions(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackOutputWebhookFormat2(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.CreateOutputSystemByPackOutputWebhookAuthenticationType2( + value + ) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "pipeline", + "systemFields", + "environment", + "streamtags", + "method", + "format", + "keepAlive", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "authType", + "tls", + "totalMemoryLimitKB", + "loadBalanced", + "description", + "customSourceExpression", + "customDropWhenNull", + "customEventDelimiter", + "customContentType", + "customPayloadExpression", + "advancedContentType", + "formatEventCode", + "formatPayloadCode", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "username", + "password", + "token", + "credentialsSecret", + "textSecret", + "loginUrl", + "secretParamName", + "secret", + "tokenAttributeName", + "authHeaderExpr", + "tokenTimeoutSecs", + "oauthParams", + "oauthHeaders", + "url", + "excludeSelf", + "dnsResolvePeriodSec", + "loadBalanceStatsPeriodSec", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_loginUrl", + "__template_secret", + "__template_url", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class CreateOutputSystemByPackOutputWebhookType1(str, Enum): + WEBHOOK = "webhook" + + +class CreateOutputSystemByPackOutputWebhookFormat1( + str, Enum, metaclass=utils.OpenEnumMeta +): + r"""How to format events before sending out""" + + # NDJSON (Newline Delimited JSON) + NDJSON = "ndjson" + # JSON Array + JSON_ARRAY = "json_array" + # Custom + CUSTOM = "custom" + # Advanced + ADVANCED = "advanced" + + +class CreateOutputSystemByPackOutputWebhookAuthenticationType1( + str, Enum, metaclass=utils.OpenEnumMeta +): + r"""Authentication method to use for the HTTP request""" + + # None + NONE = "none" + # Basic + BASIC = "basic" + # Basic (credentials secret) + CREDENTIALS_SECRET = "credentialsSecret" + # Token + TOKEN = "token" + # Token (text secret) + TEXT_SECRET = "textSecret" + # OAuth + OAUTH = "oauth" + + +class CreateOutputSystemByPackOutputWebhookPqControls1TypedDict(TypedDict): + pass + + +class CreateOutputSystemByPackOutputWebhookPqControls1(BaseModel): + pass + + +class CreateOutputSystemByPackOutputWebhookURL1TypedDict(TypedDict): + url: str + r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" + weight: NotRequired[float] + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + +class CreateOutputSystemByPackOutputWebhookURL1(BaseModel): + url: str + r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" + + weight: Optional[float] = None + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["weight", "__template_url"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +try: + CreateOutputSystemByPackOutputStatsd.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputMinio.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputCloudwatch.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputInfluxdb.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputNewrelicEvents.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputNewrelic.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputElasticCloud.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackURLElastic.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputElastic.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputMsk.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputConfluentCloud.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputKafka.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputExabeam.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputGooglePubsub.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputGoogleCloudObservability.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputGoogleCloudLogging.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputGoogleCloudStorage.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackExtraLogType.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputGoogleChronicle.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputAzureEventhub.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputHoneycomb.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputKinesis.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputAzureLogs.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackCertificate.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputAzureDataExplorer.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputAzureBlob.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputS3.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputFilesystem.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputSignalfx.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputWavefront.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputTcpjson.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputWizHec.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackURLSplunkHec.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputSplunkHec.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackAuthToken.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackIndexerDiscoveryConfigs.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputSplunkLb.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputSplunk.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputSyslog.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputDevnull.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputSentinel.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputWebhookURL2.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputWebhookWebhook2.model_rebuild() +except NameError: + pass +try: + CreateOutputSystemByPackOutputWebhookURL1.model_rebuild() +except NameError: + pass diff --git a/src/cribl_control_plane/models/createoutputsystembypack_request.py b/src/cribl_control_plane/models/createoutputsystembypack_request.py index eef72f50a..ebd3ea1e7 100644 --- a/src/cribl_control_plane/models/createoutputsystembypack_request.py +++ b/src/cribl_control_plane/models/createoutputsystembypack_request.py @@ -1,34 +1,89 @@ """Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" from __future__ import annotations -from .acknowledgmentsoptions import AcknowledgmentsOptions -from .acknowledgmentsoptionsallleader import AcknowledgmentsOptionsAllLeader -from .authenticationmethodoptions import AuthenticationMethodOptions -from .authenticationmethodoptionsapi import AuthenticationMethodOptionsAPI -from .authenticationmethodoptionsauthtokensitems import ( - AuthenticationMethodOptionsAuthTokensItems, -) -from .authenticationmethodoptionss3collectorconf import ( - AuthenticationMethodOptionsS3CollectorConf, -) -from .authenticationtype import AuthenticationType, AuthenticationTypeTypedDict -from .authenticationtypeuse import AuthenticationTypeUse, AuthenticationTypeUseTypedDict -from .authtypetemplatemanualapikeyauthtype import ( - AuthTypeTemplatemanualAPIKeyAuthType, - AuthTypeTemplatemanualAPIKeyAuthTypeTypedDict, -) from .backpressurebehavioroptions import BackpressureBehaviorOptions -from .backpressurebehavioroptionsblockdrop import BackpressureBehaviorOptionsBlockDrop -from .certificatetypeazureblobauthtypeclientcert import ( - CertificateTypeAzureBlobAuthTypeClientCert, - CertificateTypeAzureBlobAuthTypeClientCertTypedDict, -) -from .compressionleveloptions import CompressionLevelOptions -from .compressionoptions import CompressionOptions -from .compressionoptionsgziplz4 import CompressionOptionsGzipLz4 -from .compressionoptionsgzipnone import CompressionOptionsGzipNone -from .compressionoptionshttp import CompressionOptionsHTTP from .compressionoptionspq import CompressionOptionsPq +from .createoutputsystembypack_outputwebhook_url_1 import ( + CreateOutputSystemByPackOutputAzureBlob, + CreateOutputSystemByPackOutputAzureBlobTypedDict, + CreateOutputSystemByPackOutputAzureDataExplorer, + CreateOutputSystemByPackOutputAzureDataExplorerTypedDict, + CreateOutputSystemByPackOutputAzureEventhub, + CreateOutputSystemByPackOutputAzureEventhubTypedDict, + CreateOutputSystemByPackOutputAzureLogs, + CreateOutputSystemByPackOutputAzureLogsTypedDict, + CreateOutputSystemByPackOutputCloudwatch, + CreateOutputSystemByPackOutputCloudwatchTypedDict, + CreateOutputSystemByPackOutputConfluentCloud, + CreateOutputSystemByPackOutputConfluentCloudTypedDict, + CreateOutputSystemByPackOutputDevnull, + CreateOutputSystemByPackOutputDevnullTypedDict, + CreateOutputSystemByPackOutputElastic, + CreateOutputSystemByPackOutputElasticCloud, + CreateOutputSystemByPackOutputElasticCloudTypedDict, + CreateOutputSystemByPackOutputElasticTypedDict, + CreateOutputSystemByPackOutputExabeam, + CreateOutputSystemByPackOutputExabeamTypedDict, + CreateOutputSystemByPackOutputFilesystem, + CreateOutputSystemByPackOutputFilesystemTypedDict, + CreateOutputSystemByPackOutputGoogleChronicle, + CreateOutputSystemByPackOutputGoogleChronicleTypedDict, + CreateOutputSystemByPackOutputGoogleCloudLogging, + CreateOutputSystemByPackOutputGoogleCloudLoggingTypedDict, + CreateOutputSystemByPackOutputGoogleCloudObservability, + CreateOutputSystemByPackOutputGoogleCloudObservabilityTypedDict, + CreateOutputSystemByPackOutputGoogleCloudStorage, + CreateOutputSystemByPackOutputGoogleCloudStorageTypedDict, + CreateOutputSystemByPackOutputGooglePubsub, + CreateOutputSystemByPackOutputGooglePubsubTypedDict, + CreateOutputSystemByPackOutputHoneycomb, + CreateOutputSystemByPackOutputHoneycombTypedDict, + CreateOutputSystemByPackOutputInfluxdb, + CreateOutputSystemByPackOutputInfluxdbTypedDict, + CreateOutputSystemByPackOutputKafka, + CreateOutputSystemByPackOutputKafkaTypedDict, + CreateOutputSystemByPackOutputKinesis, + CreateOutputSystemByPackOutputKinesisTypedDict, + CreateOutputSystemByPackOutputMinio, + CreateOutputSystemByPackOutputMinioTypedDict, + CreateOutputSystemByPackOutputMsk, + CreateOutputSystemByPackOutputMskTypedDict, + CreateOutputSystemByPackOutputNewrelic, + CreateOutputSystemByPackOutputNewrelicEvents, + CreateOutputSystemByPackOutputNewrelicEventsTypedDict, + CreateOutputSystemByPackOutputNewrelicTypedDict, + CreateOutputSystemByPackOutputS3, + CreateOutputSystemByPackOutputS3TypedDict, + CreateOutputSystemByPackOutputSentinel, + CreateOutputSystemByPackOutputSentinelTypedDict, + CreateOutputSystemByPackOutputSignalfx, + CreateOutputSystemByPackOutputSignalfxTypedDict, + CreateOutputSystemByPackOutputSplunk, + CreateOutputSystemByPackOutputSplunkHec, + CreateOutputSystemByPackOutputSplunkHecTypedDict, + CreateOutputSystemByPackOutputSplunkLb, + CreateOutputSystemByPackOutputSplunkLbTypedDict, + CreateOutputSystemByPackOutputSplunkTypedDict, + CreateOutputSystemByPackOutputStatsd, + CreateOutputSystemByPackOutputStatsdTypedDict, + CreateOutputSystemByPackOutputSyslog, + CreateOutputSystemByPackOutputSyslogTypedDict, + CreateOutputSystemByPackOutputTcpjson, + CreateOutputSystemByPackOutputTcpjsonTypedDict, + CreateOutputSystemByPackOutputWavefront, + CreateOutputSystemByPackOutputWavefrontTypedDict, + CreateOutputSystemByPackOutputWebhookAuthenticationType1, + CreateOutputSystemByPackOutputWebhookFormat1, + CreateOutputSystemByPackOutputWebhookPqControls1, + CreateOutputSystemByPackOutputWebhookPqControls1TypedDict, + CreateOutputSystemByPackOutputWebhookType1, + CreateOutputSystemByPackOutputWebhookURL1, + CreateOutputSystemByPackOutputWebhookURL1TypedDict, + CreateOutputSystemByPackOutputWebhookWebhook2, + CreateOutputSystemByPackOutputWebhookWebhook2TypedDict, + CreateOutputSystemByPackOutputWizHec, + CreateOutputSystemByPackOutputWizHecTypedDict, +) from .createoutputsystembypack_type_statsd import ( CreateOutputSystemByPackOutputAlibabaCloudS3, CreateOutputSystemByPackOutputAlibabaCloudS3TypedDict, @@ -60,17835 +115,102 @@ CreateOutputSystemByPackOutputDatasetTypedDict, CreateOutputSystemByPackOutputDellS3, CreateOutputSystemByPackOutputDellS3TypedDict, - CreateOutputSystemByPackOutputDiskSpool, - CreateOutputSystemByPackOutputDiskSpoolTypedDict, - CreateOutputSystemByPackOutputDlS3, - CreateOutputSystemByPackOutputDlS3TypedDict, - CreateOutputSystemByPackOutputDynatraceHTTP, - CreateOutputSystemByPackOutputDynatraceHTTPTypedDict, - CreateOutputSystemByPackOutputDynatraceOtlp, - CreateOutputSystemByPackOutputDynatraceOtlpTypedDict, - CreateOutputSystemByPackOutputGrafanaCloudUnion, - CreateOutputSystemByPackOutputGrafanaCloudUnionTypedDict, - CreateOutputSystemByPackOutputGraphite, - CreateOutputSystemByPackOutputGraphiteTypedDict, - CreateOutputSystemByPackOutputHumioHec, - CreateOutputSystemByPackOutputHumioHecTypedDict, - CreateOutputSystemByPackOutputLocalSearchStorage, - CreateOutputSystemByPackOutputLocalSearchStorageTypedDict, - CreateOutputSystemByPackOutputLoki, - CreateOutputSystemByPackOutputLokiTypedDict, - CreateOutputSystemByPackOutputMicrosoftFabric, - CreateOutputSystemByPackOutputMicrosoftFabricTypedDict, - CreateOutputSystemByPackOutputNetflow, - CreateOutputSystemByPackOutputNetflowTypedDict, - CreateOutputSystemByPackOutputNutanixObjects, - CreateOutputSystemByPackOutputNutanixObjectsTypedDict, - CreateOutputSystemByPackOutputOpenTelemetry, - CreateOutputSystemByPackOutputOpenTelemetryTypedDict, - CreateOutputSystemByPackOutputPrometheus, - CreateOutputSystemByPackOutputPrometheusTypedDict, - CreateOutputSystemByPackOutputRing, - CreateOutputSystemByPackOutputRingTypedDict, - CreateOutputSystemByPackOutputRouter, - CreateOutputSystemByPackOutputRouterTypedDict, - CreateOutputSystemByPackOutputScalityS3, - CreateOutputSystemByPackOutputScalityS3TypedDict, - CreateOutputSystemByPackOutputSecurityLake, - CreateOutputSystemByPackOutputSecurityLakeTypedDict, - CreateOutputSystemByPackOutputSentinelOneAiSiem, - CreateOutputSystemByPackOutputSentinelOneAiSiemTypedDict, - CreateOutputSystemByPackOutputServiceNow, - CreateOutputSystemByPackOutputServiceNowTypedDict, - CreateOutputSystemByPackOutputSnmp, - CreateOutputSystemByPackOutputSnmpTypedDict, - CreateOutputSystemByPackOutputSns, - CreateOutputSystemByPackOutputSnsTypedDict, - CreateOutputSystemByPackOutputSqs, - CreateOutputSystemByPackOutputSqsTypedDict, - CreateOutputSystemByPackOutputStatsdExt, - CreateOutputSystemByPackOutputStatsdExtTypedDict, - CreateOutputSystemByPackOutputStorjS3, - CreateOutputSystemByPackOutputStorjS3TypedDict, - CreateOutputSystemByPackOutputSumoLogic, - CreateOutputSystemByPackOutputSumoLogicTypedDict, - CreateOutputSystemByPackOutputXsiam, - CreateOutputSystemByPackOutputXsiamTypedDict, - CreateOutputSystemByPackTypeStatsd, -) -from .dataformatoptions import DataFormatOptions -from .datapageversionoptions import DataPageVersionOptions -from .destinationprotocoloptions import DestinationProtocolOptions -from .diskspaceprotectionoptions import DiskSpaceProtectionOptions -from .extrahttpheaderconfinputelastic import ( - ExtraHTTPHeaderConfInputElastic, - ExtraHTTPHeaderConfInputElasticTypedDict, -) -from .failedrequestloggingmodeoptions import FailedRequestLoggingModeOptions -from .googleauthenticationmethodoptions import GoogleAuthenticationMethodOptions -from .hostconfoutputsyslog import HostConfOutputSyslog, HostConfOutputSyslogTypedDict -from .kafkaschemaregistryauthenticationtypetemplateschemaregistryurlauth import ( - KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth, - KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict, -) -from .keyvaluemetadataconfoutputfilesystem import ( - KeyValueMetadataConfOutputFilesystem, - KeyValueMetadataConfOutputFilesystemTypedDict, -) -from .loglabelconfoutputgooglecloudlogging import ( - LogLabelConfOutputGoogleCloudLogging, - LogLabelConfOutputGoogleCloudLoggingTypedDict, -) -from .maxs2sversionoptions import MaxS2SVersionOptions -from .methodoptions import MethodOptions -from .microsoftentraidauthenticationendpointoptionssasl import ( - MicrosoftEntraIDAuthenticationEndpointOptionsSasl, -) -from .modeoptions import ModeOptions -from .nestedfieldserializationoptions import NestedFieldSerializationOptions -from .oauthheaderconfinputservicenowtable import ( - OauthHeaderConfInputServicenowTable, - OauthHeaderConfInputServicenowTableTypedDict, -) -from .oauthparamconfinputservicenowtable import ( - OauthParamConfInputServicenowTable, - OauthParamConfInputServicenowTableTypedDict, -) -from .objectacloptions import ObjectACLOptions -from .objectacloptionsauthenticatedreadbucketownerfullcontrol import ( - ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol, -) -from .orphanfilerecoverytype import ( - OrphanFileRecoveryType, - OrphanFileRecoveryTypeTypedDict, -) -from .parquetversionoptions import ParquetVersionOptions -from .queuefullbehavioroptions import QueueFullBehaviorOptions -from .recorddataformatoptions import RecordDataFormatOptions -from .recorddataformatoptionsjsonprotobuf import RecordDataFormatOptionsJSONProtobuf -from .regionoptions import RegionOptions -from .responseretrysettingconfoutputwebhook import ( - ResponseRetrySettingConfOutputWebhook, - ResponseRetrySettingConfOutputWebhookTypedDict, -) -from .retrysettingstype import RetrySettingsType, RetrySettingsTypeTypedDict -from .saslextensionconfinputkafka import ( - SaslExtensionConfInputKafka, - SaslExtensionConfInputKafkaTypedDict, -) -from .serversideencryptionforuploadedobjectsoptions import ( - ServerSideEncryptionForUploadedObjectsOptions, -) -from .serversideencryptionforuploadedobjectsoptionsaes256 import ( - ServerSideEncryptionForUploadedObjectsOptionsAes256, -) -from .storageclassoptions import StorageClassOptions -from .storageclassoptionsarchivecoldline import StorageClassOptionsArchiveColdline -from .storageclassoptionsreducedredundancystandard import ( - StorageClassOptionsReducedredundancyStandard, -) -from .timeoutretrysettingstype import ( - TimeoutRetrySettingsType, - TimeoutRetrySettingsTypeTypedDict, -) -from .tlssettingsclientsidetype import ( - TLSSettingsClientSideType, - TLSSettingsClientSideTypeTypedDict, -) -from .tlssettingsclientsidetypecapathcertpath import ( - TLSSettingsClientSideTypeCaPathCertPath, - TLSSettingsClientSideTypeCaPathCertPathTypedDict, -) -from .tlssettingsclientsidetypecapathcertpathextended import ( - TLSSettingsClientSideTypeCaPathCertPathExtended, - TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict, -) -from cribl_control_plane import models, utils -from cribl_control_plane.types import BaseModel, Nullable, UNSET_SENTINEL -from cribl_control_plane.utils import ( - FieldMetadata, - PathParamMetadata, - RequestMetadata, - get_discriminator, -) -from enum import Enum -import pydantic -from pydantic import Discriminator, Tag, field_serializer, model_serializer -from typing import List, Optional, Union -from typing_extensions import Annotated, NotRequired, TypeAliasType, TypedDict - - -class CreateOutputSystemByPackPqControlsStatsdTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsStatsd(BaseModel): - pass - - -class CreateOutputSystemByPackOutputStatsdTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeStatsd - protocol: DestinationProtocolOptions - r"""Protocol to use when communicating with the destination.""" - host: str - r"""The hostname of the destination.""" - port: float - r"""Destination port.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - mtu: NotRequired[float] - r"""When protocol is UDP, specifies the maximum size of packets sent to the destination. Also known as the MTU for the network path to the destination system.""" - flush_period_sec: NotRequired[float] - r"""When protocol is TCP, specifies how often buffers should be flushed, resulting in records sent to the destination.""" - dns_resolve_period_sec: NotRequired[float] - r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every batch sent will incur a DNS lookup.""" - description: NotRequired[str] - throttle_rate_per_sec: NotRequired[str] - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - connection_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - write_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsStatsdTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputSystemByPackOutputStatsd(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeStatsd - - protocol: DestinationProtocolOptions - r"""Protocol to use when communicating with the destination.""" - - host: str - r"""The hostname of the destination.""" - - port: float - r"""Destination port.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - mtu: Optional[float] = None - r"""When protocol is UDP, specifies the maximum size of packets sent to the destination. Also known as the MTU for the network path to the destination system.""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""When protocol is TCP, specifies how often buffers should be flushed, resulting in records sent to the destination.""" - - dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") - ] = None - r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every batch sent will incur a DNS lookup.""" - - description: Optional[str] = None - - throttle_rate_per_sec: Annotated[ - Optional[str], pydantic.Field(alias="throttleRatePerSec") - ] = None - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - - write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( - None - ) - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsStatsd], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("protocol") - def serialize_protocol(self, value): - if isinstance(value, str): - try: - return models.DestinationProtocolOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "mtu", - "flushPeriodSec", - "dnsResolvePeriodSec", - "description", - "throttleRatePerSec", - "connectionTimeout", - "writeTimeout", - "onBackpressure", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeMinio(str, Enum): - MINIO = "minio" - - -class CreateOutputSystemByPackOutputMinioTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeMinio - bucket: str - r"""Name of the destination MinIO bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" - stage_path: str - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - endpoint: str - r"""MinIO service url (e.g. http://minioHost:9000)""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] - r"""AWS authentication method. Choose Auto to use IAM roles.""" - reuse_connections: NotRequired[bool] - r"""Reuse connections between requests, which can improve performance""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - region: NotRequired[str] - r"""Region where the MinIO bucket is located""" - dest_path: NotRequired[str] - r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" - max_concurrent_file_parts: NotRequired[float] - r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" - verify_permissions: NotRequired[bool] - r"""Disable if you can access files within the bucket but not the bucket itself""" - max_closing_files_to_backpressure: NotRequired[float] - r"""Maximum number of files that can be waiting for upload before backpressure is applied""" - add_id_to_stage_path: NotRequired[bool] - r"""Add the Output ID value to staging location""" - remove_empty_dirs: NotRequired[bool] - r"""Remove empty staging directories after moving files""" - partition_expr: NotRequired[str] - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - format_: NotRequired[DataFormatOptions] - r"""Format of the output data""" - base_file_name: NotRequired[str] - r"""JavaScript expression to define the output filename prefix (can be constant)""" - file_name_suffix: NotRequired[str] - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - max_file_size_mb: NotRequired[float] - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - max_file_open_time_sec: NotRequired[float] - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - max_file_idle_time_sec: NotRequired[float] - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - max_open_files: NotRequired[float] - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - header_line: NotRequired[str] - r"""If set, this line will be written to the beginning of each output file""" - write_high_water_mark: NotRequired[float] - r"""Buffer size used to write to a file""" - on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] - r"""How to handle events when all receivers are exerting backpressure""" - deadletter_enabled: NotRequired[bool] - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - force_close_on_shutdown: NotRequired[bool] - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - retry_settings: NotRequired[RetrySettingsTypeTypedDict] - orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] - aws_secret_key: NotRequired[str] - r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" - object_acl: NotRequired[ObjectACLOptions] - r"""Object ACL to assign to uploaded objects""" - storage_class: NotRequired[StorageClassOptionsReducedredundancyStandard] - r"""Storage class to select for uploaded objects""" - server_side_encryption: NotRequired[ - ServerSideEncryptionForUploadedObjectsOptionsAes256 - ] - r"""Server-side encryption to use for uploaded objects""" - description: NotRequired[str] - aws_api_key: NotRequired[str] - r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" - aws_secret: NotRequired[str] - r"""Select or create a stored secret that references your access key and secret key""" - compress: NotRequired[CompressionOptionsHTTP] - r"""Data compression format to apply to HTTP content before it is delivered""" - compression_level: NotRequired[CompressionLevelOptions] - r"""Compression level to apply before moving files to final destination""" - automatic_schema: NotRequired[bool] - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - parquet_schema: NotRequired[str] - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - parquet_version: NotRequired[ParquetVersionOptions] - r"""Determines which data types are supported and how they are represented""" - parquet_data_page_version: NotRequired[DataPageVersionOptions] - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - parquet_row_group_length: NotRequired[float] - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - parquet_page_size: NotRequired[str] - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - should_log_invalid_rows: NotRequired[bool] - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - enable_statistics: NotRequired[bool] - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - enable_write_page_index: NotRequired[bool] - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - enable_page_checksum: NotRequired[bool] - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - empty_dir_cleanup_sec: NotRequired[float] - r"""How frequently, in seconds, to clean up empty directories""" - directory_batch_size: NotRequired[float] - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - deadletter_path: NotRequired[str] - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - max_retry_num: NotRequired[float] - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_bucket: NotRequired[str] - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_dest_path: NotRequired[str] - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - template_partition_expr: NotRequired[str] - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_base_file_name: NotRequired[str] - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - template_file_name_suffix: NotRequired[str] - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_aws_secret_key: NotRequired[str] - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - template_object_acl: NotRequired[str] - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - template_storage_class: NotRequired[str] - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - template_server_side_encryption: NotRequired[str] - r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" - template_aws_api_key: NotRequired[str] - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - template_parquet_schema: NotRequired[str] - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - -class CreateOutputSystemByPackOutputMinio(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeMinio - - bucket: str - r"""Name of the destination MinIO bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" - - stage_path: Annotated[str, pydantic.Field(alias="stagePath")] - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - - endpoint: str - r"""MinIO service url (e.g. http://minioHost:9000)""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - aws_authentication_method: Annotated[ - Optional[AuthenticationMethodOptionsS3CollectorConf], - pydantic.Field(alias="awsAuthenticationMethod"), - ] = None - r"""AWS authentication method. Choose Auto to use IAM roles.""" - - reuse_connections: Annotated[ - Optional[bool], pydantic.Field(alias="reuseConnections") - ] = None - r"""Reuse connections between requests, which can improve performance""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - - region: Optional[str] = None - r"""Region where the MinIO bucket is located""" - - dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None - r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" - - max_concurrent_file_parts: Annotated[ - Optional[float], pydantic.Field(alias="maxConcurrentFileParts") - ] = None - r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" - - verify_permissions: Annotated[ - Optional[bool], pydantic.Field(alias="verifyPermissions") - ] = None - r"""Disable if you can access files within the bucket but not the bucket itself""" - - max_closing_files_to_backpressure: Annotated[ - Optional[float], pydantic.Field(alias="maxClosingFilesToBackpressure") - ] = None - r"""Maximum number of files that can be waiting for upload before backpressure is applied""" - - add_id_to_stage_path: Annotated[ - Optional[bool], pydantic.Field(alias="addIdToStagePath") - ] = None - r"""Add the Output ID value to staging location""" - - remove_empty_dirs: Annotated[ - Optional[bool], pydantic.Field(alias="removeEmptyDirs") - ] = None - r"""Remove empty staging directories after moving files""" - - partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( - None - ) - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - - format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( - None - ) - r"""Format of the output data""" - - base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( - None - ) - r"""JavaScript expression to define the output filename prefix (can be constant)""" - - file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="fileNameSuffix") - ] = None - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - - max_file_size_mb: Annotated[ - Optional[float], pydantic.Field(alias="maxFileSizeMB") - ] = None - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - - max_file_open_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") - ] = None - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - - max_file_idle_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") - ] = None - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - - max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( - None - ) - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - - header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None - r"""If set, this line will be written to the beginning of each output file""" - - write_high_water_mark: Annotated[ - Optional[float], pydantic.Field(alias="writeHighWaterMark") - ] = None - r"""Buffer size used to write to a file""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptionsBlockDrop], - pydantic.Field(alias="onBackpressure"), - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - deadletter_enabled: Annotated[ - Optional[bool], pydantic.Field(alias="deadletterEnabled") - ] = None - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - - on_disk_full_backpressure: Annotated[ - Optional[DiskSpaceProtectionOptions], - pydantic.Field(alias="onDiskFullBackpressure"), - ] = None - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - - force_close_on_shutdown: Annotated[ - Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") - ] = None - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - - retry_settings: Annotated[ - Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") - ] = None - - orphans: Optional[OrphanFileRecoveryType] = None - - aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( - None - ) - r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" - - object_acl: Annotated[ - Optional[ObjectACLOptions], pydantic.Field(alias="objectACL") - ] = None - r"""Object ACL to assign to uploaded objects""" - - storage_class: Annotated[ - Optional[StorageClassOptionsReducedredundancyStandard], - pydantic.Field(alias="storageClass"), - ] = None - r"""Storage class to select for uploaded objects""" - - server_side_encryption: Annotated[ - Optional[ServerSideEncryptionForUploadedObjectsOptionsAes256], - pydantic.Field(alias="serverSideEncryption"), - ] = None - r"""Server-side encryption to use for uploaded objects""" - - description: Optional[str] = None - - aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None - r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" - - aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None - r"""Select or create a stored secret that references your access key and secret key""" - - compress: Optional[CompressionOptionsHTTP] = None - r"""Data compression format to apply to HTTP content before it is delivered""" - - compression_level: Annotated[ - Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") - ] = None - r"""Compression level to apply before moving files to final destination""" - - automatic_schema: Annotated[ - Optional[bool], pydantic.Field(alias="automaticSchema") - ] = None - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - - parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( - None - ) - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - - parquet_version: Annotated[ - Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") - ] = None - r"""Determines which data types are supported and how they are represented""" - - parquet_data_page_version: Annotated[ - Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") - ] = None - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - - parquet_row_group_length: Annotated[ - Optional[float], pydantic.Field(alias="parquetRowGroupLength") - ] = None - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - - parquet_page_size: Annotated[ - Optional[str], pydantic.Field(alias="parquetPageSize") - ] = None - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - - should_log_invalid_rows: Annotated[ - Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") - ] = None - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - - key_value_metadata: Annotated[ - Optional[List[KeyValueMetadataConfOutputFilesystem]], - pydantic.Field(alias="keyValueMetadata"), - ] = None - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - - enable_statistics: Annotated[ - Optional[bool], pydantic.Field(alias="enableStatistics") - ] = None - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - - enable_write_page_index: Annotated[ - Optional[bool], pydantic.Field(alias="enableWritePageIndex") - ] = None - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - - enable_page_checksum: Annotated[ - Optional[bool], pydantic.Field(alias="enablePageChecksum") - ] = None - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - - empty_dir_cleanup_sec: Annotated[ - Optional[float], pydantic.Field(alias="emptyDirCleanupSec") - ] = None - r"""How frequently, in seconds, to clean up empty directories""" - - directory_batch_size: Annotated[ - Optional[float], pydantic.Field(alias="directoryBatchSize") - ] = None - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - - deadletter_path: Annotated[ - Optional[str], pydantic.Field(alias="deadletterPath") - ] = None - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - - max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( - None - ) - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_bucket: Annotated[ - Optional[str], pydantic.Field(alias="__template_bucket") - ] = None - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_dest_path: Annotated[ - Optional[str], pydantic.Field(alias="__template_destPath") - ] = None - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - - template_partition_expr: Annotated[ - Optional[str], pydantic.Field(alias="__template_partitionExpr") - ] = None - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_base_file_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_baseFileName") - ] = None - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - - template_file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="__template_fileNameSuffix") - ] = None - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_aws_secret_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsSecretKey") - ] = None - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - - template_object_acl: Annotated[ - Optional[str], pydantic.Field(alias="__template_objectACL") - ] = None - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - - template_storage_class: Annotated[ - Optional[str], pydantic.Field(alias="__template_storageClass") - ] = None - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - - template_server_side_encryption: Annotated[ - Optional[str], pydantic.Field(alias="__template_serverSideEncryption") - ] = None - r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" - - template_aws_api_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsApiKey") - ] = None - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - template_parquet_schema: Annotated[ - Optional[str], pydantic.Field(alias="__template_parquetSchema") - ] = None - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - @field_serializer("aws_authentication_method") - def serialize_aws_authentication_method(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsS3CollectorConf(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.DataFormatOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptionsBlockDrop(value) - except ValueError: - return value - return value - - @field_serializer("on_disk_full_backpressure") - def serialize_on_disk_full_backpressure(self, value): - if isinstance(value, str): - try: - return models.DiskSpaceProtectionOptions(value) - except ValueError: - return value - return value - - @field_serializer("object_acl") - def serialize_object_acl(self, value): - if isinstance(value, str): - try: - return models.ObjectACLOptions(value) - except ValueError: - return value - return value - - @field_serializer("storage_class") - def serialize_storage_class(self, value): - if isinstance(value, str): - try: - return models.StorageClassOptionsReducedredundancyStandard(value) - except ValueError: - return value - return value - - @field_serializer("server_side_encryption") - def serialize_server_side_encryption(self, value): - if isinstance(value, str): - try: - return models.ServerSideEncryptionForUploadedObjectsOptionsAes256(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsHTTP(value) - except ValueError: - return value - return value - - @field_serializer("compression_level") - def serialize_compression_level(self, value): - if isinstance(value, str): - try: - return models.CompressionLevelOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_version") - def serialize_parquet_version(self, value): - if isinstance(value, str): - try: - return models.ParquetVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_data_page_version") - def serialize_parquet_data_page_version(self, value): - if isinstance(value, str): - try: - return models.DataPageVersionOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "awsAuthenticationMethod", - "reuseConnections", - "rejectUnauthorized", - "region", - "destPath", - "maxConcurrentFileParts", - "verifyPermissions", - "maxClosingFilesToBackpressure", - "addIdToStagePath", - "removeEmptyDirs", - "partitionExpr", - "format", - "baseFileName", - "fileNameSuffix", - "maxFileSizeMB", - "maxFileOpenTimeSec", - "maxFileIdleTimeSec", - "maxOpenFiles", - "headerLine", - "writeHighWaterMark", - "onBackpressure", - "deadletterEnabled", - "onDiskFullBackpressure", - "forceCloseOnShutdown", - "retrySettings", - "orphans", - "awsSecretKey", - "objectACL", - "storageClass", - "serverSideEncryption", - "description", - "awsApiKey", - "awsSecret", - "compress", - "compressionLevel", - "automaticSchema", - "parquetSchema", - "parquetVersion", - "parquetDataPageVersion", - "parquetRowGroupLength", - "parquetPageSize", - "shouldLogInvalidRows", - "keyValueMetadata", - "enableStatistics", - "enableWritePageIndex", - "enablePageChecksum", - "emptyDirCleanupSec", - "directoryBatchSize", - "deadletterPath", - "maxRetryNum", - "__template_streamtags", - "__template_bucket", - "__template_region", - "__template_destPath", - "__template_partitionExpr", - "__template_format", - "__template_baseFileName", - "__template_fileNameSuffix", - "__template_onBackpressure", - "__template_awsSecretKey", - "__template_objectACL", - "__template_storageClass", - "__template_serverSideEncryption", - "__template_awsApiKey", - "__template_compress", - "__template_parquetSchema", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeCloudwatch(str, Enum): - CLOUDWATCH = "cloudwatch" - - -class CreateOutputSystemByPackPqControlsCloudwatchTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsCloudwatch(BaseModel): - pass - - -class CreateOutputSystemByPackOutputCloudwatchTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeCloudwatch - log_group_name: str - r"""CloudWatch log group to associate events with""" - log_stream_name: str - r"""Prefix for CloudWatch log stream name. This prefix will be used to generate a unique log stream name per cribl instance, for example: myStream_myHost_myOutputId""" - region: str - r"""Region where the CloudWatchLogs is located""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] - r"""AWS authentication method. Choose Auto to use IAM roles.""" - aws_secret_key: NotRequired[str] - endpoint: NotRequired[str] - r"""CloudWatchLogs service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to CloudWatchLogs-compatible endpoint.""" - reuse_connections: NotRequired[bool] - r"""Reuse connections between requests, which can improve performance""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - enable_assume_role: NotRequired[bool] - r"""Use Assume Role credentials to access CloudWatchLogs""" - assume_role_arn: NotRequired[str] - r"""Amazon Resource Name (ARN) of the role to assume""" - assume_role_external_id: NotRequired[str] - r"""External ID to use when assuming role""" - duration_seconds: NotRequired[float] - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - max_queue_size: NotRequired[float] - r"""Maximum number of queued batches before blocking""" - max_record_size_kb: NotRequired[float] - r"""Maximum size (KB) of each individual record before compression. For non compressible data 1MB is the max recommended size""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - aws_api_key: NotRequired[str] - aws_secret: NotRequired[str] - r"""Select or create a stored secret that references your access key and secret key""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsCloudwatchTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_log_group_name: NotRequired[str] - r"""Binds 'logGroupName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logGroupName' at runtime.""" - template_log_stream_name: NotRequired[str] - r"""Binds 'logStreamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logStreamName' at runtime.""" - template_aws_secret_key: NotRequired[str] - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_endpoint: NotRequired[str] - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - template_assume_role_arn: NotRequired[str] - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - template_assume_role_external_id: NotRequired[str] - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_aws_api_key: NotRequired[str] - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - -class CreateOutputSystemByPackOutputCloudwatch(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeCloudwatch - - log_group_name: Annotated[str, pydantic.Field(alias="logGroupName")] - r"""CloudWatch log group to associate events with""" - - log_stream_name: Annotated[str, pydantic.Field(alias="logStreamName")] - r"""Prefix for CloudWatch log stream name. This prefix will be used to generate a unique log stream name per cribl instance, for example: myStream_myHost_myOutputId""" - - region: str - r"""Region where the CloudWatchLogs is located""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - aws_authentication_method: Annotated[ - Optional[AuthenticationMethodOptionsS3CollectorConf], - pydantic.Field(alias="awsAuthenticationMethod"), - ] = None - r"""AWS authentication method. Choose Auto to use IAM roles.""" - - aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( - None - ) - - endpoint: Optional[str] = None - r"""CloudWatchLogs service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to CloudWatchLogs-compatible endpoint.""" - - reuse_connections: Annotated[ - Optional[bool], pydantic.Field(alias="reuseConnections") - ] = None - r"""Reuse connections between requests, which can improve performance""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - - enable_assume_role: Annotated[ - Optional[bool], pydantic.Field(alias="enableAssumeRole") - ] = None - r"""Use Assume Role credentials to access CloudWatchLogs""" - - assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( - None - ) - r"""Amazon Resource Name (ARN) of the role to assume""" - - assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="assumeRoleExternalId") - ] = None - r"""External ID to use when assuming role""" - - duration_seconds: Annotated[ - Optional[float], pydantic.Field(alias="durationSeconds") - ] = None - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - - max_queue_size: Annotated[Optional[float], pydantic.Field(alias="maxQueueSize")] = ( - None - ) - r"""Maximum number of queued batches before blocking""" - - max_record_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSizeKB") - ] = None - r"""Maximum size (KB) of each individual record before compression. For non compressible data 1MB is the max recommended size""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None - - aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None - r"""Select or create a stored secret that references your access key and secret key""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsCloudwatch], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_log_group_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_logGroupName") - ] = None - r"""Binds 'logGroupName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logGroupName' at runtime.""" - - template_log_stream_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_logStreamName") - ] = None - r"""Binds 'logStreamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logStreamName' at runtime.""" - - template_aws_secret_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsSecretKey") - ] = None - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_endpoint") - ] = None - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - - template_assume_role_arn: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleArn") - ] = None - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - - template_assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") - ] = None - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_aws_api_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsApiKey") - ] = None - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - @field_serializer("aws_authentication_method") - def serialize_aws_authentication_method(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsS3CollectorConf(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "awsAuthenticationMethod", - "awsSecretKey", - "endpoint", - "reuseConnections", - "rejectUnauthorized", - "enableAssumeRole", - "assumeRoleArn", - "assumeRoleExternalId", - "durationSeconds", - "maxQueueSize", - "maxRecordSizeKB", - "flushPeriodSec", - "onBackpressure", - "description", - "awsApiKey", - "awsSecret", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_logGroupName", - "__template_logStreamName", - "__template_awsSecretKey", - "__template_region", - "__template_endpoint", - "__template_assumeRoleArn", - "__template_assumeRoleExternalId", - "__template_onBackpressure", - "__template_awsApiKey", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeInfluxdb(str, Enum): - INFLUXDB = "influxdb" - - -class CreateOutputSystemByPackTimestampPrecision( - str, Enum, metaclass=utils.OpenEnumMeta -): - r"""Sets the precision for the supplied Unix time values. Defaults to milliseconds.""" - - # Nanoseconds - NS = "ns" - # Microseconds - U = "u" - # Milliseconds - MS = "ms" - # Seconds - S = "s" - # Minutes - M = "m" - # Hours - H = "h" - - -class CreateOutputSystemByPackAuthenticationTypeInfluxdb( - str, Enum, metaclass=utils.OpenEnumMeta -): - r"""InfluxDB authentication type""" - - # None - NONE = "none" - # Basic - BASIC = "basic" - # Basic (credentials secret) - CREDENTIALS_SECRET = "credentialsSecret" - # Token - TOKEN = "token" - # Token (text secret) - TEXT_SECRET = "textSecret" - - -class CreateOutputSystemByPackPqControlsInfluxdbTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsInfluxdb(BaseModel): - pass - - -class CreateOutputSystemByPackOutputInfluxdbTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeInfluxdb - url: str - r"""URL of an InfluxDB cluster to send events to, e.g., http://localhost:8086/write""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - use_v2_api: NotRequired[bool] - r"""The v2 API can be enabled with InfluxDB versions 1.8 and later.""" - timestamp_precision: NotRequired[CreateOutputSystemByPackTimestampPrecision] - r"""Sets the precision for the supplied Unix time values. Defaults to milliseconds.""" - dynamic_value_field_name: NotRequired[bool] - r"""Enabling this will pull the value field from the metric name. E,g, 'db.query.user' will use 'db.query' as the measurement and 'user' as the value field.""" - value_field_name: NotRequired[str] - r"""Name of the field in which to store the metric when sending to InfluxDB. If dynamic generation is enabled and fails, this will be used as a fallback.""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[CreateOutputSystemByPackAuthenticationTypeInfluxdb] - r"""InfluxDB authentication type""" - description: NotRequired[str] - database: NotRequired[str] - r"""Database to write to.""" - bucket: NotRequired[str] - r"""Bucket to write to.""" - org: NotRequired[str] - r"""Organization ID for this bucket.""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsInfluxdbTypedDict] - username: NotRequired[str] - password: NotRequired[str] - token: NotRequired[str] - r"""Bearer token to include in the authorization header""" - credentials_secret: NotRequired[str] - r"""Select or create a secret that references your credentials""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_database: NotRequired[str] - r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" - template_bucket: NotRequired[str] - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - - -class CreateOutputSystemByPackOutputInfluxdb(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeInfluxdb - - url: str - r"""URL of an InfluxDB cluster to send events to, e.g., http://localhost:8086/write""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - use_v2_api: Annotated[Optional[bool], pydantic.Field(alias="useV2API")] = None - r"""The v2 API can be enabled with InfluxDB versions 1.8 and later.""" - - timestamp_precision: Annotated[ - Optional[CreateOutputSystemByPackTimestampPrecision], - pydantic.Field(alias="timestampPrecision"), - ] = None - r"""Sets the precision for the supplied Unix time values. Defaults to milliseconds.""" - - dynamic_value_field_name: Annotated[ - Optional[bool], pydantic.Field(alias="dynamicValueFieldName") - ] = None - r"""Enabling this will pull the value field from the metric name. E,g, 'db.query.user' will use 'db.query' as the measurement and 'user' as the value field.""" - - value_field_name: Annotated[ - Optional[str], pydantic.Field(alias="valueFieldName") - ] = None - r"""Name of the field in which to store the metric when sending to InfluxDB. If dynamic generation is enabled and fails, this will be used as a fallback.""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[CreateOutputSystemByPackAuthenticationTypeInfluxdb], - pydantic.Field(alias="authType"), - ] = None - r"""InfluxDB authentication type""" - - description: Optional[str] = None - - database: Optional[str] = None - r"""Database to write to.""" - - bucket: Optional[str] = None - r"""Bucket to write to.""" - - org: Optional[str] = None - r"""Organization ID for this bucket.""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsInfluxdb], - pydantic.Field(alias="pqControls"), - ] = None - - username: Optional[str] = None - - password: Optional[str] = None - - token: Optional[str] = None - r"""Bearer token to include in the authorization header""" - - credentials_secret: Annotated[ - Optional[str], pydantic.Field(alias="credentialsSecret") - ] = None - r"""Select or create a secret that references your credentials""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_database: Annotated[ - Optional[str], pydantic.Field(alias="__template_database") - ] = None - r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" - - template_bucket: Annotated[ - Optional[str], pydantic.Field(alias="__template_bucket") - ] = None - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - - @field_serializer("timestamp_precision") - def serialize_timestamp_precision(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackTimestampPrecision(value) - except ValueError: - return value - return value - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackAuthenticationTypeInfluxdb(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "useV2API", - "timestampPrecision", - "dynamicValueFieldName", - "valueFieldName", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "authType", - "description", - "database", - "bucket", - "org", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "username", - "password", - "token", - "credentialsSecret", - "textSecret", - "__template_streamtags", - "__template_url", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_database", - "__template_bucket", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeNewrelicEvents(str, Enum): - NEWRELIC_EVENTS = "newrelic_events" - - -class CreateOutputSystemByPackPqControlsNewrelicEventsTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsNewrelicEvents(BaseModel): - pass - - -class CreateOutputSystemByPackOutputNewrelicEventsTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeNewrelicEvents - account_id: str - r"""New Relic account ID""" - event_type: str - r"""Default New Relic eventType to use when event type is not present. For more information, see the [New Relic eventType documentation](https://docs.newrelic.com/docs/telemetry-data-platform/custom-data/custom-events/data-requirements-limits-custom-event-data/#reserved-words).""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - region: NotRequired[RegionOptions] - r"""Which New Relic region endpoint to use.""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[AuthenticationMethodOptionsAPI] - r"""Enter API key directly, or select a stored secret""" - description: NotRequired[str] - custom_url: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsNewrelicEventsTypedDict] - api_key: NotRequired[str] - r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_account_id: NotRequired[str] - r"""Binds 'accountId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'accountId' at runtime.""" - template_event_type: NotRequired[str] - r"""Binds 'eventType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'eventType' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_custom_url: NotRequired[str] - r"""Binds 'customUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customUrl' at runtime.""" - - -class CreateOutputSystemByPackOutputNewrelicEvents(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeNewrelicEvents - - account_id: Annotated[str, pydantic.Field(alias="accountId")] - r"""New Relic account ID""" - - event_type: Annotated[str, pydantic.Field(alias="eventType")] - r"""Default New Relic eventType to use when event type is not present. For more information, see the [New Relic eventType documentation](https://docs.newrelic.com/docs/telemetry-data-platform/custom-data/custom-events/data-requirements-limits-custom-event-data/#reserved-words).""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - region: Optional[RegionOptions] = None - r"""Which New Relic region endpoint to use.""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAPI], pydantic.Field(alias="authType") - ] = None - r"""Enter API key directly, or select a stored secret""" - - description: Optional[str] = None - - custom_url: Annotated[Optional[str], pydantic.Field(alias="customUrl")] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsNewrelicEvents], - pydantic.Field(alias="pqControls"), - ] = None - - api_key: Annotated[Optional[str], pydantic.Field(alias="apiKey")] = None - r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_account_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_accountId") - ] = None - r"""Binds 'accountId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'accountId' at runtime.""" - - template_event_type: Annotated[ - Optional[str], pydantic.Field(alias="__template_eventType") - ] = None - r"""Binds 'eventType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'eventType' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_custom_url: Annotated[ - Optional[str], pydantic.Field(alias="__template_customUrl") - ] = None - r"""Binds 'customUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customUrl' at runtime.""" - - @field_serializer("region") - def serialize_region(self, value): - if isinstance(value, str): - try: - return models.RegionOptions(value) - except ValueError: - return value - return value - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAPI(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "region", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "authType", - "description", - "customUrl", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "apiKey", - "textSecret", - "__template_streamtags", - "__template_region", - "__template_accountId", - "__template_eventType", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_customUrl", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeNewrelic(str, Enum): - NEWRELIC = "newrelic" - - -class CreateOutputSystemByPackFieldName(str, Enum, metaclass=utils.OpenEnumMeta): - SERVICE = "service" - HOSTNAME = "hostname" - TIMESTAMP = "timestamp" - AUDIT_ID = "auditId" - - -class CreateOutputSystemByPackMetadatumTypedDict(TypedDict): - name: CreateOutputSystemByPackFieldName - value: str - r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)""" - - -class CreateOutputSystemByPackMetadatum(BaseModel): - name: CreateOutputSystemByPackFieldName - - value: str - r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)""" - - @field_serializer("name") - def serialize_name(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackFieldName(value) - except ValueError: - return value - return value - - -class CreateOutputSystemByPackPqControlsNewrelicTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsNewrelic(BaseModel): - pass - - -class CreateOutputSystemByPackOutputNewrelicTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeNewrelic - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - region: NotRequired[RegionOptions] - r"""Which New Relic region endpoint to use.""" - log_type: NotRequired[str] - r"""Name of the logtype to send with events, e.g.: observability, access_log. The event's 'sourcetype' field (if set) will override this value.""" - message_field: NotRequired[str] - r"""Name of field to send as log message value. If not present, event will be serialized and sent as JSON.""" - metadata: NotRequired[List[CreateOutputSystemByPackMetadatumTypedDict]] - r"""Fields to add to events from this input""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[AuthenticationMethodOptionsAPI] - r"""Enter API key directly, or select a stored secret""" - total_memory_limit_kb: NotRequired[float] - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - description: NotRequired[str] - custom_url: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsNewrelicTypedDict] - api_key: NotRequired[str] - r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_log_type: NotRequired[str] - r"""Binds 'logType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logType' at runtime.""" - template_message_field: NotRequired[str] - r"""Binds 'messageField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'messageField' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputSystemByPackOutputNewrelic(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeNewrelic - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - region: Optional[RegionOptions] = None - r"""Which New Relic region endpoint to use.""" - - log_type: Annotated[Optional[str], pydantic.Field(alias="logType")] = None - r"""Name of the logtype to send with events, e.g.: observability, access_log. The event's 'sourcetype' field (if set) will override this value.""" - - message_field: Annotated[Optional[str], pydantic.Field(alias="messageField")] = None - r"""Name of field to send as log message value. If not present, event will be serialized and sent as JSON.""" - - metadata: Optional[List[CreateOutputSystemByPackMetadatum]] = None - r"""Fields to add to events from this input""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAPI], pydantic.Field(alias="authType") - ] = None - r"""Enter API key directly, or select a stored secret""" - - total_memory_limit_kb: Annotated[ - Optional[float], pydantic.Field(alias="totalMemoryLimitKB") - ] = None - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - - description: Optional[str] = None - - custom_url: Annotated[Optional[str], pydantic.Field(alias="customUrl")] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsNewrelic], - pydantic.Field(alias="pqControls"), - ] = None - - api_key: Annotated[Optional[str], pydantic.Field(alias="apiKey")] = None - r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_log_type: Annotated[ - Optional[str], pydantic.Field(alias="__template_logType") - ] = None - r"""Binds 'logType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logType' at runtime.""" - - template_message_field: Annotated[ - Optional[str], pydantic.Field(alias="__template_messageField") - ] = None - r"""Binds 'messageField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'messageField' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("region") - def serialize_region(self, value): - if isinstance(value, str): - try: - return models.RegionOptions(value) - except ValueError: - return value - return value - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAPI(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "region", - "logType", - "messageField", - "metadata", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "authType", - "totalMemoryLimitKB", - "description", - "customUrl", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "apiKey", - "textSecret", - "__template_streamtags", - "__template_region", - "__template_logType", - "__template_messageField", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeElasticCloud(str, Enum): - ELASTIC_CLOUD = "elastic_cloud" - - -class CreateOutputSystemByPackPqControlsElasticCloudTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsElasticCloud(BaseModel): - pass - - -class CreateOutputSystemByPackOutputElasticCloudTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeElasticCloud - url: str - r"""Enter Cloud ID of the Elastic Cloud environment to send events to""" - index: str - r"""Data stream or index to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - extra_params: NotRequired[List[SaslExtensionConfInputKafkaTypedDict]] - r"""Extra parameters to use in HTTP requests""" - auth: NotRequired[AuthTypeTemplatemanualAPIKeyAuthTypeTypedDict] - elastic_pipeline: NotRequired[str] - r"""Optional Elastic Cloud Destination pipeline""" - include_doc_id: NotRequired[bool] - r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsElasticCloudTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - template_index: NotRequired[str] - r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_elastic_pipeline: NotRequired[str] - r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputSystemByPackOutputElasticCloud(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeElasticCloud - - url: str - r"""Enter Cloud ID of the Elastic Cloud environment to send events to""" - - index: str - r"""Data stream or index to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - extra_params: Annotated[ - Optional[List[SaslExtensionConfInputKafka]], pydantic.Field(alias="extraParams") - ] = None - r"""Extra parameters to use in HTTP requests""" - - auth: Optional[AuthTypeTemplatemanualAPIKeyAuthType] = None - - elastic_pipeline: Annotated[ - Optional[str], pydantic.Field(alias="elasticPipeline") - ] = None - r"""Optional Elastic Cloud Destination pipeline""" - - include_doc_id: Annotated[Optional[bool], pydantic.Field(alias="includeDocId")] = ( - None - ) - r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsElasticCloud], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - template_index: Annotated[ - Optional[str], pydantic.Field(alias="__template_index") - ] = None - r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_elastic_pipeline: Annotated[ - Optional[str], pydantic.Field(alias="__template_elasticPipeline") - ] = None - r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "failedRequestLoggingMode", - "safeHeaders", - "extraParams", - "auth", - "elasticPipeline", - "includeDocId", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "description", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_url", - "__template_index", - "__template_failedRequestLoggingMode", - "__template_elasticPipeline", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeElastic(str, Enum): - ELASTIC = "elastic" - - -class CreateOutputSystemByPackElasticVersion(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Optional Elasticsearch version, used to format events. If not specified, will auto-discover version.""" - - # Auto - AUTO = "auto" - # 6.x - SIX = "6" - # 7.x - SEVEN = "7" - - -class CreateOutputSystemByPackWriteAction(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Action to use when writing events. Must be set to `Create` when writing to a data stream.""" - - # Index - INDEX = "index" - # Create - CREATE = "create" - - -class CreateOutputSystemByPackURLElasticTypedDict(TypedDict): - url: str - r"""The URL to an Elastic node to send events to. Example: http://elastic:9200/_bulk""" - weight: NotRequired[float] - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - -class CreateOutputSystemByPackURLElastic(BaseModel): - url: str - r"""The URL to an Elastic node to send events to. Example: http://elastic:9200/_bulk""" - - weight: Optional[float] = None - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["weight", "__template_url"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackPqControlsElasticTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsElastic(BaseModel): - pass - - -class CreateOutputSystemByPackOutputElasticTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeElastic - index: str - r"""Index or data stream to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - load_balanced: NotRequired[bool] - r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" - doc_type: NotRequired[str] - r"""Document type to use for events. Can be overwritten by an event's __type field.""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - extra_params: NotRequired[List[SaslExtensionConfInputKafkaTypedDict]] - auth: NotRequired[AuthTypeTemplatemanualAPIKeyAuthTypeTypedDict] - elastic_version: NotRequired[CreateOutputSystemByPackElasticVersion] - r"""Optional Elasticsearch version, used to format events. If not specified, will auto-discover version.""" - elastic_pipeline: NotRequired[str] - r"""Optional Elasticsearch destination pipeline""" - include_doc_id: NotRequired[bool] - r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" - write_action: NotRequired[CreateOutputSystemByPackWriteAction] - r"""Action to use when writing events. Must be set to `Create` when writing to a data stream.""" - retry_partial_errors: NotRequired[bool] - r"""Retry failed events when a bulk request to Elastic is successful, but the response body returns an error for one or more events in the batch""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - url: NotRequired[str] - r"""The Cloud ID or URL to an Elastic cluster to send events to. Example: http://elastic:9200/_bulk""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - exclude_self: NotRequired[bool] - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - urls: NotRequired[List[CreateOutputSystemByPackURLElasticTypedDict]] - dns_resolve_period_sec: NotRequired[float] - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - load_balance_stats_period_sec: NotRequired[float] - r"""How far back in time to keep traffic stats for load balancing purposes""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsElasticTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_index: NotRequired[str] - r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" - template_doc_type: NotRequired[str] - r"""Binds 'docType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'docType' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_elastic_pipeline: NotRequired[str] - r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - -class CreateOutputSystemByPackOutputElastic(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeElastic - - index: str - r"""Index or data stream to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( - None - ) - r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" - - doc_type: Annotated[Optional[str], pydantic.Field(alias="docType")] = None - r"""Document type to use for events. Can be overwritten by an event's __type field.""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - extra_params: Annotated[ - Optional[List[SaslExtensionConfInputKafka]], pydantic.Field(alias="extraParams") - ] = None - - auth: Optional[AuthTypeTemplatemanualAPIKeyAuthType] = None - - elastic_version: Annotated[ - Optional[CreateOutputSystemByPackElasticVersion], - pydantic.Field(alias="elasticVersion"), - ] = None - r"""Optional Elasticsearch version, used to format events. If not specified, will auto-discover version.""" - - elastic_pipeline: Annotated[ - Optional[str], pydantic.Field(alias="elasticPipeline") - ] = None - r"""Optional Elasticsearch destination pipeline""" - - include_doc_id: Annotated[Optional[bool], pydantic.Field(alias="includeDocId")] = ( - None - ) - r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" - - write_action: Annotated[ - Optional[CreateOutputSystemByPackWriteAction], - pydantic.Field(alias="writeAction"), - ] = None - r"""Action to use when writing events. Must be set to `Create` when writing to a data stream.""" - - retry_partial_errors: Annotated[ - Optional[bool], pydantic.Field(alias="retryPartialErrors") - ] = None - r"""Retry failed events when a bulk request to Elastic is successful, but the response body returns an error for one or more events in the batch""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - url: Optional[str] = None - r"""The Cloud ID or URL to an Elastic cluster to send events to. Example: http://elastic:9200/_bulk""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - - urls: Optional[List[CreateOutputSystemByPackURLElastic]] = None - - dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") - ] = None - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - - load_balance_stats_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") - ] = None - r"""How far back in time to keep traffic stats for load balancing purposes""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsElastic], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_index: Annotated[ - Optional[str], pydantic.Field(alias="__template_index") - ] = None - r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" - - template_doc_type: Annotated[ - Optional[str], pydantic.Field(alias="__template_docType") - ] = None - r"""Binds 'docType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'docType' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_elastic_pipeline: Annotated[ - Optional[str], pydantic.Field(alias="__template_elasticPipeline") - ] = None - r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("elastic_version") - def serialize_elastic_version(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackElasticVersion(value) - except ValueError: - return value - return value - - @field_serializer("write_action") - def serialize_write_action(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackWriteAction(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "loadBalanced", - "docType", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "extraParams", - "auth", - "elasticVersion", - "elasticPipeline", - "includeDocId", - "writeAction", - "retryPartialErrors", - "onBackpressure", - "description", - "url", - "useRoundRobinDns", - "excludeSelf", - "urls", - "dnsResolvePeriodSec", - "loadBalanceStatsPeriodSec", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_index", - "__template_docType", - "__template_failedRequestLoggingMode", - "__template_elasticPipeline", - "__template_onBackpressure", - "__template_url", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeMsk(str, Enum): - MSK = "msk" - - -class CreateOutputSystemByPackPqControlsMskTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsMsk(BaseModel): - pass - - -class CreateOutputSystemByPackOutputMskTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeMsk - brokers: List[str] - r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" - topic: str - r"""The topic to publish events to. Can be overridden using the __topicOut field.""" - aws_authentication_method: AuthenticationMethodOptionsS3CollectorConf - r"""AWS authentication method. Choose Auto to use IAM roles.""" - region: str - r"""Region where the MSK cluster is located""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - ack: NotRequired[AcknowledgmentsOptionsAllLeader] - r"""Control the number of required acknowledgments.""" - format_: NotRequired[RecordDataFormatOptionsJSONProtobuf] - r"""Format to use to serialize events before writing to Kafka.""" - compression: NotRequired[CompressionOptionsGzipLz4] - r"""Codec to use to compress the data before sending to Kafka""" - max_record_size_kb: NotRequired[float] - r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" - flush_event_count: NotRequired[float] - r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" - flush_period_sec: NotRequired[float] - r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" - kafka_schema_registry: NotRequired[ - KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict - ] - connection_timeout: NotRequired[float] - r"""Maximum time to wait for a connection to complete successfully""" - request_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to a request""" - max_retries: NotRequired[float] - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - max_back_off: NotRequired[float] - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - initial_backoff: NotRequired[float] - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - backoff_rate: NotRequired[float] - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - authentication_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to an authentication request""" - reauthentication_threshold: NotRequired[float] - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - aws_secret_key: NotRequired[str] - endpoint: NotRequired[str] - r"""MSK cluster service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to MSK cluster-compatible endpoint.""" - reuse_connections: NotRequired[bool] - r"""Reuse connections between requests, which can improve performance""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - enable_assume_role: NotRequired[bool] - r"""Use Assume Role credentials to access MSK""" - assume_role_arn: NotRequired[str] - r"""Amazon Resource Name (ARN) of the role to assume""" - assume_role_external_id: NotRequired[str] - r"""External ID to use when assuming role""" - duration_seconds: NotRequired[float] - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - aws_api_key: NotRequired[str] - aws_secret: NotRequired[str] - r"""Select or create a stored secret that references your access key and secret key""" - protobuf_library_id: NotRequired[str] - r"""Select a set of Protobuf definitions for the events you want to send""" - protobuf_encoding_id: NotRequired[str] - r"""Select the type of object you want the Protobuf definitions to use for event encoding""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsMskTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_topic: NotRequired[str] - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_compression: NotRequired[str] - r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" - template_aws_secret_key: NotRequired[str] - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_endpoint: NotRequired[str] - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - template_assume_role_arn: NotRequired[str] - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - template_assume_role_external_id: NotRequired[str] - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_aws_api_key: NotRequired[str] - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - -class CreateOutputSystemByPackOutputMsk(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeMsk - - brokers: List[str] - r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" - - topic: str - r"""The topic to publish events to. Can be overridden using the __topicOut field.""" - - aws_authentication_method: Annotated[ - AuthenticationMethodOptionsS3CollectorConf, - pydantic.Field(alias="awsAuthenticationMethod"), - ] - r"""AWS authentication method. Choose Auto to use IAM roles.""" - - region: str - r"""Region where the MSK cluster is located""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - ack: Optional[AcknowledgmentsOptionsAllLeader] = None - r"""Control the number of required acknowledgments.""" - - format_: Annotated[ - Optional[RecordDataFormatOptionsJSONProtobuf], pydantic.Field(alias="format") - ] = None - r"""Format to use to serialize events before writing to Kafka.""" - - compression: Optional[CompressionOptionsGzipLz4] = None - r"""Codec to use to compress the data before sending to Kafka""" - - max_record_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSizeKB") - ] = None - r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" - - flush_event_count: Annotated[ - Optional[float], pydantic.Field(alias="flushEventCount") - ] = None - r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" - - kafka_schema_registry: Annotated[ - Optional[KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth], - pydantic.Field(alias="kafkaSchemaRegistry"), - ] = None - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Maximum time to wait for a connection to complete successfully""" - - request_timeout: Annotated[ - Optional[float], pydantic.Field(alias="requestTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to a request""" - - max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - - max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - - initial_backoff: Annotated[ - Optional[float], pydantic.Field(alias="initialBackoff") - ] = None - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - - backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - - authentication_timeout: Annotated[ - Optional[float], pydantic.Field(alias="authenticationTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to an authentication request""" - - reauthentication_threshold: Annotated[ - Optional[float], pydantic.Field(alias="reauthenticationThreshold") - ] = None - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - - aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( - None - ) - - endpoint: Optional[str] = None - r"""MSK cluster service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to MSK cluster-compatible endpoint.""" - - reuse_connections: Annotated[ - Optional[bool], pydantic.Field(alias="reuseConnections") - ] = None - r"""Reuse connections between requests, which can improve performance""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - - enable_assume_role: Annotated[ - Optional[bool], pydantic.Field(alias="enableAssumeRole") - ] = None - r"""Use Assume Role credentials to access MSK""" - - assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( - None - ) - r"""Amazon Resource Name (ARN) of the role to assume""" - - assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="assumeRoleExternalId") - ] = None - r"""External ID to use when assuming role""" - - duration_seconds: Annotated[ - Optional[float], pydantic.Field(alias="durationSeconds") - ] = None - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None - - aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None - r"""Select or create a stored secret that references your access key and secret key""" - - protobuf_library_id: Annotated[ - Optional[str], pydantic.Field(alias="protobufLibraryId") - ] = None - r"""Select a set of Protobuf definitions for the events you want to send""" - - protobuf_encoding_id: Annotated[ - Optional[str], pydantic.Field(alias="protobufEncodingId") - ] = None - r"""Select the type of object you want the Protobuf definitions to use for event encoding""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsMsk], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_topic: Annotated[ - Optional[str], pydantic.Field(alias="__template_topic") - ] = None - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_compression: Annotated[ - Optional[str], pydantic.Field(alias="__template_compression") - ] = None - r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" - - template_aws_secret_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsSecretKey") - ] = None - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_endpoint") - ] = None - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - - template_assume_role_arn: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleArn") - ] = None - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - - template_assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") - ] = None - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_aws_api_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsApiKey") - ] = None - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - @field_serializer("ack") - def serialize_ack(self, value): - if isinstance(value, str): - try: - return models.AcknowledgmentsOptionsAllLeader(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.RecordDataFormatOptionsJSONProtobuf(value) - except ValueError: - return value - return value - - @field_serializer("compression") - def serialize_compression(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsGzipLz4(value) - except ValueError: - return value - return value - - @field_serializer("aws_authentication_method") - def serialize_aws_authentication_method(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsS3CollectorConf(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "ack", - "format", - "compression", - "maxRecordSizeKB", - "flushEventCount", - "flushPeriodSec", - "kafkaSchemaRegistry", - "connectionTimeout", - "requestTimeout", - "maxRetries", - "maxBackOff", - "initialBackoff", - "backoffRate", - "authenticationTimeout", - "reauthenticationThreshold", - "awsSecretKey", - "endpoint", - "reuseConnections", - "rejectUnauthorized", - "enableAssumeRole", - "assumeRoleArn", - "assumeRoleExternalId", - "durationSeconds", - "tls", - "onBackpressure", - "description", - "awsApiKey", - "awsSecret", - "protobufLibraryId", - "protobufEncodingId", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_topic", - "__template_format", - "__template_compression", - "__template_awsSecretKey", - "__template_region", - "__template_endpoint", - "__template_assumeRoleArn", - "__template_assumeRoleExternalId", - "__template_onBackpressure", - "__template_awsApiKey", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeConfluentCloud(str, Enum): - CONFLUENT_CLOUD = "confluent_cloud" - - -class CreateOutputSystemByPackPqControlsConfluentCloudTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsConfluentCloud(BaseModel): - pass - - -class CreateOutputSystemByPackOutputConfluentCloudTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeConfluentCloud - brokers: List[str] - r"""List of Confluent Cloud bootstrap servers to use, such as yourAccount.confluent.cloud:9092.""" - topic: str - r"""The topic to publish events to. Can be overridden using the __topicOut field.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] - ack: NotRequired[AcknowledgmentsOptionsAllLeader] - r"""Control the number of required acknowledgments.""" - format_: NotRequired[RecordDataFormatOptionsJSONProtobuf] - r"""Format to use to serialize events before writing to Kafka.""" - compression: NotRequired[CompressionOptionsGzipLz4] - r"""Codec to use to compress the data before sending to Kafka""" - max_record_size_kb: NotRequired[float] - r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" - flush_event_count: NotRequired[float] - r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" - flush_period_sec: NotRequired[float] - r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" - kafka_schema_registry: NotRequired[ - KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict - ] - connection_timeout: NotRequired[float] - r"""Maximum time to wait for a connection to complete successfully""" - request_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to a request""" - max_retries: NotRequired[float] - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - max_back_off: NotRequired[float] - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - initial_backoff: NotRequired[float] - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - backoff_rate: NotRequired[float] - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - authentication_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to an authentication request""" - reauthentication_threshold: NotRequired[float] - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - sasl: NotRequired[AuthenticationTypeTypedDict] - r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - protobuf_library_id: NotRequired[str] - r"""Select a set of Protobuf definitions for the events you want to send""" - protobuf_encoding_id: NotRequired[str] - r"""Select the type of object you want the Protobuf definitions to use for event encoding""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsConfluentCloudTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_brokers: NotRequired[str] - r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" - template_topic: NotRequired[str] - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_compression: NotRequired[str] - r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputSystemByPackOutputConfluentCloud(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeConfluentCloud - - brokers: List[str] - r"""List of Confluent Cloud bootstrap servers to use, such as yourAccount.confluent.cloud:9092.""" - - topic: str - r"""The topic to publish events to. Can be overridden using the __topicOut field.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None - - ack: Optional[AcknowledgmentsOptionsAllLeader] = None - r"""Control the number of required acknowledgments.""" - - format_: Annotated[ - Optional[RecordDataFormatOptionsJSONProtobuf], pydantic.Field(alias="format") - ] = None - r"""Format to use to serialize events before writing to Kafka.""" - - compression: Optional[CompressionOptionsGzipLz4] = None - r"""Codec to use to compress the data before sending to Kafka""" - - max_record_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSizeKB") - ] = None - r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" - - flush_event_count: Annotated[ - Optional[float], pydantic.Field(alias="flushEventCount") - ] = None - r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" - - kafka_schema_registry: Annotated[ - Optional[KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth], - pydantic.Field(alias="kafkaSchemaRegistry"), - ] = None - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Maximum time to wait for a connection to complete successfully""" - - request_timeout: Annotated[ - Optional[float], pydantic.Field(alias="requestTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to a request""" - - max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - - max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - - initial_backoff: Annotated[ - Optional[float], pydantic.Field(alias="initialBackoff") - ] = None - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - - backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - - authentication_timeout: Annotated[ - Optional[float], pydantic.Field(alias="authenticationTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to an authentication request""" - - reauthentication_threshold: Annotated[ - Optional[float], pydantic.Field(alias="reauthenticationThreshold") - ] = None - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - - sasl: Optional[AuthenticationType] = None - r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - protobuf_library_id: Annotated[ - Optional[str], pydantic.Field(alias="protobufLibraryId") - ] = None - r"""Select a set of Protobuf definitions for the events you want to send""" - - protobuf_encoding_id: Annotated[ - Optional[str], pydantic.Field(alias="protobufEncodingId") - ] = None - r"""Select the type of object you want the Protobuf definitions to use for event encoding""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsConfluentCloud], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_brokers: Annotated[ - Optional[str], pydantic.Field(alias="__template_brokers") - ] = None - r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" - - template_topic: Annotated[ - Optional[str], pydantic.Field(alias="__template_topic") - ] = None - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_compression: Annotated[ - Optional[str], pydantic.Field(alias="__template_compression") - ] = None - r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("ack") - def serialize_ack(self, value): - if isinstance(value, str): - try: - return models.AcknowledgmentsOptionsAllLeader(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.RecordDataFormatOptionsJSONProtobuf(value) - except ValueError: - return value - return value - - @field_serializer("compression") - def serialize_compression(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsGzipLz4(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "tls", - "ack", - "format", - "compression", - "maxRecordSizeKB", - "flushEventCount", - "flushPeriodSec", - "kafkaSchemaRegistry", - "connectionTimeout", - "requestTimeout", - "maxRetries", - "maxBackOff", - "initialBackoff", - "backoffRate", - "authenticationTimeout", - "reauthenticationThreshold", - "sasl", - "onBackpressure", - "description", - "protobufLibraryId", - "protobufEncodingId", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_brokers", - "__template_topic", - "__template_format", - "__template_compression", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeKafka(str, Enum): - KAFKA = "kafka" - - -class CreateOutputSystemByPackPqControlsKafkaTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsKafka(BaseModel): - pass - - -class CreateOutputSystemByPackOutputKafkaTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeKafka - brokers: List[str] - r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" - topic: str - r"""The topic to publish events to. Can be overridden using the __topicOut field.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - ack: NotRequired[AcknowledgmentsOptionsAllLeader] - r"""Control the number of required acknowledgments.""" - format_: NotRequired[RecordDataFormatOptionsJSONProtobuf] - r"""Format to use to serialize events before writing to Kafka.""" - compression: NotRequired[CompressionOptionsGzipLz4] - r"""Codec to use to compress the data before sending to Kafka""" - max_record_size_kb: NotRequired[float] - r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" - flush_event_count: NotRequired[float] - r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" - flush_period_sec: NotRequired[float] - r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" - kafka_schema_registry: NotRequired[ - KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict - ] - connection_timeout: NotRequired[float] - r"""Maximum time to wait for a connection to complete successfully""" - request_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to a request""" - max_retries: NotRequired[float] - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - max_back_off: NotRequired[float] - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - initial_backoff: NotRequired[float] - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - backoff_rate: NotRequired[float] - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - authentication_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to an authentication request""" - reauthentication_threshold: NotRequired[float] - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - sasl: NotRequired[AuthenticationTypeTypedDict] - r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - protobuf_library_id: NotRequired[str] - r"""Select a set of Protobuf definitions for the events you want to send""" - protobuf_encoding_id: NotRequired[str] - r"""Select the type of object you want the Protobuf definitions to use for event encoding""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsKafkaTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_topic: NotRequired[str] - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_compression: NotRequired[str] - r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputSystemByPackOutputKafka(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeKafka - - brokers: List[str] - r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" - - topic: str - r"""The topic to publish events to. Can be overridden using the __topicOut field.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - ack: Optional[AcknowledgmentsOptionsAllLeader] = None - r"""Control the number of required acknowledgments.""" - - format_: Annotated[ - Optional[RecordDataFormatOptionsJSONProtobuf], pydantic.Field(alias="format") - ] = None - r"""Format to use to serialize events before writing to Kafka.""" - - compression: Optional[CompressionOptionsGzipLz4] = None - r"""Codec to use to compress the data before sending to Kafka""" - - max_record_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSizeKB") - ] = None - r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" - - flush_event_count: Annotated[ - Optional[float], pydantic.Field(alias="flushEventCount") - ] = None - r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" - - kafka_schema_registry: Annotated[ - Optional[KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth], - pydantic.Field(alias="kafkaSchemaRegistry"), - ] = None - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Maximum time to wait for a connection to complete successfully""" - - request_timeout: Annotated[ - Optional[float], pydantic.Field(alias="requestTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to a request""" - - max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - - max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - - initial_backoff: Annotated[ - Optional[float], pydantic.Field(alias="initialBackoff") - ] = None - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - - backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - - authentication_timeout: Annotated[ - Optional[float], pydantic.Field(alias="authenticationTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to an authentication request""" - - reauthentication_threshold: Annotated[ - Optional[float], pydantic.Field(alias="reauthenticationThreshold") - ] = None - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - - sasl: Optional[AuthenticationType] = None - r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - protobuf_library_id: Annotated[ - Optional[str], pydantic.Field(alias="protobufLibraryId") - ] = None - r"""Select a set of Protobuf definitions for the events you want to send""" - - protobuf_encoding_id: Annotated[ - Optional[str], pydantic.Field(alias="protobufEncodingId") - ] = None - r"""Select the type of object you want the Protobuf definitions to use for event encoding""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsKafka], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_topic: Annotated[ - Optional[str], pydantic.Field(alias="__template_topic") - ] = None - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_compression: Annotated[ - Optional[str], pydantic.Field(alias="__template_compression") - ] = None - r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("ack") - def serialize_ack(self, value): - if isinstance(value, str): - try: - return models.AcknowledgmentsOptionsAllLeader(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.RecordDataFormatOptionsJSONProtobuf(value) - except ValueError: - return value - return value - - @field_serializer("compression") - def serialize_compression(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsGzipLz4(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "ack", - "format", - "compression", - "maxRecordSizeKB", - "flushEventCount", - "flushPeriodSec", - "kafkaSchemaRegistry", - "connectionTimeout", - "requestTimeout", - "maxRetries", - "maxBackOff", - "initialBackoff", - "backoffRate", - "authenticationTimeout", - "reauthenticationThreshold", - "sasl", - "tls", - "onBackpressure", - "description", - "protobufLibraryId", - "protobufEncodingId", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_topic", - "__template_format", - "__template_compression", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeExabeam(str, Enum): - EXABEAM = "exabeam" - - -class CreateOutputSystemByPackOutputExabeamTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeExabeam - bucket: str - r"""Name of the destination bucket. A constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a JavaScript Global Variable: `myBucket-${C.vars.myVar}`.""" - region: str - r"""Region where the bucket is located""" - stage_path: str - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - endpoint: str - r"""Google Cloud Storage service endpoint""" - collector_instance_id: str - r"""ID of the Exabeam Collector where data should be sent. Example: 11112222-3333-4444-5555-666677778888 - - """ - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - object_acl: NotRequired[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol] - r"""Object ACL to assign to uploaded objects""" - storage_class: NotRequired[StorageClassOptionsArchiveColdline] - r"""Storage class to select for uploaded objects""" - reuse_connections: NotRequired[bool] - r"""Reuse connections between requests, which can improve performance""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - add_id_to_stage_path: NotRequired[bool] - r"""Add the Output ID value to staging location""" - remove_empty_dirs: NotRequired[bool] - r"""Remove empty staging directories after moving files""" - max_file_open_time_sec: NotRequired[float] - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - max_file_idle_time_sec: NotRequired[float] - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - max_open_files: NotRequired[float] - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] - r"""How to handle events when all receivers are exerting backpressure""" - deadletter_enabled: NotRequired[bool] - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - retry_settings: NotRequired[RetrySettingsTypeTypedDict] - orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] - max_file_size_mb: NotRequired[float] - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - encoded_configuration: NotRequired[str] - r"""Enter an encoded string containing Exabeam configurations""" - site_name: NotRequired[str] - r"""Constant or JavaScript expression to create an Exabeam site name. Values that aren't successfully evaluated will be treated as string constants.""" - site_id: NotRequired[str] - r"""Exabeam site ID. If left blank, @{product} will use the value of the Exabeam site name.""" - timezone_offset: NotRequired[str] - aws_api_key: NotRequired[str] - r"""HMAC access key. Can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" - aws_secret_key: NotRequired[str] - r"""HMAC secret. Can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" - description: NotRequired[str] - empty_dir_cleanup_sec: NotRequired[float] - r"""How frequently, in seconds, to clean up empty directories""" - directory_batch_size: NotRequired[float] - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - deadletter_path: NotRequired[str] - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - max_retry_num: NotRequired[float] - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_endpoint: NotRequired[str] - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - template_object_acl: NotRequired[str] - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - template_storage_class: NotRequired[str] - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputSystemByPackOutputExabeam(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeExabeam - - bucket: str - r"""Name of the destination bucket. A constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a JavaScript Global Variable: `myBucket-${C.vars.myVar}`.""" - - region: str - r"""Region where the bucket is located""" - - stage_path: Annotated[str, pydantic.Field(alias="stagePath")] - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - - endpoint: str - r"""Google Cloud Storage service endpoint""" - - collector_instance_id: Annotated[str, pydantic.Field(alias="collectorInstanceId")] - r"""ID of the Exabeam Collector where data should be sent. Example: 11112222-3333-4444-5555-666677778888 - - """ - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - object_acl: Annotated[ - Optional[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol], - pydantic.Field(alias="objectACL"), - ] = None - r"""Object ACL to assign to uploaded objects""" - - storage_class: Annotated[ - Optional[StorageClassOptionsArchiveColdline], - pydantic.Field(alias="storageClass"), - ] = None - r"""Storage class to select for uploaded objects""" - - reuse_connections: Annotated[ - Optional[bool], pydantic.Field(alias="reuseConnections") - ] = None - r"""Reuse connections between requests, which can improve performance""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - - add_id_to_stage_path: Annotated[ - Optional[bool], pydantic.Field(alias="addIdToStagePath") - ] = None - r"""Add the Output ID value to staging location""" - - remove_empty_dirs: Annotated[ - Optional[bool], pydantic.Field(alias="removeEmptyDirs") - ] = None - r"""Remove empty staging directories after moving files""" - - max_file_open_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") - ] = None - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - - max_file_idle_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") - ] = None - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - - max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( - None - ) - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptionsBlockDrop], - pydantic.Field(alias="onBackpressure"), - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - deadletter_enabled: Annotated[ - Optional[bool], pydantic.Field(alias="deadletterEnabled") - ] = None - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - - on_disk_full_backpressure: Annotated[ - Optional[DiskSpaceProtectionOptions], - pydantic.Field(alias="onDiskFullBackpressure"), - ] = None - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - - retry_settings: Annotated[ - Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") - ] = None - - orphans: Optional[OrphanFileRecoveryType] = None - - max_file_size_mb: Annotated[ - Optional[float], pydantic.Field(alias="maxFileSizeMB") - ] = None - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - - encoded_configuration: Annotated[ - Optional[str], pydantic.Field(alias="encodedConfiguration") - ] = None - r"""Enter an encoded string containing Exabeam configurations""" - - site_name: Annotated[Optional[str], pydantic.Field(alias="siteName")] = None - r"""Constant or JavaScript expression to create an Exabeam site name. Values that aren't successfully evaluated will be treated as string constants.""" - - site_id: Annotated[Optional[str], pydantic.Field(alias="siteId")] = None - r"""Exabeam site ID. If left blank, @{product} will use the value of the Exabeam site name.""" - - timezone_offset: Annotated[ - Optional[str], pydantic.Field(alias="timezoneOffset") - ] = None - - aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None - r"""HMAC access key. Can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" - - aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( - None - ) - r"""HMAC secret. Can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" - - description: Optional[str] = None - - empty_dir_cleanup_sec: Annotated[ - Optional[float], pydantic.Field(alias="emptyDirCleanupSec") - ] = None - r"""How frequently, in seconds, to clean up empty directories""" - - directory_batch_size: Annotated[ - Optional[float], pydantic.Field(alias="directoryBatchSize") - ] = None - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - - deadletter_path: Annotated[ - Optional[str], pydantic.Field(alias="deadletterPath") - ] = None - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - - max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( - None - ) - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_endpoint") - ] = None - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - - template_object_acl: Annotated[ - Optional[str], pydantic.Field(alias="__template_objectACL") - ] = None - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - - template_storage_class: Annotated[ - Optional[str], pydantic.Field(alias="__template_storageClass") - ] = None - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("object_acl") - def serialize_object_acl(self, value): - if isinstance(value, str): - try: - return models.ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol( - value - ) - except ValueError: - return value - return value - - @field_serializer("storage_class") - def serialize_storage_class(self, value): - if isinstance(value, str): - try: - return models.StorageClassOptionsArchiveColdline(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptionsBlockDrop(value) - except ValueError: - return value - return value - - @field_serializer("on_disk_full_backpressure") - def serialize_on_disk_full_backpressure(self, value): - if isinstance(value, str): - try: - return models.DiskSpaceProtectionOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "objectACL", - "storageClass", - "reuseConnections", - "rejectUnauthorized", - "addIdToStagePath", - "removeEmptyDirs", - "maxFileOpenTimeSec", - "maxFileIdleTimeSec", - "maxOpenFiles", - "onBackpressure", - "deadletterEnabled", - "onDiskFullBackpressure", - "retrySettings", - "orphans", - "maxFileSizeMB", - "encodedConfiguration", - "siteName", - "siteId", - "timezoneOffset", - "awsApiKey", - "awsSecretKey", - "description", - "emptyDirCleanupSec", - "directoryBatchSize", - "deadletterPath", - "maxRetryNum", - "__template_streamtags", - "__template_region", - "__template_endpoint", - "__template_objectACL", - "__template_storageClass", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeGooglePubsub(str, Enum): - GOOGLE_PUBSUB = "google_pubsub" - - -class CreateOutputSystemByPackPqControlsGooglePubsubTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsGooglePubsub(BaseModel): - pass - - -class CreateOutputSystemByPackOutputGooglePubsubTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeGooglePubsub - topic_name: str - r"""ID of the topic to send events to.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - create_topic: NotRequired[bool] - r"""If enabled, create topic if it does not exist.""" - ordered_delivery: NotRequired[bool] - r"""If enabled, send events in the order they were added to the queue. For this to work correctly, the process receiving events must have ordering enabled.""" - region: NotRequired[str] - r"""Region to publish messages to. Select 'default' to allow Google to auto-select the nearest region. When using ordered delivery, the selected region must be allowed by message storage policy.""" - google_auth_method: NotRequired[GoogleAuthenticationMethodOptions] - r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" - service_account_credentials: NotRequired[str] - r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" - secret: NotRequired[str] - r"""Select or create a stored text secret""" - batch_size: NotRequired[float] - r"""The maximum number of items the Google API should batch before it sends them to the topic.""" - batch_timeout: NotRequired[float] - r"""The maximum amount of time, in milliseconds, that the Google API should wait to send a batch (if the Batch size is not reached).""" - max_queue_size: NotRequired[float] - r"""Maximum number of queued batches before blocking.""" - max_record_size_kb: NotRequired[float] - r"""Maximum size (KB) of batches to send.""" - flush_period: NotRequired[float] - r"""Maximum time to wait before sending a batch (when batch size limit is not reached)""" - max_in_progress: NotRequired[float] - r"""The maximum number of in-progress API requests before backpressure is applied.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsGooglePubsubTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_topic_name: NotRequired[str] - r"""Binds 'topicName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicName' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputSystemByPackOutputGooglePubsub(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeGooglePubsub - - topic_name: Annotated[str, pydantic.Field(alias="topicName")] - r"""ID of the topic to send events to.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - create_topic: Annotated[Optional[bool], pydantic.Field(alias="createTopic")] = None - r"""If enabled, create topic if it does not exist.""" - - ordered_delivery: Annotated[ - Optional[bool], pydantic.Field(alias="orderedDelivery") - ] = None - r"""If enabled, send events in the order they were added to the queue. For this to work correctly, the process receiving events must have ordering enabled.""" - - region: Optional[str] = None - r"""Region to publish messages to. Select 'default' to allow Google to auto-select the nearest region. When using ordered delivery, the selected region must be allowed by message storage policy.""" - - google_auth_method: Annotated[ - Optional[GoogleAuthenticationMethodOptions], - pydantic.Field(alias="googleAuthMethod"), - ] = None - r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" - - service_account_credentials: Annotated[ - Optional[str], pydantic.Field(alias="serviceAccountCredentials") - ] = None - r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" - - secret: Optional[str] = None - r"""Select or create a stored text secret""" - - batch_size: Annotated[Optional[float], pydantic.Field(alias="batchSize")] = None - r"""The maximum number of items the Google API should batch before it sends them to the topic.""" - - batch_timeout: Annotated[Optional[float], pydantic.Field(alias="batchTimeout")] = ( - None - ) - r"""The maximum amount of time, in milliseconds, that the Google API should wait to send a batch (if the Batch size is not reached).""" - - max_queue_size: Annotated[Optional[float], pydantic.Field(alias="maxQueueSize")] = ( - None - ) - r"""Maximum number of queued batches before blocking.""" - - max_record_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSizeKB") - ] = None - r"""Maximum size (KB) of batches to send.""" - - flush_period: Annotated[Optional[float], pydantic.Field(alias="flushPeriod")] = None - r"""Maximum time to wait before sending a batch (when batch size limit is not reached)""" - - max_in_progress: Annotated[ - Optional[float], pydantic.Field(alias="maxInProgress") - ] = None - r"""The maximum number of in-progress API requests before backpressure is applied.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsGooglePubsub], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_topic_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_topicName") - ] = None - r"""Binds 'topicName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicName' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("google_auth_method") - def serialize_google_auth_method(self, value): - if isinstance(value, str): - try: - return models.GoogleAuthenticationMethodOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "createTopic", - "orderedDelivery", - "region", - "googleAuthMethod", - "serviceAccountCredentials", - "secret", - "batchSize", - "batchTimeout", - "maxQueueSize", - "maxRecordSizeKB", - "flushPeriod", - "maxInProgress", - "onBackpressure", - "description", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_topicName", - "__template_region", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeGoogleCloudLogging(str, Enum): - GOOGLE_CLOUD_LOGGING = "google_cloud_logging" - - -class CreateOutputSystemByPackLogLocationType(str, Enum, metaclass=utils.OpenEnumMeta): - # Project - PROJECT = "project" - # Organization - ORGANIZATION = "organization" - # Billing Account - BILLING_ACCOUNT = "billingAccount" - # Folder - FOLDER = "folder" - - -class CreateOutputSystemByPackPayloadFormat(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Format to use when sending payload. Defaults to Text.""" - - # Text - TEXT = "text" - # JSON - JSON = "json" - - -class CreateOutputSystemByPackPqControlsGoogleCloudLoggingTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsGoogleCloudLogging(BaseModel): - pass - - -class CreateOutputSystemByPackOutputGoogleCloudLoggingTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeGoogleCloudLogging - log_location_type: CreateOutputSystemByPackLogLocationType - log_name_expression: str - r"""JavaScript expression to compute the value of the log name. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" - log_location_expression: str - r"""JavaScript expression to compute the value of the folder ID with which log entries should be associated. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - sanitize_log_names: NotRequired[bool] - payload_format: NotRequired[CreateOutputSystemByPackPayloadFormat] - r"""Format to use when sending payload. Defaults to Text.""" - log_labels: NotRequired[List[LogLabelConfOutputGoogleCloudLoggingTypedDict]] - r"""Labels to apply to the log entry""" - resource_type_expression: NotRequired[str] - r"""JavaScript expression to compute the value of the managed resource type field. Must evaluate to one of the valid values [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types). Defaults to \"global\".""" - resource_type_labels: NotRequired[ - List[LogLabelConfOutputGoogleCloudLoggingTypedDict] - ] - r"""Labels to apply to the managed resource. These must correspond to the valid labels for the specified resource type (see [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types)). Otherwise, they will be dropped by Google Cloud Logging.""" - severity_expression: NotRequired[str] - r"""JavaScript expression to compute the value of the severity field. Must evaluate to one of the severity values supported by Google Cloud Logging [here](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logseverity) (case insensitive). Defaults to \"DEFAULT\".""" - insert_id_expression: NotRequired[str] - r"""JavaScript expression to compute the value of the insert ID field.""" - google_auth_method: NotRequired[GoogleAuthenticationMethodOptions] - r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" - service_account_credentials: NotRequired[str] - r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" - secret: NotRequired[str] - r"""Select or create a stored text secret""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body.""" - max_payload_events: NotRequired[float] - r"""Max number of events to include in the request body. Default is 0 (unlimited).""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking.""" - connection_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it.""" - throttle_rate_req_per_sec: NotRequired[int] - r"""Maximum number of requests to limit to per second.""" - request_method_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request method as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - request_url_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request URL as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - request_size_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - status_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request method as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - response_size_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP response size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - user_agent_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request user agent as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - remote_ip_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request remote IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - server_ip_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request server IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - referer_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request referer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - latency_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request latency, formatted as .s (for example, 1.23s). See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - cache_lookup_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request cache lookup as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - cache_hit_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request cache hit as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - cache_validated_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request cache validated with origin server as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - cache_fill_bytes_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request cache fill bytes as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - protocol_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request protocol as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - id_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry operation ID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - producer_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry operation producer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - first_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry operation first flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - last_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry operation last flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - file_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry source location file as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" - line_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry source location line as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" - function_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry source location function as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" - uid_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry log split UID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" - index_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry log split index as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" - total_splits_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry log split total splits as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" - trace_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the REST resource name of the trace being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" - span_id_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the ID of the cloud trace span associated with the current operation in which the log is being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" - trace_sampled_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the the sampling decision of the span associated with the log entry. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - total_memory_limit_kb: NotRequired[float] - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - description: NotRequired[str] - payload_expression: NotRequired[str] - r"""JavaScript expression to compute the value of the payload. Must evaluate to a JavaScript object value. If an invalid value is encountered it will result in the default value instead. Defaults to the entire event.""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[ - CreateOutputSystemByPackPqControlsGoogleCloudLoggingTypedDict - ] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_log_location_type: NotRequired[str] - r"""Binds 'logLocationType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationType' at runtime.""" - template_log_name_expression: NotRequired[str] - r"""Binds 'logNameExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logNameExpression' at runtime.""" - template_payload_format: NotRequired[str] - r"""Binds 'payloadFormat' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadFormat' at runtime.""" - template_resource_type_expression: NotRequired[str] - r"""Binds 'resourceTypeExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'resourceTypeExpression' at runtime.""" - template_severity_expression: NotRequired[str] - r"""Binds 'severityExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'severityExpression' at runtime.""" - template_insert_id_expression: NotRequired[str] - r"""Binds 'insertIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'insertIdExpression' at runtime.""" - template_trace_expression: NotRequired[str] - r"""Binds 'traceExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceExpression' at runtime.""" - template_span_id_expression: NotRequired[str] - r"""Binds 'spanIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'spanIdExpression' at runtime.""" - template_trace_sampled_expression: NotRequired[str] - r"""Binds 'traceSampledExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceSampledExpression' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_log_location_expression: NotRequired[str] - r"""Binds 'logLocationExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationExpression' at runtime.""" - template_payload_expression: NotRequired[str] - r"""Binds 'payloadExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadExpression' at runtime.""" - - -class CreateOutputSystemByPackOutputGoogleCloudLogging(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeGoogleCloudLogging - - log_location_type: Annotated[ - CreateOutputSystemByPackLogLocationType, pydantic.Field(alias="logLocationType") - ] - - log_name_expression: Annotated[str, pydantic.Field(alias="logNameExpression")] - r"""JavaScript expression to compute the value of the log name. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" - - log_location_expression: Annotated[ - str, pydantic.Field(alias="logLocationExpression") - ] - r"""JavaScript expression to compute the value of the folder ID with which log entries should be associated. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - sanitize_log_names: Annotated[ - Optional[bool], pydantic.Field(alias="sanitizeLogNames") - ] = None - - payload_format: Annotated[ - Optional[CreateOutputSystemByPackPayloadFormat], - pydantic.Field(alias="payloadFormat"), - ] = None - r"""Format to use when sending payload. Defaults to Text.""" - - log_labels: Annotated[ - Optional[List[LogLabelConfOutputGoogleCloudLogging]], - pydantic.Field(alias="logLabels"), - ] = None - r"""Labels to apply to the log entry""" - - resource_type_expression: Annotated[ - Optional[str], pydantic.Field(alias="resourceTypeExpression") - ] = None - r"""JavaScript expression to compute the value of the managed resource type field. Must evaluate to one of the valid values [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types). Defaults to \"global\".""" - - resource_type_labels: Annotated[ - Optional[List[LogLabelConfOutputGoogleCloudLogging]], - pydantic.Field(alias="resourceTypeLabels"), - ] = None - r"""Labels to apply to the managed resource. These must correspond to the valid labels for the specified resource type (see [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types)). Otherwise, they will be dropped by Google Cloud Logging.""" - - severity_expression: Annotated[ - Optional[str], pydantic.Field(alias="severityExpression") - ] = None - r"""JavaScript expression to compute the value of the severity field. Must evaluate to one of the severity values supported by Google Cloud Logging [here](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logseverity) (case insensitive). Defaults to \"DEFAULT\".""" - - insert_id_expression: Annotated[ - Optional[str], pydantic.Field(alias="insertIdExpression") - ] = None - r"""JavaScript expression to compute the value of the insert ID field.""" - - google_auth_method: Annotated[ - Optional[GoogleAuthenticationMethodOptions], - pydantic.Field(alias="googleAuthMethod"), - ] = None - r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" - - service_account_credentials: Annotated[ - Optional[str], pydantic.Field(alias="serviceAccountCredentials") - ] = None - r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" - - secret: Optional[str] = None - r"""Select or create a stored text secret""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body.""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Max number of events to include in the request body. Default is 0 (unlimited).""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking.""" - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it.""" - - throttle_rate_req_per_sec: Annotated[ - Optional[int], pydantic.Field(alias="throttleRateReqPerSec") - ] = None - r"""Maximum number of requests to limit to per second.""" - - request_method_expression: Annotated[ - Optional[str], pydantic.Field(alias="requestMethodExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request method as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - request_url_expression: Annotated[ - Optional[str], pydantic.Field(alias="requestUrlExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request URL as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - request_size_expression: Annotated[ - Optional[str], pydantic.Field(alias="requestSizeExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - status_expression: Annotated[ - Optional[str], pydantic.Field(alias="statusExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request method as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - response_size_expression: Annotated[ - Optional[str], pydantic.Field(alias="responseSizeExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP response size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - user_agent_expression: Annotated[ - Optional[str], pydantic.Field(alias="userAgentExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request user agent as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - remote_ip_expression: Annotated[ - Optional[str], pydantic.Field(alias="remoteIpExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request remote IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - server_ip_expression: Annotated[ - Optional[str], pydantic.Field(alias="serverIpExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request server IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - referer_expression: Annotated[ - Optional[str], pydantic.Field(alias="refererExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request referer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - latency_expression: Annotated[ - Optional[str], pydantic.Field(alias="latencyExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request latency, formatted as .s (for example, 1.23s). See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - cache_lookup_expression: Annotated[ - Optional[str], pydantic.Field(alias="cacheLookupExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request cache lookup as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - cache_hit_expression: Annotated[ - Optional[str], pydantic.Field(alias="cacheHitExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request cache hit as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - cache_validated_expression: Annotated[ - Optional[str], pydantic.Field(alias="cacheValidatedExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request cache validated with origin server as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - cache_fill_bytes_expression: Annotated[ - Optional[str], pydantic.Field(alias="cacheFillBytesExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request cache fill bytes as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - protocol_expression: Annotated[ - Optional[str], pydantic.Field(alias="protocolExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request protocol as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - id_expression: Annotated[Optional[str], pydantic.Field(alias="idExpression")] = None - r"""A JavaScript expression that evaluates to the log entry operation ID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - - producer_expression: Annotated[ - Optional[str], pydantic.Field(alias="producerExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry operation producer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - - first_expression: Annotated[ - Optional[str], pydantic.Field(alias="firstExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry operation first flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - - last_expression: Annotated[ - Optional[str], pydantic.Field(alias="lastExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry operation last flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - - file_expression: Annotated[ - Optional[str], pydantic.Field(alias="fileExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry source location file as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" - - line_expression: Annotated[ - Optional[str], pydantic.Field(alias="lineExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry source location line as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" - - function_expression: Annotated[ - Optional[str], pydantic.Field(alias="functionExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry source location function as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" - - uid_expression: Annotated[Optional[str], pydantic.Field(alias="uidExpression")] = ( - None - ) - r"""A JavaScript expression that evaluates to the log entry log split UID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" - - index_expression: Annotated[ - Optional[str], pydantic.Field(alias="indexExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry log split index as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" - - total_splits_expression: Annotated[ - Optional[str], pydantic.Field(alias="totalSplitsExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry log split total splits as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" - - trace_expression: Annotated[ - Optional[str], pydantic.Field(alias="traceExpression") - ] = None - r"""A JavaScript expression that evaluates to the REST resource name of the trace being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" - - span_id_expression: Annotated[ - Optional[str], pydantic.Field(alias="spanIdExpression") - ] = None - r"""A JavaScript expression that evaluates to the ID of the cloud trace span associated with the current operation in which the log is being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" - - trace_sampled_expression: Annotated[ - Optional[str], pydantic.Field(alias="traceSampledExpression") - ] = None - r"""A JavaScript expression that evaluates to the the sampling decision of the span associated with the log entry. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - total_memory_limit_kb: Annotated[ - Optional[float], pydantic.Field(alias="totalMemoryLimitKB") - ] = None - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - - description: Optional[str] = None - - payload_expression: Annotated[ - Optional[str], pydantic.Field(alias="payloadExpression") - ] = None - r"""JavaScript expression to compute the value of the payload. Must evaluate to a JavaScript object value. If an invalid value is encountered it will result in the default value instead. Defaults to the entire event.""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsGoogleCloudLogging], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_log_location_type: Annotated[ - Optional[str], pydantic.Field(alias="__template_logLocationType") - ] = None - r"""Binds 'logLocationType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationType' at runtime.""" - - template_log_name_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_logNameExpression") - ] = None - r"""Binds 'logNameExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logNameExpression' at runtime.""" - - template_payload_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_payloadFormat") - ] = None - r"""Binds 'payloadFormat' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadFormat' at runtime.""" - - template_resource_type_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_resourceTypeExpression") - ] = None - r"""Binds 'resourceTypeExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'resourceTypeExpression' at runtime.""" - - template_severity_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_severityExpression") - ] = None - r"""Binds 'severityExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'severityExpression' at runtime.""" - - template_insert_id_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_insertIdExpression") - ] = None - r"""Binds 'insertIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'insertIdExpression' at runtime.""" - - template_trace_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_traceExpression") - ] = None - r"""Binds 'traceExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceExpression' at runtime.""" - - template_span_id_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_spanIdExpression") - ] = None - r"""Binds 'spanIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'spanIdExpression' at runtime.""" - - template_trace_sampled_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_traceSampledExpression") - ] = None - r"""Binds 'traceSampledExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceSampledExpression' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_log_location_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_logLocationExpression") - ] = None - r"""Binds 'logLocationExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationExpression' at runtime.""" - - template_payload_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_payloadExpression") - ] = None - r"""Binds 'payloadExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadExpression' at runtime.""" - - @field_serializer("log_location_type") - def serialize_log_location_type(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackLogLocationType(value) - except ValueError: - return value - return value - - @field_serializer("payload_format") - def serialize_payload_format(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackPayloadFormat(value) - except ValueError: - return value - return value - - @field_serializer("google_auth_method") - def serialize_google_auth_method(self, value): - if isinstance(value, str): - try: - return models.GoogleAuthenticationMethodOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "sanitizeLogNames", - "payloadFormat", - "logLabels", - "resourceTypeExpression", - "resourceTypeLabels", - "severityExpression", - "insertIdExpression", - "googleAuthMethod", - "serviceAccountCredentials", - "secret", - "maxPayloadSizeKB", - "maxPayloadEvents", - "flushPeriodSec", - "concurrency", - "connectionTimeout", - "timeoutSec", - "throttleRateReqPerSec", - "requestMethodExpression", - "requestUrlExpression", - "requestSizeExpression", - "statusExpression", - "responseSizeExpression", - "userAgentExpression", - "remoteIpExpression", - "serverIpExpression", - "refererExpression", - "latencyExpression", - "cacheLookupExpression", - "cacheHitExpression", - "cacheValidatedExpression", - "cacheFillBytesExpression", - "protocolExpression", - "idExpression", - "producerExpression", - "firstExpression", - "lastExpression", - "fileExpression", - "lineExpression", - "functionExpression", - "uidExpression", - "indexExpression", - "totalSplitsExpression", - "traceExpression", - "spanIdExpression", - "traceSampledExpression", - "onBackpressure", - "totalMemoryLimitKB", - "description", - "payloadExpression", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_logLocationType", - "__template_logNameExpression", - "__template_payloadFormat", - "__template_resourceTypeExpression", - "__template_severityExpression", - "__template_insertIdExpression", - "__template_traceExpression", - "__template_spanIdExpression", - "__template_traceSampledExpression", - "__template_onBackpressure", - "__template_logLocationExpression", - "__template_payloadExpression", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeGoogleCloudStorage(str, Enum): - GOOGLE_CLOUD_STORAGE = "google_cloud_storage" - - -class CreateOutputSystemByPackAuthenticationMethodGoogleCloudStorage( - str, Enum, metaclass=utils.OpenEnumMeta -): - # auto - AUTO = "auto" - # manual - MANUAL = "manual" - # Secret Key pair - SECRET = "secret" - - -class CreateOutputSystemByPackOutputGoogleCloudStorageTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeGoogleCloudStorage - bucket: str - r"""Name of the destination bucket. This value can be a constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a Global Variable: `myBucket-${C.vars.myVar}`.""" - region: str - r"""Region where the bucket is located""" - endpoint: str - r"""Google Cloud Storage service endpoint""" - stage_path: str - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - aws_authentication_method: NotRequired[ - CreateOutputSystemByPackAuthenticationMethodGoogleCloudStorage - ] - dest_path: NotRequired[str] - r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" - verify_permissions: NotRequired[bool] - r"""Disable if you can access files within the bucket but not the bucket itself""" - object_acl: NotRequired[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol] - r"""Object ACL to assign to uploaded objects""" - storage_class: NotRequired[StorageClassOptionsArchiveColdline] - r"""Storage class to select for uploaded objects""" - reuse_connections: NotRequired[bool] - r"""Reuse connections between requests, which can improve performance""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - add_id_to_stage_path: NotRequired[bool] - r"""Add the Output ID value to staging location""" - remove_empty_dirs: NotRequired[bool] - r"""Remove empty staging directories after moving files""" - partition_expr: NotRequired[str] - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - format_: NotRequired[DataFormatOptions] - r"""Format of the output data""" - base_file_name: NotRequired[str] - r"""JavaScript expression to define the output filename prefix (can be constant)""" - file_name_suffix: NotRequired[str] - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - max_file_size_mb: NotRequired[float] - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - max_file_open_time_sec: NotRequired[float] - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - max_file_idle_time_sec: NotRequired[float] - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - max_open_files: NotRequired[float] - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - header_line: NotRequired[str] - r"""If set, this line will be written to the beginning of each output file""" - write_high_water_mark: NotRequired[float] - r"""Buffer size used to write to a file""" - on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] - r"""How to handle events when all receivers are exerting backpressure""" - deadletter_enabled: NotRequired[bool] - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - force_close_on_shutdown: NotRequired[bool] - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - retry_settings: NotRequired[RetrySettingsTypeTypedDict] - orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] - description: NotRequired[str] - compress: NotRequired[CompressionOptionsHTTP] - r"""Data compression format to apply to HTTP content before it is delivered""" - compression_level: NotRequired[CompressionLevelOptions] - r"""Compression level to apply before moving files to final destination""" - automatic_schema: NotRequired[bool] - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - parquet_schema: NotRequired[str] - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - parquet_version: NotRequired[ParquetVersionOptions] - r"""Determines which data types are supported and how they are represented""" - parquet_data_page_version: NotRequired[DataPageVersionOptions] - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - parquet_row_group_length: NotRequired[float] - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - parquet_page_size: NotRequired[str] - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - should_log_invalid_rows: NotRequired[bool] - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - enable_statistics: NotRequired[bool] - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - enable_write_page_index: NotRequired[bool] - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - enable_page_checksum: NotRequired[bool] - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - empty_dir_cleanup_sec: NotRequired[float] - r"""How frequently, in seconds, to clean up empty directories""" - directory_batch_size: NotRequired[float] - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - deadletter_path: NotRequired[str] - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - max_retry_num: NotRequired[float] - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - aws_api_key: NotRequired[str] - r"""HMAC access key. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" - aws_secret_key: NotRequired[str] - r"""HMAC secret. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" - aws_secret: NotRequired[str] - r"""Select or create a stored secret that references your access key and secret key""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_bucket: NotRequired[str] - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_endpoint: NotRequired[str] - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - template_dest_path: NotRequired[str] - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - template_object_acl: NotRequired[str] - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - template_storage_class: NotRequired[str] - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - template_partition_expr: NotRequired[str] - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_base_file_name: NotRequired[str] - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - template_file_name_suffix: NotRequired[str] - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - template_parquet_schema: NotRequired[str] - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - template_aws_api_key: NotRequired[str] - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - template_aws_secret_key: NotRequired[str] - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - - -class CreateOutputSystemByPackOutputGoogleCloudStorage(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeGoogleCloudStorage - - bucket: str - r"""Name of the destination bucket. This value can be a constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a Global Variable: `myBucket-${C.vars.myVar}`.""" - - region: str - r"""Region where the bucket is located""" - - endpoint: str - r"""Google Cloud Storage service endpoint""" - - stage_path: Annotated[str, pydantic.Field(alias="stagePath")] - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - aws_authentication_method: Annotated[ - Optional[CreateOutputSystemByPackAuthenticationMethodGoogleCloudStorage], - pydantic.Field(alias="awsAuthenticationMethod"), - ] = None - - dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None - r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" - - verify_permissions: Annotated[ - Optional[bool], pydantic.Field(alias="verifyPermissions") - ] = None - r"""Disable if you can access files within the bucket but not the bucket itself""" - - object_acl: Annotated[ - Optional[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol], - pydantic.Field(alias="objectACL"), - ] = None - r"""Object ACL to assign to uploaded objects""" - - storage_class: Annotated[ - Optional[StorageClassOptionsArchiveColdline], - pydantic.Field(alias="storageClass"), - ] = None - r"""Storage class to select for uploaded objects""" - - reuse_connections: Annotated[ - Optional[bool], pydantic.Field(alias="reuseConnections") - ] = None - r"""Reuse connections between requests, which can improve performance""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - - add_id_to_stage_path: Annotated[ - Optional[bool], pydantic.Field(alias="addIdToStagePath") - ] = None - r"""Add the Output ID value to staging location""" - - remove_empty_dirs: Annotated[ - Optional[bool], pydantic.Field(alias="removeEmptyDirs") - ] = None - r"""Remove empty staging directories after moving files""" - - partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( - None - ) - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - - format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( - None - ) - r"""Format of the output data""" - - base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( - None - ) - r"""JavaScript expression to define the output filename prefix (can be constant)""" - - file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="fileNameSuffix") - ] = None - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - - max_file_size_mb: Annotated[ - Optional[float], pydantic.Field(alias="maxFileSizeMB") - ] = None - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - - max_file_open_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") - ] = None - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - - max_file_idle_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") - ] = None - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - - max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( - None - ) - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - - header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None - r"""If set, this line will be written to the beginning of each output file""" - - write_high_water_mark: Annotated[ - Optional[float], pydantic.Field(alias="writeHighWaterMark") - ] = None - r"""Buffer size used to write to a file""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptionsBlockDrop], - pydantic.Field(alias="onBackpressure"), - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - deadletter_enabled: Annotated[ - Optional[bool], pydantic.Field(alias="deadletterEnabled") - ] = None - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - - on_disk_full_backpressure: Annotated[ - Optional[DiskSpaceProtectionOptions], - pydantic.Field(alias="onDiskFullBackpressure"), - ] = None - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - - force_close_on_shutdown: Annotated[ - Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") - ] = None - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - - retry_settings: Annotated[ - Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") - ] = None - - orphans: Optional[OrphanFileRecoveryType] = None - - description: Optional[str] = None - - compress: Optional[CompressionOptionsHTTP] = None - r"""Data compression format to apply to HTTP content before it is delivered""" - - compression_level: Annotated[ - Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") - ] = None - r"""Compression level to apply before moving files to final destination""" - - automatic_schema: Annotated[ - Optional[bool], pydantic.Field(alias="automaticSchema") - ] = None - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - - parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( - None - ) - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - - parquet_version: Annotated[ - Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") - ] = None - r"""Determines which data types are supported and how they are represented""" - - parquet_data_page_version: Annotated[ - Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") - ] = None - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - - parquet_row_group_length: Annotated[ - Optional[float], pydantic.Field(alias="parquetRowGroupLength") - ] = None - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - - parquet_page_size: Annotated[ - Optional[str], pydantic.Field(alias="parquetPageSize") - ] = None - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - - should_log_invalid_rows: Annotated[ - Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") - ] = None - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - - key_value_metadata: Annotated[ - Optional[List[KeyValueMetadataConfOutputFilesystem]], - pydantic.Field(alias="keyValueMetadata"), - ] = None - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - - enable_statistics: Annotated[ - Optional[bool], pydantic.Field(alias="enableStatistics") - ] = None - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - - enable_write_page_index: Annotated[ - Optional[bool], pydantic.Field(alias="enableWritePageIndex") - ] = None - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - - enable_page_checksum: Annotated[ - Optional[bool], pydantic.Field(alias="enablePageChecksum") - ] = None - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - - empty_dir_cleanup_sec: Annotated[ - Optional[float], pydantic.Field(alias="emptyDirCleanupSec") - ] = None - r"""How frequently, in seconds, to clean up empty directories""" - - directory_batch_size: Annotated[ - Optional[float], pydantic.Field(alias="directoryBatchSize") - ] = None - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - - deadletter_path: Annotated[ - Optional[str], pydantic.Field(alias="deadletterPath") - ] = None - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - - max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( - None - ) - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - - aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None - r"""HMAC access key. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" - - aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( - None - ) - r"""HMAC secret. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" - - aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None - r"""Select or create a stored secret that references your access key and secret key""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_bucket: Annotated[ - Optional[str], pydantic.Field(alias="__template_bucket") - ] = None - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_endpoint") - ] = None - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - - template_dest_path: Annotated[ - Optional[str], pydantic.Field(alias="__template_destPath") - ] = None - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - - template_object_acl: Annotated[ - Optional[str], pydantic.Field(alias="__template_objectACL") - ] = None - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - - template_storage_class: Annotated[ - Optional[str], pydantic.Field(alias="__template_storageClass") - ] = None - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - - template_partition_expr: Annotated[ - Optional[str], pydantic.Field(alias="__template_partitionExpr") - ] = None - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_base_file_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_baseFileName") - ] = None - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - - template_file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="__template_fileNameSuffix") - ] = None - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - template_parquet_schema: Annotated[ - Optional[str], pydantic.Field(alias="__template_parquetSchema") - ] = None - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - template_aws_api_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsApiKey") - ] = None - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - template_aws_secret_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsSecretKey") - ] = None - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - - @field_serializer("aws_authentication_method") - def serialize_aws_authentication_method(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackAuthenticationMethodGoogleCloudStorage( - value - ) - except ValueError: - return value - return value - - @field_serializer("object_acl") - def serialize_object_acl(self, value): - if isinstance(value, str): - try: - return models.ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol( - value - ) - except ValueError: - return value - return value - - @field_serializer("storage_class") - def serialize_storage_class(self, value): - if isinstance(value, str): - try: - return models.StorageClassOptionsArchiveColdline(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.DataFormatOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptionsBlockDrop(value) - except ValueError: - return value - return value - - @field_serializer("on_disk_full_backpressure") - def serialize_on_disk_full_backpressure(self, value): - if isinstance(value, str): - try: - return models.DiskSpaceProtectionOptions(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsHTTP(value) - except ValueError: - return value - return value - - @field_serializer("compression_level") - def serialize_compression_level(self, value): - if isinstance(value, str): - try: - return models.CompressionLevelOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_version") - def serialize_parquet_version(self, value): - if isinstance(value, str): - try: - return models.ParquetVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_data_page_version") - def serialize_parquet_data_page_version(self, value): - if isinstance(value, str): - try: - return models.DataPageVersionOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "awsAuthenticationMethod", - "destPath", - "verifyPermissions", - "objectACL", - "storageClass", - "reuseConnections", - "rejectUnauthorized", - "addIdToStagePath", - "removeEmptyDirs", - "partitionExpr", - "format", - "baseFileName", - "fileNameSuffix", - "maxFileSizeMB", - "maxFileOpenTimeSec", - "maxFileIdleTimeSec", - "maxOpenFiles", - "headerLine", - "writeHighWaterMark", - "onBackpressure", - "deadletterEnabled", - "onDiskFullBackpressure", - "forceCloseOnShutdown", - "retrySettings", - "orphans", - "description", - "compress", - "compressionLevel", - "automaticSchema", - "parquetSchema", - "parquetVersion", - "parquetDataPageVersion", - "parquetRowGroupLength", - "parquetPageSize", - "shouldLogInvalidRows", - "keyValueMetadata", - "enableStatistics", - "enableWritePageIndex", - "enablePageChecksum", - "emptyDirCleanupSec", - "directoryBatchSize", - "deadletterPath", - "maxRetryNum", - "awsApiKey", - "awsSecretKey", - "awsSecret", - "__template_streamtags", - "__template_bucket", - "__template_region", - "__template_endpoint", - "__template_destPath", - "__template_objectACL", - "__template_storageClass", - "__template_partitionExpr", - "__template_format", - "__template_baseFileName", - "__template_fileNameSuffix", - "__template_onBackpressure", - "__template_compress", - "__template_parquetSchema", - "__template_awsApiKey", - "__template_awsSecretKey", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeGoogleChronicle(str, Enum): - GOOGLE_CHRONICLE = "google_chronicle" - - -class CreateOutputSystemByPackAPIVersion(str, Enum, metaclass=utils.OpenEnumMeta): - # V1 - V1 = "v1" - # V2 - V2 = "v2" - - -class CreateOutputSystemByPackAuthenticationMethodGoogleChronicle( - str, Enum, metaclass=utils.OpenEnumMeta -): - # API key - MANUAL = "manual" - # API key secret - SECRET = "secret" - # Service account credentials - SERVICE_ACCOUNT = "serviceAccount" - # Service account credentials secret - SERVICE_ACCOUNT_SECRET = "serviceAccountSecret" - - -class CreateOutputSystemByPackSendEventsAs(str, Enum, metaclass=utils.OpenEnumMeta): - # Unstructured - UNSTRUCTURED = "unstructured" - # UDM - UDM = "udm" - - -class CreateOutputSystemByPackExtraLogTypeTypedDict(TypedDict): - log_type: str - description: NotRequired[str] - - -class CreateOutputSystemByPackExtraLogType(BaseModel): - log_type: Annotated[str, pydantic.Field(alias="logType")] - - description: Optional[str] = None - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["description"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackUDMType(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Defines the specific format for UDM events sent to Google SecOps. This must match the type of UDM data being sent.""" - - ENTITIES = "entities" - LOGS = "logs" - - -class CreateOutputSystemByPackPqControlsGoogleChronicleTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsGoogleChronicle(BaseModel): - pass - - -class CreateOutputSystemByPackOutputGoogleChronicleTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeGoogleChronicle - log_format_type: CreateOutputSystemByPackSendEventsAs - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - api_version: NotRequired[CreateOutputSystemByPackAPIVersion] - authentication_method: NotRequired[ - CreateOutputSystemByPackAuthenticationMethodGoogleChronicle - ] - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - region: NotRequired[str] - r"""Regional endpoint to send events to""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - total_memory_limit_kb: NotRequired[float] - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - description: NotRequired[str] - extra_log_types: NotRequired[List[CreateOutputSystemByPackExtraLogTypeTypedDict]] - r"""Custom log types. If the value \"Custom\" is selected in the setting \"Default log type\" above, the first custom log type in this table will be automatically selected as default log type.""" - log_type: NotRequired[str] - r"""Default log type value to send to SecOps. Can be overwritten by event field __logType.""" - log_text_field: NotRequired[str] - r"""Name of the event field that contains the log text to send. If not specified, Stream sends a JSON representation of the whole event.""" - customer_id: NotRequired[str] - r"""A unique identifier (UUID) for your Google SecOps instance. This is provided by your Google representative and is required for API V2 authentication.""" - namespace: NotRequired[str] - r"""User-configured environment namespace to identify the data domain the logs originated from. Use namespace as a tag to identify the appropriate data domain for indexing and enrichment functionality. Can be overwritten by event field __namespace.""" - custom_labels: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] - r"""Custom labels to be added to every batch""" - udm_type: NotRequired[CreateOutputSystemByPackUDMType] - r"""Defines the specific format for UDM events sent to Google SecOps. This must match the type of UDM data being sent.""" - api_key: NotRequired[str] - r"""Organization's API key in Google SecOps""" - api_key_secret: NotRequired[str] - r"""Select or create a stored text secret""" - service_account_credentials: NotRequired[str] - r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" - service_account_credentials_secret: NotRequired[str] - r"""Select or create a stored text secret""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsGoogleChronicleTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_api_version: NotRequired[str] - r"""Binds 'apiVersion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'apiVersion' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_customer_id: NotRequired[str] - r"""Binds 'customerId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customerId' at runtime.""" - - -class CreateOutputSystemByPackOutputGoogleChronicle(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeGoogleChronicle - - log_format_type: Annotated[ - CreateOutputSystemByPackSendEventsAs, pydantic.Field(alias="logFormatType") - ] - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - api_version: Annotated[ - Optional[CreateOutputSystemByPackAPIVersion], pydantic.Field(alias="apiVersion") - ] = None - - authentication_method: Annotated[ - Optional[CreateOutputSystemByPackAuthenticationMethodGoogleChronicle], - pydantic.Field(alias="authenticationMethod"), - ] = None - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - region: Optional[str] = None - r"""Regional endpoint to send events to""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - total_memory_limit_kb: Annotated[ - Optional[float], pydantic.Field(alias="totalMemoryLimitKB") - ] = None - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - - description: Optional[str] = None - - extra_log_types: Annotated[ - Optional[List[CreateOutputSystemByPackExtraLogType]], - pydantic.Field(alias="extraLogTypes"), - ] = None - r"""Custom log types. If the value \"Custom\" is selected in the setting \"Default log type\" above, the first custom log type in this table will be automatically selected as default log type.""" - - log_type: Annotated[Optional[str], pydantic.Field(alias="logType")] = None - r"""Default log type value to send to SecOps. Can be overwritten by event field __logType.""" - - log_text_field: Annotated[Optional[str], pydantic.Field(alias="logTextField")] = ( - None - ) - r"""Name of the event field that contains the log text to send. If not specified, Stream sends a JSON representation of the whole event.""" - - customer_id: Annotated[Optional[str], pydantic.Field(alias="customerId")] = None - r"""A unique identifier (UUID) for your Google SecOps instance. This is provided by your Google representative and is required for API V2 authentication.""" - - namespace: Optional[str] = None - r"""User-configured environment namespace to identify the data domain the logs originated from. Use namespace as a tag to identify the appropriate data domain for indexing and enrichment functionality. Can be overwritten by event field __namespace.""" - - custom_labels: Annotated[ - Optional[List[KeyValueMetadataConfOutputFilesystem]], - pydantic.Field(alias="customLabels"), - ] = None - r"""Custom labels to be added to every batch""" - - udm_type: Annotated[ - Optional[CreateOutputSystemByPackUDMType], pydantic.Field(alias="udmType") - ] = None - r"""Defines the specific format for UDM events sent to Google SecOps. This must match the type of UDM data being sent.""" - - api_key: Annotated[Optional[str], pydantic.Field(alias="apiKey")] = None - r"""Organization's API key in Google SecOps""" - - api_key_secret: Annotated[Optional[str], pydantic.Field(alias="apiKeySecret")] = ( - None - ) - r"""Select or create a stored text secret""" - - service_account_credentials: Annotated[ - Optional[str], pydantic.Field(alias="serviceAccountCredentials") - ] = None - r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" - - service_account_credentials_secret: Annotated[ - Optional[str], pydantic.Field(alias="serviceAccountCredentialsSecret") - ] = None - r"""Select or create a stored text secret""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsGoogleChronicle], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_api_version: Annotated[ - Optional[str], pydantic.Field(alias="__template_apiVersion") - ] = None - r"""Binds 'apiVersion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'apiVersion' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_customer_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_customerId") - ] = None - r"""Binds 'customerId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customerId' at runtime.""" - - @field_serializer("api_version") - def serialize_api_version(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackAPIVersion(value) - except ValueError: - return value - return value - - @field_serializer("authentication_method") - def serialize_authentication_method(self, value): - if isinstance(value, str): - try: - return ( - models.CreateOutputSystemByPackAuthenticationMethodGoogleChronicle( - value - ) - ) - except ValueError: - return value - return value - - @field_serializer("log_format_type") - def serialize_log_format_type(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackSendEventsAs(value) - except ValueError: - return value - return value - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("udm_type") - def serialize_udm_type(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackUDMType(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "apiVersion", - "authenticationMethod", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "region", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "failedRequestLoggingMode", - "safeHeaders", - "useRoundRobinDns", - "onBackpressure", - "totalMemoryLimitKB", - "description", - "extraLogTypes", - "logType", - "logTextField", - "customerId", - "namespace", - "customLabels", - "udmType", - "apiKey", - "apiKeySecret", - "serviceAccountCredentials", - "serviceAccountCredentialsSecret", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_apiVersion", - "__template_region", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_customerId", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeAzureEventhub(str, Enum): - AZURE_EVENTHUB = "azure_eventhub" - - -class CreateOutputSystemByPackPqControlsAzureEventhubTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsAzureEventhub(BaseModel): - pass - - -class CreateOutputSystemByPackOutputAzureEventhubTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeAzureEventhub - brokers: List[str] - r"""List of Event Hubs Kafka brokers to connect to, eg. yourdomain.servicebus.windows.net:9093. The hostname can be found in the host portion of the primary or secondary connection string in Shared Access Policies.""" - topic: str - r"""The name of the Event Hub (Kafka Topic) to publish events. Can be overwritten using field __topicOut.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - ack: NotRequired[AcknowledgmentsOptions] - r"""Control the number of required acknowledgments""" - format_: NotRequired[RecordDataFormatOptions] - r"""Format to use to serialize events before writing to the Event Hubs Kafka brokers""" - max_record_size_kb: NotRequired[float] - r"""Maximum size of each record batch before compression. Setting should be < message.max.bytes settings in Event Hubs brokers.""" - flush_event_count: NotRequired[float] - r"""Maximum number of events in a batch before forcing a flush""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - connection_timeout: NotRequired[float] - r"""Maximum time to wait for a connection to complete successfully""" - request_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to a request""" - max_retries: NotRequired[float] - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - max_back_off: NotRequired[float] - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - initial_backoff: NotRequired[float] - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - backoff_rate: NotRequired[float] - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - authentication_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to an authentication request""" - reauthentication_threshold: NotRequired[float] - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - sasl: NotRequired[AuthenticationTypeUseTypedDict] - r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" - tls: NotRequired[TLSSettingsClientSideTypeTypedDict] - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsAzureEventhubTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_brokers: NotRequired[str] - r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" - template_topic: NotRequired[str] - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputSystemByPackOutputAzureEventhub(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeAzureEventhub - - brokers: List[str] - r"""List of Event Hubs Kafka brokers to connect to, eg. yourdomain.servicebus.windows.net:9093. The hostname can be found in the host portion of the primary or secondary connection string in Shared Access Policies.""" - - topic: str - r"""The name of the Event Hub (Kafka Topic) to publish events. Can be overwritten using field __topicOut.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - ack: Optional[AcknowledgmentsOptions] = None - r"""Control the number of required acknowledgments""" - - format_: Annotated[ - Optional[RecordDataFormatOptions], pydantic.Field(alias="format") - ] = None - r"""Format to use to serialize events before writing to the Event Hubs Kafka brokers""" - - max_record_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSizeKB") - ] = None - r"""Maximum size of each record batch before compression. Setting should be < message.max.bytes settings in Event Hubs brokers.""" - - flush_event_count: Annotated[ - Optional[float], pydantic.Field(alias="flushEventCount") - ] = None - r"""Maximum number of events in a batch before forcing a flush""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Maximum time to wait for a connection to complete successfully""" - - request_timeout: Annotated[ - Optional[float], pydantic.Field(alias="requestTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to a request""" - - max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - - max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - - initial_backoff: Annotated[ - Optional[float], pydantic.Field(alias="initialBackoff") - ] = None - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - - backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - - authentication_timeout: Annotated[ - Optional[float], pydantic.Field(alias="authenticationTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to an authentication request""" - - reauthentication_threshold: Annotated[ - Optional[float], pydantic.Field(alias="reauthenticationThreshold") - ] = None - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - - sasl: Optional[AuthenticationTypeUse] = None - r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" - - tls: Optional[TLSSettingsClientSideType] = None - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsAzureEventhub], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_brokers: Annotated[ - Optional[str], pydantic.Field(alias="__template_brokers") - ] = None - r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" - - template_topic: Annotated[ - Optional[str], pydantic.Field(alias="__template_topic") - ] = None - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("ack") - def serialize_ack(self, value): - if isinstance(value, str): - try: - return models.AcknowledgmentsOptions(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.RecordDataFormatOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "ack", - "format", - "maxRecordSizeKB", - "flushEventCount", - "flushPeriodSec", - "connectionTimeout", - "requestTimeout", - "maxRetries", - "maxBackOff", - "initialBackoff", - "backoffRate", - "authenticationTimeout", - "reauthenticationThreshold", - "sasl", - "tls", - "onBackpressure", - "description", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_brokers", - "__template_topic", - "__template_format", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeHoneycomb(str, Enum): - HONEYCOMB = "honeycomb" - - -class CreateOutputSystemByPackPqControlsHoneycombTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsHoneycomb(BaseModel): - pass - - -class CreateOutputSystemByPackOutputHoneycombTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeHoneycomb - dataset: str - r"""Name of the dataset to send events to – e.g., observability""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[AuthenticationMethodOptionsAPI] - r"""Enter API key directly, or select a stored secret""" - description: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsHoneycombTypedDict] - team: NotRequired[str] - r"""Team API key where the dataset belongs""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputSystemByPackOutputHoneycomb(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeHoneycomb - - dataset: str - r"""Name of the dataset to send events to – e.g., observability""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAPI], pydantic.Field(alias="authType") - ] = None - r"""Enter API key directly, or select a stored secret""" - - description: Optional[str] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsHoneycomb], - pydantic.Field(alias="pqControls"), - ] = None - - team: Optional[str] = None - r"""Team API key where the dataset belongs""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAPI(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "authType", - "description", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "team", - "textSecret", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeKinesis(str, Enum): - KINESIS = "kinesis" - - -class CreateOutputSystemByPackCompression(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Compression type to use for records""" - - # None - NONE = "none" - # Gzip - GZIP = "gzip" - - -class CreateOutputSystemByPackPqControlsKinesisTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsKinesis(BaseModel): - pass - - -class CreateOutputSystemByPackOutputKinesisTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeKinesis - stream_name: str - r"""Kinesis stream name to send events to.""" - region: str - r"""Region where the Kinesis stream is located""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] - r"""AWS authentication method. Choose Auto to use IAM roles.""" - aws_secret_key: NotRequired[str] - endpoint: NotRequired[str] - r"""Kinesis stream service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to Kinesis stream-compatible endpoint.""" - reuse_connections: NotRequired[bool] - r"""Reuse connections between requests, which can improve performance""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - enable_assume_role: NotRequired[bool] - r"""Use Assume Role credentials to access Kinesis stream""" - assume_role_arn: NotRequired[str] - r"""Amazon Resource Name (ARN) of the role to assume""" - assume_role_external_id: NotRequired[str] - r"""External ID to use when assuming role""" - duration_seconds: NotRequired[float] - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing put requests before blocking.""" - max_record_size_kb: NotRequired[float] - r"""Maximum size (KB) of each individual record before compression. For uncompressed or non-compressible data 1MB is the max recommended size""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - compression: NotRequired[CreateOutputSystemByPackCompression] - r"""Compression type to use for records""" - use_list_shards: NotRequired[bool] - r"""Provides higher stream rate limits, improving delivery speed and reliability by minimizing throttling. See the [ListShards API](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_ListShards.html) documentation for details.""" - as_ndjson: NotRequired[bool] - r"""Batch events into a single record as NDJSON""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - aws_api_key: NotRequired[str] - aws_secret: NotRequired[str] - r"""Select or create a stored secret that references your access key and secret key""" - max_events_per_flush: NotRequired[float] - r"""Maximum number of records to send in a single request""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsKinesisTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_stream_name: NotRequired[str] - r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" - template_aws_secret_key: NotRequired[str] - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_endpoint: NotRequired[str] - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - template_assume_role_arn: NotRequired[str] - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - template_assume_role_external_id: NotRequired[str] - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_aws_api_key: NotRequired[str] - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - -class CreateOutputSystemByPackOutputKinesis(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeKinesis - - stream_name: Annotated[str, pydantic.Field(alias="streamName")] - r"""Kinesis stream name to send events to.""" - - region: str - r"""Region where the Kinesis stream is located""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - aws_authentication_method: Annotated[ - Optional[AuthenticationMethodOptionsS3CollectorConf], - pydantic.Field(alias="awsAuthenticationMethod"), - ] = None - r"""AWS authentication method. Choose Auto to use IAM roles.""" - - aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( - None - ) - - endpoint: Optional[str] = None - r"""Kinesis stream service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to Kinesis stream-compatible endpoint.""" - - reuse_connections: Annotated[ - Optional[bool], pydantic.Field(alias="reuseConnections") - ] = None - r"""Reuse connections between requests, which can improve performance""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - - enable_assume_role: Annotated[ - Optional[bool], pydantic.Field(alias="enableAssumeRole") - ] = None - r"""Use Assume Role credentials to access Kinesis stream""" - - assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( - None - ) - r"""Amazon Resource Name (ARN) of the role to assume""" - - assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="assumeRoleExternalId") - ] = None - r"""External ID to use when assuming role""" - - duration_seconds: Annotated[ - Optional[float], pydantic.Field(alias="durationSeconds") - ] = None - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing put requests before blocking.""" - - max_record_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSizeKB") - ] = None - r"""Maximum size (KB) of each individual record before compression. For uncompressed or non-compressible data 1MB is the max recommended size""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - - compression: Optional[CreateOutputSystemByPackCompression] = None - r"""Compression type to use for records""" - - use_list_shards: Annotated[ - Optional[bool], pydantic.Field(alias="useListShards") - ] = None - r"""Provides higher stream rate limits, improving delivery speed and reliability by minimizing throttling. See the [ListShards API](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_ListShards.html) documentation for details.""" - - as_ndjson: Annotated[Optional[bool], pydantic.Field(alias="asNdjson")] = None - r"""Batch events into a single record as NDJSON""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None - - aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None - r"""Select or create a stored secret that references your access key and secret key""" - - max_events_per_flush: Annotated[ - Optional[float], pydantic.Field(alias="maxEventsPerFlush") - ] = None - r"""Maximum number of records to send in a single request""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsKinesis], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_stream_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamName") - ] = None - r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" - - template_aws_secret_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsSecretKey") - ] = None - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_endpoint") - ] = None - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - - template_assume_role_arn: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleArn") - ] = None - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - - template_assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") - ] = None - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_aws_api_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsApiKey") - ] = None - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - @field_serializer("aws_authentication_method") - def serialize_aws_authentication_method(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsS3CollectorConf(value) - except ValueError: - return value - return value - - @field_serializer("compression") - def serialize_compression(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackCompression(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "awsAuthenticationMethod", - "awsSecretKey", - "endpoint", - "reuseConnections", - "rejectUnauthorized", - "enableAssumeRole", - "assumeRoleArn", - "assumeRoleExternalId", - "durationSeconds", - "concurrency", - "maxRecordSizeKB", - "flushPeriodSec", - "compression", - "useListShards", - "asNdjson", - "onBackpressure", - "description", - "awsApiKey", - "awsSecret", - "maxEventsPerFlush", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_streamName", - "__template_awsSecretKey", - "__template_region", - "__template_endpoint", - "__template_assumeRoleArn", - "__template_assumeRoleExternalId", - "__template_onBackpressure", - "__template_awsApiKey", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeAzureLogs(str, Enum): - AZURE_LOGS = "azure_logs" - - -class CreateOutputSystemByPackAuthenticationMethodAzureLogs( - str, Enum, metaclass=utils.OpenEnumMeta -): - r"""Enter workspace ID and workspace key directly, or select a stored secret""" - - MANUAL = "manual" - SECRET = "secret" - - -class CreateOutputSystemByPackPqControlsAzureLogsTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsAzureLogs(BaseModel): - pass - - -class CreateOutputSystemByPackOutputAzureLogsTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeAzureLogs - log_type: str - r"""The Log Type of events sent to this LogAnalytics workspace. Defaults to `Cribl`. Use only letters, numbers, and `_` characters, and can't exceed 100 characters. Can be overwritten by event field __logType.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - resource_id: NotRequired[str] - r"""Optional Resource ID of the Azure resource to associate the data with. Can be overridden by the __resourceId event field. This ID populates the _ResourceId property, allowing the data to be included in resource-centric queries. If the ID is neither specified nor overridden, resource-centric queries will omit the data.""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - api_url: NotRequired[str] - r"""The DNS name of the Log API endpoint that sends log data to a Log Analytics workspace in Azure Monitor. Defaults to .ods.opinsights.azure.com. @{product} will add a prefix and suffix to construct a URI in this format: /api/logs?api-version=.""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[CreateOutputSystemByPackAuthenticationMethodAzureLogs] - r"""Enter workspace ID and workspace key directly, or select a stored secret""" - description: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsAzureLogsTypedDict] - workspace_id: NotRequired[str] - r"""Azure Log Analytics Workspace ID. See Azure Dashboard Workspace > Advanced settings.""" - workspace_key: NotRequired[str] - r"""Azure Log Analytics Workspace Primary or Secondary Shared Key. See Azure Dashboard Workspace > Advanced settings.""" - keypair_secret: NotRequired[str] - r"""Select or create a stored secret that references your access key and secret key""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_workspace_id: NotRequired[str] - r"""Binds 'workspaceId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceId' at runtime.""" - template_workspace_key: NotRequired[str] - r"""Binds 'workspaceKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceKey' at runtime.""" - - -class CreateOutputSystemByPackOutputAzureLogs(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeAzureLogs - - log_type: Annotated[str, pydantic.Field(alias="logType")] - r"""The Log Type of events sent to this LogAnalytics workspace. Defaults to `Cribl`. Use only letters, numbers, and `_` characters, and can't exceed 100 characters. Can be overwritten by event field __logType.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - resource_id: Annotated[Optional[str], pydantic.Field(alias="resourceId")] = None - r"""Optional Resource ID of the Azure resource to associate the data with. Can be overridden by the __resourceId event field. This ID populates the _ResourceId property, allowing the data to be included in resource-centric queries. If the ID is neither specified nor overridden, resource-centric queries will omit the data.""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - api_url: Annotated[Optional[str], pydantic.Field(alias="apiUrl")] = None - r"""The DNS name of the Log API endpoint that sends log data to a Log Analytics workspace in Azure Monitor. Defaults to .ods.opinsights.azure.com. @{product} will add a prefix and suffix to construct a URI in this format: /api/logs?api-version=.""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[CreateOutputSystemByPackAuthenticationMethodAzureLogs], - pydantic.Field(alias="authType"), - ] = None - r"""Enter workspace ID and workspace key directly, or select a stored secret""" - - description: Optional[str] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsAzureLogs], - pydantic.Field(alias="pqControls"), - ] = None - - workspace_id: Annotated[Optional[str], pydantic.Field(alias="workspaceId")] = None - r"""Azure Log Analytics Workspace ID. See Azure Dashboard Workspace > Advanced settings.""" - - workspace_key: Annotated[Optional[str], pydantic.Field(alias="workspaceKey")] = None - r"""Azure Log Analytics Workspace Primary or Secondary Shared Key. See Azure Dashboard Workspace > Advanced settings.""" - - keypair_secret: Annotated[Optional[str], pydantic.Field(alias="keypairSecret")] = ( - None - ) - r"""Select or create a stored secret that references your access key and secret key""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_workspace_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_workspaceId") - ] = None - r"""Binds 'workspaceId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceId' at runtime.""" - - template_workspace_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_workspaceKey") - ] = None - r"""Binds 'workspaceKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceKey' at runtime.""" - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackAuthenticationMethodAzureLogs( - value - ) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "resourceId", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "apiUrl", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "authType", - "description", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "workspaceId", - "workspaceKey", - "keypairSecret", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_workspaceId", - "__template_workspaceKey", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeAzureDataExplorer(str, Enum): - AZURE_DATA_EXPLORER = "azure_data_explorer" - - -class CreateOutputSystemByPackIngestionMode(str, Enum, metaclass=utils.OpenEnumMeta): - # Batching - BATCHING = "batching" - # Streaming - STREAMING = "streaming" - - -class CreateOutputSystemByPackAuthenticationMethodAzureDataExplorer( - str, Enum, metaclass=utils.OpenEnumMeta -): - r"""The type of OAuth 2.0 client credentials grant flow to use""" - - # Client secret - CLIENT_SECRET = "clientSecret" - # Client secret (text secret) - CLIENT_TEXT_SECRET = "clientTextSecret" - # Certificate - CERTIFICATE = "certificate" - - -class CreateOutputSystemByPackCertificateTypedDict(TypedDict): - certificate_name: NotRequired[str] - r"""The certificate you registered as credentials for your app in the Azure portal""" - - -class CreateOutputSystemByPackCertificate(BaseModel): - certificate_name: Annotated[ - Optional[str], pydantic.Field(alias="certificateName") - ] = None - r"""The certificate you registered as credentials for your app in the Azure portal""" - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["certificateName"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackPrefixOptional(str, Enum, metaclass=utils.OpenEnumMeta): - # drop-by - DROP_BY = "dropBy" - # ingest-by - INGEST_BY = "ingestBy" - - -class CreateOutputSystemByPackExtentTagTypedDict(TypedDict): - value: str - prefix: NotRequired[CreateOutputSystemByPackPrefixOptional] - - -class CreateOutputSystemByPackExtentTag(BaseModel): - value: str - - prefix: Optional[CreateOutputSystemByPackPrefixOptional] = None - - @field_serializer("prefix") - def serialize_prefix(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackPrefixOptional(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["prefix"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackIngestIfNotExistTypedDict(TypedDict): - value: str - - -class CreateOutputSystemByPackIngestIfNotExist(BaseModel): - value: str - - -class CreateOutputSystemByPackReportLevel(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Level of ingestion status reporting. Defaults to FailuresOnly.""" - - # FailuresOnly - FAILURES_ONLY = "failuresOnly" - # DoNotReport - DO_NOT_REPORT = "doNotReport" - # FailuresAndSuccesses - FAILURES_AND_SUCCESSES = "failuresAndSuccesses" - - -class CreateOutputSystemByPackReportMethod(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Target of the ingestion status reporting. Defaults to Queue.""" - - # Queue - QUEUE = "queue" - # Table - TABLE = "table" - # QueueAndTable - QUEUE_AND_TABLE = "queueAndTable" - - -class CreateOutputSystemByPackAdditionalPropertyTypedDict(TypedDict): - key: str - value: str - - -class CreateOutputSystemByPackAdditionalProperty(BaseModel): - key: str - - value: str - - -class CreateOutputSystemByPackPqControlsAzureDataExplorerTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsAzureDataExplorer(BaseModel): - pass - - -class CreateOutputSystemByPackOutputAzureDataExplorerTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeAzureDataExplorer - cluster_url: str - r"""The base URI for your cluster. Typically, `https://..kusto.windows.net`.""" - database: str - r"""Name of the database containing the table where data will be ingested""" - table: str - r"""Name of the table to ingest data into""" - oauth_endpoint: MicrosoftEntraIDAuthenticationEndpointOptionsSasl - r"""Endpoint used to acquire authentication tokens from Azure""" - tenant_id: str - r"""Directory ID (tenant identifier) in Azure Active Directory""" - client_id: str - r"""client_id to pass in the OAuth request parameter""" - scope: str - r"""Scope to pass in the OAuth request parameter""" - oauth_type: CreateOutputSystemByPackAuthenticationMethodAzureDataExplorer - r"""The type of OAuth 2.0 client credentials grant flow to use""" - compress: CompressionOptionsHTTP - r"""Data compression format to apply to HTTP content before it is delivered""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - validate_database_settings: NotRequired[bool] - r"""When saving or starting the Destination, validate the database name and credentials; also validate table name, except when creating a new table. Disable if your Azure app does not have both the Database Viewer and the Table Viewer role.""" - ingest_mode: NotRequired[CreateOutputSystemByPackIngestionMode] - description: NotRequired[str] - client_secret: NotRequired[str] - r"""The client secret that you generated for your app in the Azure portal""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - certificate: NotRequired[CreateOutputSystemByPackCertificateTypedDict] - format_: NotRequired[DataFormatOptions] - r"""Format of the output data""" - compression_level: NotRequired[CompressionLevelOptions] - r"""Compression level to apply before moving files to final destination""" - automatic_schema: NotRequired[bool] - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - parquet_schema: NotRequired[str] - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - parquet_version: NotRequired[ParquetVersionOptions] - r"""Determines which data types are supported and how they are represented""" - parquet_data_page_version: NotRequired[DataPageVersionOptions] - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - parquet_row_group_length: NotRequired[float] - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - parquet_page_size: NotRequired[str] - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - should_log_invalid_rows: NotRequired[bool] - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - enable_statistics: NotRequired[bool] - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - enable_write_page_index: NotRequired[bool] - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - enable_page_checksum: NotRequired[bool] - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - remove_empty_dirs: NotRequired[bool] - r"""Remove empty staging directories after moving files""" - empty_dir_cleanup_sec: NotRequired[float] - r"""How frequently, in seconds, to clean up empty directories""" - directory_batch_size: NotRequired[float] - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - deadletter_enabled: NotRequired[bool] - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - deadletter_path: NotRequired[str] - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - max_retry_num: NotRequired[float] - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - is_mapping_obj: NotRequired[bool] - r"""Send a JSON mapping object instead of specifying an existing named data mapping""" - mapping_obj: NotRequired[str] - r"""Enter a JSON object that defines your desired data mapping""" - mapping_ref: NotRequired[str] - r"""Enter the name of a data mapping associated with your target table. Or, if incoming event and target table fields match exactly, you can leave the field empty.""" - ingest_url: NotRequired[str] - r"""The ingestion service URI for your cluster. Typically, `https://ingest-..kusto.windows.net`.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - stage_path: NotRequired[str] - r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" - file_name_suffix: NotRequired[str] - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - max_file_size_mb: NotRequired[float] - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - max_file_open_time_sec: NotRequired[float] - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - max_file_idle_time_sec: NotRequired[float] - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - max_open_files: NotRequired[float] - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - max_concurrent_file_parts: NotRequired[float] - r"""Maximum number of parts to upload in parallel per file""" - on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - add_id_to_stage_path: NotRequired[bool] - r"""Add the Output ID value to staging location""" - retry_settings: NotRequired[RetrySettingsTypeTypedDict] - orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_immediately: NotRequired[bool] - r"""Bypass the data management service's aggregation mechanism""" - retain_blob_on_success: NotRequired[bool] - r"""Prevent blob deletion after ingestion is complete""" - extent_tags: NotRequired[List[CreateOutputSystemByPackExtentTagTypedDict]] - r"""Strings or tags associated with the extent (ingested data shard)""" - ingest_if_not_exists: NotRequired[ - List[CreateOutputSystemByPackIngestIfNotExistTypedDict] - ] - r"""Prevents duplicate ingestion by verifying whether an extent with the specified ingest-by tag already exists""" - report_level: NotRequired[CreateOutputSystemByPackReportLevel] - r"""Level of ingestion status reporting. Defaults to FailuresOnly.""" - report_method: NotRequired[CreateOutputSystemByPackReportMethod] - r"""Target of the ingestion status reporting. Defaults to Queue.""" - additional_properties: NotRequired[ - List[CreateOutputSystemByPackAdditionalPropertyTypedDict] - ] - r"""Optionally, enter additional configuration properties to send to the ingestion service""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - keep_alive: NotRequired[bool] - r"""Disable to close the connection immediately after sending the outgoing request""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[ - CreateOutputSystemByPackPqControlsAzureDataExplorerTypedDict - ] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_cluster_url: NotRequired[str] - r"""Binds 'clusterUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clusterUrl' at runtime.""" - template_database: NotRequired[str] - r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" - template_table: NotRequired[str] - r"""Binds 'table' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'table' at runtime.""" - template_oauth_endpoint: NotRequired[str] - r"""Binds 'oauthEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'oauthEndpoint' at runtime.""" - template_tenant_id: NotRequired[str] - r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" - template_client_id: NotRequired[str] - r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" - template_scope: NotRequired[str] - r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" - template_client_secret: NotRequired[str] - r"""Binds 'clientSecret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecret' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - template_parquet_schema: NotRequired[str] - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - template_mapping_ref: NotRequired[str] - r"""Binds 'mappingRef' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'mappingRef' at runtime.""" - template_ingest_url: NotRequired[str] - r"""Binds 'ingestUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'ingestUrl' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_file_name_suffix: NotRequired[str] - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - - -class CreateOutputSystemByPackOutputAzureDataExplorer(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeAzureDataExplorer - - cluster_url: Annotated[str, pydantic.Field(alias="clusterUrl")] - r"""The base URI for your cluster. Typically, `https://..kusto.windows.net`.""" - - database: str - r"""Name of the database containing the table where data will be ingested""" - - table: str - r"""Name of the table to ingest data into""" - - oauth_endpoint: Annotated[ - MicrosoftEntraIDAuthenticationEndpointOptionsSasl, - pydantic.Field(alias="oauthEndpoint"), - ] - r"""Endpoint used to acquire authentication tokens from Azure""" - - tenant_id: Annotated[str, pydantic.Field(alias="tenantId")] - r"""Directory ID (tenant identifier) in Azure Active Directory""" - - client_id: Annotated[str, pydantic.Field(alias="clientId")] - r"""client_id to pass in the OAuth request parameter""" - - scope: str - r"""Scope to pass in the OAuth request parameter""" - - oauth_type: Annotated[ - CreateOutputSystemByPackAuthenticationMethodAzureDataExplorer, - pydantic.Field(alias="oauthType"), - ] - r"""The type of OAuth 2.0 client credentials grant flow to use""" - - compress: CompressionOptionsHTTP - r"""Data compression format to apply to HTTP content before it is delivered""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - validate_database_settings: Annotated[ - Optional[bool], pydantic.Field(alias="validateDatabaseSettings") - ] = None - r"""When saving or starting the Destination, validate the database name and credentials; also validate table name, except when creating a new table. Disable if your Azure app does not have both the Database Viewer and the Table Viewer role.""" - - ingest_mode: Annotated[ - Optional[CreateOutputSystemByPackIngestionMode], - pydantic.Field(alias="ingestMode"), - ] = None - - description: Optional[str] = None - - client_secret: Annotated[Optional[str], pydantic.Field(alias="clientSecret")] = None - r"""The client secret that you generated for your app in the Azure portal""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - certificate: Optional[CreateOutputSystemByPackCertificate] = None - - format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( - None - ) - r"""Format of the output data""" - - compression_level: Annotated[ - Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") - ] = None - r"""Compression level to apply before moving files to final destination""" - - automatic_schema: Annotated[ - Optional[bool], pydantic.Field(alias="automaticSchema") - ] = None - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - - parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( - None - ) - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - - parquet_version: Annotated[ - Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") - ] = None - r"""Determines which data types are supported and how they are represented""" - - parquet_data_page_version: Annotated[ - Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") - ] = None - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - - parquet_row_group_length: Annotated[ - Optional[float], pydantic.Field(alias="parquetRowGroupLength") - ] = None - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - - parquet_page_size: Annotated[ - Optional[str], pydantic.Field(alias="parquetPageSize") - ] = None - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - - should_log_invalid_rows: Annotated[ - Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") - ] = None - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - - key_value_metadata: Annotated[ - Optional[List[KeyValueMetadataConfOutputFilesystem]], - pydantic.Field(alias="keyValueMetadata"), - ] = None - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - - enable_statistics: Annotated[ - Optional[bool], pydantic.Field(alias="enableStatistics") - ] = None - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - - enable_write_page_index: Annotated[ - Optional[bool], pydantic.Field(alias="enableWritePageIndex") - ] = None - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - - enable_page_checksum: Annotated[ - Optional[bool], pydantic.Field(alias="enablePageChecksum") - ] = None - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - - remove_empty_dirs: Annotated[ - Optional[bool], pydantic.Field(alias="removeEmptyDirs") - ] = None - r"""Remove empty staging directories after moving files""" - - empty_dir_cleanup_sec: Annotated[ - Optional[float], pydantic.Field(alias="emptyDirCleanupSec") - ] = None - r"""How frequently, in seconds, to clean up empty directories""" - - directory_batch_size: Annotated[ - Optional[float], pydantic.Field(alias="directoryBatchSize") - ] = None - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - - deadletter_enabled: Annotated[ - Optional[bool], pydantic.Field(alias="deadletterEnabled") - ] = None - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - - deadletter_path: Annotated[ - Optional[str], pydantic.Field(alias="deadletterPath") - ] = None - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - - max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( - None - ) - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - - is_mapping_obj: Annotated[Optional[bool], pydantic.Field(alias="isMappingObj")] = ( - None - ) - r"""Send a JSON mapping object instead of specifying an existing named data mapping""" - - mapping_obj: Annotated[Optional[str], pydantic.Field(alias="mappingObj")] = None - r"""Enter a JSON object that defines your desired data mapping""" - - mapping_ref: Annotated[Optional[str], pydantic.Field(alias="mappingRef")] = None - r"""Enter the name of a data mapping associated with your target table. Or, if incoming event and target table fields match exactly, you can leave the field empty.""" - - ingest_url: Annotated[Optional[str], pydantic.Field(alias="ingestUrl")] = None - r"""The ingestion service URI for your cluster. Typically, `https://ingest-..kusto.windows.net`.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - stage_path: Annotated[Optional[str], pydantic.Field(alias="stagePath")] = None - r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" - - file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="fileNameSuffix") - ] = None - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - - max_file_size_mb: Annotated[ - Optional[float], pydantic.Field(alias="maxFileSizeMB") - ] = None - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - - max_file_open_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") - ] = None - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - - max_file_idle_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") - ] = None - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - - max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( - None - ) - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - - max_concurrent_file_parts: Annotated[ - Optional[float], pydantic.Field(alias="maxConcurrentFileParts") - ] = None - r"""Maximum number of parts to upload in parallel per file""" - - on_disk_full_backpressure: Annotated[ - Optional[DiskSpaceProtectionOptions], - pydantic.Field(alias="onDiskFullBackpressure"), - ] = None - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - - add_id_to_stage_path: Annotated[ - Optional[bool], pydantic.Field(alias="addIdToStagePath") - ] = None - r"""Add the Output ID value to staging location""" - - retry_settings: Annotated[ - Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") - ] = None - - orphans: Optional[OrphanFileRecoveryType] = None - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_immediately: Annotated[ - Optional[bool], pydantic.Field(alias="flushImmediately") - ] = None - r"""Bypass the data management service's aggregation mechanism""" - - retain_blob_on_success: Annotated[ - Optional[bool], pydantic.Field(alias="retainBlobOnSuccess") - ] = None - r"""Prevent blob deletion after ingestion is complete""" - - extent_tags: Annotated[ - Optional[List[CreateOutputSystemByPackExtentTag]], - pydantic.Field(alias="extentTags"), - ] = None - r"""Strings or tags associated with the extent (ingested data shard)""" - - ingest_if_not_exists: Annotated[ - Optional[List[CreateOutputSystemByPackIngestIfNotExist]], - pydantic.Field(alias="ingestIfNotExists"), - ] = None - r"""Prevents duplicate ingestion by verifying whether an extent with the specified ingest-by tag already exists""" - - report_level: Annotated[ - Optional[CreateOutputSystemByPackReportLevel], - pydantic.Field(alias="reportLevel"), - ] = None - r"""Level of ingestion status reporting. Defaults to FailuresOnly.""" - - report_method: Annotated[ - Optional[CreateOutputSystemByPackReportMethod], - pydantic.Field(alias="reportMethod"), - ] = None - r"""Target of the ingestion status reporting. Defaults to Queue.""" - - additional_properties: Annotated[ - Optional[List[CreateOutputSystemByPackAdditionalProperty]], - pydantic.Field(alias="additionalProperties"), - ] = None - r"""Optionally, enter additional configuration properties to send to the ingestion service""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - keep_alive: Annotated[Optional[bool], pydantic.Field(alias="keepAlive")] = None - r"""Disable to close the connection immediately after sending the outgoing request""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsAzureDataExplorer], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_cluster_url: Annotated[ - Optional[str], pydantic.Field(alias="__template_clusterUrl") - ] = None - r"""Binds 'clusterUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clusterUrl' at runtime.""" - - template_database: Annotated[ - Optional[str], pydantic.Field(alias="__template_database") - ] = None - r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" - - template_table: Annotated[ - Optional[str], pydantic.Field(alias="__template_table") - ] = None - r"""Binds 'table' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'table' at runtime.""" - - template_oauth_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_oauthEndpoint") - ] = None - r"""Binds 'oauthEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'oauthEndpoint' at runtime.""" - - template_tenant_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_tenantId") - ] = None - r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" - - template_client_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_clientId") - ] = None - r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" - - template_scope: Annotated[ - Optional[str], pydantic.Field(alias="__template_scope") - ] = None - r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" - - template_client_secret: Annotated[ - Optional[str], pydantic.Field(alias="__template_clientSecret") - ] = None - r"""Binds 'clientSecret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecret' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - template_parquet_schema: Annotated[ - Optional[str], pydantic.Field(alias="__template_parquetSchema") - ] = None - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - template_mapping_ref: Annotated[ - Optional[str], pydantic.Field(alias="__template_mappingRef") - ] = None - r"""Binds 'mappingRef' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'mappingRef' at runtime.""" - - template_ingest_url: Annotated[ - Optional[str], pydantic.Field(alias="__template_ingestUrl") - ] = None - r"""Binds 'ingestUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'ingestUrl' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="__template_fileNameSuffix") - ] = None - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - - @field_serializer("ingest_mode") - def serialize_ingest_mode(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackIngestionMode(value) - except ValueError: - return value - return value - - @field_serializer("oauth_endpoint") - def serialize_oauth_endpoint(self, value): - if isinstance(value, str): - try: - return models.MicrosoftEntraIDAuthenticationEndpointOptionsSasl(value) - except ValueError: - return value - return value - - @field_serializer("oauth_type") - def serialize_oauth_type(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackAuthenticationMethodAzureDataExplorer( - value - ) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.DataFormatOptions(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsHTTP(value) - except ValueError: - return value - return value - - @field_serializer("compression_level") - def serialize_compression_level(self, value): - if isinstance(value, str): - try: - return models.CompressionLevelOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_version") - def serialize_parquet_version(self, value): - if isinstance(value, str): - try: - return models.ParquetVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_data_page_version") - def serialize_parquet_data_page_version(self, value): - if isinstance(value, str): - try: - return models.DataPageVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_disk_full_backpressure") - def serialize_on_disk_full_backpressure(self, value): - if isinstance(value, str): - try: - return models.DiskSpaceProtectionOptions(value) - except ValueError: - return value - return value - - @field_serializer("report_level") - def serialize_report_level(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackReportLevel(value) - except ValueError: - return value - return value - - @field_serializer("report_method") - def serialize_report_method(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackReportMethod(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "validateDatabaseSettings", - "ingestMode", - "description", - "clientSecret", - "textSecret", - "certificate", - "format", - "compressionLevel", - "automaticSchema", - "parquetSchema", - "parquetVersion", - "parquetDataPageVersion", - "parquetRowGroupLength", - "parquetPageSize", - "shouldLogInvalidRows", - "keyValueMetadata", - "enableStatistics", - "enableWritePageIndex", - "enablePageChecksum", - "removeEmptyDirs", - "emptyDirCleanupSec", - "directoryBatchSize", - "deadletterEnabled", - "deadletterPath", - "maxRetryNum", - "isMappingObj", - "mappingObj", - "mappingRef", - "ingestUrl", - "onBackpressure", - "stagePath", - "fileNameSuffix", - "maxFileSizeMB", - "maxFileOpenTimeSec", - "maxFileIdleTimeSec", - "maxOpenFiles", - "maxConcurrentFileParts", - "onDiskFullBackpressure", - "addIdToStagePath", - "retrySettings", - "orphans", - "timeoutSec", - "flushImmediately", - "retainBlobOnSuccess", - "extentTags", - "ingestIfNotExists", - "reportLevel", - "reportMethod", - "additionalProperties", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "flushPeriodSec", - "rejectUnauthorized", - "useRoundRobinDns", - "keepAlive", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_clusterUrl", - "__template_database", - "__template_table", - "__template_oauthEndpoint", - "__template_tenantId", - "__template_clientId", - "__template_scope", - "__template_clientSecret", - "__template_format", - "__template_compress", - "__template_parquetSchema", - "__template_mappingRef", - "__template_ingestUrl", - "__template_onBackpressure", - "__template_fileNameSuffix", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeAzureBlob(str, Enum): - AZURE_BLOB = "azure_blob" - - -class CreateOutputSystemByPackBlobAccessTier(str, Enum, metaclass=utils.OpenEnumMeta): - # Default account access tier - INFERRED = "Inferred" - # Hot tier - HOT = "Hot" - # Cool tier - COOL = "Cool" - # Cold tier - COLD = "Cold" - # Archive tier - ARCHIVE = "Archive" - - -class CreateOutputSystemByPackOutputAzureBlobTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeAzureBlob - container_name: str - r"""The Azure Blob Storage container name. Name can include only lowercase letters, numbers, and hyphens. For dynamic container names, enter a JavaScript expression within quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myContainer-${C.env[\"CRIBL_WORKER_ID\"]}`.""" - stage_path: str - r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - create_container: NotRequired[bool] - r"""Create the configured container in Azure Blob Storage if it does not already exist""" - dest_path: NotRequired[str] - r"""Root directory prepended to path before uploading. Value can be a JavaScript expression enclosed in quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myBlobPrefix-${C.env[\"CRIBL_WORKER_ID\"]}`.""" - add_id_to_stage_path: NotRequired[bool] - r"""Add the Output ID value to staging location""" - max_concurrent_file_parts: NotRequired[float] - r"""Maximum number of parts to upload in parallel per file""" - remove_empty_dirs: NotRequired[bool] - r"""Remove empty staging directories after moving files""" - partition_expr: NotRequired[str] - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - format_: NotRequired[DataFormatOptions] - r"""Format of the output data""" - base_file_name: NotRequired[str] - r"""JavaScript expression to define the output filename prefix (can be constant)""" - file_name_suffix: NotRequired[str] - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - max_file_size_mb: NotRequired[float] - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - max_file_open_time_sec: NotRequired[float] - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - max_file_idle_time_sec: NotRequired[float] - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - max_open_files: NotRequired[float] - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - header_line: NotRequired[str] - r"""If set, this line will be written to the beginning of each output file""" - write_high_water_mark: NotRequired[float] - r"""Buffer size used to write to a file""" - on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] - r"""How to handle events when all receivers are exerting backpressure""" - deadletter_enabled: NotRequired[bool] - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - force_close_on_shutdown: NotRequired[bool] - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - retry_settings: NotRequired[RetrySettingsTypeTypedDict] - orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] - auth_type: NotRequired[AuthenticationMethodOptions] - storage_class: NotRequired[CreateOutputSystemByPackBlobAccessTier] - description: NotRequired[str] - compress: NotRequired[CompressionOptionsHTTP] - r"""Data compression format to apply to HTTP content before it is delivered""" - compression_level: NotRequired[CompressionLevelOptions] - r"""Compression level to apply before moving files to final destination""" - automatic_schema: NotRequired[bool] - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - parquet_schema: NotRequired[str] - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - parquet_version: NotRequired[ParquetVersionOptions] - r"""Determines which data types are supported and how they are represented""" - parquet_data_page_version: NotRequired[DataPageVersionOptions] - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - parquet_row_group_length: NotRequired[float] - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - parquet_page_size: NotRequired[str] - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - should_log_invalid_rows: NotRequired[bool] - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - enable_statistics: NotRequired[bool] - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - enable_write_page_index: NotRequired[bool] - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - enable_page_checksum: NotRequired[bool] - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - empty_dir_cleanup_sec: NotRequired[float] - r"""How frequently, in seconds, to clean up empty directories""" - directory_batch_size: NotRequired[float] - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - deadletter_path: NotRequired[str] - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - max_retry_num: NotRequired[float] - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - connection_string: NotRequired[str] - r"""Enter your Azure Storage account connection string. If left blank, Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING.""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - storage_account_name: NotRequired[str] - r"""The name of your Azure storage account""" - tenant_id: NotRequired[str] - r"""The service principal's tenant ID""" - client_id: NotRequired[str] - r"""The service principal's client ID""" - azure_cloud: NotRequired[str] - r"""The Azure cloud to use. Defaults to Azure Public Cloud.""" - endpoint_suffix: NotRequired[str] - r"""Endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net.""" - client_text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - certificate: NotRequired[CertificateTypeAzureBlobAuthTypeClientCertTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_container_name: NotRequired[str] - r"""Binds 'containerName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'containerName' at runtime.""" - template_dest_path: NotRequired[str] - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - template_partition_expr: NotRequired[str] - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_base_file_name: NotRequired[str] - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - template_file_name_suffix: NotRequired[str] - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - template_parquet_schema: NotRequired[str] - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - template_connection_string: NotRequired[str] - r"""Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime.""" - template_storage_account_name: NotRequired[str] - r"""Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime.""" - template_tenant_id: NotRequired[str] - r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" - template_client_id: NotRequired[str] - r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" - template_azure_cloud: NotRequired[str] - r"""Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime.""" - - -class CreateOutputSystemByPackOutputAzureBlob(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeAzureBlob - - container_name: Annotated[str, pydantic.Field(alias="containerName")] - r"""The Azure Blob Storage container name. Name can include only lowercase letters, numbers, and hyphens. For dynamic container names, enter a JavaScript expression within quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myContainer-${C.env[\"CRIBL_WORKER_ID\"]}`.""" - - stage_path: Annotated[str, pydantic.Field(alias="stagePath")] - r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - create_container: Annotated[ - Optional[bool], pydantic.Field(alias="createContainer") - ] = None - r"""Create the configured container in Azure Blob Storage if it does not already exist""" - - dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None - r"""Root directory prepended to path before uploading. Value can be a JavaScript expression enclosed in quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myBlobPrefix-${C.env[\"CRIBL_WORKER_ID\"]}`.""" - - add_id_to_stage_path: Annotated[ - Optional[bool], pydantic.Field(alias="addIdToStagePath") - ] = None - r"""Add the Output ID value to staging location""" - - max_concurrent_file_parts: Annotated[ - Optional[float], pydantic.Field(alias="maxConcurrentFileParts") - ] = None - r"""Maximum number of parts to upload in parallel per file""" - - remove_empty_dirs: Annotated[ - Optional[bool], pydantic.Field(alias="removeEmptyDirs") - ] = None - r"""Remove empty staging directories after moving files""" - - partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( - None - ) - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - - format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( - None - ) - r"""Format of the output data""" - - base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( - None - ) - r"""JavaScript expression to define the output filename prefix (can be constant)""" - - file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="fileNameSuffix") - ] = None - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - - max_file_size_mb: Annotated[ - Optional[float], pydantic.Field(alias="maxFileSizeMB") - ] = None - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - - max_file_open_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") - ] = None - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - - max_file_idle_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") - ] = None - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - - max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( - None - ) - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - - header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None - r"""If set, this line will be written to the beginning of each output file""" - - write_high_water_mark: Annotated[ - Optional[float], pydantic.Field(alias="writeHighWaterMark") - ] = None - r"""Buffer size used to write to a file""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptionsBlockDrop], - pydantic.Field(alias="onBackpressure"), - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - deadletter_enabled: Annotated[ - Optional[bool], pydantic.Field(alias="deadletterEnabled") - ] = None - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - - on_disk_full_backpressure: Annotated[ - Optional[DiskSpaceProtectionOptions], - pydantic.Field(alias="onDiskFullBackpressure"), - ] = None - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - - force_close_on_shutdown: Annotated[ - Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") - ] = None - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - - retry_settings: Annotated[ - Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") - ] = None - - orphans: Optional[OrphanFileRecoveryType] = None - - auth_type: Annotated[ - Optional[AuthenticationMethodOptions], pydantic.Field(alias="authType") - ] = None - - storage_class: Annotated[ - Optional[CreateOutputSystemByPackBlobAccessTier], - pydantic.Field(alias="storageClass"), - ] = None - - description: Optional[str] = None - - compress: Optional[CompressionOptionsHTTP] = None - r"""Data compression format to apply to HTTP content before it is delivered""" - - compression_level: Annotated[ - Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") - ] = None - r"""Compression level to apply before moving files to final destination""" - - automatic_schema: Annotated[ - Optional[bool], pydantic.Field(alias="automaticSchema") - ] = None - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - - parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( - None - ) - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - - parquet_version: Annotated[ - Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") - ] = None - r"""Determines which data types are supported and how they are represented""" - - parquet_data_page_version: Annotated[ - Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") - ] = None - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - - parquet_row_group_length: Annotated[ - Optional[float], pydantic.Field(alias="parquetRowGroupLength") - ] = None - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - - parquet_page_size: Annotated[ - Optional[str], pydantic.Field(alias="parquetPageSize") - ] = None - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - - should_log_invalid_rows: Annotated[ - Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") - ] = None - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - - key_value_metadata: Annotated[ - Optional[List[KeyValueMetadataConfOutputFilesystem]], - pydantic.Field(alias="keyValueMetadata"), - ] = None - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - - enable_statistics: Annotated[ - Optional[bool], pydantic.Field(alias="enableStatistics") - ] = None - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - - enable_write_page_index: Annotated[ - Optional[bool], pydantic.Field(alias="enableWritePageIndex") - ] = None - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - - enable_page_checksum: Annotated[ - Optional[bool], pydantic.Field(alias="enablePageChecksum") - ] = None - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - - empty_dir_cleanup_sec: Annotated[ - Optional[float], pydantic.Field(alias="emptyDirCleanupSec") - ] = None - r"""How frequently, in seconds, to clean up empty directories""" - - directory_batch_size: Annotated[ - Optional[float], pydantic.Field(alias="directoryBatchSize") - ] = None - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - - deadletter_path: Annotated[ - Optional[str], pydantic.Field(alias="deadletterPath") - ] = None - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - - max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( - None - ) - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - - connection_string: Annotated[ - Optional[str], pydantic.Field(alias="connectionString") - ] = None - r"""Enter your Azure Storage account connection string. If left blank, Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING.""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - storage_account_name: Annotated[ - Optional[str], pydantic.Field(alias="storageAccountName") - ] = None - r"""The name of your Azure storage account""" - - tenant_id: Annotated[Optional[str], pydantic.Field(alias="tenantId")] = None - r"""The service principal's tenant ID""" - - client_id: Annotated[Optional[str], pydantic.Field(alias="clientId")] = None - r"""The service principal's client ID""" - - azure_cloud: Annotated[Optional[str], pydantic.Field(alias="azureCloud")] = None - r"""The Azure cloud to use. Defaults to Azure Public Cloud.""" - - endpoint_suffix: Annotated[ - Optional[str], pydantic.Field(alias="endpointSuffix") - ] = None - r"""Endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net.""" - - client_text_secret: Annotated[ - Optional[str], pydantic.Field(alias="clientTextSecret") - ] = None - r"""Select or create a stored text secret""" - - certificate: Optional[CertificateTypeAzureBlobAuthTypeClientCert] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_container_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_containerName") - ] = None - r"""Binds 'containerName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'containerName' at runtime.""" - - template_dest_path: Annotated[ - Optional[str], pydantic.Field(alias="__template_destPath") - ] = None - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - - template_partition_expr: Annotated[ - Optional[str], pydantic.Field(alias="__template_partitionExpr") - ] = None - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_base_file_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_baseFileName") - ] = None - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - - template_file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="__template_fileNameSuffix") - ] = None - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - template_parquet_schema: Annotated[ - Optional[str], pydantic.Field(alias="__template_parquetSchema") - ] = None - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - template_connection_string: Annotated[ - Optional[str], pydantic.Field(alias="__template_connectionString") - ] = None - r"""Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime.""" - - template_storage_account_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_storageAccountName") - ] = None - r"""Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime.""" - - template_tenant_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_tenantId") - ] = None - r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" - - template_client_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_clientId") - ] = None - r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" - - template_azure_cloud: Annotated[ - Optional[str], pydantic.Field(alias="__template_azureCloud") - ] = None - r"""Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime.""" - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.DataFormatOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptionsBlockDrop(value) - except ValueError: - return value - return value - - @field_serializer("on_disk_full_backpressure") - def serialize_on_disk_full_backpressure(self, value): - if isinstance(value, str): - try: - return models.DiskSpaceProtectionOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptions(value) - except ValueError: - return value - return value - - @field_serializer("storage_class") - def serialize_storage_class(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackBlobAccessTier(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsHTTP(value) - except ValueError: - return value - return value - - @field_serializer("compression_level") - def serialize_compression_level(self, value): - if isinstance(value, str): - try: - return models.CompressionLevelOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_version") - def serialize_parquet_version(self, value): - if isinstance(value, str): - try: - return models.ParquetVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_data_page_version") - def serialize_parquet_data_page_version(self, value): - if isinstance(value, str): - try: - return models.DataPageVersionOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "createContainer", - "destPath", - "addIdToStagePath", - "maxConcurrentFileParts", - "removeEmptyDirs", - "partitionExpr", - "format", - "baseFileName", - "fileNameSuffix", - "maxFileSizeMB", - "maxFileOpenTimeSec", - "maxFileIdleTimeSec", - "maxOpenFiles", - "headerLine", - "writeHighWaterMark", - "onBackpressure", - "deadletterEnabled", - "onDiskFullBackpressure", - "forceCloseOnShutdown", - "retrySettings", - "orphans", - "authType", - "storageClass", - "description", - "compress", - "compressionLevel", - "automaticSchema", - "parquetSchema", - "parquetVersion", - "parquetDataPageVersion", - "parquetRowGroupLength", - "parquetPageSize", - "shouldLogInvalidRows", - "keyValueMetadata", - "enableStatistics", - "enableWritePageIndex", - "enablePageChecksum", - "emptyDirCleanupSec", - "directoryBatchSize", - "deadletterPath", - "maxRetryNum", - "connectionString", - "textSecret", - "storageAccountName", - "tenantId", - "clientId", - "azureCloud", - "endpointSuffix", - "clientTextSecret", - "certificate", - "__template_streamtags", - "__template_containerName", - "__template_destPath", - "__template_partitionExpr", - "__template_format", - "__template_baseFileName", - "__template_fileNameSuffix", - "__template_onBackpressure", - "__template_compress", - "__template_parquetSchema", - "__template_connectionString", - "__template_storageAccountName", - "__template_tenantId", - "__template_clientId", - "__template_azureCloud", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeS3(str, Enum): - S3 = "s3" - - -class CreateOutputSystemByPackOutputS3TypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeS3 - bucket: str - r"""Name of the destination S3 bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" - stage_path: str - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - endpoint: NotRequired[str] - r"""S3 service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to S3-compatible endpoint.""" - enable_assume_role: NotRequired[bool] - r"""Use Assume Role credentials to access S3""" - assume_role_arn: NotRequired[str] - r"""Amazon Resource Name (ARN) of the role to assume""" - assume_role_external_id: NotRequired[str] - r"""External ID to use when assuming role""" - duration_seconds: NotRequired[float] - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] - r"""AWS authentication method. Choose Auto to use IAM roles.""" - reuse_connections: NotRequired[bool] - r"""Reuse connections between requests, which can improve performance""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - region: NotRequired[str] - r"""Region where the S3 bucket is located""" - dest_path: NotRequired[str] - r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" - max_concurrent_file_parts: NotRequired[float] - r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" - verify_permissions: NotRequired[bool] - r"""Disable if you can access files within the bucket but not the bucket itself""" - max_closing_files_to_backpressure: NotRequired[float] - r"""Maximum number of files that can be waiting for upload before backpressure is applied""" - add_id_to_stage_path: NotRequired[bool] - r"""Add the Output ID value to staging location""" - remove_empty_dirs: NotRequired[bool] - r"""Remove empty staging directories after moving files""" - partition_expr: NotRequired[str] - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - format_: NotRequired[DataFormatOptions] - r"""Format of the output data""" - base_file_name: NotRequired[str] - r"""JavaScript expression to define the output filename prefix (can be constant)""" - file_name_suffix: NotRequired[str] - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - max_file_size_mb: NotRequired[float] - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - max_file_open_time_sec: NotRequired[float] - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - max_file_idle_time_sec: NotRequired[float] - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - max_open_files: NotRequired[float] - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - header_line: NotRequired[str] - r"""If set, this line will be written to the beginning of each output file""" - write_high_water_mark: NotRequired[float] - r"""Buffer size used to write to a file""" - on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] - r"""How to handle events when all receivers are exerting backpressure""" - deadletter_enabled: NotRequired[bool] - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - force_close_on_shutdown: NotRequired[bool] - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - retry_settings: NotRequired[RetrySettingsTypeTypedDict] - orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] - aws_secret_key: NotRequired[str] - r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" - object_acl: NotRequired[ObjectACLOptions] - r"""Object ACL to assign to uploaded objects""" - storage_class: NotRequired[StorageClassOptions] - r"""Storage class to select for uploaded objects""" - server_side_encryption: NotRequired[ServerSideEncryptionForUploadedObjectsOptions] - r"""Server-side encryption to use for uploaded objects""" - kms_key_id: NotRequired[str] - r"""ID or ARN of the KMS customer-managed key to use for encryption""" - description: NotRequired[str] - aws_api_key: NotRequired[str] - r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" - aws_secret: NotRequired[str] - r"""Select or create a stored secret that references your access key and secret key""" - compress: NotRequired[CompressionOptionsHTTP] - r"""Data compression format to apply to HTTP content before it is delivered""" - compression_level: NotRequired[CompressionLevelOptions] - r"""Compression level to apply before moving files to final destination""" - automatic_schema: NotRequired[bool] - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - parquet_schema: NotRequired[str] - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - parquet_version: NotRequired[ParquetVersionOptions] - r"""Determines which data types are supported and how they are represented""" - parquet_data_page_version: NotRequired[DataPageVersionOptions] - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - parquet_row_group_length: NotRequired[float] - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - parquet_page_size: NotRequired[str] - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - should_log_invalid_rows: NotRequired[bool] - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - enable_statistics: NotRequired[bool] - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - enable_write_page_index: NotRequired[bool] - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - enable_page_checksum: NotRequired[bool] - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - empty_dir_cleanup_sec: NotRequired[float] - r"""How frequently, in seconds, to clean up empty directories""" - directory_batch_size: NotRequired[float] - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - deadletter_path: NotRequired[str] - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - max_retry_num: NotRequired[float] - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_endpoint: NotRequired[str] - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - template_assume_role_arn: NotRequired[str] - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - template_assume_role_external_id: NotRequired[str] - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - template_bucket: NotRequired[str] - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_dest_path: NotRequired[str] - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - template_partition_expr: NotRequired[str] - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_base_file_name: NotRequired[str] - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - template_file_name_suffix: NotRequired[str] - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_aws_secret_key: NotRequired[str] - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - template_object_acl: NotRequired[str] - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - template_storage_class: NotRequired[str] - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - template_server_side_encryption: NotRequired[str] - r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" - template_kms_key_id: NotRequired[str] - r"""Binds 'kmsKeyId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'kmsKeyId' at runtime.""" - template_aws_api_key: NotRequired[str] - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - template_parquet_schema: NotRequired[str] - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - -class CreateOutputSystemByPackOutputS3(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeS3 - - bucket: str - r"""Name of the destination S3 bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" - - stage_path: Annotated[str, pydantic.Field(alias="stagePath")] - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - endpoint: Optional[str] = None - r"""S3 service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to S3-compatible endpoint.""" - - enable_assume_role: Annotated[ - Optional[bool], pydantic.Field(alias="enableAssumeRole") - ] = None - r"""Use Assume Role credentials to access S3""" - - assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( - None - ) - r"""Amazon Resource Name (ARN) of the role to assume""" - - assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="assumeRoleExternalId") - ] = None - r"""External ID to use when assuming role""" - - duration_seconds: Annotated[ - Optional[float], pydantic.Field(alias="durationSeconds") - ] = None - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - - aws_authentication_method: Annotated[ - Optional[AuthenticationMethodOptionsS3CollectorConf], - pydantic.Field(alias="awsAuthenticationMethod"), - ] = None - r"""AWS authentication method. Choose Auto to use IAM roles.""" - - reuse_connections: Annotated[ - Optional[bool], pydantic.Field(alias="reuseConnections") - ] = None - r"""Reuse connections between requests, which can improve performance""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - - region: Optional[str] = None - r"""Region where the S3 bucket is located""" - - dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None - r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" - - max_concurrent_file_parts: Annotated[ - Optional[float], pydantic.Field(alias="maxConcurrentFileParts") - ] = None - r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" - - verify_permissions: Annotated[ - Optional[bool], pydantic.Field(alias="verifyPermissions") - ] = None - r"""Disable if you can access files within the bucket but not the bucket itself""" - - max_closing_files_to_backpressure: Annotated[ - Optional[float], pydantic.Field(alias="maxClosingFilesToBackpressure") - ] = None - r"""Maximum number of files that can be waiting for upload before backpressure is applied""" - - add_id_to_stage_path: Annotated[ - Optional[bool], pydantic.Field(alias="addIdToStagePath") - ] = None - r"""Add the Output ID value to staging location""" - - remove_empty_dirs: Annotated[ - Optional[bool], pydantic.Field(alias="removeEmptyDirs") - ] = None - r"""Remove empty staging directories after moving files""" - - partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( - None - ) - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - - format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( - None - ) - r"""Format of the output data""" - - base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( - None - ) - r"""JavaScript expression to define the output filename prefix (can be constant)""" - - file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="fileNameSuffix") - ] = None - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - - max_file_size_mb: Annotated[ - Optional[float], pydantic.Field(alias="maxFileSizeMB") - ] = None - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - - max_file_open_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") - ] = None - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - - max_file_idle_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") - ] = None - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - - max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( - None - ) - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - - header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None - r"""If set, this line will be written to the beginning of each output file""" - - write_high_water_mark: Annotated[ - Optional[float], pydantic.Field(alias="writeHighWaterMark") - ] = None - r"""Buffer size used to write to a file""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptionsBlockDrop], - pydantic.Field(alias="onBackpressure"), - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - deadletter_enabled: Annotated[ - Optional[bool], pydantic.Field(alias="deadletterEnabled") - ] = None - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - - on_disk_full_backpressure: Annotated[ - Optional[DiskSpaceProtectionOptions], - pydantic.Field(alias="onDiskFullBackpressure"), - ] = None - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - - force_close_on_shutdown: Annotated[ - Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") - ] = None - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - - retry_settings: Annotated[ - Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") - ] = None - - orphans: Optional[OrphanFileRecoveryType] = None - - aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( - None - ) - r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" - - object_acl: Annotated[ - Optional[ObjectACLOptions], pydantic.Field(alias="objectACL") - ] = None - r"""Object ACL to assign to uploaded objects""" - - storage_class: Annotated[ - Optional[StorageClassOptions], pydantic.Field(alias="storageClass") - ] = None - r"""Storage class to select for uploaded objects""" - - server_side_encryption: Annotated[ - Optional[ServerSideEncryptionForUploadedObjectsOptions], - pydantic.Field(alias="serverSideEncryption"), - ] = None - r"""Server-side encryption to use for uploaded objects""" - - kms_key_id: Annotated[Optional[str], pydantic.Field(alias="kmsKeyId")] = None - r"""ID or ARN of the KMS customer-managed key to use for encryption""" - - description: Optional[str] = None - - aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None - r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" - - aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None - r"""Select or create a stored secret that references your access key and secret key""" - - compress: Optional[CompressionOptionsHTTP] = None - r"""Data compression format to apply to HTTP content before it is delivered""" - - compression_level: Annotated[ - Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") - ] = None - r"""Compression level to apply before moving files to final destination""" - - automatic_schema: Annotated[ - Optional[bool], pydantic.Field(alias="automaticSchema") - ] = None - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - - parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( - None - ) - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - - parquet_version: Annotated[ - Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") - ] = None - r"""Determines which data types are supported and how they are represented""" - - parquet_data_page_version: Annotated[ - Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") - ] = None - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - - parquet_row_group_length: Annotated[ - Optional[float], pydantic.Field(alias="parquetRowGroupLength") - ] = None - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - - parquet_page_size: Annotated[ - Optional[str], pydantic.Field(alias="parquetPageSize") - ] = None - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - - should_log_invalid_rows: Annotated[ - Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") - ] = None - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - - key_value_metadata: Annotated[ - Optional[List[KeyValueMetadataConfOutputFilesystem]], - pydantic.Field(alias="keyValueMetadata"), - ] = None - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - - enable_statistics: Annotated[ - Optional[bool], pydantic.Field(alias="enableStatistics") - ] = None - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - - enable_write_page_index: Annotated[ - Optional[bool], pydantic.Field(alias="enableWritePageIndex") - ] = None - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - - enable_page_checksum: Annotated[ - Optional[bool], pydantic.Field(alias="enablePageChecksum") - ] = None - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - - empty_dir_cleanup_sec: Annotated[ - Optional[float], pydantic.Field(alias="emptyDirCleanupSec") - ] = None - r"""How frequently, in seconds, to clean up empty directories""" - - directory_batch_size: Annotated[ - Optional[float], pydantic.Field(alias="directoryBatchSize") - ] = None - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - - deadletter_path: Annotated[ - Optional[str], pydantic.Field(alias="deadletterPath") - ] = None - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - - max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( - None - ) - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_endpoint") - ] = None - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - - template_assume_role_arn: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleArn") - ] = None - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - - template_assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") - ] = None - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - - template_bucket: Annotated[ - Optional[str], pydantic.Field(alias="__template_bucket") - ] = None - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_dest_path: Annotated[ - Optional[str], pydantic.Field(alias="__template_destPath") - ] = None - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - - template_partition_expr: Annotated[ - Optional[str], pydantic.Field(alias="__template_partitionExpr") - ] = None - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_base_file_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_baseFileName") - ] = None - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - - template_file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="__template_fileNameSuffix") - ] = None - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_aws_secret_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsSecretKey") - ] = None - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - - template_object_acl: Annotated[ - Optional[str], pydantic.Field(alias="__template_objectACL") - ] = None - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - - template_storage_class: Annotated[ - Optional[str], pydantic.Field(alias="__template_storageClass") - ] = None - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - - template_server_side_encryption: Annotated[ - Optional[str], pydantic.Field(alias="__template_serverSideEncryption") - ] = None - r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" - - template_kms_key_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_kmsKeyId") - ] = None - r"""Binds 'kmsKeyId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'kmsKeyId' at runtime.""" - - template_aws_api_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsApiKey") - ] = None - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - template_parquet_schema: Annotated[ - Optional[str], pydantic.Field(alias="__template_parquetSchema") - ] = None - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - @field_serializer("aws_authentication_method") - def serialize_aws_authentication_method(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsS3CollectorConf(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.DataFormatOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptionsBlockDrop(value) - except ValueError: - return value - return value - - @field_serializer("on_disk_full_backpressure") - def serialize_on_disk_full_backpressure(self, value): - if isinstance(value, str): - try: - return models.DiskSpaceProtectionOptions(value) - except ValueError: - return value - return value - - @field_serializer("object_acl") - def serialize_object_acl(self, value): - if isinstance(value, str): - try: - return models.ObjectACLOptions(value) - except ValueError: - return value - return value - - @field_serializer("storage_class") - def serialize_storage_class(self, value): - if isinstance(value, str): - try: - return models.StorageClassOptions(value) - except ValueError: - return value - return value - - @field_serializer("server_side_encryption") - def serialize_server_side_encryption(self, value): - if isinstance(value, str): - try: - return models.ServerSideEncryptionForUploadedObjectsOptions(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsHTTP(value) - except ValueError: - return value - return value - - @field_serializer("compression_level") - def serialize_compression_level(self, value): - if isinstance(value, str): - try: - return models.CompressionLevelOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_version") - def serialize_parquet_version(self, value): - if isinstance(value, str): - try: - return models.ParquetVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_data_page_version") - def serialize_parquet_data_page_version(self, value): - if isinstance(value, str): - try: - return models.DataPageVersionOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "endpoint", - "enableAssumeRole", - "assumeRoleArn", - "assumeRoleExternalId", - "durationSeconds", - "awsAuthenticationMethod", - "reuseConnections", - "rejectUnauthorized", - "region", - "destPath", - "maxConcurrentFileParts", - "verifyPermissions", - "maxClosingFilesToBackpressure", - "addIdToStagePath", - "removeEmptyDirs", - "partitionExpr", - "format", - "baseFileName", - "fileNameSuffix", - "maxFileSizeMB", - "maxFileOpenTimeSec", - "maxFileIdleTimeSec", - "maxOpenFiles", - "headerLine", - "writeHighWaterMark", - "onBackpressure", - "deadletterEnabled", - "onDiskFullBackpressure", - "forceCloseOnShutdown", - "retrySettings", - "orphans", - "awsSecretKey", - "objectACL", - "storageClass", - "serverSideEncryption", - "kmsKeyId", - "description", - "awsApiKey", - "awsSecret", - "compress", - "compressionLevel", - "automaticSchema", - "parquetSchema", - "parquetVersion", - "parquetDataPageVersion", - "parquetRowGroupLength", - "parquetPageSize", - "shouldLogInvalidRows", - "keyValueMetadata", - "enableStatistics", - "enableWritePageIndex", - "enablePageChecksum", - "emptyDirCleanupSec", - "directoryBatchSize", - "deadletterPath", - "maxRetryNum", - "__template_streamtags", - "__template_endpoint", - "__template_assumeRoleArn", - "__template_assumeRoleExternalId", - "__template_bucket", - "__template_region", - "__template_destPath", - "__template_partitionExpr", - "__template_format", - "__template_baseFileName", - "__template_fileNameSuffix", - "__template_onBackpressure", - "__template_awsSecretKey", - "__template_objectACL", - "__template_storageClass", - "__template_serverSideEncryption", - "__template_kmsKeyId", - "__template_awsApiKey", - "__template_compress", - "__template_parquetSchema", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeFilesystem(str, Enum): - FILESYSTEM = "filesystem" - - -class CreateOutputSystemByPackOutputFilesystemTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeFilesystem - dest_path: str - r"""Final destination for the output files""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - stage_path: NotRequired[str] - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - add_id_to_stage_path: NotRequired[bool] - r"""Add the Output ID value to staging location""" - remove_empty_dirs: NotRequired[bool] - r"""Remove empty staging directories after moving files""" - partition_expr: NotRequired[str] - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - format_: NotRequired[DataFormatOptions] - r"""Format of the output data""" - base_file_name: NotRequired[str] - r"""JavaScript expression to define the output filename prefix (can be constant)""" - file_name_suffix: NotRequired[str] - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - max_file_size_mb: NotRequired[float] - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - max_file_open_time_sec: NotRequired[float] - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - max_file_idle_time_sec: NotRequired[float] - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - max_open_files: NotRequired[float] - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - header_line: NotRequired[str] - r"""If set, this line will be written to the beginning of each output file""" - write_high_water_mark: NotRequired[float] - r"""Buffer size used to write to a file""" - on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] - r"""How to handle events when all receivers are exerting backpressure""" - deadletter_enabled: NotRequired[bool] - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - force_close_on_shutdown: NotRequired[bool] - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - retry_settings: NotRequired[RetrySettingsTypeTypedDict] - orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] - description: NotRequired[str] - compress: NotRequired[CompressionOptionsHTTP] - r"""Data compression format to apply to HTTP content before it is delivered""" - compression_level: NotRequired[CompressionLevelOptions] - r"""Compression level to apply before moving files to final destination""" - automatic_schema: NotRequired[bool] - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - parquet_schema: NotRequired[str] - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - parquet_version: NotRequired[ParquetVersionOptions] - r"""Determines which data types are supported and how they are represented""" - parquet_data_page_version: NotRequired[DataPageVersionOptions] - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - parquet_row_group_length: NotRequired[float] - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - parquet_page_size: NotRequired[str] - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - should_log_invalid_rows: NotRequired[bool] - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - enable_statistics: NotRequired[bool] - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - enable_write_page_index: NotRequired[bool] - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - enable_page_checksum: NotRequired[bool] - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - empty_dir_cleanup_sec: NotRequired[float] - r"""How frequently, in seconds, to clean up empty directories""" - directory_batch_size: NotRequired[float] - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - deadletter_path: NotRequired[str] - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - max_retry_num: NotRequired[float] - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_partition_expr: NotRequired[str] - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_base_file_name: NotRequired[str] - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - template_file_name_suffix: NotRequired[str] - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - template_parquet_schema: NotRequired[str] - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - -class CreateOutputSystemByPackOutputFilesystem(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeFilesystem - - dest_path: Annotated[str, pydantic.Field(alias="destPath")] - r"""Final destination for the output files""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - stage_path: Annotated[Optional[str], pydantic.Field(alias="stagePath")] = None - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - - add_id_to_stage_path: Annotated[ - Optional[bool], pydantic.Field(alias="addIdToStagePath") - ] = None - r"""Add the Output ID value to staging location""" - - remove_empty_dirs: Annotated[ - Optional[bool], pydantic.Field(alias="removeEmptyDirs") - ] = None - r"""Remove empty staging directories after moving files""" - - partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( - None - ) - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - - format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( - None - ) - r"""Format of the output data""" - - base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( - None - ) - r"""JavaScript expression to define the output filename prefix (can be constant)""" - - file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="fileNameSuffix") - ] = None - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - - max_file_size_mb: Annotated[ - Optional[float], pydantic.Field(alias="maxFileSizeMB") - ] = None - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - - max_file_open_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") - ] = None - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - - max_file_idle_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") - ] = None - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - - max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( - None - ) - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - - header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None - r"""If set, this line will be written to the beginning of each output file""" - - write_high_water_mark: Annotated[ - Optional[float], pydantic.Field(alias="writeHighWaterMark") - ] = None - r"""Buffer size used to write to a file""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptionsBlockDrop], - pydantic.Field(alias="onBackpressure"), - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - deadletter_enabled: Annotated[ - Optional[bool], pydantic.Field(alias="deadletterEnabled") - ] = None - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - - on_disk_full_backpressure: Annotated[ - Optional[DiskSpaceProtectionOptions], - pydantic.Field(alias="onDiskFullBackpressure"), - ] = None - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - - force_close_on_shutdown: Annotated[ - Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") - ] = None - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - - retry_settings: Annotated[ - Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") - ] = None - - orphans: Optional[OrphanFileRecoveryType] = None - - description: Optional[str] = None - - compress: Optional[CompressionOptionsHTTP] = None - r"""Data compression format to apply to HTTP content before it is delivered""" - - compression_level: Annotated[ - Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") - ] = None - r"""Compression level to apply before moving files to final destination""" - - automatic_schema: Annotated[ - Optional[bool], pydantic.Field(alias="automaticSchema") - ] = None - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - - parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( - None - ) - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - - parquet_version: Annotated[ - Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") - ] = None - r"""Determines which data types are supported and how they are represented""" - - parquet_data_page_version: Annotated[ - Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") - ] = None - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - - parquet_row_group_length: Annotated[ - Optional[float], pydantic.Field(alias="parquetRowGroupLength") - ] = None - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - - parquet_page_size: Annotated[ - Optional[str], pydantic.Field(alias="parquetPageSize") - ] = None - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - - should_log_invalid_rows: Annotated[ - Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") - ] = None - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - - key_value_metadata: Annotated[ - Optional[List[KeyValueMetadataConfOutputFilesystem]], - pydantic.Field(alias="keyValueMetadata"), - ] = None - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - - enable_statistics: Annotated[ - Optional[bool], pydantic.Field(alias="enableStatistics") - ] = None - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - - enable_write_page_index: Annotated[ - Optional[bool], pydantic.Field(alias="enableWritePageIndex") - ] = None - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - - enable_page_checksum: Annotated[ - Optional[bool], pydantic.Field(alias="enablePageChecksum") - ] = None - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - - empty_dir_cleanup_sec: Annotated[ - Optional[float], pydantic.Field(alias="emptyDirCleanupSec") - ] = None - r"""How frequently, in seconds, to clean up empty directories""" - - directory_batch_size: Annotated[ - Optional[float], pydantic.Field(alias="directoryBatchSize") - ] = None - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - - deadletter_path: Annotated[ - Optional[str], pydantic.Field(alias="deadletterPath") - ] = None - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - - max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( - None - ) - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_partition_expr: Annotated[ - Optional[str], pydantic.Field(alias="__template_partitionExpr") - ] = None - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_base_file_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_baseFileName") - ] = None - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - - template_file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="__template_fileNameSuffix") - ] = None - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - template_parquet_schema: Annotated[ - Optional[str], pydantic.Field(alias="__template_parquetSchema") - ] = None - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.DataFormatOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptionsBlockDrop(value) - except ValueError: - return value - return value - - @field_serializer("on_disk_full_backpressure") - def serialize_on_disk_full_backpressure(self, value): - if isinstance(value, str): - try: - return models.DiskSpaceProtectionOptions(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsHTTP(value) - except ValueError: - return value - return value - - @field_serializer("compression_level") - def serialize_compression_level(self, value): - if isinstance(value, str): - try: - return models.CompressionLevelOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_version") - def serialize_parquet_version(self, value): - if isinstance(value, str): - try: - return models.ParquetVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_data_page_version") - def serialize_parquet_data_page_version(self, value): - if isinstance(value, str): - try: - return models.DataPageVersionOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "stagePath", - "addIdToStagePath", - "removeEmptyDirs", - "partitionExpr", - "format", - "baseFileName", - "fileNameSuffix", - "maxFileSizeMB", - "maxFileOpenTimeSec", - "maxFileIdleTimeSec", - "maxOpenFiles", - "headerLine", - "writeHighWaterMark", - "onBackpressure", - "deadletterEnabled", - "onDiskFullBackpressure", - "forceCloseOnShutdown", - "retrySettings", - "orphans", - "description", - "compress", - "compressionLevel", - "automaticSchema", - "parquetSchema", - "parquetVersion", - "parquetDataPageVersion", - "parquetRowGroupLength", - "parquetPageSize", - "shouldLogInvalidRows", - "keyValueMetadata", - "enableStatistics", - "enableWritePageIndex", - "enablePageChecksum", - "emptyDirCleanupSec", - "directoryBatchSize", - "deadletterPath", - "maxRetryNum", - "__template_streamtags", - "__template_partitionExpr", - "__template_format", - "__template_baseFileName", - "__template_fileNameSuffix", - "__template_onBackpressure", - "__template_compress", - "__template_parquetSchema", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeSignalfx(str, Enum): - SIGNALFX = "signalfx" - - -class CreateOutputSystemByPackPqControlsSignalfxTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsSignalfx(BaseModel): - pass - - -class CreateOutputSystemByPackOutputSignalfxTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeSignalfx - realm: str - r"""SignalFx realm name, e.g. \"us0\". For a complete list of available SignalFx realm names, please check [here](https://docs.splunk.com/observability/en/get-started/service-description.html#sd-regions).""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - token: NotRequired[str] - r"""SignalFx API access token (see [here](https://docs.signalfx.com/en/latest/admin-guide/tokens.html#working-with-access-tokens))""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsSignalfxTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputSystemByPackOutputSignalfx(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeSignalfx - - realm: str - r"""SignalFx realm name, e.g. \"us0\". For a complete list of available SignalFx realm names, please check [here](https://docs.splunk.com/observability/en/get-started/service-description.html#sd-regions).""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - token: Optional[str] = None - r"""SignalFx API access token (see [here](https://docs.signalfx.com/en/latest/admin-guide/tokens.html#working-with-access-tokens))""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsSignalfx], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "authType", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "description", - "token", - "textSecret", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeWavefront(str, Enum): - WAVEFRONT = "wavefront" - - -class CreateOutputSystemByPackPqControlsWavefrontTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsWavefront(BaseModel): - pass - - -class CreateOutputSystemByPackOutputWavefrontTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeWavefront - domain: str - r"""WaveFront domain name, e.g. \"longboard\" """ - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - token: NotRequired[str] - r"""WaveFront API authentication token (see [here](https://docs.wavefront.com/wavefront_api.html#generating-an-api-token))""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsWavefrontTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputSystemByPackOutputWavefront(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeWavefront - - domain: str - r"""WaveFront domain name, e.g. \"longboard\" """ - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - token: Optional[str] = None - r"""WaveFront API authentication token (see [here](https://docs.wavefront.com/wavefront_api.html#generating-an-api-token))""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsWavefront], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "authType", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "description", - "token", - "textSecret", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeTcpjson(str, Enum): - TCPJSON = "tcpjson" - - -class CreateOutputSystemByPackPqControlsTcpjsonTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsTcpjson(BaseModel): - pass - - -class CreateOutputSystemByPackOutputTcpjsonTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeTcpjson - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - load_balanced: NotRequired[bool] - r"""Use load-balanced destinations""" - compression: NotRequired[CompressionOptionsGzipNone] - r"""Codec to use to compress the data before sending""" - log_failed_requests: NotRequired[bool] - r"""Use to troubleshoot issues with sending data""" - throttle_rate_per_sec: NotRequired[str] - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] - connection_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - write_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - token_ttl_minutes: NotRequired[float] - r"""The number of minutes before the internally generated authentication token expires, valid values between 1 and 60""" - send_header: NotRequired[bool] - r"""Upon connection, send a header-like record containing the auth token and other metadata.This record will not contain an actual event – only subsequent records will.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - description: NotRequired[str] - host: NotRequired[str] - r"""The hostname of the receiver""" - port: NotRequired[float] - r"""The port to connect to on the provided host""" - exclude_self: NotRequired[bool] - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - hosts: NotRequired[List[HostConfOutputSyslogTypedDict]] - r"""Set of hosts to load-balance data to""" - dns_resolve_period_sec: NotRequired[float] - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - load_balance_stats_period_sec: NotRequired[float] - r"""How far back in time to keep traffic stats for load balancing purposes""" - max_concurrent_senders: NotRequired[float] - r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsTcpjsonTypedDict] - auth_token: NotRequired[str] - r"""Optional authentication token to include as part of the connection header""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_host: NotRequired[str] - r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" - template_port: NotRequired[str] - r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" - - -class CreateOutputSystemByPackOutputTcpjson(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeTcpjson - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( - None - ) - r"""Use load-balanced destinations""" - - compression: Optional[CompressionOptionsGzipNone] = None - r"""Codec to use to compress the data before sending""" - - log_failed_requests: Annotated[ - Optional[bool], pydantic.Field(alias="logFailedRequests") - ] = None - r"""Use to troubleshoot issues with sending data""" - - throttle_rate_per_sec: Annotated[ - Optional[str], pydantic.Field(alias="throttleRatePerSec") - ] = None - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - - write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( - None - ) - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - - token_ttl_minutes: Annotated[ - Optional[float], pydantic.Field(alias="tokenTTLMinutes") - ] = None - r"""The number of minutes before the internally generated authentication token expires, valid values between 1 and 60""" - - send_header: Annotated[Optional[bool], pydantic.Field(alias="sendHeader")] = None - r"""Upon connection, send a header-like record containing the auth token and other metadata.This record will not contain an actual event – only subsequent records will.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - description: Optional[str] = None - - host: Optional[str] = None - r"""The hostname of the receiver""" - - port: Optional[float] = None - r"""The port to connect to on the provided host""" - - exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - - hosts: Optional[List[HostConfOutputSyslog]] = None - r"""Set of hosts to load-balance data to""" - - dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") - ] = None - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - - load_balance_stats_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") - ] = None - r"""How far back in time to keep traffic stats for load balancing purposes""" - - max_concurrent_senders: Annotated[ - Optional[float], pydantic.Field(alias="maxConcurrentSenders") - ] = None - r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsTcpjson], - pydantic.Field(alias="pqControls"), - ] = None - - auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None - r"""Optional authentication token to include as part of the connection header""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_host: Annotated[Optional[str], pydantic.Field(alias="__template_host")] = ( - None - ) - r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" - - template_port: Annotated[Optional[str], pydantic.Field(alias="__template_port")] = ( - None - ) - r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" - - @field_serializer("compression") - def serialize_compression(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsGzipNone(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "loadBalanced", - "compression", - "logFailedRequests", - "throttleRatePerSec", - "tls", - "connectionTimeout", - "writeTimeout", - "tokenTTLMinutes", - "sendHeader", - "onBackpressure", - "authType", - "description", - "host", - "port", - "excludeSelf", - "hosts", - "dnsResolvePeriodSec", - "loadBalanceStatsPeriodSec", - "maxConcurrentSenders", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "authToken", - "textSecret", - "__template_streamtags", - "__template_onBackpressure", - "__template_host", - "__template_port", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeWizHec(str, Enum): - WIZ_HEC = "wiz_hec" - - -class CreateOutputSystemByPackPqControlsWizHecTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsWizHec(BaseModel): - pass - - -class CreateOutputSystemByPackOutputWizHecTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeWizHec - wiz_connector_id: str - r"""The unique identifier for the specific Cribl connector defined in your Wiz Settings. This is used to cross-validate the bearer token and ensure traffic is originating from the authorized integration.""" - wiz_environment: str - r"""Your Wiz deployment environment.""" - data_center: str - r"""Your Wiz deployment data center (e.g., us1, us8, eu1). From Tenant Info → Data Center and Regions → Tenant Data Center in your Wiz console.""" - wiz_sourcetype: str - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - next_queue: NotRequired[str] - r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" - tcp_routing: NotRequired[str] - r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict] - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsWizHecTypedDict] - token: NotRequired[str] - r"""Wiz Defend Auth token""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_wiz_environment: NotRequired[str] - r"""Binds 'wiz_environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_environment' at runtime.""" - template_data_center: NotRequired[str] - r"""Binds 'data_center' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'data_center' at runtime.""" - template_wiz_sourcetype: NotRequired[str] - r"""Binds 'wiz_sourcetype' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_sourcetype' at runtime.""" - - -class CreateOutputSystemByPackOutputWizHec(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeWizHec - - wiz_connector_id: str - r"""The unique identifier for the specific Cribl connector defined in your Wiz Settings. This is used to cross-validate the bearer token and ensure traffic is originating from the authorized integration.""" - - wiz_environment: str - r"""Your Wiz deployment environment.""" - - data_center: str - r"""Your Wiz deployment data center (e.g., us1, us8, eu1). From Tenant Info → Data Center and Regions → Tenant Data Center in your Wiz console.""" - - wiz_sourcetype: str - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - next_queue: Annotated[Optional[str], pydantic.Field(alias="nextQueue")] = None - r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" - - tcp_routing: Annotated[Optional[str], pydantic.Field(alias="tcpRouting")] = None - r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPathExtended] = None - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsWizHec], - pydantic.Field(alias="pqControls"), - ] = None - - token: Optional[str] = None - r"""Wiz Defend Auth token""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_wiz_environment: Annotated[ - Optional[str], pydantic.Field(alias="__template_wiz_environment") - ] = None - r"""Binds 'wiz_environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_environment' at runtime.""" - - template_data_center: Annotated[ - Optional[str], pydantic.Field(alias="__template_data_center") - ] = None - r"""Binds 'data_center' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'data_center' at runtime.""" - - template_wiz_sourcetype: Annotated[ - Optional[str], pydantic.Field(alias="__template_wiz_sourcetype") - ] = None - r"""Binds 'wiz_sourcetype' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_sourcetype' at runtime.""" - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "nextQueue", - "tcpRouting", - "tls", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "failedRequestLoggingMode", - "safeHeaders", - "authType", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "description", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "token", - "textSecret", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_wiz_environment", - "__template_data_center", - "__template_wiz_sourcetype", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeSplunkHec(str, Enum): - SPLUNK_HEC = "splunk_hec" - - -class CreateOutputSystemByPackURLSplunkHecTypedDict(TypedDict): - url: str - r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" - weight: NotRequired[float] - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - -class CreateOutputSystemByPackURLSplunkHec(BaseModel): - url: str - r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" - - weight: Optional[float] = None - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["weight", "__template_url"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackPqControlsSplunkHecTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsSplunkHec(BaseModel): - pass - - -class CreateOutputSystemByPackOutputSplunkHecTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeSplunkHec - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - load_balanced: NotRequired[bool] - r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" - next_queue: NotRequired[str] - r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" - tcp_routing: NotRequired[str] - r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict] - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - enable_multi_metrics: NotRequired[bool] - r"""Output metrics in multiple-metric format, supported in Splunk 8.0 and above to allow multiple metrics in a single event.""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - url: NotRequired[str] - r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - exclude_self: NotRequired[bool] - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - urls: NotRequired[List[CreateOutputSystemByPackURLSplunkHecTypedDict]] - dns_resolve_period_sec: NotRequired[float] - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - load_balance_stats_period_sec: NotRequired[float] - r"""How far back in time to keep traffic stats for load balancing purposes""" - token: NotRequired[str] - r"""Splunk HEC authentication token""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsSplunkHecTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - -class CreateOutputSystemByPackOutputSplunkHec(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeSplunkHec - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( - None - ) - r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" - - next_queue: Annotated[Optional[str], pydantic.Field(alias="nextQueue")] = None - r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" - - tcp_routing: Annotated[Optional[str], pydantic.Field(alias="tcpRouting")] = None - r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPathExtended] = None - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - enable_multi_metrics: Annotated[ - Optional[bool], pydantic.Field(alias="enableMultiMetrics") - ] = None - r"""Output metrics in multiple-metric format, supported in Splunk 8.0 and above to allow multiple metrics in a single event.""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - url: Optional[str] = None - r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - - urls: Optional[List[CreateOutputSystemByPackURLSplunkHec]] = None - - dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") - ] = None - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - - load_balance_stats_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") - ] = None - r"""How far back in time to keep traffic stats for load balancing purposes""" - - token: Optional[str] = None - r"""Splunk HEC authentication token""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsSplunkHec], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "loadBalanced", - "nextQueue", - "tcpRouting", - "tls", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "failedRequestLoggingMode", - "safeHeaders", - "enableMultiMetrics", - "authType", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "description", - "url", - "useRoundRobinDns", - "excludeSelf", - "urls", - "dnsResolvePeriodSec", - "loadBalanceStatsPeriodSec", - "token", - "textSecret", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_url", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeSplunkLb(str, Enum): - SPLUNK_LB = "splunk_lb" - - -class CreateOutputSystemByPackAuthTokenTypedDict(TypedDict): - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - auth_token: NotRequired[str] - r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - - -class CreateOutputSystemByPackAuthToken(BaseModel): - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None - r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["authType", "authToken", "textSecret"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackIndexerDiscoveryConfigsTypedDict(TypedDict): - r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" - - site: str - r"""Clustering site of the indexers from where indexers need to be discovered. In case of single site cluster, it defaults to 'default' site.""" - master_uri: str - r"""Full URI of Splunk cluster manager (scheme://host:port). Example: https://managerAddress:8089""" - refresh_interval_sec: float - r"""Time interval, in seconds, between two consecutive indexer list fetches from cluster manager""" - reject_unauthorized: NotRequired[bool] - r"""During indexer discovery, reject cluster manager certificates that are not authorized by the system's CA. Disable to allow untrusted (for example, self-signed) certificates.""" - auth_tokens: NotRequired[List[CreateOutputSystemByPackAuthTokenTypedDict]] - r"""Tokens required to authenticate to cluster manager for indexer discovery""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - auth_token: NotRequired[str] - r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - - -class CreateOutputSystemByPackIndexerDiscoveryConfigs(BaseModel): - r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" - - site: str - r"""Clustering site of the indexers from where indexers need to be discovered. In case of single site cluster, it defaults to 'default' site.""" - - master_uri: Annotated[str, pydantic.Field(alias="masterUri")] - r"""Full URI of Splunk cluster manager (scheme://host:port). Example: https://managerAddress:8089""" - - refresh_interval_sec: Annotated[float, pydantic.Field(alias="refreshIntervalSec")] - r"""Time interval, in seconds, between two consecutive indexer list fetches from cluster manager""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""During indexer discovery, reject cluster manager certificates that are not authorized by the system's CA. Disable to allow untrusted (for example, self-signed) certificates.""" - - auth_tokens: Annotated[ - Optional[List[CreateOutputSystemByPackAuthToken]], - pydantic.Field(alias="authTokens"), - ] = None - r"""Tokens required to authenticate to cluster manager for indexer discovery""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None - r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - ["rejectUnauthorized", "authTokens", "authType", "authToken", "textSecret"] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackPqControlsSplunkLbTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsSplunkLb(BaseModel): - pass - - -class CreateOutputSystemByPackOutputSplunkLbTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeSplunkLb - hosts: List[HostConfOutputSyslogTypedDict] - r"""Set of Splunk indexers to load-balance data to.""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - dns_resolve_period_sec: NotRequired[float] - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - load_balance_stats_period_sec: NotRequired[float] - r"""How far back in time to keep traffic stats for load balancing purposes""" - max_concurrent_senders: NotRequired[float] - r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" - nested_fields: NotRequired[NestedFieldSerializationOptions] - r"""How to serialize nested fields into index-time fields""" - throttle_rate_per_sec: NotRequired[str] - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - connection_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - write_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] - enable_multi_metrics: NotRequired[bool] - r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" - enable_ack: NotRequired[bool] - r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" - log_failed_requests: NotRequired[bool] - r"""Use to troubleshoot issues with sending data""" - max_s2_sversion: NotRequired[MaxS2SVersionOptions] - r"""The highest S2S protocol version to advertise during handshake""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - indexer_discovery: NotRequired[bool] - r"""Automatically discover indexers in indexer clustering environment.""" - sender_unhealthy_time_allowance: NotRequired[float] - r"""How long (in milliseconds) each LB endpoint can report blocked before the Destination reports unhealthy, blocking the sender. (Grace period for fluctuations.) Use 0 to disable; max 1 minute.""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - description: NotRequired[str] - max_failed_health_checks: NotRequired[float] - r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" - compress: NotRequired[CompressionOptions] - r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" - indexer_discovery_configs: NotRequired[ - CreateOutputSystemByPackIndexerDiscoveryConfigsTypedDict - ] - r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" - exclude_self: NotRequired[bool] - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsSplunkLbTypedDict] - auth_token: NotRequired[str] - r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_nested_fields: NotRequired[str] - r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" - template_max_s2_sversion: NotRequired[str] - r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - -class CreateOutputSystemByPackOutputSplunkLb(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeSplunkLb - - hosts: List[HostConfOutputSyslog] - r"""Set of Splunk indexers to load-balance data to.""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") - ] = None - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - - load_balance_stats_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") - ] = None - r"""How far back in time to keep traffic stats for load balancing purposes""" - - max_concurrent_senders: Annotated[ - Optional[float], pydantic.Field(alias="maxConcurrentSenders") - ] = None - r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" - - nested_fields: Annotated[ - Optional[NestedFieldSerializationOptions], pydantic.Field(alias="nestedFields") - ] = None - r"""How to serialize nested fields into index-time fields""" - - throttle_rate_per_sec: Annotated[ - Optional[str], pydantic.Field(alias="throttleRatePerSec") - ] = None - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - - write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( - None - ) - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None - - enable_multi_metrics: Annotated[ - Optional[bool], pydantic.Field(alias="enableMultiMetrics") - ] = None - r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" - - enable_ack: Annotated[Optional[bool], pydantic.Field(alias="enableACK")] = None - r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" - - log_failed_requests: Annotated[ - Optional[bool], pydantic.Field(alias="logFailedRequests") - ] = None - r"""Use to troubleshoot issues with sending data""" - - max_s2_sversion: Annotated[ - Optional[MaxS2SVersionOptions], pydantic.Field(alias="maxS2Sversion") - ] = None - r"""The highest S2S protocol version to advertise during handshake""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - indexer_discovery: Annotated[ - Optional[bool], pydantic.Field(alias="indexerDiscovery") - ] = None - r"""Automatically discover indexers in indexer clustering environment.""" - - sender_unhealthy_time_allowance: Annotated[ - Optional[float], pydantic.Field(alias="senderUnhealthyTimeAllowance") - ] = None - r"""How long (in milliseconds) each LB endpoint can report blocked before the Destination reports unhealthy, blocking the sender. (Grace period for fluctuations.) Use 0 to disable; max 1 minute.""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - description: Optional[str] = None - - max_failed_health_checks: Annotated[ - Optional[float], pydantic.Field(alias="maxFailedHealthChecks") - ] = None - r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" - - compress: Optional[CompressionOptions] = None - r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" - - indexer_discovery_configs: Annotated[ - Optional[CreateOutputSystemByPackIndexerDiscoveryConfigs], - pydantic.Field(alias="indexerDiscoveryConfigs"), - ] = None - r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" - - exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsSplunkLb], - pydantic.Field(alias="pqControls"), - ] = None - - auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None - r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_nested_fields: Annotated[ - Optional[str], pydantic.Field(alias="__template_nestedFields") - ] = None - r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" - - template_max_s2_sversion: Annotated[ - Optional[str], pydantic.Field(alias="__template_maxS2Sversion") - ] = None - r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - @field_serializer("nested_fields") - def serialize_nested_fields(self, value): - if isinstance(value, str): - try: - return models.NestedFieldSerializationOptions(value) - except ValueError: - return value - return value - - @field_serializer("max_s2_sversion") - def serialize_max_s2_sversion(self, value): - if isinstance(value, str): - try: - return models.MaxS2SVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "dnsResolvePeriodSec", - "loadBalanceStatsPeriodSec", - "maxConcurrentSenders", - "nestedFields", - "throttleRatePerSec", - "connectionTimeout", - "writeTimeout", - "tls", - "enableMultiMetrics", - "enableACK", - "logFailedRequests", - "maxS2Sversion", - "onBackpressure", - "indexerDiscovery", - "senderUnhealthyTimeAllowance", - "authType", - "description", - "maxFailedHealthChecks", - "compress", - "indexerDiscoveryConfigs", - "excludeSelf", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "authToken", - "textSecret", - "__template_streamtags", - "__template_nestedFields", - "__template_maxS2Sversion", - "__template_onBackpressure", - "__template_compress", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeSplunk(str, Enum): - SPLUNK = "splunk" - - -class CreateOutputSystemByPackPqControlsSplunkTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsSplunk(BaseModel): - pass - - -class CreateOutputSystemByPackOutputSplunkTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeSplunk - host: str - r"""The hostname of the receiver""" - port: float - r"""The port to connect to on the provided host""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - nested_fields: NotRequired[NestedFieldSerializationOptions] - r"""How to serialize nested fields into index-time fields""" - throttle_rate_per_sec: NotRequired[str] - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - connection_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - write_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] - enable_multi_metrics: NotRequired[bool] - r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" - enable_ack: NotRequired[bool] - r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" - log_failed_requests: NotRequired[bool] - r"""Use to troubleshoot issues with sending data""" - max_s2_sversion: NotRequired[MaxS2SVersionOptions] - r"""The highest S2S protocol version to advertise during handshake""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - description: NotRequired[str] - max_failed_health_checks: NotRequired[float] - r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" - compress: NotRequired[CompressionOptions] - r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsSplunkTypedDict] - auth_token: NotRequired[str] - r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_host: NotRequired[str] - r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" - template_port: NotRequired[str] - r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" - template_nested_fields: NotRequired[str] - r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" - template_max_s2_sversion: NotRequired[str] - r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - -class CreateOutputSystemByPackOutputSplunk(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeSplunk - - host: str - r"""The hostname of the receiver""" - - port: float - r"""The port to connect to on the provided host""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - nested_fields: Annotated[ - Optional[NestedFieldSerializationOptions], pydantic.Field(alias="nestedFields") - ] = None - r"""How to serialize nested fields into index-time fields""" - - throttle_rate_per_sec: Annotated[ - Optional[str], pydantic.Field(alias="throttleRatePerSec") - ] = None - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - - write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( - None - ) - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None - - enable_multi_metrics: Annotated[ - Optional[bool], pydantic.Field(alias="enableMultiMetrics") - ] = None - r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" - - enable_ack: Annotated[Optional[bool], pydantic.Field(alias="enableACK")] = None - r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" - - log_failed_requests: Annotated[ - Optional[bool], pydantic.Field(alias="logFailedRequests") - ] = None - r"""Use to troubleshoot issues with sending data""" - - max_s2_sversion: Annotated[ - Optional[MaxS2SVersionOptions], pydantic.Field(alias="maxS2Sversion") - ] = None - r"""The highest S2S protocol version to advertise during handshake""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - description: Optional[str] = None - - max_failed_health_checks: Annotated[ - Optional[float], pydantic.Field(alias="maxFailedHealthChecks") - ] = None - r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" - - compress: Optional[CompressionOptions] = None - r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsSplunk], - pydantic.Field(alias="pqControls"), - ] = None - - auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None - r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_host: Annotated[Optional[str], pydantic.Field(alias="__template_host")] = ( - None - ) - r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" - - template_port: Annotated[Optional[str], pydantic.Field(alias="__template_port")] = ( - None - ) - r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" - - template_nested_fields: Annotated[ - Optional[str], pydantic.Field(alias="__template_nestedFields") - ] = None - r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" - - template_max_s2_sversion: Annotated[ - Optional[str], pydantic.Field(alias="__template_maxS2Sversion") - ] = None - r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - @field_serializer("nested_fields") - def serialize_nested_fields(self, value): - if isinstance(value, str): - try: - return models.NestedFieldSerializationOptions(value) - except ValueError: - return value - return value - - @field_serializer("max_s2_sversion") - def serialize_max_s2_sversion(self, value): - if isinstance(value, str): - try: - return models.MaxS2SVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "nestedFields", - "throttleRatePerSec", - "connectionTimeout", - "writeTimeout", - "tls", - "enableMultiMetrics", - "enableACK", - "logFailedRequests", - "maxS2Sversion", - "onBackpressure", - "authType", - "description", - "maxFailedHealthChecks", - "compress", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "authToken", - "textSecret", - "__template_streamtags", - "__template_host", - "__template_port", - "__template_nestedFields", - "__template_maxS2Sversion", - "__template_onBackpressure", - "__template_compress", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeSyslog(str, Enum): - SYSLOG = "syslog" - - -class CreateOutputSystemByPackProtocolSyslog(str, Enum, metaclass=utils.OpenEnumMeta): - r"""The network protocol to use for sending out syslog messages""" - - # TCP - TCP = "tcp" - # UDP - UDP = "udp" - - -class CreateOutputSystemByPackFacility(int, Enum, metaclass=utils.OpenEnumMeta): - r"""Default value for message facility. Will be overwritten by value of __facility if set. Defaults to user.""" - - # kern - KERN = 0 - # user - USER = 1 - # mail - MAIL = 2 - # daemon - DAEMON = 3 - # auth - AUTH = 4 - # syslog - SYSLOG = 5 - # lpr - LPR = 6 - # news - NEWS = 7 - # uucp - UUCP = 8 - # cron - CRON = 9 - # authpriv - AUTHPRIV = 10 - # ftp - FTP = 11 - # ntp - NTP = 12 - # security - SECURITY = 13 - # console - CONSOLE = 14 - # solaris-cron - SOLARIS_CRON = 15 - # local0 - LOCAL0 = 16 - # local1 - LOCAL1 = 17 - # local2 - LOCAL2 = 18 - # local3 - LOCAL3 = 19 - # local4 - LOCAL4 = 20 - # local5 - LOCAL5 = 21 - - -class CreateOutputSystemByPackSeveritySyslog(int, Enum, metaclass=utils.OpenEnumMeta): - r"""Default value for message severity. Will be overwritten by value of __severity if set. Defaults to notice.""" - - # emergency - EMERGENCY = 0 - # alert - ALERT = 1 - # critical - CRITICAL = 2 - # error - ERROR = 3 - # warning - WARNING = 4 - # notice - NOTICE = 5 - # info - INFO = 6 - # debug - DEBUG = 7 - - -class CreateOutputSystemByPackMessageFormat(str, Enum, metaclass=utils.OpenEnumMeta): - r"""The syslog message format depending on the receiver's support""" - - # RFC3164 - RFC3164 = "rfc3164" - # RFC5424 - RFC5424 = "rfc5424" - - -class CreateOutputSystemByPackTimestampFormat(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Timestamp format to use when serializing event's time field""" - - # Syslog - SYSLOG = "syslog" - # ISO8601 - ISO8601 = "iso8601" - - -class CreateOutputSystemByPackPqControlsSyslogTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsSyslog(BaseModel): - pass - - -class CreateOutputSystemByPackOutputSyslogTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeSyslog - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - protocol: NotRequired[CreateOutputSystemByPackProtocolSyslog] - r"""The network protocol to use for sending out syslog messages""" - facility: NotRequired[CreateOutputSystemByPackFacility] - r"""Default value for message facility. Will be overwritten by value of __facility if set. Defaults to user.""" - severity: NotRequired[CreateOutputSystemByPackSeveritySyslog] - r"""Default value for message severity. Will be overwritten by value of __severity if set. Defaults to notice.""" - app_name: NotRequired[str] - r"""Default name for device or application that originated the message. Defaults to Cribl, but will be overwritten by value of __appname if set.""" - message_format: NotRequired[CreateOutputSystemByPackMessageFormat] - r"""The syslog message format depending on the receiver's support""" - timestamp_format: NotRequired[CreateOutputSystemByPackTimestampFormat] - r"""Timestamp format to use when serializing event's time field""" - throttle_rate_per_sec: NotRequired[str] - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - octet_count_framing: NotRequired[bool] - r"""Prefix messages with the byte count of the message. If disabled, no prefix will be set, and the message will be appended with a \n.""" - log_failed_requests: NotRequired[bool] - r"""Use to troubleshoot issues with sending data""" - description: NotRequired[str] - load_balanced: NotRequired[bool] - r"""For optimal performance, enable load balancing even if you have one hostname, as it can expand to multiple IPs. If this setting is disabled, consider enabling round-robin DNS.""" - host: NotRequired[str] - r"""The hostname of the receiver""" - port: NotRequired[float] - r"""The port to connect to on the provided host""" - exclude_self: NotRequired[bool] - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - hosts: NotRequired[List[HostConfOutputSyslogTypedDict]] - r"""Set of hosts to load-balance data to""" - dns_resolve_period_sec: NotRequired[float] - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - load_balance_stats_period_sec: NotRequired[float] - r"""How far back in time to keep traffic stats for load balancing purposes""" - max_concurrent_senders: NotRequired[float] - r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" - connection_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - write_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - max_record_size: NotRequired[float] - r"""Maximum size of syslog messages. Make sure this value is less than or equal to the MTU to avoid UDP packet fragmentation.""" - udp_dns_resolve_period_sec: NotRequired[float] - r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every message sent will incur a DNS lookup.""" - enable_ip_spoofing: NotRequired[bool] - r"""Send Syslog traffic using the original event's Source IP and port. To enable this, you must install the external `udp-sender` helper binary at `/usr/bin/udp-sender` on all Worker Nodes and grant it the `CAP_NET_RAW` capability.""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsSyslogTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_host: NotRequired[str] - r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" - template_port: NotRequired[str] - r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - -class CreateOutputSystemByPackOutputSyslog(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeSyslog - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - protocol: Optional[CreateOutputSystemByPackProtocolSyslog] = None - r"""The network protocol to use for sending out syslog messages""" - - facility: Optional[CreateOutputSystemByPackFacility] = None - r"""Default value for message facility. Will be overwritten by value of __facility if set. Defaults to user.""" - - severity: Optional[CreateOutputSystemByPackSeveritySyslog] = None - r"""Default value for message severity. Will be overwritten by value of __severity if set. Defaults to notice.""" - - app_name: Annotated[Optional[str], pydantic.Field(alias="appName")] = None - r"""Default name for device or application that originated the message. Defaults to Cribl, but will be overwritten by value of __appname if set.""" - - message_format: Annotated[ - Optional[CreateOutputSystemByPackMessageFormat], - pydantic.Field(alias="messageFormat"), - ] = None - r"""The syslog message format depending on the receiver's support""" - - timestamp_format: Annotated[ - Optional[CreateOutputSystemByPackTimestampFormat], - pydantic.Field(alias="timestampFormat"), - ] = None - r"""Timestamp format to use when serializing event's time field""" - - throttle_rate_per_sec: Annotated[ - Optional[str], pydantic.Field(alias="throttleRatePerSec") - ] = None - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - - octet_count_framing: Annotated[ - Optional[bool], pydantic.Field(alias="octetCountFraming") - ] = None - r"""Prefix messages with the byte count of the message. If disabled, no prefix will be set, and the message will be appended with a \n.""" - - log_failed_requests: Annotated[ - Optional[bool], pydantic.Field(alias="logFailedRequests") - ] = None - r"""Use to troubleshoot issues with sending data""" - - description: Optional[str] = None - - load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( - None - ) - r"""For optimal performance, enable load balancing even if you have one hostname, as it can expand to multiple IPs. If this setting is disabled, consider enabling round-robin DNS.""" - - host: Optional[str] = None - r"""The hostname of the receiver""" - - port: Optional[float] = None - r"""The port to connect to on the provided host""" - - exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - - hosts: Optional[List[HostConfOutputSyslog]] = None - r"""Set of hosts to load-balance data to""" - - dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") - ] = None - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - - load_balance_stats_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") - ] = None - r"""How far back in time to keep traffic stats for load balancing purposes""" - - max_concurrent_senders: Annotated[ - Optional[float], pydantic.Field(alias="maxConcurrentSenders") - ] = None - r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - - write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( - None - ) - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - max_record_size: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSize") - ] = None - r"""Maximum size of syslog messages. Make sure this value is less than or equal to the MTU to avoid UDP packet fragmentation.""" - - udp_dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="udpDnsResolvePeriodSec") - ] = None - r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every message sent will incur a DNS lookup.""" - - enable_ip_spoofing: Annotated[ - Optional[bool], pydantic.Field(alias="enableIpSpoofing") - ] = None - r"""Send Syslog traffic using the original event's Source IP and port. To enable this, you must install the external `udp-sender` helper binary at `/usr/bin/udp-sender` on all Worker Nodes and grant it the `CAP_NET_RAW` capability.""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsSyslog], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_host: Annotated[Optional[str], pydantic.Field(alias="__template_host")] = ( - None - ) - r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" - - template_port: Annotated[Optional[str], pydantic.Field(alias="__template_port")] = ( - None - ) - r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - @field_serializer("protocol") - def serialize_protocol(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackProtocolSyslog(value) - except ValueError: - return value - return value - - @field_serializer("facility") - def serialize_facility(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackFacility(value) - except ValueError: - return value - return value - - @field_serializer("severity") - def serialize_severity(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackSeveritySyslog(value) - except ValueError: - return value - return value - - @field_serializer("message_format") - def serialize_message_format(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackMessageFormat(value) - except ValueError: - return value - return value - - @field_serializer("timestamp_format") - def serialize_timestamp_format(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackTimestampFormat(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "protocol", - "facility", - "severity", - "appName", - "messageFormat", - "timestampFormat", - "throttleRatePerSec", - "octetCountFraming", - "logFailedRequests", - "description", - "loadBalanced", - "host", - "port", - "excludeSelf", - "hosts", - "dnsResolvePeriodSec", - "loadBalanceStatsPeriodSec", - "maxConcurrentSenders", - "connectionTimeout", - "writeTimeout", - "tls", - "onBackpressure", - "maxRecordSize", - "udpDnsResolvePeriodSec", - "enableIpSpoofing", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_host", - "__template_port", - "__template_onBackpressure", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeDevnull(str, Enum): - DEVNULL = "devnull" - - -class CreateOutputSystemByPackOutputDevnullTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeDevnull - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - -class CreateOutputSystemByPackOutputDevnull(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeDevnull - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "__template_streamtags", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackTypeSentinel(str, Enum): - SENTINEL = "sentinel" - - -class CreateOutputSystemByPackAuthType(str, Enum, metaclass=utils.OpenEnumMeta): - OAUTH = "oauth" - - -class CreateOutputSystemByPackEndpointConfiguration( - str, Enum, metaclass=utils.OpenEnumMeta -): - r"""Enter the data collection endpoint URL or the individual ID""" - - # URL - URL = "url" - # ID - ID = "ID" - - -class CreateOutputSystemByPackFormatSentinel(str, Enum, metaclass=utils.OpenEnumMeta): - NDJSON = "ndjson" - JSON_ARRAY = "json_array" - CUSTOM = "custom" - ADVANCED = "advanced" - - -class CreateOutputSystemByPackPqControlsSentinelTypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackPqControlsSentinel(BaseModel): - pass - - -class CreateOutputSystemByPackOutputSentinelTypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackTypeSentinel - login_url: str - r"""URL for OAuth""" - secret: str - r"""Secret parameter value to pass in request body""" - client_id: str - r"""JavaScript expression to compute the Client ID for the Azure application. Can be a constant.""" - endpoint_url_configuration: CreateOutputSystemByPackEndpointConfiguration - r"""Enter the data collection endpoint URL or the individual ID""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - keep_alive: NotRequired[bool] - r"""Disable to close the connection immediately after sending the outgoing request""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size (KB) of the request body (defaults to the API's maximum limit of 1000 KB)""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[CreateOutputSystemByPackAuthType] - scope: NotRequired[str] - r"""Scope to pass in the OAuth request""" - total_memory_limit_kb: NotRequired[float] - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - description: NotRequired[str] - format_: NotRequired[CreateOutputSystemByPackFormatSentinel] - custom_source_expression: NotRequired[str] - r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" - custom_drop_when_null: NotRequired[bool] - r"""Whether to drop events when the source expression evaluates to null""" - custom_event_delimiter: NotRequired[str] - r"""Delimiter string to insert between individual events. Defaults to newline character.""" - custom_content_type: NotRequired[str] - r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" - custom_payload_expression: NotRequired[str] - r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" - advanced_content_type: NotRequired[str] - r"""HTTP content-type header value""" - format_event_code: NotRequired[str] - r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - format_payload_code: NotRequired[str] - r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackPqControlsSentinelTypedDict] - url: NotRequired[str] - r"""URL to send events to. Can be overwritten by an event's __url field.""" - dcr_id: NotRequired[str] - r"""Immutable ID for the Data Collection Rule (DCR)""" - dce_endpoint: NotRequired[str] - r"""Data collection endpoint (DCE) URL. In the format: `https://-..ingest.monitor.azure.com`""" - stream_name: NotRequired[str] - r"""The name of the stream (Sentinel table) in which to store the events""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_login_url: NotRequired[str] - r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" - template_secret: NotRequired[str] - r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" - template_client_id: NotRequired[str] - r"""Binds 'client_id' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'client_id' at runtime.""" - template_scope: NotRequired[str] - r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - template_dcr_id: NotRequired[str] - r"""Binds 'dcrID' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dcrID' at runtime.""" - template_dce_endpoint: NotRequired[str] - r"""Binds 'dceEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dceEndpoint' at runtime.""" - template_stream_name: NotRequired[str] - r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" - - -class CreateOutputSystemByPackOutputSentinel(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackTypeSentinel - - login_url: Annotated[str, pydantic.Field(alias="loginUrl")] - r"""URL for OAuth""" - - secret: str - r"""Secret parameter value to pass in request body""" - - client_id: str - r"""JavaScript expression to compute the Client ID for the Azure application. Can be a constant.""" - - endpoint_url_configuration: Annotated[ - CreateOutputSystemByPackEndpointConfiguration, - pydantic.Field(alias="endpointURLConfiguration"), - ] - r"""Enter the data collection endpoint URL or the individual ID""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - keep_alive: Annotated[Optional[bool], pydantic.Field(alias="keepAlive")] = None - r"""Disable to close the connection immediately after sending the outgoing request""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size (KB) of the request body (defaults to the API's maximum limit of 1000 KB)""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[CreateOutputSystemByPackAuthType], pydantic.Field(alias="authType") - ] = None - - scope: Optional[str] = None - r"""Scope to pass in the OAuth request""" - - total_memory_limit_kb: Annotated[ - Optional[float], pydantic.Field(alias="totalMemoryLimitKB") - ] = None - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - - description: Optional[str] = None - - format_: Annotated[ - Optional[CreateOutputSystemByPackFormatSentinel], pydantic.Field(alias="format") - ] = None - - custom_source_expression: Annotated[ - Optional[str], pydantic.Field(alias="customSourceExpression") - ] = None - r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" - - custom_drop_when_null: Annotated[ - Optional[bool], pydantic.Field(alias="customDropWhenNull") - ] = None - r"""Whether to drop events when the source expression evaluates to null""" - - custom_event_delimiter: Annotated[ - Optional[str], pydantic.Field(alias="customEventDelimiter") - ] = None - r"""Delimiter string to insert between individual events. Defaults to newline character.""" - - custom_content_type: Annotated[ - Optional[str], pydantic.Field(alias="customContentType") - ] = None - r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" - - custom_payload_expression: Annotated[ - Optional[str], pydantic.Field(alias="customPayloadExpression") - ] = None - r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" - - advanced_content_type: Annotated[ - Optional[str], pydantic.Field(alias="advancedContentType") - ] = None - r"""HTTP content-type header value""" - - format_event_code: Annotated[ - Optional[str], pydantic.Field(alias="formatEventCode") - ] = None - r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - - format_payload_code: Annotated[ - Optional[str], pydantic.Field(alias="formatPayloadCode") - ] = None - r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackPqControlsSentinel], - pydantic.Field(alias="pqControls"), - ] = None - - url: Optional[str] = None - r"""URL to send events to. Can be overwritten by an event's __url field.""" - - dcr_id: Annotated[Optional[str], pydantic.Field(alias="dcrID")] = None - r"""Immutable ID for the Data Collection Rule (DCR)""" - - dce_endpoint: Annotated[Optional[str], pydantic.Field(alias="dceEndpoint")] = None - r"""Data collection endpoint (DCE) URL. In the format: `https://-..ingest.monitor.azure.com`""" - - stream_name: Annotated[Optional[str], pydantic.Field(alias="streamName")] = None - r"""The name of the stream (Sentinel table) in which to store the events""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_login_url: Annotated[ - Optional[str], pydantic.Field(alias="__template_loginUrl") - ] = None - r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" - - template_secret: Annotated[ - Optional[str], pydantic.Field(alias="__template_secret") - ] = None - r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" - - template_client_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_client_id") - ] = None - r"""Binds 'client_id' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'client_id' at runtime.""" - - template_scope: Annotated[ - Optional[str], pydantic.Field(alias="__template_scope") - ] = None - r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - template_dcr_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_dcrID") - ] = None - r"""Binds 'dcrID' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dcrID' at runtime.""" - - template_dce_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_dceEndpoint") - ] = None - r"""Binds 'dceEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dceEndpoint' at runtime.""" - - template_stream_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamName") - ] = None - r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackAuthType(value) - except ValueError: - return value - return value - - @field_serializer("endpoint_url_configuration") - def serialize_endpoint_url_configuration(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackEndpointConfiguration(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackFormatSentinel(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "keepAlive", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "authType", - "scope", - "totalMemoryLimitKB", - "description", - "format", - "customSourceExpression", - "customDropWhenNull", - "customEventDelimiter", - "customContentType", - "customPayloadExpression", - "advancedContentType", - "formatEventCode", - "formatPayloadCode", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "url", - "dcrID", - "dceEndpoint", - "streamName", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_loginUrl", - "__template_secret", - "__template_client_id", - "__template_scope", - "__template_url", - "__template_dcrID", - "__template_dceEndpoint", - "__template_streamName", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackOutputWebhookType2(str, Enum): - WEBHOOK = "webhook" - - -class CreateOutputSystemByPackOutputWebhookFormat2( - str, Enum, metaclass=utils.OpenEnumMeta -): - r"""How to format events before sending out""" - - # NDJSON (Newline Delimited JSON) - NDJSON = "ndjson" - # JSON Array - JSON_ARRAY = "json_array" - # Custom - CUSTOM = "custom" - # Advanced - ADVANCED = "advanced" - - -class CreateOutputSystemByPackOutputWebhookAuthenticationType2( - str, Enum, metaclass=utils.OpenEnumMeta -): - r"""Authentication method to use for the HTTP request""" - - # None - NONE = "none" - # Basic - BASIC = "basic" - # Basic (credentials secret) - CREDENTIALS_SECRET = "credentialsSecret" - # Token - TOKEN = "token" - # Token (text secret) - TEXT_SECRET = "textSecret" - # OAuth - OAUTH = "oauth" - - -class CreateOutputSystemByPackOutputWebhookPqControls2TypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackOutputWebhookPqControls2(BaseModel): - pass - - -class CreateOutputSystemByPackOutputWebhookURL2TypedDict(TypedDict): - url: str - r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" - weight: NotRequired[float] - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - -class CreateOutputSystemByPackOutputWebhookURL2(BaseModel): - url: str - r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" - - weight: Optional[float] = None - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["weight", "__template_url"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackOutputWebhookWebhook2TypedDict(TypedDict): - id: str - r"""Unique ID for this output""" - type: CreateOutputSystemByPackOutputWebhookType2 - urls: List[CreateOutputSystemByPackOutputWebhookURL2TypedDict] - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - method: NotRequired[MethodOptions] - r"""The method to use when sending events""" - format_: NotRequired[CreateOutputSystemByPackOutputWebhookFormat2] - r"""How to format events before sending out""" - keep_alive: NotRequired[bool] - r"""Disable to close the connection immediately after sending the outgoing request""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[CreateOutputSystemByPackOutputWebhookAuthenticationType2] - r"""Authentication method to use for the HTTP request""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict] - total_memory_limit_kb: NotRequired[float] - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - load_balanced: NotRequired[bool] - r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" - description: NotRequired[str] - custom_source_expression: NotRequired[str] - r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" - custom_drop_when_null: NotRequired[bool] - r"""Whether to drop events when the source expression evaluates to null""" - custom_event_delimiter: NotRequired[str] - r"""Delimiter string to insert between individual events. Defaults to newline character.""" - custom_content_type: NotRequired[str] - r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" - custom_payload_expression: NotRequired[str] - r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" - advanced_content_type: NotRequired[str] - r"""HTTP content-type header value""" - format_event_code: NotRequired[str] - r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - format_payload_code: NotRequired[str] - r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[CreateOutputSystemByPackOutputWebhookPqControls2TypedDict] - username: NotRequired[str] - password: NotRequired[str] - token: NotRequired[str] - r"""Bearer token to include in the authorization header""" - credentials_secret: NotRequired[str] - r"""Select or create a secret that references your credentials""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - login_url: NotRequired[str] - r"""URL for OAuth""" - secret_param_name: NotRequired[str] - r"""Secret parameter name to pass in request body""" - secret: NotRequired[str] - r"""Secret parameter value to pass in request body""" - token_attribute_name: NotRequired[str] - r"""Name of the auth token attribute in the OAuth response. Can be top-level (e.g., 'token'); or nested, using a period (e.g., 'data.token').""" - auth_header_expr: NotRequired[str] - r"""JavaScript expression to compute the Authorization header value to pass in requests. The value `${token}` is used to reference the token obtained from authentication, e.g.: `Bearer ${token}`.""" - token_timeout_secs: NotRequired[float] - r"""How often the OAuth token should be refreshed.""" - oauth_params: NotRequired[List[OauthParamConfInputServicenowTableTypedDict]] - r"""Additional parameters to send in the OAuth login request. @{product} will combine the secret with these parameters, and will send the URL-encoded result in a POST request to the endpoint specified in the 'Login URL'. We'll automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" - oauth_headers: NotRequired[List[OauthHeaderConfInputServicenowTableTypedDict]] - r"""Additional headers to send in the OAuth login request. @{product} will automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" - url: NotRequired[str] - r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" - exclude_self: NotRequired[bool] - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - dns_resolve_period_sec: NotRequired[float] - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - load_balance_stats_period_sec: NotRequired[float] - r"""How far back in time to keep traffic stats for load balancing purposes""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_login_url: NotRequired[str] - r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" - template_secret: NotRequired[str] - r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - -class CreateOutputSystemByPackOutputWebhookWebhook2(BaseModel): - id: str - r"""Unique ID for this output""" - - type: CreateOutputSystemByPackOutputWebhookType2 - - urls: List[CreateOutputSystemByPackOutputWebhookURL2] - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - method: Optional[MethodOptions] = None - r"""The method to use when sending events""" - - format_: Annotated[ - Optional[CreateOutputSystemByPackOutputWebhookFormat2], - pydantic.Field(alias="format"), - ] = None - r"""How to format events before sending out""" - - keep_alive: Annotated[Optional[bool], pydantic.Field(alias="keepAlive")] = None - r"""Disable to close the connection immediately after sending the outgoing request""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[CreateOutputSystemByPackOutputWebhookAuthenticationType2], - pydantic.Field(alias="authType"), - ] = None - r"""Authentication method to use for the HTTP request""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPathExtended] = None - - total_memory_limit_kb: Annotated[ - Optional[float], pydantic.Field(alias="totalMemoryLimitKB") - ] = None - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - - load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( - None - ) - r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" - - description: Optional[str] = None - - custom_source_expression: Annotated[ - Optional[str], pydantic.Field(alias="customSourceExpression") - ] = None - r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" - - custom_drop_when_null: Annotated[ - Optional[bool], pydantic.Field(alias="customDropWhenNull") - ] = None - r"""Whether to drop events when the source expression evaluates to null""" - - custom_event_delimiter: Annotated[ - Optional[str], pydantic.Field(alias="customEventDelimiter") - ] = None - r"""Delimiter string to insert between individual events. Defaults to newline character.""" - - custom_content_type: Annotated[ - Optional[str], pydantic.Field(alias="customContentType") - ] = None - r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" - - custom_payload_expression: Annotated[ - Optional[str], pydantic.Field(alias="customPayloadExpression") - ] = None - r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" - - advanced_content_type: Annotated[ - Optional[str], pydantic.Field(alias="advancedContentType") - ] = None - r"""HTTP content-type header value""" - - format_event_code: Annotated[ - Optional[str], pydantic.Field(alias="formatEventCode") - ] = None - r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - - format_payload_code: Annotated[ - Optional[str], pydantic.Field(alias="formatPayloadCode") - ] = None - r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[CreateOutputSystemByPackOutputWebhookPqControls2], - pydantic.Field(alias="pqControls"), - ] = None - - username: Optional[str] = None - - password: Optional[str] = None - - token: Optional[str] = None - r"""Bearer token to include in the authorization header""" - - credentials_secret: Annotated[ - Optional[str], pydantic.Field(alias="credentialsSecret") - ] = None - r"""Select or create a secret that references your credentials""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None - r"""URL for OAuth""" - - secret_param_name: Annotated[ - Optional[str], pydantic.Field(alias="secretParamName") - ] = None - r"""Secret parameter name to pass in request body""" - - secret: Optional[str] = None - r"""Secret parameter value to pass in request body""" - - token_attribute_name: Annotated[ - Optional[str], pydantic.Field(alias="tokenAttributeName") - ] = None - r"""Name of the auth token attribute in the OAuth response. Can be top-level (e.g., 'token'); or nested, using a period (e.g., 'data.token').""" - - auth_header_expr: Annotated[ - Optional[str], pydantic.Field(alias="authHeaderExpr") - ] = None - r"""JavaScript expression to compute the Authorization header value to pass in requests. The value `${token}` is used to reference the token obtained from authentication, e.g.: `Bearer ${token}`.""" - - token_timeout_secs: Annotated[ - Optional[float], pydantic.Field(alias="tokenTimeoutSecs") - ] = None - r"""How often the OAuth token should be refreshed.""" - - oauth_params: Annotated[ - Optional[List[OauthParamConfInputServicenowTable]], - pydantic.Field(alias="oauthParams"), - ] = None - r"""Additional parameters to send in the OAuth login request. @{product} will combine the secret with these parameters, and will send the URL-encoded result in a POST request to the endpoint specified in the 'Login URL'. We'll automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" - - oauth_headers: Annotated[ - Optional[List[OauthHeaderConfInputServicenowTable]], - pydantic.Field(alias="oauthHeaders"), - ] = None - r"""Additional headers to send in the OAuth login request. @{product} will automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" - - url: Optional[str] = None - r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" - - exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - - dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") - ] = None - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - - load_balance_stats_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") - ] = None - r"""How far back in time to keep traffic stats for load balancing purposes""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_login_url: Annotated[ - Optional[str], pydantic.Field(alias="__template_loginUrl") - ] = None - r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" - - template_secret: Annotated[ - Optional[str], pydantic.Field(alias="__template_secret") - ] = None - r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - @field_serializer("method") - def serialize_method(self, value): - if isinstance(value, str): - try: - return models.MethodOptions(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackOutputWebhookFormat2(value) - except ValueError: - return value - return value - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.CreateOutputSystemByPackOutputWebhookAuthenticationType2( - value - ) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "pipeline", - "systemFields", - "environment", - "streamtags", - "method", - "format", - "keepAlive", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "authType", - "tls", - "totalMemoryLimitKB", - "loadBalanced", - "description", - "customSourceExpression", - "customDropWhenNull", - "customEventDelimiter", - "customContentType", - "customPayloadExpression", - "advancedContentType", - "formatEventCode", - "formatPayloadCode", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "username", - "password", - "token", - "credentialsSecret", - "textSecret", - "loginUrl", - "secretParamName", - "secret", - "tokenAttributeName", - "authHeaderExpr", - "tokenTimeoutSecs", - "oauthParams", - "oauthHeaders", - "url", - "excludeSelf", - "dnsResolvePeriodSec", - "loadBalanceStatsPeriodSec", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_loginUrl", - "__template_secret", - "__template_url", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class CreateOutputSystemByPackOutputWebhookType1(str, Enum): - WEBHOOK = "webhook" - - -class CreateOutputSystemByPackOutputWebhookFormat1( - str, Enum, metaclass=utils.OpenEnumMeta -): - r"""How to format events before sending out""" - - # NDJSON (Newline Delimited JSON) - NDJSON = "ndjson" - # JSON Array - JSON_ARRAY = "json_array" - # Custom - CUSTOM = "custom" - # Advanced - ADVANCED = "advanced" - - -class CreateOutputSystemByPackOutputWebhookAuthenticationType1( - str, Enum, metaclass=utils.OpenEnumMeta -): - r"""Authentication method to use for the HTTP request""" - - # None - NONE = "none" - # Basic - BASIC = "basic" - # Basic (credentials secret) - CREDENTIALS_SECRET = "credentialsSecret" - # Token - TOKEN = "token" - # Token (text secret) - TEXT_SECRET = "textSecret" - # OAuth - OAUTH = "oauth" - - -class CreateOutputSystemByPackOutputWebhookPqControls1TypedDict(TypedDict): - pass - - -class CreateOutputSystemByPackOutputWebhookPqControls1(BaseModel): - pass - - -class CreateOutputSystemByPackOutputWebhookURL1TypedDict(TypedDict): - url: str - r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" - weight: NotRequired[float] - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - -class CreateOutputSystemByPackOutputWebhookURL1(BaseModel): - url: str - r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" - - weight: Optional[float] = None - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["weight", "__template_url"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m + CreateOutputSystemByPackOutputDiskSpool, + CreateOutputSystemByPackOutputDiskSpoolTypedDict, + CreateOutputSystemByPackOutputDlS3, + CreateOutputSystemByPackOutputDlS3TypedDict, + CreateOutputSystemByPackOutputDynatraceHTTP, + CreateOutputSystemByPackOutputDynatraceHTTPTypedDict, + CreateOutputSystemByPackOutputDynatraceOtlp, + CreateOutputSystemByPackOutputDynatraceOtlpTypedDict, + CreateOutputSystemByPackOutputGrafanaCloudUnion, + CreateOutputSystemByPackOutputGrafanaCloudUnionTypedDict, + CreateOutputSystemByPackOutputGraphite, + CreateOutputSystemByPackOutputGraphiteTypedDict, + CreateOutputSystemByPackOutputHumioHec, + CreateOutputSystemByPackOutputHumioHecTypedDict, + CreateOutputSystemByPackOutputLocalSearchStorage, + CreateOutputSystemByPackOutputLocalSearchStorageTypedDict, + CreateOutputSystemByPackOutputLoki, + CreateOutputSystemByPackOutputLokiTypedDict, + CreateOutputSystemByPackOutputMicrosoftFabric, + CreateOutputSystemByPackOutputMicrosoftFabricTypedDict, + CreateOutputSystemByPackOutputNetflow, + CreateOutputSystemByPackOutputNetflowTypedDict, + CreateOutputSystemByPackOutputNutanixObjects, + CreateOutputSystemByPackOutputNutanixObjectsTypedDict, + CreateOutputSystemByPackOutputOpenTelemetry, + CreateOutputSystemByPackOutputOpenTelemetryTypedDict, + CreateOutputSystemByPackOutputPrometheus, + CreateOutputSystemByPackOutputPrometheusTypedDict, + CreateOutputSystemByPackOutputRing, + CreateOutputSystemByPackOutputRingTypedDict, + CreateOutputSystemByPackOutputRouter, + CreateOutputSystemByPackOutputRouterTypedDict, + CreateOutputSystemByPackOutputScalityS3, + CreateOutputSystemByPackOutputScalityS3TypedDict, + CreateOutputSystemByPackOutputSecurityLake, + CreateOutputSystemByPackOutputSecurityLakeTypedDict, + CreateOutputSystemByPackOutputSentinelOneAiSiem, + CreateOutputSystemByPackOutputSentinelOneAiSiemTypedDict, + CreateOutputSystemByPackOutputServiceNow, + CreateOutputSystemByPackOutputServiceNowTypedDict, + CreateOutputSystemByPackOutputSnmp, + CreateOutputSystemByPackOutputSnmpTypedDict, + CreateOutputSystemByPackOutputSns, + CreateOutputSystemByPackOutputSnsTypedDict, + CreateOutputSystemByPackOutputSqs, + CreateOutputSystemByPackOutputSqsTypedDict, + CreateOutputSystemByPackOutputStatsdExt, + CreateOutputSystemByPackOutputStatsdExtTypedDict, + CreateOutputSystemByPackOutputStorjS3, + CreateOutputSystemByPackOutputStorjS3TypedDict, + CreateOutputSystemByPackOutputSumoLogic, + CreateOutputSystemByPackOutputSumoLogicTypedDict, + CreateOutputSystemByPackOutputXsiam, + CreateOutputSystemByPackOutputXsiamTypedDict, +) +from .extrahttpheaderconfinputelastic import ( + ExtraHTTPHeaderConfInputElastic, + ExtraHTTPHeaderConfInputElasticTypedDict, +) +from .failedrequestloggingmodeoptions import FailedRequestLoggingModeOptions +from .methodoptions import MethodOptions +from .modeoptions import ModeOptions +from .oauthheaderconfinputservicenowtable import ( + OauthHeaderConfInputServicenowTable, + OauthHeaderConfInputServicenowTableTypedDict, +) +from .oauthparamconfinputservicenowtable import ( + OauthParamConfInputServicenowTable, + OauthParamConfInputServicenowTableTypedDict, +) +from .queuefullbehavioroptions import QueueFullBehaviorOptions +from .responseretrysettingconfoutputwebhook import ( + ResponseRetrySettingConfOutputWebhook, + ResponseRetrySettingConfOutputWebhookTypedDict, +) +from .timeoutretrysettingstype import ( + TimeoutRetrySettingsType, + TimeoutRetrySettingsTypeTypedDict, +) +from .tlssettingsclientsidetypecapathcertpathextended import ( + TLSSettingsClientSideTypeCaPathCertPathExtended, + TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict, +) +from cribl_control_plane import models +from cribl_control_plane.types import BaseModel, Nullable, UNSET_SENTINEL +from cribl_control_plane.utils import ( + FieldMetadata, + PathParamMetadata, + RequestMetadata, + get_discriminator, +) +from enum import Enum +import pydantic +from pydantic import Discriminator, Tag, field_serializer, model_serializer +from typing import List, Optional, Union +from typing_extensions import Annotated, NotRequired, TypeAliasType, TypedDict class CreateOutputSystemByPackOutputWebhookWebhook1TypedDict(TypedDict): @@ -17990,7 +312,7 @@ class CreateOutputSystemByPackOutputWebhookWebhook1TypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputSystemByPackOutputWebhookPqControls1TypedDict] username: NotRequired[str] password: NotRequired[str] @@ -18253,7 +575,7 @@ class CreateOutputSystemByPackOutputWebhookWebhook1(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackOutputWebhookPqControls1], @@ -18634,40 +956,41 @@ def serialize_model(self, handler): CreateOutputSystemByPackOutputNetflowTypedDict, CreateOutputSystemByPackOutputDiskSpoolTypedDict, CreateOutputSystemByPackOutputRingTypedDict, + CreateOutputSystemByPackOutputStatsdTypedDict, CreateOutputSystemByPackOutputGraphiteTypedDict, CreateOutputSystemByPackOutputStatsdExtTypedDict, - CreateOutputSystemByPackOutputStatsdTypedDict, CreateOutputSystemByPackOutputGooglePubsubTypedDict, - CreateOutputSystemByPackOutputCriblTCPTypedDict, - CreateOutputSystemByPackOutputHoneycombTypedDict, + CreateOutputSystemByPackOutputGoogleCloudObservabilityTypedDict, CreateOutputSystemByPackOutputWavefrontTypedDict, CreateOutputSystemByPackOutputSignalfxTypedDict, + CreateOutputSystemByPackOutputHoneycombTypedDict, + CreateOutputSystemByPackOutputCriblTCPTypedDict, CreateOutputSystemByPackOutputAzureEventhubTypedDict, CreateOutputSystemByPackOutputMicrosoftFabricTypedDict, + CreateOutputSystemByPackOutputExabeamTypedDict, CreateOutputSystemByPackOutputSumoLogicTypedDict, CreateOutputSystemByPackOutputCrowdstrikeNextGenSiemTypedDict, CreateOutputSystemByPackOutputHumioHecTypedDict, CreateOutputSystemByPackOutputTcpjsonTypedDict, CreateOutputSystemByPackOutputSplunkTypedDict, - CreateOutputSystemByPackOutputExabeamTypedDict, CreateOutputSystemByPackOutputSnsTypedDict, CreateOutputSystemByPackOutputElasticCloudTypedDict, - CreateOutputSystemByPackOutputKafkaTypedDict, CreateOutputSystemByPackOutputAzureLogsTypedDict, - CreateOutputSystemByPackOutputConfluentCloudTypedDict, + CreateOutputSystemByPackOutputKafkaTypedDict, + CreateOutputSystemByPackOutputSyslogTypedDict, CreateOutputSystemByPackOutputSplunkLbTypedDict, CreateOutputSystemByPackOutputCloudwatchTypedDict, - CreateOutputSystemByPackOutputSyslogTypedDict, - CreateOutputSystemByPackOutputPrometheusTypedDict, + CreateOutputSystemByPackOutputConfluentCloudTypedDict, CreateOutputSystemByPackOutputNewrelicEventsTypedDict, + CreateOutputSystemByPackOutputPrometheusTypedDict, CreateOutputSystemByPackOutputNewrelicTypedDict, CreateOutputSystemByPackOutputLokiTypedDict, - CreateOutputSystemByPackOutputCriblHTTPTypedDict, + CreateOutputSystemByPackOutputCriblSearchEngineTypedDict, CreateOutputSystemByPackOutputDatasetTypedDict, CreateOutputSystemByPackOutputWizHecTypedDict, - CreateOutputSystemByPackOutputCriblSearchEngineTypedDict, - CreateOutputSystemByPackOutputXsiamTypedDict, + CreateOutputSystemByPackOutputCriblHTTPTypedDict, CreateOutputSystemByPackOutputKinesisTypedDict, + CreateOutputSystemByPackOutputXsiamTypedDict, CreateOutputSystemByPackOutputDynatraceHTTPTypedDict, CreateOutputSystemByPackOutputSplunkHecTypedDict, CreateOutputSystemByPackOutputDynatraceOtlpTypedDict, @@ -18679,19 +1002,19 @@ def serialize_model(self, handler): CreateOutputSystemByPackOutputSentinelOneAiSiemTypedDict, CreateOutputSystemByPackOutputElasticTypedDict, CreateOutputSystemByPackOutputGoogleChronicleTypedDict, - CreateOutputSystemByPackOutputClickHouseTypedDict, CreateOutputSystemByPackOutputChronicleTypedDict, + CreateOutputSystemByPackOutputClickHouseTypedDict, CreateOutputSystemByPackOutputLocalSearchStorageTypedDict, CreateOutputSystemByPackOutputDatabricksTypedDict, CreateOutputSystemByPackOutputAlphasocS3TypedDict, - CreateOutputSystemByPackOutputMskTypedDict, CreateOutputSystemByPackOutputCriblLakeTypedDict, + CreateOutputSystemByPackOutputMskTypedDict, CreateOutputSystemByPackOutputStorjS3TypedDict, CreateOutputSystemByPackOutputOpenTelemetryTypedDict, + CreateOutputSystemByPackOutputNutanixObjectsTypedDict, + CreateOutputSystemByPackOutputSentinelTypedDict, CreateOutputSystemByPackOutputAlibabaCloudS3TypedDict, CreateOutputSystemByPackOutputScalityS3TypedDict, - CreateOutputSystemByPackOutputSentinelTypedDict, - CreateOutputSystemByPackOutputNutanixObjectsTypedDict, CreateOutputSystemByPackOutputDellS3TypedDict, CreateOutputSystemByPackOutputCloudflareR2TypedDict, CreateOutputSystemByPackOutputGoogleCloudStorageTypedDict, @@ -18745,6 +1068,10 @@ def serialize_model(self, handler): CreateOutputSystemByPackOutputGoogleCloudLogging, Tag("google_cloud_logging"), ], + Annotated[ + CreateOutputSystemByPackOutputGoogleCloudObservability, + Tag("google_cloud_observability"), + ], Annotated[CreateOutputSystemByPackOutputGooglePubsub, Tag("google_pubsub")], Annotated[CreateOutputSystemByPackOutputExabeam, Tag("exabeam")], Annotated[CreateOutputSystemByPackOutputKafka, Tag("kafka")], @@ -18842,178 +1169,6 @@ class CreateOutputSystemByPackRequest(BaseModel): r"""Output object.""" -try: - CreateOutputSystemByPackOutputStatsd.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputMinio.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputCloudwatch.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputInfluxdb.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputNewrelicEvents.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputNewrelic.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputElasticCloud.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackURLElastic.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputElastic.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputMsk.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputConfluentCloud.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputKafka.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputExabeam.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputGooglePubsub.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputGoogleCloudLogging.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputGoogleCloudStorage.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackExtraLogType.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputGoogleChronicle.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputAzureEventhub.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputHoneycomb.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputKinesis.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputAzureLogs.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackCertificate.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputAzureDataExplorer.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputAzureBlob.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputS3.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputFilesystem.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputSignalfx.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputWavefront.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputTcpjson.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputWizHec.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackURLSplunkHec.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputSplunkHec.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackAuthToken.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackIndexerDiscoveryConfigs.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputSplunkLb.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputSplunk.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputSyslog.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputDevnull.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputSentinel.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputWebhookURL2.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputWebhookWebhook2.model_rebuild() -except NameError: - pass -try: - CreateOutputSystemByPackOutputWebhookURL1.model_rebuild() -except NameError: - pass try: CreateOutputSystemByPackOutputWebhookWebhook1.model_rebuild() except NameError: diff --git a/src/cribl_control_plane/models/createoutputsystembypack_type_statsd.py b/src/cribl_control_plane/models/createoutputsystembypack_type_statsd.py index 0b3595c86..d305cfc43 100644 --- a/src/cribl_control_plane/models/createoutputsystembypack_type_statsd.py +++ b/src/cribl_control_plane/models/createoutputsystembypack_type_statsd.py @@ -48,6 +48,10 @@ ) from .failedrequestloggingmodeoptions import FailedRequestLoggingModeOptions from .hostconfoutputsyslog import HostConfOutputSyslog, HostConfOutputSyslogTypedDict +from .httpdiscoveryheaderconfinputprometheus import ( + HTTPDiscoveryHeaderConfInputPrometheus, + HTTPDiscoveryHeaderConfInputPrometheusTypedDict, +) from .keyvaluemetadataconfoutputfilesystem import ( KeyValueMetadataConfOutputFilesystem, KeyValueMetadataConfOutputFilesystemTypedDict, @@ -78,10 +82,6 @@ from .queuefullbehavioroptions import QueueFullBehaviorOptions from .recorddataformatoptions import RecordDataFormatOptions from .requestformatoptions import RequestFormatOptions -from .requestparamconfinputopenai import ( - RequestParamConfInputOpenai, - RequestParamConfInputOpenaiTypedDict, -) from .responseretrysettingconfoutputwebhook import ( ResponseRetrySettingConfOutputWebhook, ResponseRetrySettingConfOutputWebhookTypedDict, @@ -5256,7 +5256,7 @@ class CreateOutputSystemByPackOutputMicrosoftFabricTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputSystemByPackPqControlsMicrosoftFabricTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -5412,7 +5412,7 @@ class CreateOutputSystemByPackOutputMicrosoftFabric(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsMicrosoftFabric], @@ -6229,7 +6229,7 @@ class CreateOutputSystemByPackOutputChronicleTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputSystemByPackPqControlsChronicleTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -6451,7 +6451,7 @@ class CreateOutputSystemByPackOutputChronicle(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsChronicle], @@ -6775,7 +6775,7 @@ class CreateOutputSystemByPackOutputSentinelOneAiSiemTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[ CreateOutputSystemByPackPqControlsSentinelOneAiSiemTypedDict ] @@ -7008,7 +7008,7 @@ class CreateOutputSystemByPackOutputSentinelOneAiSiem(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsSentinelOneAiSiem], @@ -7301,7 +7301,7 @@ class CreateOutputSystemByPackOutputDynatraceOtlpTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputSystemByPackPqControlsDynatraceOtlpTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -7516,7 +7516,7 @@ class CreateOutputSystemByPackOutputDynatraceOtlp(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsDynatraceOtlp], @@ -7717,7 +7717,9 @@ class CreateOutputSystemByPackFormatDynatraceHTTP( PLAINTEXT = "plaintext" -class CreateOutputSystemByPackEndpoint(str, Enum, metaclass=utils.OpenEnumMeta): +class CreateOutputSystemByPackEndpointDynatraceHTTP( + str, Enum, metaclass=utils.OpenEnumMeta +): # Cloud CLOUD = "cloud" # ActiveGate @@ -7747,7 +7749,7 @@ class CreateOutputSystemByPackOutputDynatraceHTTPTypedDict(TypedDict): type: CreateOutputSystemByPackTypeDynatraceHTTP format_: CreateOutputSystemByPackFormatDynatraceHTTP r"""How to format events before sending. Defaults to JSON. Plaintext is not currently supported.""" - endpoint: CreateOutputSystemByPackEndpoint + endpoint: CreateOutputSystemByPackEndpointDynatraceHTTP telemetry_type: CreateOutputSystemByPackTelemetryType pipeline: NotRequired[str] r"""Pipeline to process data before sending out to this output""" @@ -7820,7 +7822,7 @@ class CreateOutputSystemByPackOutputDynatraceHTTPTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputSystemByPackPqControlsDynatraceHTTPTypedDict] token: NotRequired[str] r"""Bearer token to include in the authorization header""" @@ -7853,7 +7855,7 @@ class CreateOutputSystemByPackOutputDynatraceHTTP(BaseModel): ] r"""How to format events before sending. Defaults to JSON. Plaintext is not currently supported.""" - endpoint: CreateOutputSystemByPackEndpoint + endpoint: CreateOutputSystemByPackEndpointDynatraceHTTP telemetry_type: Annotated[ CreateOutputSystemByPackTelemetryType, pydantic.Field(alias="telemetryType") @@ -8012,7 +8014,7 @@ class CreateOutputSystemByPackOutputDynatraceHTTP(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsDynatraceHTTP], @@ -8109,7 +8111,7 @@ def serialize_format_(self, value): def serialize_endpoint(self, value): if isinstance(value, str): try: - return models.CreateOutputSystemByPackEndpoint(value) + return models.CreateOutputSystemByPackEndpointDynatraceHTTP(value) except ValueError: return value return value @@ -8499,7 +8501,7 @@ class CreateOutputSystemByPackOutputXsiamTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputSystemByPackPqControlsXsiamTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -8699,7 +8701,7 @@ class CreateOutputSystemByPackOutputXsiam(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsXsiam], @@ -8881,6 +8883,8 @@ class CreateOutputSystemByPackStatsDestinationTypedDict(TypedDict): username: NotRequired[str] sql_username: NotRequired[str] password: NotRequired[str] + wait_for_async_inserts: NotRequired[bool] + concurrency: NotRequired[float] class CreateOutputSystemByPackStatsDestination(BaseModel): @@ -8898,6 +8902,12 @@ class CreateOutputSystemByPackStatsDestination(BaseModel): password: Optional[str] = None + wait_for_async_inserts: Annotated[ + Optional[bool], pydantic.Field(alias="waitForAsyncInserts") + ] = None + + concurrency: Optional[float] = None + @model_serializer(mode="wrap") def serialize_model(self, handler): optional_fields = set( @@ -8909,6 +8919,8 @@ def serialize_model(self, handler): "username", "sqlUsername", "password", + "waitForAsyncInserts", + "concurrency", ] ) serialized = handler(self) @@ -9028,6 +9040,8 @@ class CreateOutputSystemByPackOutputLocalSearchStorageTypedDict(TypedDict): timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] response_honor_retry_after_header: NotRequired[bool] r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + workload: NotRequired[str] + r"""Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification.""" dump_format_errors_to_disk: NotRequired[bool] r"""Log the most recent event that fails to match the table schema""" on_backpressure: NotRequired[BackpressureBehaviorOptions] @@ -9070,7 +9084,7 @@ class CreateOutputSystemByPackOutputLocalSearchStorageTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[ CreateOutputSystemByPackPqControlsLocalSearchStorageTypedDict ] @@ -9208,6 +9222,9 @@ class CreateOutputSystemByPackOutputLocalSearchStorage(BaseModel): ] = None r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + workload: Optional[str] = None + r"""Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification.""" + dump_format_errors_to_disk: Annotated[ Optional[bool], pydantic.Field(alias="dumpFormatErrorsToDisk") ] = None @@ -9304,7 +9321,7 @@ class CreateOutputSystemByPackOutputLocalSearchStorage(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsLocalSearchStorage], @@ -9442,6 +9459,7 @@ def serialize_model(self, handler): "responseRetrySettings", "timeoutRetrySettings", "responseHonorRetryAfterHeader", + "workload", "dumpFormatErrorsToDisk", "onBackpressure", "statsDestination", @@ -9615,6 +9633,8 @@ class CreateOutputSystemByPackOutputClickHouseTypedDict(TypedDict): timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] response_honor_retry_after_header: NotRequired[bool] r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + workload: NotRequired[str] + r"""Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification.""" dump_format_errors_to_disk: NotRequired[bool] r"""Log the most recent event that fails to match the table schema""" on_backpressure: NotRequired[BackpressureBehaviorOptions] @@ -9656,7 +9676,7 @@ class CreateOutputSystemByPackOutputClickHouseTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputSystemByPackPqControlsClickHouseTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -9792,6 +9812,9 @@ class CreateOutputSystemByPackOutputClickHouse(BaseModel): ] = None r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + workload: Optional[str] = None + r"""Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification.""" + dump_format_errors_to_disk: Annotated[ Optional[bool], pydantic.Field(alias="dumpFormatErrorsToDisk") ] = None @@ -9883,7 +9906,7 @@ class CreateOutputSystemByPackOutputClickHouse(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsClickHouse], @@ -10019,6 +10042,7 @@ def serialize_model(self, handler): "responseRetrySettings", "timeoutRetrySettings", "responseHonorRetryAfterHeader", + "workload", "dumpFormatErrorsToDisk", "onBackpressure", "description", @@ -10195,6 +10219,7 @@ class CreateOutputSystemByPackFormatCriblLake(str, Enum, metaclass=utils.OpenEnu JSON = "json" PARQUET = "parquet" DDSS = "ddss" + NETSKOPE = "netskope" class CreateOutputSystemByPackOutputCriblLakeTypedDict(TypedDict): @@ -12269,7 +12294,7 @@ class CreateOutputSystemByPackOutputCrowdstrikeNextGenSiemTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[ CreateOutputSystemByPackPqControlsCrowdstrikeNextGenSiemTypedDict ] @@ -12445,7 +12470,7 @@ class CreateOutputSystemByPackOutputCrowdstrikeNextGenSiem(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsCrowdstrikeNextGenSiem], @@ -12684,7 +12709,7 @@ class CreateOutputSystemByPackOutputHumioHecTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputSystemByPackPqControlsHumioHecTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -12857,7 +12882,7 @@ class CreateOutputSystemByPackOutputHumioHec(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsHumioHec], @@ -13106,7 +13131,7 @@ class CreateOutputSystemByPackOutputCriblSearchEngineTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[ CreateOutputSystemByPackPqControlsCriblSearchEngineTypedDict ] @@ -13308,7 +13333,7 @@ class CreateOutputSystemByPackOutputCriblSearchEngine(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsCriblSearchEngine], @@ -13556,7 +13581,7 @@ class CreateOutputSystemByPackOutputCriblHTTPTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputSystemByPackPqControlsCriblHTTPTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -13756,7 +13781,7 @@ class CreateOutputSystemByPackOutputCriblHTTP(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsCriblHTTP], @@ -13985,7 +14010,7 @@ class CreateOutputSystemByPackOutputCriblTCPTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputSystemByPackPqControlsCriblTCPTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -14143,7 +14168,7 @@ class CreateOutputSystemByPackOutputCriblTCP(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsCriblTCP], @@ -14401,7 +14426,7 @@ class CreateOutputSystemByPackOutputDatasetTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputSystemByPackPqControlsDatasetTypedDict] api_key: NotRequired[str] r"""A 'Log Write Access' API key for the DataSet account""" @@ -14599,7 +14624,7 @@ class CreateOutputSystemByPackOutputDataset(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsDataset], @@ -14879,7 +14904,7 @@ class CreateOutputSystemByPackOutputServiceNowTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputSystemByPackPqControlsServiceNowTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -15091,7 +15116,7 @@ class CreateOutputSystemByPackOutputServiceNow(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsServiceNow], @@ -15264,7 +15289,9 @@ class CreateOutputSystemByPackTypeOpenTelemetry(str, Enum): OPEN_TELEMETRY = "open_telemetry" -class CreateOutputSystemByPackOTLPVersion(str, Enum, metaclass=utils.OpenEnumMeta): +class CreateOutputSystemByPackOTLPVersionOpenTelemetry( + str, Enum, metaclass=utils.OpenEnumMeta +): r"""The version of OTLP Protobuf definitions to use when structuring data to send""" # 0.10.0 @@ -15314,7 +15341,7 @@ class CreateOutputSystemByPackOutputOpenTelemetryTypedDict(TypedDict): r"""Tags for filtering and grouping in @{product}""" protocol: NotRequired[ProtocolOptions] r"""Select a transport option for OpenTelemetry""" - otlp_version: NotRequired[CreateOutputSystemByPackOTLPVersion] + otlp_version: NotRequired[CreateOutputSystemByPackOTLPVersionOpenTelemetry] r"""The version of OTLP Protobuf definitions to use when structuring data to send""" compress: NotRequired[CompressionOptionsDeflateGzip] r"""Type of compression to apply to messages sent to the OpenTelemetry endpoint""" @@ -15416,7 +15443,7 @@ class CreateOutputSystemByPackOutputOpenTelemetryTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputSystemByPackPqControlsOpenTelemetryTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -15455,7 +15482,7 @@ class CreateOutputSystemByPackOutputOpenTelemetry(BaseModel): r"""Select a transport option for OpenTelemetry""" otlp_version: Annotated[ - Optional[CreateOutputSystemByPackOTLPVersion], + Optional[CreateOutputSystemByPackOTLPVersionOpenTelemetry], pydantic.Field(alias="otlpVersion"), ] = None r"""The version of OTLP Protobuf definitions to use when structuring data to send""" @@ -15686,7 +15713,7 @@ class CreateOutputSystemByPackOutputOpenTelemetry(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsOpenTelemetry], @@ -15726,7 +15753,7 @@ def serialize_protocol(self, value): def serialize_otlp_version(self, value): if isinstance(value, str): try: - return models.CreateOutputSystemByPackOTLPVersion(value) + return models.CreateOutputSystemByPackOTLPVersionOpenTelemetry(value) except ValueError: return value return value @@ -16140,7 +16167,7 @@ class CreateOutputSystemByPackOutputPrometheusTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputSystemByPackPqControlsPrometheusTypedDict] username: NotRequired[str] password: NotRequired[str] @@ -16329,7 +16356,7 @@ class CreateOutputSystemByPackOutputPrometheus(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsPrometheus], @@ -16520,7 +16547,7 @@ class CreateOutputSystemByPackOutputLokiTypedDict(TypedDict): r"""Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event.""" message_format: NotRequired[MessageFormatOptions] r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: NotRequired[List[RequestParamConfInputOpenaiTypedDict]] + labels: NotRequired[List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict]] r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" auth_type: NotRequired[ AuthenticationTypeOptionsPrometheusAuthBasicCredentialsSecret @@ -16595,7 +16622,7 @@ class CreateOutputSystemByPackOutputLokiTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputSystemByPackPqControlsLokiTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -16636,7 +16663,7 @@ class CreateOutputSystemByPackOutputLoki(BaseModel): ] = None r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: Optional[List[RequestParamConfInputOpenai]] = None + labels: Optional[List[HTTPDiscoveryHeaderConfInputPrometheus]] = None r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" auth_type: Annotated[ @@ -16794,7 +16821,7 @@ class CreateOutputSystemByPackOutputLoki(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsLoki], @@ -16979,7 +17006,7 @@ class CreateOutputSystemByPackOutputGrafanaCloudGrafanaCloud2TypedDict(TypedDict r"""Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event.""" message_format: NotRequired[MessageFormatOptions] r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: NotRequired[List[RequestParamConfInputOpenaiTypedDict]] + labels: NotRequired[List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict]] r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" metric_rename_expr: NotRequired[str] r"""JavaScript expression that can be used to rename metrics. For example, name.replace(/\./g, '_') will replace all '.' characters in a metric's name with the supported '_' character. Use the 'name' global variable to access the metric's name. You can access event fields' values via __e..""" @@ -17041,7 +17068,7 @@ class CreateOutputSystemByPackOutputGrafanaCloudGrafanaCloud2TypedDict(TypedDict pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[ CreateOutputSystemByPackOutputGrafanaCloudPqControls2TypedDict ] @@ -17091,7 +17118,7 @@ class CreateOutputSystemByPackOutputGrafanaCloudGrafanaCloud2(BaseModel): ] = None r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: Optional[List[RequestParamConfInputOpenai]] = None + labels: Optional[List[HTTPDiscoveryHeaderConfInputPrometheus]] = None r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" metric_rename_expr: Annotated[ @@ -17230,7 +17257,7 @@ class CreateOutputSystemByPackOutputGrafanaCloudGrafanaCloud2(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackOutputGrafanaCloudPqControls2], @@ -17412,7 +17439,7 @@ class CreateOutputSystemByPackOutputGrafanaCloudGrafanaCloud1TypedDict(TypedDict r"""Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event.""" message_format: NotRequired[MessageFormatOptions] r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: NotRequired[List[RequestParamConfInputOpenaiTypedDict]] + labels: NotRequired[List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict]] r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" metric_rename_expr: NotRequired[str] r"""JavaScript expression that can be used to rename metrics. For example, name.replace(/\./g, '_') will replace all '.' characters in a metric's name with the supported '_' character. Use the 'name' global variable to access the metric's name. You can access event fields' values via __e..""" @@ -17474,7 +17501,7 @@ class CreateOutputSystemByPackOutputGrafanaCloudGrafanaCloud1TypedDict(TypedDict pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[ CreateOutputSystemByPackOutputGrafanaCloudPqControls1TypedDict ] @@ -17526,7 +17553,7 @@ class CreateOutputSystemByPackOutputGrafanaCloudGrafanaCloud1(BaseModel): ] = None r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: Optional[List[RequestParamConfInputOpenai]] = None + labels: Optional[List[HTTPDiscoveryHeaderConfInputPrometheus]] = None r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" metric_rename_expr: Annotated[ @@ -17665,7 +17692,7 @@ class CreateOutputSystemByPackOutputGrafanaCloudGrafanaCloud1(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackOutputGrafanaCloudPqControls1], @@ -17989,7 +18016,7 @@ class CreateOutputSystemByPackOutputDatadogTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputSystemByPackPqControlsDatadogTypedDict] api_key: NotRequired[str] r"""Organization's API key in Datadog""" @@ -18200,7 +18227,7 @@ class CreateOutputSystemByPackOutputDatadog(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsDatadog], @@ -18487,7 +18514,7 @@ class CreateOutputSystemByPackOutputSumoLogicTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputSystemByPackPqControlsSumoLogicTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -18664,7 +18691,7 @@ class CreateOutputSystemByPackOutputSumoLogic(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsSumoLogic], @@ -19034,7 +19061,7 @@ class CreateOutputSystemByPackOutputSqsTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputSystemByPackPqControlsSqsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -19228,7 +19255,7 @@ class CreateOutputSystemByPackOutputSqs(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsSqs], @@ -19494,7 +19521,7 @@ class CreateOutputSystemByPackOutputSnsTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputSystemByPackPqControlsSnsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -19652,7 +19679,7 @@ class CreateOutputSystemByPackOutputSns(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsSns], @@ -20001,7 +20028,7 @@ class CreateOutputSystemByPackOutputGraphiteTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputSystemByPackPqControlsGraphiteTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -20120,7 +20147,7 @@ class CreateOutputSystemByPackOutputGraphite(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsGraphite], @@ -20294,7 +20321,7 @@ class CreateOutputSystemByPackOutputStatsdExtTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[CreateOutputSystemByPackPqControlsStatsdExtTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -20413,7 +20440,7 @@ class CreateOutputSystemByPackOutputStatsdExt(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[CreateOutputSystemByPackPqControlsStatsdExt], diff --git a/src/cribl_control_plane/models/cribllakedataset.py b/src/cribl_control_plane/models/cribllakedataset.py index a68255b42..beb2ce4dc 100644 --- a/src/cribl_control_plane/models/cribllakedataset.py +++ b/src/cribl_control_plane/models/cribllakedataset.py @@ -32,7 +32,7 @@ class CriblLakeDatasetTypedDict(TypedDict): format_: NotRequired[FormatOptionsCriblLakeDataset] r"""Storage format used for data persisted in the Dataset.""" http_da_used: NotRequired[bool] - r"""If true, the Dataset is used by Direct Access HTTP.""" + r"""If true, the Dataset is used by Direct Access HTTP. Otherwise, false.""" metrics: NotRequired[LakeDatasetMetricsTypedDict] retention_period_in_days: NotRequired[int] r"""Dataset retention period, in days.""" @@ -40,7 +40,7 @@ class CriblLakeDatasetTypedDict(TypedDict): storage_class: NotRequired[StorageClassOptionsCriblLakeDataset] r"""Storage class used for objects written to the Dataset.""" storage_location_id: NotRequired[str] - r"""Identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName.""" + r"""Unique identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName.""" view_name: NotRequired[str] r"""Name of the ClickHouse view for the Dataset on the Lakehouse.""" @@ -75,7 +75,7 @@ class CriblLakeDataset(BaseModel): r"""Storage format used for data persisted in the Dataset.""" http_da_used: Annotated[Optional[bool], pydantic.Field(alias="httpDAUsed")] = None - r"""If true, the Dataset is used by Direct Access HTTP.""" + r"""If true, the Dataset is used by Direct Access HTTP. Otherwise, false.""" metrics: Optional[LakeDatasetMetrics] = None @@ -97,7 +97,7 @@ class CriblLakeDataset(BaseModel): storage_location_id: Annotated[ Optional[str], pydantic.Field(alias="storageLocationId") ] = None - r"""Identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName.""" + r"""Unique identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName.""" view_name: Annotated[Optional[str], pydantic.Field(alias="viewName")] = None r"""Name of the ClickHouse view for the Dataset on the Lakehouse.""" diff --git a/src/cribl_control_plane/models/cribllakedatasetupdate.py b/src/cribl_control_plane/models/cribllakedatasetupdate.py index f766329ae..8e59cee86 100644 --- a/src/cribl_control_plane/models/cribllakedatasetupdate.py +++ b/src/cribl_control_plane/models/cribllakedatasetupdate.py @@ -30,9 +30,9 @@ class CriblLakeDatasetUpdateTypedDict(TypedDict): format_: NotRequired[FormatOptionsCriblLakeDataset] r"""Storage format used for data persisted in the Dataset.""" http_da_used: NotRequired[bool] - r"""If true, the Dataset is used by Direct Access HTTP.""" + r"""If true, the Dataset is used by Direct Access HTTP. Otherwise, false.""" id: NotRequired[str] - r"""Dataset identifier. Optional; the path parameter id is authoritative.""" + r"""Unique identifier for the Dataset. Optional; the path parameter id is authoritative.""" metrics: NotRequired[LakeDatasetMetricsTypedDict] retention_period_in_days: NotRequired[int] r"""Dataset retention period, in days.""" @@ -40,7 +40,7 @@ class CriblLakeDatasetUpdateTypedDict(TypedDict): storage_class: NotRequired[StorageClassOptionsCriblLakeDataset] r"""Storage class used for objects written to the Dataset.""" storage_location_id: NotRequired[str] - r"""Identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName.""" + r"""Unique identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName.""" view_name: NotRequired[str] r"""Name of the ClickHouse view for the Dataset on the Lakehouse.""" @@ -72,10 +72,10 @@ class CriblLakeDatasetUpdate(BaseModel): r"""Storage format used for data persisted in the Dataset.""" http_da_used: Annotated[Optional[bool], pydantic.Field(alias="httpDAUsed")] = None - r"""If true, the Dataset is used by Direct Access HTTP.""" + r"""If true, the Dataset is used by Direct Access HTTP. Otherwise, false.""" id: Optional[str] = None - r"""Dataset identifier. Optional; the path parameter id is authoritative.""" + r"""Unique identifier for the Dataset. Optional; the path parameter id is authoritative.""" metrics: Optional[LakeDatasetMetrics] = None @@ -97,7 +97,7 @@ class CriblLakeDatasetUpdate(BaseModel): storage_location_id: Annotated[ Optional[str], pydantic.Field(alias="storageLocationId") ] = None - r"""Identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName.""" + r"""Unique identifier for the Storage Location that backs the Dataset. Mutually exclusive with bucketName.""" view_name: Annotated[Optional[str], pydantic.Field(alias="viewName")] = None r"""Name of the ClickHouse view for the Dataset on the Lakehouse.""" diff --git a/src/cribl_control_plane/models/datasetmetadata.py b/src/cribl_control_plane/models/datasetmetadata.py index cba351fd4..a82cab6a6 100644 --- a/src/cribl_control_plane/models/datasetmetadata.py +++ b/src/cribl_control_plane/models/datasetmetadata.py @@ -25,7 +25,7 @@ class DatasetMetadataTypedDict(TypedDict): earliest: str r"""Rolling time window that defines how far back acceleration scans.""" enable_acceleration: bool - r"""If true, the system automatically backfills and refreshes Dataset metadata.""" + r"""If true, the system automatically backfills and refreshes Dataset metadata. Otherwise, false.""" field_list: List[str] r"""Fields for which acceleration gathers statistics. Required when scan mode is detailed.""" scan_mode: ScanMode @@ -38,7 +38,7 @@ class DatasetMetadata(BaseModel): r"""Rolling time window that defines how far back acceleration scans.""" enable_acceleration: Annotated[bool, pydantic.Field(alias="enableAcceleration")] - r"""If true, the system automatically backfills and refreshes Dataset metadata.""" + r"""If true, the system automatically backfills and refreshes Dataset metadata. Otherwise, false.""" field_list: Annotated[List[str], pydantic.Field(alias="fieldList")] r"""Fields for which acceleration gathers statistics. Required when scan mode is detailed.""" diff --git a/src/cribl_control_plane/models/destinationtype.py b/src/cribl_control_plane/models/destinationtype.py index 622950d80..be073fe56 100644 --- a/src/cribl_control_plane/models/destinationtype.py +++ b/src/cribl_control_plane/models/destinationtype.py @@ -50,6 +50,7 @@ class DestinationType(str, Enum, metaclass=utils.OpenEnumMeta): GOOGLE_PUBSUB = "google_pubsub" GOOGLE_CHRONICLE = "google_chronicle" CHRONICLE = "chronicle" + GOOGLE_CLOUD_OBSERVABILITY = "google_cloud_observability" GRAFANA_CLOUD = "grafana_cloud" LOKI = "loki" OPEN_TELEMETRY = "open_telemetry" diff --git a/src/cribl_control_plane/models/formatoptionscribllakedataset.py b/src/cribl_control_plane/models/formatoptionscribllakedataset.py index c2a360ecf..d082b6968 100644 --- a/src/cribl_control_plane/models/formatoptionscribllakedataset.py +++ b/src/cribl_control_plane/models/formatoptionscribllakedataset.py @@ -10,4 +10,5 @@ class FormatOptionsCriblLakeDataset(str, Enum, metaclass=utils.OpenEnumMeta): DDSS = "ddss" JSON = "json" + NETSKOPE = "netskope" PARQUET = "parquet" diff --git a/src/cribl_control_plane/models/getcribllakedatasetbylakeidandidop.py b/src/cribl_control_plane/models/getcribllakedatasetbylakeidandidop.py index 76cf2b653..9c14b9986 100644 --- a/src/cribl_control_plane/models/getcribllakedatasetbylakeidandidop.py +++ b/src/cribl_control_plane/models/getcribllakedatasetbylakeidandidop.py @@ -1,10 +1,16 @@ """Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" from __future__ import annotations -from cribl_control_plane.types import BaseModel -from cribl_control_plane.utils import FieldMetadata, PathParamMetadata +from cribl_control_plane.types import BaseModel, UNSET_SENTINEL +from cribl_control_plane.utils import ( + FieldMetadata, + PathParamMetadata, + QueryParamMetadata, +) import pydantic -from typing_extensions import Annotated, TypedDict +from pydantic import model_serializer +from typing import Optional +from typing_extensions import Annotated, NotRequired, TypedDict class GetCriblLakeDatasetByLakeIDAndIDRequestTypedDict(TypedDict): @@ -12,6 +18,8 @@ class GetCriblLakeDatasetByLakeIDAndIDRequestTypedDict(TypedDict): r"""The id of the Lake that contains the Lake Dataset to get.""" id: str r"""The id of the Lake Dataset to get.""" + include_metrics: NotRequired[bool] + r"""Set to true to include storage metrics for each Lake Dataset. Otherwise, false (default). Requires a Cribl Lake metrics license.""" class GetCriblLakeDatasetByLakeIDAndIDRequest(BaseModel): @@ -26,3 +34,26 @@ class GetCriblLakeDatasetByLakeIDAndIDRequest(BaseModel): str, FieldMetadata(path=PathParamMetadata(style="simple", explode=False)) ] r"""The id of the Lake Dataset to get.""" + + include_metrics: Annotated[ + Optional[bool], + pydantic.Field(alias="includeMetrics"), + FieldMetadata(query=QueryParamMetadata(style="form", explode=True)), + ] = None + r"""Set to true to include storage metrics for each Lake Dataset. Otherwise, false (default). Requires a Cribl Lake metrics license.""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["includeMetrics"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m diff --git a/src/cribl_control_plane/models/getcribllakedatasetbylakeidop.py b/src/cribl_control_plane/models/getcribllakedatasetbylakeidop.py index f54eaf866..0f5ace3af 100644 --- a/src/cribl_control_plane/models/getcribllakedatasetbylakeidop.py +++ b/src/cribl_control_plane/models/getcribllakedatasetbylakeidop.py @@ -1,33 +1,45 @@ """Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" from __future__ import annotations +from cribl_control_plane import models, utils from cribl_control_plane.types import BaseModel, UNSET_SENTINEL from cribl_control_plane.utils import ( FieldMetadata, PathParamMetadata, QueryParamMetadata, ) +from enum import Enum import pydantic -from pydantic import model_serializer +from pydantic import field_serializer, model_serializer from typing import Optional from typing_extensions import Annotated, NotRequired, TypedDict +class GetCriblLakeDatasetByLakeIDFormat(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Filter datasets by format. Set to ddss to return only DDSS datasets.""" + + DDSS = "ddss" + + class GetCriblLakeDatasetByLakeIDRequestTypedDict(TypedDict): lake_id: str r"""The id of the Lake that contains the Lake Datasets to list.""" storage_location_id: NotRequired[str] r"""Filter datasets by storage location ID. Use default for default storage location.""" - format_: NotRequired[str] + format_: NotRequired[GetCriblLakeDatasetByLakeIDFormat] r"""Filter datasets by format. Set to ddss to return only DDSS datasets.""" exclude_ddss: NotRequired[bool] r"""Exclude DDSS format datasets from the response.""" + exclude_netskope: NotRequired[bool] + r"""Exclude Netskope format datasets from the response.""" exclude_deleted: NotRequired[bool] r"""Exclude deleted datasets from the response.""" exclude_internal: NotRequired[bool] r"""Exclude internal datasets (those with IDs starting with cribl_) from the response.""" exclude_byos: NotRequired[bool] r"""Exclude BYOS (Bring Your Own Storage) datasets from the response.""" + include_metrics: NotRequired[bool] + r"""Set to true to include storage metrics for each Lake Dataset. Otherwise, false (default). Requires a Cribl Lake metrics license.""" class GetCriblLakeDatasetByLakeIDRequest(BaseModel): @@ -46,7 +58,7 @@ class GetCriblLakeDatasetByLakeIDRequest(BaseModel): r"""Filter datasets by storage location ID. Use default for default storage location.""" format_: Annotated[ - Optional[str], + Optional[GetCriblLakeDatasetByLakeIDFormat], pydantic.Field(alias="format"), FieldMetadata(query=QueryParamMetadata(style="form", explode=True)), ] = None @@ -59,6 +71,13 @@ class GetCriblLakeDatasetByLakeIDRequest(BaseModel): ] = None r"""Exclude DDSS format datasets from the response.""" + exclude_netskope: Annotated[ + Optional[bool], + pydantic.Field(alias="excludeNetskope"), + FieldMetadata(query=QueryParamMetadata(style="form", explode=True)), + ] = None + r"""Exclude Netskope format datasets from the response.""" + exclude_deleted: Annotated[ Optional[bool], pydantic.Field(alias="excludeDeleted"), @@ -80,6 +99,22 @@ class GetCriblLakeDatasetByLakeIDRequest(BaseModel): ] = None r"""Exclude BYOS (Bring Your Own Storage) datasets from the response.""" + include_metrics: Annotated[ + Optional[bool], + pydantic.Field(alias="includeMetrics"), + FieldMetadata(query=QueryParamMetadata(style="form", explode=True)), + ] = None + r"""Set to true to include storage metrics for each Lake Dataset. Otherwise, false (default). Requires a Cribl Lake metrics license.""" + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.GetCriblLakeDatasetByLakeIDFormat(value) + except ValueError: + return value + return value + @model_serializer(mode="wrap") def serialize_model(self, handler): optional_fields = set( @@ -87,9 +122,11 @@ def serialize_model(self, handler): "storageLocationId", "format", "excludeDDSS", + "excludeNetskope", "excludeDeleted", "excludeInternal", "excludeBYOS", + "includeMetrics", ] ) serialized = handler(self) diff --git a/src/cribl_control_plane/models/getdatabaseconnectionconfigop.py b/src/cribl_control_plane/models/getdatabaseconnectionconfigop.py new file mode 100644 index 000000000..bc3290f25 --- /dev/null +++ b/src/cribl_control_plane/models/getdatabaseconnectionconfigop.py @@ -0,0 +1,50 @@ +"""Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" + +from __future__ import annotations +from .databaseconnectiontype import DatabaseConnectionType +from cribl_control_plane import models +from cribl_control_plane.types import BaseModel, UNSET_SENTINEL +from cribl_control_plane.utils import FieldMetadata, QueryParamMetadata +import pydantic +from pydantic import field_serializer, model_serializer +from typing import Optional +from typing_extensions import Annotated, NotRequired, TypedDict + + +class GetDatabaseConnectionConfigRequestTypedDict(TypedDict): + database_type: NotRequired[DatabaseConnectionType] + r"""Type of Database Connections to include in the results.""" + + +class GetDatabaseConnectionConfigRequest(BaseModel): + database_type: Annotated[ + Optional[DatabaseConnectionType], + pydantic.Field(alias="databaseType"), + FieldMetadata(query=QueryParamMetadata(style="form", explode=True)), + ] = None + r"""Type of Database Connections to include in the results.""" + + @field_serializer("database_type") + def serialize_database_type(self, value): + if isinstance(value, str): + try: + return models.DatabaseConnectionType(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["databaseType"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m diff --git a/src/cribl_control_plane/models/getsavedjobop.py b/src/cribl_control_plane/models/getsavedjobop.py index 0caa10182..52fd8f316 100644 --- a/src/cribl_control_plane/models/getsavedjobop.py +++ b/src/cribl_control_plane/models/getsavedjobop.py @@ -1,27 +1,38 @@ """Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" from __future__ import annotations +from .collectortype import CollectorType +from cribl_control_plane import models from cribl_control_plane.types import BaseModel, UNSET_SENTINEL from cribl_control_plane.utils import FieldMetadata, QueryParamMetadata import pydantic -from pydantic import model_serializer +from pydantic import field_serializer, model_serializer from typing import Optional from typing_extensions import Annotated, NotRequired, TypedDict class GetSavedJobRequestTypedDict(TypedDict): - collector_type: NotRequired[str] + collector_type: NotRequired[CollectorType] r"""Filter by collector type""" class GetSavedJobRequest(BaseModel): collector_type: Annotated[ - Optional[str], + Optional[CollectorType], pydantic.Field(alias="collectorType"), FieldMetadata(query=QueryParamMetadata(style="form", explode=True)), ] = None r"""Filter by collector type""" + @field_serializer("collector_type") + def serialize_collector_type(self, value): + if isinstance(value, str): + try: + return models.CollectorType(value) + except ValueError: + return value + return value + @model_serializer(mode="wrap") def serialize_model(self, handler): optional_fields = set(["collectorType"]) diff --git a/src/cribl_control_plane/models/groupcreaterequest.py b/src/cribl_control_plane/models/groupcreaterequest.py index 04f21f1d5..f3842f4a3 100644 --- a/src/cribl_control_plane/models/groupcreaterequest.py +++ b/src/cribl_control_plane/models/groupcreaterequest.py @@ -14,6 +14,7 @@ class GroupCreateRequestTypedDict(TypedDict): id: str + r"""Unique identifier.""" cloud: NotRequired[ConfigGroupCloudTypedDict] description: NotRequired[str] r"""Brief description of the Worker Group, Outpost Group, or Edge Fleet.""" @@ -49,6 +50,7 @@ class GroupCreateRequestTypedDict(TypedDict): class GroupCreateRequest(BaseModel): id: str + r"""Unique identifier.""" cloud: Optional[ConfigGroupCloud] = None diff --git a/src/cribl_control_plane/models/hbcriblinfo.py b/src/cribl_control_plane/models/hbcriblinfo.py index 3a2882e5b..78d07e612 100644 --- a/src/cribl_control_plane/models/hbcriblinfo.py +++ b/src/cribl_control_plane/models/hbcriblinfo.py @@ -114,6 +114,7 @@ class HBCriblInfoTypedDict(TypedDict): r"""Objects that map Lookup files to deployment versions.""" master: NotRequired[HBLeaderInfoTypedDict] r"""Connection parameters for the Leader Node, as reported in a Worker heartbeat.""" + overlay_id: NotRequired[str] pid: NotRequired[int] r"""The process ID.""" socks_enabled: NotRequired[bool] @@ -162,6 +163,8 @@ class HBCriblInfo(BaseModel): master: Optional[HBLeaderInfo] = None r"""Connection parameters for the Leader Node, as reported in a Worker heartbeat.""" + overlay_id: Annotated[Optional[str], pydantic.Field(alias="overlayId")] = None + pid: Optional[int] = None r"""The process ID.""" @@ -195,6 +198,7 @@ def serialize_model(self, handler): "installType", "lookupVersions", "master", + "overlayId", "pid", "socksEnabled", "tags", diff --git a/src/cribl_control_plane/models/healthcheckauthenticationnone_healthcheckretryrulestypebackoff.py b/src/cribl_control_plane/models/healthcheckauthenticationnone_healthcheckretryrulestypebackoff.py index 90b5377f4..c2ba4fcfd 100644 --- a/src/cribl_control_plane/models/healthcheckauthenticationnone_healthcheckretryrulestypebackoff.py +++ b/src/cribl_control_plane/models/healthcheckauthenticationnone_healthcheckretryrulestypebackoff.py @@ -5,10 +5,6 @@ AuthRequestHeaderConfHealthCheckAuthenticationLogin, AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict, ) -from .authrequestheaderconfhealthcheckauthenticationoauth import ( - AuthRequestHeaderConfHealthCheckAuthenticationOauth, - AuthRequestHeaderConfHealthCheckAuthenticationOauthTypedDict, -) from .authrequestparamconfhealthcheckauthenticationoauth import ( AuthRequestParamConfHealthCheckAuthenticationOauth, AuthRequestParamConfHealthCheckAuthenticationOauthTypedDict, @@ -74,6 +70,8 @@ class HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeNoneTy r"""Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -82,6 +80,10 @@ class HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeNoneTy List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + discover_data_field: NotRequired[str] + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -100,6 +102,11 @@ class HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeNone( discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -112,6 +119,16 @@ class HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeNone( ] = None r"""Optional discover request headers.""" + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -147,8 +164,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "discoverDataField", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -191,6 +211,8 @@ class HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeListTy r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -199,6 +221,10 @@ class HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeListTy List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + discover_data_field: NotRequired[str] + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" @@ -218,6 +244,11 @@ class HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeList( discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -230,6 +261,16 @@ class HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeList( ] = None r"""Optional discover request headers.""" + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -262,8 +303,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "discoverDataField", + "__template_discoverDataField", "manualDiscoverResult", ] ) @@ -304,9 +348,11 @@ class HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeJSONTy manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -315,6 +361,8 @@ class HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeJSONTy List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" item_list: NotRequired[List[str]] r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" @@ -334,11 +382,16 @@ class HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeJSON( discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -351,6 +404,11 @@ class HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeJSON( ] = None r"""Optional discover request headers.""" + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + item_list: Annotated[Optional[List[str]], pydantic.Field(alias="itemList")] = None r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" @@ -382,8 +440,10 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "__template_discoverDataField", "itemList", ] ) @@ -433,6 +493,10 @@ class HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeHTTPDi r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -471,6 +535,16 @@ class HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeHTTPDi ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -508,6 +582,8 @@ def serialize_model(self, handler): "discoverBody", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -560,6 +636,10 @@ class HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeHTTPDi r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -601,6 +681,16 @@ class HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeHTTPDi ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -638,6 +728,8 @@ def serialize_model(self, handler): "discoverRequestParams", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -690,6 +782,10 @@ class HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeHTTPDi r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -731,6 +827,16 @@ class HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeHTTPDi ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -768,6 +874,8 @@ def serialize_model(self, handler): "discoverRequestParams", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -839,9 +947,9 @@ class UnknownHealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTyp HealthCheckAuthenticationOauthSecretDiscoveryTypedDict = TypeAliasType( "HealthCheckAuthenticationOauthSecretDiscoveryTypedDict", Union[ + HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeJSONTypedDict, HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeListTypedDict, HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeNoneTypedDict, - HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeJSONTypedDict, HealthCheckAuthenticationOauthSecretHealthCheckDiscoveryDiscoverTypeHTTPTypedDict, ], ) @@ -1109,7 +1217,7 @@ class HealthCheckAuthenticationOauthSecretTypedDict(TypedDict): authentication: HealthCheckAuthenticationOauthSecretAuthentication r"""Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers.""" login_url: str - r"""URL to use for the OAuth API call. This call is expected to be a POST.""" + r"""URL to use for login API call. This call is expected to be a POST.""" auth_header_expr: str r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" client_secret_param_name: str @@ -1127,9 +1235,13 @@ class HealthCheckAuthenticationOauthSecretTypedDict(TypedDict): ] r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" auth_request_headers: NotRequired[ - List[AuthRequestHeaderConfHealthCheckAuthenticationOauthTypedDict] + List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional authentication request headers.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + template_token_resp_attribute: NotRequired[str] + r"""Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime.""" discovery: NotRequired[HealthCheckAuthenticationOauthSecretDiscoveryTypedDict] collect_request_headers: NotRequired[ List[HealthCheckAuthenticationOauthSecretCollectRequestHeaderTypedDict] @@ -1145,6 +1257,18 @@ class HealthCheckAuthenticationOauthSecretTypedDict(TypedDict): safe_headers: NotRequired[List[str]] r"""List of headers that are safe to log in plain text.""" retry_rules: NotRequired[HealthCheckAuthenticationOauthSecretRetryRulesTypedDict] + username: NotRequired[str] + r"""Basic authentication username""" + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: NotRequired[str] + r"""Basic authentication password""" + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message""" client_secret_param_value: NotRequired[str] r"""Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters""" template_collect_url: NotRequired[str] @@ -1156,7 +1280,7 @@ class HealthCheckAuthenticationOauthSecret(BaseModel): r"""Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers.""" login_url: Annotated[str, pydantic.Field(alias="loginUrl")] - r"""URL to use for the OAuth API call. This call is expected to be a POST.""" + r"""URL to use for login API call. This call is expected to be a POST.""" auth_header_expr: Annotated[str, pydantic.Field(alias="authHeaderExpr")] r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" @@ -1190,11 +1314,21 @@ class HealthCheckAuthenticationOauthSecret(BaseModel): r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" auth_request_headers: Annotated[ - Optional[List[AuthRequestHeaderConfHealthCheckAuthenticationOauth]], + Optional[List[AuthRequestHeaderConfHealthCheckAuthenticationLogin]], pydantic.Field(alias="authRequestHeaders"), ] = None r"""Optional authentication request headers.""" + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + template_token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="__template_tokenRespAttribute") + ] = None + r"""Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime.""" + discovery: Optional[HealthCheckAuthenticationOauthSecretDiscovery] = None collect_request_headers: Annotated[ @@ -1231,6 +1365,30 @@ class HealthCheckAuthenticationOauthSecret(BaseModel): pydantic.Field(alias="retryRules"), ] = None + username: Optional[str] = None + r"""Basic authentication username""" + + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + password: Optional[str] = None + r"""Basic authentication password""" + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message""" + client_secret_param_value: Annotated[ Optional[str], pydantic.Field(alias="clientSecretParamValue") ] = None @@ -1277,6 +1435,8 @@ def serialize_model(self, handler): "tokenRespAttribute", "authRequestParams", "authRequestHeaders", + "__template_loginUrl", + "__template_tokenRespAttribute", "discovery", "collectRequestHeaders", "authenticateCollect", @@ -1285,6 +1445,12 @@ def serialize_model(self, handler): "defaultBreakers", "safeHeaders", "retryRules", + "username", + "__template_username", + "password", + "__template_password", + "credentialsSecret", + "loginBody", "clientSecretParamValue", "__template_collectUrl", ] @@ -1341,6 +1507,8 @@ class HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeNoneTypedDic r"""Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -1349,6 +1517,10 @@ class HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeNoneTypedDic List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + discover_data_field: NotRequired[str] + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -1365,6 +1537,11 @@ class HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeNone(BaseMod discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -1377,6 +1554,16 @@ class HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeNone(BaseMod ] = None r"""Optional discover request headers.""" + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -1412,8 +1599,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "discoverDataField", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -1458,6 +1648,8 @@ class HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeListTypedDic r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -1466,6 +1658,10 @@ class HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeListTypedDic List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + discover_data_field: NotRequired[str] + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" @@ -1483,6 +1679,11 @@ class HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeList(BaseMod discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -1495,6 +1696,16 @@ class HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeList(BaseMod ] = None r"""Optional discover request headers.""" + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -1527,8 +1738,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "discoverDataField", + "__template_discoverDataField", "manualDiscoverResult", ] ) @@ -1571,9 +1785,11 @@ class HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeJSONTypedDic manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -1582,6 +1798,8 @@ class HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeJSONTypedDic List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" item_list: NotRequired[List[str]] r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" @@ -1599,11 +1817,16 @@ class HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeJSON(BaseMod discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -1616,6 +1839,11 @@ class HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeJSON(BaseMod ] = None r"""Optional discover request headers.""" + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + item_list: Annotated[Optional[List[str]], pydantic.Field(alias="itemList")] = None r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" @@ -1647,8 +1875,10 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "__template_discoverDataField", "itemList", ] ) @@ -1698,6 +1928,10 @@ class HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeHTTPDiscover r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -1736,6 +1970,16 @@ class HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeHTTPDiscover ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -1773,6 +2017,8 @@ def serialize_model(self, handler): "discoverBody", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -1825,6 +2071,10 @@ class HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeHTTPDiscover r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -1866,6 +2116,16 @@ class HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeHTTPDiscover ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -1903,6 +2163,8 @@ def serialize_model(self, handler): "discoverRequestParams", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -1955,6 +2217,10 @@ class HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeHTTPDiscover r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -1996,6 +2262,16 @@ class HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeHTTPDiscover ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -2033,6 +2309,8 @@ def serialize_model(self, handler): "discoverRequestParams", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -2104,9 +2382,9 @@ class UnknownHealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeHTTP( HealthCheckAuthenticationOauthDiscoveryTypedDict = TypeAliasType( "HealthCheckAuthenticationOauthDiscoveryTypedDict", Union[ + HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeJSONTypedDict, HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeListTypedDict, HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeNoneTypedDict, - HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeJSONTypedDict, HealthCheckAuthenticationOauthHealthCheckDiscoveryDiscoverTypeHTTPTypedDict, ], ) @@ -2370,7 +2648,7 @@ class HealthCheckAuthenticationOauthTypedDict(TypedDict): authentication: HealthCheckAuthenticationOauthAuthentication r"""Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers.""" login_url: str - r"""URL to use for the OAuth API call. This call is expected to be a POST.""" + r"""URL to use for login API call. This call is expected to be a POST.""" auth_header_expr: str r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" client_secret_param_name: str @@ -2388,9 +2666,13 @@ class HealthCheckAuthenticationOauthTypedDict(TypedDict): ] r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" auth_request_headers: NotRequired[ - List[AuthRequestHeaderConfHealthCheckAuthenticationOauthTypedDict] + List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional authentication request headers.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + template_token_resp_attribute: NotRequired[str] + r"""Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime.""" discovery: NotRequired[HealthCheckAuthenticationOauthDiscoveryTypedDict] collect_request_headers: NotRequired[ List[HealthCheckAuthenticationOauthCollectRequestHeaderTypedDict] @@ -2406,6 +2688,18 @@ class HealthCheckAuthenticationOauthTypedDict(TypedDict): safe_headers: NotRequired[List[str]] r"""List of headers that are safe to log in plain text.""" retry_rules: NotRequired[HealthCheckAuthenticationOauthRetryRulesTypedDict] + username: NotRequired[str] + r"""Basic authentication username""" + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: NotRequired[str] + r"""Basic authentication password""" + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message""" text_secret: NotRequired[str] r"""Select or create a text secret that contains the client secret's value.""" template_collect_url: NotRequired[str] @@ -2417,7 +2711,7 @@ class HealthCheckAuthenticationOauth(BaseModel): r"""Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers.""" login_url: Annotated[str, pydantic.Field(alias="loginUrl")] - r"""URL to use for the OAuth API call. This call is expected to be a POST.""" + r"""URL to use for login API call. This call is expected to be a POST.""" auth_header_expr: Annotated[str, pydantic.Field(alias="authHeaderExpr")] r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" @@ -2453,11 +2747,21 @@ class HealthCheckAuthenticationOauth(BaseModel): r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" auth_request_headers: Annotated[ - Optional[List[AuthRequestHeaderConfHealthCheckAuthenticationOauth]], + Optional[List[AuthRequestHeaderConfHealthCheckAuthenticationLogin]], pydantic.Field(alias="authRequestHeaders"), ] = None r"""Optional authentication request headers.""" + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + template_token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="__template_tokenRespAttribute") + ] = None + r"""Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime.""" + discovery: Optional[HealthCheckAuthenticationOauthDiscovery] = None collect_request_headers: Annotated[ @@ -2494,6 +2798,30 @@ class HealthCheckAuthenticationOauth(BaseModel): pydantic.Field(alias="retryRules"), ] = None + username: Optional[str] = None + r"""Basic authentication username""" + + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + password: Optional[str] = None + r"""Basic authentication password""" + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message""" + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None r"""Select or create a text secret that contains the client secret's value.""" @@ -2536,6 +2864,8 @@ def serialize_model(self, handler): "tokenRespAttribute", "authRequestParams", "authRequestHeaders", + "__template_loginUrl", + "__template_tokenRespAttribute", "discovery", "collectRequestHeaders", "authenticateCollect", @@ -2544,6 +2874,12 @@ def serialize_model(self, handler): "defaultBreakers", "safeHeaders", "retryRules", + "username", + "__template_username", + "password", + "__template_password", + "credentialsSecret", + "loginBody", "textSecret", "__template_collectUrl", ] @@ -2598,6 +2934,8 @@ class HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeNoneTy r"""Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -2606,6 +2944,10 @@ class HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeNoneTy List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + discover_data_field: NotRequired[str] + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -2624,6 +2966,11 @@ class HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeNone( discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -2636,6 +2983,16 @@ class HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeNone( ] = None r"""Optional discover request headers.""" + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -2671,8 +3028,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "discoverDataField", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -2715,6 +3075,8 @@ class HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeListTy r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -2723,6 +3085,10 @@ class HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeListTy List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + discover_data_field: NotRequired[str] + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" @@ -2742,6 +3108,11 @@ class HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeList( discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -2754,6 +3125,16 @@ class HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeList( ] = None r"""Optional discover request headers.""" + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -2786,8 +3167,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "discoverDataField", + "__template_discoverDataField", "manualDiscoverResult", ] ) @@ -2828,9 +3212,11 @@ class HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeJSONTy manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -2839,6 +3225,8 @@ class HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeJSONTy List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" item_list: NotRequired[List[str]] r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" @@ -2858,11 +3246,16 @@ class HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeJSON( discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -2875,6 +3268,11 @@ class HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeJSON( ] = None r"""Optional discover request headers.""" + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + item_list: Annotated[Optional[List[str]], pydantic.Field(alias="itemList")] = None r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" @@ -2906,8 +3304,10 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "__template_discoverDataField", "itemList", ] ) @@ -2957,6 +3357,10 @@ class HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeHTTPDi r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -2995,6 +3399,16 @@ class HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeHTTPDi ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -3032,6 +3446,8 @@ def serialize_model(self, handler): "discoverBody", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -3084,6 +3500,10 @@ class HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeHTTPDi r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -3125,6 +3545,16 @@ class HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeHTTPDi ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -3162,6 +3592,8 @@ def serialize_model(self, handler): "discoverRequestParams", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -3214,6 +3646,10 @@ class HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeHTTPDi r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -3255,6 +3691,16 @@ class HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeHTTPDi ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -3292,6 +3738,8 @@ def serialize_model(self, handler): "discoverRequestParams", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -3363,9 +3811,9 @@ class UnknownHealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTyp HealthCheckAuthenticationLoginSecretDiscoveryTypedDict = TypeAliasType( "HealthCheckAuthenticationLoginSecretDiscoveryTypedDict", Union[ + HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeJSONTypedDict, HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeListTypedDict, HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeNoneTypedDict, - HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeJSONTypedDict, HealthCheckAuthenticationLoginSecretHealthCheckDiscoveryDiscoverTypeHTTPTypedDict, ], ) @@ -3633,9 +4081,9 @@ class HealthCheckAuthenticationLoginSecretTypedDict(TypedDict): authentication: HealthCheckAuthenticationLoginSecretAuthentication r"""Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers.""" login_url: str - r"""URL to use for login API call, this call is expected to be a POST.""" + r"""URL to use for login API call. This call is expected to be a POST.""" credentials_secret: str - r"""Select or create a stored secret that references your login credentials""" + r"""Select or create a stored secret that references your credentials""" login_body: str r"""Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message""" auth_header_expr: str @@ -3645,11 +4093,15 @@ class HealthCheckAuthenticationLoginSecretTypedDict(TypedDict): collect_method: HealthCheckAuthenticationLoginSecretHealthCheckMethod r"""Health check HTTP method.""" token_resp_attribute: NotRequired[str] - r"""Path to token attribute in login response body. Nested attributes are OK. If left blank, the entire response body will be used to derive the authorization header.""" + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" auth_request_headers: NotRequired[ List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional authentication request headers.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + template_token_resp_attribute: NotRequired[str] + r"""Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime.""" discovery: NotRequired[HealthCheckAuthenticationLoginSecretDiscoveryTypedDict] collect_request_headers: NotRequired[ List[HealthCheckAuthenticationLoginSecretCollectRequestHeaderTypedDict] @@ -3665,8 +4117,22 @@ class HealthCheckAuthenticationLoginSecretTypedDict(TypedDict): safe_headers: NotRequired[List[str]] r"""List of headers that are safe to log in plain text.""" retry_rules: NotRequired[HealthCheckAuthenticationLoginSecretRetryRulesTypedDict] + username: NotRequired[str] + r"""Basic authentication username""" + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: NotRequired[str] + r"""Basic authentication password""" + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + client_secret_param_name: NotRequired[str] + r"""Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters.""" client_secret_param_value: NotRequired[str] r"""Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters""" + auth_request_params: NotRequired[ + List[AuthRequestParamConfHealthCheckAuthenticationOauthTypedDict] + ] + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" text_secret: NotRequired[str] r"""Select or create a text secret that contains the client secret's value.""" template_collect_url: NotRequired[str] @@ -3678,10 +4144,10 @@ class HealthCheckAuthenticationLoginSecret(BaseModel): r"""Authentication method for Discover and Collect REST calls. You can specify API Key–based authentication by adding the appropriate Collect headers.""" login_url: Annotated[str, pydantic.Field(alias="loginUrl")] - r"""URL to use for login API call, this call is expected to be a POST.""" + r"""URL to use for login API call. This call is expected to be a POST.""" credentials_secret: Annotated[str, pydantic.Field(alias="credentialsSecret")] - r"""Select or create a stored secret that references your login credentials""" + r"""Select or create a stored secret that references your credentials""" login_body: Annotated[str, pydantic.Field(alias="loginBody")] r"""Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message""" @@ -3701,7 +4167,7 @@ class HealthCheckAuthenticationLoginSecret(BaseModel): token_resp_attribute: Annotated[ Optional[str], pydantic.Field(alias="tokenRespAttribute") ] = None - r"""Path to token attribute in login response body. Nested attributes are OK. If left blank, the entire response body will be used to derive the authorization header.""" + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" auth_request_headers: Annotated[ Optional[List[AuthRequestHeaderConfHealthCheckAuthenticationLogin]], @@ -3709,6 +4175,16 @@ class HealthCheckAuthenticationLoginSecret(BaseModel): ] = None r"""Optional authentication request headers.""" + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + template_token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="__template_tokenRespAttribute") + ] = None + r"""Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime.""" + discovery: Optional[HealthCheckAuthenticationLoginSecretDiscovery] = None collect_request_headers: Annotated[ @@ -3745,11 +4221,38 @@ class HealthCheckAuthenticationLoginSecret(BaseModel): pydantic.Field(alias="retryRules"), ] = None + username: Optional[str] = None + r"""Basic authentication username""" + + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + password: Optional[str] = None + r"""Basic authentication password""" + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + + client_secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="clientSecretParamName") + ] = None + r"""Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters.""" + client_secret_param_value: Annotated[ Optional[str], pydantic.Field(alias="clientSecretParamValue") ] = None r"""Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters""" + auth_request_params: Annotated[ + Optional[List[AuthRequestParamConfHealthCheckAuthenticationOauth]], + pydantic.Field(alias="authRequestParams"), + ] = None + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None r"""Select or create a text secret that contains the client secret's value.""" @@ -3793,6 +4296,8 @@ def serialize_model(self, handler): [ "tokenRespAttribute", "authRequestHeaders", + "__template_loginUrl", + "__template_tokenRespAttribute", "discovery", "collectRequestHeaders", "authenticateCollect", @@ -3801,7 +4306,13 @@ def serialize_model(self, handler): "defaultBreakers", "safeHeaders", "retryRules", + "username", + "__template_username", + "password", + "__template_password", + "clientSecretParamName", "clientSecretParamValue", + "authRequestParams", "textSecret", "__template_collectUrl", ] @@ -3858,6 +4369,8 @@ class HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeNoneTypedDic r"""Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -3866,6 +4379,10 @@ class HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeNoneTypedDic List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + discover_data_field: NotRequired[str] + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -3882,6 +4399,11 @@ class HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeNone(BaseMod discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -3894,6 +4416,16 @@ class HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeNone(BaseMod ] = None r"""Optional discover request headers.""" + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -3929,8 +4461,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "discoverDataField", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -3975,6 +4510,8 @@ class HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeListTypedDic r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -3983,6 +4520,10 @@ class HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeListTypedDic List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + discover_data_field: NotRequired[str] + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" @@ -4000,6 +4541,11 @@ class HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeList(BaseMod discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -4012,6 +4558,16 @@ class HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeList(BaseMod ] = None r"""Optional discover request headers.""" + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -4044,8 +4600,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "discoverDataField", + "__template_discoverDataField", "manualDiscoverResult", ] ) @@ -4088,9 +4647,11 @@ class HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeJSONTypedDic manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -4099,6 +4660,8 @@ class HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeJSONTypedDic List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" item_list: NotRequired[List[str]] r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" @@ -4116,11 +4679,16 @@ class HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeJSON(BaseMod discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -4133,6 +4701,11 @@ class HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeJSON(BaseMod ] = None r"""Optional discover request headers.""" + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + item_list: Annotated[Optional[List[str]], pydantic.Field(alias="itemList")] = None r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" @@ -4164,8 +4737,10 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "__template_discoverDataField", "itemList", ] ) @@ -4215,6 +4790,10 @@ class HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeHTTPDiscover r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -4253,6 +4832,16 @@ class HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeHTTPDiscover ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -4290,6 +4879,8 @@ def serialize_model(self, handler): "discoverBody", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -4342,6 +4933,10 @@ class HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeHTTPDiscover r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -4383,10 +4978,20 @@ class HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeHTTPDiscover ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" - manual_discover_result: Annotated[ - Optional[str], pydantic.Field(alias="manualDiscoverResult") + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") ] = None - r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + + manual_discover_result: Annotated[ + Optional[str], pydantic.Field(alias="manualDiscoverResult") + ] = None + r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: Annotated[Optional[List[str]], pydantic.Field(alias="itemList")] = None r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" @@ -4420,6 +5025,8 @@ def serialize_model(self, handler): "discoverRequestParams", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -4472,6 +5079,10 @@ class HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeHTTPDiscover r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -4513,6 +5124,16 @@ class HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeHTTPDiscover ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -4550,6 +5171,8 @@ def serialize_model(self, handler): "discoverRequestParams", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -4621,9 +5244,9 @@ class UnknownHealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeHTTP( HealthCheckAuthenticationLoginDiscoveryTypedDict = TypeAliasType( "HealthCheckAuthenticationLoginDiscoveryTypedDict", Union[ + HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeJSONTypedDict, HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeListTypedDict, HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeNoneTypedDict, - HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeJSONTypedDict, HealthCheckAuthenticationLoginHealthCheckDiscoveryDiscoverTypeHTTPTypedDict, ], ) @@ -4889,9 +5512,9 @@ class HealthCheckAuthenticationLoginTypedDict(TypedDict): login_url: str r"""URL to use for login API call. This call is expected to be a POST.""" username: str - r"""Login username""" + r"""Basic authentication username""" password: str - r"""Login password""" + r"""Basic authentication password""" login_body: str r"""Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message""" auth_header_expr: str @@ -4906,6 +5529,14 @@ class HealthCheckAuthenticationLoginTypedDict(TypedDict): List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional authentication request headers.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + template_token_resp_attribute: NotRequired[str] + r"""Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime.""" discovery: NotRequired[HealthCheckAuthenticationLoginDiscoveryTypedDict] collect_request_headers: NotRequired[ List[HealthCheckAuthenticationLoginCollectRequestHeaderTypedDict] @@ -4921,8 +5552,16 @@ class HealthCheckAuthenticationLoginTypedDict(TypedDict): safe_headers: NotRequired[List[str]] r"""List of headers that are safe to log in plain text.""" retry_rules: NotRequired[HealthCheckAuthenticationLoginRetryRulesTypedDict] + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" + client_secret_param_name: NotRequired[str] + r"""Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters.""" client_secret_param_value: NotRequired[str] r"""Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters""" + auth_request_params: NotRequired[ + List[AuthRequestParamConfHealthCheckAuthenticationOauthTypedDict] + ] + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" text_secret: NotRequired[str] r"""Select or create a text secret that contains the client secret's value.""" template_collect_url: NotRequired[str] @@ -4937,10 +5576,10 @@ class HealthCheckAuthenticationLogin(BaseModel): r"""URL to use for login API call. This call is expected to be a POST.""" username: str - r"""Login username""" + r"""Basic authentication username""" password: str - r"""Login password""" + r"""Basic authentication password""" login_body: Annotated[str, pydantic.Field(alias="loginBody")] r"""Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message""" @@ -4968,6 +5607,26 @@ class HealthCheckAuthenticationLogin(BaseModel): ] = None r"""Optional authentication request headers.""" + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + + template_token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="__template_tokenRespAttribute") + ] = None + r"""Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime.""" + discovery: Optional[HealthCheckAuthenticationLoginDiscovery] = None collect_request_headers: Annotated[ @@ -5004,11 +5663,27 @@ class HealthCheckAuthenticationLogin(BaseModel): pydantic.Field(alias="retryRules"), ] = None + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + + client_secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="clientSecretParamName") + ] = None + r"""Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters.""" + client_secret_param_value: Annotated[ Optional[str], pydantic.Field(alias="clientSecretParamValue") ] = None r"""Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters""" + auth_request_params: Annotated[ + Optional[List[AuthRequestParamConfHealthCheckAuthenticationOauth]], + pydantic.Field(alias="authRequestParams"), + ] = None + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None r"""Select or create a text secret that contains the client secret's value.""" @@ -5050,6 +5725,10 @@ def serialize_model(self, handler): [ "tokenRespAttribute", "authRequestHeaders", + "__template_loginUrl", + "__template_username", + "__template_password", + "__template_tokenRespAttribute", "discovery", "collectRequestHeaders", "authenticateCollect", @@ -5058,7 +5737,10 @@ def serialize_model(self, handler): "defaultBreakers", "safeHeaders", "retryRules", + "credentialsSecret", + "clientSecretParamName", "clientSecretParamValue", + "authRequestParams", "textSecret", "__template_collectUrl", ] @@ -5113,6 +5795,8 @@ class HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeNoneTy r"""Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -5121,6 +5805,10 @@ class HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeNoneTy List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + discover_data_field: NotRequired[str] + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -5139,6 +5827,11 @@ class HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeNone( discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -5151,6 +5844,16 @@ class HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeNone( ] = None r"""Optional discover request headers.""" + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -5186,8 +5889,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "discoverDataField", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -5230,6 +5936,8 @@ class HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeListTy r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -5238,6 +5946,10 @@ class HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeListTy List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + discover_data_field: NotRequired[str] + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" @@ -5257,6 +5969,11 @@ class HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeList( discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -5269,6 +5986,16 @@ class HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeList( ] = None r"""Optional discover request headers.""" + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -5301,8 +6028,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "discoverDataField", + "__template_discoverDataField", "manualDiscoverResult", ] ) @@ -5343,9 +6073,11 @@ class HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeJSONTy manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -5354,6 +6086,8 @@ class HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeJSONTy List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" item_list: NotRequired[List[str]] r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" @@ -5373,11 +6107,16 @@ class HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeJSON( discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -5390,6 +6129,11 @@ class HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeJSON( ] = None r"""Optional discover request headers.""" + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + item_list: Annotated[Optional[List[str]], pydantic.Field(alias="itemList")] = None r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" @@ -5421,8 +6165,10 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "__template_discoverDataField", "itemList", ] ) @@ -5472,6 +6218,10 @@ class HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeHTTPDi r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -5510,6 +6260,16 @@ class HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeHTTPDi ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -5547,6 +6307,8 @@ def serialize_model(self, handler): "discoverBody", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -5599,6 +6361,10 @@ class HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeHTTPDi r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -5640,6 +6406,16 @@ class HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeHTTPDi ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -5677,6 +6453,8 @@ def serialize_model(self, handler): "discoverRequestParams", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -5729,6 +6507,10 @@ class HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeHTTPDi r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -5770,6 +6552,16 @@ class HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeHTTPDi ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -5807,6 +6599,8 @@ def serialize_model(self, handler): "discoverRequestParams", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -5878,9 +6672,9 @@ class UnknownHealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTyp HealthCheckAuthenticationBasicSecretDiscoveryTypedDict = TypeAliasType( "HealthCheckAuthenticationBasicSecretDiscoveryTypedDict", Union[ + HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeJSONTypedDict, HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeListTypedDict, HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeNoneTypedDict, - HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeJSONTypedDict, HealthCheckAuthenticationBasicSecretHealthCheckDiscoveryDiscoverTypeHTTPTypedDict, ], ) @@ -6168,8 +6962,38 @@ class HealthCheckAuthenticationBasicSecretTypedDict(TypedDict): safe_headers: NotRequired[List[str]] r"""List of headers that are safe to log in plain text.""" retry_rules: NotRequired[HealthCheckAuthenticationBasicSecretRetryRulesTypedDict] + username: NotRequired[str] + r"""Basic authentication username""" + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: NotRequired[str] + r"""Basic authentication password""" + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + login_url: NotRequired[str] + r"""URL to use for login API call. This call is expected to be a POST.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message""" + token_resp_attribute: NotRequired[str] + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + template_token_resp_attribute: NotRequired[str] + r"""Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime.""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" + auth_request_headers: NotRequired[ + List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] + ] + r"""Optional authentication request headers.""" + client_secret_param_name: NotRequired[str] + r"""Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters.""" client_secret_param_value: NotRequired[str] r"""Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters""" + auth_request_params: NotRequired[ + List[AuthRequestParamConfHealthCheckAuthenticationOauthTypedDict] + ] + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" text_secret: NotRequired[str] r"""Select or create a text secret that contains the client secret's value.""" template_collect_url: NotRequired[str] @@ -6228,11 +7052,70 @@ class HealthCheckAuthenticationBasicSecret(BaseModel): pydantic.Field(alias="retryRules"), ] = None + username: Optional[str] = None + r"""Basic authentication username""" + + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + password: Optional[str] = None + r"""Basic authentication password""" + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL to use for login API call. This call is expected to be a POST.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message""" + + token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="tokenRespAttribute") + ] = None + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + + template_token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="__template_tokenRespAttribute") + ] = None + r"""Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime.""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" + + auth_request_headers: Annotated[ + Optional[List[AuthRequestHeaderConfHealthCheckAuthenticationLogin]], + pydantic.Field(alias="authRequestHeaders"), + ] = None + r"""Optional authentication request headers.""" + + client_secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="clientSecretParamName") + ] = None + r"""Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters.""" + client_secret_param_value: Annotated[ Optional[str], pydantic.Field(alias="clientSecretParamValue") ] = None r"""Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters""" + auth_request_params: Annotated[ + Optional[List[AuthRequestParamConfHealthCheckAuthenticationOauth]], + pydantic.Field(alias="authRequestParams"), + ] = None + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None r"""Select or create a text secret that contains the client secret's value.""" @@ -6282,7 +7165,20 @@ def serialize_model(self, handler): "defaultBreakers", "safeHeaders", "retryRules", + "username", + "__template_username", + "password", + "__template_password", + "loginUrl", + "__template_loginUrl", + "loginBody", + "tokenRespAttribute", + "__template_tokenRespAttribute", + "authHeaderExpr", + "authRequestHeaders", + "clientSecretParamName", "clientSecretParamValue", + "authRequestParams", "textSecret", "__template_collectUrl", ] @@ -6339,6 +7235,8 @@ class HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeNoneTypedDic r"""Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -6347,6 +7245,10 @@ class HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeNoneTypedDic List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + discover_data_field: NotRequired[str] + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -6363,6 +7265,11 @@ class HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeNone(BaseMod discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -6375,6 +7282,16 @@ class HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeNone(BaseMod ] = None r"""Optional discover request headers.""" + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -6410,8 +7327,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "discoverDataField", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -6456,6 +7376,8 @@ class HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeListTypedDic r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -6464,6 +7386,10 @@ class HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeListTypedDic List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + discover_data_field: NotRequired[str] + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" @@ -6481,6 +7407,11 @@ class HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeList(BaseMod discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -6493,6 +7424,16 @@ class HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeList(BaseMod ] = None r"""Optional discover request headers.""" + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -6525,8 +7466,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "discoverDataField", + "__template_discoverDataField", "manualDiscoverResult", ] ) @@ -6569,9 +7513,11 @@ class HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeJSONTypedDic manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -6580,6 +7526,8 @@ class HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeJSONTypedDic List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" item_list: NotRequired[List[str]] r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" @@ -6597,11 +7545,16 @@ class HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeJSON(BaseMod discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -6614,6 +7567,11 @@ class HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeJSON(BaseMod ] = None r"""Optional discover request headers.""" + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + item_list: Annotated[Optional[List[str]], pydantic.Field(alias="itemList")] = None r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" @@ -6645,8 +7603,10 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "__template_discoverDataField", "itemList", ] ) @@ -6696,6 +7656,10 @@ class HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeHTTPDiscover r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -6734,6 +7698,16 @@ class HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeHTTPDiscover ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -6771,6 +7745,8 @@ def serialize_model(self, handler): "discoverBody", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -6823,6 +7799,10 @@ class HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeHTTPDiscover r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -6864,6 +7844,16 @@ class HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeHTTPDiscover ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -6901,6 +7891,8 @@ def serialize_model(self, handler): "discoverRequestParams", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -6953,6 +7945,10 @@ class HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeHTTPDiscover r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -6994,6 +7990,16 @@ class HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeHTTPDiscover ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -7031,6 +8037,8 @@ def serialize_model(self, handler): "discoverRequestParams", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -7102,9 +8110,9 @@ class UnknownHealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeHTTP( HealthCheckAuthenticationBasicDiscoveryTypedDict = TypeAliasType( "HealthCheckAuthenticationBasicDiscoveryTypedDict", Union[ + HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeJSONTypedDict, HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeListTypedDict, HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeNoneTypedDict, - HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeJSONTypedDict, HealthCheckAuthenticationBasicHealthCheckDiscoveryDiscoverTypeHTTPTypedDict, ], ) @@ -7375,6 +8383,10 @@ class HealthCheckAuthenticationBasicTypedDict(TypedDict): r"""Expression to derive URL to use for the health check operation (can be a constant).""" collect_method: HealthCheckAuthenticationBasicHealthCheckMethod r"""Health check HTTP method.""" + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" discovery: NotRequired[HealthCheckAuthenticationBasicDiscoveryTypedDict] collect_request_headers: NotRequired[ List[HealthCheckAuthenticationBasicCollectRequestHeaderTypedDict] @@ -7390,8 +8402,32 @@ class HealthCheckAuthenticationBasicTypedDict(TypedDict): safe_headers: NotRequired[List[str]] r"""List of headers that are safe to log in plain text.""" retry_rules: NotRequired[HealthCheckAuthenticationBasicRetryRulesTypedDict] + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" + login_url: NotRequired[str] + r"""URL to use for login API call. This call is expected to be a POST.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message""" + token_resp_attribute: NotRequired[str] + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + template_token_resp_attribute: NotRequired[str] + r"""Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime.""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" + auth_request_headers: NotRequired[ + List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] + ] + r"""Optional authentication request headers.""" + client_secret_param_name: NotRequired[str] + r"""Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters.""" client_secret_param_value: NotRequired[str] r"""Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters""" + auth_request_params: NotRequired[ + List[AuthRequestParamConfHealthCheckAuthenticationOauthTypedDict] + ] + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" text_secret: NotRequired[str] r"""Select or create a text secret that contains the client secret's value.""" template_collect_url: NotRequired[str] @@ -7417,6 +8453,16 @@ class HealthCheckAuthenticationBasic(BaseModel): ] r"""Health check HTTP method.""" + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + discovery: Optional[HealthCheckAuthenticationBasicDiscovery] = None collect_request_headers: Annotated[ @@ -7453,11 +8499,59 @@ class HealthCheckAuthenticationBasic(BaseModel): pydantic.Field(alias="retryRules"), ] = None + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL to use for login API call. This call is expected to be a POST.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message""" + + token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="tokenRespAttribute") + ] = None + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + + template_token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="__template_tokenRespAttribute") + ] = None + r"""Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime.""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" + + auth_request_headers: Annotated[ + Optional[List[AuthRequestHeaderConfHealthCheckAuthenticationLogin]], + pydantic.Field(alias="authRequestHeaders"), + ] = None + r"""Optional authentication request headers.""" + + client_secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="clientSecretParamName") + ] = None + r"""Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters.""" + client_secret_param_value: Annotated[ Optional[str], pydantic.Field(alias="clientSecretParamValue") ] = None r"""Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters""" + auth_request_params: Annotated[ + Optional[List[AuthRequestParamConfHealthCheckAuthenticationOauth]], + pydantic.Field(alias="authRequestParams"), + ] = None + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None r"""Select or create a text secret that contains the client secret's value.""" @@ -7497,6 +8591,8 @@ def serialize_default_breakers(self, value): def serialize_model(self, handler): optional_fields = set( [ + "__template_username", + "__template_password", "discovery", "collectRequestHeaders", "authenticateCollect", @@ -7505,7 +8601,17 @@ def serialize_model(self, handler): "defaultBreakers", "safeHeaders", "retryRules", + "credentialsSecret", + "loginUrl", + "__template_loginUrl", + "loginBody", + "tokenRespAttribute", + "__template_tokenRespAttribute", + "authHeaderExpr", + "authRequestHeaders", + "clientSecretParamName", "clientSecretParamValue", + "authRequestParams", "textSecret", "__template_collectUrl", ] @@ -7562,6 +8668,8 @@ class HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeNoneTypedDict r"""Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -7570,6 +8678,10 @@ class HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeNoneTypedDict List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + discover_data_field: NotRequired[str] + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -7586,6 +8698,11 @@ class HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeNone(BaseMode discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -7598,6 +8715,16 @@ class HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeNone(BaseMode ] = None r"""Optional discover request headers.""" + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -7633,8 +8760,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "discoverDataField", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -7679,6 +8809,8 @@ class HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeListTypedDict r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -7687,6 +8819,10 @@ class HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeListTypedDict List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + discover_data_field: NotRequired[str] + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" @@ -7704,6 +8840,11 @@ class HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeList(BaseMode discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -7716,6 +8857,16 @@ class HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeList(BaseMode ] = None r"""Optional discover request headers.""" + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -7748,8 +8899,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "discoverDataField", + "__template_discoverDataField", "manualDiscoverResult", ] ) @@ -7792,9 +8946,11 @@ class HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeJSONTypedDict manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -7803,6 +8959,8 @@ class HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeJSONTypedDict List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" item_list: NotRequired[List[str]] r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" @@ -7820,11 +8978,16 @@ class HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeJSON(BaseMode discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -7837,6 +9000,11 @@ class HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeJSON(BaseMode ] = None r"""Optional discover request headers.""" + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + item_list: Annotated[Optional[List[str]], pydantic.Field(alias="itemList")] = None r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" @@ -7868,8 +9036,10 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "__template_discoverDataField", "itemList", ] ) @@ -7919,6 +9089,10 @@ class HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeHTTPDiscoverM r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -7957,6 +9131,16 @@ class HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeHTTPDiscoverM ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -7994,6 +9178,8 @@ def serialize_model(self, handler): "discoverBody", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -8046,6 +9232,10 @@ class HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeHTTPDiscoverM r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -8087,6 +9277,16 @@ class HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeHTTPDiscoverM ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -8124,6 +9324,8 @@ def serialize_model(self, handler): "discoverRequestParams", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -8176,6 +9378,10 @@ class HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeHTTPDiscoverM r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -8217,6 +9423,16 @@ class HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeHTTPDiscoverM ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -8254,6 +9470,8 @@ def serialize_model(self, handler): "discoverRequestParams", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -8325,9 +9543,9 @@ class UnknownHealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeHTTP( HealthCheckAuthenticationNoneDiscoveryTypedDict = TypeAliasType( "HealthCheckAuthenticationNoneDiscoveryTypedDict", Union[ + HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeJSONTypedDict, HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeListTypedDict, HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeNoneTypedDict, - HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeJSONTypedDict, HealthCheckAuthenticationNoneHealthCheckDiscoveryDiscoverTypeHTTPTypedDict, ], ) diff --git a/src/cribl_control_plane/models/healthcheckcollectorconf.py b/src/cribl_control_plane/models/healthcheckcollectorconf.py index 3586826cc..ba5b62f18 100644 --- a/src/cribl_control_plane/models/healthcheckcollectorconf.py +++ b/src/cribl_control_plane/models/healthcheckcollectorconf.py @@ -5,6 +5,10 @@ AuthRequestHeaderConfHealthCheckAuthenticationLogin, AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict, ) +from .authrequestparamconfhealthcheckauthenticationoauth import ( + AuthRequestParamConfHealthCheckAuthenticationOauth, + AuthRequestParamConfHealthCheckAuthenticationOauthTypedDict, +) from .collectrequestparamconfhealthcheckcollectmethodpost import ( CollectRequestParamConfHealthCheckCollectMethodPost, CollectRequestParamConfHealthCheckCollectMethodPostTypedDict, @@ -196,8 +200,40 @@ class HealthCheckAuthenticationNoneTypedDict(TypedDict): safe_headers: NotRequired[List[str]] r"""List of headers that are safe to log in plain text.""" retry_rules: NotRequired[HealthCheckAuthenticationNoneRetryRulesTypedDict] + username: NotRequired[str] + r"""Basic authentication username""" + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: NotRequired[str] + r"""Basic authentication password""" + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" + login_url: NotRequired[str] + r"""URL to use for login API call. This call is expected to be a POST.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message""" + token_resp_attribute: NotRequired[str] + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + template_token_resp_attribute: NotRequired[str] + r"""Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime.""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" + auth_request_headers: NotRequired[ + List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] + ] + r"""Optional authentication request headers.""" + client_secret_param_name: NotRequired[str] + r"""Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters.""" client_secret_param_value: NotRequired[str] r"""Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters""" + auth_request_params: NotRequired[ + List[AuthRequestParamConfHealthCheckAuthenticationOauthTypedDict] + ] + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" text_secret: NotRequired[str] r"""Select or create a text secret that contains the client secret's value.""" template_collect_url: NotRequired[str] @@ -253,11 +289,75 @@ class HealthCheckAuthenticationNone(BaseModel): pydantic.Field(alias="retryRules"), ] = None + username: Optional[str] = None + r"""Basic authentication username""" + + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + password: Optional[str] = None + r"""Basic authentication password""" + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL to use for login API call. This call is expected to be a POST.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message""" + + token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="tokenRespAttribute") + ] = None + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + + template_token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="__template_tokenRespAttribute") + ] = None + r"""Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime.""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" + + auth_request_headers: Annotated[ + Optional[List[AuthRequestHeaderConfHealthCheckAuthenticationLogin]], + pydantic.Field(alias="authRequestHeaders"), + ] = None + r"""Optional authentication request headers.""" + + client_secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="clientSecretParamName") + ] = None + r"""Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters.""" + client_secret_param_value: Annotated[ Optional[str], pydantic.Field(alias="clientSecretParamValue") ] = None r"""Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters""" + auth_request_params: Annotated[ + Optional[List[AuthRequestParamConfHealthCheckAuthenticationOauth]], + pydantic.Field(alias="authRequestParams"), + ] = None + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None r"""Select or create a text secret that contains the client secret's value.""" @@ -305,7 +405,21 @@ def serialize_model(self, handler): "defaultBreakers", "safeHeaders", "retryRules", + "username", + "__template_username", + "password", + "__template_password", + "credentialsSecret", + "loginUrl", + "__template_loginUrl", + "loginBody", + "tokenRespAttribute", + "__template_tokenRespAttribute", + "authHeaderExpr", + "authRequestHeaders", + "clientSecretParamName", "clientSecretParamValue", + "authRequestParams", "textSecret", "__template_collectUrl", ] @@ -359,6 +473,8 @@ class HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeNoneTy r"""Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -367,6 +483,10 @@ class HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeNoneTy List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + discover_data_field: NotRequired[str] + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -385,6 +505,11 @@ class HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeNone( discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -397,6 +522,16 @@ class HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeNone( ] = None r"""Optional discover request headers.""" + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -432,8 +567,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "discoverDataField", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -476,6 +614,8 @@ class HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeListTy r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -484,6 +624,10 @@ class HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeListTy List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + discover_data_field: NotRequired[str] + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" @@ -503,6 +647,11 @@ class HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeList( discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -515,6 +664,16 @@ class HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeList( ] = None r"""Optional discover request headers.""" + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -547,8 +706,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "discoverDataField", + "__template_discoverDataField", "manualDiscoverResult", ] ) @@ -589,9 +751,11 @@ class HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeJSONTy manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -600,6 +764,8 @@ class HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeJSONTy List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" item_list: NotRequired[List[str]] r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" @@ -619,11 +785,16 @@ class HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeJSON( discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -636,6 +807,11 @@ class HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeJSON( ] = None r"""Optional discover request headers.""" + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + item_list: Annotated[Optional[List[str]], pydantic.Field(alias="itemList")] = None r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" @@ -667,8 +843,10 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "__template_discoverDataField", "itemList", ] ) @@ -718,6 +896,10 @@ class HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeHTTPDi r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -756,6 +938,16 @@ class HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeHTTPDi ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -793,6 +985,8 @@ def serialize_model(self, handler): "discoverBody", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -845,6 +1039,10 @@ class HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeHTTPDi r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -886,6 +1084,16 @@ class HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeHTTPDi ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -923,6 +1131,8 @@ def serialize_model(self, handler): "discoverRequestParams", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -975,6 +1185,10 @@ class HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeHTTPDi r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -1016,6 +1230,16 @@ class HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeHTTPDi ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -1053,6 +1277,8 @@ def serialize_model(self, handler): "discoverRequestParams", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -1124,9 +1350,9 @@ class UnknownHealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTyp HealthCheckCollectMethodPostWithBodyDiscoveryTypedDict = TypeAliasType( "HealthCheckCollectMethodPostWithBodyDiscoveryTypedDict", Union[ + HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeJSONTypedDict, HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeListTypedDict, HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeNoneTypedDict, - HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeJSONTypedDict, HealthCheckCollectMethodPostWithBodyHealthCheckDiscoveryDiscoverTypeHTTPTypedDict, ], ) @@ -1415,8 +1641,40 @@ class HealthCheckCollectMethodPostWithBodyTypedDict(TypedDict): safe_headers: NotRequired[List[str]] r"""List of headers that are safe to log in plain text.""" retry_rules: NotRequired[HealthCheckCollectMethodPostWithBodyRetryRulesTypedDict] + username: NotRequired[str] + r"""Basic authentication username""" + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: NotRequired[str] + r"""Basic authentication password""" + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" + login_url: NotRequired[str] + r"""URL to use for login API call. This call is expected to be a POST.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message""" + token_resp_attribute: NotRequired[str] + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + template_token_resp_attribute: NotRequired[str] + r"""Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime.""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" + auth_request_headers: NotRequired[ + List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] + ] + r"""Optional authentication request headers.""" + client_secret_param_name: NotRequired[str] + r"""Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters.""" client_secret_param_value: NotRequired[str] r"""Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters""" + auth_request_params: NotRequired[ + List[AuthRequestParamConfHealthCheckAuthenticationOauthTypedDict] + ] + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" text_secret: NotRequired[str] r"""Select or create a text secret that contains the client secret's value.""" template_collect_url: NotRequired[str] @@ -1475,11 +1733,75 @@ class HealthCheckCollectMethodPostWithBody(BaseModel): pydantic.Field(alias="retryRules"), ] = None + username: Optional[str] = None + r"""Basic authentication username""" + + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + password: Optional[str] = None + r"""Basic authentication password""" + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL to use for login API call. This call is expected to be a POST.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message""" + + token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="tokenRespAttribute") + ] = None + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + + template_token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="__template_tokenRespAttribute") + ] = None + r"""Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime.""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" + + auth_request_headers: Annotated[ + Optional[List[AuthRequestHeaderConfHealthCheckAuthenticationLogin]], + pydantic.Field(alias="authRequestHeaders"), + ] = None + r"""Optional authentication request headers.""" + + client_secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="clientSecretParamName") + ] = None + r"""Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters.""" + client_secret_param_value: Annotated[ Optional[str], pydantic.Field(alias="clientSecretParamValue") ] = None r"""Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters""" + auth_request_params: Annotated[ + Optional[List[AuthRequestParamConfHealthCheckAuthenticationOauth]], + pydantic.Field(alias="authRequestParams"), + ] = None + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None r"""Select or create a text secret that contains the client secret's value.""" @@ -1530,7 +1852,21 @@ def serialize_model(self, handler): "defaultBreakers", "safeHeaders", "retryRules", + "username", + "__template_username", + "password", + "__template_password", + "credentialsSecret", + "loginUrl", + "__template_loginUrl", + "loginBody", + "tokenRespAttribute", + "__template_tokenRespAttribute", + "authHeaderExpr", + "authRequestHeaders", + "clientSecretParamName", "clientSecretParamValue", + "authRequestParams", "textSecret", "__template_collectUrl", ] @@ -1586,6 +1922,8 @@ class HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeNoneTypedDict( r"""Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -1594,6 +1932,10 @@ class HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeNoneTypedDict( List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + discover_data_field: NotRequired[str] + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -1610,6 +1952,11 @@ class HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeNone(BaseModel discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -1622,6 +1969,16 @@ class HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeNone(BaseModel ] = None r"""Optional discover request headers.""" + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -1657,8 +2014,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "discoverDataField", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -1703,6 +2063,8 @@ class HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeListTypedDict( r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -1711,6 +2073,10 @@ class HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeListTypedDict( List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + discover_data_field: NotRequired[str] + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" @@ -1728,6 +2094,11 @@ class HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeList(BaseModel discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -1740,6 +2111,16 @@ class HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeList(BaseModel ] = None r"""Optional discover request headers.""" + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -1772,8 +2153,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "discoverDataField", + "__template_discoverDataField", "manualDiscoverResult", ] ) @@ -1816,9 +2200,11 @@ class HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeJSONTypedDict( manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -1827,6 +2213,8 @@ class HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeJSONTypedDict( List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" item_list: NotRequired[List[str]] r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" @@ -1844,11 +2232,16 @@ class HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeJSON(BaseModel discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -1861,6 +2254,11 @@ class HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeJSON(BaseModel ] = None r"""Optional discover request headers.""" + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + item_list: Annotated[Optional[List[str]], pydantic.Field(alias="itemList")] = None r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" @@ -1892,8 +2290,10 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "__template_discoverDataField", "itemList", ] ) @@ -1943,6 +2343,10 @@ class HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeHTTPDiscoverMe r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -1981,6 +2385,16 @@ class HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeHTTPDiscoverMe ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -2018,6 +2432,8 @@ def serialize_model(self, handler): "discoverBody", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -2070,6 +2486,10 @@ class HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeHTTPDiscoverMe r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -2111,6 +2531,16 @@ class HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeHTTPDiscoverMe ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -2148,6 +2578,8 @@ def serialize_model(self, handler): "discoverRequestParams", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -2200,6 +2632,10 @@ class HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeHTTPDiscoverMe r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -2241,6 +2677,16 @@ class HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeHTTPDiscoverMe ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -2278,6 +2724,8 @@ def serialize_model(self, handler): "discoverRequestParams", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -2349,9 +2797,9 @@ class UnknownHealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeHTTP( HealthCheckCollectMethodPostDiscoveryTypedDict = TypeAliasType( "HealthCheckCollectMethodPostDiscoveryTypedDict", Union[ + HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeJSONTypedDict, HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeListTypedDict, HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeNoneTypedDict, - HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeJSONTypedDict, HealthCheckCollectMethodPostHealthCheckDiscoveryDiscoverTypeHTTPTypedDict, ], ) @@ -2636,8 +3084,40 @@ class HealthCheckCollectMethodPostTypedDict(TypedDict): safe_headers: NotRequired[List[str]] r"""List of headers that are safe to log in plain text.""" retry_rules: NotRequired[HealthCheckCollectMethodPostRetryRulesTypedDict] + username: NotRequired[str] + r"""Basic authentication username""" + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: NotRequired[str] + r"""Basic authentication password""" + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" + login_url: NotRequired[str] + r"""URL to use for login API call. This call is expected to be a POST.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message""" + token_resp_attribute: NotRequired[str] + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + template_token_resp_attribute: NotRequired[str] + r"""Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime.""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" + auth_request_headers: NotRequired[ + List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] + ] + r"""Optional authentication request headers.""" + client_secret_param_name: NotRequired[str] + r"""Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters.""" client_secret_param_value: NotRequired[str] r"""Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters""" + auth_request_params: NotRequired[ + List[AuthRequestParamConfHealthCheckAuthenticationOauthTypedDict] + ] + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" text_secret: NotRequired[str] r"""Select or create a text secret that contains the client secret's value.""" template_collect_url: NotRequired[str] @@ -2699,11 +3179,75 @@ class HealthCheckCollectMethodPost(BaseModel): pydantic.Field(alias="retryRules"), ] = None + username: Optional[str] = None + r"""Basic authentication username""" + + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + password: Optional[str] = None + r"""Basic authentication password""" + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL to use for login API call. This call is expected to be a POST.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message""" + + token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="tokenRespAttribute") + ] = None + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + + template_token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="__template_tokenRespAttribute") + ] = None + r"""Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime.""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" + + auth_request_headers: Annotated[ + Optional[List[AuthRequestHeaderConfHealthCheckAuthenticationLogin]], + pydantic.Field(alias="authRequestHeaders"), + ] = None + r"""Optional authentication request headers.""" + + client_secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="clientSecretParamName") + ] = None + r"""Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters.""" + client_secret_param_value: Annotated[ Optional[str], pydantic.Field(alias="clientSecretParamValue") ] = None r"""Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters""" + auth_request_params: Annotated[ + Optional[List[AuthRequestParamConfHealthCheckAuthenticationOauth]], + pydantic.Field(alias="authRequestParams"), + ] = None + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None r"""Select or create a text secret that contains the client secret's value.""" @@ -2752,7 +3296,21 @@ def serialize_model(self, handler): "defaultBreakers", "safeHeaders", "retryRules", + "username", + "__template_username", + "password", + "__template_password", + "credentialsSecret", + "loginUrl", + "__template_loginUrl", + "loginBody", + "tokenRespAttribute", + "__template_tokenRespAttribute", + "authHeaderExpr", + "authRequestHeaders", + "clientSecretParamName", "clientSecretParamValue", + "authRequestParams", "textSecret", "__template_collectUrl", ] @@ -2823,6 +3381,8 @@ class HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeNoneTypedDict( r"""Defines how task discovery will be performed. Use None to skip the discovery. Use HTTP Request to make a REST call to discover tasks. Use Item List to enumerate items for collect to retrieve. Use JSON Response to manually define discover tasks as a JSON array of objects. Each entry returned by the discover operation will result in a collect task.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -2831,6 +3391,10 @@ class HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeNoneTypedDict( List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + discover_data_field: NotRequired[str] + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -2847,6 +3411,11 @@ class HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeNone(BaseModel) discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -2859,6 +3428,16 @@ class HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeNone(BaseModel) ] = None r"""Optional discover request headers.""" + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -2894,8 +3473,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "discoverDataField", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -2940,6 +3522,8 @@ class HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeListTypedDict( r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -2948,6 +3532,10 @@ class HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeListTypedDict( List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + discover_data_field: NotRequired[str] + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" @@ -2965,6 +3553,11 @@ class HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeList(BaseModel) discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -2977,6 +3570,16 @@ class HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeList(BaseModel) ] = None r"""Optional discover request headers.""" + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -3009,8 +3612,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "discoverDataField", + "__template_discoverDataField", "manualDiscoverResult", ] ) @@ -3053,9 +3659,11 @@ class HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeJSONTypedDict( manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" discover_url: NotRequired[str] r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[ DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP ] @@ -3064,6 +3672,8 @@ class HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeJSONTypedDict( List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] ] r"""Optional discover request headers.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" item_list: NotRequired[List[str]] r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" @@ -3081,11 +3691,16 @@ class HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeJSON(BaseModel) discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, name of the field or array element to pull results from. Leave blank if the result is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""Expression to derive URL to use for the Discover operation (can be a constant).""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsHealthCheckDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -3098,6 +3713,11 @@ class HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeJSON(BaseModel) ] = None r"""Optional discover request headers.""" + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + item_list: Annotated[Optional[List[str]], pydantic.Field(alias="itemList")] = None r"""Comma-separated list of items to return from the Discover task. Each item returned will generate a collect task, and can be referenced using `${id}` in the collect URL, headers, or parameters.""" @@ -3129,8 +3749,10 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", + "__template_discoverDataField", "itemList", ] ) @@ -3180,6 +3802,10 @@ class HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeHTTPDiscoverMet r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -3218,6 +3844,16 @@ class HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeHTTPDiscoverMet ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -3255,6 +3891,8 @@ def serialize_model(self, handler): "discoverBody", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -3307,6 +3945,10 @@ class HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeHTTPDiscoverMet r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -3348,6 +3990,16 @@ class HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeHTTPDiscoverMet ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -3385,6 +4037,8 @@ def serialize_model(self, handler): "discoverRequestParams", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -3437,6 +4091,10 @@ class HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeHTTPDiscoverMet r"""Optional discover request headers.""" discover_data_field: NotRequired[str] r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + template_discover_data_field: NotRequired[str] + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object. Works with the Discover Data field.""" item_list: NotRequired[List[str]] @@ -3478,6 +4136,16 @@ class HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeHTTPDiscoverMet ] = None r"""Path to field in the response object which contains discover results (e.g.: level1.name), leave blank if the result is an array.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + + template_discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverDataField") + ] = None + r"""Binds 'discoverDataField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverDataField' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -3515,6 +4183,8 @@ def serialize_model(self, handler): "discoverRequestParams", "discoverRequestHeaders", "discoverDataField", + "__template_discoverUrl", + "__template_discoverDataField", "manualDiscoverResult", "itemList", ] @@ -3584,9 +4254,9 @@ class UnknownHealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeHTTP(Bas HealthCheckCollectMethodGetDiscoveryTypedDict = TypeAliasType( "HealthCheckCollectMethodGetDiscoveryTypedDict", Union[ + HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeJSONTypedDict, HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeListTypedDict, HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeNoneTypedDict, - HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeJSONTypedDict, HealthCheckCollectMethodGetHealthCheckDiscoveryDiscoverTypeHTTPTypedDict, ], ) @@ -3871,8 +4541,40 @@ class HealthCheckCollectMethodGetTypedDict(TypedDict): safe_headers: NotRequired[List[str]] r"""List of headers that are safe to log in plain text.""" retry_rules: NotRequired[HealthCheckCollectMethodGetRetryRulesTypedDict] + username: NotRequired[str] + r"""Basic authentication username""" + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: NotRequired[str] + r"""Basic authentication password""" + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" + login_url: NotRequired[str] + r"""URL to use for login API call. This call is expected to be a POST.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message""" + token_resp_attribute: NotRequired[str] + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + template_token_resp_attribute: NotRequired[str] + r"""Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime.""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" + auth_request_headers: NotRequired[ + List[AuthRequestHeaderConfHealthCheckAuthenticationLoginTypedDict] + ] + r"""Optional authentication request headers.""" + client_secret_param_name: NotRequired[str] + r"""Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters.""" client_secret_param_value: NotRequired[str] r"""Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters""" + auth_request_params: NotRequired[ + List[AuthRequestParamConfHealthCheckAuthenticationOauthTypedDict] + ] + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" text_secret: NotRequired[str] r"""Select or create a text secret that contains the client secret's value.""" template_collect_url: NotRequired[str] @@ -3934,11 +4636,75 @@ class HealthCheckCollectMethodGet(BaseModel): pydantic.Field(alias="retryRules"), ] = None + username: Optional[str] = None + r"""Basic authentication username""" + + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + password: Optional[str] = None + r"""Basic authentication password""" + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL to use for login API call. This call is expected to be a POST.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request, ${username} and ${password} are used to specify location of these attributes in the message""" + + token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="tokenRespAttribute") + ] = None + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + + template_token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="__template_tokenRespAttribute") + ] = None + r"""Binds 'tokenRespAttribute' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tokenRespAttribute' at runtime.""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" + + auth_request_headers: Annotated[ + Optional[List[AuthRequestHeaderConfHealthCheckAuthenticationLogin]], + pydantic.Field(alias="authRequestHeaders"), + ] = None + r"""Optional authentication request headers.""" + + client_secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="clientSecretParamName") + ] = None + r"""Parameter name that contains client secret. Defaults to 'client_secret', and is automatically added to request parameters.""" + client_secret_param_value: Annotated[ Optional[str], pydantic.Field(alias="clientSecretParamValue") ] = None r"""Secret value to add to HTTP requests as the 'client secret' parameter. Stored on disk encrypted, and is automatically added to request parameters""" + auth_request_params: Annotated[ + Optional[List[AuthRequestParamConfHealthCheckAuthenticationOauth]], + pydantic.Field(alias="authRequestParams"), + ] = None + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None r"""Select or create a text secret that contains the client secret's value.""" @@ -3987,7 +4753,21 @@ def serialize_model(self, handler): "defaultBreakers", "safeHeaders", "retryRules", + "username", + "__template_username", + "password", + "__template_password", + "credentialsSecret", + "loginUrl", + "__template_loginUrl", + "loginBody", + "tokenRespAttribute", + "__template_tokenRespAttribute", + "authHeaderExpr", + "authRequestHeaders", + "clientSecretParamName", "clientSecretParamValue", + "authRequestParams", "textSecret", "__template_collectUrl", ] @@ -4010,15 +4790,15 @@ def serialize_model(self, handler): "HealthCheckCollectorConfTypedDict", Union[ HealthCheckAuthenticationNoneTypedDict, - HealthCheckCollectMethodGetTypedDict, - HealthCheckCollectMethodPostTypedDict, - HealthCheckCollectMethodPostWithBodyTypedDict, - HealthCheckAuthenticationBasicSecretTypedDict, HealthCheckAuthenticationBasicTypedDict, + HealthCheckAuthenticationBasicSecretTypedDict, + HealthCheckAuthenticationLoginTypedDict, HealthCheckAuthenticationLoginSecretTypedDict, HealthCheckAuthenticationOauthTypedDict, HealthCheckAuthenticationOauthSecretTypedDict, - HealthCheckAuthenticationLoginTypedDict, + HealthCheckCollectMethodGetTypedDict, + HealthCheckCollectMethodPostTypedDict, + HealthCheckCollectMethodPostWithBodyTypedDict, ], ) diff --git a/src/cribl_control_plane/models/healthoverlaystatus.py b/src/cribl_control_plane/models/healthoverlaystatus.py new file mode 100644 index 000000000..fc6af4362 --- /dev/null +++ b/src/cribl_control_plane/models/healthoverlaystatus.py @@ -0,0 +1,58 @@ +"""Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" + +from __future__ import annotations +from .activehealthoverlaystatus import ( + ActiveHealthOverlayStatus, + ActiveHealthOverlayStatusTypedDict, +) +from .noactivehealthoverlaystatus import ( + NoActiveHealthOverlayStatus, + NoActiveHealthOverlayStatusTypedDict, +) +from cribl_control_plane.types import BaseModel +from cribl_control_plane.utils.unions import parse_open_union +from functools import partial +from pydantic import ConfigDict +from pydantic.functional_validators import BeforeValidator +from typing import Any, Literal, Union +from typing_extensions import Annotated, TypeAliasType + + +HealthOverlayStatusTypedDict = TypeAliasType( + "HealthOverlayStatusTypedDict", + Union[NoActiveHealthOverlayStatusTypedDict, ActiveHealthOverlayStatusTypedDict], +) + + +class UnknownHealthOverlayStatus(BaseModel): + r"""A HealthOverlayStatus variant the SDK doesn't recognize. Preserves the raw payload.""" + + state: Literal["UNKNOWN"] = "UNKNOWN" + raw: Any + is_unknown: Literal[True] = True + + model_config = ConfigDict(frozen=True) + + +_HEALTH_OVERLAY_STATUS_VARIANTS: dict[str, Any] = { + "active": ActiveHealthOverlayStatus, + "inactive": NoActiveHealthOverlayStatus, +} + + +HealthOverlayStatus = Annotated[ + Union[ + ActiveHealthOverlayStatus, + NoActiveHealthOverlayStatus, + UnknownHealthOverlayStatus, + ], + BeforeValidator( + partial( + parse_open_union, + disc_key="state", + variants=_HEALTH_OVERLAY_STATUS_VARIANTS, + unknown_cls=UnknownHealthOverlayStatus, + union_name="HealthOverlayStatus", + ) + ), +] diff --git a/src/cribl_control_plane/models/healthserverstatus.py b/src/cribl_control_plane/models/healthserverstatus.py index 4ddf3eb75..a3a252756 100644 --- a/src/cribl_control_plane/models/healthserverstatus.py +++ b/src/cribl_control_plane/models/healthserverstatus.py @@ -1,6 +1,7 @@ """Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" from __future__ import annotations +from .healthoverlaystatus import HealthOverlayStatus, HealthOverlayStatusTypedDict from cribl_control_plane import models, utils from cribl_control_plane.types import BaseModel, UNSET_SENTINEL from enum import Enum @@ -28,6 +29,7 @@ class HealthServerStatusStatus(str, Enum, metaclass=utils.OpenEnumMeta): class HealthServerStatusTypedDict(TypedDict): r"""Health status of the Leader or Worker Node.""" + overlay: HealthOverlayStatusTypedDict start_time: int r"""Timestamp (in Unix time) when the Cribl process started.""" status: HealthServerStatusStatus @@ -39,6 +41,8 @@ class HealthServerStatusTypedDict(TypedDict): class HealthServerStatus(BaseModel): r"""Health status of the Leader or Worker Node.""" + overlay: HealthOverlayStatus + start_time: Annotated[int, pydantic.Field(alias="startTime")] r"""Timestamp (in Unix time) when the Cribl process started.""" diff --git a/src/cribl_control_plane/models/requestparamconfinputopenai.py b/src/cribl_control_plane/models/httpdiscoveryheaderconfinputprometheus.py similarity index 67% rename from src/cribl_control_plane/models/requestparamconfinputopenai.py rename to src/cribl_control_plane/models/httpdiscoveryheaderconfinputprometheus.py index deab3a1f6..7df7d96b4 100644 --- a/src/cribl_control_plane/models/requestparamconfinputopenai.py +++ b/src/cribl_control_plane/models/httpdiscoveryheaderconfinputprometheus.py @@ -5,12 +5,12 @@ from typing_extensions import TypedDict -class RequestParamConfInputOpenaiTypedDict(TypedDict): +class HTTPDiscoveryHeaderConfInputPrometheusTypedDict(TypedDict): name: str value: str -class RequestParamConfInputOpenai(BaseModel): +class HTTPDiscoveryHeaderConfInputPrometheus(BaseModel): name: str value: str diff --git a/src/cribl_control_plane/models/input.py b/src/cribl_control_plane/models/input.py index 7ab2c1978..c13d2f9e2 100644 --- a/src/cribl_control_plane/models/input.py +++ b/src/cribl_control_plane/models/input.py @@ -182,12 +182,12 @@ InputSystemMetricsInputTypedDict, InputWindowsMetricsInputTypedDict, InputJournalFilesInputTypedDict, - InputKubeLogsInputTypedDict, InputModelDrivenTelemetryInputTypedDict, InputExecInputTypedDict, InputRawUDPInputTypedDict, InputAnthropicComplianceInputTypedDict, InputWinEventLogsInputTypedDict, + InputKubeLogsInputTypedDict, InputSnmpInputTypedDict, InputMetricsInputTypedDict, InputNetflowInputTypedDict, @@ -234,8 +234,8 @@ InputSecurityLakeInputTypedDict, InputS3InputTypedDict, InputS3InventoryInputTypedDict, - InputEdgePrometheusInputTypedDict, InputMskInputTypedDict, + InputEdgePrometheusInputTypedDict, InputPrometheusInputTypedDict, InputGrafanaInputUnionTypedDict, InputSyslogInputUnionTypedDict, diff --git a/src/cribl_control_plane/models/inputappleunifiedlogs_input.py b/src/cribl_control_plane/models/inputappleunifiedlogs_input.py index 88d8ff1e4..0fdec63ae 100644 --- a/src/cribl_control_plane/models/inputappleunifiedlogs_input.py +++ b/src/cribl_control_plane/models/inputappleunifiedlogs_input.py @@ -35,7 +35,7 @@ class InputAppleUnifiedLogsReadMode(str, Enum, metaclass=utils.OpenEnumMeta): class InputAppleUnifiedLogsInputTypedDict(TypedDict): type: InputAppleUnifiedLogsType predicate: str - r"""String to filter log entries, in NSPredicate format (e.g., subsystem == \"com.apple.security\" or process == \"kernel\"). See [Predicate format reference](https://developer.apple.com/library/archive/documentation/Cocoa/Conceptual/Predicates/AdditionalChapters/Introduction.html) for more information.""" + r"""String to filter log entries, in NSPredicate format (e.g., subsystem == \"com.apple.security\" or process == \"kernel\"). See [Common Log Types and Predicates](https://docs.cribl.io/edge/sources-apple-unified-logs/#examples) for more information.""" id: NotRequired[str] r"""Unique ID for this input""" disabled: NotRequired[bool] @@ -67,7 +67,7 @@ class InputAppleUnifiedLogsInput(BaseModel): type: InputAppleUnifiedLogsType predicate: str - r"""String to filter log entries, in NSPredicate format (e.g., subsystem == \"com.apple.security\" or process == \"kernel\"). See [Predicate format reference](https://developer.apple.com/library/archive/documentation/Cocoa/Conceptual/Predicates/AdditionalChapters/Introduction.html) for more information.""" + r"""String to filter log entries, in NSPredicate format (e.g., subsystem == \"com.apple.security\" or process == \"kernel\"). See [Common Log Types and Predicates](https://docs.cribl.io/edge/sources-apple-unified-logs/#examples) for more information.""" id: Optional[str] = None r"""Unique ID for this input""" diff --git a/src/cribl_control_plane/models/inputcloudflarehec_input.py b/src/cribl_control_plane/models/inputcloudflarehec_input.py index 402c166b7..6758d95b7 100644 --- a/src/cribl_control_plane/models/inputcloudflarehec_input.py +++ b/src/cribl_control_plane/models/inputcloudflarehec_input.py @@ -36,6 +36,8 @@ class InputCloudflareHecAuthTokenTypedDict(TypedDict): r"""Select Secret to use a text secret to authenticate""" token_secret: NotRequired[str] r"""Select or create a stored text secret""" + token: NotRequired[str] + r"""Shared secret to be provided by any client (Authorization: )""" enabled: NotRequired[bool] description: NotRequired[str] allowed_indexes_at_token: NotRequired[List[str]] @@ -54,6 +56,9 @@ class InputCloudflareHecAuthToken(BaseModel): token_secret: Annotated[Optional[str], pydantic.Field(alias="tokenSecret")] = None r"""Select or create a stored text secret""" + token: Optional[str] = None + r"""Shared secret to be provided by any client (Authorization: )""" + enabled: Optional[bool] = None description: Optional[str] = None @@ -81,6 +86,7 @@ def serialize_model(self, handler): [ "authType", "tokenSecret", + "token", "enabled", "description", "allowedIndexesAtToken", diff --git a/src/cribl_control_plane/models/inputconfluentcloud_input.py b/src/cribl_control_plane/models/inputconfluentcloud_input.py index 96e284db5..8ab625b3a 100644 --- a/src/cribl_control_plane/models/inputconfluentcloud_input.py +++ b/src/cribl_control_plane/models/inputconfluentcloud_input.py @@ -86,14 +86,12 @@ class InputConfluentCloudInputTypedDict(TypedDict): See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. """ rebalance_timeout: NotRequired[float] - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: NotRequired[float] - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ auto_commit_interval: NotRequired[float] r"""How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch.""" @@ -222,17 +220,15 @@ class InputConfluentCloudInput(BaseModel): rebalance_timeout: Annotated[ Optional[float], pydantic.Field(alias="rebalanceTimeout") ] = None - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: Annotated[ Optional[float], pydantic.Field(alias="heartbeatInterval") ] = None - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ auto_commit_interval: Annotated[ diff --git a/src/cribl_control_plane/models/inputedgeprometheus_input.py b/src/cribl_control_plane/models/inputedgeprometheus_input.py index 4634c811b..86dc37784 100644 --- a/src/cribl_control_plane/models/inputedgeprometheus_input.py +++ b/src/cribl_control_plane/models/inputedgeprometheus_input.py @@ -9,6 +9,10 @@ ConnectionConfInputCollectionTypedDict, ) from .diskspoolingtype import DiskSpoolingType, DiskSpoolingTypeTypedDict +from .httpdiscoveryheaderconfinputprometheus import ( + HTTPDiscoveryHeaderConfInputPrometheus, + HTTPDiscoveryHeaderConfInputPrometheusTypedDict, +) from .metadataconfinputcollection import ( MetadataConfInputCollection, MetadataConfInputCollectionTypedDict, @@ -48,6 +52,8 @@ class InputEdgePrometheusDiscoveryType(str, Enum, metaclass=utils.OpenEnumMeta): K8S_PODS = "k8s-pods" # Kubernetes Service Monitor (v4.18+) K8S_SERVICE_MONITOR = "k8s-service-monitor" + # HTTP SD + HTTP_SD = "http_sd" class InputEdgePrometheusAuthenticationMethod(str, Enum, metaclass=utils.OpenEnumMeta): @@ -219,11 +225,22 @@ class InputEdgePrometheusInputTypedDict(TypedDict): scrape_path_expr: NotRequired[str] r"""Path to use when collecting metrics from discovered targets""" pod_filter: NotRequired[List[InputEdgePrometheusPodFilterTypedDict]] - r"""Add rules to decide which pods to discover for metrics. + r""" + Add rules to decide which pods to discover for metrics. Pods are searched if no rules are given or of all the rules' expressions evaluate to true. """ + http_discovery_url: NotRequired[str] + r"""URL to fetch target groups from (must be http or https)""" + http_discovery_headers: NotRequired[ + List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict] + ] + r"""Extra headers to send with the discovery request""" + http_discovery_reject_unauthorized: NotRequired[bool] + r"""Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified.""" + max_response_body_size: NotRequired[str] + r"""Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB.""" username: NotRequired[str] r"""Username for Prometheus Basic authentication""" password: NotRequired[str] @@ -420,12 +437,34 @@ class InputEdgePrometheusInput(BaseModel): pod_filter: Annotated[ Optional[List[InputEdgePrometheusPodFilter]], pydantic.Field(alias="podFilter") ] = None - r"""Add rules to decide which pods to discover for metrics. + r""" + Add rules to decide which pods to discover for metrics. Pods are searched if no rules are given or of all the rules' expressions evaluate to true. """ + http_discovery_url: Annotated[ + Optional[str], pydantic.Field(alias="httpDiscoveryUrl") + ] = None + r"""URL to fetch target groups from (must be http or https)""" + + http_discovery_headers: Annotated[ + Optional[List[HTTPDiscoveryHeaderConfInputPrometheus]], + pydantic.Field(alias="httpDiscoveryHeaders"), + ] = None + r"""Extra headers to send with the discovery request""" + + http_discovery_reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="httpDiscoveryRejectUnauthorized") + ] = None + r"""Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified.""" + + max_response_body_size: Annotated[ + Optional[str], pydantic.Field(alias="maxResponseBodySize") + ] = None + r"""Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB.""" + username: Optional[str] = None r"""Username for Prometheus Basic authentication""" @@ -577,6 +616,10 @@ def serialize_model(self, handler): "scrapePortExpr", "scrapePathExpr", "podFilter", + "httpDiscoveryUrl", + "httpDiscoveryHeaders", + "httpDiscoveryRejectUnauthorized", + "maxResponseBodySize", "username", "password", "credentialsSecret", diff --git a/src/cribl_control_plane/models/inputeventhub_input.py b/src/cribl_control_plane/models/inputeventhub_input.py index 7206a456a..b1132bcbf 100644 --- a/src/cribl_control_plane/models/inputeventhub_input.py +++ b/src/cribl_control_plane/models/inputeventhub_input.py @@ -73,20 +73,16 @@ class InputEventhubInputTypedDict(TypedDict): r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" tls: NotRequired[TLSSettingsClientSideTypeTypedDict] session_timeout: NotRequired[float] - r"""Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities. - If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance. - Value must be lower than rebalanceTimeout. - See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities. If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance. Value must be lower than rebalanceTimeout. See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ rebalance_timeout: NotRequired[float] - r"""Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ heartbeat_interval: NotRequired[float] - r"""Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ auto_commit_interval: NotRequired[float] r"""How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch.""" @@ -201,26 +197,22 @@ class InputEventhubInput(BaseModel): session_timeout: Annotated[ Optional[float], pydantic.Field(alias="sessionTimeout") ] = None - r"""Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities. - If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance. - Value must be lower than rebalanceTimeout. - See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities. If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance. Value must be lower than rebalanceTimeout. See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ rebalance_timeout: Annotated[ Optional[float], pydantic.Field(alias="rebalanceTimeout") ] = None - r"""Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ heartbeat_interval: Annotated[ Optional[float], pydantic.Field(alias="heartbeatInterval") ] = None - r"""Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ auto_commit_interval: Annotated[ diff --git a/src/cribl_control_plane/models/inputeventhubamqp_input.py b/src/cribl_control_plane/models/inputeventhubamqp_input.py index 0429e97e1..4bd9e238c 100644 --- a/src/cribl_control_plane/models/inputeventhubamqp_input.py +++ b/src/cribl_control_plane/models/inputeventhubamqp_input.py @@ -38,6 +38,47 @@ class InputEventhubAmqpAuthenticationMechanism(str, Enum, metaclass=utils.OpenEn OAUTH_BEARER = "oauth-bearer" +class InputEventhubAmqpCertificateTypedDict(TypedDict): + certificate_name: str + r"""The certificate you registered as credentials for your app in the Azure portal""" + cert_path: str + r"""Path on server containing certificates to use. PEM format. Can reference $ENV_VARS.""" + priv_key_path: str + r"""Path on server containing the private key to use. PEM format. Can reference $ENV_VARS.""" + passphrase: NotRequired[str] + r"""Passphrase to use to decrypt private key""" + + +class InputEventhubAmqpCertificate(BaseModel): + certificate_name: Annotated[str, pydantic.Field(alias="certificateName")] + r"""The certificate you registered as credentials for your app in the Azure portal""" + + cert_path: Annotated[str, pydantic.Field(alias="certPath")] + r"""Path on server containing certificates to use. PEM format. Can reference $ENV_VARS.""" + + priv_key_path: Annotated[str, pydantic.Field(alias="privKeyPath")] + r"""Path on server containing the private key to use. PEM format. Can reference $ENV_VARS.""" + + passphrase: Optional[str] = None + r"""Passphrase to use to decrypt private key""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["passphrase"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + class InputEventhubAmqpAuthTypedDict(TypedDict): mechanism: InputEventhubAmqpAuthenticationMechanism text_secret: NotRequired[str] @@ -45,7 +86,7 @@ class InputEventhubAmqpAuthTypedDict(TypedDict): client_secret_auth_type: NotRequired[AuthenticationMethodOptionsAuth] client_text_secret: NotRequired[str] r"""Select or create a stored text secret""" - certificate: NotRequired[CertificateTypeAzureBlobAuthTypeClientCertTypedDict] + certificate: NotRequired[InputEventhubAmqpCertificateTypedDict] oauth_endpoint: NotRequired[MicrosoftEntraIDAuthenticationEndpointOptionsSasl] r"""Endpoint used to acquire authentication tokens from Azure""" client_id: NotRequired[str] @@ -80,7 +121,7 @@ class InputEventhubAmqpAuth(BaseModel): ] = None r"""Select or create a stored text secret""" - certificate: Optional[CertificateTypeAzureBlobAuthTypeClientCert] = None + certificate: Optional[InputEventhubAmqpCertificate] = None oauth_endpoint: Annotated[ Optional[MicrosoftEntraIDAuthenticationEndpointOptionsSasl], @@ -532,6 +573,10 @@ def serialize_model(self, handler): return m +try: + InputEventhubAmqpCertificate.model_rebuild() +except NameError: + pass try: InputEventhubAmqpAuth.model_rebuild() except NameError: diff --git a/src/cribl_control_plane/models/inputjournalfiles_input.py b/src/cribl_control_plane/models/inputjournalfiles_input.py index 3cadc1942..3367a2e50 100644 --- a/src/cribl_control_plane/models/inputjournalfiles_input.py +++ b/src/cribl_control_plane/models/inputjournalfiles_input.py @@ -80,7 +80,7 @@ class InputJournalFilesInputTypedDict(TypedDict): rules: NotRequired[List[InputJournalFilesRuleTypedDict]] r"""Add rules to decide which journal objects to allow. Events are generated if no rules are given or if all the rules' expressions evaluate to true.""" current_boot: NotRequired[bool] - r"""Skip log messages that are not part of the current boot session.""" + r"""Skip log messages that are not part of the current boot session""" max_age_dur: NotRequired[str] r"""The maximum log message age, in duration form (e.g,: 60s, 4h, 3d, 1w). Default of no value will apply no max age filters.""" suppress_missing_path_errors: NotRequired[bool] @@ -136,7 +136,7 @@ class InputJournalFilesInput(BaseModel): r"""Add rules to decide which journal objects to allow. Events are generated if no rules are given or if all the rules' expressions evaluate to true.""" current_boot: Annotated[Optional[bool], pydantic.Field(alias="currentBoot")] = None - r"""Skip log messages that are not part of the current boot session.""" + r"""Skip log messages that are not part of the current boot session""" max_age_dur: Annotated[Optional[str], pydantic.Field(alias="maxAgeDur")] = None r"""The maximum log message age, in duration form (e.g,: 60s, 4h, 3d, 1w). Default of no value will apply no max age filters.""" diff --git a/src/cribl_control_plane/models/inputkafka_input.py b/src/cribl_control_plane/models/inputkafka_input.py index 007ddbb91..5f3b92421 100644 --- a/src/cribl_control_plane/models/inputkafka_input.py +++ b/src/cribl_control_plane/models/inputkafka_input.py @@ -86,14 +86,12 @@ class InputKafkaInputTypedDict(TypedDict): See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. """ rebalance_timeout: NotRequired[float] - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: NotRequired[float] - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ auto_commit_interval: NotRequired[float] r"""How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch.""" @@ -222,17 +220,15 @@ class InputKafkaInput(BaseModel): rebalance_timeout: Annotated[ Optional[float], pydantic.Field(alias="rebalanceTimeout") ] = None - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: Annotated[ Optional[float], pydantic.Field(alias="heartbeatInterval") ] = None - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ auto_commit_interval: Annotated[ diff --git a/src/cribl_control_plane/models/inputkubelogs_input.py b/src/cribl_control_plane/models/inputkubelogs_input.py index 59dcce432..18e37e9f2 100644 --- a/src/cribl_control_plane/models/inputkubelogs_input.py +++ b/src/cribl_control_plane/models/inputkubelogs_input.py @@ -78,6 +78,10 @@ class InputKubeLogsInputTypedDict(TypedDict): r"""Add rules to decide which Pods to collect logs from. Logs are collected if no rules are given or if all the rules' expressions evaluate to true.""" timestamps: NotRequired[bool] r"""For use when containers do not emit a timestamp, prefix each line of output with a timestamp. If you enable this setting, you can use the Kubernetes Logs Event Breaker and the kubernetes_logs Pre-processing Pipeline to remove them from the events after the timestamps are extracted.""" + line_buffer_limit: NotRequired[float] + r"""Maximum bytes to buffer while reassembling a single log line. A line that exceeds this size is flushed as-is, either whole or partially. The default is 1048576 (1 MB).""" + lb_disable_assembly: NotRequired[bool] + r"""Internal flag to disable LB worker payload reassembly.""" metadata: NotRequired[List[MetadataConfInputCollectionTypedDict]] r"""Fields to add to events from this input""" persistence: NotRequired[DiskSpoolingTypeTypedDict] @@ -133,6 +137,16 @@ class InputKubeLogsInput(BaseModel): timestamps: Optional[bool] = None r"""For use when containers do not emit a timestamp, prefix each line of output with a timestamp. If you enable this setting, you can use the Kubernetes Logs Event Breaker and the kubernetes_logs Pre-processing Pipeline to remove them from the events after the timestamps are extracted.""" + line_buffer_limit: Annotated[ + Optional[float], pydantic.Field(alias="lineBufferLimit") + ] = None + r"""Maximum bytes to buffer while reassembling a single log line. A line that exceeds this size is flushed as-is, either whole or partially. The default is 1048576 (1 MB).""" + + lb_disable_assembly: Annotated[ + Optional[bool], pydantic.Field(alias="__LBDisableAssembly") + ] = None + r"""Internal flag to disable LB worker payload reassembly.""" + metadata: Optional[List[MetadataConfInputCollection]] = None r"""Fields to add to events from this input""" @@ -181,6 +195,8 @@ def serialize_model(self, handler): "interval", "rules", "timestamps", + "lineBufferLimit", + "__LBDisableAssembly", "metadata", "persistence", "breakerRulesets", diff --git a/src/cribl_control_plane/models/inputmsk_input.py b/src/cribl_control_plane/models/inputmsk_input.py index 3925cfc51..29d6a947c 100644 --- a/src/cribl_control_plane/models/inputmsk_input.py +++ b/src/cribl_control_plane/models/inputmsk_input.py @@ -73,14 +73,12 @@ class InputMskInputTypedDict(TypedDict): See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. """ rebalance_timeout: NotRequired[float] - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: NotRequired[float] - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ metadata: NotRequired[List[MetadataConfInputCollectionTypedDict]] r"""Fields to add to events from this input""" @@ -222,17 +220,15 @@ class InputMskInput(BaseModel): rebalance_timeout: Annotated[ Optional[float], pydantic.Field(alias="rebalanceTimeout") ] = None - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: Annotated[ Optional[float], pydantic.Field(alias="heartbeatInterval") ] = None - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ metadata: Optional[List[MetadataConfInputCollection]] = None diff --git a/src/cribl_control_plane/models/inputopenai_input.py b/src/cribl_control_plane/models/inputopenai_input.py index 46653f569..d2619dce6 100644 --- a/src/cribl_control_plane/models/inputopenai_input.py +++ b/src/cribl_control_plane/models/inputopenai_input.py @@ -5,15 +5,15 @@ ConnectionConfInputCollection, ConnectionConfInputCollectionTypedDict, ) +from .httpdiscoveryheaderconfinputprometheus import ( + HTTPDiscoveryHeaderConfInputPrometheus, + HTTPDiscoveryHeaderConfInputPrometheusTypedDict, +) from .metadataconfinputcollection import ( MetadataConfInputCollection, MetadataConfInputCollectionTypedDict, ) from .pqtype import PqType, PqTypeTypedDict -from .requestparamconfinputopenai import ( - RequestParamConfInputOpenai, - RequestParamConfInputOpenaiTypedDict, -) from .retryrulestype import RetryRulesType, RetryRulesTypeTypedDict from cribl_control_plane import models, utils from cribl_control_plane.types import BaseModel, UNSET_SENTINEL @@ -58,7 +58,7 @@ class InputOpenaiLogLevel(str, Enum, metaclass=utils.OpenEnumMeta): class InputOpenaiContentConfigTypedDict(TypedDict): - request_params: List[RequestParamConfInputOpenaiTypedDict] + request_params: List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict] r"""Query-string parameters to send with this endpoint""" pagination_type: InputOpenaiPaginationType cron_schedule: str @@ -93,7 +93,8 @@ class InputOpenaiContentConfigTypedDict(TypedDict): class InputOpenaiContentConfig(BaseModel): request_params: Annotated[ - List[RequestParamConfInputOpenai], pydantic.Field(alias="requestParams") + List[HTTPDiscoveryHeaderConfInputPrometheus], + pydantic.Field(alias="requestParams"), ] r"""Query-string parameters to send with this endpoint""" diff --git a/src/cribl_control_plane/models/inputprometheus_input.py b/src/cribl_control_plane/models/inputprometheus_input.py index 3db7b7006..b5df2dcff 100644 --- a/src/cribl_control_plane/models/inputprometheus_input.py +++ b/src/cribl_control_plane/models/inputprometheus_input.py @@ -9,6 +9,10 @@ ConnectionConfInputCollection, ConnectionConfInputCollectionTypedDict, ) +from .httpdiscoveryheaderconfinputprometheus import ( + HTTPDiscoveryHeaderConfInputPrometheus, + HTTPDiscoveryHeaderConfInputPrometheusTypedDict, +) from .logleveloptions import LogLevelOptions from .metadataconfinputcollection import ( MetadataConfInputCollection, @@ -42,6 +46,8 @@ class InputPrometheusDiscoveryType(str, Enum, metaclass=utils.OpenEnumMeta): DNS = "dns" # AWS EC2 EC2 = "ec2" + # HTTP SD + HTTP_SD = "http_sd" class InputPrometheusMetricsProtocol(str, Enum, metaclass=utils.OpenEnumMeta): @@ -134,6 +140,16 @@ class InputPrometheusInputTypedDict(TypedDict): r"""External ID to use when assuming role""" duration_seconds: NotRequired[float] r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + http_discovery_url: NotRequired[str] + r"""URL to fetch target groups from (must be http or https)""" + http_discovery_headers: NotRequired[ + List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict] + ] + r"""Extra headers to send with the discovery request""" + http_discovery_reject_unauthorized: NotRequired[bool] + r"""Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified.""" + max_response_body_size: NotRequired[str] + r"""Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB.""" username: NotRequired[str] r"""Username for Prometheus Basic authentication""" password: NotRequired[str] @@ -341,6 +357,27 @@ class InputPrometheusInput(BaseModel): ] = None r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + http_discovery_url: Annotated[ + Optional[str], pydantic.Field(alias="httpDiscoveryUrl") + ] = None + r"""URL to fetch target groups from (must be http or https)""" + + http_discovery_headers: Annotated[ + Optional[List[HTTPDiscoveryHeaderConfInputPrometheus]], + pydantic.Field(alias="httpDiscoveryHeaders"), + ] = None + r"""Extra headers to send with the discovery request""" + + http_discovery_reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="httpDiscoveryRejectUnauthorized") + ] = None + r"""Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified.""" + + max_response_body_size: Annotated[ + Optional[str], pydantic.Field(alias="maxResponseBodySize") + ] = None + r"""Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB.""" + username: Optional[str] = None r"""Username for Prometheus Basic authentication""" @@ -526,6 +563,10 @@ def serialize_model(self, handler): "assumeRoleArn", "assumeRoleExternalId", "durationSeconds", + "httpDiscoveryUrl", + "httpDiscoveryHeaders", + "httpDiscoveryRejectUnauthorized", + "maxResponseBodySize", "username", "password", "credentialsSecret", diff --git a/src/cribl_control_plane/models/inputresponse.py b/src/cribl_control_plane/models/inputresponse.py index 2fdc1acda..5b8317b91 100644 --- a/src/cribl_control_plane/models/inputresponse.py +++ b/src/cribl_control_plane/models/inputresponse.py @@ -46,6 +46,10 @@ ) from .googleauthenticationmethodoptions import GoogleAuthenticationMethodOptions from .gputype import GpuType, GpuTypeTypedDict +from .httpdiscoveryheaderconfinputprometheus import ( + HTTPDiscoveryHeaderConfInputPrometheus, + HTTPDiscoveryHeaderConfInputPrometheusTypedDict, +) from .inputcollectionorigindatasourcediscoverywithdestinationarnconstraint import ( InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint, InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraintTypedDict, @@ -3277,6 +3281,47 @@ class InputResponseAuthenticationMechanism(str, Enum, metaclass=utils.OpenEnumMe OAUTH_BEARER = "oauth-bearer" +class InputResponseCertificateTypedDict(TypedDict): + certificate_name: str + r"""The certificate you registered as credentials for your app in the Azure portal""" + cert_path: str + r"""Path on server containing certificates to use. PEM format. Can reference $ENV_VARS.""" + priv_key_path: str + r"""Path on server containing the private key to use. PEM format. Can reference $ENV_VARS.""" + passphrase: NotRequired[str] + r"""Passphrase to use to decrypt private key""" + + +class InputResponseCertificate(BaseModel): + certificate_name: Annotated[str, pydantic.Field(alias="certificateName")] + r"""The certificate you registered as credentials for your app in the Azure portal""" + + cert_path: Annotated[str, pydantic.Field(alias="certPath")] + r"""Path on server containing certificates to use. PEM format. Can reference $ENV_VARS.""" + + priv_key_path: Annotated[str, pydantic.Field(alias="privKeyPath")] + r"""Path on server containing the private key to use. PEM format. Can reference $ENV_VARS.""" + + passphrase: Optional[str] = None + r"""Passphrase to use to decrypt private key""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["passphrase"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + class InputResponseAuthTypedDict(TypedDict): mechanism: InputResponseAuthenticationMechanism text_secret: NotRequired[str] @@ -3284,7 +3329,7 @@ class InputResponseAuthTypedDict(TypedDict): client_secret_auth_type: NotRequired[AuthenticationMethodOptionsAuth] client_text_secret: NotRequired[str] r"""Select or create a stored text secret""" - certificate: NotRequired[CertificateTypeAzureBlobAuthTypeClientCertTypedDict] + certificate: NotRequired[InputResponseCertificateTypedDict] oauth_endpoint: NotRequired[MicrosoftEntraIDAuthenticationEndpointOptionsSasl] r"""Endpoint used to acquire authentication tokens from Azure""" client_id: NotRequired[str] @@ -3319,7 +3364,7 @@ class InputResponseAuth(BaseModel): ] = None r"""Select or create a stored text secret""" - certificate: Optional[CertificateTypeAzureBlobAuthTypeClientCert] = None + certificate: Optional[InputResponseCertificate] = None oauth_endpoint: Annotated[ Optional[MicrosoftEntraIDAuthenticationEndpointOptionsSasl], @@ -3850,20 +3895,16 @@ class InputResponseInputEventhubTypedDict(TypedDict): r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" tls: NotRequired[TLSSettingsClientSideTypeTypedDict] session_timeout: NotRequired[float] - r"""Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities. - If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance. - Value must be lower than rebalanceTimeout. - See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities. If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance. Value must be lower than rebalanceTimeout. See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ rebalance_timeout: NotRequired[float] - r"""Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ heartbeat_interval: NotRequired[float] - r"""Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ auto_commit_interval: NotRequired[float] r"""How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch.""" @@ -3988,26 +4029,22 @@ class InputResponseInputEventhub(BaseModel): session_timeout: Annotated[ Optional[float], pydantic.Field(alias="sessionTimeout") ] = None - r"""Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities. - If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance. - Value must be lower than rebalanceTimeout. - See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Timeout (session.timeout.ms in Kafka domain) used to detect client failures when using Kafka's group-management facilities. If the client sends no heartbeats to the broker before the timeout expires, the broker will remove the client from the group and initiate a rebalance. Value must be lower than rebalanceTimeout. See details [here](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ rebalance_timeout: Annotated[ Optional[float], pydantic.Field(alias="rebalanceTimeout") ] = None - r"""Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Maximum allowed time (rebalance.timeout.ms in Kafka domain) for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ heartbeat_interval: Annotated[ Optional[float], pydantic.Field(alias="heartbeatInterval") ] = None - r"""Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). + r""" + Expected time (heartbeat.interval.ms in Kafka domain) between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Recommended configurations](https://github.com/Azure/azure-event-hubs-for-kafka/blob/master/CONFIGURATION.md). """ auto_commit_interval: Annotated[ @@ -5613,6 +5650,8 @@ class InputResponseDiscoveryTypeEdgePrometheus(str, Enum, metaclass=utils.OpenEn K8S_PODS = "k8s-pods" # Kubernetes Service Monitor (v4.18+) K8S_SERVICE_MONITOR = "k8s-service-monitor" + # HTTP SD + HTTP_SD = "http_sd" class InputResponseAuthenticationMethodEdgePrometheus( @@ -5790,11 +5829,22 @@ class InputResponseInputEdgePrometheusTypedDict(TypedDict): scrape_path_expr: NotRequired[str] r"""Path to use when collecting metrics from discovered targets""" pod_filter: NotRequired[List[InputResponsePodFilterTypedDict]] - r"""Add rules to decide which pods to discover for metrics. + r""" + Add rules to decide which pods to discover for metrics. Pods are searched if no rules are given or of all the rules' expressions evaluate to true. """ + http_discovery_url: NotRequired[str] + r"""URL to fetch target groups from (must be http or https)""" + http_discovery_headers: NotRequired[ + List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict] + ] + r"""Extra headers to send with the discovery request""" + http_discovery_reject_unauthorized: NotRequired[bool] + r"""Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified.""" + max_response_body_size: NotRequired[str] + r"""Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB.""" username: NotRequired[str] r"""Username for Prometheus Basic authentication""" password: NotRequired[str] @@ -6001,12 +6051,34 @@ class InputResponseInputEdgePrometheus(BaseModel): pod_filter: Annotated[ Optional[List[InputResponsePodFilter]], pydantic.Field(alias="podFilter") ] = None - r"""Add rules to decide which pods to discover for metrics. + r""" + Add rules to decide which pods to discover for metrics. Pods are searched if no rules are given or of all the rules' expressions evaluate to true. """ + http_discovery_url: Annotated[ + Optional[str], pydantic.Field(alias="httpDiscoveryUrl") + ] = None + r"""URL to fetch target groups from (must be http or https)""" + + http_discovery_headers: Annotated[ + Optional[List[HTTPDiscoveryHeaderConfInputPrometheus]], + pydantic.Field(alias="httpDiscoveryHeaders"), + ] = None + r"""Extra headers to send with the discovery request""" + + http_discovery_reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="httpDiscoveryRejectUnauthorized") + ] = None + r"""Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified.""" + + max_response_body_size: Annotated[ + Optional[str], pydantic.Field(alias="maxResponseBodySize") + ] = None + r"""Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB.""" + username: Optional[str] = None r"""Username for Prometheus Basic authentication""" @@ -6165,6 +6237,10 @@ def serialize_model(self, handler): "scrapePortExpr", "scrapePathExpr", "podFilter", + "httpDiscoveryUrl", + "httpDiscoveryHeaders", + "httpDiscoveryRejectUnauthorized", + "maxResponseBodySize", "username", "password", "credentialsSecret", @@ -6209,6 +6285,8 @@ class InputResponseDiscoveryTypePrometheus(str, Enum, metaclass=utils.OpenEnumMe DNS = "dns" # AWS EC2 EC2 = "ec2" + # HTTP SD + HTTP_SD = "http_sd" class InputResponseMetricsProtocol(str, Enum, metaclass=utils.OpenEnumMeta): @@ -6305,6 +6383,16 @@ class InputResponseInputPrometheusTypedDict(TypedDict): r"""External ID to use when assuming role""" duration_seconds: NotRequired[float] r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + http_discovery_url: NotRequired[str] + r"""URL to fetch target groups from (must be http or https)""" + http_discovery_headers: NotRequired[ + List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict] + ] + r"""Extra headers to send with the discovery request""" + http_discovery_reject_unauthorized: NotRequired[bool] + r"""Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified.""" + max_response_body_size: NotRequired[str] + r"""Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB.""" username: NotRequired[str] r"""Username for Prometheus Basic authentication""" password: NotRequired[str] @@ -6523,6 +6611,27 @@ class InputResponseInputPrometheus(BaseModel): ] = None r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + http_discovery_url: Annotated[ + Optional[str], pydantic.Field(alias="httpDiscoveryUrl") + ] = None + r"""URL to fetch target groups from (must be http or https)""" + + http_discovery_headers: Annotated[ + Optional[List[HTTPDiscoveryHeaderConfInputPrometheus]], + pydantic.Field(alias="httpDiscoveryHeaders"), + ] = None + r"""Extra headers to send with the discovery request""" + + http_discovery_reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="httpDiscoveryRejectUnauthorized") + ] = None + r"""Reject TLS certificates that cannot be verified for the discovery endpoint. Falls back to the source-level setting if not specified.""" + + max_response_body_size: Annotated[ + Optional[str], pydantic.Field(alias="maxResponseBodySize") + ] = None + r"""Maximum size of the HTTP SD response body. Responses exceeding this limit will be rejected. Defaults to 20 MB.""" + username: Optional[str] = None r"""Username for Prometheus Basic authentication""" @@ -6715,6 +6824,10 @@ def serialize_model(self, handler): "assumeRoleArn", "assumeRoleExternalId", "durationSeconds", + "httpDiscoveryUrl", + "httpDiscoveryHeaders", + "httpDiscoveryRejectUnauthorized", + "maxResponseBodySize", "username", "password", "credentialsSecret", @@ -8312,14 +8425,12 @@ class InputResponseInputConfluentCloudTypedDict(TypedDict): See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. """ rebalance_timeout: NotRequired[float] - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: NotRequired[float] - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ auto_commit_interval: NotRequired[float] r"""How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch.""" @@ -8458,17 +8569,15 @@ class InputResponseInputConfluentCloud(BaseModel): rebalance_timeout: Annotated[ Optional[float], pydantic.Field(alias="rebalanceTimeout") ] = None - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: Annotated[ Optional[float], pydantic.Field(alias="heartbeatInterval") ] = None - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ auto_commit_interval: Annotated[ @@ -10999,14 +11108,12 @@ class InputResponseInputMskTypedDict(TypedDict): See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. """ rebalance_timeout: NotRequired[float] - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: NotRequired[float] - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ metadata: NotRequired[List[MetadataConfInputCollectionTypedDict]] r"""Fields to add to events from this input""" @@ -11158,17 +11265,15 @@ class InputResponseInputMsk(BaseModel): rebalance_timeout: Annotated[ Optional[float], pydantic.Field(alias="rebalanceTimeout") ] = None - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: Annotated[ Optional[float], pydantic.Field(alias="heartbeatInterval") ] = None - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ metadata: Optional[List[MetadataConfInputCollection]] = None @@ -11490,14 +11595,12 @@ class InputResponseInputKafkaTypedDict(TypedDict): See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_session.timeout.ms) for details. """ rebalance_timeout: NotRequired[float] - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: NotRequired[float] - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ auto_commit_interval: NotRequired[float] r"""How often to commit offsets. If both this and Offset commit threshold are set, @{product} commits offsets when either condition is met. If both are empty, @{product} commits offsets after each batch.""" @@ -11636,17 +11739,15 @@ class InputResponseInputKafka(BaseModel): rebalance_timeout: Annotated[ Optional[float], pydantic.Field(alias="rebalanceTimeout") ] = None - r"""Maximum allowed time for each worker to join the group after a rebalance begins. - If the timeout is exceeded, the coordinator broker will remove the worker from the group. - See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. + r""" + Maximum allowed time for each worker to join the group after a rebalance begins. If the timeout is exceeded, the coordinator broker will remove the worker from the group. See [Kafka's documentation](https://kafka.apache.org/documentation/#connectconfigs_rebalance.timeout.ms) for details. """ heartbeat_interval: Annotated[ Optional[float], pydantic.Field(alias="heartbeatInterval") ] = None - r"""Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. - Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. - See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. + r""" + Expected time between heartbeats to the consumer coordinator when using Kafka's group-management facilities. Value must be lower than sessionTimeout and typically should not exceed 1/3 of the sessionTimeout value. See [Kafka's documentation](https://kafka.apache.org/documentation/#consumerconfigs_heartbeat.interval.ms) for details. """ auto_commit_interval: Annotated[ @@ -11944,12 +12045,12 @@ def serialize_model(self, handler): InputResponseInputSystemMetricsTypedDict, InputResponseInputWindowsMetricsTypedDict, InputResponseInputJournalFilesTypedDict, - InputResponseInputKubeLogsTypedDict, InputResponseInputModelDrivenTelemetryTypedDict, InputResponseInputExecTypedDict, InputResponseInputRawUDPTypedDict, InputResponseInputAnthropicComplianceTypedDict, InputResponseInputWinEventLogsTypedDict, + InputResponseInputKubeLogsTypedDict, InputResponseInputSnmpTypedDict, InputResponseInputMetricsTypedDict, InputResponseInputNetflowTypedDict, @@ -11996,8 +12097,8 @@ def serialize_model(self, handler): InputResponseInputSecurityLakeTypedDict, InputResponseInputS3TypedDict, InputResponseInputS3InventoryTypedDict, - InputResponseInputEdgePrometheusTypedDict, InputResponseInputMskTypedDict, + InputResponseInputEdgePrometheusTypedDict, InputResponseInputPrometheusTypedDict, InputResponseInputGrafanaUnionTypedDict, InputResponseInputSyslogUnionTypedDict, @@ -12253,6 +12354,10 @@ class UnknownInputResponse(BaseModel): InputResponseInputExec.model_rebuild() except NameError: pass +try: + InputResponseCertificate.model_rebuild() +except NameError: + pass try: InputResponseAuth.model_rebuild() except NameError: diff --git a/src/cribl_control_plane/models/inputresponse_logged_in_users.py b/src/cribl_control_plane/models/inputresponse_logged_in_users.py index b19033e4e..44524c002 100644 --- a/src/cribl_control_plane/models/inputresponse_logged_in_users.py +++ b/src/cribl_control_plane/models/inputresponse_logged_in_users.py @@ -25,6 +25,10 @@ ) from .diskspoolingtype import DiskSpoolingType, DiskSpoolingTypeTypedDict from .gputype import GpuType, GpuTypeTypedDict +from .httpdiscoveryheaderconfinputprometheus import ( + HTTPDiscoveryHeaderConfInputPrometheus, + HTTPDiscoveryHeaderConfInputPrometheusTypedDict, +) from .inputcollectionorigindatasourcediscoverywithdestinationarnconstraint import ( InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraint, InputCollectionOriginDataSourceDiscoveryWithDestinationArnConstraintTypedDict, @@ -55,10 +59,6 @@ PrivacyProtocolOptionsSnmpTrapSerializeV3UserAuthProtocolNotNone, ) from .processtype import ProcessType, ProcessTypeTypedDict -from .requestparamconfinputopenai import ( - RequestParamConfInputOpenai, - RequestParamConfInputOpenaiTypedDict, -) from .retryrulestype import RetryRulesType, RetryRulesTypeTypedDict from .ruleconfinputkubemetrics import ( RuleConfInputKubeMetrics, @@ -960,6 +960,8 @@ class InputResponseAuthTokenCloudflareHecTypedDict(TypedDict): r"""Select Secret to use a text secret to authenticate""" token_secret: NotRequired[str] r"""Select or create a stored text secret""" + token: NotRequired[str] + r"""Shared secret to be provided by any client (Authorization: )""" enabled: NotRequired[bool] description: NotRequired[str] allowed_indexes_at_token: NotRequired[List[str]] @@ -978,6 +980,9 @@ class InputResponseAuthTokenCloudflareHec(BaseModel): token_secret: Annotated[Optional[str], pydantic.Field(alias="tokenSecret")] = None r"""Select or create a stored text secret""" + token: Optional[str] = None + r"""Shared secret to be provided by any client (Authorization: )""" + enabled: Optional[bool] = None description: Optional[str] = None @@ -1005,6 +1010,7 @@ def serialize_model(self, handler): [ "authType", "tokenSecret", + "token", "enabled", "description", "allowedIndexesAtToken", @@ -3354,7 +3360,7 @@ class InputResponseContentConfigOpenaiTypedDict(TypedDict): content_type: str collect_path: str r"""OpenAI Organization API path""" - request_params: List[RequestParamConfInputOpenaiTypedDict] + request_params: List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict] r"""Query-string parameters to send with this endpoint""" pagination_type: InputResponsePaginationType cron_schedule: str @@ -3396,7 +3402,8 @@ class InputResponseContentConfigOpenai(BaseModel): r"""OpenAI Organization API path""" request_params: Annotated[ - List[RequestParamConfInputOpenai], pydantic.Field(alias="requestParams") + List[HTTPDiscoveryHeaderConfInputPrometheus], + pydantic.Field(alias="requestParams"), ] r"""Query-string parameters to send with this endpoint""" @@ -4213,7 +4220,7 @@ class InputResponseInputJournalFilesTypedDict(TypedDict): rules: NotRequired[List[InputResponseInputJournalFilesRuleTypedDict]] r"""Add rules to decide which journal objects to allow. Events are generated if no rules are given or if all the rules' expressions evaluate to true.""" current_boot: NotRequired[bool] - r"""Skip log messages that are not part of the current boot session.""" + r"""Skip log messages that are not part of the current boot session""" max_age_dur: NotRequired[str] r"""The maximum log message age, in duration form (e.g,: 60s, 4h, 3d, 1w). Default of no value will apply no max age filters.""" suppress_missing_path_errors: NotRequired[bool] @@ -4279,7 +4286,7 @@ class InputResponseInputJournalFiles(BaseModel): r"""Add rules to decide which journal objects to allow. Events are generated if no rules are given or if all the rules' expressions evaluate to true.""" current_boot: Annotated[Optional[bool], pydantic.Field(alias="currentBoot")] = None - r"""Skip log messages that are not part of the current boot session.""" + r"""Skip log messages that are not part of the current boot session""" max_age_dur: Annotated[Optional[str], pydantic.Field(alias="maxAgeDur")] = None r"""The maximum log message age, in duration form (e.g,: 60s, 4h, 3d, 1w). Default of no value will apply no max age filters.""" @@ -4564,7 +4571,7 @@ class InputResponseReadModeAppleUnifiedLogs(str, Enum, metaclass=utils.OpenEnumM class InputResponseInputAppleUnifiedLogsTypedDict(TypedDict): type: InputResponseTypeAppleUnifiedLogs predicate: str - r"""String to filter log entries, in NSPredicate format (e.g., subsystem == \"com.apple.security\" or process == \"kernel\"). See [Predicate format reference](https://developer.apple.com/library/archive/documentation/Cocoa/Conceptual/Predicates/AdditionalChapters/Introduction.html) for more information.""" + r"""String to filter log entries, in NSPredicate format (e.g., subsystem == \"com.apple.security\" or process == \"kernel\"). See [Common Log Types and Predicates](https://docs.cribl.io/edge/sources-apple-unified-logs/#examples) for more information.""" id: NotRequired[str] r"""Unique ID for this input""" disabled: NotRequired[bool] @@ -4604,7 +4611,7 @@ class InputResponseInputAppleUnifiedLogs(BaseModel): type: InputResponseTypeAppleUnifiedLogs predicate: str - r"""String to filter log entries, in NSPredicate format (e.g., subsystem == \"com.apple.security\" or process == \"kernel\"). See [Predicate format reference](https://developer.apple.com/library/archive/documentation/Cocoa/Conceptual/Predicates/AdditionalChapters/Introduction.html) for more information.""" + r"""String to filter log entries, in NSPredicate format (e.g., subsystem == \"com.apple.security\" or process == \"kernel\"). See [Common Log Types and Predicates](https://docs.cribl.io/edge/sources-apple-unified-logs/#examples) for more information.""" id: Optional[str] = None r"""Unique ID for this input""" @@ -12217,6 +12224,10 @@ class InputResponseInputKubeLogsTypedDict(TypedDict): r"""Add rules to decide which Pods to collect logs from. Logs are collected if no rules are given or if all the rules' expressions evaluate to true.""" timestamps: NotRequired[bool] r"""For use when containers do not emit a timestamp, prefix each line of output with a timestamp. If you enable this setting, you can use the Kubernetes Logs Event Breaker and the kubernetes_logs Pre-processing Pipeline to remove them from the events after the timestamps are extracted.""" + line_buffer_limit: NotRequired[float] + r"""Maximum bytes to buffer while reassembling a single log line. A line that exceeds this size is flushed as-is, either whole or partially. The default is 1048576 (1 MB).""" + lb_disable_assembly: NotRequired[bool] + r"""Internal flag to disable LB worker payload reassembly.""" metadata: NotRequired[List[MetadataConfInputCollectionTypedDict]] r"""Fields to add to events from this input""" persistence: NotRequired[DiskSpoolingTypeTypedDict] @@ -12282,6 +12293,16 @@ class InputResponseInputKubeLogs(BaseModel): timestamps: Optional[bool] = None r"""For use when containers do not emit a timestamp, prefix each line of output with a timestamp. If you enable this setting, you can use the Kubernetes Logs Event Breaker and the kubernetes_logs Pre-processing Pipeline to remove them from the events after the timestamps are extracted.""" + line_buffer_limit: Annotated[ + Optional[float], pydantic.Field(alias="lineBufferLimit") + ] = None + r"""Maximum bytes to buffer while reassembling a single log line. A line that exceeds this size is flushed as-is, either whole or partially. The default is 1048576 (1 MB).""" + + lb_disable_assembly: Annotated[ + Optional[bool], pydantic.Field(alias="__LBDisableAssembly") + ] = None + r"""Internal flag to disable LB worker payload reassembly.""" + metadata: Optional[List[MetadataConfInputCollection]] = None r"""Fields to add to events from this input""" @@ -12337,6 +12358,8 @@ def serialize_model(self, handler): "interval", "rules", "timestamps", + "lineBufferLimit", + "__LBDisableAssembly", "metadata", "persistence", "breakerRulesets", diff --git a/src/cribl_control_plane/models/kafkaschemaregistryauthenticationtype.py b/src/cribl_control_plane/models/kafkaschemaregistryauthenticationtype.py index fda2c756e..92c40a8d5 100644 --- a/src/cribl_control_plane/models/kafkaschemaregistryauthenticationtype.py +++ b/src/cribl_control_plane/models/kafkaschemaregistryauthenticationtype.py @@ -24,7 +24,7 @@ class KafkaSchemaRegistryAuthenticationTypeTypedDict(TypedDict): max_retries: NotRequired[float] r"""Maximum number of times to try fetching schemas from the Schema Registry""" auth: NotRequired[AuthTypeTypedDict] - r"""Credentials to use when authenticating with the schema registry using basic HTTP authentication""" + r"""Credentials to use when authenticating with the schema registry""" tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] template_schema_registry_url: NotRequired[str] r"""Binds 'schemaRegistryURL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'schemaRegistryURL' at runtime.""" @@ -52,7 +52,7 @@ class KafkaSchemaRegistryAuthenticationType(BaseModel): r"""Maximum number of times to try fetching schemas from the Schema Registry""" auth: Optional[AuthType] = None - r"""Credentials to use when authenticating with the schema registry using basic HTTP authentication""" + r"""Credentials to use when authenticating with the schema registry""" tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None diff --git a/src/cribl_control_plane/models/kafkaschemaregistryauthenticationtypetemplateschemaregistryurlauth.py b/src/cribl_control_plane/models/kafkaschemaregistryauthenticationtypetemplateschemaregistryurlauth.py index a5a246e09..ebed1a57d 100644 --- a/src/cribl_control_plane/models/kafkaschemaregistryauthenticationtypetemplateschemaregistryurlauth.py +++ b/src/cribl_control_plane/models/kafkaschemaregistryauthenticationtypetemplateschemaregistryurlauth.py @@ -26,7 +26,7 @@ class KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDic max_retries: NotRequired[float] r"""Maximum number of times to try fetching schemas from the Schema Registry""" auth: NotRequired[AuthTypeTypedDict] - r"""Credentials to use when authenticating with the schema registry using basic HTTP authentication""" + r"""Credentials to use when authenticating with the schema registry""" tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] default_key_schema_id: NotRequired[float] r"""Used when __keySchemaIdOut is not present, to transform key values, leave blank if key transformation is not required by default.""" @@ -58,7 +58,7 @@ class KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth(BaseMod r"""Maximum number of times to try fetching schemas from the Schema Registry""" auth: Optional[AuthType] = None - r"""Credentials to use when authenticating with the schema registry using basic HTTP authentication""" + r"""Credentials to use when authenticating with the schema registry""" tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None diff --git a/src/cribl_control_plane/models/lakedatasetmetrics.py b/src/cribl_control_plane/models/lakedatasetmetrics.py index 51cbd713a..f1a85ae1a 100644 --- a/src/cribl_control_plane/models/lakedatasetmetrics.py +++ b/src/cribl_control_plane/models/lakedatasetmetrics.py @@ -10,7 +10,7 @@ class LakeDatasetMetricsTypedDict(TypedDict): current_size_bytes: float r"""Total current logical size of the Dataset, in bytes.""" metrics_date: str - r"""Timestamp (ISO 8601) when the metrics snapshot was generated.""" + r"""Timestamp (in Unix time) when the metrics snapshot was generated, as a YYYY-MM-DD calendar date.""" class LakeDatasetMetrics(BaseModel): @@ -18,7 +18,7 @@ class LakeDatasetMetrics(BaseModel): r"""Total current logical size of the Dataset, in bytes.""" metrics_date: Annotated[str, pydantic.Field(alias="metricsDate")] - r"""Timestamp (ISO 8601) when the metrics snapshot was generated.""" + r"""Timestamp (in Unix time) when the metrics snapshot was generated, as a YYYY-MM-DD calendar date.""" try: diff --git a/src/cribl_control_plane/models/lakedatasetsearchconfig.py b/src/cribl_control_plane/models/lakedatasetsearchconfig.py index ea17481ad..bb3816b66 100644 --- a/src/cribl_control_plane/models/lakedatasetsearchconfig.py +++ b/src/cribl_control_plane/models/lakedatasetsearchconfig.py @@ -16,7 +16,7 @@ class LakeDatasetSearchConfigTypedDict(TypedDict): datatypes: NotRequired[List[str]] r"""Datatype identifiers assigned to the Dataset for search-time event classification.""" description: NotRequired[str] - r"""Brief description of Dataset search configuration.""" + r"""Brief description of the Dataset search configuration.""" metadata: NotRequired[DatasetMetadataTypedDict] path_filters: NotRequired[List[ObjectStorageFilterTypedDict]] r"""Glob-to-Datatype mappings for the Lake bucket path. Used only for search execution v2.""" @@ -30,7 +30,7 @@ class LakeDatasetSearchConfig(BaseModel): r"""Datatype identifiers assigned to the Dataset for search-time event classification.""" description: Optional[str] = None - r"""Brief description of Dataset search configuration.""" + r"""Brief description of the Dataset search configuration.""" metadata: Optional[DatasetMetadata] = None diff --git a/src/cribl_control_plane/models/noactivehealthoverlaystatus.py b/src/cribl_control_plane/models/noactivehealthoverlaystatus.py new file mode 100644 index 000000000..e59657074 --- /dev/null +++ b/src/cribl_control_plane/models/noactivehealthoverlaystatus.py @@ -0,0 +1,28 @@ +"""Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" + +from __future__ import annotations +from cribl_control_plane.types import BaseModel +from cribl_control_plane.utils import validate_const +import pydantic +from pydantic.functional_validators import AfterValidator +from typing import Literal +from typing_extensions import Annotated, TypedDict + + +class NoActiveHealthOverlayStatusTypedDict(TypedDict): + state: Literal["inactive"] + r"""Current overlay state.""" + + +class NoActiveHealthOverlayStatus(BaseModel): + STATE: Annotated[ + Annotated[Literal["inactive"], AfterValidator(validate_const("inactive"))], + pydantic.Field(alias="state"), + ] = "inactive" + r"""Current overlay state.""" + + +try: + NoActiveHealthOverlayStatus.model_rebuild() +except NameError: + pass diff --git a/src/cribl_control_plane/models/objectstoragefilter.py b/src/cribl_control_plane/models/objectstoragefilter.py index b77d3475b..cbd502442 100644 --- a/src/cribl_control_plane/models/objectstoragefilter.py +++ b/src/cribl_control_plane/models/objectstoragefilter.py @@ -16,6 +16,8 @@ class ObjectStorageFilterTypedDict(TypedDict): filter_: str r"""Glob pattern for selecting files within the storage path.""" data_path_format: NotRequired[PathFilterDataFormat] + preprocess_outer_json: NotRequired[bool] + r"""When true, instructs the C++ reader to unwrap the outer JSON envelope before applying the user datatype to the nested _raw field. Set for Cribl Lake NDJSON filters only.""" class ObjectStorageFilter(BaseModel): @@ -29,6 +31,11 @@ class ObjectStorageFilter(BaseModel): Optional[PathFilterDataFormat], pydantic.Field(alias="dataPathFormat") ] = None + preprocess_outer_json: Annotated[ + Optional[bool], pydantic.Field(alias="preprocessOuterJson") + ] = None + r"""When true, instructs the C++ reader to unwrap the outer JSON envelope before applying the user datatype to the nested _raw field. Set for Cribl Lake NDJSON filters only.""" + @field_serializer("data_path_format") def serialize_data_path_format(self, value): if isinstance(value, str): @@ -40,7 +47,7 @@ def serialize_data_path_format(self, value): @model_serializer(mode="wrap") def serialize_model(self, handler): - optional_fields = set(["dataPathFormat"]) + optional_fields = set(["dataPathFormat", "preprocessOuterJson"]) serialized = handler(self) m = {} diff --git a/src/cribl_control_plane/models/output.py b/src/cribl_control_plane/models/output.py index ab4491247..46d17321c 100644 --- a/src/cribl_control_plane/models/output.py +++ b/src/cribl_control_plane/models/output.py @@ -46,6 +46,10 @@ OutputGoogleCloudLogging, OutputGoogleCloudLoggingTypedDict, ) +from .outputgooglecloudobservability import ( + OutputGoogleCloudObservability, + OutputGoogleCloudObservabilityTypedDict, +) from .outputgooglecloudstorage import ( OutputGoogleCloudStorage, OutputGoogleCloudStorageTypedDict, @@ -119,40 +123,41 @@ OutputNetflowTypedDict, OutputDiskSpoolTypedDict, OutputRingTypedDict, + OutputStatsdTypedDict, OutputGraphiteTypedDict, OutputStatsdExtTypedDict, - OutputStatsdTypedDict, OutputGooglePubsubTypedDict, - OutputCriblTCPTypedDict, - OutputHoneycombTypedDict, + OutputGoogleCloudObservabilityTypedDict, OutputWavefrontTypedDict, OutputSignalfxTypedDict, + OutputHoneycombTypedDict, + OutputCriblTCPTypedDict, OutputAzureEventhubTypedDict, OutputMicrosoftFabricTypedDict, + OutputExabeamTypedDict, OutputSumoLogicTypedDict, OutputCrowdstrikeNextGenSiemTypedDict, OutputHumioHecTypedDict, OutputTcpjsonTypedDict, OutputSplunkTypedDict, - OutputExabeamTypedDict, OutputSnsTypedDict, OutputElasticCloudTypedDict, - OutputKafkaTypedDict, OutputAzureLogsTypedDict, - OutputConfluentCloudTypedDict, + OutputKafkaTypedDict, + OutputSyslogTypedDict, OutputSplunkLbTypedDict, OutputCloudwatchTypedDict, - OutputSyslogTypedDict, - OutputPrometheusTypedDict, + OutputConfluentCloudTypedDict, OutputNewrelicEventsTypedDict, + OutputPrometheusTypedDict, OutputNewrelicTypedDict, OutputLokiTypedDict, - OutputCriblHTTPTypedDict, + OutputCriblSearchEngineTypedDict, OutputDatasetTypedDict, OutputWizHecTypedDict, - OutputCriblSearchEngineTypedDict, - OutputXsiamTypedDict, + OutputCriblHTTPTypedDict, OutputKinesisTypedDict, + OutputXsiamTypedDict, OutputDynatraceHTTPTypedDict, OutputSplunkHecTypedDict, OutputDynatraceOtlpTypedDict, @@ -164,19 +169,19 @@ OutputSentinelOneAiSiemTypedDict, OutputElasticTypedDict, OutputGoogleChronicleTypedDict, - OutputClickHouseTypedDict, OutputChronicleTypedDict, + OutputClickHouseTypedDict, OutputLocalSearchStorageTypedDict, OutputDatabricksTypedDict, OutputAlphasocS3TypedDict, - OutputMskTypedDict, OutputCriblLakeTypedDict, + OutputMskTypedDict, OutputStorjS3TypedDict, OutputOpenTelemetryTypedDict, + OutputNutanixObjectsTypedDict, + OutputSentinelTypedDict, OutputAlibabaCloudS3TypedDict, OutputScalityS3TypedDict, - OutputSentinelTypedDict, - OutputNutanixObjectsTypedDict, OutputDellS3TypedDict, OutputCloudflareR2TypedDict, OutputGoogleCloudStorageTypedDict, @@ -219,6 +224,7 @@ Annotated[OutputGoogleChronicle, Tag("google_chronicle")], Annotated[OutputGoogleCloudStorage, Tag("google_cloud_storage")], Annotated[OutputGoogleCloudLogging, Tag("google_cloud_logging")], + Annotated[OutputGoogleCloudObservability, Tag("google_cloud_observability")], Annotated[OutputGooglePubsub, Tag("google_pubsub")], Annotated[OutputExabeam, Tag("exabeam")], Annotated[OutputKafka, Tag("kafka")], diff --git a/src/cribl_control_plane/models/outputazuredataexplorer.py b/src/cribl_control_plane/models/outputazuredataexplorer.py index b2c6a926b..77dd65cab 100644 --- a/src/cribl_control_plane/models/outputazuredataexplorer.py +++ b/src/cribl_control_plane/models/outputazuredataexplorer.py @@ -356,7 +356,7 @@ class OutputAzureDataExplorerTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputAzureDataExplorerPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -768,7 +768,7 @@ class OutputAzureDataExplorer(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputAzureDataExplorerPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputazureeventhub.py b/src/cribl_control_plane/models/outputazureeventhub.py index a3b34de89..83ead14fb 100644 --- a/src/cribl_control_plane/models/outputazureeventhub.py +++ b/src/cribl_control_plane/models/outputazureeventhub.py @@ -102,7 +102,7 @@ class OutputAzureEventhubTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputAzureEventhubPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -258,7 +258,7 @@ class OutputAzureEventhub(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputAzureEventhubPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputazurelogs.py b/src/cribl_control_plane/models/outputazurelogs.py index 97ccca2c7..657c4c89a 100644 --- a/src/cribl_control_plane/models/outputazurelogs.py +++ b/src/cribl_control_plane/models/outputazurelogs.py @@ -121,7 +121,7 @@ class OutputAzureLogsTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputAzureLogsPqControlsTypedDict] workspace_id: NotRequired[str] r"""Azure Log Analytics Workspace ID. See Azure Dashboard Workspace > Advanced settings.""" @@ -297,7 +297,7 @@ class OutputAzureLogs(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputAzureLogsPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputchronicle.py b/src/cribl_control_plane/models/outputchronicle.py index 301f48d3f..8ea4a0111 100644 --- a/src/cribl_control_plane/models/outputchronicle.py +++ b/src/cribl_control_plane/models/outputchronicle.py @@ -169,7 +169,7 @@ class OutputChronicleTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputChroniclePqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -390,7 +390,7 @@ class OutputChronicle(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputChroniclePqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputclickhouse.py b/src/cribl_control_plane/models/outputclickhouse.py index 9c2c73e81..84a014018 100644 --- a/src/cribl_control_plane/models/outputclickhouse.py +++ b/src/cribl_control_plane/models/outputclickhouse.py @@ -157,6 +157,8 @@ class OutputClickHouseTypedDict(TypedDict): timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] response_honor_retry_after_header: NotRequired[bool] r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + workload: NotRequired[str] + r"""Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification.""" dump_format_errors_to_disk: NotRequired[bool] r"""Log the most recent event that fails to match the table schema""" on_backpressure: NotRequired[BackpressureBehaviorOptions] @@ -196,7 +198,7 @@ class OutputClickHouseTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputClickHousePqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -330,6 +332,9 @@ class OutputClickHouse(BaseModel): ] = None r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + workload: Optional[str] = None + r"""Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification.""" + dump_format_errors_to_disk: Annotated[ Optional[bool], pydantic.Field(alias="dumpFormatErrorsToDisk") ] = None @@ -421,7 +426,7 @@ class OutputClickHouse(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputClickHousePqControls], pydantic.Field(alias="pqControls") @@ -557,6 +562,7 @@ def serialize_model(self, handler): "responseRetrySettings", "timeoutRetrySettings", "responseHonorRetryAfterHeader", + "workload", "dumpFormatErrorsToDisk", "onBackpressure", "description", diff --git a/src/cribl_control_plane/models/outputcloudwatch.py b/src/cribl_control_plane/models/outputcloudwatch.py index 0377ee562..8cfab700e 100644 --- a/src/cribl_control_plane/models/outputcloudwatch.py +++ b/src/cribl_control_plane/models/outputcloudwatch.py @@ -97,7 +97,7 @@ class OutputCloudwatchTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputCloudwatchPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -267,7 +267,7 @@ class OutputCloudwatch(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputCloudwatchPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputconfluentcloud.py b/src/cribl_control_plane/models/outputconfluentcloud.py index 041d1cc13..bd382956d 100644 --- a/src/cribl_control_plane/models/outputconfluentcloud.py +++ b/src/cribl_control_plane/models/outputconfluentcloud.py @@ -116,7 +116,7 @@ class OutputConfluentCloudTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputConfluentCloudPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -292,7 +292,7 @@ class OutputConfluentCloud(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputConfluentCloudPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputcriblhttp.py b/src/cribl_control_plane/models/outputcriblhttp.py index 46932d417..b9693aa50 100644 --- a/src/cribl_control_plane/models/outputcriblhttp.py +++ b/src/cribl_control_plane/models/outputcriblhttp.py @@ -140,7 +140,7 @@ class OutputCriblHTTPTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputCriblHTTPPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -340,7 +340,7 @@ class OutputCriblHTTP(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputCriblHTTPPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputcribllake.py b/src/cribl_control_plane/models/outputcribllake.py index 6b8ccc533..931827a19 100644 --- a/src/cribl_control_plane/models/outputcribllake.py +++ b/src/cribl_control_plane/models/outputcribllake.py @@ -36,6 +36,7 @@ class OutputCriblLakeFormat(str, Enum, metaclass=utils.OpenEnumMeta): JSON = "json" PARQUET = "parquet" DDSS = "ddss" + NETSKOPE = "netskope" class OutputCriblLakeTypedDict(TypedDict): diff --git a/src/cribl_control_plane/models/outputcriblsearchengine.py b/src/cribl_control_plane/models/outputcriblsearchengine.py index 6894f4327..6567e5ad6 100644 --- a/src/cribl_control_plane/models/outputcriblsearchengine.py +++ b/src/cribl_control_plane/models/outputcriblsearchengine.py @@ -140,7 +140,7 @@ class OutputCriblSearchEngineTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputCriblSearchEnginePqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -340,7 +340,7 @@ class OutputCriblSearchEngine(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputCriblSearchEnginePqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputcribltcp.py b/src/cribl_control_plane/models/outputcribltcp.py index 227a829a7..fd0126aa3 100644 --- a/src/cribl_control_plane/models/outputcribltcp.py +++ b/src/cribl_control_plane/models/outputcribltcp.py @@ -105,7 +105,7 @@ class OutputCriblTCPTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputCriblTCPPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -263,7 +263,7 @@ class OutputCriblTCP(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputCriblTCPPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputcrowdstrikenextgensiem.py b/src/cribl_control_plane/models/outputcrowdstrikenextgensiem.py index a8e1c536e..bccda8a1c 100644 --- a/src/cribl_control_plane/models/outputcrowdstrikenextgensiem.py +++ b/src/cribl_control_plane/models/outputcrowdstrikenextgensiem.py @@ -122,7 +122,7 @@ class OutputCrowdstrikeNextGenSiemTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputCrowdstrikeNextGenSiemPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -296,7 +296,7 @@ class OutputCrowdstrikeNextGenSiem(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputCrowdstrikeNextGenSiemPqControls], diff --git a/src/cribl_control_plane/models/outputdatadog.py b/src/cribl_control_plane/models/outputdatadog.py index 2455b5d61..8cd596438 100644 --- a/src/cribl_control_plane/models/outputdatadog.py +++ b/src/cribl_control_plane/models/outputdatadog.py @@ -184,7 +184,7 @@ class OutputDatadogTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputDatadogPqControlsTypedDict] api_key: NotRequired[str] r"""Organization's API key in Datadog""" @@ -394,7 +394,7 @@ class OutputDatadog(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputDatadogPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputdataset.py b/src/cribl_control_plane/models/outputdataset.py index a5cb78153..7a4b4f410 100644 --- a/src/cribl_control_plane/models/outputdataset.py +++ b/src/cribl_control_plane/models/outputdataset.py @@ -155,7 +155,7 @@ class OutputDatasetTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputDatasetPqControlsTypedDict] api_key: NotRequired[str] r"""A 'Log Write Access' API key for the DataSet account""" @@ -352,7 +352,7 @@ class OutputDataset(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputDatasetPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputdynatracehttp.py b/src/cribl_control_plane/models/outputdynatracehttp.py index d3765a40e..eafc693cf 100644 --- a/src/cribl_control_plane/models/outputdynatracehttp.py +++ b/src/cribl_control_plane/models/outputdynatracehttp.py @@ -151,7 +151,7 @@ class OutputDynatraceHTTPTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputDynatraceHTTPPqControlsTypedDict] token: NotRequired[str] r"""Bearer token to include in the authorization header""" @@ -341,7 +341,7 @@ class OutputDynatraceHTTP(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputDynatraceHTTPPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputdynatraceotlp.py b/src/cribl_control_plane/models/outputdynatraceotlp.py index 94bc77425..aad1d45bd 100644 --- a/src/cribl_control_plane/models/outputdynatraceotlp.py +++ b/src/cribl_control_plane/models/outputdynatraceotlp.py @@ -159,7 +159,7 @@ class OutputDynatraceOtlpTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputDynatraceOtlpPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -374,7 +374,7 @@ class OutputDynatraceOtlp(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputDynatraceOtlpPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputelastic.py b/src/cribl_control_plane/models/outputelastic.py index b412ec7e5..5217972a3 100644 --- a/src/cribl_control_plane/models/outputelastic.py +++ b/src/cribl_control_plane/models/outputelastic.py @@ -200,7 +200,7 @@ class OutputElasticTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputElasticPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -421,7 +421,7 @@ class OutputElastic(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputElasticPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputelasticcloud.py b/src/cribl_control_plane/models/outputelasticcloud.py index 35c816a60..e44a22b1e 100644 --- a/src/cribl_control_plane/models/outputelasticcloud.py +++ b/src/cribl_control_plane/models/outputelasticcloud.py @@ -124,7 +124,7 @@ class OutputElasticCloudTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputElasticCloudPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -301,7 +301,7 @@ class OutputElasticCloud(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputElasticCloudPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputgooglechronicle.py b/src/cribl_control_plane/models/outputgooglechronicle.py index c824adba7..d41ea6b49 100644 --- a/src/cribl_control_plane/models/outputgooglechronicle.py +++ b/src/cribl_control_plane/models/outputgooglechronicle.py @@ -201,7 +201,7 @@ class OutputGoogleChronicleTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputGoogleChroniclePqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -430,7 +430,7 @@ class OutputGoogleChronicle(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputGoogleChroniclePqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputgooglecloudlogging.py b/src/cribl_control_plane/models/outputgooglecloudlogging.py index 73cc151c7..4af87d060 100644 --- a/src/cribl_control_plane/models/outputgooglecloudlogging.py +++ b/src/cribl_control_plane/models/outputgooglecloudlogging.py @@ -187,7 +187,7 @@ class OutputGoogleCloudLoggingTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputGoogleCloudLoggingPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -533,7 +533,7 @@ class OutputGoogleCloudLogging(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputGoogleCloudLoggingPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputgooglecloudobservability.py b/src/cribl_control_plane/models/outputgooglecloudobservability.py new file mode 100644 index 000000000..3297c80b0 --- /dev/null +++ b/src/cribl_control_plane/models/outputgooglecloudobservability.py @@ -0,0 +1,453 @@ +"""Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" + +from __future__ import annotations +from .backpressurebehavioroptions import BackpressureBehaviorOptions +from .compressionoptionspq import CompressionOptionsPq +from .failedrequestloggingmodeoptions import FailedRequestLoggingModeOptions +from .keyvaluemetadataconfoutputfilesystem import ( + KeyValueMetadataConfOutputFilesystem, + KeyValueMetadataConfOutputFilesystemTypedDict, +) +from .modeoptions import ModeOptions +from .queuefullbehavioroptions import QueueFullBehaviorOptions +from .tlssettingsclientsidetypeextended import ( + TLSSettingsClientSideTypeExtended, + TLSSettingsClientSideTypeExtendedTypedDict, +) +from cribl_control_plane import models, utils +from cribl_control_plane.types import BaseModel, UNSET_SENTINEL +from enum import Enum +import pydantic +from pydantic import field_serializer, model_serializer +from typing import List, Optional +from typing_extensions import Annotated, NotRequired, TypedDict + + +class OutputGoogleCloudObservabilityType(str, Enum): + GOOGLE_CLOUD_OBSERVABILITY = "google_cloud_observability" + + +class OutputGoogleCloudObservabilityProtocol(str, Enum, metaclass=utils.OpenEnumMeta): + GRPC = "grpc" + + +class OutputGoogleCloudObservabilityOtlpVersion( + str, Enum, metaclass=utils.OpenEnumMeta +): + ONE_DOT_3_DOT_1 = "1.3.1" + + +class OutputGoogleCloudObservabilityEndpoint(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Fixed Google Cloud Observability gRPC endpoint. All three signals share this transport; the OTLP service path determines whether the call lands on traces, metrics, or logs.""" + + TELEMETRY_GOOGLEAPIS_COM_443 = "telemetry.googleapis.com:443" + + +class OutputGoogleCloudObservabilityGoogleAuthenticationMethod( + str, Enum, metaclass=utils.OpenEnumMeta +): + r"""Choose Auto to use Google Application Default Credentials (ADC). Choose Secret to select or create a stored secret that references Google service account credentials.""" + + # Auto + AUTO = "auto" + # Secret + SECRET = "secret" + + +class OutputGoogleCloudObservabilityPqControlsTypedDict(TypedDict): + pass + + +class OutputGoogleCloudObservabilityPqControls(BaseModel): + pass + + +class OutputGoogleCloudObservabilityTypedDict(TypedDict): + type: OutputGoogleCloudObservabilityType + google_auth_method: OutputGoogleCloudObservabilityGoogleAuthenticationMethod + r"""Choose Auto to use Google Application Default Credentials (ADC). Choose Secret to select or create a stored secret that references Google service account credentials.""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + protocol: NotRequired[OutputGoogleCloudObservabilityProtocol] + otlp_version: NotRequired[OutputGoogleCloudObservabilityOtlpVersion] + endpoint: NotRequired[OutputGoogleCloudObservabilityEndpoint] + r"""Fixed Google Cloud Observability gRPC endpoint. All three signals share this transport; the OTLP service path determines whether the call lands on traces, metrics, or logs.""" + metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""List of key-value pairs to send with each gRPC request. Value supports JavaScript expressions that are evaluated just once, when the destination gets started. To pass credentials as metadata, use 'C.Secret'.""" + dynamic_headers_enabled: NotRequired[bool] + r"""Batch event data upon dynamic metadata (whether presented or not)""" + dynamic_headers_field: NotRequired[str] + r"""When presented, this field which contains metadata, will be injected into the Destination metadata and used to batch events.""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body sent to Google Cloud Observability""" + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + connection_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + keep_alive_time: NotRequired[float] + r"""How often the sender should ping the peer to keep the connection open""" + tls: NotRequired[TLSSettingsClientSideTypeExtendedTypedDict] + max_payload_events: NotRequired[float] + r"""Max number of events to include in the request body. Default is 0 (unlimited). Use to keep outgoing data points within GCO request limits. For metrics, combine with the OTLP Metrics function batchSize.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + secret: NotRequired[str] + r"""Select or create a stored text secret""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputGoogleCloudObservabilityPqControlsTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + +class OutputGoogleCloudObservability(BaseModel): + type: OutputGoogleCloudObservabilityType + + google_auth_method: Annotated[ + OutputGoogleCloudObservabilityGoogleAuthenticationMethod, + pydantic.Field(alias="googleAuthMethod"), + ] + r"""Choose Auto to use Google Application Default Credentials (ADC). Choose Secret to select or create a stored secret that references Google service account credentials.""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + protocol: Optional[OutputGoogleCloudObservabilityProtocol] = None + + otlp_version: Annotated[ + Optional[OutputGoogleCloudObservabilityOtlpVersion], + pydantic.Field(alias="otlpVersion"), + ] = None + + endpoint: Optional[OutputGoogleCloudObservabilityEndpoint] = None + r"""Fixed Google Cloud Observability gRPC endpoint. All three signals share this transport; the OTLP service path determines whether the call lands on traces, metrics, or logs.""" + + metadata: Optional[List[KeyValueMetadataConfOutputFilesystem]] = None + r"""List of key-value pairs to send with each gRPC request. Value supports JavaScript expressions that are evaluated just once, when the destination gets started. To pass credentials as metadata, use 'C.Secret'.""" + + dynamic_headers_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="dynamicHeadersEnabled") + ] = None + r"""Batch event data upon dynamic metadata (whether presented or not)""" + + dynamic_headers_field: Annotated[ + Optional[str], pydantic.Field(alias="dynamicHeadersField") + ] = None + r"""When presented, this field which contains metadata, will be injected into the Destination metadata and used to batch events.""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body sent to Google Cloud Observability""" + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + + keep_alive_time: Annotated[ + Optional[float], pydantic.Field(alias="keepAliveTime") + ] = None + r"""How often the sender should ping the peer to keep the connection open""" + + tls: Optional[TLSSettingsClientSideTypeExtended] = None + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Max number of events to include in the request body. Default is 0 (unlimited). Use to keep outgoing data points within GCO request limits. For metrics, combine with the OTLP Metrics function batchSize.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + secret: Optional[str] = None + r"""Select or create a stored text secret""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputGoogleCloudObservabilityPqControls], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + @field_serializer("protocol") + def serialize_protocol(self, value): + if isinstance(value, str): + try: + return models.OutputGoogleCloudObservabilityProtocol(value) + except ValueError: + return value + return value + + @field_serializer("otlp_version") + def serialize_otlp_version(self, value): + if isinstance(value, str): + try: + return models.OutputGoogleCloudObservabilityOtlpVersion(value) + except ValueError: + return value + return value + + @field_serializer("endpoint") + def serialize_endpoint(self, value): + if isinstance(value, str): + try: + return models.OutputGoogleCloudObservabilityEndpoint(value) + except ValueError: + return value + return value + + @field_serializer("google_auth_method") + def serialize_google_auth_method(self, value): + if isinstance(value, str): + try: + return models.OutputGoogleCloudObservabilityGoogleAuthenticationMethod( + value + ) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "protocol", + "otlpVersion", + "endpoint", + "metadata", + "dynamicHeadersEnabled", + "dynamicHeadersField", + "concurrency", + "maxPayloadSizeKB", + "timeoutSec", + "flushPeriodSec", + "failedRequestLoggingMode", + "connectionTimeout", + "keepAliveTime", + "tls", + "maxPayloadEvents", + "onBackpressure", + "description", + "secret", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +try: + OutputGoogleCloudObservability.model_rebuild() +except NameError: + pass diff --git a/src/cribl_control_plane/models/outputgooglepubsub.py b/src/cribl_control_plane/models/outputgooglepubsub.py index bf6544438..70796c9eb 100644 --- a/src/cribl_control_plane/models/outputgooglepubsub.py +++ b/src/cribl_control_plane/models/outputgooglepubsub.py @@ -89,7 +89,7 @@ class OutputGooglePubsubTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputGooglePubsubPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -229,7 +229,7 @@ class OutputGooglePubsub(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputGooglePubsubPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputgrafanacloud_union.py b/src/cribl_control_plane/models/outputgrafanacloud_union.py index 65f34fce9..32656b818 100644 --- a/src/cribl_control_plane/models/outputgrafanacloud_union.py +++ b/src/cribl_control_plane/models/outputgrafanacloud_union.py @@ -8,14 +8,14 @@ ExtraHTTPHeaderConfInputElasticTypedDict, ) from .failedrequestloggingmodeoptions import FailedRequestLoggingModeOptions +from .httpdiscoveryheaderconfinputprometheus import ( + HTTPDiscoveryHeaderConfInputPrometheus, + HTTPDiscoveryHeaderConfInputPrometheusTypedDict, +) from .messageformatoptions import MessageFormatOptions from .modeoptions import ModeOptions from .prometheusauthtype import PrometheusAuthType, PrometheusAuthTypeTypedDict from .queuefullbehavioroptions import QueueFullBehaviorOptions -from .requestparamconfinputopenai import ( - RequestParamConfInputOpenai, - RequestParamConfInputOpenaiTypedDict, -) from .responseretrysettingconfoutputwebhook import ( ResponseRetrySettingConfOutputWebhook, ResponseRetrySettingConfOutputWebhookTypedDict, @@ -65,7 +65,7 @@ class OutputGrafanaCloudGrafanaCloud2TypedDict(TypedDict): r"""Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event.""" message_format: NotRequired[MessageFormatOptions] r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: NotRequired[List[RequestParamConfInputOpenaiTypedDict]] + labels: NotRequired[List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict]] r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" metric_rename_expr: NotRequired[str] r"""JavaScript expression that can be used to rename metrics. For example, name.replace(/\./g, '_') will replace all '.' characters in a metric's name with the supported '_' character. Use the 'name' global variable to access the metric's name. You can access event fields' values via __e..""" @@ -127,7 +127,7 @@ class OutputGrafanaCloudGrafanaCloud2TypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputGrafanaCloudPqControls2TypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -175,7 +175,7 @@ class OutputGrafanaCloudGrafanaCloud2(BaseModel): ] = None r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: Optional[List[RequestParamConfInputOpenai]] = None + labels: Optional[List[HTTPDiscoveryHeaderConfInputPrometheus]] = None r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" metric_rename_expr: Annotated[ @@ -314,7 +314,7 @@ class OutputGrafanaCloudGrafanaCloud2(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputGrafanaCloudPqControls2], pydantic.Field(alias="pqControls") @@ -496,7 +496,7 @@ class OutputGrafanaCloudGrafanaCloud1TypedDict(TypedDict): r"""Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event.""" message_format: NotRequired[MessageFormatOptions] r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: NotRequired[List[RequestParamConfInputOpenaiTypedDict]] + labels: NotRequired[List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict]] r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" metric_rename_expr: NotRequired[str] r"""JavaScript expression that can be used to rename metrics. For example, name.replace(/\./g, '_') will replace all '.' characters in a metric's name with the supported '_' character. Use the 'name' global variable to access the metric's name. You can access event fields' values via __e..""" @@ -558,7 +558,7 @@ class OutputGrafanaCloudGrafanaCloud1TypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputGrafanaCloudPqControls1TypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -608,7 +608,7 @@ class OutputGrafanaCloudGrafanaCloud1(BaseModel): ] = None r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: Optional[List[RequestParamConfInputOpenai]] = None + labels: Optional[List[HTTPDiscoveryHeaderConfInputPrometheus]] = None r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" metric_rename_expr: Annotated[ @@ -747,7 +747,7 @@ class OutputGrafanaCloudGrafanaCloud1(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputGrafanaCloudPqControls1], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputgraphite.py b/src/cribl_control_plane/models/outputgraphite.py index e8f2274ed..fb2d38154 100644 --- a/src/cribl_control_plane/models/outputgraphite.py +++ b/src/cribl_control_plane/models/outputgraphite.py @@ -81,7 +81,7 @@ class OutputGraphiteTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputGraphitePqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -200,7 +200,7 @@ class OutputGraphite(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputGraphitePqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputhoneycomb.py b/src/cribl_control_plane/models/outputhoneycomb.py index 05ed423cb..2a7427c6a 100644 --- a/src/cribl_control_plane/models/outputhoneycomb.py +++ b/src/cribl_control_plane/models/outputhoneycomb.py @@ -112,7 +112,7 @@ class OutputHoneycombTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputHoneycombPqControlsTypedDict] team: NotRequired[str] r"""Team API key where the dataset belongs""" @@ -277,7 +277,7 @@ class OutputHoneycomb(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputHoneycombPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputhumiohec.py b/src/cribl_control_plane/models/outputhumiohec.py index 356de57d8..d98584266 100644 --- a/src/cribl_control_plane/models/outputhumiohec.py +++ b/src/cribl_control_plane/models/outputhumiohec.py @@ -121,7 +121,7 @@ class OutputHumioHecTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputHumioHecPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -294,7 +294,7 @@ class OutputHumioHec(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputHumioHecPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputinfluxdb.py b/src/cribl_control_plane/models/outputinfluxdb.py index 93a5a93c3..2e829d266 100644 --- a/src/cribl_control_plane/models/outputinfluxdb.py +++ b/src/cribl_control_plane/models/outputinfluxdb.py @@ -157,7 +157,7 @@ class OutputInfluxdbTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputInfluxdbPqControlsTypedDict] username: NotRequired[str] password: NotRequired[str] @@ -360,7 +360,7 @@ class OutputInfluxdb(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputInfluxdbPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputkafka.py b/src/cribl_control_plane/models/outputkafka.py index 78f528224..184d48ccd 100644 --- a/src/cribl_control_plane/models/outputkafka.py +++ b/src/cribl_control_plane/models/outputkafka.py @@ -116,7 +116,7 @@ class OutputKafkaTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputKafkaPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -290,7 +290,7 @@ class OutputKafka(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputKafkaPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputkinesis.py b/src/cribl_control_plane/models/outputkinesis.py index 4e4959a34..c29b41b1e 100644 --- a/src/cribl_control_plane/models/outputkinesis.py +++ b/src/cribl_control_plane/models/outputkinesis.py @@ -112,7 +112,7 @@ class OutputKinesisTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputKinesisPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -291,7 +291,7 @@ class OutputKinesis(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputKinesisPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputlocalsearchstorage.py b/src/cribl_control_plane/models/outputlocalsearchstorage.py index 009a694be..936c32437 100644 --- a/src/cribl_control_plane/models/outputlocalsearchstorage.py +++ b/src/cribl_control_plane/models/outputlocalsearchstorage.py @@ -62,6 +62,8 @@ class OutputLocalSearchStorageStatsDestinationTypedDict(TypedDict): username: NotRequired[str] sql_username: NotRequired[str] password: NotRequired[str] + wait_for_async_inserts: NotRequired[bool] + concurrency: NotRequired[float] class OutputLocalSearchStorageStatsDestination(BaseModel): @@ -79,6 +81,12 @@ class OutputLocalSearchStorageStatsDestination(BaseModel): password: Optional[str] = None + wait_for_async_inserts: Annotated[ + Optional[bool], pydantic.Field(alias="waitForAsyncInserts") + ] = None + + concurrency: Optional[float] = None + @model_serializer(mode="wrap") def serialize_model(self, handler): optional_fields = set( @@ -90,6 +98,8 @@ def serialize_model(self, handler): "username", "sqlUsername", "password", + "waitForAsyncInserts", + "concurrency", ] ) serialized = handler(self) @@ -209,6 +219,8 @@ class OutputLocalSearchStorageTypedDict(TypedDict): timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] response_honor_retry_after_header: NotRequired[bool] r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + workload: NotRequired[str] + r"""Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification.""" dump_format_errors_to_disk: NotRequired[bool] r"""Log the most recent event that fails to match the table schema""" on_backpressure: NotRequired[BackpressureBehaviorOptions] @@ -249,7 +261,7 @@ class OutputLocalSearchStorageTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputLocalSearchStoragePqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -384,6 +396,9 @@ class OutputLocalSearchStorage(BaseModel): ] = None r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + workload: Optional[str] = None + r"""Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification.""" + dump_format_errors_to_disk: Annotated[ Optional[bool], pydantic.Field(alias="dumpFormatErrorsToDisk") ] = None @@ -480,7 +495,7 @@ class OutputLocalSearchStorage(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputLocalSearchStoragePqControls], pydantic.Field(alias="pqControls") @@ -616,6 +631,7 @@ def serialize_model(self, handler): "responseRetrySettings", "timeoutRetrySettings", "responseHonorRetryAfterHeader", + "workload", "dumpFormatErrorsToDisk", "onBackpressure", "statsDestination", diff --git a/src/cribl_control_plane/models/outputloki.py b/src/cribl_control_plane/models/outputloki.py index eecfd75b6..0e5341053 100644 --- a/src/cribl_control_plane/models/outputloki.py +++ b/src/cribl_control_plane/models/outputloki.py @@ -11,13 +11,13 @@ ExtraHTTPHeaderConfInputElasticTypedDict, ) from .failedrequestloggingmodeoptions import FailedRequestLoggingModeOptions +from .httpdiscoveryheaderconfinputprometheus import ( + HTTPDiscoveryHeaderConfInputPrometheus, + HTTPDiscoveryHeaderConfInputPrometheusTypedDict, +) from .messageformatoptions import MessageFormatOptions from .modeoptions import ModeOptions from .queuefullbehavioroptions import QueueFullBehaviorOptions -from .requestparamconfinputopenai import ( - RequestParamConfInputOpenai, - RequestParamConfInputOpenaiTypedDict, -) from .responseretrysettingconfoutputwebhook import ( ResponseRetrySettingConfOutputWebhook, ResponseRetrySettingConfOutputWebhookTypedDict, @@ -65,7 +65,7 @@ class OutputLokiTypedDict(TypedDict): r"""Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event.""" message_format: NotRequired[MessageFormatOptions] r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: NotRequired[List[RequestParamConfInputOpenaiTypedDict]] + labels: NotRequired[List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict]] r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" auth_type: NotRequired[ AuthenticationTypeOptionsPrometheusAuthBasicCredentialsSecret @@ -140,7 +140,7 @@ class OutputLokiTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputLokiPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -181,7 +181,7 @@ class OutputLoki(BaseModel): ] = None r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: Optional[List[RequestParamConfInputOpenai]] = None + labels: Optional[List[HTTPDiscoveryHeaderConfInputPrometheus]] = None r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" auth_type: Annotated[ @@ -339,7 +339,7 @@ class OutputLoki(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputLokiPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputmicrosoftfabric.py b/src/cribl_control_plane/models/outputmicrosoftfabric.py index fb0621dc4..2f42dc4a9 100644 --- a/src/cribl_control_plane/models/outputmicrosoftfabric.py +++ b/src/cribl_control_plane/models/outputmicrosoftfabric.py @@ -284,7 +284,7 @@ class OutputMicrosoftFabricTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputMicrosoftFabricPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -440,7 +440,7 @@ class OutputMicrosoftFabric(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputMicrosoftFabricPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputmsk.py b/src/cribl_control_plane/models/outputmsk.py index 7f3512a08..a04a61313 100644 --- a/src/cribl_control_plane/models/outputmsk.py +++ b/src/cribl_control_plane/models/outputmsk.py @@ -138,7 +138,7 @@ class OutputMskTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputMskPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -372,7 +372,7 @@ class OutputMsk(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputMskPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputnewrelic.py b/src/cribl_control_plane/models/outputnewrelic.py index 053c07b91..7182dccff 100644 --- a/src/cribl_control_plane/models/outputnewrelic.py +++ b/src/cribl_control_plane/models/outputnewrelic.py @@ -151,7 +151,7 @@ class OutputNewrelicTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputNewrelicPqControlsTypedDict] api_key: NotRequired[str] r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" @@ -338,7 +338,7 @@ class OutputNewrelic(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputNewrelicPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputnewrelicevents.py b/src/cribl_control_plane/models/outputnewrelicevents.py index f7872761a..af51b452d 100644 --- a/src/cribl_control_plane/models/outputnewrelicevents.py +++ b/src/cribl_control_plane/models/outputnewrelicevents.py @@ -118,7 +118,7 @@ class OutputNewrelicEventsTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputNewrelicEventsPqControlsTypedDict] api_key: NotRequired[str] r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" @@ -299,7 +299,7 @@ class OutputNewrelicEvents(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputNewrelicEventsPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputopentelemetry.py b/src/cribl_control_plane/models/outputopentelemetry.py index fe62a5bd1..bf7a1eecc 100644 --- a/src/cribl_control_plane/models/outputopentelemetry.py +++ b/src/cribl_control_plane/models/outputopentelemetry.py @@ -200,7 +200,7 @@ class OutputOpenTelemetryTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputOpenTelemetryPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -469,7 +469,7 @@ class OutputOpenTelemetry(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputOpenTelemetryPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputprometheus.py b/src/cribl_control_plane/models/outputprometheus.py index 139f6d172..bd291d03f 100644 --- a/src/cribl_control_plane/models/outputprometheus.py +++ b/src/cribl_control_plane/models/outputprometheus.py @@ -120,7 +120,7 @@ class OutputPrometheusTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputPrometheusPqControlsTypedDict] username: NotRequired[str] password: NotRequired[str] @@ -309,7 +309,7 @@ class OutputPrometheus(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputPrometheusPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputresponse.py b/src/cribl_control_plane/models/outputresponse.py index 50a1fef7e..643283dbf 100644 --- a/src/cribl_control_plane/models/outputresponse.py +++ b/src/cribl_control_plane/models/outputresponse.py @@ -1,64 +1,15 @@ """Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" from __future__ import annotations -from .acknowledgmentsoptions import AcknowledgmentsOptions -from .acknowledgmentsoptionsallleader import AcknowledgmentsOptionsAllLeader -from .authenticationmethodoptions import AuthenticationMethodOptions -from .authenticationmethodoptionsapi import AuthenticationMethodOptionsAPI -from .authenticationmethodoptionsauthtokensitems import ( - AuthenticationMethodOptionsAuthTokensItems, -) -from .authenticationmethodoptionss3collectorconf import ( - AuthenticationMethodOptionsS3CollectorConf, -) -from .authenticationtype import AuthenticationType, AuthenticationTypeTypedDict -from .authenticationtypeuse import AuthenticationTypeUse, AuthenticationTypeUseTypedDict -from .authtypetemplatemanualapikeyauthtype import ( - AuthTypeTemplatemanualAPIKeyAuthType, - AuthTypeTemplatemanualAPIKeyAuthTypeTypedDict, -) from .backpressurebehavioroptions import BackpressureBehaviorOptions -from .backpressurebehavioroptionsblockdrop import BackpressureBehaviorOptionsBlockDrop -from .certificatetypeazureblobauthtypeclientcert import ( - CertificateTypeAzureBlobAuthTypeClientCert, - CertificateTypeAzureBlobAuthTypeClientCertTypedDict, -) -from .compressionleveloptions import CompressionLevelOptions -from .compressionoptions import CompressionOptions -from .compressionoptionsgziplz4 import CompressionOptionsGzipLz4 -from .compressionoptionsgzipnone import CompressionOptionsGzipNone -from .compressionoptionshttp import CompressionOptionsHTTP from .compressionoptionspq import CompressionOptionsPq -from .dataformatoptions import DataFormatOptions -from .datapageversionoptions import DataPageVersionOptions -from .destinationprotocoloptions import DestinationProtocolOptions -from .diskspaceprotectionoptions import DiskSpaceProtectionOptions from .extrahttpheaderconfinputelastic import ( ExtraHTTPHeaderConfInputElastic, ExtraHTTPHeaderConfInputElasticTypedDict, ) from .failedrequestloggingmodeoptions import FailedRequestLoggingModeOptions -from .googleauthenticationmethodoptions import GoogleAuthenticationMethodOptions -from .hostconfoutputsyslog import HostConfOutputSyslog, HostConfOutputSyslogTypedDict -from .kafkaschemaregistryauthenticationtypetemplateschemaregistryurlauth import ( - KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth, - KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict, -) -from .keyvaluemetadataconfoutputfilesystem import ( - KeyValueMetadataConfOutputFilesystem, - KeyValueMetadataConfOutputFilesystemTypedDict, -) -from .loglabelconfoutputgooglecloudlogging import ( - LogLabelConfOutputGoogleCloudLogging, - LogLabelConfOutputGoogleCloudLoggingTypedDict, -) -from .maxs2sversionoptions import MaxS2SVersionOptions from .methodoptions import MethodOptions -from .microsoftentraidauthenticationendpointoptionssasl import ( - MicrosoftEntraIDAuthenticationEndpointOptionsSasl, -) from .modeoptions import ModeOptions -from .nestedfieldserializationoptions import NestedFieldSerializationOptions from .notification_union import NotificationUnion, NotificationUnionTypedDict from .oauthheaderconfinputservicenowtable import ( OauthHeaderConfInputServicenowTable, @@ -68,13 +19,86 @@ OauthParamConfInputServicenowTable, OauthParamConfInputServicenowTableTypedDict, ) -from .objectacloptions import ObjectACLOptions -from .objectacloptionsauthenticatedreadbucketownerfullcontrol import ( - ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol, -) -from .orphanfilerecoverytype import ( - OrphanFileRecoveryType, - OrphanFileRecoveryTypeTypedDict, +from .outputresponse_outputwebhook_url_1 import ( + OutputResponseOutputAzureBlob, + OutputResponseOutputAzureBlobTypedDict, + OutputResponseOutputAzureDataExplorer, + OutputResponseOutputAzureDataExplorerTypedDict, + OutputResponseOutputAzureEventhub, + OutputResponseOutputAzureEventhubTypedDict, + OutputResponseOutputAzureLogs, + OutputResponseOutputAzureLogsTypedDict, + OutputResponseOutputCloudwatch, + OutputResponseOutputCloudwatchTypedDict, + OutputResponseOutputConfluentCloud, + OutputResponseOutputConfluentCloudTypedDict, + OutputResponseOutputDevnull, + OutputResponseOutputDevnullTypedDict, + OutputResponseOutputElastic, + OutputResponseOutputElasticCloud, + OutputResponseOutputElasticCloudTypedDict, + OutputResponseOutputElasticTypedDict, + OutputResponseOutputExabeam, + OutputResponseOutputExabeamTypedDict, + OutputResponseOutputFilesystem, + OutputResponseOutputFilesystemTypedDict, + OutputResponseOutputGoogleChronicle, + OutputResponseOutputGoogleChronicleTypedDict, + OutputResponseOutputGoogleCloudLogging, + OutputResponseOutputGoogleCloudLoggingTypedDict, + OutputResponseOutputGoogleCloudObservability, + OutputResponseOutputGoogleCloudObservabilityTypedDict, + OutputResponseOutputGoogleCloudStorage, + OutputResponseOutputGoogleCloudStorageTypedDict, + OutputResponseOutputGooglePubsub, + OutputResponseOutputGooglePubsubTypedDict, + OutputResponseOutputHoneycomb, + OutputResponseOutputHoneycombTypedDict, + OutputResponseOutputInfluxdb, + OutputResponseOutputInfluxdbTypedDict, + OutputResponseOutputKafka, + OutputResponseOutputKafkaTypedDict, + OutputResponseOutputKinesis, + OutputResponseOutputKinesisTypedDict, + OutputResponseOutputMinio, + OutputResponseOutputMinioTypedDict, + OutputResponseOutputMsk, + OutputResponseOutputMskTypedDict, + OutputResponseOutputNewrelic, + OutputResponseOutputNewrelicEvents, + OutputResponseOutputNewrelicEventsTypedDict, + OutputResponseOutputNewrelicTypedDict, + OutputResponseOutputS3, + OutputResponseOutputS3TypedDict, + OutputResponseOutputSentinel, + OutputResponseOutputSentinelTypedDict, + OutputResponseOutputSignalfx, + OutputResponseOutputSignalfxTypedDict, + OutputResponseOutputSplunk, + OutputResponseOutputSplunkHec, + OutputResponseOutputSplunkHecTypedDict, + OutputResponseOutputSplunkLb, + OutputResponseOutputSplunkLbTypedDict, + OutputResponseOutputSplunkTypedDict, + OutputResponseOutputStatsd, + OutputResponseOutputStatsdTypedDict, + OutputResponseOutputSyslog, + OutputResponseOutputSyslogTypedDict, + OutputResponseOutputTcpjson, + OutputResponseOutputTcpjsonTypedDict, + OutputResponseOutputWavefront, + OutputResponseOutputWavefrontTypedDict, + OutputResponseOutputWebhookAuthenticationType1, + OutputResponseOutputWebhookFormat1, + OutputResponseOutputWebhookPqControls1, + OutputResponseOutputWebhookPqControls1TypedDict, + OutputResponseOutputWebhookType1, + OutputResponseOutputWebhookURL1, + OutputResponseOutputWebhookURL1TypedDict, + OutputResponseOutputWebhookWebhook2, + OutputResponseOutputWebhookWebhook2TypedDict, + OutputResponseOutputWizHec, + OutputResponseOutputWizHecTypedDict, ) from .outputresponse_type_statsd import ( OutputResponseOutputAlibabaCloudS3, @@ -88,18202 +112,104 @@ OutputResponseOutputCloudflareR2, OutputResponseOutputCloudflareR2TypedDict, OutputResponseOutputCloudianS3, - OutputResponseOutputCloudianS3TypedDict, - OutputResponseOutputCriblHTTP, - OutputResponseOutputCriblHTTPTypedDict, - OutputResponseOutputCriblLake, - OutputResponseOutputCriblLakeTypedDict, - OutputResponseOutputCriblSearchEngine, - OutputResponseOutputCriblSearchEngineTypedDict, - OutputResponseOutputCriblTCP, - OutputResponseOutputCriblTCPTypedDict, - OutputResponseOutputCrowdstrikeNextGenSiem, - OutputResponseOutputCrowdstrikeNextGenSiemTypedDict, - OutputResponseOutputDatabricks, - OutputResponseOutputDatabricksTypedDict, - OutputResponseOutputDatadog, - OutputResponseOutputDatadogTypedDict, - OutputResponseOutputDataset, - OutputResponseOutputDatasetTypedDict, - OutputResponseOutputDellS3, - OutputResponseOutputDellS3TypedDict, - OutputResponseOutputDiskSpool, - OutputResponseOutputDiskSpoolTypedDict, - OutputResponseOutputDlS3, - OutputResponseOutputDlS3TypedDict, - OutputResponseOutputDynatraceHTTP, - OutputResponseOutputDynatraceHTTPTypedDict, - OutputResponseOutputDynatraceOtlp, - OutputResponseOutputDynatraceOtlpTypedDict, - OutputResponseOutputGrafanaCloudUnion, - OutputResponseOutputGrafanaCloudUnionTypedDict, - OutputResponseOutputGraphite, - OutputResponseOutputGraphiteTypedDict, - OutputResponseOutputHumioHec, - OutputResponseOutputHumioHecTypedDict, - OutputResponseOutputLocalSearchStorage, - OutputResponseOutputLocalSearchStorageTypedDict, - OutputResponseOutputLoki, - OutputResponseOutputLokiTypedDict, - OutputResponseOutputMicrosoftFabric, - OutputResponseOutputMicrosoftFabricTypedDict, - OutputResponseOutputNetflow, - OutputResponseOutputNetflowTypedDict, - OutputResponseOutputNutanixObjects, - OutputResponseOutputNutanixObjectsTypedDict, - OutputResponseOutputOpenTelemetry, - OutputResponseOutputOpenTelemetryTypedDict, - OutputResponseOutputPrometheus, - OutputResponseOutputPrometheusTypedDict, - OutputResponseOutputRing, - OutputResponseOutputRingTypedDict, - OutputResponseOutputRouter, - OutputResponseOutputRouterTypedDict, - OutputResponseOutputScalityS3, - OutputResponseOutputScalityS3TypedDict, - OutputResponseOutputSecurityLake, - OutputResponseOutputSecurityLakeTypedDict, - OutputResponseOutputSentinelOneAiSiem, - OutputResponseOutputSentinelOneAiSiemTypedDict, - OutputResponseOutputServiceNow, - OutputResponseOutputServiceNowTypedDict, - OutputResponseOutputSnmp, - OutputResponseOutputSnmpTypedDict, - OutputResponseOutputSns, - OutputResponseOutputSnsTypedDict, - OutputResponseOutputSqs, - OutputResponseOutputSqsTypedDict, - OutputResponseOutputStatsdExt, - OutputResponseOutputStatsdExtTypedDict, - OutputResponseOutputStorjS3, - OutputResponseOutputStorjS3TypedDict, - OutputResponseOutputSumoLogic, - OutputResponseOutputSumoLogicTypedDict, - OutputResponseOutputXsiam, - OutputResponseOutputXsiamTypedDict, - OutputResponseTypeStatsd, -) -from .parquetversionoptions import ParquetVersionOptions -from .queuefullbehavioroptions import QueueFullBehaviorOptions -from .recorddataformatoptions import RecordDataFormatOptions -from .recorddataformatoptionsjsonprotobuf import RecordDataFormatOptionsJSONProtobuf -from .regionoptions import RegionOptions -from .responseretrysettingconfoutputwebhook import ( - ResponseRetrySettingConfOutputWebhook, - ResponseRetrySettingConfOutputWebhookTypedDict, -) -from .retrysettingstype import RetrySettingsType, RetrySettingsTypeTypedDict -from .saslextensionconfinputkafka import ( - SaslExtensionConfInputKafka, - SaslExtensionConfInputKafkaTypedDict, -) -from .serversideencryptionforuploadedobjectsoptions import ( - ServerSideEncryptionForUploadedObjectsOptions, -) -from .serversideencryptionforuploadedobjectsoptionsaes256 import ( - ServerSideEncryptionForUploadedObjectsOptionsAes256, -) -from .statustype import StatusType, StatusTypeTypedDict -from .storageclassoptions import StorageClassOptions -from .storageclassoptionsarchivecoldline import StorageClassOptionsArchiveColdline -from .storageclassoptionsreducedredundancystandard import ( - StorageClassOptionsReducedredundancyStandard, -) -from .timeoutretrysettingstype import ( - TimeoutRetrySettingsType, - TimeoutRetrySettingsTypeTypedDict, -) -from .tlssettingsclientsidetype import ( - TLSSettingsClientSideType, - TLSSettingsClientSideTypeTypedDict, -) -from .tlssettingsclientsidetypecapathcertpath import ( - TLSSettingsClientSideTypeCaPathCertPath, - TLSSettingsClientSideTypeCaPathCertPathTypedDict, -) -from .tlssettingsclientsidetypecapathcertpathextended import ( - TLSSettingsClientSideTypeCaPathCertPathExtended, - TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict, -) -from cribl_control_plane import models, utils -from cribl_control_plane.types import BaseModel, Nullable, UNSET_SENTINEL -from cribl_control_plane.utils.unions import parse_open_union -from enum import Enum -from functools import partial -import pydantic -from pydantic import ConfigDict, field_serializer, model_serializer -from pydantic.functional_validators import BeforeValidator -from typing import Any, List, Literal, Optional, Union -from typing_extensions import Annotated, NotRequired, TypeAliasType, TypedDict - - -class OutputResponsePqControlsStatsdTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsStatsd(BaseModel): - pass - - -class OutputResponseOutputStatsdTypedDict(TypedDict): - type: OutputResponseTypeStatsd - protocol: DestinationProtocolOptions - r"""Protocol to use when communicating with the destination.""" - host: str - r"""The hostname of the destination.""" - port: float - r"""Destination port.""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - mtu: NotRequired[float] - r"""When protocol is UDP, specifies the maximum size of packets sent to the destination. Also known as the MTU for the network path to the destination system.""" - flush_period_sec: NotRequired[float] - r"""When protocol is TCP, specifies how often buffers should be flushed, resulting in records sent to the destination.""" - dns_resolve_period_sec: NotRequired[float] - r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every batch sent will incur a DNS lookup.""" - description: NotRequired[str] - throttle_rate_per_sec: NotRequired[str] - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - connection_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - write_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsStatsdTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputStatsd(BaseModel): - type: OutputResponseTypeStatsd - - protocol: DestinationProtocolOptions - r"""Protocol to use when communicating with the destination.""" - - host: str - r"""The hostname of the destination.""" - - port: float - r"""Destination port.""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - mtu: Optional[float] = None - r"""When protocol is UDP, specifies the maximum size of packets sent to the destination. Also known as the MTU for the network path to the destination system.""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""When protocol is TCP, specifies how often buffers should be flushed, resulting in records sent to the destination.""" - - dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") - ] = None - r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every batch sent will incur a DNS lookup.""" - - description: Optional[str] = None - - throttle_rate_per_sec: Annotated[ - Optional[str], pydantic.Field(alias="throttleRatePerSec") - ] = None - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - - write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( - None - ) - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsStatsd], pydantic.Field(alias="pqControls") - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("protocol") - def serialize_protocol(self, value): - if isinstance(value, str): - try: - return models.DestinationProtocolOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "mtu", - "flushPeriodSec", - "dnsResolvePeriodSec", - "description", - "throttleRatePerSec", - "connectionTimeout", - "writeTimeout", - "onBackpressure", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_onBackpressure", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeMinio(str, Enum): - MINIO = "minio" - - -class OutputResponseOutputMinioTypedDict(TypedDict): - type: OutputResponseTypeMinio - bucket: str - r"""Name of the destination MinIO bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" - stage_path: str - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - endpoint: str - r"""MinIO service url (e.g. http://minioHost:9000)""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] - r"""AWS authentication method. Choose Auto to use IAM roles.""" - reuse_connections: NotRequired[bool] - r"""Reuse connections between requests, which can improve performance""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - region: NotRequired[str] - r"""Region where the MinIO bucket is located""" - dest_path: NotRequired[str] - r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" - max_concurrent_file_parts: NotRequired[float] - r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" - verify_permissions: NotRequired[bool] - r"""Disable if you can access files within the bucket but not the bucket itself""" - max_closing_files_to_backpressure: NotRequired[float] - r"""Maximum number of files that can be waiting for upload before backpressure is applied""" - add_id_to_stage_path: NotRequired[bool] - r"""Add the Output ID value to staging location""" - remove_empty_dirs: NotRequired[bool] - r"""Remove empty staging directories after moving files""" - partition_expr: NotRequired[str] - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - format_: NotRequired[DataFormatOptions] - r"""Format of the output data""" - base_file_name: NotRequired[str] - r"""JavaScript expression to define the output filename prefix (can be constant)""" - file_name_suffix: NotRequired[str] - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - max_file_size_mb: NotRequired[float] - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - max_file_open_time_sec: NotRequired[float] - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - max_file_idle_time_sec: NotRequired[float] - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - max_open_files: NotRequired[float] - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - header_line: NotRequired[str] - r"""If set, this line will be written to the beginning of each output file""" - write_high_water_mark: NotRequired[float] - r"""Buffer size used to write to a file""" - on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] - r"""How to handle events when all receivers are exerting backpressure""" - deadletter_enabled: NotRequired[bool] - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - force_close_on_shutdown: NotRequired[bool] - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - retry_settings: NotRequired[RetrySettingsTypeTypedDict] - orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] - aws_secret_key: NotRequired[str] - r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" - object_acl: NotRequired[ObjectACLOptions] - r"""Object ACL to assign to uploaded objects""" - storage_class: NotRequired[StorageClassOptionsReducedredundancyStandard] - r"""Storage class to select for uploaded objects""" - server_side_encryption: NotRequired[ - ServerSideEncryptionForUploadedObjectsOptionsAes256 - ] - r"""Server-side encryption to use for uploaded objects""" - description: NotRequired[str] - aws_api_key: NotRequired[str] - r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" - aws_secret: NotRequired[str] - r"""Select or create a stored secret that references your access key and secret key""" - compress: NotRequired[CompressionOptionsHTTP] - r"""Data compression format to apply to HTTP content before it is delivered""" - compression_level: NotRequired[CompressionLevelOptions] - r"""Compression level to apply before moving files to final destination""" - automatic_schema: NotRequired[bool] - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - parquet_schema: NotRequired[str] - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - parquet_version: NotRequired[ParquetVersionOptions] - r"""Determines which data types are supported and how they are represented""" - parquet_data_page_version: NotRequired[DataPageVersionOptions] - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - parquet_row_group_length: NotRequired[float] - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - parquet_page_size: NotRequired[str] - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - should_log_invalid_rows: NotRequired[bool] - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - enable_statistics: NotRequired[bool] - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - enable_write_page_index: NotRequired[bool] - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - enable_page_checksum: NotRequired[bool] - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - empty_dir_cleanup_sec: NotRequired[float] - r"""How frequently, in seconds, to clean up empty directories""" - directory_batch_size: NotRequired[float] - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - deadletter_path: NotRequired[str] - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - max_retry_num: NotRequired[float] - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_bucket: NotRequired[str] - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_dest_path: NotRequired[str] - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - template_partition_expr: NotRequired[str] - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_base_file_name: NotRequired[str] - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - template_file_name_suffix: NotRequired[str] - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_aws_secret_key: NotRequired[str] - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - template_object_acl: NotRequired[str] - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - template_storage_class: NotRequired[str] - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - template_server_side_encryption: NotRequired[str] - r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" - template_aws_api_key: NotRequired[str] - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - template_parquet_schema: NotRequired[str] - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputMinio(BaseModel): - type: OutputResponseTypeMinio - - bucket: str - r"""Name of the destination MinIO bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" - - stage_path: Annotated[str, pydantic.Field(alias="stagePath")] - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - - endpoint: str - r"""MinIO service url (e.g. http://minioHost:9000)""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - aws_authentication_method: Annotated[ - Optional[AuthenticationMethodOptionsS3CollectorConf], - pydantic.Field(alias="awsAuthenticationMethod"), - ] = None - r"""AWS authentication method. Choose Auto to use IAM roles.""" - - reuse_connections: Annotated[ - Optional[bool], pydantic.Field(alias="reuseConnections") - ] = None - r"""Reuse connections between requests, which can improve performance""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - - region: Optional[str] = None - r"""Region where the MinIO bucket is located""" - - dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None - r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" - - max_concurrent_file_parts: Annotated[ - Optional[float], pydantic.Field(alias="maxConcurrentFileParts") - ] = None - r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" - - verify_permissions: Annotated[ - Optional[bool], pydantic.Field(alias="verifyPermissions") - ] = None - r"""Disable if you can access files within the bucket but not the bucket itself""" - - max_closing_files_to_backpressure: Annotated[ - Optional[float], pydantic.Field(alias="maxClosingFilesToBackpressure") - ] = None - r"""Maximum number of files that can be waiting for upload before backpressure is applied""" - - add_id_to_stage_path: Annotated[ - Optional[bool], pydantic.Field(alias="addIdToStagePath") - ] = None - r"""Add the Output ID value to staging location""" - - remove_empty_dirs: Annotated[ - Optional[bool], pydantic.Field(alias="removeEmptyDirs") - ] = None - r"""Remove empty staging directories after moving files""" - - partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( - None - ) - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - - format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( - None - ) - r"""Format of the output data""" - - base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( - None - ) - r"""JavaScript expression to define the output filename prefix (can be constant)""" - - file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="fileNameSuffix") - ] = None - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - - max_file_size_mb: Annotated[ - Optional[float], pydantic.Field(alias="maxFileSizeMB") - ] = None - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - - max_file_open_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") - ] = None - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - - max_file_idle_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") - ] = None - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - - max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( - None - ) - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - - header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None - r"""If set, this line will be written to the beginning of each output file""" - - write_high_water_mark: Annotated[ - Optional[float], pydantic.Field(alias="writeHighWaterMark") - ] = None - r"""Buffer size used to write to a file""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptionsBlockDrop], - pydantic.Field(alias="onBackpressure"), - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - deadletter_enabled: Annotated[ - Optional[bool], pydantic.Field(alias="deadletterEnabled") - ] = None - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - - on_disk_full_backpressure: Annotated[ - Optional[DiskSpaceProtectionOptions], - pydantic.Field(alias="onDiskFullBackpressure"), - ] = None - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - - force_close_on_shutdown: Annotated[ - Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") - ] = None - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - - retry_settings: Annotated[ - Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") - ] = None - - orphans: Optional[OrphanFileRecoveryType] = None - - aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( - None - ) - r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" - - object_acl: Annotated[ - Optional[ObjectACLOptions], pydantic.Field(alias="objectACL") - ] = None - r"""Object ACL to assign to uploaded objects""" - - storage_class: Annotated[ - Optional[StorageClassOptionsReducedredundancyStandard], - pydantic.Field(alias="storageClass"), - ] = None - r"""Storage class to select for uploaded objects""" - - server_side_encryption: Annotated[ - Optional[ServerSideEncryptionForUploadedObjectsOptionsAes256], - pydantic.Field(alias="serverSideEncryption"), - ] = None - r"""Server-side encryption to use for uploaded objects""" - - description: Optional[str] = None - - aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None - r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" - - aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None - r"""Select or create a stored secret that references your access key and secret key""" - - compress: Optional[CompressionOptionsHTTP] = None - r"""Data compression format to apply to HTTP content before it is delivered""" - - compression_level: Annotated[ - Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") - ] = None - r"""Compression level to apply before moving files to final destination""" - - automatic_schema: Annotated[ - Optional[bool], pydantic.Field(alias="automaticSchema") - ] = None - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - - parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( - None - ) - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - - parquet_version: Annotated[ - Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") - ] = None - r"""Determines which data types are supported and how they are represented""" - - parquet_data_page_version: Annotated[ - Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") - ] = None - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - - parquet_row_group_length: Annotated[ - Optional[float], pydantic.Field(alias="parquetRowGroupLength") - ] = None - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - - parquet_page_size: Annotated[ - Optional[str], pydantic.Field(alias="parquetPageSize") - ] = None - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - - should_log_invalid_rows: Annotated[ - Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") - ] = None - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - - key_value_metadata: Annotated[ - Optional[List[KeyValueMetadataConfOutputFilesystem]], - pydantic.Field(alias="keyValueMetadata"), - ] = None - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - - enable_statistics: Annotated[ - Optional[bool], pydantic.Field(alias="enableStatistics") - ] = None - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - - enable_write_page_index: Annotated[ - Optional[bool], pydantic.Field(alias="enableWritePageIndex") - ] = None - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - - enable_page_checksum: Annotated[ - Optional[bool], pydantic.Field(alias="enablePageChecksum") - ] = None - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - - empty_dir_cleanup_sec: Annotated[ - Optional[float], pydantic.Field(alias="emptyDirCleanupSec") - ] = None - r"""How frequently, in seconds, to clean up empty directories""" - - directory_batch_size: Annotated[ - Optional[float], pydantic.Field(alias="directoryBatchSize") - ] = None - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - - deadletter_path: Annotated[ - Optional[str], pydantic.Field(alias="deadletterPath") - ] = None - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - - max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( - None - ) - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_bucket: Annotated[ - Optional[str], pydantic.Field(alias="__template_bucket") - ] = None - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_dest_path: Annotated[ - Optional[str], pydantic.Field(alias="__template_destPath") - ] = None - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - - template_partition_expr: Annotated[ - Optional[str], pydantic.Field(alias="__template_partitionExpr") - ] = None - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_base_file_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_baseFileName") - ] = None - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - - template_file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="__template_fileNameSuffix") - ] = None - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_aws_secret_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsSecretKey") - ] = None - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - - template_object_acl: Annotated[ - Optional[str], pydantic.Field(alias="__template_objectACL") - ] = None - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - - template_storage_class: Annotated[ - Optional[str], pydantic.Field(alias="__template_storageClass") - ] = None - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - - template_server_side_encryption: Annotated[ - Optional[str], pydantic.Field(alias="__template_serverSideEncryption") - ] = None - r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" - - template_aws_api_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsApiKey") - ] = None - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - template_parquet_schema: Annotated[ - Optional[str], pydantic.Field(alias="__template_parquetSchema") - ] = None - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("aws_authentication_method") - def serialize_aws_authentication_method(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsS3CollectorConf(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.DataFormatOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptionsBlockDrop(value) - except ValueError: - return value - return value - - @field_serializer("on_disk_full_backpressure") - def serialize_on_disk_full_backpressure(self, value): - if isinstance(value, str): - try: - return models.DiskSpaceProtectionOptions(value) - except ValueError: - return value - return value - - @field_serializer("object_acl") - def serialize_object_acl(self, value): - if isinstance(value, str): - try: - return models.ObjectACLOptions(value) - except ValueError: - return value - return value - - @field_serializer("storage_class") - def serialize_storage_class(self, value): - if isinstance(value, str): - try: - return models.StorageClassOptionsReducedredundancyStandard(value) - except ValueError: - return value - return value - - @field_serializer("server_side_encryption") - def serialize_server_side_encryption(self, value): - if isinstance(value, str): - try: - return models.ServerSideEncryptionForUploadedObjectsOptionsAes256(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsHTTP(value) - except ValueError: - return value - return value - - @field_serializer("compression_level") - def serialize_compression_level(self, value): - if isinstance(value, str): - try: - return models.CompressionLevelOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_version") - def serialize_parquet_version(self, value): - if isinstance(value, str): - try: - return models.ParquetVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_data_page_version") - def serialize_parquet_data_page_version(self, value): - if isinstance(value, str): - try: - return models.DataPageVersionOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "awsAuthenticationMethod", - "reuseConnections", - "rejectUnauthorized", - "region", - "destPath", - "maxConcurrentFileParts", - "verifyPermissions", - "maxClosingFilesToBackpressure", - "addIdToStagePath", - "removeEmptyDirs", - "partitionExpr", - "format", - "baseFileName", - "fileNameSuffix", - "maxFileSizeMB", - "maxFileOpenTimeSec", - "maxFileIdleTimeSec", - "maxOpenFiles", - "headerLine", - "writeHighWaterMark", - "onBackpressure", - "deadletterEnabled", - "onDiskFullBackpressure", - "forceCloseOnShutdown", - "retrySettings", - "orphans", - "awsSecretKey", - "objectACL", - "storageClass", - "serverSideEncryption", - "description", - "awsApiKey", - "awsSecret", - "compress", - "compressionLevel", - "automaticSchema", - "parquetSchema", - "parquetVersion", - "parquetDataPageVersion", - "parquetRowGroupLength", - "parquetPageSize", - "shouldLogInvalidRows", - "keyValueMetadata", - "enableStatistics", - "enableWritePageIndex", - "enablePageChecksum", - "emptyDirCleanupSec", - "directoryBatchSize", - "deadletterPath", - "maxRetryNum", - "__template_streamtags", - "__template_bucket", - "__template_region", - "__template_destPath", - "__template_partitionExpr", - "__template_format", - "__template_baseFileName", - "__template_fileNameSuffix", - "__template_onBackpressure", - "__template_awsSecretKey", - "__template_objectACL", - "__template_storageClass", - "__template_serverSideEncryption", - "__template_awsApiKey", - "__template_compress", - "__template_parquetSchema", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeCloudwatch(str, Enum): - CLOUDWATCH = "cloudwatch" - - -class OutputResponsePqControlsCloudwatchTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsCloudwatch(BaseModel): - pass - - -class OutputResponseOutputCloudwatchTypedDict(TypedDict): - type: OutputResponseTypeCloudwatch - log_group_name: str - r"""CloudWatch log group to associate events with""" - log_stream_name: str - r"""Prefix for CloudWatch log stream name. This prefix will be used to generate a unique log stream name per cribl instance, for example: myStream_myHost_myOutputId""" - region: str - r"""Region where the CloudWatchLogs is located""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] - r"""AWS authentication method. Choose Auto to use IAM roles.""" - aws_secret_key: NotRequired[str] - endpoint: NotRequired[str] - r"""CloudWatchLogs service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to CloudWatchLogs-compatible endpoint.""" - reuse_connections: NotRequired[bool] - r"""Reuse connections between requests, which can improve performance""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - enable_assume_role: NotRequired[bool] - r"""Use Assume Role credentials to access CloudWatchLogs""" - assume_role_arn: NotRequired[str] - r"""Amazon Resource Name (ARN) of the role to assume""" - assume_role_external_id: NotRequired[str] - r"""External ID to use when assuming role""" - duration_seconds: NotRequired[float] - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - max_queue_size: NotRequired[float] - r"""Maximum number of queued batches before blocking""" - max_record_size_kb: NotRequired[float] - r"""Maximum size (KB) of each individual record before compression. For non compressible data 1MB is the max recommended size""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - aws_api_key: NotRequired[str] - aws_secret: NotRequired[str] - r"""Select or create a stored secret that references your access key and secret key""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsCloudwatchTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_log_group_name: NotRequired[str] - r"""Binds 'logGroupName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logGroupName' at runtime.""" - template_log_stream_name: NotRequired[str] - r"""Binds 'logStreamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logStreamName' at runtime.""" - template_aws_secret_key: NotRequired[str] - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_endpoint: NotRequired[str] - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - template_assume_role_arn: NotRequired[str] - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - template_assume_role_external_id: NotRequired[str] - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_aws_api_key: NotRequired[str] - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputCloudwatch(BaseModel): - type: OutputResponseTypeCloudwatch - - log_group_name: Annotated[str, pydantic.Field(alias="logGroupName")] - r"""CloudWatch log group to associate events with""" - - log_stream_name: Annotated[str, pydantic.Field(alias="logStreamName")] - r"""Prefix for CloudWatch log stream name. This prefix will be used to generate a unique log stream name per cribl instance, for example: myStream_myHost_myOutputId""" - - region: str - r"""Region where the CloudWatchLogs is located""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - aws_authentication_method: Annotated[ - Optional[AuthenticationMethodOptionsS3CollectorConf], - pydantic.Field(alias="awsAuthenticationMethod"), - ] = None - r"""AWS authentication method. Choose Auto to use IAM roles.""" - - aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( - None - ) - - endpoint: Optional[str] = None - r"""CloudWatchLogs service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to CloudWatchLogs-compatible endpoint.""" - - reuse_connections: Annotated[ - Optional[bool], pydantic.Field(alias="reuseConnections") - ] = None - r"""Reuse connections between requests, which can improve performance""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - - enable_assume_role: Annotated[ - Optional[bool], pydantic.Field(alias="enableAssumeRole") - ] = None - r"""Use Assume Role credentials to access CloudWatchLogs""" - - assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( - None - ) - r"""Amazon Resource Name (ARN) of the role to assume""" - - assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="assumeRoleExternalId") - ] = None - r"""External ID to use when assuming role""" - - duration_seconds: Annotated[ - Optional[float], pydantic.Field(alias="durationSeconds") - ] = None - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - - max_queue_size: Annotated[Optional[float], pydantic.Field(alias="maxQueueSize")] = ( - None - ) - r"""Maximum number of queued batches before blocking""" - - max_record_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSizeKB") - ] = None - r"""Maximum size (KB) of each individual record before compression. For non compressible data 1MB is the max recommended size""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None - - aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None - r"""Select or create a stored secret that references your access key and secret key""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsCloudwatch], pydantic.Field(alias="pqControls") - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_log_group_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_logGroupName") - ] = None - r"""Binds 'logGroupName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logGroupName' at runtime.""" - - template_log_stream_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_logStreamName") - ] = None - r"""Binds 'logStreamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logStreamName' at runtime.""" - - template_aws_secret_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsSecretKey") - ] = None - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_endpoint") - ] = None - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - - template_assume_role_arn: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleArn") - ] = None - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - - template_assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") - ] = None - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_aws_api_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsApiKey") - ] = None - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("aws_authentication_method") - def serialize_aws_authentication_method(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsS3CollectorConf(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "awsAuthenticationMethod", - "awsSecretKey", - "endpoint", - "reuseConnections", - "rejectUnauthorized", - "enableAssumeRole", - "assumeRoleArn", - "assumeRoleExternalId", - "durationSeconds", - "maxQueueSize", - "maxRecordSizeKB", - "flushPeriodSec", - "onBackpressure", - "description", - "awsApiKey", - "awsSecret", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_logGroupName", - "__template_logStreamName", - "__template_awsSecretKey", - "__template_region", - "__template_endpoint", - "__template_assumeRoleArn", - "__template_assumeRoleExternalId", - "__template_onBackpressure", - "__template_awsApiKey", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeInfluxdb(str, Enum): - INFLUXDB = "influxdb" - - -class OutputResponseTimestampPrecision(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Sets the precision for the supplied Unix time values. Defaults to milliseconds.""" - - # Nanoseconds - NS = "ns" - # Microseconds - U = "u" - # Milliseconds - MS = "ms" - # Seconds - S = "s" - # Minutes - M = "m" - # Hours - H = "h" - - -class OutputResponseAuthenticationTypeInfluxdb(str, Enum, metaclass=utils.OpenEnumMeta): - r"""InfluxDB authentication type""" - - # None - NONE = "none" - # Basic - BASIC = "basic" - # Basic (credentials secret) - CREDENTIALS_SECRET = "credentialsSecret" - # Token - TOKEN = "token" - # Token (text secret) - TEXT_SECRET = "textSecret" - - -class OutputResponsePqControlsInfluxdbTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsInfluxdb(BaseModel): - pass - - -class OutputResponseOutputInfluxdbTypedDict(TypedDict): - type: OutputResponseTypeInfluxdb - url: str - r"""URL of an InfluxDB cluster to send events to, e.g., http://localhost:8086/write""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - use_v2_api: NotRequired[bool] - r"""The v2 API can be enabled with InfluxDB versions 1.8 and later.""" - timestamp_precision: NotRequired[OutputResponseTimestampPrecision] - r"""Sets the precision for the supplied Unix time values. Defaults to milliseconds.""" - dynamic_value_field_name: NotRequired[bool] - r"""Enabling this will pull the value field from the metric name. E,g, 'db.query.user' will use 'db.query' as the measurement and 'user' as the value field.""" - value_field_name: NotRequired[str] - r"""Name of the field in which to store the metric when sending to InfluxDB. If dynamic generation is enabled and fails, this will be used as a fallback.""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[OutputResponseAuthenticationTypeInfluxdb] - r"""InfluxDB authentication type""" - description: NotRequired[str] - database: NotRequired[str] - r"""Database to write to.""" - bucket: NotRequired[str] - r"""Bucket to write to.""" - org: NotRequired[str] - r"""Organization ID for this bucket.""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsInfluxdbTypedDict] - username: NotRequired[str] - password: NotRequired[str] - token: NotRequired[str] - r"""Bearer token to include in the authorization header""" - credentials_secret: NotRequired[str] - r"""Select or create a secret that references your credentials""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_database: NotRequired[str] - r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" - template_bucket: NotRequired[str] - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputInfluxdb(BaseModel): - type: OutputResponseTypeInfluxdb - - url: str - r"""URL of an InfluxDB cluster to send events to, e.g., http://localhost:8086/write""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - use_v2_api: Annotated[Optional[bool], pydantic.Field(alias="useV2API")] = None - r"""The v2 API can be enabled with InfluxDB versions 1.8 and later.""" - - timestamp_precision: Annotated[ - Optional[OutputResponseTimestampPrecision], - pydantic.Field(alias="timestampPrecision"), - ] = None - r"""Sets the precision for the supplied Unix time values. Defaults to milliseconds.""" - - dynamic_value_field_name: Annotated[ - Optional[bool], pydantic.Field(alias="dynamicValueFieldName") - ] = None - r"""Enabling this will pull the value field from the metric name. E,g, 'db.query.user' will use 'db.query' as the measurement and 'user' as the value field.""" - - value_field_name: Annotated[ - Optional[str], pydantic.Field(alias="valueFieldName") - ] = None - r"""Name of the field in which to store the metric when sending to InfluxDB. If dynamic generation is enabled and fails, this will be used as a fallback.""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[OutputResponseAuthenticationTypeInfluxdb], - pydantic.Field(alias="authType"), - ] = None - r"""InfluxDB authentication type""" - - description: Optional[str] = None - - database: Optional[str] = None - r"""Database to write to.""" - - bucket: Optional[str] = None - r"""Bucket to write to.""" - - org: Optional[str] = None - r"""Organization ID for this bucket.""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsInfluxdb], pydantic.Field(alias="pqControls") - ] = None - - username: Optional[str] = None - - password: Optional[str] = None - - token: Optional[str] = None - r"""Bearer token to include in the authorization header""" - - credentials_secret: Annotated[ - Optional[str], pydantic.Field(alias="credentialsSecret") - ] = None - r"""Select or create a secret that references your credentials""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_database: Annotated[ - Optional[str], pydantic.Field(alias="__template_database") - ] = None - r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" - - template_bucket: Annotated[ - Optional[str], pydantic.Field(alias="__template_bucket") - ] = None - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("timestamp_precision") - def serialize_timestamp_precision(self, value): - if isinstance(value, str): - try: - return models.OutputResponseTimestampPrecision(value) - except ValueError: - return value - return value - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.OutputResponseAuthenticationTypeInfluxdb(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "useV2API", - "timestampPrecision", - "dynamicValueFieldName", - "valueFieldName", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "authType", - "description", - "database", - "bucket", - "org", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "username", - "password", - "token", - "credentialsSecret", - "textSecret", - "__template_streamtags", - "__template_url", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_database", - "__template_bucket", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeNewrelicEvents(str, Enum): - NEWRELIC_EVENTS = "newrelic_events" - - -class OutputResponsePqControlsNewrelicEventsTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsNewrelicEvents(BaseModel): - pass - - -class OutputResponseOutputNewrelicEventsTypedDict(TypedDict): - type: OutputResponseTypeNewrelicEvents - account_id: str - r"""New Relic account ID""" - event_type: str - r"""Default New Relic eventType to use when event type is not present. For more information, see the [New Relic eventType documentation](https://docs.newrelic.com/docs/telemetry-data-platform/custom-data/custom-events/data-requirements-limits-custom-event-data/#reserved-words).""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - region: NotRequired[RegionOptions] - r"""Which New Relic region endpoint to use.""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[AuthenticationMethodOptionsAPI] - r"""Enter API key directly, or select a stored secret""" - description: NotRequired[str] - custom_url: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsNewrelicEventsTypedDict] - api_key: NotRequired[str] - r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_account_id: NotRequired[str] - r"""Binds 'accountId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'accountId' at runtime.""" - template_event_type: NotRequired[str] - r"""Binds 'eventType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'eventType' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_custom_url: NotRequired[str] - r"""Binds 'customUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customUrl' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputNewrelicEvents(BaseModel): - type: OutputResponseTypeNewrelicEvents - - account_id: Annotated[str, pydantic.Field(alias="accountId")] - r"""New Relic account ID""" - - event_type: Annotated[str, pydantic.Field(alias="eventType")] - r"""Default New Relic eventType to use when event type is not present. For more information, see the [New Relic eventType documentation](https://docs.newrelic.com/docs/telemetry-data-platform/custom-data/custom-events/data-requirements-limits-custom-event-data/#reserved-words).""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - region: Optional[RegionOptions] = None - r"""Which New Relic region endpoint to use.""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAPI], pydantic.Field(alias="authType") - ] = None - r"""Enter API key directly, or select a stored secret""" - - description: Optional[str] = None - - custom_url: Annotated[Optional[str], pydantic.Field(alias="customUrl")] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsNewrelicEvents], - pydantic.Field(alias="pqControls"), - ] = None - - api_key: Annotated[Optional[str], pydantic.Field(alias="apiKey")] = None - r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_account_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_accountId") - ] = None - r"""Binds 'accountId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'accountId' at runtime.""" - - template_event_type: Annotated[ - Optional[str], pydantic.Field(alias="__template_eventType") - ] = None - r"""Binds 'eventType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'eventType' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_custom_url: Annotated[ - Optional[str], pydantic.Field(alias="__template_customUrl") - ] = None - r"""Binds 'customUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customUrl' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("region") - def serialize_region(self, value): - if isinstance(value, str): - try: - return models.RegionOptions(value) - except ValueError: - return value - return value - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAPI(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "region", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "authType", - "description", - "customUrl", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "apiKey", - "textSecret", - "__template_streamtags", - "__template_region", - "__template_accountId", - "__template_eventType", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_customUrl", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeNewrelic(str, Enum): - NEWRELIC = "newrelic" - - -class OutputResponseFieldName(str, Enum, metaclass=utils.OpenEnumMeta): - SERVICE = "service" - HOSTNAME = "hostname" - TIMESTAMP = "timestamp" - AUDIT_ID = "auditId" - - -class OutputResponseMetadatumTypedDict(TypedDict): - name: OutputResponseFieldName - value: str - r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)""" - - -class OutputResponseMetadatum(BaseModel): - name: OutputResponseFieldName - - value: str - r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)""" - - @field_serializer("name") - def serialize_name(self, value): - if isinstance(value, str): - try: - return models.OutputResponseFieldName(value) - except ValueError: - return value - return value - - -class OutputResponsePqControlsNewrelicTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsNewrelic(BaseModel): - pass - - -class OutputResponseOutputNewrelicTypedDict(TypedDict): - type: OutputResponseTypeNewrelic - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - region: NotRequired[RegionOptions] - r"""Which New Relic region endpoint to use.""" - log_type: NotRequired[str] - r"""Name of the logtype to send with events, e.g.: observability, access_log. The event's 'sourcetype' field (if set) will override this value.""" - message_field: NotRequired[str] - r"""Name of field to send as log message value. If not present, event will be serialized and sent as JSON.""" - metadata: NotRequired[List[OutputResponseMetadatumTypedDict]] - r"""Fields to add to events from this input""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[AuthenticationMethodOptionsAPI] - r"""Enter API key directly, or select a stored secret""" - total_memory_limit_kb: NotRequired[float] - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - description: NotRequired[str] - custom_url: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsNewrelicTypedDict] - api_key: NotRequired[str] - r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_log_type: NotRequired[str] - r"""Binds 'logType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logType' at runtime.""" - template_message_field: NotRequired[str] - r"""Binds 'messageField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'messageField' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputNewrelic(BaseModel): - type: OutputResponseTypeNewrelic - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - region: Optional[RegionOptions] = None - r"""Which New Relic region endpoint to use.""" - - log_type: Annotated[Optional[str], pydantic.Field(alias="logType")] = None - r"""Name of the logtype to send with events, e.g.: observability, access_log. The event's 'sourcetype' field (if set) will override this value.""" - - message_field: Annotated[Optional[str], pydantic.Field(alias="messageField")] = None - r"""Name of field to send as log message value. If not present, event will be serialized and sent as JSON.""" - - metadata: Optional[List[OutputResponseMetadatum]] = None - r"""Fields to add to events from this input""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAPI], pydantic.Field(alias="authType") - ] = None - r"""Enter API key directly, or select a stored secret""" - - total_memory_limit_kb: Annotated[ - Optional[float], pydantic.Field(alias="totalMemoryLimitKB") - ] = None - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - - description: Optional[str] = None - - custom_url: Annotated[Optional[str], pydantic.Field(alias="customUrl")] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsNewrelic], pydantic.Field(alias="pqControls") - ] = None - - api_key: Annotated[Optional[str], pydantic.Field(alias="apiKey")] = None - r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_log_type: Annotated[ - Optional[str], pydantic.Field(alias="__template_logType") - ] = None - r"""Binds 'logType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logType' at runtime.""" - - template_message_field: Annotated[ - Optional[str], pydantic.Field(alias="__template_messageField") - ] = None - r"""Binds 'messageField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'messageField' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("region") - def serialize_region(self, value): - if isinstance(value, str): - try: - return models.RegionOptions(value) - except ValueError: - return value - return value - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAPI(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "region", - "logType", - "messageField", - "metadata", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "authType", - "totalMemoryLimitKB", - "description", - "customUrl", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "apiKey", - "textSecret", - "__template_streamtags", - "__template_region", - "__template_logType", - "__template_messageField", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeElasticCloud(str, Enum): - ELASTIC_CLOUD = "elastic_cloud" - - -class OutputResponsePqControlsElasticCloudTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsElasticCloud(BaseModel): - pass - - -class OutputResponseOutputElasticCloudTypedDict(TypedDict): - type: OutputResponseTypeElasticCloud - url: str - r"""Enter Cloud ID of the Elastic Cloud environment to send events to""" - index: str - r"""Data stream or index to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - extra_params: NotRequired[List[SaslExtensionConfInputKafkaTypedDict]] - r"""Extra parameters to use in HTTP requests""" - auth: NotRequired[AuthTypeTemplatemanualAPIKeyAuthTypeTypedDict] - elastic_pipeline: NotRequired[str] - r"""Optional Elastic Cloud Destination pipeline""" - include_doc_id: NotRequired[bool] - r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsElasticCloudTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - template_index: NotRequired[str] - r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_elastic_pipeline: NotRequired[str] - r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputElasticCloud(BaseModel): - type: OutputResponseTypeElasticCloud - - url: str - r"""Enter Cloud ID of the Elastic Cloud environment to send events to""" - - index: str - r"""Data stream or index to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - extra_params: Annotated[ - Optional[List[SaslExtensionConfInputKafka]], pydantic.Field(alias="extraParams") - ] = None - r"""Extra parameters to use in HTTP requests""" - - auth: Optional[AuthTypeTemplatemanualAPIKeyAuthType] = None - - elastic_pipeline: Annotated[ - Optional[str], pydantic.Field(alias="elasticPipeline") - ] = None - r"""Optional Elastic Cloud Destination pipeline""" - - include_doc_id: Annotated[Optional[bool], pydantic.Field(alias="includeDocId")] = ( - None - ) - r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsElasticCloud], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - template_index: Annotated[ - Optional[str], pydantic.Field(alias="__template_index") - ] = None - r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_elastic_pipeline: Annotated[ - Optional[str], pydantic.Field(alias="__template_elasticPipeline") - ] = None - r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "failedRequestLoggingMode", - "safeHeaders", - "extraParams", - "auth", - "elasticPipeline", - "includeDocId", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "description", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_url", - "__template_index", - "__template_failedRequestLoggingMode", - "__template_elasticPipeline", - "__template_onBackpressure", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeElastic(str, Enum): - ELASTIC = "elastic" - - -class OutputResponseElasticVersion(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Optional Elasticsearch version, used to format events. If not specified, will auto-discover version.""" - - # Auto - AUTO = "auto" - # 6.x - SIX = "6" - # 7.x - SEVEN = "7" - - -class OutputResponseWriteAction(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Action to use when writing events. Must be set to `Create` when writing to a data stream.""" - - # Index - INDEX = "index" - # Create - CREATE = "create" - - -class OutputResponseURLElasticTypedDict(TypedDict): - url: str - r"""The URL to an Elastic node to send events to. Example: http://elastic:9200/_bulk""" - weight: NotRequired[float] - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - -class OutputResponseURLElastic(BaseModel): - url: str - r"""The URL to an Elastic node to send events to. Example: http://elastic:9200/_bulk""" - - weight: Optional[float] = None - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["weight", "__template_url"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponsePqControlsElasticTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsElastic(BaseModel): - pass - - -class OutputResponseOutputElasticTypedDict(TypedDict): - type: OutputResponseTypeElastic - index: str - r"""Index or data stream to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - load_balanced: NotRequired[bool] - r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" - doc_type: NotRequired[str] - r"""Document type to use for events. Can be overwritten by an event's __type field.""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - extra_params: NotRequired[List[SaslExtensionConfInputKafkaTypedDict]] - auth: NotRequired[AuthTypeTemplatemanualAPIKeyAuthTypeTypedDict] - elastic_version: NotRequired[OutputResponseElasticVersion] - r"""Optional Elasticsearch version, used to format events. If not specified, will auto-discover version.""" - elastic_pipeline: NotRequired[str] - r"""Optional Elasticsearch destination pipeline""" - include_doc_id: NotRequired[bool] - r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" - write_action: NotRequired[OutputResponseWriteAction] - r"""Action to use when writing events. Must be set to `Create` when writing to a data stream.""" - retry_partial_errors: NotRequired[bool] - r"""Retry failed events when a bulk request to Elastic is successful, but the response body returns an error for one or more events in the batch""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - url: NotRequired[str] - r"""The Cloud ID or URL to an Elastic cluster to send events to. Example: http://elastic:9200/_bulk""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - exclude_self: NotRequired[bool] - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - urls: NotRequired[List[OutputResponseURLElasticTypedDict]] - dns_resolve_period_sec: NotRequired[float] - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - load_balance_stats_period_sec: NotRequired[float] - r"""How far back in time to keep traffic stats for load balancing purposes""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsElasticTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_index: NotRequired[str] - r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" - template_doc_type: NotRequired[str] - r"""Binds 'docType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'docType' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_elastic_pipeline: NotRequired[str] - r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputElastic(BaseModel): - type: OutputResponseTypeElastic - - index: str - r"""Index or data stream to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( - None - ) - r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" - - doc_type: Annotated[Optional[str], pydantic.Field(alias="docType")] = None - r"""Document type to use for events. Can be overwritten by an event's __type field.""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - extra_params: Annotated[ - Optional[List[SaslExtensionConfInputKafka]], pydantic.Field(alias="extraParams") - ] = None - - auth: Optional[AuthTypeTemplatemanualAPIKeyAuthType] = None - - elastic_version: Annotated[ - Optional[OutputResponseElasticVersion], pydantic.Field(alias="elasticVersion") - ] = None - r"""Optional Elasticsearch version, used to format events. If not specified, will auto-discover version.""" - - elastic_pipeline: Annotated[ - Optional[str], pydantic.Field(alias="elasticPipeline") - ] = None - r"""Optional Elasticsearch destination pipeline""" - - include_doc_id: Annotated[Optional[bool], pydantic.Field(alias="includeDocId")] = ( - None - ) - r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" - - write_action: Annotated[ - Optional[OutputResponseWriteAction], pydantic.Field(alias="writeAction") - ] = None - r"""Action to use when writing events. Must be set to `Create` when writing to a data stream.""" - - retry_partial_errors: Annotated[ - Optional[bool], pydantic.Field(alias="retryPartialErrors") - ] = None - r"""Retry failed events when a bulk request to Elastic is successful, but the response body returns an error for one or more events in the batch""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - url: Optional[str] = None - r"""The Cloud ID or URL to an Elastic cluster to send events to. Example: http://elastic:9200/_bulk""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - - urls: Optional[List[OutputResponseURLElastic]] = None - - dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") - ] = None - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - - load_balance_stats_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") - ] = None - r"""How far back in time to keep traffic stats for load balancing purposes""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsElastic], pydantic.Field(alias="pqControls") - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_index: Annotated[ - Optional[str], pydantic.Field(alias="__template_index") - ] = None - r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" - - template_doc_type: Annotated[ - Optional[str], pydantic.Field(alias="__template_docType") - ] = None - r"""Binds 'docType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'docType' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_elastic_pipeline: Annotated[ - Optional[str], pydantic.Field(alias="__template_elasticPipeline") - ] = None - r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("elastic_version") - def serialize_elastic_version(self, value): - if isinstance(value, str): - try: - return models.OutputResponseElasticVersion(value) - except ValueError: - return value - return value - - @field_serializer("write_action") - def serialize_write_action(self, value): - if isinstance(value, str): - try: - return models.OutputResponseWriteAction(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "loadBalanced", - "docType", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "extraParams", - "auth", - "elasticVersion", - "elasticPipeline", - "includeDocId", - "writeAction", - "retryPartialErrors", - "onBackpressure", - "description", - "url", - "useRoundRobinDns", - "excludeSelf", - "urls", - "dnsResolvePeriodSec", - "loadBalanceStatsPeriodSec", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_index", - "__template_docType", - "__template_failedRequestLoggingMode", - "__template_elasticPipeline", - "__template_onBackpressure", - "__template_url", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeMsk(str, Enum): - MSK = "msk" - - -class OutputResponsePqControlsMskTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsMsk(BaseModel): - pass - - -class OutputResponseOutputMskTypedDict(TypedDict): - type: OutputResponseTypeMsk - brokers: List[str] - r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" - topic: str - r"""The topic to publish events to. Can be overridden using the __topicOut field.""" - aws_authentication_method: AuthenticationMethodOptionsS3CollectorConf - r"""AWS authentication method. Choose Auto to use IAM roles.""" - region: str - r"""Region where the MSK cluster is located""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - ack: NotRequired[AcknowledgmentsOptionsAllLeader] - r"""Control the number of required acknowledgments.""" - format_: NotRequired[RecordDataFormatOptionsJSONProtobuf] - r"""Format to use to serialize events before writing to Kafka.""" - compression: NotRequired[CompressionOptionsGzipLz4] - r"""Codec to use to compress the data before sending to Kafka""" - max_record_size_kb: NotRequired[float] - r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" - flush_event_count: NotRequired[float] - r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" - flush_period_sec: NotRequired[float] - r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" - kafka_schema_registry: NotRequired[ - KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict - ] - connection_timeout: NotRequired[float] - r"""Maximum time to wait for a connection to complete successfully""" - request_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to a request""" - max_retries: NotRequired[float] - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - max_back_off: NotRequired[float] - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - initial_backoff: NotRequired[float] - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - backoff_rate: NotRequired[float] - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - authentication_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to an authentication request""" - reauthentication_threshold: NotRequired[float] - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - aws_secret_key: NotRequired[str] - endpoint: NotRequired[str] - r"""MSK cluster service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to MSK cluster-compatible endpoint.""" - reuse_connections: NotRequired[bool] - r"""Reuse connections between requests, which can improve performance""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - enable_assume_role: NotRequired[bool] - r"""Use Assume Role credentials to access MSK""" - assume_role_arn: NotRequired[str] - r"""Amazon Resource Name (ARN) of the role to assume""" - assume_role_external_id: NotRequired[str] - r"""External ID to use when assuming role""" - duration_seconds: NotRequired[float] - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - aws_api_key: NotRequired[str] - aws_secret: NotRequired[str] - r"""Select or create a stored secret that references your access key and secret key""" - protobuf_library_id: NotRequired[str] - r"""Select a set of Protobuf definitions for the events you want to send""" - protobuf_encoding_id: NotRequired[str] - r"""Select the type of object you want the Protobuf definitions to use for event encoding""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsMskTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_topic: NotRequired[str] - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_compression: NotRequired[str] - r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" - template_aws_secret_key: NotRequired[str] - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_endpoint: NotRequired[str] - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - template_assume_role_arn: NotRequired[str] - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - template_assume_role_external_id: NotRequired[str] - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_aws_api_key: NotRequired[str] - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputMsk(BaseModel): - type: OutputResponseTypeMsk - - brokers: List[str] - r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" - - topic: str - r"""The topic to publish events to. Can be overridden using the __topicOut field.""" - - aws_authentication_method: Annotated[ - AuthenticationMethodOptionsS3CollectorConf, - pydantic.Field(alias="awsAuthenticationMethod"), - ] - r"""AWS authentication method. Choose Auto to use IAM roles.""" - - region: str - r"""Region where the MSK cluster is located""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - ack: Optional[AcknowledgmentsOptionsAllLeader] = None - r"""Control the number of required acknowledgments.""" - - format_: Annotated[ - Optional[RecordDataFormatOptionsJSONProtobuf], pydantic.Field(alias="format") - ] = None - r"""Format to use to serialize events before writing to Kafka.""" - - compression: Optional[CompressionOptionsGzipLz4] = None - r"""Codec to use to compress the data before sending to Kafka""" - - max_record_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSizeKB") - ] = None - r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" - - flush_event_count: Annotated[ - Optional[float], pydantic.Field(alias="flushEventCount") - ] = None - r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" - - kafka_schema_registry: Annotated[ - Optional[KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth], - pydantic.Field(alias="kafkaSchemaRegistry"), - ] = None - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Maximum time to wait for a connection to complete successfully""" - - request_timeout: Annotated[ - Optional[float], pydantic.Field(alias="requestTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to a request""" - - max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - - max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - - initial_backoff: Annotated[ - Optional[float], pydantic.Field(alias="initialBackoff") - ] = None - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - - backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - - authentication_timeout: Annotated[ - Optional[float], pydantic.Field(alias="authenticationTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to an authentication request""" - - reauthentication_threshold: Annotated[ - Optional[float], pydantic.Field(alias="reauthenticationThreshold") - ] = None - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - - aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( - None - ) - - endpoint: Optional[str] = None - r"""MSK cluster service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to MSK cluster-compatible endpoint.""" - - reuse_connections: Annotated[ - Optional[bool], pydantic.Field(alias="reuseConnections") - ] = None - r"""Reuse connections between requests, which can improve performance""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - - enable_assume_role: Annotated[ - Optional[bool], pydantic.Field(alias="enableAssumeRole") - ] = None - r"""Use Assume Role credentials to access MSK""" - - assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( - None - ) - r"""Amazon Resource Name (ARN) of the role to assume""" - - assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="assumeRoleExternalId") - ] = None - r"""External ID to use when assuming role""" - - duration_seconds: Annotated[ - Optional[float], pydantic.Field(alias="durationSeconds") - ] = None - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None - - aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None - r"""Select or create a stored secret that references your access key and secret key""" - - protobuf_library_id: Annotated[ - Optional[str], pydantic.Field(alias="protobufLibraryId") - ] = None - r"""Select a set of Protobuf definitions for the events you want to send""" - - protobuf_encoding_id: Annotated[ - Optional[str], pydantic.Field(alias="protobufEncodingId") - ] = None - r"""Select the type of object you want the Protobuf definitions to use for event encoding""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsMsk], pydantic.Field(alias="pqControls") - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_topic: Annotated[ - Optional[str], pydantic.Field(alias="__template_topic") - ] = None - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_compression: Annotated[ - Optional[str], pydantic.Field(alias="__template_compression") - ] = None - r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" - - template_aws_secret_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsSecretKey") - ] = None - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_endpoint") - ] = None - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - - template_assume_role_arn: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleArn") - ] = None - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - - template_assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") - ] = None - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_aws_api_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsApiKey") - ] = None - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("ack") - def serialize_ack(self, value): - if isinstance(value, str): - try: - return models.AcknowledgmentsOptionsAllLeader(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.RecordDataFormatOptionsJSONProtobuf(value) - except ValueError: - return value - return value - - @field_serializer("compression") - def serialize_compression(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsGzipLz4(value) - except ValueError: - return value - return value - - @field_serializer("aws_authentication_method") - def serialize_aws_authentication_method(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsS3CollectorConf(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "ack", - "format", - "compression", - "maxRecordSizeKB", - "flushEventCount", - "flushPeriodSec", - "kafkaSchemaRegistry", - "connectionTimeout", - "requestTimeout", - "maxRetries", - "maxBackOff", - "initialBackoff", - "backoffRate", - "authenticationTimeout", - "reauthenticationThreshold", - "awsSecretKey", - "endpoint", - "reuseConnections", - "rejectUnauthorized", - "enableAssumeRole", - "assumeRoleArn", - "assumeRoleExternalId", - "durationSeconds", - "tls", - "onBackpressure", - "description", - "awsApiKey", - "awsSecret", - "protobufLibraryId", - "protobufEncodingId", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_topic", - "__template_format", - "__template_compression", - "__template_awsSecretKey", - "__template_region", - "__template_endpoint", - "__template_assumeRoleArn", - "__template_assumeRoleExternalId", - "__template_onBackpressure", - "__template_awsApiKey", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeConfluentCloud(str, Enum): - CONFLUENT_CLOUD = "confluent_cloud" - - -class OutputResponsePqControlsConfluentCloudTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsConfluentCloud(BaseModel): - pass - - -class OutputResponseOutputConfluentCloudTypedDict(TypedDict): - type: OutputResponseTypeConfluentCloud - brokers: List[str] - r"""List of Confluent Cloud bootstrap servers to use, such as yourAccount.confluent.cloud:9092.""" - topic: str - r"""The topic to publish events to. Can be overridden using the __topicOut field.""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] - ack: NotRequired[AcknowledgmentsOptionsAllLeader] - r"""Control the number of required acknowledgments.""" - format_: NotRequired[RecordDataFormatOptionsJSONProtobuf] - r"""Format to use to serialize events before writing to Kafka.""" - compression: NotRequired[CompressionOptionsGzipLz4] - r"""Codec to use to compress the data before sending to Kafka""" - max_record_size_kb: NotRequired[float] - r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" - flush_event_count: NotRequired[float] - r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" - flush_period_sec: NotRequired[float] - r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" - kafka_schema_registry: NotRequired[ - KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict - ] - connection_timeout: NotRequired[float] - r"""Maximum time to wait for a connection to complete successfully""" - request_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to a request""" - max_retries: NotRequired[float] - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - max_back_off: NotRequired[float] - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - initial_backoff: NotRequired[float] - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - backoff_rate: NotRequired[float] - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - authentication_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to an authentication request""" - reauthentication_threshold: NotRequired[float] - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - sasl: NotRequired[AuthenticationTypeTypedDict] - r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - protobuf_library_id: NotRequired[str] - r"""Select a set of Protobuf definitions for the events you want to send""" - protobuf_encoding_id: NotRequired[str] - r"""Select the type of object you want the Protobuf definitions to use for event encoding""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsConfluentCloudTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_brokers: NotRequired[str] - r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" - template_topic: NotRequired[str] - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_compression: NotRequired[str] - r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputConfluentCloud(BaseModel): - type: OutputResponseTypeConfluentCloud - - brokers: List[str] - r"""List of Confluent Cloud bootstrap servers to use, such as yourAccount.confluent.cloud:9092.""" - - topic: str - r"""The topic to publish events to. Can be overridden using the __topicOut field.""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None - - ack: Optional[AcknowledgmentsOptionsAllLeader] = None - r"""Control the number of required acknowledgments.""" - - format_: Annotated[ - Optional[RecordDataFormatOptionsJSONProtobuf], pydantic.Field(alias="format") - ] = None - r"""Format to use to serialize events before writing to Kafka.""" - - compression: Optional[CompressionOptionsGzipLz4] = None - r"""Codec to use to compress the data before sending to Kafka""" - - max_record_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSizeKB") - ] = None - r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" - - flush_event_count: Annotated[ - Optional[float], pydantic.Field(alias="flushEventCount") - ] = None - r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" - - kafka_schema_registry: Annotated[ - Optional[KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth], - pydantic.Field(alias="kafkaSchemaRegistry"), - ] = None - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Maximum time to wait for a connection to complete successfully""" - - request_timeout: Annotated[ - Optional[float], pydantic.Field(alias="requestTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to a request""" - - max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - - max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - - initial_backoff: Annotated[ - Optional[float], pydantic.Field(alias="initialBackoff") - ] = None - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - - backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - - authentication_timeout: Annotated[ - Optional[float], pydantic.Field(alias="authenticationTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to an authentication request""" - - reauthentication_threshold: Annotated[ - Optional[float], pydantic.Field(alias="reauthenticationThreshold") - ] = None - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - - sasl: Optional[AuthenticationType] = None - r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - protobuf_library_id: Annotated[ - Optional[str], pydantic.Field(alias="protobufLibraryId") - ] = None - r"""Select a set of Protobuf definitions for the events you want to send""" - - protobuf_encoding_id: Annotated[ - Optional[str], pydantic.Field(alias="protobufEncodingId") - ] = None - r"""Select the type of object you want the Protobuf definitions to use for event encoding""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsConfluentCloud], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_brokers: Annotated[ - Optional[str], pydantic.Field(alias="__template_brokers") - ] = None - r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" - - template_topic: Annotated[ - Optional[str], pydantic.Field(alias="__template_topic") - ] = None - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_compression: Annotated[ - Optional[str], pydantic.Field(alias="__template_compression") - ] = None - r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("ack") - def serialize_ack(self, value): - if isinstance(value, str): - try: - return models.AcknowledgmentsOptionsAllLeader(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.RecordDataFormatOptionsJSONProtobuf(value) - except ValueError: - return value - return value - - @field_serializer("compression") - def serialize_compression(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsGzipLz4(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "tls", - "ack", - "format", - "compression", - "maxRecordSizeKB", - "flushEventCount", - "flushPeriodSec", - "kafkaSchemaRegistry", - "connectionTimeout", - "requestTimeout", - "maxRetries", - "maxBackOff", - "initialBackoff", - "backoffRate", - "authenticationTimeout", - "reauthenticationThreshold", - "sasl", - "onBackpressure", - "description", - "protobufLibraryId", - "protobufEncodingId", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_brokers", - "__template_topic", - "__template_format", - "__template_compression", - "__template_onBackpressure", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeKafka(str, Enum): - KAFKA = "kafka" - - -class OutputResponsePqControlsKafkaTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsKafka(BaseModel): - pass - - -class OutputResponseOutputKafkaTypedDict(TypedDict): - type: OutputResponseTypeKafka - brokers: List[str] - r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" - topic: str - r"""The topic to publish events to. Can be overridden using the __topicOut field.""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - ack: NotRequired[AcknowledgmentsOptionsAllLeader] - r"""Control the number of required acknowledgments.""" - format_: NotRequired[RecordDataFormatOptionsJSONProtobuf] - r"""Format to use to serialize events before writing to Kafka.""" - compression: NotRequired[CompressionOptionsGzipLz4] - r"""Codec to use to compress the data before sending to Kafka""" - max_record_size_kb: NotRequired[float] - r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" - flush_event_count: NotRequired[float] - r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" - flush_period_sec: NotRequired[float] - r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" - kafka_schema_registry: NotRequired[ - KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict - ] - connection_timeout: NotRequired[float] - r"""Maximum time to wait for a connection to complete successfully""" - request_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to a request""" - max_retries: NotRequired[float] - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - max_back_off: NotRequired[float] - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - initial_backoff: NotRequired[float] - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - backoff_rate: NotRequired[float] - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - authentication_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to an authentication request""" - reauthentication_threshold: NotRequired[float] - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - sasl: NotRequired[AuthenticationTypeTypedDict] - r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - protobuf_library_id: NotRequired[str] - r"""Select a set of Protobuf definitions for the events you want to send""" - protobuf_encoding_id: NotRequired[str] - r"""Select the type of object you want the Protobuf definitions to use for event encoding""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsKafkaTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_topic: NotRequired[str] - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_compression: NotRequired[str] - r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputKafka(BaseModel): - type: OutputResponseTypeKafka - - brokers: List[str] - r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" - - topic: str - r"""The topic to publish events to. Can be overridden using the __topicOut field.""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - ack: Optional[AcknowledgmentsOptionsAllLeader] = None - r"""Control the number of required acknowledgments.""" - - format_: Annotated[ - Optional[RecordDataFormatOptionsJSONProtobuf], pydantic.Field(alias="format") - ] = None - r"""Format to use to serialize events before writing to Kafka.""" - - compression: Optional[CompressionOptionsGzipLz4] = None - r"""Codec to use to compress the data before sending to Kafka""" - - max_record_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSizeKB") - ] = None - r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" - - flush_event_count: Annotated[ - Optional[float], pydantic.Field(alias="flushEventCount") - ] = None - r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" - - kafka_schema_registry: Annotated[ - Optional[KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth], - pydantic.Field(alias="kafkaSchemaRegistry"), - ] = None - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Maximum time to wait for a connection to complete successfully""" - - request_timeout: Annotated[ - Optional[float], pydantic.Field(alias="requestTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to a request""" - - max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - - max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - - initial_backoff: Annotated[ - Optional[float], pydantic.Field(alias="initialBackoff") - ] = None - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - - backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - - authentication_timeout: Annotated[ - Optional[float], pydantic.Field(alias="authenticationTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to an authentication request""" - - reauthentication_threshold: Annotated[ - Optional[float], pydantic.Field(alias="reauthenticationThreshold") - ] = None - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - - sasl: Optional[AuthenticationType] = None - r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - protobuf_library_id: Annotated[ - Optional[str], pydantic.Field(alias="protobufLibraryId") - ] = None - r"""Select a set of Protobuf definitions for the events you want to send""" - - protobuf_encoding_id: Annotated[ - Optional[str], pydantic.Field(alias="protobufEncodingId") - ] = None - r"""Select the type of object you want the Protobuf definitions to use for event encoding""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsKafka], pydantic.Field(alias="pqControls") - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_topic: Annotated[ - Optional[str], pydantic.Field(alias="__template_topic") - ] = None - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_compression: Annotated[ - Optional[str], pydantic.Field(alias="__template_compression") - ] = None - r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("ack") - def serialize_ack(self, value): - if isinstance(value, str): - try: - return models.AcknowledgmentsOptionsAllLeader(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.RecordDataFormatOptionsJSONProtobuf(value) - except ValueError: - return value - return value - - @field_serializer("compression") - def serialize_compression(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsGzipLz4(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "ack", - "format", - "compression", - "maxRecordSizeKB", - "flushEventCount", - "flushPeriodSec", - "kafkaSchemaRegistry", - "connectionTimeout", - "requestTimeout", - "maxRetries", - "maxBackOff", - "initialBackoff", - "backoffRate", - "authenticationTimeout", - "reauthenticationThreshold", - "sasl", - "tls", - "onBackpressure", - "description", - "protobufLibraryId", - "protobufEncodingId", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_topic", - "__template_format", - "__template_compression", - "__template_onBackpressure", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeExabeam(str, Enum): - EXABEAM = "exabeam" - - -class OutputResponseOutputExabeamTypedDict(TypedDict): - type: OutputResponseTypeExabeam - bucket: str - r"""Name of the destination bucket. A constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a JavaScript Global Variable: `myBucket-${C.vars.myVar}`.""" - region: str - r"""Region where the bucket is located""" - stage_path: str - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - endpoint: str - r"""Google Cloud Storage service endpoint""" - collector_instance_id: str - r"""ID of the Exabeam Collector where data should be sent. Example: 11112222-3333-4444-5555-666677778888 - - """ - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - object_acl: NotRequired[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol] - r"""Object ACL to assign to uploaded objects""" - storage_class: NotRequired[StorageClassOptionsArchiveColdline] - r"""Storage class to select for uploaded objects""" - reuse_connections: NotRequired[bool] - r"""Reuse connections between requests, which can improve performance""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - add_id_to_stage_path: NotRequired[bool] - r"""Add the Output ID value to staging location""" - remove_empty_dirs: NotRequired[bool] - r"""Remove empty staging directories after moving files""" - max_file_open_time_sec: NotRequired[float] - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - max_file_idle_time_sec: NotRequired[float] - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - max_open_files: NotRequired[float] - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] - r"""How to handle events when all receivers are exerting backpressure""" - deadletter_enabled: NotRequired[bool] - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - retry_settings: NotRequired[RetrySettingsTypeTypedDict] - orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] - max_file_size_mb: NotRequired[float] - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - encoded_configuration: NotRequired[str] - r"""Enter an encoded string containing Exabeam configurations""" - site_name: NotRequired[str] - r"""Constant or JavaScript expression to create an Exabeam site name. Values that aren't successfully evaluated will be treated as string constants.""" - site_id: NotRequired[str] - r"""Exabeam site ID. If left blank, @{product} will use the value of the Exabeam site name.""" - timezone_offset: NotRequired[str] - aws_api_key: NotRequired[str] - r"""HMAC access key. Can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" - aws_secret_key: NotRequired[str] - r"""HMAC secret. Can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" - description: NotRequired[str] - empty_dir_cleanup_sec: NotRequired[float] - r"""How frequently, in seconds, to clean up empty directories""" - directory_batch_size: NotRequired[float] - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - deadletter_path: NotRequired[str] - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - max_retry_num: NotRequired[float] - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_endpoint: NotRequired[str] - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - template_object_acl: NotRequired[str] - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - template_storage_class: NotRequired[str] - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputExabeam(BaseModel): - type: OutputResponseTypeExabeam - - bucket: str - r"""Name of the destination bucket. A constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a JavaScript Global Variable: `myBucket-${C.vars.myVar}`.""" - - region: str - r"""Region where the bucket is located""" - - stage_path: Annotated[str, pydantic.Field(alias="stagePath")] - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - - endpoint: str - r"""Google Cloud Storage service endpoint""" - - collector_instance_id: Annotated[str, pydantic.Field(alias="collectorInstanceId")] - r"""ID of the Exabeam Collector where data should be sent. Example: 11112222-3333-4444-5555-666677778888 - - """ - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - object_acl: Annotated[ - Optional[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol], - pydantic.Field(alias="objectACL"), - ] = None - r"""Object ACL to assign to uploaded objects""" - - storage_class: Annotated[ - Optional[StorageClassOptionsArchiveColdline], - pydantic.Field(alias="storageClass"), - ] = None - r"""Storage class to select for uploaded objects""" - - reuse_connections: Annotated[ - Optional[bool], pydantic.Field(alias="reuseConnections") - ] = None - r"""Reuse connections between requests, which can improve performance""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - - add_id_to_stage_path: Annotated[ - Optional[bool], pydantic.Field(alias="addIdToStagePath") - ] = None - r"""Add the Output ID value to staging location""" - - remove_empty_dirs: Annotated[ - Optional[bool], pydantic.Field(alias="removeEmptyDirs") - ] = None - r"""Remove empty staging directories after moving files""" - - max_file_open_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") - ] = None - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - - max_file_idle_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") - ] = None - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - - max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( - None - ) - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptionsBlockDrop], - pydantic.Field(alias="onBackpressure"), - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - deadletter_enabled: Annotated[ - Optional[bool], pydantic.Field(alias="deadletterEnabled") - ] = None - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - - on_disk_full_backpressure: Annotated[ - Optional[DiskSpaceProtectionOptions], - pydantic.Field(alias="onDiskFullBackpressure"), - ] = None - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - - retry_settings: Annotated[ - Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") - ] = None - - orphans: Optional[OrphanFileRecoveryType] = None - - max_file_size_mb: Annotated[ - Optional[float], pydantic.Field(alias="maxFileSizeMB") - ] = None - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - - encoded_configuration: Annotated[ - Optional[str], pydantic.Field(alias="encodedConfiguration") - ] = None - r"""Enter an encoded string containing Exabeam configurations""" - - site_name: Annotated[Optional[str], pydantic.Field(alias="siteName")] = None - r"""Constant or JavaScript expression to create an Exabeam site name. Values that aren't successfully evaluated will be treated as string constants.""" - - site_id: Annotated[Optional[str], pydantic.Field(alias="siteId")] = None - r"""Exabeam site ID. If left blank, @{product} will use the value of the Exabeam site name.""" - - timezone_offset: Annotated[ - Optional[str], pydantic.Field(alias="timezoneOffset") - ] = None - - aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None - r"""HMAC access key. Can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" - - aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( - None - ) - r"""HMAC secret. Can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" - - description: Optional[str] = None - - empty_dir_cleanup_sec: Annotated[ - Optional[float], pydantic.Field(alias="emptyDirCleanupSec") - ] = None - r"""How frequently, in seconds, to clean up empty directories""" - - directory_batch_size: Annotated[ - Optional[float], pydantic.Field(alias="directoryBatchSize") - ] = None - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - - deadletter_path: Annotated[ - Optional[str], pydantic.Field(alias="deadletterPath") - ] = None - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - - max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( - None - ) - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_endpoint") - ] = None - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - - template_object_acl: Annotated[ - Optional[str], pydantic.Field(alias="__template_objectACL") - ] = None - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - - template_storage_class: Annotated[ - Optional[str], pydantic.Field(alias="__template_storageClass") - ] = None - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("object_acl") - def serialize_object_acl(self, value): - if isinstance(value, str): - try: - return models.ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol( - value - ) - except ValueError: - return value - return value - - @field_serializer("storage_class") - def serialize_storage_class(self, value): - if isinstance(value, str): - try: - return models.StorageClassOptionsArchiveColdline(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptionsBlockDrop(value) - except ValueError: - return value - return value - - @field_serializer("on_disk_full_backpressure") - def serialize_on_disk_full_backpressure(self, value): - if isinstance(value, str): - try: - return models.DiskSpaceProtectionOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "objectACL", - "storageClass", - "reuseConnections", - "rejectUnauthorized", - "addIdToStagePath", - "removeEmptyDirs", - "maxFileOpenTimeSec", - "maxFileIdleTimeSec", - "maxOpenFiles", - "onBackpressure", - "deadletterEnabled", - "onDiskFullBackpressure", - "retrySettings", - "orphans", - "maxFileSizeMB", - "encodedConfiguration", - "siteName", - "siteId", - "timezoneOffset", - "awsApiKey", - "awsSecretKey", - "description", - "emptyDirCleanupSec", - "directoryBatchSize", - "deadletterPath", - "maxRetryNum", - "__template_streamtags", - "__template_region", - "__template_endpoint", - "__template_objectACL", - "__template_storageClass", - "__template_onBackpressure", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeGooglePubsub(str, Enum): - GOOGLE_PUBSUB = "google_pubsub" - - -class OutputResponsePqControlsGooglePubsubTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsGooglePubsub(BaseModel): - pass - - -class OutputResponseOutputGooglePubsubTypedDict(TypedDict): - type: OutputResponseTypeGooglePubsub - topic_name: str - r"""ID of the topic to send events to.""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - create_topic: NotRequired[bool] - r"""If enabled, create topic if it does not exist.""" - ordered_delivery: NotRequired[bool] - r"""If enabled, send events in the order they were added to the queue. For this to work correctly, the process receiving events must have ordering enabled.""" - region: NotRequired[str] - r"""Region to publish messages to. Select 'default' to allow Google to auto-select the nearest region. When using ordered delivery, the selected region must be allowed by message storage policy.""" - google_auth_method: NotRequired[GoogleAuthenticationMethodOptions] - r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" - service_account_credentials: NotRequired[str] - r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" - secret: NotRequired[str] - r"""Select or create a stored text secret""" - batch_size: NotRequired[float] - r"""The maximum number of items the Google API should batch before it sends them to the topic.""" - batch_timeout: NotRequired[float] - r"""The maximum amount of time, in milliseconds, that the Google API should wait to send a batch (if the Batch size is not reached).""" - max_queue_size: NotRequired[float] - r"""Maximum number of queued batches before blocking.""" - max_record_size_kb: NotRequired[float] - r"""Maximum size (KB) of batches to send.""" - flush_period: NotRequired[float] - r"""Maximum time to wait before sending a batch (when batch size limit is not reached)""" - max_in_progress: NotRequired[float] - r"""The maximum number of in-progress API requests before backpressure is applied.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsGooglePubsubTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_topic_name: NotRequired[str] - r"""Binds 'topicName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicName' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputGooglePubsub(BaseModel): - type: OutputResponseTypeGooglePubsub - - topic_name: Annotated[str, pydantic.Field(alias="topicName")] - r"""ID of the topic to send events to.""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - create_topic: Annotated[Optional[bool], pydantic.Field(alias="createTopic")] = None - r"""If enabled, create topic if it does not exist.""" - - ordered_delivery: Annotated[ - Optional[bool], pydantic.Field(alias="orderedDelivery") - ] = None - r"""If enabled, send events in the order they were added to the queue. For this to work correctly, the process receiving events must have ordering enabled.""" - - region: Optional[str] = None - r"""Region to publish messages to. Select 'default' to allow Google to auto-select the nearest region. When using ordered delivery, the selected region must be allowed by message storage policy.""" - - google_auth_method: Annotated[ - Optional[GoogleAuthenticationMethodOptions], - pydantic.Field(alias="googleAuthMethod"), - ] = None - r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" - - service_account_credentials: Annotated[ - Optional[str], pydantic.Field(alias="serviceAccountCredentials") - ] = None - r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" - - secret: Optional[str] = None - r"""Select or create a stored text secret""" - - batch_size: Annotated[Optional[float], pydantic.Field(alias="batchSize")] = None - r"""The maximum number of items the Google API should batch before it sends them to the topic.""" - - batch_timeout: Annotated[Optional[float], pydantic.Field(alias="batchTimeout")] = ( - None - ) - r"""The maximum amount of time, in milliseconds, that the Google API should wait to send a batch (if the Batch size is not reached).""" - - max_queue_size: Annotated[Optional[float], pydantic.Field(alias="maxQueueSize")] = ( - None - ) - r"""Maximum number of queued batches before blocking.""" - - max_record_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSizeKB") - ] = None - r"""Maximum size (KB) of batches to send.""" - - flush_period: Annotated[Optional[float], pydantic.Field(alias="flushPeriod")] = None - r"""Maximum time to wait before sending a batch (when batch size limit is not reached)""" - - max_in_progress: Annotated[ - Optional[float], pydantic.Field(alias="maxInProgress") - ] = None - r"""The maximum number of in-progress API requests before backpressure is applied.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsGooglePubsub], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_topic_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_topicName") - ] = None - r"""Binds 'topicName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicName' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("google_auth_method") - def serialize_google_auth_method(self, value): - if isinstance(value, str): - try: - return models.GoogleAuthenticationMethodOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "createTopic", - "orderedDelivery", - "region", - "googleAuthMethod", - "serviceAccountCredentials", - "secret", - "batchSize", - "batchTimeout", - "maxQueueSize", - "maxRecordSizeKB", - "flushPeriod", - "maxInProgress", - "onBackpressure", - "description", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_topicName", - "__template_region", - "__template_onBackpressure", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeGoogleCloudLogging(str, Enum): - GOOGLE_CLOUD_LOGGING = "google_cloud_logging" - - -class OutputResponseLogLocationType(str, Enum, metaclass=utils.OpenEnumMeta): - # Project - PROJECT = "project" - # Organization - ORGANIZATION = "organization" - # Billing Account - BILLING_ACCOUNT = "billingAccount" - # Folder - FOLDER = "folder" - - -class OutputResponsePayloadFormat(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Format to use when sending payload. Defaults to Text.""" - - # Text - TEXT = "text" - # JSON - JSON = "json" - - -class OutputResponsePqControlsGoogleCloudLoggingTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsGoogleCloudLogging(BaseModel): - pass - - -class OutputResponseOutputGoogleCloudLoggingTypedDict(TypedDict): - type: OutputResponseTypeGoogleCloudLogging - log_location_type: OutputResponseLogLocationType - log_name_expression: str - r"""JavaScript expression to compute the value of the log name. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" - log_location_expression: str - r"""JavaScript expression to compute the value of the folder ID with which log entries should be associated. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - sanitize_log_names: NotRequired[bool] - payload_format: NotRequired[OutputResponsePayloadFormat] - r"""Format to use when sending payload. Defaults to Text.""" - log_labels: NotRequired[List[LogLabelConfOutputGoogleCloudLoggingTypedDict]] - r"""Labels to apply to the log entry""" - resource_type_expression: NotRequired[str] - r"""JavaScript expression to compute the value of the managed resource type field. Must evaluate to one of the valid values [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types). Defaults to \"global\".""" - resource_type_labels: NotRequired[ - List[LogLabelConfOutputGoogleCloudLoggingTypedDict] - ] - r"""Labels to apply to the managed resource. These must correspond to the valid labels for the specified resource type (see [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types)). Otherwise, they will be dropped by Google Cloud Logging.""" - severity_expression: NotRequired[str] - r"""JavaScript expression to compute the value of the severity field. Must evaluate to one of the severity values supported by Google Cloud Logging [here](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logseverity) (case insensitive). Defaults to \"DEFAULT\".""" - insert_id_expression: NotRequired[str] - r"""JavaScript expression to compute the value of the insert ID field.""" - google_auth_method: NotRequired[GoogleAuthenticationMethodOptions] - r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" - service_account_credentials: NotRequired[str] - r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" - secret: NotRequired[str] - r"""Select or create a stored text secret""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body.""" - max_payload_events: NotRequired[float] - r"""Max number of events to include in the request body. Default is 0 (unlimited).""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking.""" - connection_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it.""" - throttle_rate_req_per_sec: NotRequired[int] - r"""Maximum number of requests to limit to per second.""" - request_method_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request method as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - request_url_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request URL as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - request_size_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - status_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request method as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - response_size_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP response size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - user_agent_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request user agent as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - remote_ip_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request remote IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - server_ip_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request server IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - referer_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request referer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - latency_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request latency, formatted as .s (for example, 1.23s). See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - cache_lookup_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request cache lookup as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - cache_hit_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request cache hit as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - cache_validated_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request cache validated with origin server as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - cache_fill_bytes_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request cache fill bytes as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - protocol_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the HTTP request protocol as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - id_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry operation ID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - producer_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry operation producer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - first_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry operation first flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - last_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry operation last flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - file_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry source location file as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" - line_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry source location line as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" - function_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry source location function as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" - uid_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry log split UID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" - index_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry log split index as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" - total_splits_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the log entry log split total splits as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" - trace_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the REST resource name of the trace being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" - span_id_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the ID of the cloud trace span associated with the current operation in which the log is being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" - trace_sampled_expression: NotRequired[str] - r"""A JavaScript expression that evaluates to the the sampling decision of the span associated with the log entry. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - total_memory_limit_kb: NotRequired[float] - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - description: NotRequired[str] - payload_expression: NotRequired[str] - r"""JavaScript expression to compute the value of the payload. Must evaluate to a JavaScript object value. If an invalid value is encountered it will result in the default value instead. Defaults to the entire event.""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsGoogleCloudLoggingTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_log_location_type: NotRequired[str] - r"""Binds 'logLocationType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationType' at runtime.""" - template_log_name_expression: NotRequired[str] - r"""Binds 'logNameExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logNameExpression' at runtime.""" - template_payload_format: NotRequired[str] - r"""Binds 'payloadFormat' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadFormat' at runtime.""" - template_resource_type_expression: NotRequired[str] - r"""Binds 'resourceTypeExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'resourceTypeExpression' at runtime.""" - template_severity_expression: NotRequired[str] - r"""Binds 'severityExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'severityExpression' at runtime.""" - template_insert_id_expression: NotRequired[str] - r"""Binds 'insertIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'insertIdExpression' at runtime.""" - template_trace_expression: NotRequired[str] - r"""Binds 'traceExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceExpression' at runtime.""" - template_span_id_expression: NotRequired[str] - r"""Binds 'spanIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'spanIdExpression' at runtime.""" - template_trace_sampled_expression: NotRequired[str] - r"""Binds 'traceSampledExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceSampledExpression' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_log_location_expression: NotRequired[str] - r"""Binds 'logLocationExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationExpression' at runtime.""" - template_payload_expression: NotRequired[str] - r"""Binds 'payloadExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadExpression' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputGoogleCloudLogging(BaseModel): - type: OutputResponseTypeGoogleCloudLogging - - log_location_type: Annotated[ - OutputResponseLogLocationType, pydantic.Field(alias="logLocationType") - ] - - log_name_expression: Annotated[str, pydantic.Field(alias="logNameExpression")] - r"""JavaScript expression to compute the value of the log name. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" - - log_location_expression: Annotated[ - str, pydantic.Field(alias="logLocationExpression") - ] - r"""JavaScript expression to compute the value of the folder ID with which log entries should be associated. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - sanitize_log_names: Annotated[ - Optional[bool], pydantic.Field(alias="sanitizeLogNames") - ] = None - - payload_format: Annotated[ - Optional[OutputResponsePayloadFormat], pydantic.Field(alias="payloadFormat") - ] = None - r"""Format to use when sending payload. Defaults to Text.""" - - log_labels: Annotated[ - Optional[List[LogLabelConfOutputGoogleCloudLogging]], - pydantic.Field(alias="logLabels"), - ] = None - r"""Labels to apply to the log entry""" - - resource_type_expression: Annotated[ - Optional[str], pydantic.Field(alias="resourceTypeExpression") - ] = None - r"""JavaScript expression to compute the value of the managed resource type field. Must evaluate to one of the valid values [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types). Defaults to \"global\".""" - - resource_type_labels: Annotated[ - Optional[List[LogLabelConfOutputGoogleCloudLogging]], - pydantic.Field(alias="resourceTypeLabels"), - ] = None - r"""Labels to apply to the managed resource. These must correspond to the valid labels for the specified resource type (see [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types)). Otherwise, they will be dropped by Google Cloud Logging.""" - - severity_expression: Annotated[ - Optional[str], pydantic.Field(alias="severityExpression") - ] = None - r"""JavaScript expression to compute the value of the severity field. Must evaluate to one of the severity values supported by Google Cloud Logging [here](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logseverity) (case insensitive). Defaults to \"DEFAULT\".""" - - insert_id_expression: Annotated[ - Optional[str], pydantic.Field(alias="insertIdExpression") - ] = None - r"""JavaScript expression to compute the value of the insert ID field.""" - - google_auth_method: Annotated[ - Optional[GoogleAuthenticationMethodOptions], - pydantic.Field(alias="googleAuthMethod"), - ] = None - r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" - - service_account_credentials: Annotated[ - Optional[str], pydantic.Field(alias="serviceAccountCredentials") - ] = None - r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" - - secret: Optional[str] = None - r"""Select or create a stored text secret""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body.""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Max number of events to include in the request body. Default is 0 (unlimited).""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking.""" - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it.""" - - throttle_rate_req_per_sec: Annotated[ - Optional[int], pydantic.Field(alias="throttleRateReqPerSec") - ] = None - r"""Maximum number of requests to limit to per second.""" - - request_method_expression: Annotated[ - Optional[str], pydantic.Field(alias="requestMethodExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request method as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - request_url_expression: Annotated[ - Optional[str], pydantic.Field(alias="requestUrlExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request URL as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - request_size_expression: Annotated[ - Optional[str], pydantic.Field(alias="requestSizeExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - status_expression: Annotated[ - Optional[str], pydantic.Field(alias="statusExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request method as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - response_size_expression: Annotated[ - Optional[str], pydantic.Field(alias="responseSizeExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP response size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - user_agent_expression: Annotated[ - Optional[str], pydantic.Field(alias="userAgentExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request user agent as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - remote_ip_expression: Annotated[ - Optional[str], pydantic.Field(alias="remoteIpExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request remote IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - server_ip_expression: Annotated[ - Optional[str], pydantic.Field(alias="serverIpExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request server IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - referer_expression: Annotated[ - Optional[str], pydantic.Field(alias="refererExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request referer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - latency_expression: Annotated[ - Optional[str], pydantic.Field(alias="latencyExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request latency, formatted as .s (for example, 1.23s). See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - cache_lookup_expression: Annotated[ - Optional[str], pydantic.Field(alias="cacheLookupExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request cache lookup as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - cache_hit_expression: Annotated[ - Optional[str], pydantic.Field(alias="cacheHitExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request cache hit as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - cache_validated_expression: Annotated[ - Optional[str], pydantic.Field(alias="cacheValidatedExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request cache validated with origin server as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - cache_fill_bytes_expression: Annotated[ - Optional[str], pydantic.Field(alias="cacheFillBytesExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request cache fill bytes as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - protocol_expression: Annotated[ - Optional[str], pydantic.Field(alias="protocolExpression") - ] = None - r"""A JavaScript expression that evaluates to the HTTP request protocol as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" - - id_expression: Annotated[Optional[str], pydantic.Field(alias="idExpression")] = None - r"""A JavaScript expression that evaluates to the log entry operation ID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - - producer_expression: Annotated[ - Optional[str], pydantic.Field(alias="producerExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry operation producer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - - first_expression: Annotated[ - Optional[str], pydantic.Field(alias="firstExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry operation first flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - - last_expression: Annotated[ - Optional[str], pydantic.Field(alias="lastExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry operation last flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" - - file_expression: Annotated[ - Optional[str], pydantic.Field(alias="fileExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry source location file as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" - - line_expression: Annotated[ - Optional[str], pydantic.Field(alias="lineExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry source location line as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" - - function_expression: Annotated[ - Optional[str], pydantic.Field(alias="functionExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry source location function as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" - - uid_expression: Annotated[Optional[str], pydantic.Field(alias="uidExpression")] = ( - None - ) - r"""A JavaScript expression that evaluates to the log entry log split UID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" - - index_expression: Annotated[ - Optional[str], pydantic.Field(alias="indexExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry log split index as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" - - total_splits_expression: Annotated[ - Optional[str], pydantic.Field(alias="totalSplitsExpression") - ] = None - r"""A JavaScript expression that evaluates to the log entry log split total splits as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" - - trace_expression: Annotated[ - Optional[str], pydantic.Field(alias="traceExpression") - ] = None - r"""A JavaScript expression that evaluates to the REST resource name of the trace being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" - - span_id_expression: Annotated[ - Optional[str], pydantic.Field(alias="spanIdExpression") - ] = None - r"""A JavaScript expression that evaluates to the ID of the cloud trace span associated with the current operation in which the log is being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" - - trace_sampled_expression: Annotated[ - Optional[str], pydantic.Field(alias="traceSampledExpression") - ] = None - r"""A JavaScript expression that evaluates to the the sampling decision of the span associated with the log entry. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - total_memory_limit_kb: Annotated[ - Optional[float], pydantic.Field(alias="totalMemoryLimitKB") - ] = None - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - - description: Optional[str] = None - - payload_expression: Annotated[ - Optional[str], pydantic.Field(alias="payloadExpression") - ] = None - r"""JavaScript expression to compute the value of the payload. Must evaluate to a JavaScript object value. If an invalid value is encountered it will result in the default value instead. Defaults to the entire event.""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsGoogleCloudLogging], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_log_location_type: Annotated[ - Optional[str], pydantic.Field(alias="__template_logLocationType") - ] = None - r"""Binds 'logLocationType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationType' at runtime.""" - - template_log_name_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_logNameExpression") - ] = None - r"""Binds 'logNameExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logNameExpression' at runtime.""" - - template_payload_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_payloadFormat") - ] = None - r"""Binds 'payloadFormat' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadFormat' at runtime.""" - - template_resource_type_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_resourceTypeExpression") - ] = None - r"""Binds 'resourceTypeExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'resourceTypeExpression' at runtime.""" - - template_severity_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_severityExpression") - ] = None - r"""Binds 'severityExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'severityExpression' at runtime.""" - - template_insert_id_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_insertIdExpression") - ] = None - r"""Binds 'insertIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'insertIdExpression' at runtime.""" - - template_trace_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_traceExpression") - ] = None - r"""Binds 'traceExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceExpression' at runtime.""" - - template_span_id_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_spanIdExpression") - ] = None - r"""Binds 'spanIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'spanIdExpression' at runtime.""" - - template_trace_sampled_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_traceSampledExpression") - ] = None - r"""Binds 'traceSampledExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceSampledExpression' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_log_location_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_logLocationExpression") - ] = None - r"""Binds 'logLocationExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationExpression' at runtime.""" - - template_payload_expression: Annotated[ - Optional[str], pydantic.Field(alias="__template_payloadExpression") - ] = None - r"""Binds 'payloadExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadExpression' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("log_location_type") - def serialize_log_location_type(self, value): - if isinstance(value, str): - try: - return models.OutputResponseLogLocationType(value) - except ValueError: - return value - return value - - @field_serializer("payload_format") - def serialize_payload_format(self, value): - if isinstance(value, str): - try: - return models.OutputResponsePayloadFormat(value) - except ValueError: - return value - return value - - @field_serializer("google_auth_method") - def serialize_google_auth_method(self, value): - if isinstance(value, str): - try: - return models.GoogleAuthenticationMethodOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "sanitizeLogNames", - "payloadFormat", - "logLabels", - "resourceTypeExpression", - "resourceTypeLabels", - "severityExpression", - "insertIdExpression", - "googleAuthMethod", - "serviceAccountCredentials", - "secret", - "maxPayloadSizeKB", - "maxPayloadEvents", - "flushPeriodSec", - "concurrency", - "connectionTimeout", - "timeoutSec", - "throttleRateReqPerSec", - "requestMethodExpression", - "requestUrlExpression", - "requestSizeExpression", - "statusExpression", - "responseSizeExpression", - "userAgentExpression", - "remoteIpExpression", - "serverIpExpression", - "refererExpression", - "latencyExpression", - "cacheLookupExpression", - "cacheHitExpression", - "cacheValidatedExpression", - "cacheFillBytesExpression", - "protocolExpression", - "idExpression", - "producerExpression", - "firstExpression", - "lastExpression", - "fileExpression", - "lineExpression", - "functionExpression", - "uidExpression", - "indexExpression", - "totalSplitsExpression", - "traceExpression", - "spanIdExpression", - "traceSampledExpression", - "onBackpressure", - "totalMemoryLimitKB", - "description", - "payloadExpression", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_logLocationType", - "__template_logNameExpression", - "__template_payloadFormat", - "__template_resourceTypeExpression", - "__template_severityExpression", - "__template_insertIdExpression", - "__template_traceExpression", - "__template_spanIdExpression", - "__template_traceSampledExpression", - "__template_onBackpressure", - "__template_logLocationExpression", - "__template_payloadExpression", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeGoogleCloudStorage(str, Enum): - GOOGLE_CLOUD_STORAGE = "google_cloud_storage" - - -class OutputResponseAuthenticationMethodGoogleCloudStorage( - str, Enum, metaclass=utils.OpenEnumMeta -): - # auto - AUTO = "auto" - # manual - MANUAL = "manual" - # Secret Key pair - SECRET = "secret" - - -class OutputResponseOutputGoogleCloudStorageTypedDict(TypedDict): - type: OutputResponseTypeGoogleCloudStorage - bucket: str - r"""Name of the destination bucket. This value can be a constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a Global Variable: `myBucket-${C.vars.myVar}`.""" - region: str - r"""Region where the bucket is located""" - endpoint: str - r"""Google Cloud Storage service endpoint""" - stage_path: str - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - aws_authentication_method: NotRequired[ - OutputResponseAuthenticationMethodGoogleCloudStorage - ] - dest_path: NotRequired[str] - r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" - verify_permissions: NotRequired[bool] - r"""Disable if you can access files within the bucket but not the bucket itself""" - object_acl: NotRequired[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol] - r"""Object ACL to assign to uploaded objects""" - storage_class: NotRequired[StorageClassOptionsArchiveColdline] - r"""Storage class to select for uploaded objects""" - reuse_connections: NotRequired[bool] - r"""Reuse connections between requests, which can improve performance""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - add_id_to_stage_path: NotRequired[bool] - r"""Add the Output ID value to staging location""" - remove_empty_dirs: NotRequired[bool] - r"""Remove empty staging directories after moving files""" - partition_expr: NotRequired[str] - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - format_: NotRequired[DataFormatOptions] - r"""Format of the output data""" - base_file_name: NotRequired[str] - r"""JavaScript expression to define the output filename prefix (can be constant)""" - file_name_suffix: NotRequired[str] - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - max_file_size_mb: NotRequired[float] - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - max_file_open_time_sec: NotRequired[float] - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - max_file_idle_time_sec: NotRequired[float] - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - max_open_files: NotRequired[float] - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - header_line: NotRequired[str] - r"""If set, this line will be written to the beginning of each output file""" - write_high_water_mark: NotRequired[float] - r"""Buffer size used to write to a file""" - on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] - r"""How to handle events when all receivers are exerting backpressure""" - deadletter_enabled: NotRequired[bool] - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - force_close_on_shutdown: NotRequired[bool] - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - retry_settings: NotRequired[RetrySettingsTypeTypedDict] - orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] - description: NotRequired[str] - compress: NotRequired[CompressionOptionsHTTP] - r"""Data compression format to apply to HTTP content before it is delivered""" - compression_level: NotRequired[CompressionLevelOptions] - r"""Compression level to apply before moving files to final destination""" - automatic_schema: NotRequired[bool] - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - parquet_schema: NotRequired[str] - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - parquet_version: NotRequired[ParquetVersionOptions] - r"""Determines which data types are supported and how they are represented""" - parquet_data_page_version: NotRequired[DataPageVersionOptions] - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - parquet_row_group_length: NotRequired[float] - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - parquet_page_size: NotRequired[str] - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - should_log_invalid_rows: NotRequired[bool] - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - enable_statistics: NotRequired[bool] - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - enable_write_page_index: NotRequired[bool] - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - enable_page_checksum: NotRequired[bool] - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - empty_dir_cleanup_sec: NotRequired[float] - r"""How frequently, in seconds, to clean up empty directories""" - directory_batch_size: NotRequired[float] - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - deadletter_path: NotRequired[str] - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - max_retry_num: NotRequired[float] - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - aws_api_key: NotRequired[str] - r"""HMAC access key. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" - aws_secret_key: NotRequired[str] - r"""HMAC secret. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" - aws_secret: NotRequired[str] - r"""Select or create a stored secret that references your access key and secret key""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_bucket: NotRequired[str] - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_endpoint: NotRequired[str] - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - template_dest_path: NotRequired[str] - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - template_object_acl: NotRequired[str] - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - template_storage_class: NotRequired[str] - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - template_partition_expr: NotRequired[str] - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_base_file_name: NotRequired[str] - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - template_file_name_suffix: NotRequired[str] - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - template_parquet_schema: NotRequired[str] - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - template_aws_api_key: NotRequired[str] - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - template_aws_secret_key: NotRequired[str] - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputGoogleCloudStorage(BaseModel): - type: OutputResponseTypeGoogleCloudStorage - - bucket: str - r"""Name of the destination bucket. This value can be a constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a Global Variable: `myBucket-${C.vars.myVar}`.""" - - region: str - r"""Region where the bucket is located""" - - endpoint: str - r"""Google Cloud Storage service endpoint""" - - stage_path: Annotated[str, pydantic.Field(alias="stagePath")] - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - aws_authentication_method: Annotated[ - Optional[OutputResponseAuthenticationMethodGoogleCloudStorage], - pydantic.Field(alias="awsAuthenticationMethod"), - ] = None - - dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None - r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" - - verify_permissions: Annotated[ - Optional[bool], pydantic.Field(alias="verifyPermissions") - ] = None - r"""Disable if you can access files within the bucket but not the bucket itself""" - - object_acl: Annotated[ - Optional[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol], - pydantic.Field(alias="objectACL"), - ] = None - r"""Object ACL to assign to uploaded objects""" - - storage_class: Annotated[ - Optional[StorageClassOptionsArchiveColdline], - pydantic.Field(alias="storageClass"), - ] = None - r"""Storage class to select for uploaded objects""" - - reuse_connections: Annotated[ - Optional[bool], pydantic.Field(alias="reuseConnections") - ] = None - r"""Reuse connections between requests, which can improve performance""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - - add_id_to_stage_path: Annotated[ - Optional[bool], pydantic.Field(alias="addIdToStagePath") - ] = None - r"""Add the Output ID value to staging location""" - - remove_empty_dirs: Annotated[ - Optional[bool], pydantic.Field(alias="removeEmptyDirs") - ] = None - r"""Remove empty staging directories after moving files""" - - partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( - None - ) - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - - format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( - None - ) - r"""Format of the output data""" - - base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( - None - ) - r"""JavaScript expression to define the output filename prefix (can be constant)""" - - file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="fileNameSuffix") - ] = None - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - - max_file_size_mb: Annotated[ - Optional[float], pydantic.Field(alias="maxFileSizeMB") - ] = None - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - - max_file_open_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") - ] = None - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - - max_file_idle_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") - ] = None - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - - max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( - None - ) - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - - header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None - r"""If set, this line will be written to the beginning of each output file""" - - write_high_water_mark: Annotated[ - Optional[float], pydantic.Field(alias="writeHighWaterMark") - ] = None - r"""Buffer size used to write to a file""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptionsBlockDrop], - pydantic.Field(alias="onBackpressure"), - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - deadletter_enabled: Annotated[ - Optional[bool], pydantic.Field(alias="deadletterEnabled") - ] = None - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - - on_disk_full_backpressure: Annotated[ - Optional[DiskSpaceProtectionOptions], - pydantic.Field(alias="onDiskFullBackpressure"), - ] = None - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - - force_close_on_shutdown: Annotated[ - Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") - ] = None - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - - retry_settings: Annotated[ - Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") - ] = None - - orphans: Optional[OrphanFileRecoveryType] = None - - description: Optional[str] = None - - compress: Optional[CompressionOptionsHTTP] = None - r"""Data compression format to apply to HTTP content before it is delivered""" - - compression_level: Annotated[ - Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") - ] = None - r"""Compression level to apply before moving files to final destination""" - - automatic_schema: Annotated[ - Optional[bool], pydantic.Field(alias="automaticSchema") - ] = None - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - - parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( - None - ) - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - - parquet_version: Annotated[ - Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") - ] = None - r"""Determines which data types are supported and how they are represented""" - - parquet_data_page_version: Annotated[ - Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") - ] = None - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - - parquet_row_group_length: Annotated[ - Optional[float], pydantic.Field(alias="parquetRowGroupLength") - ] = None - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - - parquet_page_size: Annotated[ - Optional[str], pydantic.Field(alias="parquetPageSize") - ] = None - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - - should_log_invalid_rows: Annotated[ - Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") - ] = None - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - - key_value_metadata: Annotated[ - Optional[List[KeyValueMetadataConfOutputFilesystem]], - pydantic.Field(alias="keyValueMetadata"), - ] = None - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - - enable_statistics: Annotated[ - Optional[bool], pydantic.Field(alias="enableStatistics") - ] = None - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - - enable_write_page_index: Annotated[ - Optional[bool], pydantic.Field(alias="enableWritePageIndex") - ] = None - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - - enable_page_checksum: Annotated[ - Optional[bool], pydantic.Field(alias="enablePageChecksum") - ] = None - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - - empty_dir_cleanup_sec: Annotated[ - Optional[float], pydantic.Field(alias="emptyDirCleanupSec") - ] = None - r"""How frequently, in seconds, to clean up empty directories""" - - directory_batch_size: Annotated[ - Optional[float], pydantic.Field(alias="directoryBatchSize") - ] = None - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - - deadletter_path: Annotated[ - Optional[str], pydantic.Field(alias="deadletterPath") - ] = None - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - - max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( - None - ) - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - - aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None - r"""HMAC access key. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" - - aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( - None - ) - r"""HMAC secret. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" - - aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None - r"""Select or create a stored secret that references your access key and secret key""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_bucket: Annotated[ - Optional[str], pydantic.Field(alias="__template_bucket") - ] = None - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_endpoint") - ] = None - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - - template_dest_path: Annotated[ - Optional[str], pydantic.Field(alias="__template_destPath") - ] = None - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - - template_object_acl: Annotated[ - Optional[str], pydantic.Field(alias="__template_objectACL") - ] = None - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - - template_storage_class: Annotated[ - Optional[str], pydantic.Field(alias="__template_storageClass") - ] = None - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - - template_partition_expr: Annotated[ - Optional[str], pydantic.Field(alias="__template_partitionExpr") - ] = None - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_base_file_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_baseFileName") - ] = None - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - - template_file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="__template_fileNameSuffix") - ] = None - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - template_parquet_schema: Annotated[ - Optional[str], pydantic.Field(alias="__template_parquetSchema") - ] = None - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - template_aws_api_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsApiKey") - ] = None - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - template_aws_secret_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsSecretKey") - ] = None - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("aws_authentication_method") - def serialize_aws_authentication_method(self, value): - if isinstance(value, str): - try: - return models.OutputResponseAuthenticationMethodGoogleCloudStorage( - value - ) - except ValueError: - return value - return value - - @field_serializer("object_acl") - def serialize_object_acl(self, value): - if isinstance(value, str): - try: - return models.ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol( - value - ) - except ValueError: - return value - return value - - @field_serializer("storage_class") - def serialize_storage_class(self, value): - if isinstance(value, str): - try: - return models.StorageClassOptionsArchiveColdline(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.DataFormatOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptionsBlockDrop(value) - except ValueError: - return value - return value - - @field_serializer("on_disk_full_backpressure") - def serialize_on_disk_full_backpressure(self, value): - if isinstance(value, str): - try: - return models.DiskSpaceProtectionOptions(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsHTTP(value) - except ValueError: - return value - return value - - @field_serializer("compression_level") - def serialize_compression_level(self, value): - if isinstance(value, str): - try: - return models.CompressionLevelOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_version") - def serialize_parquet_version(self, value): - if isinstance(value, str): - try: - return models.ParquetVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_data_page_version") - def serialize_parquet_data_page_version(self, value): - if isinstance(value, str): - try: - return models.DataPageVersionOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "awsAuthenticationMethod", - "destPath", - "verifyPermissions", - "objectACL", - "storageClass", - "reuseConnections", - "rejectUnauthorized", - "addIdToStagePath", - "removeEmptyDirs", - "partitionExpr", - "format", - "baseFileName", - "fileNameSuffix", - "maxFileSizeMB", - "maxFileOpenTimeSec", - "maxFileIdleTimeSec", - "maxOpenFiles", - "headerLine", - "writeHighWaterMark", - "onBackpressure", - "deadletterEnabled", - "onDiskFullBackpressure", - "forceCloseOnShutdown", - "retrySettings", - "orphans", - "description", - "compress", - "compressionLevel", - "automaticSchema", - "parquetSchema", - "parquetVersion", - "parquetDataPageVersion", - "parquetRowGroupLength", - "parquetPageSize", - "shouldLogInvalidRows", - "keyValueMetadata", - "enableStatistics", - "enableWritePageIndex", - "enablePageChecksum", - "emptyDirCleanupSec", - "directoryBatchSize", - "deadletterPath", - "maxRetryNum", - "awsApiKey", - "awsSecretKey", - "awsSecret", - "__template_streamtags", - "__template_bucket", - "__template_region", - "__template_endpoint", - "__template_destPath", - "__template_objectACL", - "__template_storageClass", - "__template_partitionExpr", - "__template_format", - "__template_baseFileName", - "__template_fileNameSuffix", - "__template_onBackpressure", - "__template_compress", - "__template_parquetSchema", - "__template_awsApiKey", - "__template_awsSecretKey", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeGoogleChronicle(str, Enum): - GOOGLE_CHRONICLE = "google_chronicle" - - -class OutputResponseAPIVersion(str, Enum, metaclass=utils.OpenEnumMeta): - # V1 - V1 = "v1" - # V2 - V2 = "v2" - - -class OutputResponseAuthenticationMethodGoogleChronicle( - str, Enum, metaclass=utils.OpenEnumMeta -): - # API key - MANUAL = "manual" - # API key secret - SECRET = "secret" - # Service account credentials - SERVICE_ACCOUNT = "serviceAccount" - # Service account credentials secret - SERVICE_ACCOUNT_SECRET = "serviceAccountSecret" - - -class OutputResponseSendEventsAs(str, Enum, metaclass=utils.OpenEnumMeta): - # Unstructured - UNSTRUCTURED = "unstructured" - # UDM - UDM = "udm" - - -class OutputResponseExtraLogTypeTypedDict(TypedDict): - log_type: str - description: NotRequired[str] - - -class OutputResponseExtraLogType(BaseModel): - log_type: Annotated[str, pydantic.Field(alias="logType")] - - description: Optional[str] = None - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["description"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseUDMType(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Defines the specific format for UDM events sent to Google SecOps. This must match the type of UDM data being sent.""" - - ENTITIES = "entities" - LOGS = "logs" - - -class OutputResponsePqControlsGoogleChronicleTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsGoogleChronicle(BaseModel): - pass - - -class OutputResponseOutputGoogleChronicleTypedDict(TypedDict): - type: OutputResponseTypeGoogleChronicle - log_format_type: OutputResponseSendEventsAs - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - api_version: NotRequired[OutputResponseAPIVersion] - authentication_method: NotRequired[ - OutputResponseAuthenticationMethodGoogleChronicle - ] - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - region: NotRequired[str] - r"""Regional endpoint to send events to""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - total_memory_limit_kb: NotRequired[float] - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - description: NotRequired[str] - extra_log_types: NotRequired[List[OutputResponseExtraLogTypeTypedDict]] - r"""Custom log types. If the value \"Custom\" is selected in the setting \"Default log type\" above, the first custom log type in this table will be automatically selected as default log type.""" - log_type: NotRequired[str] - r"""Default log type value to send to SecOps. Can be overwritten by event field __logType.""" - log_text_field: NotRequired[str] - r"""Name of the event field that contains the log text to send. If not specified, Stream sends a JSON representation of the whole event.""" - customer_id: NotRequired[str] - r"""A unique identifier (UUID) for your Google SecOps instance. This is provided by your Google representative and is required for API V2 authentication.""" - namespace: NotRequired[str] - r"""User-configured environment namespace to identify the data domain the logs originated from. Use namespace as a tag to identify the appropriate data domain for indexing and enrichment functionality. Can be overwritten by event field __namespace.""" - custom_labels: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] - r"""Custom labels to be added to every batch""" - udm_type: NotRequired[OutputResponseUDMType] - r"""Defines the specific format for UDM events sent to Google SecOps. This must match the type of UDM data being sent.""" - api_key: NotRequired[str] - r"""Organization's API key in Google SecOps""" - api_key_secret: NotRequired[str] - r"""Select or create a stored text secret""" - service_account_credentials: NotRequired[str] - r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" - service_account_credentials_secret: NotRequired[str] - r"""Select or create a stored text secret""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsGoogleChronicleTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_api_version: NotRequired[str] - r"""Binds 'apiVersion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'apiVersion' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_customer_id: NotRequired[str] - r"""Binds 'customerId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customerId' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputGoogleChronicle(BaseModel): - type: OutputResponseTypeGoogleChronicle - - log_format_type: Annotated[ - OutputResponseSendEventsAs, pydantic.Field(alias="logFormatType") - ] - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - api_version: Annotated[ - Optional[OutputResponseAPIVersion], pydantic.Field(alias="apiVersion") - ] = None - - authentication_method: Annotated[ - Optional[OutputResponseAuthenticationMethodGoogleChronicle], - pydantic.Field(alias="authenticationMethod"), - ] = None - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - region: Optional[str] = None - r"""Regional endpoint to send events to""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - total_memory_limit_kb: Annotated[ - Optional[float], pydantic.Field(alias="totalMemoryLimitKB") - ] = None - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - - description: Optional[str] = None - - extra_log_types: Annotated[ - Optional[List[OutputResponseExtraLogType]], - pydantic.Field(alias="extraLogTypes"), - ] = None - r"""Custom log types. If the value \"Custom\" is selected in the setting \"Default log type\" above, the first custom log type in this table will be automatically selected as default log type.""" - - log_type: Annotated[Optional[str], pydantic.Field(alias="logType")] = None - r"""Default log type value to send to SecOps. Can be overwritten by event field __logType.""" - - log_text_field: Annotated[Optional[str], pydantic.Field(alias="logTextField")] = ( - None - ) - r"""Name of the event field that contains the log text to send. If not specified, Stream sends a JSON representation of the whole event.""" - - customer_id: Annotated[Optional[str], pydantic.Field(alias="customerId")] = None - r"""A unique identifier (UUID) for your Google SecOps instance. This is provided by your Google representative and is required for API V2 authentication.""" - - namespace: Optional[str] = None - r"""User-configured environment namespace to identify the data domain the logs originated from. Use namespace as a tag to identify the appropriate data domain for indexing and enrichment functionality. Can be overwritten by event field __namespace.""" - - custom_labels: Annotated[ - Optional[List[KeyValueMetadataConfOutputFilesystem]], - pydantic.Field(alias="customLabels"), - ] = None - r"""Custom labels to be added to every batch""" - - udm_type: Annotated[ - Optional[OutputResponseUDMType], pydantic.Field(alias="udmType") - ] = None - r"""Defines the specific format for UDM events sent to Google SecOps. This must match the type of UDM data being sent.""" - - api_key: Annotated[Optional[str], pydantic.Field(alias="apiKey")] = None - r"""Organization's API key in Google SecOps""" - - api_key_secret: Annotated[Optional[str], pydantic.Field(alias="apiKeySecret")] = ( - None - ) - r"""Select or create a stored text secret""" - - service_account_credentials: Annotated[ - Optional[str], pydantic.Field(alias="serviceAccountCredentials") - ] = None - r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" - - service_account_credentials_secret: Annotated[ - Optional[str], pydantic.Field(alias="serviceAccountCredentialsSecret") - ] = None - r"""Select or create a stored text secret""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsGoogleChronicle], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_api_version: Annotated[ - Optional[str], pydantic.Field(alias="__template_apiVersion") - ] = None - r"""Binds 'apiVersion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'apiVersion' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_customer_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_customerId") - ] = None - r"""Binds 'customerId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customerId' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("api_version") - def serialize_api_version(self, value): - if isinstance(value, str): - try: - return models.OutputResponseAPIVersion(value) - except ValueError: - return value - return value - - @field_serializer("authentication_method") - def serialize_authentication_method(self, value): - if isinstance(value, str): - try: - return models.OutputResponseAuthenticationMethodGoogleChronicle(value) - except ValueError: - return value - return value - - @field_serializer("log_format_type") - def serialize_log_format_type(self, value): - if isinstance(value, str): - try: - return models.OutputResponseSendEventsAs(value) - except ValueError: - return value - return value - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("udm_type") - def serialize_udm_type(self, value): - if isinstance(value, str): - try: - return models.OutputResponseUDMType(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "apiVersion", - "authenticationMethod", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "region", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "failedRequestLoggingMode", - "safeHeaders", - "useRoundRobinDns", - "onBackpressure", - "totalMemoryLimitKB", - "description", - "extraLogTypes", - "logType", - "logTextField", - "customerId", - "namespace", - "customLabels", - "udmType", - "apiKey", - "apiKeySecret", - "serviceAccountCredentials", - "serviceAccountCredentialsSecret", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_apiVersion", - "__template_region", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_customerId", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeAzureEventhub(str, Enum): - AZURE_EVENTHUB = "azure_eventhub" - - -class OutputResponsePqControlsAzureEventhubTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsAzureEventhub(BaseModel): - pass - - -class OutputResponseOutputAzureEventhubTypedDict(TypedDict): - type: OutputResponseTypeAzureEventhub - brokers: List[str] - r"""List of Event Hubs Kafka brokers to connect to, eg. yourdomain.servicebus.windows.net:9093. The hostname can be found in the host portion of the primary or secondary connection string in Shared Access Policies.""" - topic: str - r"""The name of the Event Hub (Kafka Topic) to publish events. Can be overwritten using field __topicOut.""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - ack: NotRequired[AcknowledgmentsOptions] - r"""Control the number of required acknowledgments""" - format_: NotRequired[RecordDataFormatOptions] - r"""Format to use to serialize events before writing to the Event Hubs Kafka brokers""" - max_record_size_kb: NotRequired[float] - r"""Maximum size of each record batch before compression. Setting should be < message.max.bytes settings in Event Hubs brokers.""" - flush_event_count: NotRequired[float] - r"""Maximum number of events in a batch before forcing a flush""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - connection_timeout: NotRequired[float] - r"""Maximum time to wait for a connection to complete successfully""" - request_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to a request""" - max_retries: NotRequired[float] - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - max_back_off: NotRequired[float] - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - initial_backoff: NotRequired[float] - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - backoff_rate: NotRequired[float] - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - authentication_timeout: NotRequired[float] - r"""Maximum time to wait for Kafka to respond to an authentication request""" - reauthentication_threshold: NotRequired[float] - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - sasl: NotRequired[AuthenticationTypeUseTypedDict] - r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" - tls: NotRequired[TLSSettingsClientSideTypeTypedDict] - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsAzureEventhubTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_brokers: NotRequired[str] - r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" - template_topic: NotRequired[str] - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputAzureEventhub(BaseModel): - type: OutputResponseTypeAzureEventhub - - brokers: List[str] - r"""List of Event Hubs Kafka brokers to connect to, eg. yourdomain.servicebus.windows.net:9093. The hostname can be found in the host portion of the primary or secondary connection string in Shared Access Policies.""" - - topic: str - r"""The name of the Event Hub (Kafka Topic) to publish events. Can be overwritten using field __topicOut.""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - ack: Optional[AcknowledgmentsOptions] = None - r"""Control the number of required acknowledgments""" - - format_: Annotated[ - Optional[RecordDataFormatOptions], pydantic.Field(alias="format") - ] = None - r"""Format to use to serialize events before writing to the Event Hubs Kafka brokers""" - - max_record_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSizeKB") - ] = None - r"""Maximum size of each record batch before compression. Setting should be < message.max.bytes settings in Event Hubs brokers.""" - - flush_event_count: Annotated[ - Optional[float], pydantic.Field(alias="flushEventCount") - ] = None - r"""Maximum number of events in a batch before forcing a flush""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Maximum time to wait for a connection to complete successfully""" - - request_timeout: Annotated[ - Optional[float], pydantic.Field(alias="requestTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to a request""" - - max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None - r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" - - max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None - r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" - - initial_backoff: Annotated[ - Optional[float], pydantic.Field(alias="initialBackoff") - ] = None - r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" - - backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None - r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" - - authentication_timeout: Annotated[ - Optional[float], pydantic.Field(alias="authenticationTimeout") - ] = None - r"""Maximum time to wait for Kafka to respond to an authentication request""" - - reauthentication_threshold: Annotated[ - Optional[float], pydantic.Field(alias="reauthenticationThreshold") - ] = None - r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" - - sasl: Optional[AuthenticationTypeUse] = None - r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" - - tls: Optional[TLSSettingsClientSideType] = None - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsAzureEventhub], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_brokers: Annotated[ - Optional[str], pydantic.Field(alias="__template_brokers") - ] = None - r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" - - template_topic: Annotated[ - Optional[str], pydantic.Field(alias="__template_topic") - ] = None - r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("ack") - def serialize_ack(self, value): - if isinstance(value, str): - try: - return models.AcknowledgmentsOptions(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.RecordDataFormatOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "ack", - "format", - "maxRecordSizeKB", - "flushEventCount", - "flushPeriodSec", - "connectionTimeout", - "requestTimeout", - "maxRetries", - "maxBackOff", - "initialBackoff", - "backoffRate", - "authenticationTimeout", - "reauthenticationThreshold", - "sasl", - "tls", - "onBackpressure", - "description", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_brokers", - "__template_topic", - "__template_format", - "__template_onBackpressure", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeHoneycomb(str, Enum): - HONEYCOMB = "honeycomb" - - -class OutputResponsePqControlsHoneycombTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsHoneycomb(BaseModel): - pass - - -class OutputResponseOutputHoneycombTypedDict(TypedDict): - type: OutputResponseTypeHoneycomb - dataset: str - r"""Name of the dataset to send events to – e.g., observability""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[AuthenticationMethodOptionsAPI] - r"""Enter API key directly, or select a stored secret""" - description: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsHoneycombTypedDict] - team: NotRequired[str] - r"""Team API key where the dataset belongs""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputHoneycomb(BaseModel): - type: OutputResponseTypeHoneycomb - - dataset: str - r"""Name of the dataset to send events to – e.g., observability""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAPI], pydantic.Field(alias="authType") - ] = None - r"""Enter API key directly, or select a stored secret""" - - description: Optional[str] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsHoneycomb], pydantic.Field(alias="pqControls") - ] = None - - team: Optional[str] = None - r"""Team API key where the dataset belongs""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAPI(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "authType", - "description", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "team", - "textSecret", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeKinesis(str, Enum): - KINESIS = "kinesis" - - -class OutputResponseCompression(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Compression type to use for records""" - - # None - NONE = "none" - # Gzip - GZIP = "gzip" - - -class OutputResponsePqControlsKinesisTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsKinesis(BaseModel): - pass - - -class OutputResponseOutputKinesisTypedDict(TypedDict): - type: OutputResponseTypeKinesis - stream_name: str - r"""Kinesis stream name to send events to.""" - region: str - r"""Region where the Kinesis stream is located""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] - r"""AWS authentication method. Choose Auto to use IAM roles.""" - aws_secret_key: NotRequired[str] - endpoint: NotRequired[str] - r"""Kinesis stream service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to Kinesis stream-compatible endpoint.""" - reuse_connections: NotRequired[bool] - r"""Reuse connections between requests, which can improve performance""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - enable_assume_role: NotRequired[bool] - r"""Use Assume Role credentials to access Kinesis stream""" - assume_role_arn: NotRequired[str] - r"""Amazon Resource Name (ARN) of the role to assume""" - assume_role_external_id: NotRequired[str] - r"""External ID to use when assuming role""" - duration_seconds: NotRequired[float] - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing put requests before blocking.""" - max_record_size_kb: NotRequired[float] - r"""Maximum size (KB) of each individual record before compression. For uncompressed or non-compressible data 1MB is the max recommended size""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - compression: NotRequired[OutputResponseCompression] - r"""Compression type to use for records""" - use_list_shards: NotRequired[bool] - r"""Provides higher stream rate limits, improving delivery speed and reliability by minimizing throttling. See the [ListShards API](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_ListShards.html) documentation for details.""" - as_ndjson: NotRequired[bool] - r"""Batch events into a single record as NDJSON""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - aws_api_key: NotRequired[str] - aws_secret: NotRequired[str] - r"""Select or create a stored secret that references your access key and secret key""" - max_events_per_flush: NotRequired[float] - r"""Maximum number of records to send in a single request""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsKinesisTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_stream_name: NotRequired[str] - r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" - template_aws_secret_key: NotRequired[str] - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_endpoint: NotRequired[str] - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - template_assume_role_arn: NotRequired[str] - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - template_assume_role_external_id: NotRequired[str] - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_aws_api_key: NotRequired[str] - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputKinesis(BaseModel): - type: OutputResponseTypeKinesis - - stream_name: Annotated[str, pydantic.Field(alias="streamName")] - r"""Kinesis stream name to send events to.""" - - region: str - r"""Region where the Kinesis stream is located""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - aws_authentication_method: Annotated[ - Optional[AuthenticationMethodOptionsS3CollectorConf], - pydantic.Field(alias="awsAuthenticationMethod"), - ] = None - r"""AWS authentication method. Choose Auto to use IAM roles.""" - - aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( - None - ) - - endpoint: Optional[str] = None - r"""Kinesis stream service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to Kinesis stream-compatible endpoint.""" - - reuse_connections: Annotated[ - Optional[bool], pydantic.Field(alias="reuseConnections") - ] = None - r"""Reuse connections between requests, which can improve performance""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - - enable_assume_role: Annotated[ - Optional[bool], pydantic.Field(alias="enableAssumeRole") - ] = None - r"""Use Assume Role credentials to access Kinesis stream""" - - assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( - None - ) - r"""Amazon Resource Name (ARN) of the role to assume""" - - assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="assumeRoleExternalId") - ] = None - r"""External ID to use when assuming role""" - - duration_seconds: Annotated[ - Optional[float], pydantic.Field(alias="durationSeconds") - ] = None - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing put requests before blocking.""" - - max_record_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSizeKB") - ] = None - r"""Maximum size (KB) of each individual record before compression. For uncompressed or non-compressible data 1MB is the max recommended size""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" - - compression: Optional[OutputResponseCompression] = None - r"""Compression type to use for records""" - - use_list_shards: Annotated[ - Optional[bool], pydantic.Field(alias="useListShards") - ] = None - r"""Provides higher stream rate limits, improving delivery speed and reliability by minimizing throttling. See the [ListShards API](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_ListShards.html) documentation for details.""" - - as_ndjson: Annotated[Optional[bool], pydantic.Field(alias="asNdjson")] = None - r"""Batch events into a single record as NDJSON""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None - - aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None - r"""Select or create a stored secret that references your access key and secret key""" - - max_events_per_flush: Annotated[ - Optional[float], pydantic.Field(alias="maxEventsPerFlush") - ] = None - r"""Maximum number of records to send in a single request""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsKinesis], pydantic.Field(alias="pqControls") - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_stream_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamName") - ] = None - r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" - - template_aws_secret_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsSecretKey") - ] = None - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_endpoint") - ] = None - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - - template_assume_role_arn: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleArn") - ] = None - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - - template_assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") - ] = None - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_aws_api_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsApiKey") - ] = None - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("aws_authentication_method") - def serialize_aws_authentication_method(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsS3CollectorConf(value) - except ValueError: - return value - return value - - @field_serializer("compression") - def serialize_compression(self, value): - if isinstance(value, str): - try: - return models.OutputResponseCompression(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "awsAuthenticationMethod", - "awsSecretKey", - "endpoint", - "reuseConnections", - "rejectUnauthorized", - "enableAssumeRole", - "assumeRoleArn", - "assumeRoleExternalId", - "durationSeconds", - "concurrency", - "maxRecordSizeKB", - "flushPeriodSec", - "compression", - "useListShards", - "asNdjson", - "onBackpressure", - "description", - "awsApiKey", - "awsSecret", - "maxEventsPerFlush", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_streamName", - "__template_awsSecretKey", - "__template_region", - "__template_endpoint", - "__template_assumeRoleArn", - "__template_assumeRoleExternalId", - "__template_onBackpressure", - "__template_awsApiKey", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeAzureLogs(str, Enum): - AZURE_LOGS = "azure_logs" - - -class OutputResponseAuthenticationMethodAzureLogs( - str, Enum, metaclass=utils.OpenEnumMeta -): - r"""Enter workspace ID and workspace key directly, or select a stored secret""" - - MANUAL = "manual" - SECRET = "secret" - - -class OutputResponsePqControlsAzureLogsTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsAzureLogs(BaseModel): - pass - - -class OutputResponseOutputAzureLogsTypedDict(TypedDict): - type: OutputResponseTypeAzureLogs - log_type: str - r"""The Log Type of events sent to this LogAnalytics workspace. Defaults to `Cribl`. Use only letters, numbers, and `_` characters, and can't exceed 100 characters. Can be overwritten by event field __logType.""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - resource_id: NotRequired[str] - r"""Optional Resource ID of the Azure resource to associate the data with. Can be overridden by the __resourceId event field. This ID populates the _ResourceId property, allowing the data to be included in resource-centric queries. If the ID is neither specified nor overridden, resource-centric queries will omit the data.""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - api_url: NotRequired[str] - r"""The DNS name of the Log API endpoint that sends log data to a Log Analytics workspace in Azure Monitor. Defaults to .ods.opinsights.azure.com. @{product} will add a prefix and suffix to construct a URI in this format: /api/logs?api-version=.""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[OutputResponseAuthenticationMethodAzureLogs] - r"""Enter workspace ID and workspace key directly, or select a stored secret""" - description: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsAzureLogsTypedDict] - workspace_id: NotRequired[str] - r"""Azure Log Analytics Workspace ID. See Azure Dashboard Workspace > Advanced settings.""" - workspace_key: NotRequired[str] - r"""Azure Log Analytics Workspace Primary or Secondary Shared Key. See Azure Dashboard Workspace > Advanced settings.""" - keypair_secret: NotRequired[str] - r"""Select or create a stored secret that references your access key and secret key""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_workspace_id: NotRequired[str] - r"""Binds 'workspaceId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceId' at runtime.""" - template_workspace_key: NotRequired[str] - r"""Binds 'workspaceKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceKey' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputAzureLogs(BaseModel): - type: OutputResponseTypeAzureLogs - - log_type: Annotated[str, pydantic.Field(alias="logType")] - r"""The Log Type of events sent to this LogAnalytics workspace. Defaults to `Cribl`. Use only letters, numbers, and `_` characters, and can't exceed 100 characters. Can be overwritten by event field __logType.""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - resource_id: Annotated[Optional[str], pydantic.Field(alias="resourceId")] = None - r"""Optional Resource ID of the Azure resource to associate the data with. Can be overridden by the __resourceId event field. This ID populates the _ResourceId property, allowing the data to be included in resource-centric queries. If the ID is neither specified nor overridden, resource-centric queries will omit the data.""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - api_url: Annotated[Optional[str], pydantic.Field(alias="apiUrl")] = None - r"""The DNS name of the Log API endpoint that sends log data to a Log Analytics workspace in Azure Monitor. Defaults to .ods.opinsights.azure.com. @{product} will add a prefix and suffix to construct a URI in this format: /api/logs?api-version=.""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[OutputResponseAuthenticationMethodAzureLogs], - pydantic.Field(alias="authType"), - ] = None - r"""Enter workspace ID and workspace key directly, or select a stored secret""" - - description: Optional[str] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsAzureLogs], pydantic.Field(alias="pqControls") - ] = None - - workspace_id: Annotated[Optional[str], pydantic.Field(alias="workspaceId")] = None - r"""Azure Log Analytics Workspace ID. See Azure Dashboard Workspace > Advanced settings.""" - - workspace_key: Annotated[Optional[str], pydantic.Field(alias="workspaceKey")] = None - r"""Azure Log Analytics Workspace Primary or Secondary Shared Key. See Azure Dashboard Workspace > Advanced settings.""" - - keypair_secret: Annotated[Optional[str], pydantic.Field(alias="keypairSecret")] = ( - None - ) - r"""Select or create a stored secret that references your access key and secret key""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_workspace_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_workspaceId") - ] = None - r"""Binds 'workspaceId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceId' at runtime.""" - - template_workspace_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_workspaceKey") - ] = None - r"""Binds 'workspaceKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceKey' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.OutputResponseAuthenticationMethodAzureLogs(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "resourceId", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "apiUrl", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "authType", - "description", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "workspaceId", - "workspaceKey", - "keypairSecret", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_workspaceId", - "__template_workspaceKey", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeAzureDataExplorer(str, Enum): - AZURE_DATA_EXPLORER = "azure_data_explorer" - - -class OutputResponseIngestionMode(str, Enum, metaclass=utils.OpenEnumMeta): - # Batching - BATCHING = "batching" - # Streaming - STREAMING = "streaming" - - -class OutputResponseAuthenticationMethodAzureDataExplorer( - str, Enum, metaclass=utils.OpenEnumMeta -): - r"""The type of OAuth 2.0 client credentials grant flow to use""" - - # Client secret - CLIENT_SECRET = "clientSecret" - # Client secret (text secret) - CLIENT_TEXT_SECRET = "clientTextSecret" - # Certificate - CERTIFICATE = "certificate" - - -class OutputResponseCertificateTypedDict(TypedDict): - certificate_name: NotRequired[str] - r"""The certificate you registered as credentials for your app in the Azure portal""" - - -class OutputResponseCertificate(BaseModel): - certificate_name: Annotated[ - Optional[str], pydantic.Field(alias="certificateName") - ] = None - r"""The certificate you registered as credentials for your app in the Azure portal""" - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["certificateName"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponsePrefixOptional(str, Enum, metaclass=utils.OpenEnumMeta): - # drop-by - DROP_BY = "dropBy" - # ingest-by - INGEST_BY = "ingestBy" - - -class OutputResponseExtentTagTypedDict(TypedDict): - value: str - prefix: NotRequired[OutputResponsePrefixOptional] - - -class OutputResponseExtentTag(BaseModel): - value: str - - prefix: Optional[OutputResponsePrefixOptional] = None - - @field_serializer("prefix") - def serialize_prefix(self, value): - if isinstance(value, str): - try: - return models.OutputResponsePrefixOptional(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["prefix"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseIngestIfNotExistTypedDict(TypedDict): - value: str - - -class OutputResponseIngestIfNotExist(BaseModel): - value: str - - -class OutputResponseReportLevel(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Level of ingestion status reporting. Defaults to FailuresOnly.""" - - # FailuresOnly - FAILURES_ONLY = "failuresOnly" - # DoNotReport - DO_NOT_REPORT = "doNotReport" - # FailuresAndSuccesses - FAILURES_AND_SUCCESSES = "failuresAndSuccesses" - - -class OutputResponseReportMethod(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Target of the ingestion status reporting. Defaults to Queue.""" - - # Queue - QUEUE = "queue" - # Table - TABLE = "table" - # QueueAndTable - QUEUE_AND_TABLE = "queueAndTable" - - -class OutputResponseAdditionalPropertyTypedDict(TypedDict): - key: str - value: str - - -class OutputResponseAdditionalProperty(BaseModel): - key: str - - value: str - - -class OutputResponsePqControlsAzureDataExplorerTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsAzureDataExplorer(BaseModel): - pass - - -class OutputResponseOutputAzureDataExplorerTypedDict(TypedDict): - type: OutputResponseTypeAzureDataExplorer - cluster_url: str - r"""The base URI for your cluster. Typically, `https://..kusto.windows.net`.""" - database: str - r"""Name of the database containing the table where data will be ingested""" - table: str - r"""Name of the table to ingest data into""" - oauth_endpoint: MicrosoftEntraIDAuthenticationEndpointOptionsSasl - r"""Endpoint used to acquire authentication tokens from Azure""" - tenant_id: str - r"""Directory ID (tenant identifier) in Azure Active Directory""" - client_id: str - r"""client_id to pass in the OAuth request parameter""" - scope: str - r"""Scope to pass in the OAuth request parameter""" - oauth_type: OutputResponseAuthenticationMethodAzureDataExplorer - r"""The type of OAuth 2.0 client credentials grant flow to use""" - compress: CompressionOptionsHTTP - r"""Data compression format to apply to HTTP content before it is delivered""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - validate_database_settings: NotRequired[bool] - r"""When saving or starting the Destination, validate the database name and credentials; also validate table name, except when creating a new table. Disable if your Azure app does not have both the Database Viewer and the Table Viewer role.""" - ingest_mode: NotRequired[OutputResponseIngestionMode] - description: NotRequired[str] - client_secret: NotRequired[str] - r"""The client secret that you generated for your app in the Azure portal""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - certificate: NotRequired[OutputResponseCertificateTypedDict] - format_: NotRequired[DataFormatOptions] - r"""Format of the output data""" - compression_level: NotRequired[CompressionLevelOptions] - r"""Compression level to apply before moving files to final destination""" - automatic_schema: NotRequired[bool] - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - parquet_schema: NotRequired[str] - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - parquet_version: NotRequired[ParquetVersionOptions] - r"""Determines which data types are supported and how they are represented""" - parquet_data_page_version: NotRequired[DataPageVersionOptions] - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - parquet_row_group_length: NotRequired[float] - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - parquet_page_size: NotRequired[str] - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - should_log_invalid_rows: NotRequired[bool] - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - enable_statistics: NotRequired[bool] - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - enable_write_page_index: NotRequired[bool] - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - enable_page_checksum: NotRequired[bool] - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - remove_empty_dirs: NotRequired[bool] - r"""Remove empty staging directories after moving files""" - empty_dir_cleanup_sec: NotRequired[float] - r"""How frequently, in seconds, to clean up empty directories""" - directory_batch_size: NotRequired[float] - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - deadletter_enabled: NotRequired[bool] - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - deadletter_path: NotRequired[str] - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - max_retry_num: NotRequired[float] - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - is_mapping_obj: NotRequired[bool] - r"""Send a JSON mapping object instead of specifying an existing named data mapping""" - mapping_obj: NotRequired[str] - r"""Enter a JSON object that defines your desired data mapping""" - mapping_ref: NotRequired[str] - r"""Enter the name of a data mapping associated with your target table. Or, if incoming event and target table fields match exactly, you can leave the field empty.""" - ingest_url: NotRequired[str] - r"""The ingestion service URI for your cluster. Typically, `https://ingest-..kusto.windows.net`.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - stage_path: NotRequired[str] - r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" - file_name_suffix: NotRequired[str] - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - max_file_size_mb: NotRequired[float] - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - max_file_open_time_sec: NotRequired[float] - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - max_file_idle_time_sec: NotRequired[float] - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - max_open_files: NotRequired[float] - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - max_concurrent_file_parts: NotRequired[float] - r"""Maximum number of parts to upload in parallel per file""" - on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - add_id_to_stage_path: NotRequired[bool] - r"""Add the Output ID value to staging location""" - retry_settings: NotRequired[RetrySettingsTypeTypedDict] - orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_immediately: NotRequired[bool] - r"""Bypass the data management service's aggregation mechanism""" - retain_blob_on_success: NotRequired[bool] - r"""Prevent blob deletion after ingestion is complete""" - extent_tags: NotRequired[List[OutputResponseExtentTagTypedDict]] - r"""Strings or tags associated with the extent (ingested data shard)""" - ingest_if_not_exists: NotRequired[List[OutputResponseIngestIfNotExistTypedDict]] - r"""Prevents duplicate ingestion by verifying whether an extent with the specified ingest-by tag already exists""" - report_level: NotRequired[OutputResponseReportLevel] - r"""Level of ingestion status reporting. Defaults to FailuresOnly.""" - report_method: NotRequired[OutputResponseReportMethod] - r"""Target of the ingestion status reporting. Defaults to Queue.""" - additional_properties: NotRequired[List[OutputResponseAdditionalPropertyTypedDict]] - r"""Optionally, enter additional configuration properties to send to the ingestion service""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - keep_alive: NotRequired[bool] - r"""Disable to close the connection immediately after sending the outgoing request""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsAzureDataExplorerTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_cluster_url: NotRequired[str] - r"""Binds 'clusterUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clusterUrl' at runtime.""" - template_database: NotRequired[str] - r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" - template_table: NotRequired[str] - r"""Binds 'table' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'table' at runtime.""" - template_oauth_endpoint: NotRequired[str] - r"""Binds 'oauthEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'oauthEndpoint' at runtime.""" - template_tenant_id: NotRequired[str] - r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" - template_client_id: NotRequired[str] - r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" - template_scope: NotRequired[str] - r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" - template_client_secret: NotRequired[str] - r"""Binds 'clientSecret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecret' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - template_parquet_schema: NotRequired[str] - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - template_mapping_ref: NotRequired[str] - r"""Binds 'mappingRef' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'mappingRef' at runtime.""" - template_ingest_url: NotRequired[str] - r"""Binds 'ingestUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'ingestUrl' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_file_name_suffix: NotRequired[str] - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputAzureDataExplorer(BaseModel): - type: OutputResponseTypeAzureDataExplorer - - cluster_url: Annotated[str, pydantic.Field(alias="clusterUrl")] - r"""The base URI for your cluster. Typically, `https://..kusto.windows.net`.""" - - database: str - r"""Name of the database containing the table where data will be ingested""" - - table: str - r"""Name of the table to ingest data into""" - - oauth_endpoint: Annotated[ - MicrosoftEntraIDAuthenticationEndpointOptionsSasl, - pydantic.Field(alias="oauthEndpoint"), - ] - r"""Endpoint used to acquire authentication tokens from Azure""" - - tenant_id: Annotated[str, pydantic.Field(alias="tenantId")] - r"""Directory ID (tenant identifier) in Azure Active Directory""" - - client_id: Annotated[str, pydantic.Field(alias="clientId")] - r"""client_id to pass in the OAuth request parameter""" - - scope: str - r"""Scope to pass in the OAuth request parameter""" - - oauth_type: Annotated[ - OutputResponseAuthenticationMethodAzureDataExplorer, - pydantic.Field(alias="oauthType"), - ] - r"""The type of OAuth 2.0 client credentials grant flow to use""" - - compress: CompressionOptionsHTTP - r"""Data compression format to apply to HTTP content before it is delivered""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - validate_database_settings: Annotated[ - Optional[bool], pydantic.Field(alias="validateDatabaseSettings") - ] = None - r"""When saving or starting the Destination, validate the database name and credentials; also validate table name, except when creating a new table. Disable if your Azure app does not have both the Database Viewer and the Table Viewer role.""" - - ingest_mode: Annotated[ - Optional[OutputResponseIngestionMode], pydantic.Field(alias="ingestMode") - ] = None - - description: Optional[str] = None - - client_secret: Annotated[Optional[str], pydantic.Field(alias="clientSecret")] = None - r"""The client secret that you generated for your app in the Azure portal""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - certificate: Optional[OutputResponseCertificate] = None - - format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( - None - ) - r"""Format of the output data""" - - compression_level: Annotated[ - Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") - ] = None - r"""Compression level to apply before moving files to final destination""" - - automatic_schema: Annotated[ - Optional[bool], pydantic.Field(alias="automaticSchema") - ] = None - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - - parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( - None - ) - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - - parquet_version: Annotated[ - Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") - ] = None - r"""Determines which data types are supported and how they are represented""" - - parquet_data_page_version: Annotated[ - Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") - ] = None - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - - parquet_row_group_length: Annotated[ - Optional[float], pydantic.Field(alias="parquetRowGroupLength") - ] = None - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - - parquet_page_size: Annotated[ - Optional[str], pydantic.Field(alias="parquetPageSize") - ] = None - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - - should_log_invalid_rows: Annotated[ - Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") - ] = None - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - - key_value_metadata: Annotated[ - Optional[List[KeyValueMetadataConfOutputFilesystem]], - pydantic.Field(alias="keyValueMetadata"), - ] = None - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - - enable_statistics: Annotated[ - Optional[bool], pydantic.Field(alias="enableStatistics") - ] = None - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - - enable_write_page_index: Annotated[ - Optional[bool], pydantic.Field(alias="enableWritePageIndex") - ] = None - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - - enable_page_checksum: Annotated[ - Optional[bool], pydantic.Field(alias="enablePageChecksum") - ] = None - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - - remove_empty_dirs: Annotated[ - Optional[bool], pydantic.Field(alias="removeEmptyDirs") - ] = None - r"""Remove empty staging directories after moving files""" - - empty_dir_cleanup_sec: Annotated[ - Optional[float], pydantic.Field(alias="emptyDirCleanupSec") - ] = None - r"""How frequently, in seconds, to clean up empty directories""" - - directory_batch_size: Annotated[ - Optional[float], pydantic.Field(alias="directoryBatchSize") - ] = None - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - - deadletter_enabled: Annotated[ - Optional[bool], pydantic.Field(alias="deadletterEnabled") - ] = None - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - - deadletter_path: Annotated[ - Optional[str], pydantic.Field(alias="deadletterPath") - ] = None - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - - max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( - None - ) - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - - is_mapping_obj: Annotated[Optional[bool], pydantic.Field(alias="isMappingObj")] = ( - None - ) - r"""Send a JSON mapping object instead of specifying an existing named data mapping""" - - mapping_obj: Annotated[Optional[str], pydantic.Field(alias="mappingObj")] = None - r"""Enter a JSON object that defines your desired data mapping""" - - mapping_ref: Annotated[Optional[str], pydantic.Field(alias="mappingRef")] = None - r"""Enter the name of a data mapping associated with your target table. Or, if incoming event and target table fields match exactly, you can leave the field empty.""" - - ingest_url: Annotated[Optional[str], pydantic.Field(alias="ingestUrl")] = None - r"""The ingestion service URI for your cluster. Typically, `https://ingest-..kusto.windows.net`.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - stage_path: Annotated[Optional[str], pydantic.Field(alias="stagePath")] = None - r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" - - file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="fileNameSuffix") - ] = None - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - - max_file_size_mb: Annotated[ - Optional[float], pydantic.Field(alias="maxFileSizeMB") - ] = None - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - - max_file_open_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") - ] = None - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - - max_file_idle_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") - ] = None - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - - max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( - None - ) - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - - max_concurrent_file_parts: Annotated[ - Optional[float], pydantic.Field(alias="maxConcurrentFileParts") - ] = None - r"""Maximum number of parts to upload in parallel per file""" - - on_disk_full_backpressure: Annotated[ - Optional[DiskSpaceProtectionOptions], - pydantic.Field(alias="onDiskFullBackpressure"), - ] = None - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - - add_id_to_stage_path: Annotated[ - Optional[bool], pydantic.Field(alias="addIdToStagePath") - ] = None - r"""Add the Output ID value to staging location""" - - retry_settings: Annotated[ - Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") - ] = None - - orphans: Optional[OrphanFileRecoveryType] = None - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_immediately: Annotated[ - Optional[bool], pydantic.Field(alias="flushImmediately") - ] = None - r"""Bypass the data management service's aggregation mechanism""" - - retain_blob_on_success: Annotated[ - Optional[bool], pydantic.Field(alias="retainBlobOnSuccess") - ] = None - r"""Prevent blob deletion after ingestion is complete""" - - extent_tags: Annotated[ - Optional[List[OutputResponseExtentTag]], pydantic.Field(alias="extentTags") - ] = None - r"""Strings or tags associated with the extent (ingested data shard)""" - - ingest_if_not_exists: Annotated[ - Optional[List[OutputResponseIngestIfNotExist]], - pydantic.Field(alias="ingestIfNotExists"), - ] = None - r"""Prevents duplicate ingestion by verifying whether an extent with the specified ingest-by tag already exists""" - - report_level: Annotated[ - Optional[OutputResponseReportLevel], pydantic.Field(alias="reportLevel") - ] = None - r"""Level of ingestion status reporting. Defaults to FailuresOnly.""" - - report_method: Annotated[ - Optional[OutputResponseReportMethod], pydantic.Field(alias="reportMethod") - ] = None - r"""Target of the ingestion status reporting. Defaults to Queue.""" - - additional_properties: Annotated[ - Optional[List[OutputResponseAdditionalProperty]], - pydantic.Field(alias="additionalProperties"), - ] = None - r"""Optionally, enter additional configuration properties to send to the ingestion service""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - keep_alive: Annotated[Optional[bool], pydantic.Field(alias="keepAlive")] = None - r"""Disable to close the connection immediately after sending the outgoing request""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsAzureDataExplorer], - pydantic.Field(alias="pqControls"), - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_cluster_url: Annotated[ - Optional[str], pydantic.Field(alias="__template_clusterUrl") - ] = None - r"""Binds 'clusterUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clusterUrl' at runtime.""" - - template_database: Annotated[ - Optional[str], pydantic.Field(alias="__template_database") - ] = None - r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" - - template_table: Annotated[ - Optional[str], pydantic.Field(alias="__template_table") - ] = None - r"""Binds 'table' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'table' at runtime.""" - - template_oauth_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_oauthEndpoint") - ] = None - r"""Binds 'oauthEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'oauthEndpoint' at runtime.""" - - template_tenant_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_tenantId") - ] = None - r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" - - template_client_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_clientId") - ] = None - r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" - - template_scope: Annotated[ - Optional[str], pydantic.Field(alias="__template_scope") - ] = None - r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" - - template_client_secret: Annotated[ - Optional[str], pydantic.Field(alias="__template_clientSecret") - ] = None - r"""Binds 'clientSecret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecret' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - template_parquet_schema: Annotated[ - Optional[str], pydantic.Field(alias="__template_parquetSchema") - ] = None - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - template_mapping_ref: Annotated[ - Optional[str], pydantic.Field(alias="__template_mappingRef") - ] = None - r"""Binds 'mappingRef' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'mappingRef' at runtime.""" - - template_ingest_url: Annotated[ - Optional[str], pydantic.Field(alias="__template_ingestUrl") - ] = None - r"""Binds 'ingestUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'ingestUrl' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="__template_fileNameSuffix") - ] = None - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("ingest_mode") - def serialize_ingest_mode(self, value): - if isinstance(value, str): - try: - return models.OutputResponseIngestionMode(value) - except ValueError: - return value - return value - - @field_serializer("oauth_endpoint") - def serialize_oauth_endpoint(self, value): - if isinstance(value, str): - try: - return models.MicrosoftEntraIDAuthenticationEndpointOptionsSasl(value) - except ValueError: - return value - return value - - @field_serializer("oauth_type") - def serialize_oauth_type(self, value): - if isinstance(value, str): - try: - return models.OutputResponseAuthenticationMethodAzureDataExplorer(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.DataFormatOptions(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsHTTP(value) - except ValueError: - return value - return value - - @field_serializer("compression_level") - def serialize_compression_level(self, value): - if isinstance(value, str): - try: - return models.CompressionLevelOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_version") - def serialize_parquet_version(self, value): - if isinstance(value, str): - try: - return models.ParquetVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_data_page_version") - def serialize_parquet_data_page_version(self, value): - if isinstance(value, str): - try: - return models.DataPageVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_disk_full_backpressure") - def serialize_on_disk_full_backpressure(self, value): - if isinstance(value, str): - try: - return models.DiskSpaceProtectionOptions(value) - except ValueError: - return value - return value - - @field_serializer("report_level") - def serialize_report_level(self, value): - if isinstance(value, str): - try: - return models.OutputResponseReportLevel(value) - except ValueError: - return value - return value - - @field_serializer("report_method") - def serialize_report_method(self, value): - if isinstance(value, str): - try: - return models.OutputResponseReportMethod(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "validateDatabaseSettings", - "ingestMode", - "description", - "clientSecret", - "textSecret", - "certificate", - "format", - "compressionLevel", - "automaticSchema", - "parquetSchema", - "parquetVersion", - "parquetDataPageVersion", - "parquetRowGroupLength", - "parquetPageSize", - "shouldLogInvalidRows", - "keyValueMetadata", - "enableStatistics", - "enableWritePageIndex", - "enablePageChecksum", - "removeEmptyDirs", - "emptyDirCleanupSec", - "directoryBatchSize", - "deadletterEnabled", - "deadletterPath", - "maxRetryNum", - "isMappingObj", - "mappingObj", - "mappingRef", - "ingestUrl", - "onBackpressure", - "stagePath", - "fileNameSuffix", - "maxFileSizeMB", - "maxFileOpenTimeSec", - "maxFileIdleTimeSec", - "maxOpenFiles", - "maxConcurrentFileParts", - "onDiskFullBackpressure", - "addIdToStagePath", - "retrySettings", - "orphans", - "timeoutSec", - "flushImmediately", - "retainBlobOnSuccess", - "extentTags", - "ingestIfNotExists", - "reportLevel", - "reportMethod", - "additionalProperties", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "flushPeriodSec", - "rejectUnauthorized", - "useRoundRobinDns", - "keepAlive", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_clusterUrl", - "__template_database", - "__template_table", - "__template_oauthEndpoint", - "__template_tenantId", - "__template_clientId", - "__template_scope", - "__template_clientSecret", - "__template_format", - "__template_compress", - "__template_parquetSchema", - "__template_mappingRef", - "__template_ingestUrl", - "__template_onBackpressure", - "__template_fileNameSuffix", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeAzureBlob(str, Enum): - AZURE_BLOB = "azure_blob" - - -class OutputResponseBlobAccessTier(str, Enum, metaclass=utils.OpenEnumMeta): - # Default account access tier - INFERRED = "Inferred" - # Hot tier - HOT = "Hot" - # Cool tier - COOL = "Cool" - # Cold tier - COLD = "Cold" - # Archive tier - ARCHIVE = "Archive" - - -class OutputResponseOutputAzureBlobTypedDict(TypedDict): - type: OutputResponseTypeAzureBlob - container_name: str - r"""The Azure Blob Storage container name. Name can include only lowercase letters, numbers, and hyphens. For dynamic container names, enter a JavaScript expression within quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myContainer-${C.env[\"CRIBL_WORKER_ID\"]}`.""" - stage_path: str - r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - create_container: NotRequired[bool] - r"""Create the configured container in Azure Blob Storage if it does not already exist""" - dest_path: NotRequired[str] - r"""Root directory prepended to path before uploading. Value can be a JavaScript expression enclosed in quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myBlobPrefix-${C.env[\"CRIBL_WORKER_ID\"]}`.""" - add_id_to_stage_path: NotRequired[bool] - r"""Add the Output ID value to staging location""" - max_concurrent_file_parts: NotRequired[float] - r"""Maximum number of parts to upload in parallel per file""" - remove_empty_dirs: NotRequired[bool] - r"""Remove empty staging directories after moving files""" - partition_expr: NotRequired[str] - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - format_: NotRequired[DataFormatOptions] - r"""Format of the output data""" - base_file_name: NotRequired[str] - r"""JavaScript expression to define the output filename prefix (can be constant)""" - file_name_suffix: NotRequired[str] - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - max_file_size_mb: NotRequired[float] - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - max_file_open_time_sec: NotRequired[float] - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - max_file_idle_time_sec: NotRequired[float] - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - max_open_files: NotRequired[float] - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - header_line: NotRequired[str] - r"""If set, this line will be written to the beginning of each output file""" - write_high_water_mark: NotRequired[float] - r"""Buffer size used to write to a file""" - on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] - r"""How to handle events when all receivers are exerting backpressure""" - deadletter_enabled: NotRequired[bool] - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - force_close_on_shutdown: NotRequired[bool] - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - retry_settings: NotRequired[RetrySettingsTypeTypedDict] - orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] - auth_type: NotRequired[AuthenticationMethodOptions] - storage_class: NotRequired[OutputResponseBlobAccessTier] - description: NotRequired[str] - compress: NotRequired[CompressionOptionsHTTP] - r"""Data compression format to apply to HTTP content before it is delivered""" - compression_level: NotRequired[CompressionLevelOptions] - r"""Compression level to apply before moving files to final destination""" - automatic_schema: NotRequired[bool] - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - parquet_schema: NotRequired[str] - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - parquet_version: NotRequired[ParquetVersionOptions] - r"""Determines which data types are supported and how they are represented""" - parquet_data_page_version: NotRequired[DataPageVersionOptions] - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - parquet_row_group_length: NotRequired[float] - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - parquet_page_size: NotRequired[str] - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - should_log_invalid_rows: NotRequired[bool] - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - enable_statistics: NotRequired[bool] - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - enable_write_page_index: NotRequired[bool] - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - enable_page_checksum: NotRequired[bool] - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - empty_dir_cleanup_sec: NotRequired[float] - r"""How frequently, in seconds, to clean up empty directories""" - directory_batch_size: NotRequired[float] - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - deadletter_path: NotRequired[str] - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - max_retry_num: NotRequired[float] - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - connection_string: NotRequired[str] - r"""Enter your Azure Storage account connection string. If left blank, Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING.""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - storage_account_name: NotRequired[str] - r"""The name of your Azure storage account""" - tenant_id: NotRequired[str] - r"""The service principal's tenant ID""" - client_id: NotRequired[str] - r"""The service principal's client ID""" - azure_cloud: NotRequired[str] - r"""The Azure cloud to use. Defaults to Azure Public Cloud.""" - endpoint_suffix: NotRequired[str] - r"""Endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net.""" - client_text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - certificate: NotRequired[CertificateTypeAzureBlobAuthTypeClientCertTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_container_name: NotRequired[str] - r"""Binds 'containerName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'containerName' at runtime.""" - template_dest_path: NotRequired[str] - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - template_partition_expr: NotRequired[str] - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_base_file_name: NotRequired[str] - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - template_file_name_suffix: NotRequired[str] - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - template_parquet_schema: NotRequired[str] - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - template_connection_string: NotRequired[str] - r"""Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime.""" - template_storage_account_name: NotRequired[str] - r"""Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime.""" - template_tenant_id: NotRequired[str] - r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" - template_client_id: NotRequired[str] - r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" - template_azure_cloud: NotRequired[str] - r"""Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputAzureBlob(BaseModel): - type: OutputResponseTypeAzureBlob - - container_name: Annotated[str, pydantic.Field(alias="containerName")] - r"""The Azure Blob Storage container name. Name can include only lowercase letters, numbers, and hyphens. For dynamic container names, enter a JavaScript expression within quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myContainer-${C.env[\"CRIBL_WORKER_ID\"]}`.""" - - stage_path: Annotated[str, pydantic.Field(alias="stagePath")] - r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - create_container: Annotated[ - Optional[bool], pydantic.Field(alias="createContainer") - ] = None - r"""Create the configured container in Azure Blob Storage if it does not already exist""" - - dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None - r"""Root directory prepended to path before uploading. Value can be a JavaScript expression enclosed in quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myBlobPrefix-${C.env[\"CRIBL_WORKER_ID\"]}`.""" - - add_id_to_stage_path: Annotated[ - Optional[bool], pydantic.Field(alias="addIdToStagePath") - ] = None - r"""Add the Output ID value to staging location""" - - max_concurrent_file_parts: Annotated[ - Optional[float], pydantic.Field(alias="maxConcurrentFileParts") - ] = None - r"""Maximum number of parts to upload in parallel per file""" - - remove_empty_dirs: Annotated[ - Optional[bool], pydantic.Field(alias="removeEmptyDirs") - ] = None - r"""Remove empty staging directories after moving files""" - - partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( - None - ) - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - - format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( - None - ) - r"""Format of the output data""" - - base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( - None - ) - r"""JavaScript expression to define the output filename prefix (can be constant)""" - - file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="fileNameSuffix") - ] = None - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - - max_file_size_mb: Annotated[ - Optional[float], pydantic.Field(alias="maxFileSizeMB") - ] = None - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - - max_file_open_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") - ] = None - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - - max_file_idle_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") - ] = None - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - - max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( - None - ) - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - - header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None - r"""If set, this line will be written to the beginning of each output file""" - - write_high_water_mark: Annotated[ - Optional[float], pydantic.Field(alias="writeHighWaterMark") - ] = None - r"""Buffer size used to write to a file""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptionsBlockDrop], - pydantic.Field(alias="onBackpressure"), - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - deadletter_enabled: Annotated[ - Optional[bool], pydantic.Field(alias="deadletterEnabled") - ] = None - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - - on_disk_full_backpressure: Annotated[ - Optional[DiskSpaceProtectionOptions], - pydantic.Field(alias="onDiskFullBackpressure"), - ] = None - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - - force_close_on_shutdown: Annotated[ - Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") - ] = None - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - - retry_settings: Annotated[ - Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") - ] = None - - orphans: Optional[OrphanFileRecoveryType] = None - - auth_type: Annotated[ - Optional[AuthenticationMethodOptions], pydantic.Field(alias="authType") - ] = None - - storage_class: Annotated[ - Optional[OutputResponseBlobAccessTier], pydantic.Field(alias="storageClass") - ] = None - - description: Optional[str] = None - - compress: Optional[CompressionOptionsHTTP] = None - r"""Data compression format to apply to HTTP content before it is delivered""" - - compression_level: Annotated[ - Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") - ] = None - r"""Compression level to apply before moving files to final destination""" - - automatic_schema: Annotated[ - Optional[bool], pydantic.Field(alias="automaticSchema") - ] = None - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - - parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( - None - ) - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - - parquet_version: Annotated[ - Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") - ] = None - r"""Determines which data types are supported and how they are represented""" - - parquet_data_page_version: Annotated[ - Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") - ] = None - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - - parquet_row_group_length: Annotated[ - Optional[float], pydantic.Field(alias="parquetRowGroupLength") - ] = None - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - - parquet_page_size: Annotated[ - Optional[str], pydantic.Field(alias="parquetPageSize") - ] = None - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - - should_log_invalid_rows: Annotated[ - Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") - ] = None - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - - key_value_metadata: Annotated[ - Optional[List[KeyValueMetadataConfOutputFilesystem]], - pydantic.Field(alias="keyValueMetadata"), - ] = None - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - - enable_statistics: Annotated[ - Optional[bool], pydantic.Field(alias="enableStatistics") - ] = None - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - - enable_write_page_index: Annotated[ - Optional[bool], pydantic.Field(alias="enableWritePageIndex") - ] = None - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - - enable_page_checksum: Annotated[ - Optional[bool], pydantic.Field(alias="enablePageChecksum") - ] = None - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - - empty_dir_cleanup_sec: Annotated[ - Optional[float], pydantic.Field(alias="emptyDirCleanupSec") - ] = None - r"""How frequently, in seconds, to clean up empty directories""" - - directory_batch_size: Annotated[ - Optional[float], pydantic.Field(alias="directoryBatchSize") - ] = None - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - - deadletter_path: Annotated[ - Optional[str], pydantic.Field(alias="deadletterPath") - ] = None - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - - max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( - None - ) - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - - connection_string: Annotated[ - Optional[str], pydantic.Field(alias="connectionString") - ] = None - r"""Enter your Azure Storage account connection string. If left blank, Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING.""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - storage_account_name: Annotated[ - Optional[str], pydantic.Field(alias="storageAccountName") - ] = None - r"""The name of your Azure storage account""" - - tenant_id: Annotated[Optional[str], pydantic.Field(alias="tenantId")] = None - r"""The service principal's tenant ID""" - - client_id: Annotated[Optional[str], pydantic.Field(alias="clientId")] = None - r"""The service principal's client ID""" - - azure_cloud: Annotated[Optional[str], pydantic.Field(alias="azureCloud")] = None - r"""The Azure cloud to use. Defaults to Azure Public Cloud.""" - - endpoint_suffix: Annotated[ - Optional[str], pydantic.Field(alias="endpointSuffix") - ] = None - r"""Endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net.""" - - client_text_secret: Annotated[ - Optional[str], pydantic.Field(alias="clientTextSecret") - ] = None - r"""Select or create a stored text secret""" - - certificate: Optional[CertificateTypeAzureBlobAuthTypeClientCert] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_container_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_containerName") - ] = None - r"""Binds 'containerName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'containerName' at runtime.""" - - template_dest_path: Annotated[ - Optional[str], pydantic.Field(alias="__template_destPath") - ] = None - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - - template_partition_expr: Annotated[ - Optional[str], pydantic.Field(alias="__template_partitionExpr") - ] = None - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_base_file_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_baseFileName") - ] = None - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - - template_file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="__template_fileNameSuffix") - ] = None - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - template_parquet_schema: Annotated[ - Optional[str], pydantic.Field(alias="__template_parquetSchema") - ] = None - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - template_connection_string: Annotated[ - Optional[str], pydantic.Field(alias="__template_connectionString") - ] = None - r"""Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime.""" - - template_storage_account_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_storageAccountName") - ] = None - r"""Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime.""" - - template_tenant_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_tenantId") - ] = None - r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" - - template_client_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_clientId") - ] = None - r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" - - template_azure_cloud: Annotated[ - Optional[str], pydantic.Field(alias="__template_azureCloud") - ] = None - r"""Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.DataFormatOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptionsBlockDrop(value) - except ValueError: - return value - return value - - @field_serializer("on_disk_full_backpressure") - def serialize_on_disk_full_backpressure(self, value): - if isinstance(value, str): - try: - return models.DiskSpaceProtectionOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptions(value) - except ValueError: - return value - return value - - @field_serializer("storage_class") - def serialize_storage_class(self, value): - if isinstance(value, str): - try: - return models.OutputResponseBlobAccessTier(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsHTTP(value) - except ValueError: - return value - return value - - @field_serializer("compression_level") - def serialize_compression_level(self, value): - if isinstance(value, str): - try: - return models.CompressionLevelOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_version") - def serialize_parquet_version(self, value): - if isinstance(value, str): - try: - return models.ParquetVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_data_page_version") - def serialize_parquet_data_page_version(self, value): - if isinstance(value, str): - try: - return models.DataPageVersionOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "createContainer", - "destPath", - "addIdToStagePath", - "maxConcurrentFileParts", - "removeEmptyDirs", - "partitionExpr", - "format", - "baseFileName", - "fileNameSuffix", - "maxFileSizeMB", - "maxFileOpenTimeSec", - "maxFileIdleTimeSec", - "maxOpenFiles", - "headerLine", - "writeHighWaterMark", - "onBackpressure", - "deadletterEnabled", - "onDiskFullBackpressure", - "forceCloseOnShutdown", - "retrySettings", - "orphans", - "authType", - "storageClass", - "description", - "compress", - "compressionLevel", - "automaticSchema", - "parquetSchema", - "parquetVersion", - "parquetDataPageVersion", - "parquetRowGroupLength", - "parquetPageSize", - "shouldLogInvalidRows", - "keyValueMetadata", - "enableStatistics", - "enableWritePageIndex", - "enablePageChecksum", - "emptyDirCleanupSec", - "directoryBatchSize", - "deadletterPath", - "maxRetryNum", - "connectionString", - "textSecret", - "storageAccountName", - "tenantId", - "clientId", - "azureCloud", - "endpointSuffix", - "clientTextSecret", - "certificate", - "__template_streamtags", - "__template_containerName", - "__template_destPath", - "__template_partitionExpr", - "__template_format", - "__template_baseFileName", - "__template_fileNameSuffix", - "__template_onBackpressure", - "__template_compress", - "__template_parquetSchema", - "__template_connectionString", - "__template_storageAccountName", - "__template_tenantId", - "__template_clientId", - "__template_azureCloud", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeS3(str, Enum): - S3 = "s3" - - -class OutputResponseOutputS3TypedDict(TypedDict): - type: OutputResponseTypeS3 - bucket: str - r"""Name of the destination S3 bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" - stage_path: str - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - endpoint: NotRequired[str] - r"""S3 service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to S3-compatible endpoint.""" - enable_assume_role: NotRequired[bool] - r"""Use Assume Role credentials to access S3""" - assume_role_arn: NotRequired[str] - r"""Amazon Resource Name (ARN) of the role to assume""" - assume_role_external_id: NotRequired[str] - r"""External ID to use when assuming role""" - duration_seconds: NotRequired[float] - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] - r"""AWS authentication method. Choose Auto to use IAM roles.""" - reuse_connections: NotRequired[bool] - r"""Reuse connections between requests, which can improve performance""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - region: NotRequired[str] - r"""Region where the S3 bucket is located""" - dest_path: NotRequired[str] - r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" - max_concurrent_file_parts: NotRequired[float] - r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" - verify_permissions: NotRequired[bool] - r"""Disable if you can access files within the bucket but not the bucket itself""" - max_closing_files_to_backpressure: NotRequired[float] - r"""Maximum number of files that can be waiting for upload before backpressure is applied""" - add_id_to_stage_path: NotRequired[bool] - r"""Add the Output ID value to staging location""" - remove_empty_dirs: NotRequired[bool] - r"""Remove empty staging directories after moving files""" - partition_expr: NotRequired[str] - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - format_: NotRequired[DataFormatOptions] - r"""Format of the output data""" - base_file_name: NotRequired[str] - r"""JavaScript expression to define the output filename prefix (can be constant)""" - file_name_suffix: NotRequired[str] - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - max_file_size_mb: NotRequired[float] - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - max_file_open_time_sec: NotRequired[float] - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - max_file_idle_time_sec: NotRequired[float] - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - max_open_files: NotRequired[float] - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - header_line: NotRequired[str] - r"""If set, this line will be written to the beginning of each output file""" - write_high_water_mark: NotRequired[float] - r"""Buffer size used to write to a file""" - on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] - r"""How to handle events when all receivers are exerting backpressure""" - deadletter_enabled: NotRequired[bool] - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - force_close_on_shutdown: NotRequired[bool] - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - retry_settings: NotRequired[RetrySettingsTypeTypedDict] - orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] - aws_secret_key: NotRequired[str] - r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" - object_acl: NotRequired[ObjectACLOptions] - r"""Object ACL to assign to uploaded objects""" - storage_class: NotRequired[StorageClassOptions] - r"""Storage class to select for uploaded objects""" - server_side_encryption: NotRequired[ServerSideEncryptionForUploadedObjectsOptions] - r"""Server-side encryption to use for uploaded objects""" - kms_key_id: NotRequired[str] - r"""ID or ARN of the KMS customer-managed key to use for encryption""" - description: NotRequired[str] - aws_api_key: NotRequired[str] - r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" - aws_secret: NotRequired[str] - r"""Select or create a stored secret that references your access key and secret key""" - compress: NotRequired[CompressionOptionsHTTP] - r"""Data compression format to apply to HTTP content before it is delivered""" - compression_level: NotRequired[CompressionLevelOptions] - r"""Compression level to apply before moving files to final destination""" - automatic_schema: NotRequired[bool] - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - parquet_schema: NotRequired[str] - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - parquet_version: NotRequired[ParquetVersionOptions] - r"""Determines which data types are supported and how they are represented""" - parquet_data_page_version: NotRequired[DataPageVersionOptions] - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - parquet_row_group_length: NotRequired[float] - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - parquet_page_size: NotRequired[str] - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - should_log_invalid_rows: NotRequired[bool] - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - enable_statistics: NotRequired[bool] - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - enable_write_page_index: NotRequired[bool] - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - enable_page_checksum: NotRequired[bool] - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - empty_dir_cleanup_sec: NotRequired[float] - r"""How frequently, in seconds, to clean up empty directories""" - directory_batch_size: NotRequired[float] - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - deadletter_path: NotRequired[str] - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - max_retry_num: NotRequired[float] - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_endpoint: NotRequired[str] - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - template_assume_role_arn: NotRequired[str] - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - template_assume_role_external_id: NotRequired[str] - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - template_bucket: NotRequired[str] - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - template_region: NotRequired[str] - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - template_dest_path: NotRequired[str] - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - template_partition_expr: NotRequired[str] - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_base_file_name: NotRequired[str] - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - template_file_name_suffix: NotRequired[str] - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_aws_secret_key: NotRequired[str] - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - template_object_acl: NotRequired[str] - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - template_storage_class: NotRequired[str] - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - template_server_side_encryption: NotRequired[str] - r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" - template_kms_key_id: NotRequired[str] - r"""Binds 'kmsKeyId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'kmsKeyId' at runtime.""" - template_aws_api_key: NotRequired[str] - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - template_parquet_schema: NotRequired[str] - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputS3(BaseModel): - type: OutputResponseTypeS3 - - bucket: str - r"""Name of the destination S3 bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" - - stage_path: Annotated[str, pydantic.Field(alias="stagePath")] - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - endpoint: Optional[str] = None - r"""S3 service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to S3-compatible endpoint.""" - - enable_assume_role: Annotated[ - Optional[bool], pydantic.Field(alias="enableAssumeRole") - ] = None - r"""Use Assume Role credentials to access S3""" - - assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( - None - ) - r"""Amazon Resource Name (ARN) of the role to assume""" - - assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="assumeRoleExternalId") - ] = None - r"""External ID to use when assuming role""" - - duration_seconds: Annotated[ - Optional[float], pydantic.Field(alias="durationSeconds") - ] = None - r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" - - aws_authentication_method: Annotated[ - Optional[AuthenticationMethodOptionsS3CollectorConf], - pydantic.Field(alias="awsAuthenticationMethod"), - ] = None - r"""AWS authentication method. Choose Auto to use IAM roles.""" - - reuse_connections: Annotated[ - Optional[bool], pydantic.Field(alias="reuseConnections") - ] = None - r"""Reuse connections between requests, which can improve performance""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" - - region: Optional[str] = None - r"""Region where the S3 bucket is located""" - - dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None - r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" - - max_concurrent_file_parts: Annotated[ - Optional[float], pydantic.Field(alias="maxConcurrentFileParts") - ] = None - r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" - - verify_permissions: Annotated[ - Optional[bool], pydantic.Field(alias="verifyPermissions") - ] = None - r"""Disable if you can access files within the bucket but not the bucket itself""" - - max_closing_files_to_backpressure: Annotated[ - Optional[float], pydantic.Field(alias="maxClosingFilesToBackpressure") - ] = None - r"""Maximum number of files that can be waiting for upload before backpressure is applied""" - - add_id_to_stage_path: Annotated[ - Optional[bool], pydantic.Field(alias="addIdToStagePath") - ] = None - r"""Add the Output ID value to staging location""" - - remove_empty_dirs: Annotated[ - Optional[bool], pydantic.Field(alias="removeEmptyDirs") - ] = None - r"""Remove empty staging directories after moving files""" - - partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( - None - ) - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - - format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( - None - ) - r"""Format of the output data""" - - base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( - None - ) - r"""JavaScript expression to define the output filename prefix (can be constant)""" - - file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="fileNameSuffix") - ] = None - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - - max_file_size_mb: Annotated[ - Optional[float], pydantic.Field(alias="maxFileSizeMB") - ] = None - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - - max_file_open_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") - ] = None - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - - max_file_idle_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") - ] = None - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - - max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( - None - ) - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - - header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None - r"""If set, this line will be written to the beginning of each output file""" - - write_high_water_mark: Annotated[ - Optional[float], pydantic.Field(alias="writeHighWaterMark") - ] = None - r"""Buffer size used to write to a file""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptionsBlockDrop], - pydantic.Field(alias="onBackpressure"), - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - deadletter_enabled: Annotated[ - Optional[bool], pydantic.Field(alias="deadletterEnabled") - ] = None - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - - on_disk_full_backpressure: Annotated[ - Optional[DiskSpaceProtectionOptions], - pydantic.Field(alias="onDiskFullBackpressure"), - ] = None - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - - force_close_on_shutdown: Annotated[ - Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") - ] = None - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - - retry_settings: Annotated[ - Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") - ] = None - - orphans: Optional[OrphanFileRecoveryType] = None - - aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( - None - ) - r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" - - object_acl: Annotated[ - Optional[ObjectACLOptions], pydantic.Field(alias="objectACL") - ] = None - r"""Object ACL to assign to uploaded objects""" - - storage_class: Annotated[ - Optional[StorageClassOptions], pydantic.Field(alias="storageClass") - ] = None - r"""Storage class to select for uploaded objects""" - - server_side_encryption: Annotated[ - Optional[ServerSideEncryptionForUploadedObjectsOptions], - pydantic.Field(alias="serverSideEncryption"), - ] = None - r"""Server-side encryption to use for uploaded objects""" - - kms_key_id: Annotated[Optional[str], pydantic.Field(alias="kmsKeyId")] = None - r"""ID or ARN of the KMS customer-managed key to use for encryption""" - - description: Optional[str] = None - - aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None - r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" - - aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None - r"""Select or create a stored secret that references your access key and secret key""" - - compress: Optional[CompressionOptionsHTTP] = None - r"""Data compression format to apply to HTTP content before it is delivered""" - - compression_level: Annotated[ - Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") - ] = None - r"""Compression level to apply before moving files to final destination""" - - automatic_schema: Annotated[ - Optional[bool], pydantic.Field(alias="automaticSchema") - ] = None - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - - parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( - None - ) - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - - parquet_version: Annotated[ - Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") - ] = None - r"""Determines which data types are supported and how they are represented""" - - parquet_data_page_version: Annotated[ - Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") - ] = None - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - - parquet_row_group_length: Annotated[ - Optional[float], pydantic.Field(alias="parquetRowGroupLength") - ] = None - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - - parquet_page_size: Annotated[ - Optional[str], pydantic.Field(alias="parquetPageSize") - ] = None - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - - should_log_invalid_rows: Annotated[ - Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") - ] = None - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - - key_value_metadata: Annotated[ - Optional[List[KeyValueMetadataConfOutputFilesystem]], - pydantic.Field(alias="keyValueMetadata"), - ] = None - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - - enable_statistics: Annotated[ - Optional[bool], pydantic.Field(alias="enableStatistics") - ] = None - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - - enable_write_page_index: Annotated[ - Optional[bool], pydantic.Field(alias="enableWritePageIndex") - ] = None - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - - enable_page_checksum: Annotated[ - Optional[bool], pydantic.Field(alias="enablePageChecksum") - ] = None - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - - empty_dir_cleanup_sec: Annotated[ - Optional[float], pydantic.Field(alias="emptyDirCleanupSec") - ] = None - r"""How frequently, in seconds, to clean up empty directories""" - - directory_batch_size: Annotated[ - Optional[float], pydantic.Field(alias="directoryBatchSize") - ] = None - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - - deadletter_path: Annotated[ - Optional[str], pydantic.Field(alias="deadletterPath") - ] = None - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - - max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( - None - ) - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_endpoint") - ] = None - r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" - - template_assume_role_arn: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleArn") - ] = None - r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" - - template_assume_role_external_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") - ] = None - r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" - - template_bucket: Annotated[ - Optional[str], pydantic.Field(alias="__template_bucket") - ] = None - r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" - - template_region: Annotated[ - Optional[str], pydantic.Field(alias="__template_region") - ] = None - r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" - - template_dest_path: Annotated[ - Optional[str], pydantic.Field(alias="__template_destPath") - ] = None - r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" - - template_partition_expr: Annotated[ - Optional[str], pydantic.Field(alias="__template_partitionExpr") - ] = None - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_base_file_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_baseFileName") - ] = None - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - - template_file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="__template_fileNameSuffix") - ] = None - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_aws_secret_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsSecretKey") - ] = None - r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" - - template_object_acl: Annotated[ - Optional[str], pydantic.Field(alias="__template_objectACL") - ] = None - r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" - - template_storage_class: Annotated[ - Optional[str], pydantic.Field(alias="__template_storageClass") - ] = None - r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" - - template_server_side_encryption: Annotated[ - Optional[str], pydantic.Field(alias="__template_serverSideEncryption") - ] = None - r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" - - template_kms_key_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_kmsKeyId") - ] = None - r"""Binds 'kmsKeyId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'kmsKeyId' at runtime.""" - - template_aws_api_key: Annotated[ - Optional[str], pydantic.Field(alias="__template_awsApiKey") - ] = None - r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - template_parquet_schema: Annotated[ - Optional[str], pydantic.Field(alias="__template_parquetSchema") - ] = None - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("aws_authentication_method") - def serialize_aws_authentication_method(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsS3CollectorConf(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.DataFormatOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptionsBlockDrop(value) - except ValueError: - return value - return value - - @field_serializer("on_disk_full_backpressure") - def serialize_on_disk_full_backpressure(self, value): - if isinstance(value, str): - try: - return models.DiskSpaceProtectionOptions(value) - except ValueError: - return value - return value - - @field_serializer("object_acl") - def serialize_object_acl(self, value): - if isinstance(value, str): - try: - return models.ObjectACLOptions(value) - except ValueError: - return value - return value - - @field_serializer("storage_class") - def serialize_storage_class(self, value): - if isinstance(value, str): - try: - return models.StorageClassOptions(value) - except ValueError: - return value - return value - - @field_serializer("server_side_encryption") - def serialize_server_side_encryption(self, value): - if isinstance(value, str): - try: - return models.ServerSideEncryptionForUploadedObjectsOptions(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsHTTP(value) - except ValueError: - return value - return value - - @field_serializer("compression_level") - def serialize_compression_level(self, value): - if isinstance(value, str): - try: - return models.CompressionLevelOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_version") - def serialize_parquet_version(self, value): - if isinstance(value, str): - try: - return models.ParquetVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_data_page_version") - def serialize_parquet_data_page_version(self, value): - if isinstance(value, str): - try: - return models.DataPageVersionOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "endpoint", - "enableAssumeRole", - "assumeRoleArn", - "assumeRoleExternalId", - "durationSeconds", - "awsAuthenticationMethod", - "reuseConnections", - "rejectUnauthorized", - "region", - "destPath", - "maxConcurrentFileParts", - "verifyPermissions", - "maxClosingFilesToBackpressure", - "addIdToStagePath", - "removeEmptyDirs", - "partitionExpr", - "format", - "baseFileName", - "fileNameSuffix", - "maxFileSizeMB", - "maxFileOpenTimeSec", - "maxFileIdleTimeSec", - "maxOpenFiles", - "headerLine", - "writeHighWaterMark", - "onBackpressure", - "deadletterEnabled", - "onDiskFullBackpressure", - "forceCloseOnShutdown", - "retrySettings", - "orphans", - "awsSecretKey", - "objectACL", - "storageClass", - "serverSideEncryption", - "kmsKeyId", - "description", - "awsApiKey", - "awsSecret", - "compress", - "compressionLevel", - "automaticSchema", - "parquetSchema", - "parquetVersion", - "parquetDataPageVersion", - "parquetRowGroupLength", - "parquetPageSize", - "shouldLogInvalidRows", - "keyValueMetadata", - "enableStatistics", - "enableWritePageIndex", - "enablePageChecksum", - "emptyDirCleanupSec", - "directoryBatchSize", - "deadletterPath", - "maxRetryNum", - "__template_streamtags", - "__template_endpoint", - "__template_assumeRoleArn", - "__template_assumeRoleExternalId", - "__template_bucket", - "__template_region", - "__template_destPath", - "__template_partitionExpr", - "__template_format", - "__template_baseFileName", - "__template_fileNameSuffix", - "__template_onBackpressure", - "__template_awsSecretKey", - "__template_objectACL", - "__template_storageClass", - "__template_serverSideEncryption", - "__template_kmsKeyId", - "__template_awsApiKey", - "__template_compress", - "__template_parquetSchema", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeFilesystem(str, Enum): - FILESYSTEM = "filesystem" - - -class OutputResponseOutputFilesystemTypedDict(TypedDict): - type: OutputResponseTypeFilesystem - dest_path: str - r"""Final destination for the output files""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - stage_path: NotRequired[str] - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - add_id_to_stage_path: NotRequired[bool] - r"""Add the Output ID value to staging location""" - remove_empty_dirs: NotRequired[bool] - r"""Remove empty staging directories after moving files""" - partition_expr: NotRequired[str] - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - format_: NotRequired[DataFormatOptions] - r"""Format of the output data""" - base_file_name: NotRequired[str] - r"""JavaScript expression to define the output filename prefix (can be constant)""" - file_name_suffix: NotRequired[str] - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - max_file_size_mb: NotRequired[float] - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - max_file_open_time_sec: NotRequired[float] - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - max_file_idle_time_sec: NotRequired[float] - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - max_open_files: NotRequired[float] - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - header_line: NotRequired[str] - r"""If set, this line will be written to the beginning of each output file""" - write_high_water_mark: NotRequired[float] - r"""Buffer size used to write to a file""" - on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] - r"""How to handle events when all receivers are exerting backpressure""" - deadletter_enabled: NotRequired[bool] - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - force_close_on_shutdown: NotRequired[bool] - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - retry_settings: NotRequired[RetrySettingsTypeTypedDict] - orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] - description: NotRequired[str] - compress: NotRequired[CompressionOptionsHTTP] - r"""Data compression format to apply to HTTP content before it is delivered""" - compression_level: NotRequired[CompressionLevelOptions] - r"""Compression level to apply before moving files to final destination""" - automatic_schema: NotRequired[bool] - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - parquet_schema: NotRequired[str] - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - parquet_version: NotRequired[ParquetVersionOptions] - r"""Determines which data types are supported and how they are represented""" - parquet_data_page_version: NotRequired[DataPageVersionOptions] - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - parquet_row_group_length: NotRequired[float] - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - parquet_page_size: NotRequired[str] - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - should_log_invalid_rows: NotRequired[bool] - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - enable_statistics: NotRequired[bool] - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - enable_write_page_index: NotRequired[bool] - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - enable_page_checksum: NotRequired[bool] - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - empty_dir_cleanup_sec: NotRequired[float] - r"""How frequently, in seconds, to clean up empty directories""" - directory_batch_size: NotRequired[float] - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - deadletter_path: NotRequired[str] - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - max_retry_num: NotRequired[float] - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_partition_expr: NotRequired[str] - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - template_format: NotRequired[str] - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - template_base_file_name: NotRequired[str] - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - template_file_name_suffix: NotRequired[str] - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - template_parquet_schema: NotRequired[str] - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputFilesystem(BaseModel): - type: OutputResponseTypeFilesystem - - dest_path: Annotated[str, pydantic.Field(alias="destPath")] - r"""Final destination for the output files""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - stage_path: Annotated[Optional[str], pydantic.Field(alias="stagePath")] = None - r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" - - add_id_to_stage_path: Annotated[ - Optional[bool], pydantic.Field(alias="addIdToStagePath") - ] = None - r"""Add the Output ID value to staging location""" - - remove_empty_dirs: Annotated[ - Optional[bool], pydantic.Field(alias="removeEmptyDirs") - ] = None - r"""Remove empty staging directories after moving files""" - - partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( - None - ) - r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" - - format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( - None - ) - r"""Format of the output data""" - - base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( - None - ) - r"""JavaScript expression to define the output filename prefix (can be constant)""" - - file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="fileNameSuffix") - ] = None - r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" - - max_file_size_mb: Annotated[ - Optional[float], pydantic.Field(alias="maxFileSizeMB") - ] = None - r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" - - max_file_open_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") - ] = None - r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" - - max_file_idle_time_sec: Annotated[ - Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") - ] = None - r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" - - max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( - None - ) - r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" - - header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None - r"""If set, this line will be written to the beginning of each output file""" - - write_high_water_mark: Annotated[ - Optional[float], pydantic.Field(alias="writeHighWaterMark") - ] = None - r"""Buffer size used to write to a file""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptionsBlockDrop], - pydantic.Field(alias="onBackpressure"), - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - deadletter_enabled: Annotated[ - Optional[bool], pydantic.Field(alias="deadletterEnabled") - ] = None - r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" - - on_disk_full_backpressure: Annotated[ - Optional[DiskSpaceProtectionOptions], - pydantic.Field(alias="onDiskFullBackpressure"), - ] = None - r"""How to handle events when disk space is below the global 'Min free disk space' limit""" - - force_close_on_shutdown: Annotated[ - Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") - ] = None - r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" - - retry_settings: Annotated[ - Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") - ] = None - - orphans: Optional[OrphanFileRecoveryType] = None - - description: Optional[str] = None - - compress: Optional[CompressionOptionsHTTP] = None - r"""Data compression format to apply to HTTP content before it is delivered""" - - compression_level: Annotated[ - Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") - ] = None - r"""Compression level to apply before moving files to final destination""" - - automatic_schema: Annotated[ - Optional[bool], pydantic.Field(alias="automaticSchema") - ] = None - r"""Automatically calculate the schema based on the events of each Parquet file generated""" - - parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( - None - ) - r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" - - parquet_version: Annotated[ - Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") - ] = None - r"""Determines which data types are supported and how they are represented""" - - parquet_data_page_version: Annotated[ - Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") - ] = None - r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" - - parquet_row_group_length: Annotated[ - Optional[float], pydantic.Field(alias="parquetRowGroupLength") - ] = None - r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" - - parquet_page_size: Annotated[ - Optional[str], pydantic.Field(alias="parquetPageSize") - ] = None - r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" - - should_log_invalid_rows: Annotated[ - Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") - ] = None - r"""Log up to 3 rows that @{product} skips due to data mismatch""" - - key_value_metadata: Annotated[ - Optional[List[KeyValueMetadataConfOutputFilesystem]], - pydantic.Field(alias="keyValueMetadata"), - ] = None - r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ - - enable_statistics: Annotated[ - Optional[bool], pydantic.Field(alias="enableStatistics") - ] = None - r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" - - enable_write_page_index: Annotated[ - Optional[bool], pydantic.Field(alias="enableWritePageIndex") - ] = None - r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" - - enable_page_checksum: Annotated[ - Optional[bool], pydantic.Field(alias="enablePageChecksum") - ] = None - r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" - - empty_dir_cleanup_sec: Annotated[ - Optional[float], pydantic.Field(alias="emptyDirCleanupSec") - ] = None - r"""How frequently, in seconds, to clean up empty directories""" - - directory_batch_size: Annotated[ - Optional[float], pydantic.Field(alias="directoryBatchSize") - ] = None - r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" - - deadletter_path: Annotated[ - Optional[str], pydantic.Field(alias="deadletterPath") - ] = None - r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" - - max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( - None - ) - r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_partition_expr: Annotated[ - Optional[str], pydantic.Field(alias="__template_partitionExpr") - ] = None - r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" - - template_format: Annotated[ - Optional[str], pydantic.Field(alias="__template_format") - ] = None - r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" - - template_base_file_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_baseFileName") - ] = None - r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" - - template_file_name_suffix: Annotated[ - Optional[str], pydantic.Field(alias="__template_fileNameSuffix") - ] = None - r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - template_parquet_schema: Annotated[ - Optional[str], pydantic.Field(alias="__template_parquetSchema") - ] = None - r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.DataFormatOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptionsBlockDrop(value) - except ValueError: - return value - return value - - @field_serializer("on_disk_full_backpressure") - def serialize_on_disk_full_backpressure(self, value): - if isinstance(value, str): - try: - return models.DiskSpaceProtectionOptions(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsHTTP(value) - except ValueError: - return value - return value - - @field_serializer("compression_level") - def serialize_compression_level(self, value): - if isinstance(value, str): - try: - return models.CompressionLevelOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_version") - def serialize_parquet_version(self, value): - if isinstance(value, str): - try: - return models.ParquetVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("parquet_data_page_version") - def serialize_parquet_data_page_version(self, value): - if isinstance(value, str): - try: - return models.DataPageVersionOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "stagePath", - "addIdToStagePath", - "removeEmptyDirs", - "partitionExpr", - "format", - "baseFileName", - "fileNameSuffix", - "maxFileSizeMB", - "maxFileOpenTimeSec", - "maxFileIdleTimeSec", - "maxOpenFiles", - "headerLine", - "writeHighWaterMark", - "onBackpressure", - "deadletterEnabled", - "onDiskFullBackpressure", - "forceCloseOnShutdown", - "retrySettings", - "orphans", - "description", - "compress", - "compressionLevel", - "automaticSchema", - "parquetSchema", - "parquetVersion", - "parquetDataPageVersion", - "parquetRowGroupLength", - "parquetPageSize", - "shouldLogInvalidRows", - "keyValueMetadata", - "enableStatistics", - "enableWritePageIndex", - "enablePageChecksum", - "emptyDirCleanupSec", - "directoryBatchSize", - "deadletterPath", - "maxRetryNum", - "__template_streamtags", - "__template_partitionExpr", - "__template_format", - "__template_baseFileName", - "__template_fileNameSuffix", - "__template_onBackpressure", - "__template_compress", - "__template_parquetSchema", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeSignalfx(str, Enum): - SIGNALFX = "signalfx" - - -class OutputResponsePqControlsSignalfxTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsSignalfx(BaseModel): - pass - - -class OutputResponseOutputSignalfxTypedDict(TypedDict): - type: OutputResponseTypeSignalfx - realm: str - r"""SignalFx realm name, e.g. \"us0\". For a complete list of available SignalFx realm names, please check [here](https://docs.splunk.com/observability/en/get-started/service-description.html#sd-regions).""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - token: NotRequired[str] - r"""SignalFx API access token (see [here](https://docs.signalfx.com/en/latest/admin-guide/tokens.html#working-with-access-tokens))""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsSignalfxTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputSignalfx(BaseModel): - type: OutputResponseTypeSignalfx - - realm: str - r"""SignalFx realm name, e.g. \"us0\". For a complete list of available SignalFx realm names, please check [here](https://docs.splunk.com/observability/en/get-started/service-description.html#sd-regions).""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - token: Optional[str] = None - r"""SignalFx API access token (see [here](https://docs.signalfx.com/en/latest/admin-guide/tokens.html#working-with-access-tokens))""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsSignalfx], pydantic.Field(alias="pqControls") - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "authType", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "description", - "token", - "textSecret", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeWavefront(str, Enum): - WAVEFRONT = "wavefront" - - -class OutputResponsePqControlsWavefrontTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsWavefront(BaseModel): - pass - - -class OutputResponseOutputWavefrontTypedDict(TypedDict): - type: OutputResponseTypeWavefront - domain: str - r"""WaveFront domain name, e.g. \"longboard\" """ - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - token: NotRequired[str] - r"""WaveFront API authentication token (see [here](https://docs.wavefront.com/wavefront_api.html#generating-an-api-token))""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsWavefrontTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputWavefront(BaseModel): - type: OutputResponseTypeWavefront - - domain: str - r"""WaveFront domain name, e.g. \"longboard\" """ - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - token: Optional[str] = None - r"""WaveFront API authentication token (see [here](https://docs.wavefront.com/wavefront_api.html#generating-an-api-token))""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsWavefront], pydantic.Field(alias="pqControls") - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "authType", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "description", - "token", - "textSecret", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeTcpjson(str, Enum): - TCPJSON = "tcpjson" - - -class OutputResponsePqControlsTcpjsonTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsTcpjson(BaseModel): - pass - - -class OutputResponseOutputTcpjsonTypedDict(TypedDict): - type: OutputResponseTypeTcpjson - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - load_balanced: NotRequired[bool] - r"""Use load-balanced destinations""" - compression: NotRequired[CompressionOptionsGzipNone] - r"""Codec to use to compress the data before sending""" - log_failed_requests: NotRequired[bool] - r"""Use to troubleshoot issues with sending data""" - throttle_rate_per_sec: NotRequired[str] - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] - connection_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - write_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - token_ttl_minutes: NotRequired[float] - r"""The number of minutes before the internally generated authentication token expires, valid values between 1 and 60""" - send_header: NotRequired[bool] - r"""Upon connection, send a header-like record containing the auth token and other metadata.This record will not contain an actual event – only subsequent records will.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - description: NotRequired[str] - host: NotRequired[str] - r"""The hostname of the receiver""" - port: NotRequired[float] - r"""The port to connect to on the provided host""" - exclude_self: NotRequired[bool] - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - hosts: NotRequired[List[HostConfOutputSyslogTypedDict]] - r"""Set of hosts to load-balance data to""" - dns_resolve_period_sec: NotRequired[float] - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - load_balance_stats_period_sec: NotRequired[float] - r"""How far back in time to keep traffic stats for load balancing purposes""" - max_concurrent_senders: NotRequired[float] - r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsTcpjsonTypedDict] - auth_token: NotRequired[str] - r"""Optional authentication token to include as part of the connection header""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_host: NotRequired[str] - r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" - template_port: NotRequired[str] - r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputTcpjson(BaseModel): - type: OutputResponseTypeTcpjson - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( - None - ) - r"""Use load-balanced destinations""" - - compression: Optional[CompressionOptionsGzipNone] = None - r"""Codec to use to compress the data before sending""" - - log_failed_requests: Annotated[ - Optional[bool], pydantic.Field(alias="logFailedRequests") - ] = None - r"""Use to troubleshoot issues with sending data""" - - throttle_rate_per_sec: Annotated[ - Optional[str], pydantic.Field(alias="throttleRatePerSec") - ] = None - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - - write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( - None - ) - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - - token_ttl_minutes: Annotated[ - Optional[float], pydantic.Field(alias="tokenTTLMinutes") - ] = None - r"""The number of minutes before the internally generated authentication token expires, valid values between 1 and 60""" - - send_header: Annotated[Optional[bool], pydantic.Field(alias="sendHeader")] = None - r"""Upon connection, send a header-like record containing the auth token and other metadata.This record will not contain an actual event – only subsequent records will.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - description: Optional[str] = None - - host: Optional[str] = None - r"""The hostname of the receiver""" - - port: Optional[float] = None - r"""The port to connect to on the provided host""" - - exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - - hosts: Optional[List[HostConfOutputSyslog]] = None - r"""Set of hosts to load-balance data to""" - - dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") - ] = None - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - - load_balance_stats_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") - ] = None - r"""How far back in time to keep traffic stats for load balancing purposes""" - - max_concurrent_senders: Annotated[ - Optional[float], pydantic.Field(alias="maxConcurrentSenders") - ] = None - r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsTcpjson], pydantic.Field(alias="pqControls") - ] = None - - auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None - r"""Optional authentication token to include as part of the connection header""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_host: Annotated[Optional[str], pydantic.Field(alias="__template_host")] = ( - None - ) - r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" - - template_port: Annotated[Optional[str], pydantic.Field(alias="__template_port")] = ( - None - ) - r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("compression") - def serialize_compression(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsGzipNone(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "loadBalanced", - "compression", - "logFailedRequests", - "throttleRatePerSec", - "tls", - "connectionTimeout", - "writeTimeout", - "tokenTTLMinutes", - "sendHeader", - "onBackpressure", - "authType", - "description", - "host", - "port", - "excludeSelf", - "hosts", - "dnsResolvePeriodSec", - "loadBalanceStatsPeriodSec", - "maxConcurrentSenders", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "authToken", - "textSecret", - "__template_streamtags", - "__template_onBackpressure", - "__template_host", - "__template_port", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeWizHec(str, Enum): - WIZ_HEC = "wiz_hec" - - -class OutputResponsePqControlsWizHecTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsWizHec(BaseModel): - pass - - -class OutputResponseOutputWizHecTypedDict(TypedDict): - type: OutputResponseTypeWizHec - wiz_connector_id: str - r"""The unique identifier for the specific Cribl connector defined in your Wiz Settings. This is used to cross-validate the bearer token and ensure traffic is originating from the authorized integration.""" - wiz_environment: str - r"""Your Wiz deployment environment.""" - data_center: str - r"""Your Wiz deployment data center (e.g., us1, us8, eu1). From Tenant Info → Data Center and Regions → Tenant Data Center in your Wiz console.""" - wiz_sourcetype: str - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - next_queue: NotRequired[str] - r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" - tcp_routing: NotRequired[str] - r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict] - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsWizHecTypedDict] - token: NotRequired[str] - r"""Wiz Defend Auth token""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_wiz_environment: NotRequired[str] - r"""Binds 'wiz_environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_environment' at runtime.""" - template_data_center: NotRequired[str] - r"""Binds 'data_center' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'data_center' at runtime.""" - template_wiz_sourcetype: NotRequired[str] - r"""Binds 'wiz_sourcetype' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_sourcetype' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputWizHec(BaseModel): - type: OutputResponseTypeWizHec - - wiz_connector_id: str - r"""The unique identifier for the specific Cribl connector defined in your Wiz Settings. This is used to cross-validate the bearer token and ensure traffic is originating from the authorized integration.""" - - wiz_environment: str - r"""Your Wiz deployment environment.""" - - data_center: str - r"""Your Wiz deployment data center (e.g., us1, us8, eu1). From Tenant Info → Data Center and Regions → Tenant Data Center in your Wiz console.""" - - wiz_sourcetype: str - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - next_queue: Annotated[Optional[str], pydantic.Field(alias="nextQueue")] = None - r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" - - tcp_routing: Annotated[Optional[str], pydantic.Field(alias="tcpRouting")] = None - r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPathExtended] = None - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsWizHec], pydantic.Field(alias="pqControls") - ] = None - - token: Optional[str] = None - r"""Wiz Defend Auth token""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_wiz_environment: Annotated[ - Optional[str], pydantic.Field(alias="__template_wiz_environment") - ] = None - r"""Binds 'wiz_environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_environment' at runtime.""" - - template_data_center: Annotated[ - Optional[str], pydantic.Field(alias="__template_data_center") - ] = None - r"""Binds 'data_center' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'data_center' at runtime.""" - - template_wiz_sourcetype: Annotated[ - Optional[str], pydantic.Field(alias="__template_wiz_sourcetype") - ] = None - r"""Binds 'wiz_sourcetype' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_sourcetype' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "nextQueue", - "tcpRouting", - "tls", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "failedRequestLoggingMode", - "safeHeaders", - "authType", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "description", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "token", - "textSecret", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_wiz_environment", - "__template_data_center", - "__template_wiz_sourcetype", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeSplunkHec(str, Enum): - SPLUNK_HEC = "splunk_hec" - - -class OutputResponseURLSplunkHecTypedDict(TypedDict): - url: str - r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" - weight: NotRequired[float] - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - -class OutputResponseURLSplunkHec(BaseModel): - url: str - r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" - - weight: Optional[float] = None - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["weight", "__template_url"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponsePqControlsSplunkHecTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsSplunkHec(BaseModel): - pass - - -class OutputResponseOutputSplunkHecTypedDict(TypedDict): - type: OutputResponseTypeSplunkHec - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - load_balanced: NotRequired[bool] - r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" - next_queue: NotRequired[str] - r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" - tcp_routing: NotRequired[str] - r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict] - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - enable_multi_metrics: NotRequired[bool] - r"""Output metrics in multiple-metric format, supported in Splunk 8.0 and above to allow multiple metrics in a single event.""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - description: NotRequired[str] - url: NotRequired[str] - r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - exclude_self: NotRequired[bool] - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - urls: NotRequired[List[OutputResponseURLSplunkHecTypedDict]] - dns_resolve_period_sec: NotRequired[float] - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - load_balance_stats_period_sec: NotRequired[float] - r"""How far back in time to keep traffic stats for load balancing purposes""" - token: NotRequired[str] - r"""Splunk HEC authentication token""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsSplunkHecTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputSplunkHec(BaseModel): - type: OutputResponseTypeSplunkHec - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( - None - ) - r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" - - next_queue: Annotated[Optional[str], pydantic.Field(alias="nextQueue")] = None - r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" - - tcp_routing: Annotated[Optional[str], pydantic.Field(alias="tcpRouting")] = None - r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPathExtended] = None - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - enable_multi_metrics: Annotated[ - Optional[bool], pydantic.Field(alias="enableMultiMetrics") - ] = None - r"""Output metrics in multiple-metric format, supported in Splunk 8.0 and above to allow multiple metrics in a single event.""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - description: Optional[str] = None - - url: Optional[str] = None - r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - - urls: Optional[List[OutputResponseURLSplunkHec]] = None - - dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") - ] = None - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - - load_balance_stats_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") - ] = None - r"""How far back in time to keep traffic stats for load balancing purposes""" - - token: Optional[str] = None - r"""Splunk HEC authentication token""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsSplunkHec], pydantic.Field(alias="pqControls") - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "loadBalanced", - "nextQueue", - "tcpRouting", - "tls", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "failedRequestLoggingMode", - "safeHeaders", - "enableMultiMetrics", - "authType", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "description", - "url", - "useRoundRobinDns", - "excludeSelf", - "urls", - "dnsResolvePeriodSec", - "loadBalanceStatsPeriodSec", - "token", - "textSecret", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_url", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeSplunkLb(str, Enum): - SPLUNK_LB = "splunk_lb" - - -class OutputResponseAuthTokenTypedDict(TypedDict): - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - auth_token: NotRequired[str] - r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - - -class OutputResponseAuthToken(BaseModel): - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None - r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["authType", "authToken", "textSecret"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseIndexerDiscoveryConfigsTypedDict(TypedDict): - r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" - - site: str - r"""Clustering site of the indexers from where indexers need to be discovered. In case of single site cluster, it defaults to 'default' site.""" - master_uri: str - r"""Full URI of Splunk cluster manager (scheme://host:port). Example: https://managerAddress:8089""" - refresh_interval_sec: float - r"""Time interval, in seconds, between two consecutive indexer list fetches from cluster manager""" - reject_unauthorized: NotRequired[bool] - r"""During indexer discovery, reject cluster manager certificates that are not authorized by the system's CA. Disable to allow untrusted (for example, self-signed) certificates.""" - auth_tokens: NotRequired[List[OutputResponseAuthTokenTypedDict]] - r"""Tokens required to authenticate to cluster manager for indexer discovery""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - auth_token: NotRequired[str] - r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - - -class OutputResponseIndexerDiscoveryConfigs(BaseModel): - r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" - - site: str - r"""Clustering site of the indexers from where indexers need to be discovered. In case of single site cluster, it defaults to 'default' site.""" - - master_uri: Annotated[str, pydantic.Field(alias="masterUri")] - r"""Full URI of Splunk cluster manager (scheme://host:port). Example: https://managerAddress:8089""" - - refresh_interval_sec: Annotated[float, pydantic.Field(alias="refreshIntervalSec")] - r"""Time interval, in seconds, between two consecutive indexer list fetches from cluster manager""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""During indexer discovery, reject cluster manager certificates that are not authorized by the system's CA. Disable to allow untrusted (for example, self-signed) certificates.""" - - auth_tokens: Annotated[ - Optional[List[OutputResponseAuthToken]], pydantic.Field(alias="authTokens") - ] = None - r"""Tokens required to authenticate to cluster manager for indexer discovery""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None - r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - ["rejectUnauthorized", "authTokens", "authType", "authToken", "textSecret"] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponsePqControlsSplunkLbTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsSplunkLb(BaseModel): - pass - - -class OutputResponseOutputSplunkLbTypedDict(TypedDict): - type: OutputResponseTypeSplunkLb - hosts: List[HostConfOutputSyslogTypedDict] - r"""Set of Splunk indexers to load-balance data to.""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - dns_resolve_period_sec: NotRequired[float] - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - load_balance_stats_period_sec: NotRequired[float] - r"""How far back in time to keep traffic stats for load balancing purposes""" - max_concurrent_senders: NotRequired[float] - r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" - nested_fields: NotRequired[NestedFieldSerializationOptions] - r"""How to serialize nested fields into index-time fields""" - throttle_rate_per_sec: NotRequired[str] - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - connection_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - write_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] - enable_multi_metrics: NotRequired[bool] - r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" - enable_ack: NotRequired[bool] - r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" - log_failed_requests: NotRequired[bool] - r"""Use to troubleshoot issues with sending data""" - max_s2_sversion: NotRequired[MaxS2SVersionOptions] - r"""The highest S2S protocol version to advertise during handshake""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - indexer_discovery: NotRequired[bool] - r"""Automatically discover indexers in indexer clustering environment.""" - sender_unhealthy_time_allowance: NotRequired[float] - r"""How long (in milliseconds) each LB endpoint can report blocked before the Destination reports unhealthy, blocking the sender. (Grace period for fluctuations.) Use 0 to disable; max 1 minute.""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - description: NotRequired[str] - max_failed_health_checks: NotRequired[float] - r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" - compress: NotRequired[CompressionOptions] - r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" - indexer_discovery_configs: NotRequired[ - OutputResponseIndexerDiscoveryConfigsTypedDict - ] - r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" - exclude_self: NotRequired[bool] - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsSplunkLbTypedDict] - auth_token: NotRequired[str] - r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_nested_fields: NotRequired[str] - r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" - template_max_s2_sversion: NotRequired[str] - r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputSplunkLb(BaseModel): - type: OutputResponseTypeSplunkLb - - hosts: List[HostConfOutputSyslog] - r"""Set of Splunk indexers to load-balance data to.""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") - ] = None - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - - load_balance_stats_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") - ] = None - r"""How far back in time to keep traffic stats for load balancing purposes""" - - max_concurrent_senders: Annotated[ - Optional[float], pydantic.Field(alias="maxConcurrentSenders") - ] = None - r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" - - nested_fields: Annotated[ - Optional[NestedFieldSerializationOptions], pydantic.Field(alias="nestedFields") - ] = None - r"""How to serialize nested fields into index-time fields""" - - throttle_rate_per_sec: Annotated[ - Optional[str], pydantic.Field(alias="throttleRatePerSec") - ] = None - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - - write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( - None - ) - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None - - enable_multi_metrics: Annotated[ - Optional[bool], pydantic.Field(alias="enableMultiMetrics") - ] = None - r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" - - enable_ack: Annotated[Optional[bool], pydantic.Field(alias="enableACK")] = None - r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" - - log_failed_requests: Annotated[ - Optional[bool], pydantic.Field(alias="logFailedRequests") - ] = None - r"""Use to troubleshoot issues with sending data""" - - max_s2_sversion: Annotated[ - Optional[MaxS2SVersionOptions], pydantic.Field(alias="maxS2Sversion") - ] = None - r"""The highest S2S protocol version to advertise during handshake""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - indexer_discovery: Annotated[ - Optional[bool], pydantic.Field(alias="indexerDiscovery") - ] = None - r"""Automatically discover indexers in indexer clustering environment.""" - - sender_unhealthy_time_allowance: Annotated[ - Optional[float], pydantic.Field(alias="senderUnhealthyTimeAllowance") - ] = None - r"""How long (in milliseconds) each LB endpoint can report blocked before the Destination reports unhealthy, blocking the sender. (Grace period for fluctuations.) Use 0 to disable; max 1 minute.""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - description: Optional[str] = None - - max_failed_health_checks: Annotated[ - Optional[float], pydantic.Field(alias="maxFailedHealthChecks") - ] = None - r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" - - compress: Optional[CompressionOptions] = None - r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" - - indexer_discovery_configs: Annotated[ - Optional[OutputResponseIndexerDiscoveryConfigs], - pydantic.Field(alias="indexerDiscoveryConfigs"), - ] = None - r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" - - exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsSplunkLb], pydantic.Field(alias="pqControls") - ] = None - - auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None - r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_nested_fields: Annotated[ - Optional[str], pydantic.Field(alias="__template_nestedFields") - ] = None - r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" - - template_max_s2_sversion: Annotated[ - Optional[str], pydantic.Field(alias="__template_maxS2Sversion") - ] = None - r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("nested_fields") - def serialize_nested_fields(self, value): - if isinstance(value, str): - try: - return models.NestedFieldSerializationOptions(value) - except ValueError: - return value - return value - - @field_serializer("max_s2_sversion") - def serialize_max_s2_sversion(self, value): - if isinstance(value, str): - try: - return models.MaxS2SVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "dnsResolvePeriodSec", - "loadBalanceStatsPeriodSec", - "maxConcurrentSenders", - "nestedFields", - "throttleRatePerSec", - "connectionTimeout", - "writeTimeout", - "tls", - "enableMultiMetrics", - "enableACK", - "logFailedRequests", - "maxS2Sversion", - "onBackpressure", - "indexerDiscovery", - "senderUnhealthyTimeAllowance", - "authType", - "description", - "maxFailedHealthChecks", - "compress", - "indexerDiscoveryConfigs", - "excludeSelf", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "authToken", - "textSecret", - "__template_streamtags", - "__template_nestedFields", - "__template_maxS2Sversion", - "__template_onBackpressure", - "__template_compress", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeSplunk(str, Enum): - SPLUNK = "splunk" - - -class OutputResponsePqControlsSplunkTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsSplunk(BaseModel): - pass - - -class OutputResponseOutputSplunkTypedDict(TypedDict): - type: OutputResponseTypeSplunk - host: str - r"""The hostname of the receiver""" - port: float - r"""The port to connect to on the provided host""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - nested_fields: NotRequired[NestedFieldSerializationOptions] - r"""How to serialize nested fields into index-time fields""" - throttle_rate_per_sec: NotRequired[str] - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - connection_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - write_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] - enable_multi_metrics: NotRequired[bool] - r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" - enable_ack: NotRequired[bool] - r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" - log_failed_requests: NotRequired[bool] - r"""Use to troubleshoot issues with sending data""" - max_s2_sversion: NotRequired[MaxS2SVersionOptions] - r"""The highest S2S protocol version to advertise during handshake""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - description: NotRequired[str] - max_failed_health_checks: NotRequired[float] - r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" - compress: NotRequired[CompressionOptions] - r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsSplunkTypedDict] - auth_token: NotRequired[str] - r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_host: NotRequired[str] - r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" - template_port: NotRequired[str] - r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" - template_nested_fields: NotRequired[str] - r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" - template_max_s2_sversion: NotRequired[str] - r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_compress: NotRequired[str] - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputSplunk(BaseModel): - type: OutputResponseTypeSplunk - - host: str - r"""The hostname of the receiver""" - - port: float - r"""The port to connect to on the provided host""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - nested_fields: Annotated[ - Optional[NestedFieldSerializationOptions], pydantic.Field(alias="nestedFields") - ] = None - r"""How to serialize nested fields into index-time fields""" - - throttle_rate_per_sec: Annotated[ - Optional[str], pydantic.Field(alias="throttleRatePerSec") - ] = None - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - - write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( - None - ) - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None - - enable_multi_metrics: Annotated[ - Optional[bool], pydantic.Field(alias="enableMultiMetrics") - ] = None - r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" - - enable_ack: Annotated[Optional[bool], pydantic.Field(alias="enableACK")] = None - r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" - - log_failed_requests: Annotated[ - Optional[bool], pydantic.Field(alias="logFailedRequests") - ] = None - r"""Use to troubleshoot issues with sending data""" - - max_s2_sversion: Annotated[ - Optional[MaxS2SVersionOptions], pydantic.Field(alias="maxS2Sversion") - ] = None - r"""The highest S2S protocol version to advertise during handshake""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[AuthenticationMethodOptionsAuthTokensItems], - pydantic.Field(alias="authType"), - ] = None - r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" - - description: Optional[str] = None - - max_failed_health_checks: Annotated[ - Optional[float], pydantic.Field(alias="maxFailedHealthChecks") - ] = None - r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" - - compress: Optional[CompressionOptions] = None - r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsSplunk], pydantic.Field(alias="pqControls") - ] = None - - auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None - r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_host: Annotated[Optional[str], pydantic.Field(alias="__template_host")] = ( - None - ) - r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" - - template_port: Annotated[Optional[str], pydantic.Field(alias="__template_port")] = ( - None - ) - r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" - - template_nested_fields: Annotated[ - Optional[str], pydantic.Field(alias="__template_nestedFields") - ] = None - r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" - - template_max_s2_sversion: Annotated[ - Optional[str], pydantic.Field(alias="__template_maxS2Sversion") - ] = None - r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_compress: Annotated[ - Optional[str], pydantic.Field(alias="__template_compress") - ] = None - r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("nested_fields") - def serialize_nested_fields(self, value): - if isinstance(value, str): - try: - return models.NestedFieldSerializationOptions(value) - except ValueError: - return value - return value - - @field_serializer("max_s2_sversion") - def serialize_max_s2_sversion(self, value): - if isinstance(value, str): - try: - return models.MaxS2SVersionOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.AuthenticationMethodOptionsAuthTokensItems(value) - except ValueError: - return value - return value - - @field_serializer("compress") - def serialize_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "nestedFields", - "throttleRatePerSec", - "connectionTimeout", - "writeTimeout", - "tls", - "enableMultiMetrics", - "enableACK", - "logFailedRequests", - "maxS2Sversion", - "onBackpressure", - "authType", - "description", - "maxFailedHealthChecks", - "compress", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "authToken", - "textSecret", - "__template_streamtags", - "__template_host", - "__template_port", - "__template_nestedFields", - "__template_maxS2Sversion", - "__template_onBackpressure", - "__template_compress", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeSyslog(str, Enum): - SYSLOG = "syslog" - - -class OutputResponseProtocolSyslog(str, Enum, metaclass=utils.OpenEnumMeta): - r"""The network protocol to use for sending out syslog messages""" - - # TCP - TCP = "tcp" - # UDP - UDP = "udp" - - -class OutputResponseFacility(int, Enum, metaclass=utils.OpenEnumMeta): - r"""Default value for message facility. Will be overwritten by value of __facility if set. Defaults to user.""" - - # kern - KERN = 0 - # user - USER = 1 - # mail - MAIL = 2 - # daemon - DAEMON = 3 - # auth - AUTH = 4 - # syslog - SYSLOG = 5 - # lpr - LPR = 6 - # news - NEWS = 7 - # uucp - UUCP = 8 - # cron - CRON = 9 - # authpriv - AUTHPRIV = 10 - # ftp - FTP = 11 - # ntp - NTP = 12 - # security - SECURITY = 13 - # console - CONSOLE = 14 - # solaris-cron - SOLARIS_CRON = 15 - # local0 - LOCAL0 = 16 - # local1 - LOCAL1 = 17 - # local2 - LOCAL2 = 18 - # local3 - LOCAL3 = 19 - # local4 - LOCAL4 = 20 - # local5 - LOCAL5 = 21 - - -class OutputResponseSeveritySyslog(int, Enum, metaclass=utils.OpenEnumMeta): - r"""Default value for message severity. Will be overwritten by value of __severity if set. Defaults to notice.""" - - # emergency - EMERGENCY = 0 - # alert - ALERT = 1 - # critical - CRITICAL = 2 - # error - ERROR = 3 - # warning - WARNING = 4 - # notice - NOTICE = 5 - # info - INFO = 6 - # debug - DEBUG = 7 - - -class OutputResponseMessageFormat(str, Enum, metaclass=utils.OpenEnumMeta): - r"""The syslog message format depending on the receiver's support""" - - # RFC3164 - RFC3164 = "rfc3164" - # RFC5424 - RFC5424 = "rfc5424" - - -class OutputResponseTimestampFormat(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Timestamp format to use when serializing event's time field""" - - # Syslog - SYSLOG = "syslog" - # ISO8601 - ISO8601 = "iso8601" - - -class OutputResponsePqControlsSyslogTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsSyslog(BaseModel): - pass - - -class OutputResponseOutputSyslogTypedDict(TypedDict): - type: OutputResponseTypeSyslog - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - protocol: NotRequired[OutputResponseProtocolSyslog] - r"""The network protocol to use for sending out syslog messages""" - facility: NotRequired[OutputResponseFacility] - r"""Default value for message facility. Will be overwritten by value of __facility if set. Defaults to user.""" - severity: NotRequired[OutputResponseSeveritySyslog] - r"""Default value for message severity. Will be overwritten by value of __severity if set. Defaults to notice.""" - app_name: NotRequired[str] - r"""Default name for device or application that originated the message. Defaults to Cribl, but will be overwritten by value of __appname if set.""" - message_format: NotRequired[OutputResponseMessageFormat] - r"""The syslog message format depending on the receiver's support""" - timestamp_format: NotRequired[OutputResponseTimestampFormat] - r"""Timestamp format to use when serializing event's time field""" - throttle_rate_per_sec: NotRequired[str] - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - octet_count_framing: NotRequired[bool] - r"""Prefix messages with the byte count of the message. If disabled, no prefix will be set, and the message will be appended with a \n.""" - log_failed_requests: NotRequired[bool] - r"""Use to troubleshoot issues with sending data""" - description: NotRequired[str] - load_balanced: NotRequired[bool] - r"""For optimal performance, enable load balancing even if you have one hostname, as it can expand to multiple IPs. If this setting is disabled, consider enabling round-robin DNS.""" - host: NotRequired[str] - r"""The hostname of the receiver""" - port: NotRequired[float] - r"""The port to connect to on the provided host""" - exclude_self: NotRequired[bool] - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - hosts: NotRequired[List[HostConfOutputSyslogTypedDict]] - r"""Set of hosts to load-balance data to""" - dns_resolve_period_sec: NotRequired[float] - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - load_balance_stats_period_sec: NotRequired[float] - r"""How far back in time to keep traffic stats for load balancing purposes""" - max_concurrent_senders: NotRequired[float] - r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" - connection_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - write_timeout: NotRequired[float] - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - max_record_size: NotRequired[float] - r"""Maximum size of syslog messages. Make sure this value is less than or equal to the MTU to avoid UDP packet fragmentation.""" - udp_dns_resolve_period_sec: NotRequired[float] - r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every message sent will incur a DNS lookup.""" - enable_ip_spoofing: NotRequired[bool] - r"""Send Syslog traffic using the original event's Source IP and port. To enable this, you must install the external `udp-sender` helper binary at `/usr/bin/udp-sender` on all Worker Nodes and grant it the `CAP_NET_RAW` capability.""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsSyslogTypedDict] - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_host: NotRequired[str] - r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" - template_port: NotRequired[str] - r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputSyslog(BaseModel): - type: OutputResponseTypeSyslog - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - protocol: Optional[OutputResponseProtocolSyslog] = None - r"""The network protocol to use for sending out syslog messages""" - - facility: Optional[OutputResponseFacility] = None - r"""Default value for message facility. Will be overwritten by value of __facility if set. Defaults to user.""" - - severity: Optional[OutputResponseSeveritySyslog] = None - r"""Default value for message severity. Will be overwritten by value of __severity if set. Defaults to notice.""" - - app_name: Annotated[Optional[str], pydantic.Field(alias="appName")] = None - r"""Default name for device or application that originated the message. Defaults to Cribl, but will be overwritten by value of __appname if set.""" - - message_format: Annotated[ - Optional[OutputResponseMessageFormat], pydantic.Field(alias="messageFormat") - ] = None - r"""The syslog message format depending on the receiver's support""" - - timestamp_format: Annotated[ - Optional[OutputResponseTimestampFormat], pydantic.Field(alias="timestampFormat") - ] = None - r"""Timestamp format to use when serializing event's time field""" - - throttle_rate_per_sec: Annotated[ - Optional[str], pydantic.Field(alias="throttleRatePerSec") - ] = None - r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" - - octet_count_framing: Annotated[ - Optional[bool], pydantic.Field(alias="octetCountFraming") - ] = None - r"""Prefix messages with the byte count of the message. If disabled, no prefix will be set, and the message will be appended with a \n.""" - - log_failed_requests: Annotated[ - Optional[bool], pydantic.Field(alias="logFailedRequests") - ] = None - r"""Use to troubleshoot issues with sending data""" - - description: Optional[str] = None - - load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( - None - ) - r"""For optimal performance, enable load balancing even if you have one hostname, as it can expand to multiple IPs. If this setting is disabled, consider enabling round-robin DNS.""" - - host: Optional[str] = None - r"""The hostname of the receiver""" - - port: Optional[float] = None - r"""The port to connect to on the provided host""" - - exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - - hosts: Optional[List[HostConfOutputSyslog]] = None - r"""Set of hosts to load-balance data to""" - - dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") - ] = None - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - - load_balance_stats_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") - ] = None - r"""How far back in time to keep traffic stats for load balancing purposes""" - - max_concurrent_senders: Annotated[ - Optional[float], pydantic.Field(alias="maxConcurrentSenders") - ] = None - r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" - - connection_timeout: Annotated[ - Optional[float], pydantic.Field(alias="connectionTimeout") - ] = None - r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" - - write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( - None - ) - r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - max_record_size: Annotated[ - Optional[float], pydantic.Field(alias="maxRecordSize") - ] = None - r"""Maximum size of syslog messages. Make sure this value is less than or equal to the MTU to avoid UDP packet fragmentation.""" - - udp_dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="udpDnsResolvePeriodSec") - ] = None - r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every message sent will incur a DNS lookup.""" - - enable_ip_spoofing: Annotated[ - Optional[bool], pydantic.Field(alias="enableIpSpoofing") - ] = None - r"""Send Syslog traffic using the original event's Source IP and port. To enable this, you must install the external `udp-sender` helper binary at `/usr/bin/udp-sender` on all Worker Nodes and grant it the `CAP_NET_RAW` capability.""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsSyslog], pydantic.Field(alias="pqControls") - ] = None - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_host: Annotated[Optional[str], pydantic.Field(alias="__template_host")] = ( - None - ) - r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" - - template_port: Annotated[Optional[str], pydantic.Field(alias="__template_port")] = ( - None - ) - r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("protocol") - def serialize_protocol(self, value): - if isinstance(value, str): - try: - return models.OutputResponseProtocolSyslog(value) - except ValueError: - return value - return value - - @field_serializer("facility") - def serialize_facility(self, value): - if isinstance(value, str): - try: - return models.OutputResponseFacility(value) - except ValueError: - return value - return value - - @field_serializer("severity") - def serialize_severity(self, value): - if isinstance(value, str): - try: - return models.OutputResponseSeveritySyslog(value) - except ValueError: - return value - return value - - @field_serializer("message_format") - def serialize_message_format(self, value): - if isinstance(value, str): - try: - return models.OutputResponseMessageFormat(value) - except ValueError: - return value - return value - - @field_serializer("timestamp_format") - def serialize_timestamp_format(self, value): - if isinstance(value, str): - try: - return models.OutputResponseTimestampFormat(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "protocol", - "facility", - "severity", - "appName", - "messageFormat", - "timestampFormat", - "throttleRatePerSec", - "octetCountFraming", - "logFailedRequests", - "description", - "loadBalanced", - "host", - "port", - "excludeSelf", - "hosts", - "dnsResolvePeriodSec", - "loadBalanceStatsPeriodSec", - "maxConcurrentSenders", - "connectionTimeout", - "writeTimeout", - "tls", - "onBackpressure", - "maxRecordSize", - "udpDnsResolvePeriodSec", - "enableIpSpoofing", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "__template_streamtags", - "__template_host", - "__template_port", - "__template_onBackpressure", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeDevnull(str, Enum): - DEVNULL = "devnull" - - -class OutputResponseOutputDevnullTypedDict(TypedDict): - type: OutputResponseTypeDevnull - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputDevnull(BaseModel): - type: OutputResponseTypeDevnull - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "__template_streamtags", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseTypeSentinel(str, Enum): - SENTINEL = "sentinel" - - -class OutputResponseAuthType(str, Enum, metaclass=utils.OpenEnumMeta): - OAUTH = "oauth" - - -class OutputResponseEndpointConfiguration(str, Enum, metaclass=utils.OpenEnumMeta): - r"""Enter the data collection endpoint URL or the individual ID""" - - # URL - URL = "url" - # ID - ID = "ID" - - -class OutputResponseFormatSentinel(str, Enum, metaclass=utils.OpenEnumMeta): - NDJSON = "ndjson" - JSON_ARRAY = "json_array" - CUSTOM = "custom" - ADVANCED = "advanced" - - -class OutputResponsePqControlsSentinelTypedDict(TypedDict): - pass - - -class OutputResponsePqControlsSentinel(BaseModel): - pass - - -class OutputResponseOutputSentinelTypedDict(TypedDict): - type: OutputResponseTypeSentinel - login_url: str - r"""URL for OAuth""" - secret: str - r"""Secret parameter value to pass in request body""" - client_id: str - r"""JavaScript expression to compute the Client ID for the Azure application. Can be a constant.""" - endpoint_url_configuration: OutputResponseEndpointConfiguration - r"""Enter the data collection endpoint URL or the individual ID""" - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - keep_alive: NotRequired[bool] - r"""Disable to close the connection immediately after sending the outgoing request""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size (KB) of the request body (defaults to the API's maximum limit of 1000 KB)""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[OutputResponseAuthType] - scope: NotRequired[str] - r"""Scope to pass in the OAuth request""" - total_memory_limit_kb: NotRequired[float] - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - description: NotRequired[str] - format_: NotRequired[OutputResponseFormatSentinel] - custom_source_expression: NotRequired[str] - r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" - custom_drop_when_null: NotRequired[bool] - r"""Whether to drop events when the source expression evaluates to null""" - custom_event_delimiter: NotRequired[str] - r"""Delimiter string to insert between individual events. Defaults to newline character.""" - custom_content_type: NotRequired[str] - r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" - custom_payload_expression: NotRequired[str] - r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" - advanced_content_type: NotRequired[str] - r"""HTTP content-type header value""" - format_event_code: NotRequired[str] - r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - format_payload_code: NotRequired[str] - r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponsePqControlsSentinelTypedDict] - url: NotRequired[str] - r"""URL to send events to. Can be overwritten by an event's __url field.""" - dcr_id: NotRequired[str] - r"""Immutable ID for the Data Collection Rule (DCR)""" - dce_endpoint: NotRequired[str] - r"""Data collection endpoint (DCE) URL. In the format: `https://-..ingest.monitor.azure.com`""" - stream_name: NotRequired[str] - r"""The name of the stream (Sentinel table) in which to store the events""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_login_url: NotRequired[str] - r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" - template_secret: NotRequired[str] - r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" - template_client_id: NotRequired[str] - r"""Binds 'client_id' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'client_id' at runtime.""" - template_scope: NotRequired[str] - r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - template_dcr_id: NotRequired[str] - r"""Binds 'dcrID' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dcrID' at runtime.""" - template_dce_endpoint: NotRequired[str] - r"""Binds 'dceEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dceEndpoint' at runtime.""" - template_stream_name: NotRequired[str] - r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputSentinel(BaseModel): - type: OutputResponseTypeSentinel - - login_url: Annotated[str, pydantic.Field(alias="loginUrl")] - r"""URL for OAuth""" - - secret: str - r"""Secret parameter value to pass in request body""" - - client_id: str - r"""JavaScript expression to compute the Client ID for the Azure application. Can be a constant.""" - - endpoint_url_configuration: Annotated[ - OutputResponseEndpointConfiguration, - pydantic.Field(alias="endpointURLConfiguration"), - ] - r"""Enter the data collection endpoint URL or the individual ID""" - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - keep_alive: Annotated[Optional[bool], pydantic.Field(alias="keepAlive")] = None - r"""Disable to close the connection immediately after sending the outgoing request""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size (KB) of the request body (defaults to the API's maximum limit of 1000 KB)""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[OutputResponseAuthType], pydantic.Field(alias="authType") - ] = None - - scope: Optional[str] = None - r"""Scope to pass in the OAuth request""" - - total_memory_limit_kb: Annotated[ - Optional[float], pydantic.Field(alias="totalMemoryLimitKB") - ] = None - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - - description: Optional[str] = None - - format_: Annotated[ - Optional[OutputResponseFormatSentinel], pydantic.Field(alias="format") - ] = None - - custom_source_expression: Annotated[ - Optional[str], pydantic.Field(alias="customSourceExpression") - ] = None - r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" - - custom_drop_when_null: Annotated[ - Optional[bool], pydantic.Field(alias="customDropWhenNull") - ] = None - r"""Whether to drop events when the source expression evaluates to null""" - - custom_event_delimiter: Annotated[ - Optional[str], pydantic.Field(alias="customEventDelimiter") - ] = None - r"""Delimiter string to insert between individual events. Defaults to newline character.""" - - custom_content_type: Annotated[ - Optional[str], pydantic.Field(alias="customContentType") - ] = None - r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" - - custom_payload_expression: Annotated[ - Optional[str], pydantic.Field(alias="customPayloadExpression") - ] = None - r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" - - advanced_content_type: Annotated[ - Optional[str], pydantic.Field(alias="advancedContentType") - ] = None - r"""HTTP content-type header value""" - - format_event_code: Annotated[ - Optional[str], pydantic.Field(alias="formatEventCode") - ] = None - r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - - format_payload_code: Annotated[ - Optional[str], pydantic.Field(alias="formatPayloadCode") - ] = None - r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponsePqControlsSentinel], pydantic.Field(alias="pqControls") - ] = None - - url: Optional[str] = None - r"""URL to send events to. Can be overwritten by an event's __url field.""" - - dcr_id: Annotated[Optional[str], pydantic.Field(alias="dcrID")] = None - r"""Immutable ID for the Data Collection Rule (DCR)""" - - dce_endpoint: Annotated[Optional[str], pydantic.Field(alias="dceEndpoint")] = None - r"""Data collection endpoint (DCE) URL. In the format: `https://-..ingest.monitor.azure.com`""" - - stream_name: Annotated[Optional[str], pydantic.Field(alias="streamName")] = None - r"""The name of the stream (Sentinel table) in which to store the events""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_login_url: Annotated[ - Optional[str], pydantic.Field(alias="__template_loginUrl") - ] = None - r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" - - template_secret: Annotated[ - Optional[str], pydantic.Field(alias="__template_secret") - ] = None - r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" - - template_client_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_client_id") - ] = None - r"""Binds 'client_id' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'client_id' at runtime.""" - - template_scope: Annotated[ - Optional[str], pydantic.Field(alias="__template_scope") - ] = None - r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - template_dcr_id: Annotated[ - Optional[str], pydantic.Field(alias="__template_dcrID") - ] = None - r"""Binds 'dcrID' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dcrID' at runtime.""" - - template_dce_endpoint: Annotated[ - Optional[str], pydantic.Field(alias="__template_dceEndpoint") - ] = None - r"""Binds 'dceEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dceEndpoint' at runtime.""" - - template_stream_name: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamName") - ] = None - r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.OutputResponseAuthType(value) - except ValueError: - return value - return value - - @field_serializer("endpoint_url_configuration") - def serialize_endpoint_url_configuration(self, value): - if isinstance(value, str): - try: - return models.OutputResponseEndpointConfiguration(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.OutputResponseFormatSentinel(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "keepAlive", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "authType", - "scope", - "totalMemoryLimitKB", - "description", - "format", - "customSourceExpression", - "customDropWhenNull", - "customEventDelimiter", - "customContentType", - "customPayloadExpression", - "advancedContentType", - "formatEventCode", - "formatPayloadCode", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "url", - "dcrID", - "dceEndpoint", - "streamName", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_loginUrl", - "__template_secret", - "__template_client_id", - "__template_scope", - "__template_url", - "__template_dcrID", - "__template_dceEndpoint", - "__template_streamName", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseOutputWebhookType2(str, Enum): - WEBHOOK = "webhook" - - -class OutputResponseOutputWebhookFormat2(str, Enum, metaclass=utils.OpenEnumMeta): - r"""How to format events before sending out""" - - # NDJSON (Newline Delimited JSON) - NDJSON = "ndjson" - # JSON Array - JSON_ARRAY = "json_array" - # Custom - CUSTOM = "custom" - # Advanced - ADVANCED = "advanced" - - -class OutputResponseOutputWebhookAuthenticationType2( - str, Enum, metaclass=utils.OpenEnumMeta -): - r"""Authentication method to use for the HTTP request""" - - # None - NONE = "none" - # Basic - BASIC = "basic" - # Basic (credentials secret) - CREDENTIALS_SECRET = "credentialsSecret" - # Token - TOKEN = "token" - # Token (text secret) - TEXT_SECRET = "textSecret" - # OAuth - OAUTH = "oauth" - - -class OutputResponseOutputWebhookPqControls2TypedDict(TypedDict): - pass - - -class OutputResponseOutputWebhookPqControls2(BaseModel): - pass - - -class OutputResponseOutputWebhookURL2TypedDict(TypedDict): - url: str - r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" - weight: NotRequired[float] - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - -class OutputResponseOutputWebhookURL2(BaseModel): - url: str - r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" - - weight: Optional[float] = None - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["weight", "__template_url"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseOutputWebhookWebhook2TypedDict(TypedDict): - type: OutputResponseOutputWebhookType2 - urls: List[OutputResponseOutputWebhookURL2TypedDict] - id: NotRequired[str] - r"""Unique ID for this output""" - pipeline: NotRequired[str] - r"""Pipeline to process data before sending out to this output""" - system_fields: NotRequired[List[str]] - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - environment: NotRequired[str] - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - streamtags: NotRequired[List[str]] - r"""Tags for filtering and grouping in @{product}""" - method: NotRequired[MethodOptions] - r"""The method to use when sending events""" - format_: NotRequired[OutputResponseOutputWebhookFormat2] - r"""How to format events before sending out""" - keep_alive: NotRequired[bool] - r"""Disable to close the connection immediately after sending the outgoing request""" - concurrency: NotRequired[float] - r"""Maximum number of ongoing requests before blocking""" - max_payload_size_kb: NotRequired[float] - r"""Maximum size, in KB, of the request body""" - max_payload_events: NotRequired[float] - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - compress: NotRequired[bool] - r"""Compress the payload body before sending""" - reject_unauthorized: NotRequired[bool] - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - timeout_sec: NotRequired[float] - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - flush_period_sec: NotRequired[float] - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] - r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" - use_round_robin_dns: NotRequired[bool] - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - safe_headers: NotRequired[List[str]] - r"""List of headers that are safe to log in plain text""" - response_retry_settings: NotRequired[ - List[ResponseRetrySettingConfOutputWebhookTypedDict] - ] - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] - response_honor_retry_after_header: NotRequired[bool] - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - on_backpressure: NotRequired[BackpressureBehaviorOptions] - r"""How to handle events when all receivers are exerting backpressure""" - auth_type: NotRequired[OutputResponseOutputWebhookAuthenticationType2] - r"""Authentication method to use for the HTTP request""" - tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict] - total_memory_limit_kb: NotRequired[float] - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - load_balanced: NotRequired[bool] - r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" - description: NotRequired[str] - custom_source_expression: NotRequired[str] - r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" - custom_drop_when_null: NotRequired[bool] - r"""Whether to drop events when the source expression evaluates to null""" - custom_event_delimiter: NotRequired[str] - r"""Delimiter string to insert between individual events. Defaults to newline character.""" - custom_content_type: NotRequired[str] - r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" - custom_payload_expression: NotRequired[str] - r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" - advanced_content_type: NotRequired[str] - r"""HTTP content-type header value""" - format_event_code: NotRequired[str] - r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - format_payload_code: NotRequired[str] - r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - pq_strict_ordering: NotRequired[bool] - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - pq_rate_per_sec: NotRequired[float] - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - pq_mode: NotRequired[ModeOptions] - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - pq_max_buffer_size: NotRequired[float] - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - pq_max_backpressure_sec: NotRequired[float] - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - pq_max_file_size: NotRequired[str] - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - pq_max_size: NotRequired[str] - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - pq_path: NotRequired[str] - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - pq_compress: NotRequired[CompressionOptionsPq] - r"""Codec to use to compress the persisted data""" - pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - pq_controls: NotRequired[OutputResponseOutputWebhookPqControls2TypedDict] - username: NotRequired[str] - password: NotRequired[str] - token: NotRequired[str] - r"""Bearer token to include in the authorization header""" - credentials_secret: NotRequired[str] - r"""Select or create a secret that references your credentials""" - text_secret: NotRequired[str] - r"""Select or create a stored text secret""" - login_url: NotRequired[str] - r"""URL for OAuth""" - secret_param_name: NotRequired[str] - r"""Secret parameter name to pass in request body""" - secret: NotRequired[str] - r"""Secret parameter value to pass in request body""" - token_attribute_name: NotRequired[str] - r"""Name of the auth token attribute in the OAuth response. Can be top-level (e.g., 'token'); or nested, using a period (e.g., 'data.token').""" - auth_header_expr: NotRequired[str] - r"""JavaScript expression to compute the Authorization header value to pass in requests. The value `${token}` is used to reference the token obtained from authentication, e.g.: `Bearer ${token}`.""" - token_timeout_secs: NotRequired[float] - r"""How often the OAuth token should be refreshed.""" - oauth_params: NotRequired[List[OauthParamConfInputServicenowTableTypedDict]] - r"""Additional parameters to send in the OAuth login request. @{product} will combine the secret with these parameters, and will send the URL-encoded result in a POST request to the endpoint specified in the 'Login URL'. We'll automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" - oauth_headers: NotRequired[List[OauthHeaderConfInputServicenowTableTypedDict]] - r"""Additional headers to send in the OAuth login request. @{product} will automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" - url: NotRequired[str] - r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" - exclude_self: NotRequired[bool] - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - dns_resolve_period_sec: NotRequired[float] - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - load_balance_stats_period_sec: NotRequired[float] - r"""How far back in time to keep traffic stats for load balancing purposes""" - template_streamtags: NotRequired[str] - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - template_failed_request_logging_mode: NotRequired[str] - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - template_on_backpressure: NotRequired[str] - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - template_login_url: NotRequired[str] - r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" - template_secret: NotRequired[str] - r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - notifications: NotRequired[List[NotificationUnionTypedDict]] - r"""Notifications attached to the Destination.""" - status: NotRequired[StatusTypeTypedDict] - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - -class OutputResponseOutputWebhookWebhook2(BaseModel): - type: OutputResponseOutputWebhookType2 - - urls: List[OutputResponseOutputWebhookURL2] - - id: Optional[str] = None - r"""Unique ID for this output""" - - pipeline: Optional[str] = None - r"""Pipeline to process data before sending out to this output""" - - system_fields: Annotated[ - Optional[List[str]], pydantic.Field(alias="systemFields") - ] = None - r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" - - environment: Optional[str] = None - r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" - - streamtags: Optional[List[str]] = None - r"""Tags for filtering and grouping in @{product}""" - - method: Optional[MethodOptions] = None - r"""The method to use when sending events""" - - format_: Annotated[ - Optional[OutputResponseOutputWebhookFormat2], pydantic.Field(alias="format") - ] = None - r"""How to format events before sending out""" - - keep_alive: Annotated[Optional[bool], pydantic.Field(alias="keepAlive")] = None - r"""Disable to close the connection immediately after sending the outgoing request""" - - concurrency: Optional[float] = None - r"""Maximum number of ongoing requests before blocking""" - - max_payload_size_kb: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadSizeKB") - ] = None - r"""Maximum size, in KB, of the request body""" - - max_payload_events: Annotated[ - Optional[float], pydantic.Field(alias="maxPayloadEvents") - ] = None - r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" - - compress: Optional[bool] = None - r"""Compress the payload body before sending""" - - reject_unauthorized: Annotated[ - Optional[bool], pydantic.Field(alias="rejectUnauthorized") - ] = None - r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). - Enabled by default. When this setting is also present in TLS Settings (Client Side), - that value will take precedence. - """ - - timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None - r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" - - flush_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="flushPeriodSec") - ] = None - r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" - - extra_http_headers: Annotated[ - Optional[List[ExtraHTTPHeaderConfInputElastic]], - pydantic.Field(alias="extraHttpHeaders"), - ] = None - r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" - - use_round_robin_dns: Annotated[ - Optional[bool], pydantic.Field(alias="useRoundRobinDns") - ] = None - r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" - - failed_request_logging_mode: Annotated[ - Optional[FailedRequestLoggingModeOptions], - pydantic.Field(alias="failedRequestLoggingMode"), - ] = None - r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" - - safe_headers: Annotated[ - Optional[List[str]], pydantic.Field(alias="safeHeaders") - ] = None - r"""List of headers that are safe to log in plain text""" - - response_retry_settings: Annotated[ - Optional[List[ResponseRetrySettingConfOutputWebhook]], - pydantic.Field(alias="responseRetrySettings"), - ] = None - r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" - - timeout_retry_settings: Annotated[ - Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") - ] = None - - response_honor_retry_after_header: Annotated[ - Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") - ] = None - r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" - - on_backpressure: Annotated[ - Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") - ] = None - r"""How to handle events when all receivers are exerting backpressure""" - - auth_type: Annotated[ - Optional[OutputResponseOutputWebhookAuthenticationType2], - pydantic.Field(alias="authType"), - ] = None - r"""Authentication method to use for the HTTP request""" - - tls: Optional[TLSSettingsClientSideTypeCaPathCertPathExtended] = None - - total_memory_limit_kb: Annotated[ - Optional[float], pydantic.Field(alias="totalMemoryLimitKB") - ] = None - r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" - - load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( - None - ) - r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" - - description: Optional[str] = None - - custom_source_expression: Annotated[ - Optional[str], pydantic.Field(alias="customSourceExpression") - ] = None - r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" - - custom_drop_when_null: Annotated[ - Optional[bool], pydantic.Field(alias="customDropWhenNull") - ] = None - r"""Whether to drop events when the source expression evaluates to null""" - - custom_event_delimiter: Annotated[ - Optional[str], pydantic.Field(alias="customEventDelimiter") - ] = None - r"""Delimiter string to insert between individual events. Defaults to newline character.""" - - custom_content_type: Annotated[ - Optional[str], pydantic.Field(alias="customContentType") - ] = None - r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" - - custom_payload_expression: Annotated[ - Optional[str], pydantic.Field(alias="customPayloadExpression") - ] = None - r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" - - advanced_content_type: Annotated[ - Optional[str], pydantic.Field(alias="advancedContentType") - ] = None - r"""HTTP content-type header value""" - - format_event_code: Annotated[ - Optional[str], pydantic.Field(alias="formatEventCode") - ] = None - r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - - format_payload_code: Annotated[ - Optional[str], pydantic.Field(alias="formatPayloadCode") - ] = None - r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" - - pq_strict_ordering: Annotated[ - Optional[bool], pydantic.Field(alias="pqStrictOrdering") - ] = None - r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" - - pq_rate_per_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqRatePerSec") - ] = None - r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" - - pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None - r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" - - pq_max_buffer_size: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBufferSize") - ] = None - r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" - - pq_max_backpressure_sec: Annotated[ - Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") - ] = None - r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" - - pq_max_file_size: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxFileSize") - ] = None - r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" - - pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None - r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" - - pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None - r"""The location for the persistent queue files. To this field's value, the system will append: //.""" - - pq_compress: Annotated[ - Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") - ] = None - r"""Codec to use to compress the persisted data""" - - pq_on_backpressure: Annotated[ - Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") - ] = None - r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" - - pq_max_buffer_size_bytes: Annotated[ - Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") - ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" - - pq_controls: Annotated[ - Optional[OutputResponseOutputWebhookPqControls2], - pydantic.Field(alias="pqControls"), - ] = None - - username: Optional[str] = None - - password: Optional[str] = None - - token: Optional[str] = None - r"""Bearer token to include in the authorization header""" - - credentials_secret: Annotated[ - Optional[str], pydantic.Field(alias="credentialsSecret") - ] = None - r"""Select or create a secret that references your credentials""" - - text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None - r"""Select or create a stored text secret""" - - login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None - r"""URL for OAuth""" - - secret_param_name: Annotated[ - Optional[str], pydantic.Field(alias="secretParamName") - ] = None - r"""Secret parameter name to pass in request body""" - - secret: Optional[str] = None - r"""Secret parameter value to pass in request body""" - - token_attribute_name: Annotated[ - Optional[str], pydantic.Field(alias="tokenAttributeName") - ] = None - r"""Name of the auth token attribute in the OAuth response. Can be top-level (e.g., 'token'); or nested, using a period (e.g., 'data.token').""" - - auth_header_expr: Annotated[ - Optional[str], pydantic.Field(alias="authHeaderExpr") - ] = None - r"""JavaScript expression to compute the Authorization header value to pass in requests. The value `${token}` is used to reference the token obtained from authentication, e.g.: `Bearer ${token}`.""" - - token_timeout_secs: Annotated[ - Optional[float], pydantic.Field(alias="tokenTimeoutSecs") - ] = None - r"""How often the OAuth token should be refreshed.""" - - oauth_params: Annotated[ - Optional[List[OauthParamConfInputServicenowTable]], - pydantic.Field(alias="oauthParams"), - ] = None - r"""Additional parameters to send in the OAuth login request. @{product} will combine the secret with these parameters, and will send the URL-encoded result in a POST request to the endpoint specified in the 'Login URL'. We'll automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" - - oauth_headers: Annotated[ - Optional[List[OauthHeaderConfInputServicenowTable]], - pydantic.Field(alias="oauthHeaders"), - ] = None - r"""Additional headers to send in the OAuth login request. @{product} will automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" - - url: Optional[str] = None - r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" - - exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None - r"""Exclude all IPs of the current host from the list of any resolved hostnames""" - - dns_resolve_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") - ] = None - r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" - - load_balance_stats_period_sec: Annotated[ - Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") - ] = None - r"""How far back in time to keep traffic stats for load balancing purposes""" - - template_streamtags: Annotated[ - Optional[str], pydantic.Field(alias="__template_streamtags") - ] = None - r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" - - template_failed_request_logging_mode: Annotated[ - Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") - ] = None - r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" - - template_on_backpressure: Annotated[ - Optional[str], pydantic.Field(alias="__template_onBackpressure") - ] = None - r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" - - template_login_url: Annotated[ - Optional[str], pydantic.Field(alias="__template_loginUrl") - ] = None - r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" - - template_secret: Annotated[ - Optional[str], pydantic.Field(alias="__template_secret") - ] = None - r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - notifications: Optional[List[NotificationUnion]] = None - r"""Notifications attached to the Destination.""" - - status: Optional[StatusType] = None - r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" - - @field_serializer("method") - def serialize_method(self, value): - if isinstance(value, str): - try: - return models.MethodOptions(value) - except ValueError: - return value - return value - - @field_serializer("format_") - def serialize_format_(self, value): - if isinstance(value, str): - try: - return models.OutputResponseOutputWebhookFormat2(value) - except ValueError: - return value - return value - - @field_serializer("failed_request_logging_mode") - def serialize_failed_request_logging_mode(self, value): - if isinstance(value, str): - try: - return models.FailedRequestLoggingModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("on_backpressure") - def serialize_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.BackpressureBehaviorOptions(value) - except ValueError: - return value - return value - - @field_serializer("auth_type") - def serialize_auth_type(self, value): - if isinstance(value, str): - try: - return models.OutputResponseOutputWebhookAuthenticationType2(value) - except ValueError: - return value - return value - - @field_serializer("pq_mode") - def serialize_pq_mode(self, value): - if isinstance(value, str): - try: - return models.ModeOptions(value) - except ValueError: - return value - return value - - @field_serializer("pq_compress") - def serialize_pq_compress(self, value): - if isinstance(value, str): - try: - return models.CompressionOptionsPq(value) - except ValueError: - return value - return value - - @field_serializer("pq_on_backpressure") - def serialize_pq_on_backpressure(self, value): - if isinstance(value, str): - try: - return models.QueueFullBehaviorOptions(value) - except ValueError: - return value - return value - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set( - [ - "id", - "pipeline", - "systemFields", - "environment", - "streamtags", - "method", - "format", - "keepAlive", - "concurrency", - "maxPayloadSizeKB", - "maxPayloadEvents", - "compress", - "rejectUnauthorized", - "timeoutSec", - "flushPeriodSec", - "extraHttpHeaders", - "useRoundRobinDns", - "failedRequestLoggingMode", - "safeHeaders", - "responseRetrySettings", - "timeoutRetrySettings", - "responseHonorRetryAfterHeader", - "onBackpressure", - "authType", - "tls", - "totalMemoryLimitKB", - "loadBalanced", - "description", - "customSourceExpression", - "customDropWhenNull", - "customEventDelimiter", - "customContentType", - "customPayloadExpression", - "advancedContentType", - "formatEventCode", - "formatPayloadCode", - "pqStrictOrdering", - "pqRatePerSec", - "pqMode", - "pqMaxBufferSize", - "pqMaxBackpressureSec", - "pqMaxFileSize", - "pqMaxSize", - "pqPath", - "pqCompress", - "pqOnBackpressure", - "pqMaxBufferSizeBytes", - "pqControls", - "username", - "password", - "token", - "credentialsSecret", - "textSecret", - "loginUrl", - "secretParamName", - "secret", - "tokenAttributeName", - "authHeaderExpr", - "tokenTimeoutSecs", - "oauthParams", - "oauthHeaders", - "url", - "excludeSelf", - "dnsResolvePeriodSec", - "loadBalanceStatsPeriodSec", - "__template_streamtags", - "__template_failedRequestLoggingMode", - "__template_onBackpressure", - "__template_loginUrl", - "__template_secret", - "__template_url", - "notifications", - "status", - ] - ) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m - - -class OutputResponseOutputWebhookType1(str, Enum): - WEBHOOK = "webhook" - - -class OutputResponseOutputWebhookFormat1(str, Enum, metaclass=utils.OpenEnumMeta): - r"""How to format events before sending out""" - - # NDJSON (Newline Delimited JSON) - NDJSON = "ndjson" - # JSON Array - JSON_ARRAY = "json_array" - # Custom - CUSTOM = "custom" - # Advanced - ADVANCED = "advanced" - - -class OutputResponseOutputWebhookAuthenticationType1( - str, Enum, metaclass=utils.OpenEnumMeta -): - r"""Authentication method to use for the HTTP request""" - - # None - NONE = "none" - # Basic - BASIC = "basic" - # Basic (credentials secret) - CREDENTIALS_SECRET = "credentialsSecret" - # Token - TOKEN = "token" - # Token (text secret) - TEXT_SECRET = "textSecret" - # OAuth - OAUTH = "oauth" - - -class OutputResponseOutputWebhookPqControls1TypedDict(TypedDict): - pass - - -class OutputResponseOutputWebhookPqControls1(BaseModel): - pass - - -class OutputResponseOutputWebhookURL1TypedDict(TypedDict): - url: str - r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" - weight: NotRequired[float] - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - template_url: NotRequired[str] - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - -class OutputResponseOutputWebhookURL1(BaseModel): - url: str - r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" - - weight: Optional[float] = None - r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" - - template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( - None - ) - r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" - - @model_serializer(mode="wrap") - def serialize_model(self, handler): - optional_fields = set(["weight", "__template_url"]) - serialized = handler(self) - m = {} - - for n, f in type(self).model_fields.items(): - k = f.alias or n - val = serialized.get(k, serialized.get(n)) - - if val != UNSET_SENTINEL: - if val is not None or k not in optional_fields: - m[k] = val - - return m + OutputResponseOutputCloudianS3TypedDict, + OutputResponseOutputCriblHTTP, + OutputResponseOutputCriblHTTPTypedDict, + OutputResponseOutputCriblLake, + OutputResponseOutputCriblLakeTypedDict, + OutputResponseOutputCriblSearchEngine, + OutputResponseOutputCriblSearchEngineTypedDict, + OutputResponseOutputCriblTCP, + OutputResponseOutputCriblTCPTypedDict, + OutputResponseOutputCrowdstrikeNextGenSiem, + OutputResponseOutputCrowdstrikeNextGenSiemTypedDict, + OutputResponseOutputDatabricks, + OutputResponseOutputDatabricksTypedDict, + OutputResponseOutputDatadog, + OutputResponseOutputDatadogTypedDict, + OutputResponseOutputDataset, + OutputResponseOutputDatasetTypedDict, + OutputResponseOutputDellS3, + OutputResponseOutputDellS3TypedDict, + OutputResponseOutputDiskSpool, + OutputResponseOutputDiskSpoolTypedDict, + OutputResponseOutputDlS3, + OutputResponseOutputDlS3TypedDict, + OutputResponseOutputDynatraceHTTP, + OutputResponseOutputDynatraceHTTPTypedDict, + OutputResponseOutputDynatraceOtlp, + OutputResponseOutputDynatraceOtlpTypedDict, + OutputResponseOutputGrafanaCloudUnion, + OutputResponseOutputGrafanaCloudUnionTypedDict, + OutputResponseOutputGraphite, + OutputResponseOutputGraphiteTypedDict, + OutputResponseOutputHumioHec, + OutputResponseOutputHumioHecTypedDict, + OutputResponseOutputLocalSearchStorage, + OutputResponseOutputLocalSearchStorageTypedDict, + OutputResponseOutputLoki, + OutputResponseOutputLokiTypedDict, + OutputResponseOutputMicrosoftFabric, + OutputResponseOutputMicrosoftFabricTypedDict, + OutputResponseOutputNetflow, + OutputResponseOutputNetflowTypedDict, + OutputResponseOutputNutanixObjects, + OutputResponseOutputNutanixObjectsTypedDict, + OutputResponseOutputOpenTelemetry, + OutputResponseOutputOpenTelemetryTypedDict, + OutputResponseOutputPrometheus, + OutputResponseOutputPrometheusTypedDict, + OutputResponseOutputRing, + OutputResponseOutputRingTypedDict, + OutputResponseOutputRouter, + OutputResponseOutputRouterTypedDict, + OutputResponseOutputScalityS3, + OutputResponseOutputScalityS3TypedDict, + OutputResponseOutputSecurityLake, + OutputResponseOutputSecurityLakeTypedDict, + OutputResponseOutputSentinelOneAiSiem, + OutputResponseOutputSentinelOneAiSiemTypedDict, + OutputResponseOutputServiceNow, + OutputResponseOutputServiceNowTypedDict, + OutputResponseOutputSnmp, + OutputResponseOutputSnmpTypedDict, + OutputResponseOutputSns, + OutputResponseOutputSnsTypedDict, + OutputResponseOutputSqs, + OutputResponseOutputSqsTypedDict, + OutputResponseOutputStatsdExt, + OutputResponseOutputStatsdExtTypedDict, + OutputResponseOutputStorjS3, + OutputResponseOutputStorjS3TypedDict, + OutputResponseOutputSumoLogic, + OutputResponseOutputSumoLogicTypedDict, + OutputResponseOutputXsiam, + OutputResponseOutputXsiamTypedDict, +) +from .queuefullbehavioroptions import QueueFullBehaviorOptions +from .responseretrysettingconfoutputwebhook import ( + ResponseRetrySettingConfOutputWebhook, + ResponseRetrySettingConfOutputWebhookTypedDict, +) +from .statustype import StatusType, StatusTypeTypedDict +from .timeoutretrysettingstype import ( + TimeoutRetrySettingsType, + TimeoutRetrySettingsTypeTypedDict, +) +from .tlssettingsclientsidetypecapathcertpathextended import ( + TLSSettingsClientSideTypeCaPathCertPathExtended, + TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict, +) +from cribl_control_plane import models +from cribl_control_plane.types import BaseModel, Nullable, UNSET_SENTINEL +from cribl_control_plane.utils.unions import parse_open_union +from enum import Enum +from functools import partial +import pydantic +from pydantic import ConfigDict, field_serializer, model_serializer +from pydantic.functional_validators import BeforeValidator +from typing import Any, List, Literal, Optional, Union +from typing_extensions import Annotated, NotRequired, TypeAliasType, TypedDict class OutputResponseOutputWebhookWebhook1TypedDict(TypedDict): @@ -18385,7 +311,7 @@ class OutputResponseOutputWebhookWebhook1TypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponseOutputWebhookPqControls1TypedDict] username: NotRequired[str] password: NotRequired[str] @@ -18651,7 +577,7 @@ class OutputResponseOutputWebhookWebhook1(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponseOutputWebhookPqControls1], @@ -19049,40 +975,41 @@ def serialize_model(self, handler): OutputResponseOutputNetflowTypedDict, OutputResponseOutputDiskSpoolTypedDict, OutputResponseOutputRingTypedDict, + OutputResponseOutputStatsdTypedDict, OutputResponseOutputGraphiteTypedDict, OutputResponseOutputStatsdExtTypedDict, - OutputResponseOutputStatsdTypedDict, OutputResponseOutputGooglePubsubTypedDict, - OutputResponseOutputCriblTCPTypedDict, - OutputResponseOutputHoneycombTypedDict, + OutputResponseOutputGoogleCloudObservabilityTypedDict, OutputResponseOutputWavefrontTypedDict, OutputResponseOutputSignalfxTypedDict, + OutputResponseOutputHoneycombTypedDict, + OutputResponseOutputCriblTCPTypedDict, OutputResponseOutputAzureEventhubTypedDict, OutputResponseOutputMicrosoftFabricTypedDict, + OutputResponseOutputExabeamTypedDict, OutputResponseOutputSumoLogicTypedDict, OutputResponseOutputCrowdstrikeNextGenSiemTypedDict, OutputResponseOutputHumioHecTypedDict, OutputResponseOutputTcpjsonTypedDict, OutputResponseOutputSplunkTypedDict, - OutputResponseOutputExabeamTypedDict, OutputResponseOutputSnsTypedDict, OutputResponseOutputElasticCloudTypedDict, - OutputResponseOutputKafkaTypedDict, OutputResponseOutputAzureLogsTypedDict, - OutputResponseOutputConfluentCloudTypedDict, + OutputResponseOutputKafkaTypedDict, + OutputResponseOutputSyslogTypedDict, OutputResponseOutputSplunkLbTypedDict, OutputResponseOutputCloudwatchTypedDict, - OutputResponseOutputSyslogTypedDict, - OutputResponseOutputPrometheusTypedDict, + OutputResponseOutputConfluentCloudTypedDict, OutputResponseOutputNewrelicEventsTypedDict, + OutputResponseOutputPrometheusTypedDict, OutputResponseOutputNewrelicTypedDict, OutputResponseOutputLokiTypedDict, - OutputResponseOutputCriblHTTPTypedDict, + OutputResponseOutputCriblSearchEngineTypedDict, OutputResponseOutputDatasetTypedDict, OutputResponseOutputWizHecTypedDict, - OutputResponseOutputCriblSearchEngineTypedDict, - OutputResponseOutputXsiamTypedDict, + OutputResponseOutputCriblHTTPTypedDict, OutputResponseOutputKinesisTypedDict, + OutputResponseOutputXsiamTypedDict, OutputResponseOutputDynatraceHTTPTypedDict, OutputResponseOutputSplunkHecTypedDict, OutputResponseOutputDynatraceOtlpTypedDict, @@ -19094,19 +1021,19 @@ def serialize_model(self, handler): OutputResponseOutputSentinelOneAiSiemTypedDict, OutputResponseOutputElasticTypedDict, OutputResponseOutputGoogleChronicleTypedDict, - OutputResponseOutputClickHouseTypedDict, OutputResponseOutputChronicleTypedDict, + OutputResponseOutputClickHouseTypedDict, OutputResponseOutputLocalSearchStorageTypedDict, OutputResponseOutputDatabricksTypedDict, OutputResponseOutputAlphasocS3TypedDict, - OutputResponseOutputMskTypedDict, OutputResponseOutputCriblLakeTypedDict, + OutputResponseOutputMskTypedDict, OutputResponseOutputStorjS3TypedDict, OutputResponseOutputOpenTelemetryTypedDict, + OutputResponseOutputNutanixObjectsTypedDict, + OutputResponseOutputSentinelTypedDict, OutputResponseOutputAlibabaCloudS3TypedDict, OutputResponseOutputScalityS3TypedDict, - OutputResponseOutputSentinelTypedDict, - OutputResponseOutputNutanixObjectsTypedDict, OutputResponseOutputDellS3TypedDict, OutputResponseOutputCloudflareR2TypedDict, OutputResponseOutputGoogleCloudStorageTypedDict, @@ -19159,6 +1086,7 @@ class UnknownOutputResponse(BaseModel): "google_chronicle": OutputResponseOutputGoogleChronicle, "google_cloud_storage": OutputResponseOutputGoogleCloudStorage, "google_cloud_logging": OutputResponseOutputGoogleCloudLogging, + "google_cloud_observability": OutputResponseOutputGoogleCloudObservability, "google_pubsub": OutputResponseOutputGooglePubsub, "exabeam": OutputResponseOutputExabeam, "kafka": OutputResponseOutputKafka, @@ -19242,6 +1170,7 @@ class UnknownOutputResponse(BaseModel): OutputResponseOutputGoogleChronicle, OutputResponseOutputGoogleCloudStorage, OutputResponseOutputGoogleCloudLogging, + OutputResponseOutputGoogleCloudObservability, OutputResponseOutputGooglePubsub, OutputResponseOutputExabeam, OutputResponseOutputKafka, @@ -19312,178 +1241,6 @@ class UnknownOutputResponse(BaseModel): r"""Destination configuration with optional Notifications and runtime status.""" -try: - OutputResponseOutputStatsd.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputMinio.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputCloudwatch.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputInfluxdb.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputNewrelicEvents.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputNewrelic.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputElasticCloud.model_rebuild() -except NameError: - pass -try: - OutputResponseURLElastic.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputElastic.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputMsk.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputConfluentCloud.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputKafka.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputExabeam.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputGooglePubsub.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputGoogleCloudLogging.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputGoogleCloudStorage.model_rebuild() -except NameError: - pass -try: - OutputResponseExtraLogType.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputGoogleChronicle.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputAzureEventhub.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputHoneycomb.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputKinesis.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputAzureLogs.model_rebuild() -except NameError: - pass -try: - OutputResponseCertificate.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputAzureDataExplorer.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputAzureBlob.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputS3.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputFilesystem.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputSignalfx.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputWavefront.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputTcpjson.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputWizHec.model_rebuild() -except NameError: - pass -try: - OutputResponseURLSplunkHec.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputSplunkHec.model_rebuild() -except NameError: - pass -try: - OutputResponseAuthToken.model_rebuild() -except NameError: - pass -try: - OutputResponseIndexerDiscoveryConfigs.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputSplunkLb.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputSplunk.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputSyslog.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputDevnull.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputSentinel.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputWebhookURL2.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputWebhookWebhook2.model_rebuild() -except NameError: - pass -try: - OutputResponseOutputWebhookURL1.model_rebuild() -except NameError: - pass try: OutputResponseOutputWebhookWebhook1.model_rebuild() except NameError: diff --git a/src/cribl_control_plane/models/outputresponse_outputwebhook_url_1.py b/src/cribl_control_plane/models/outputresponse_outputwebhook_url_1.py new file mode 100644 index 000000000..02f05e6cb --- /dev/null +++ b/src/cribl_control_plane/models/outputresponse_outputwebhook_url_1.py @@ -0,0 +1,18815 @@ +"""Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" + +from __future__ import annotations +from .acknowledgmentsoptions import AcknowledgmentsOptions +from .acknowledgmentsoptionsallleader import AcknowledgmentsOptionsAllLeader +from .authenticationmethodoptions import AuthenticationMethodOptions +from .authenticationmethodoptionsapi import AuthenticationMethodOptionsAPI +from .authenticationmethodoptionsauthtokensitems import ( + AuthenticationMethodOptionsAuthTokensItems, +) +from .authenticationmethodoptionss3collectorconf import ( + AuthenticationMethodOptionsS3CollectorConf, +) +from .authenticationtype import AuthenticationType, AuthenticationTypeTypedDict +from .authenticationtypeuse import AuthenticationTypeUse, AuthenticationTypeUseTypedDict +from .authtypetemplatemanualapikeyauthtype import ( + AuthTypeTemplatemanualAPIKeyAuthType, + AuthTypeTemplatemanualAPIKeyAuthTypeTypedDict, +) +from .backpressurebehavioroptions import BackpressureBehaviorOptions +from .backpressurebehavioroptionsblockdrop import BackpressureBehaviorOptionsBlockDrop +from .certificatetypeazureblobauthtypeclientcert import ( + CertificateTypeAzureBlobAuthTypeClientCert, + CertificateTypeAzureBlobAuthTypeClientCertTypedDict, +) +from .compressionleveloptions import CompressionLevelOptions +from .compressionoptions import CompressionOptions +from .compressionoptionsgziplz4 import CompressionOptionsGzipLz4 +from .compressionoptionsgzipnone import CompressionOptionsGzipNone +from .compressionoptionshttp import CompressionOptionsHTTP +from .compressionoptionspq import CompressionOptionsPq +from .dataformatoptions import DataFormatOptions +from .datapageversionoptions import DataPageVersionOptions +from .destinationprotocoloptions import DestinationProtocolOptions +from .diskspaceprotectionoptions import DiskSpaceProtectionOptions +from .extrahttpheaderconfinputelastic import ( + ExtraHTTPHeaderConfInputElastic, + ExtraHTTPHeaderConfInputElasticTypedDict, +) +from .failedrequestloggingmodeoptions import FailedRequestLoggingModeOptions +from .googleauthenticationmethodoptions import GoogleAuthenticationMethodOptions +from .hostconfoutputsyslog import HostConfOutputSyslog, HostConfOutputSyslogTypedDict +from .kafkaschemaregistryauthenticationtypetemplateschemaregistryurlauth import ( + KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth, + KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict, +) +from .keyvaluemetadataconfoutputfilesystem import ( + KeyValueMetadataConfOutputFilesystem, + KeyValueMetadataConfOutputFilesystemTypedDict, +) +from .loglabelconfoutputgooglecloudlogging import ( + LogLabelConfOutputGoogleCloudLogging, + LogLabelConfOutputGoogleCloudLoggingTypedDict, +) +from .maxs2sversionoptions import MaxS2SVersionOptions +from .methodoptions import MethodOptions +from .microsoftentraidauthenticationendpointoptionssasl import ( + MicrosoftEntraIDAuthenticationEndpointOptionsSasl, +) +from .modeoptions import ModeOptions +from .nestedfieldserializationoptions import NestedFieldSerializationOptions +from .notification_union import NotificationUnion, NotificationUnionTypedDict +from .oauthheaderconfinputservicenowtable import ( + OauthHeaderConfInputServicenowTable, + OauthHeaderConfInputServicenowTableTypedDict, +) +from .oauthparamconfinputservicenowtable import ( + OauthParamConfInputServicenowTable, + OauthParamConfInputServicenowTableTypedDict, +) +from .objectacloptions import ObjectACLOptions +from .objectacloptionsauthenticatedreadbucketownerfullcontrol import ( + ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol, +) +from .orphanfilerecoverytype import ( + OrphanFileRecoveryType, + OrphanFileRecoveryTypeTypedDict, +) +from .outputresponse_type_statsd import OutputResponseTypeStatsd +from .parquetversionoptions import ParquetVersionOptions +from .queuefullbehavioroptions import QueueFullBehaviorOptions +from .recorddataformatoptions import RecordDataFormatOptions +from .recorddataformatoptionsjsonprotobuf import RecordDataFormatOptionsJSONProtobuf +from .regionoptions import RegionOptions +from .responseretrysettingconfoutputwebhook import ( + ResponseRetrySettingConfOutputWebhook, + ResponseRetrySettingConfOutputWebhookTypedDict, +) +from .retrysettingstype import RetrySettingsType, RetrySettingsTypeTypedDict +from .saslextensionconfinputkafka import ( + SaslExtensionConfInputKafka, + SaslExtensionConfInputKafkaTypedDict, +) +from .serversideencryptionforuploadedobjectsoptions import ( + ServerSideEncryptionForUploadedObjectsOptions, +) +from .serversideencryptionforuploadedobjectsoptionsaes256 import ( + ServerSideEncryptionForUploadedObjectsOptionsAes256, +) +from .statustype import StatusType, StatusTypeTypedDict +from .storageclassoptions import StorageClassOptions +from .storageclassoptionsarchivecoldline import StorageClassOptionsArchiveColdline +from .storageclassoptionsreducedredundancystandard import ( + StorageClassOptionsReducedredundancyStandard, +) +from .timeoutretrysettingstype import ( + TimeoutRetrySettingsType, + TimeoutRetrySettingsTypeTypedDict, +) +from .tlssettingsclientsidetype import ( + TLSSettingsClientSideType, + TLSSettingsClientSideTypeTypedDict, +) +from .tlssettingsclientsidetypecapathcertpath import ( + TLSSettingsClientSideTypeCaPathCertPath, + TLSSettingsClientSideTypeCaPathCertPathTypedDict, +) +from .tlssettingsclientsidetypecapathcertpathextended import ( + TLSSettingsClientSideTypeCaPathCertPathExtended, + TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict, +) +from .tlssettingsclientsidetypeextended import ( + TLSSettingsClientSideTypeExtended, + TLSSettingsClientSideTypeExtendedTypedDict, +) +from cribl_control_plane import models, utils +from cribl_control_plane.types import BaseModel, UNSET_SENTINEL +from enum import Enum +import pydantic +from pydantic import field_serializer, model_serializer +from typing import List, Optional +from typing_extensions import Annotated, NotRequired, TypedDict + + +class OutputResponsePqControlsStatsdTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsStatsd(BaseModel): + pass + + +class OutputResponseOutputStatsdTypedDict(TypedDict): + type: OutputResponseTypeStatsd + protocol: DestinationProtocolOptions + r"""Protocol to use when communicating with the destination.""" + host: str + r"""The hostname of the destination.""" + port: float + r"""Destination port.""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + mtu: NotRequired[float] + r"""When protocol is UDP, specifies the maximum size of packets sent to the destination. Also known as the MTU for the network path to the destination system.""" + flush_period_sec: NotRequired[float] + r"""When protocol is TCP, specifies how often buffers should be flushed, resulting in records sent to the destination.""" + dns_resolve_period_sec: NotRequired[float] + r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every batch sent will incur a DNS lookup.""" + description: NotRequired[str] + throttle_rate_per_sec: NotRequired[str] + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + connection_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + write_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsStatsdTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputStatsd(BaseModel): + type: OutputResponseTypeStatsd + + protocol: DestinationProtocolOptions + r"""Protocol to use when communicating with the destination.""" + + host: str + r"""The hostname of the destination.""" + + port: float + r"""Destination port.""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + mtu: Optional[float] = None + r"""When protocol is UDP, specifies the maximum size of packets sent to the destination. Also known as the MTU for the network path to the destination system.""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""When protocol is TCP, specifies how often buffers should be flushed, resulting in records sent to the destination.""" + + dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") + ] = None + r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every batch sent will incur a DNS lookup.""" + + description: Optional[str] = None + + throttle_rate_per_sec: Annotated[ + Optional[str], pydantic.Field(alias="throttleRatePerSec") + ] = None + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + + write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( + None + ) + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsStatsd], pydantic.Field(alias="pqControls") + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("protocol") + def serialize_protocol(self, value): + if isinstance(value, str): + try: + return models.DestinationProtocolOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "mtu", + "flushPeriodSec", + "dnsResolvePeriodSec", + "description", + "throttleRatePerSec", + "connectionTimeout", + "writeTimeout", + "onBackpressure", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_onBackpressure", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeMinio(str, Enum): + MINIO = "minio" + + +class OutputResponseOutputMinioTypedDict(TypedDict): + type: OutputResponseTypeMinio + bucket: str + r"""Name of the destination MinIO bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + stage_path: str + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + endpoint: str + r"""MinIO service url (e.g. http://minioHost:9000)""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] + r"""AWS authentication method. Choose Auto to use IAM roles.""" + reuse_connections: NotRequired[bool] + r"""Reuse connections between requests, which can improve performance""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + region: NotRequired[str] + r"""Region where the MinIO bucket is located""" + dest_path: NotRequired[str] + r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" + max_concurrent_file_parts: NotRequired[float] + r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" + verify_permissions: NotRequired[bool] + r"""Disable if you can access files within the bucket but not the bucket itself""" + max_closing_files_to_backpressure: NotRequired[float] + r"""Maximum number of files that can be waiting for upload before backpressure is applied""" + add_id_to_stage_path: NotRequired[bool] + r"""Add the Output ID value to staging location""" + remove_empty_dirs: NotRequired[bool] + r"""Remove empty staging directories after moving files""" + partition_expr: NotRequired[str] + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + format_: NotRequired[DataFormatOptions] + r"""Format of the output data""" + base_file_name: NotRequired[str] + r"""JavaScript expression to define the output filename prefix (can be constant)""" + file_name_suffix: NotRequired[str] + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + max_file_size_mb: NotRequired[float] + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + max_file_open_time_sec: NotRequired[float] + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + max_file_idle_time_sec: NotRequired[float] + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + max_open_files: NotRequired[float] + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + header_line: NotRequired[str] + r"""If set, this line will be written to the beginning of each output file""" + write_high_water_mark: NotRequired[float] + r"""Buffer size used to write to a file""" + on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] + r"""How to handle events when all receivers are exerting backpressure""" + deadletter_enabled: NotRequired[bool] + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + force_close_on_shutdown: NotRequired[bool] + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + retry_settings: NotRequired[RetrySettingsTypeTypedDict] + orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] + aws_secret_key: NotRequired[str] + r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" + object_acl: NotRequired[ObjectACLOptions] + r"""Object ACL to assign to uploaded objects""" + storage_class: NotRequired[StorageClassOptionsReducedredundancyStandard] + r"""Storage class to select for uploaded objects""" + server_side_encryption: NotRequired[ + ServerSideEncryptionForUploadedObjectsOptionsAes256 + ] + r"""Server-side encryption to use for uploaded objects""" + description: NotRequired[str] + aws_api_key: NotRequired[str] + r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" + aws_secret: NotRequired[str] + r"""Select or create a stored secret that references your access key and secret key""" + compress: NotRequired[CompressionOptionsHTTP] + r"""Data compression format to apply to HTTP content before it is delivered""" + compression_level: NotRequired[CompressionLevelOptions] + r"""Compression level to apply before moving files to final destination""" + automatic_schema: NotRequired[bool] + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + parquet_schema: NotRequired[str] + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + parquet_version: NotRequired[ParquetVersionOptions] + r"""Determines which data types are supported and how they are represented""" + parquet_data_page_version: NotRequired[DataPageVersionOptions] + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + parquet_row_group_length: NotRequired[float] + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + parquet_page_size: NotRequired[str] + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + should_log_invalid_rows: NotRequired[bool] + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + enable_statistics: NotRequired[bool] + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + enable_write_page_index: NotRequired[bool] + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + enable_page_checksum: NotRequired[bool] + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + empty_dir_cleanup_sec: NotRequired[float] + r"""How frequently, in seconds, to clean up empty directories""" + directory_batch_size: NotRequired[float] + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + deadletter_path: NotRequired[str] + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + max_retry_num: NotRequired[float] + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_bucket: NotRequired[str] + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_dest_path: NotRequired[str] + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + template_partition_expr: NotRequired[str] + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_base_file_name: NotRequired[str] + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + template_file_name_suffix: NotRequired[str] + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_aws_secret_key: NotRequired[str] + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + template_object_acl: NotRequired[str] + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + template_storage_class: NotRequired[str] + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + template_server_side_encryption: NotRequired[str] + r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" + template_aws_api_key: NotRequired[str] + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + template_parquet_schema: NotRequired[str] + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputMinio(BaseModel): + type: OutputResponseTypeMinio + + bucket: str + r"""Name of the destination MinIO bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + + stage_path: Annotated[str, pydantic.Field(alias="stagePath")] + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + + endpoint: str + r"""MinIO service url (e.g. http://minioHost:9000)""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + aws_authentication_method: Annotated[ + Optional[AuthenticationMethodOptionsS3CollectorConf], + pydantic.Field(alias="awsAuthenticationMethod"), + ] = None + r"""AWS authentication method. Choose Auto to use IAM roles.""" + + reuse_connections: Annotated[ + Optional[bool], pydantic.Field(alias="reuseConnections") + ] = None + r"""Reuse connections between requests, which can improve performance""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + + region: Optional[str] = None + r"""Region where the MinIO bucket is located""" + + dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None + r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" + + max_concurrent_file_parts: Annotated[ + Optional[float], pydantic.Field(alias="maxConcurrentFileParts") + ] = None + r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" + + verify_permissions: Annotated[ + Optional[bool], pydantic.Field(alias="verifyPermissions") + ] = None + r"""Disable if you can access files within the bucket but not the bucket itself""" + + max_closing_files_to_backpressure: Annotated[ + Optional[float], pydantic.Field(alias="maxClosingFilesToBackpressure") + ] = None + r"""Maximum number of files that can be waiting for upload before backpressure is applied""" + + add_id_to_stage_path: Annotated[ + Optional[bool], pydantic.Field(alias="addIdToStagePath") + ] = None + r"""Add the Output ID value to staging location""" + + remove_empty_dirs: Annotated[ + Optional[bool], pydantic.Field(alias="removeEmptyDirs") + ] = None + r"""Remove empty staging directories after moving files""" + + partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( + None + ) + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + + format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( + None + ) + r"""Format of the output data""" + + base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( + None + ) + r"""JavaScript expression to define the output filename prefix (can be constant)""" + + file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="fileNameSuffix") + ] = None + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + + max_file_size_mb: Annotated[ + Optional[float], pydantic.Field(alias="maxFileSizeMB") + ] = None + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + + max_file_open_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") + ] = None + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + + max_file_idle_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") + ] = None + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + + max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( + None + ) + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + + header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None + r"""If set, this line will be written to the beginning of each output file""" + + write_high_water_mark: Annotated[ + Optional[float], pydantic.Field(alias="writeHighWaterMark") + ] = None + r"""Buffer size used to write to a file""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptionsBlockDrop], + pydantic.Field(alias="onBackpressure"), + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + deadletter_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="deadletterEnabled") + ] = None + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + + on_disk_full_backpressure: Annotated[ + Optional[DiskSpaceProtectionOptions], + pydantic.Field(alias="onDiskFullBackpressure"), + ] = None + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + + force_close_on_shutdown: Annotated[ + Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") + ] = None + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + + retry_settings: Annotated[ + Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") + ] = None + + orphans: Optional[OrphanFileRecoveryType] = None + + aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( + None + ) + r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" + + object_acl: Annotated[ + Optional[ObjectACLOptions], pydantic.Field(alias="objectACL") + ] = None + r"""Object ACL to assign to uploaded objects""" + + storage_class: Annotated[ + Optional[StorageClassOptionsReducedredundancyStandard], + pydantic.Field(alias="storageClass"), + ] = None + r"""Storage class to select for uploaded objects""" + + server_side_encryption: Annotated[ + Optional[ServerSideEncryptionForUploadedObjectsOptionsAes256], + pydantic.Field(alias="serverSideEncryption"), + ] = None + r"""Server-side encryption to use for uploaded objects""" + + description: Optional[str] = None + + aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None + r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" + + aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None + r"""Select or create a stored secret that references your access key and secret key""" + + compress: Optional[CompressionOptionsHTTP] = None + r"""Data compression format to apply to HTTP content before it is delivered""" + + compression_level: Annotated[ + Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") + ] = None + r"""Compression level to apply before moving files to final destination""" + + automatic_schema: Annotated[ + Optional[bool], pydantic.Field(alias="automaticSchema") + ] = None + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + + parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( + None + ) + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + + parquet_version: Annotated[ + Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") + ] = None + r"""Determines which data types are supported and how they are represented""" + + parquet_data_page_version: Annotated[ + Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") + ] = None + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + + parquet_row_group_length: Annotated[ + Optional[float], pydantic.Field(alias="parquetRowGroupLength") + ] = None + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + + parquet_page_size: Annotated[ + Optional[str], pydantic.Field(alias="parquetPageSize") + ] = None + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + + should_log_invalid_rows: Annotated[ + Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") + ] = None + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + + key_value_metadata: Annotated[ + Optional[List[KeyValueMetadataConfOutputFilesystem]], + pydantic.Field(alias="keyValueMetadata"), + ] = None + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + + enable_statistics: Annotated[ + Optional[bool], pydantic.Field(alias="enableStatistics") + ] = None + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + + enable_write_page_index: Annotated[ + Optional[bool], pydantic.Field(alias="enableWritePageIndex") + ] = None + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + + enable_page_checksum: Annotated[ + Optional[bool], pydantic.Field(alias="enablePageChecksum") + ] = None + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + + empty_dir_cleanup_sec: Annotated[ + Optional[float], pydantic.Field(alias="emptyDirCleanupSec") + ] = None + r"""How frequently, in seconds, to clean up empty directories""" + + directory_batch_size: Annotated[ + Optional[float], pydantic.Field(alias="directoryBatchSize") + ] = None + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + + deadletter_path: Annotated[ + Optional[str], pydantic.Field(alias="deadletterPath") + ] = None + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + + max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( + None + ) + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_bucket: Annotated[ + Optional[str], pydantic.Field(alias="__template_bucket") + ] = None + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_dest_path: Annotated[ + Optional[str], pydantic.Field(alias="__template_destPath") + ] = None + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + + template_partition_expr: Annotated[ + Optional[str], pydantic.Field(alias="__template_partitionExpr") + ] = None + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_base_file_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_baseFileName") + ] = None + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + + template_file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="__template_fileNameSuffix") + ] = None + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_aws_secret_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsSecretKey") + ] = None + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + + template_object_acl: Annotated[ + Optional[str], pydantic.Field(alias="__template_objectACL") + ] = None + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + + template_storage_class: Annotated[ + Optional[str], pydantic.Field(alias="__template_storageClass") + ] = None + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + + template_server_side_encryption: Annotated[ + Optional[str], pydantic.Field(alias="__template_serverSideEncryption") + ] = None + r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" + + template_aws_api_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsApiKey") + ] = None + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + template_parquet_schema: Annotated[ + Optional[str], pydantic.Field(alias="__template_parquetSchema") + ] = None + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("aws_authentication_method") + def serialize_aws_authentication_method(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsS3CollectorConf(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.DataFormatOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptionsBlockDrop(value) + except ValueError: + return value + return value + + @field_serializer("on_disk_full_backpressure") + def serialize_on_disk_full_backpressure(self, value): + if isinstance(value, str): + try: + return models.DiskSpaceProtectionOptions(value) + except ValueError: + return value + return value + + @field_serializer("object_acl") + def serialize_object_acl(self, value): + if isinstance(value, str): + try: + return models.ObjectACLOptions(value) + except ValueError: + return value + return value + + @field_serializer("storage_class") + def serialize_storage_class(self, value): + if isinstance(value, str): + try: + return models.StorageClassOptionsReducedredundancyStandard(value) + except ValueError: + return value + return value + + @field_serializer("server_side_encryption") + def serialize_server_side_encryption(self, value): + if isinstance(value, str): + try: + return models.ServerSideEncryptionForUploadedObjectsOptionsAes256(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsHTTP(value) + except ValueError: + return value + return value + + @field_serializer("compression_level") + def serialize_compression_level(self, value): + if isinstance(value, str): + try: + return models.CompressionLevelOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_version") + def serialize_parquet_version(self, value): + if isinstance(value, str): + try: + return models.ParquetVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_data_page_version") + def serialize_parquet_data_page_version(self, value): + if isinstance(value, str): + try: + return models.DataPageVersionOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "awsAuthenticationMethod", + "reuseConnections", + "rejectUnauthorized", + "region", + "destPath", + "maxConcurrentFileParts", + "verifyPermissions", + "maxClosingFilesToBackpressure", + "addIdToStagePath", + "removeEmptyDirs", + "partitionExpr", + "format", + "baseFileName", + "fileNameSuffix", + "maxFileSizeMB", + "maxFileOpenTimeSec", + "maxFileIdleTimeSec", + "maxOpenFiles", + "headerLine", + "writeHighWaterMark", + "onBackpressure", + "deadletterEnabled", + "onDiskFullBackpressure", + "forceCloseOnShutdown", + "retrySettings", + "orphans", + "awsSecretKey", + "objectACL", + "storageClass", + "serverSideEncryption", + "description", + "awsApiKey", + "awsSecret", + "compress", + "compressionLevel", + "automaticSchema", + "parquetSchema", + "parquetVersion", + "parquetDataPageVersion", + "parquetRowGroupLength", + "parquetPageSize", + "shouldLogInvalidRows", + "keyValueMetadata", + "enableStatistics", + "enableWritePageIndex", + "enablePageChecksum", + "emptyDirCleanupSec", + "directoryBatchSize", + "deadletterPath", + "maxRetryNum", + "__template_streamtags", + "__template_bucket", + "__template_region", + "__template_destPath", + "__template_partitionExpr", + "__template_format", + "__template_baseFileName", + "__template_fileNameSuffix", + "__template_onBackpressure", + "__template_awsSecretKey", + "__template_objectACL", + "__template_storageClass", + "__template_serverSideEncryption", + "__template_awsApiKey", + "__template_compress", + "__template_parquetSchema", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeCloudwatch(str, Enum): + CLOUDWATCH = "cloudwatch" + + +class OutputResponsePqControlsCloudwatchTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsCloudwatch(BaseModel): + pass + + +class OutputResponseOutputCloudwatchTypedDict(TypedDict): + type: OutputResponseTypeCloudwatch + log_group_name: str + r"""CloudWatch log group to associate events with""" + log_stream_name: str + r"""Prefix for CloudWatch log stream name. This prefix will be used to generate a unique log stream name per cribl instance, for example: myStream_myHost_myOutputId""" + region: str + r"""Region where the CloudWatchLogs is located""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] + r"""AWS authentication method. Choose Auto to use IAM roles.""" + aws_secret_key: NotRequired[str] + endpoint: NotRequired[str] + r"""CloudWatchLogs service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to CloudWatchLogs-compatible endpoint.""" + reuse_connections: NotRequired[bool] + r"""Reuse connections between requests, which can improve performance""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + enable_assume_role: NotRequired[bool] + r"""Use Assume Role credentials to access CloudWatchLogs""" + assume_role_arn: NotRequired[str] + r"""Amazon Resource Name (ARN) of the role to assume""" + assume_role_external_id: NotRequired[str] + r"""External ID to use when assuming role""" + duration_seconds: NotRequired[float] + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + max_queue_size: NotRequired[float] + r"""Maximum number of queued batches before blocking""" + max_record_size_kb: NotRequired[float] + r"""Maximum size (KB) of each individual record before compression. For non compressible data 1MB is the max recommended size""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + aws_api_key: NotRequired[str] + aws_secret: NotRequired[str] + r"""Select or create a stored secret that references your access key and secret key""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsCloudwatchTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_log_group_name: NotRequired[str] + r"""Binds 'logGroupName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logGroupName' at runtime.""" + template_log_stream_name: NotRequired[str] + r"""Binds 'logStreamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logStreamName' at runtime.""" + template_aws_secret_key: NotRequired[str] + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_endpoint: NotRequired[str] + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + template_assume_role_arn: NotRequired[str] + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + template_assume_role_external_id: NotRequired[str] + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_aws_api_key: NotRequired[str] + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputCloudwatch(BaseModel): + type: OutputResponseTypeCloudwatch + + log_group_name: Annotated[str, pydantic.Field(alias="logGroupName")] + r"""CloudWatch log group to associate events with""" + + log_stream_name: Annotated[str, pydantic.Field(alias="logStreamName")] + r"""Prefix for CloudWatch log stream name. This prefix will be used to generate a unique log stream name per cribl instance, for example: myStream_myHost_myOutputId""" + + region: str + r"""Region where the CloudWatchLogs is located""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + aws_authentication_method: Annotated[ + Optional[AuthenticationMethodOptionsS3CollectorConf], + pydantic.Field(alias="awsAuthenticationMethod"), + ] = None + r"""AWS authentication method. Choose Auto to use IAM roles.""" + + aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( + None + ) + + endpoint: Optional[str] = None + r"""CloudWatchLogs service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to CloudWatchLogs-compatible endpoint.""" + + reuse_connections: Annotated[ + Optional[bool], pydantic.Field(alias="reuseConnections") + ] = None + r"""Reuse connections between requests, which can improve performance""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + + enable_assume_role: Annotated[ + Optional[bool], pydantic.Field(alias="enableAssumeRole") + ] = None + r"""Use Assume Role credentials to access CloudWatchLogs""" + + assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( + None + ) + r"""Amazon Resource Name (ARN) of the role to assume""" + + assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="assumeRoleExternalId") + ] = None + r"""External ID to use when assuming role""" + + duration_seconds: Annotated[ + Optional[float], pydantic.Field(alias="durationSeconds") + ] = None + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + + max_queue_size: Annotated[Optional[float], pydantic.Field(alias="maxQueueSize")] = ( + None + ) + r"""Maximum number of queued batches before blocking""" + + max_record_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSizeKB") + ] = None + r"""Maximum size (KB) of each individual record before compression. For non compressible data 1MB is the max recommended size""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None + + aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None + r"""Select or create a stored secret that references your access key and secret key""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsCloudwatch], pydantic.Field(alias="pqControls") + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_log_group_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_logGroupName") + ] = None + r"""Binds 'logGroupName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logGroupName' at runtime.""" + + template_log_stream_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_logStreamName") + ] = None + r"""Binds 'logStreamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logStreamName' at runtime.""" + + template_aws_secret_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsSecretKey") + ] = None + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_endpoint") + ] = None + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + + template_assume_role_arn: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleArn") + ] = None + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + + template_assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") + ] = None + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_aws_api_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsApiKey") + ] = None + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("aws_authentication_method") + def serialize_aws_authentication_method(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsS3CollectorConf(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "awsAuthenticationMethod", + "awsSecretKey", + "endpoint", + "reuseConnections", + "rejectUnauthorized", + "enableAssumeRole", + "assumeRoleArn", + "assumeRoleExternalId", + "durationSeconds", + "maxQueueSize", + "maxRecordSizeKB", + "flushPeriodSec", + "onBackpressure", + "description", + "awsApiKey", + "awsSecret", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_logGroupName", + "__template_logStreamName", + "__template_awsSecretKey", + "__template_region", + "__template_endpoint", + "__template_assumeRoleArn", + "__template_assumeRoleExternalId", + "__template_onBackpressure", + "__template_awsApiKey", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeInfluxdb(str, Enum): + INFLUXDB = "influxdb" + + +class OutputResponseTimestampPrecision(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Sets the precision for the supplied Unix time values. Defaults to milliseconds.""" + + # Nanoseconds + NS = "ns" + # Microseconds + U = "u" + # Milliseconds + MS = "ms" + # Seconds + S = "s" + # Minutes + M = "m" + # Hours + H = "h" + + +class OutputResponseAuthenticationTypeInfluxdb(str, Enum, metaclass=utils.OpenEnumMeta): + r"""InfluxDB authentication type""" + + # None + NONE = "none" + # Basic + BASIC = "basic" + # Basic (credentials secret) + CREDENTIALS_SECRET = "credentialsSecret" + # Token + TOKEN = "token" + # Token (text secret) + TEXT_SECRET = "textSecret" + + +class OutputResponsePqControlsInfluxdbTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsInfluxdb(BaseModel): + pass + + +class OutputResponseOutputInfluxdbTypedDict(TypedDict): + type: OutputResponseTypeInfluxdb + url: str + r"""URL of an InfluxDB cluster to send events to, e.g., http://localhost:8086/write""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + use_v2_api: NotRequired[bool] + r"""The v2 API can be enabled with InfluxDB versions 1.8 and later.""" + timestamp_precision: NotRequired[OutputResponseTimestampPrecision] + r"""Sets the precision for the supplied Unix time values. Defaults to milliseconds.""" + dynamic_value_field_name: NotRequired[bool] + r"""Enabling this will pull the value field from the metric name. E,g, 'db.query.user' will use 'db.query' as the measurement and 'user' as the value field.""" + value_field_name: NotRequired[str] + r"""Name of the field in which to store the metric when sending to InfluxDB. If dynamic generation is enabled and fails, this will be used as a fallback.""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[OutputResponseAuthenticationTypeInfluxdb] + r"""InfluxDB authentication type""" + description: NotRequired[str] + database: NotRequired[str] + r"""Database to write to.""" + bucket: NotRequired[str] + r"""Bucket to write to.""" + org: NotRequired[str] + r"""Organization ID for this bucket.""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsInfluxdbTypedDict] + username: NotRequired[str] + password: NotRequired[str] + token: NotRequired[str] + r"""Bearer token to include in the authorization header""" + credentials_secret: NotRequired[str] + r"""Select or create a secret that references your credentials""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_database: NotRequired[str] + r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" + template_bucket: NotRequired[str] + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputInfluxdb(BaseModel): + type: OutputResponseTypeInfluxdb + + url: str + r"""URL of an InfluxDB cluster to send events to, e.g., http://localhost:8086/write""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + use_v2_api: Annotated[Optional[bool], pydantic.Field(alias="useV2API")] = None + r"""The v2 API can be enabled with InfluxDB versions 1.8 and later.""" + + timestamp_precision: Annotated[ + Optional[OutputResponseTimestampPrecision], + pydantic.Field(alias="timestampPrecision"), + ] = None + r"""Sets the precision for the supplied Unix time values. Defaults to milliseconds.""" + + dynamic_value_field_name: Annotated[ + Optional[bool], pydantic.Field(alias="dynamicValueFieldName") + ] = None + r"""Enabling this will pull the value field from the metric name. E,g, 'db.query.user' will use 'db.query' as the measurement and 'user' as the value field.""" + + value_field_name: Annotated[ + Optional[str], pydantic.Field(alias="valueFieldName") + ] = None + r"""Name of the field in which to store the metric when sending to InfluxDB. If dynamic generation is enabled and fails, this will be used as a fallback.""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[OutputResponseAuthenticationTypeInfluxdb], + pydantic.Field(alias="authType"), + ] = None + r"""InfluxDB authentication type""" + + description: Optional[str] = None + + database: Optional[str] = None + r"""Database to write to.""" + + bucket: Optional[str] = None + r"""Bucket to write to.""" + + org: Optional[str] = None + r"""Organization ID for this bucket.""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsInfluxdb], pydantic.Field(alias="pqControls") + ] = None + + username: Optional[str] = None + + password: Optional[str] = None + + token: Optional[str] = None + r"""Bearer token to include in the authorization header""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a secret that references your credentials""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_database: Annotated[ + Optional[str], pydantic.Field(alias="__template_database") + ] = None + r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" + + template_bucket: Annotated[ + Optional[str], pydantic.Field(alias="__template_bucket") + ] = None + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("timestamp_precision") + def serialize_timestamp_precision(self, value): + if isinstance(value, str): + try: + return models.OutputResponseTimestampPrecision(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.OutputResponseAuthenticationTypeInfluxdb(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "useV2API", + "timestampPrecision", + "dynamicValueFieldName", + "valueFieldName", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "authType", + "description", + "database", + "bucket", + "org", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "username", + "password", + "token", + "credentialsSecret", + "textSecret", + "__template_streamtags", + "__template_url", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_database", + "__template_bucket", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeNewrelicEvents(str, Enum): + NEWRELIC_EVENTS = "newrelic_events" + + +class OutputResponsePqControlsNewrelicEventsTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsNewrelicEvents(BaseModel): + pass + + +class OutputResponseOutputNewrelicEventsTypedDict(TypedDict): + type: OutputResponseTypeNewrelicEvents + account_id: str + r"""New Relic account ID""" + event_type: str + r"""Default New Relic eventType to use when event type is not present. For more information, see the [New Relic eventType documentation](https://docs.newrelic.com/docs/telemetry-data-platform/custom-data/custom-events/data-requirements-limits-custom-event-data/#reserved-words).""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + region: NotRequired[RegionOptions] + r"""Which New Relic region endpoint to use.""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[AuthenticationMethodOptionsAPI] + r"""Enter API key directly, or select a stored secret""" + description: NotRequired[str] + custom_url: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsNewrelicEventsTypedDict] + api_key: NotRequired[str] + r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_account_id: NotRequired[str] + r"""Binds 'accountId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'accountId' at runtime.""" + template_event_type: NotRequired[str] + r"""Binds 'eventType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'eventType' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_custom_url: NotRequired[str] + r"""Binds 'customUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customUrl' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputNewrelicEvents(BaseModel): + type: OutputResponseTypeNewrelicEvents + + account_id: Annotated[str, pydantic.Field(alias="accountId")] + r"""New Relic account ID""" + + event_type: Annotated[str, pydantic.Field(alias="eventType")] + r"""Default New Relic eventType to use when event type is not present. For more information, see the [New Relic eventType documentation](https://docs.newrelic.com/docs/telemetry-data-platform/custom-data/custom-events/data-requirements-limits-custom-event-data/#reserved-words).""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + region: Optional[RegionOptions] = None + r"""Which New Relic region endpoint to use.""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAPI], pydantic.Field(alias="authType") + ] = None + r"""Enter API key directly, or select a stored secret""" + + description: Optional[str] = None + + custom_url: Annotated[Optional[str], pydantic.Field(alias="customUrl")] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsNewrelicEvents], + pydantic.Field(alias="pqControls"), + ] = None + + api_key: Annotated[Optional[str], pydantic.Field(alias="apiKey")] = None + r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_account_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_accountId") + ] = None + r"""Binds 'accountId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'accountId' at runtime.""" + + template_event_type: Annotated[ + Optional[str], pydantic.Field(alias="__template_eventType") + ] = None + r"""Binds 'eventType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'eventType' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_custom_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_customUrl") + ] = None + r"""Binds 'customUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customUrl' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("region") + def serialize_region(self, value): + if isinstance(value, str): + try: + return models.RegionOptions(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAPI(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "region", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "authType", + "description", + "customUrl", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "apiKey", + "textSecret", + "__template_streamtags", + "__template_region", + "__template_accountId", + "__template_eventType", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_customUrl", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeNewrelic(str, Enum): + NEWRELIC = "newrelic" + + +class OutputResponseFieldName(str, Enum, metaclass=utils.OpenEnumMeta): + SERVICE = "service" + HOSTNAME = "hostname" + TIMESTAMP = "timestamp" + AUDIT_ID = "auditId" + + +class OutputResponseMetadatumTypedDict(TypedDict): + name: OutputResponseFieldName + value: str + r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)""" + + +class OutputResponseMetadatum(BaseModel): + name: OutputResponseFieldName + + value: str + r"""JavaScript expression to compute field's value, enclosed in quotes or backticks. (Can evaluate to a constant.)""" + + @field_serializer("name") + def serialize_name(self, value): + if isinstance(value, str): + try: + return models.OutputResponseFieldName(value) + except ValueError: + return value + return value + + +class OutputResponsePqControlsNewrelicTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsNewrelic(BaseModel): + pass + + +class OutputResponseOutputNewrelicTypedDict(TypedDict): + type: OutputResponseTypeNewrelic + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + region: NotRequired[RegionOptions] + r"""Which New Relic region endpoint to use.""" + log_type: NotRequired[str] + r"""Name of the logtype to send with events, e.g.: observability, access_log. The event's 'sourcetype' field (if set) will override this value.""" + message_field: NotRequired[str] + r"""Name of field to send as log message value. If not present, event will be serialized and sent as JSON.""" + metadata: NotRequired[List[OutputResponseMetadatumTypedDict]] + r"""Fields to add to events from this input""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[AuthenticationMethodOptionsAPI] + r"""Enter API key directly, or select a stored secret""" + total_memory_limit_kb: NotRequired[float] + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + description: NotRequired[str] + custom_url: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsNewrelicTypedDict] + api_key: NotRequired[str] + r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_log_type: NotRequired[str] + r"""Binds 'logType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logType' at runtime.""" + template_message_field: NotRequired[str] + r"""Binds 'messageField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'messageField' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputNewrelic(BaseModel): + type: OutputResponseTypeNewrelic + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + region: Optional[RegionOptions] = None + r"""Which New Relic region endpoint to use.""" + + log_type: Annotated[Optional[str], pydantic.Field(alias="logType")] = None + r"""Name of the logtype to send with events, e.g.: observability, access_log. The event's 'sourcetype' field (if set) will override this value.""" + + message_field: Annotated[Optional[str], pydantic.Field(alias="messageField")] = None + r"""Name of field to send as log message value. If not present, event will be serialized and sent as JSON.""" + + metadata: Optional[List[OutputResponseMetadatum]] = None + r"""Fields to add to events from this input""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAPI], pydantic.Field(alias="authType") + ] = None + r"""Enter API key directly, or select a stored secret""" + + total_memory_limit_kb: Annotated[ + Optional[float], pydantic.Field(alias="totalMemoryLimitKB") + ] = None + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + + description: Optional[str] = None + + custom_url: Annotated[Optional[str], pydantic.Field(alias="customUrl")] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsNewrelic], pydantic.Field(alias="pqControls") + ] = None + + api_key: Annotated[Optional[str], pydantic.Field(alias="apiKey")] = None + r"""New Relic API key. Can be overridden using __newRelic_apiKey field.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_log_type: Annotated[ + Optional[str], pydantic.Field(alias="__template_logType") + ] = None + r"""Binds 'logType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logType' at runtime.""" + + template_message_field: Annotated[ + Optional[str], pydantic.Field(alias="__template_messageField") + ] = None + r"""Binds 'messageField' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'messageField' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("region") + def serialize_region(self, value): + if isinstance(value, str): + try: + return models.RegionOptions(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAPI(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "region", + "logType", + "messageField", + "metadata", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "authType", + "totalMemoryLimitKB", + "description", + "customUrl", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "apiKey", + "textSecret", + "__template_streamtags", + "__template_region", + "__template_logType", + "__template_messageField", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeElasticCloud(str, Enum): + ELASTIC_CLOUD = "elastic_cloud" + + +class OutputResponsePqControlsElasticCloudTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsElasticCloud(BaseModel): + pass + + +class OutputResponseOutputElasticCloudTypedDict(TypedDict): + type: OutputResponseTypeElasticCloud + url: str + r"""Enter Cloud ID of the Elastic Cloud environment to send events to""" + index: str + r"""Data stream or index to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + extra_params: NotRequired[List[SaslExtensionConfInputKafkaTypedDict]] + r"""Extra parameters to use in HTTP requests""" + auth: NotRequired[AuthTypeTemplatemanualAPIKeyAuthTypeTypedDict] + elastic_pipeline: NotRequired[str] + r"""Optional Elastic Cloud Destination pipeline""" + include_doc_id: NotRequired[bool] + r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsElasticCloudTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + template_index: NotRequired[str] + r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_elastic_pipeline: NotRequired[str] + r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputElasticCloud(BaseModel): + type: OutputResponseTypeElasticCloud + + url: str + r"""Enter Cloud ID of the Elastic Cloud environment to send events to""" + + index: str + r"""Data stream or index to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + extra_params: Annotated[ + Optional[List[SaslExtensionConfInputKafka]], pydantic.Field(alias="extraParams") + ] = None + r"""Extra parameters to use in HTTP requests""" + + auth: Optional[AuthTypeTemplatemanualAPIKeyAuthType] = None + + elastic_pipeline: Annotated[ + Optional[str], pydantic.Field(alias="elasticPipeline") + ] = None + r"""Optional Elastic Cloud Destination pipeline""" + + include_doc_id: Annotated[Optional[bool], pydantic.Field(alias="includeDocId")] = ( + None + ) + r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsElasticCloud], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + template_index: Annotated[ + Optional[str], pydantic.Field(alias="__template_index") + ] = None + r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_elastic_pipeline: Annotated[ + Optional[str], pydantic.Field(alias="__template_elasticPipeline") + ] = None + r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "failedRequestLoggingMode", + "safeHeaders", + "extraParams", + "auth", + "elasticPipeline", + "includeDocId", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "description", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_url", + "__template_index", + "__template_failedRequestLoggingMode", + "__template_elasticPipeline", + "__template_onBackpressure", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeElastic(str, Enum): + ELASTIC = "elastic" + + +class OutputResponseElasticVersion(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Optional Elasticsearch version, used to format events. If not specified, will auto-discover version.""" + + # Auto + AUTO = "auto" + # 6.x + SIX = "6" + # 7.x + SEVEN = "7" + + +class OutputResponseWriteAction(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Action to use when writing events. Must be set to `Create` when writing to a data stream.""" + + # Index + INDEX = "index" + # Create + CREATE = "create" + + +class OutputResponseURLElasticTypedDict(TypedDict): + url: str + r"""The URL to an Elastic node to send events to. Example: http://elastic:9200/_bulk""" + weight: NotRequired[float] + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + +class OutputResponseURLElastic(BaseModel): + url: str + r"""The URL to an Elastic node to send events to. Example: http://elastic:9200/_bulk""" + + weight: Optional[float] = None + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["weight", "__template_url"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponsePqControlsElasticTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsElastic(BaseModel): + pass + + +class OutputResponseOutputElasticTypedDict(TypedDict): + type: OutputResponseTypeElastic + index: str + r"""Index or data stream to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + load_balanced: NotRequired[bool] + r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" + doc_type: NotRequired[str] + r"""Document type to use for events. Can be overwritten by an event's __type field.""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + extra_params: NotRequired[List[SaslExtensionConfInputKafkaTypedDict]] + auth: NotRequired[AuthTypeTemplatemanualAPIKeyAuthTypeTypedDict] + elastic_version: NotRequired[OutputResponseElasticVersion] + r"""Optional Elasticsearch version, used to format events. If not specified, will auto-discover version.""" + elastic_pipeline: NotRequired[str] + r"""Optional Elasticsearch destination pipeline""" + include_doc_id: NotRequired[bool] + r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" + write_action: NotRequired[OutputResponseWriteAction] + r"""Action to use when writing events. Must be set to `Create` when writing to a data stream.""" + retry_partial_errors: NotRequired[bool] + r"""Retry failed events when a bulk request to Elastic is successful, but the response body returns an error for one or more events in the batch""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + url: NotRequired[str] + r"""The Cloud ID or URL to an Elastic cluster to send events to. Example: http://elastic:9200/_bulk""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + exclude_self: NotRequired[bool] + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + urls: NotRequired[List[OutputResponseURLElasticTypedDict]] + dns_resolve_period_sec: NotRequired[float] + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + load_balance_stats_period_sec: NotRequired[float] + r"""How far back in time to keep traffic stats for load balancing purposes""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsElasticTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_index: NotRequired[str] + r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" + template_doc_type: NotRequired[str] + r"""Binds 'docType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'docType' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_elastic_pipeline: NotRequired[str] + r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputElastic(BaseModel): + type: OutputResponseTypeElastic + + index: str + r"""Index or data stream to send events to. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be overwritten by an event's __index field.""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( + None + ) + r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" + + doc_type: Annotated[Optional[str], pydantic.Field(alias="docType")] = None + r"""Document type to use for events. Can be overwritten by an event's __type field.""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + extra_params: Annotated[ + Optional[List[SaslExtensionConfInputKafka]], pydantic.Field(alias="extraParams") + ] = None + + auth: Optional[AuthTypeTemplatemanualAPIKeyAuthType] = None + + elastic_version: Annotated[ + Optional[OutputResponseElasticVersion], pydantic.Field(alias="elasticVersion") + ] = None + r"""Optional Elasticsearch version, used to format events. If not specified, will auto-discover version.""" + + elastic_pipeline: Annotated[ + Optional[str], pydantic.Field(alias="elasticPipeline") + ] = None + r"""Optional Elasticsearch destination pipeline""" + + include_doc_id: Annotated[Optional[bool], pydantic.Field(alias="includeDocId")] = ( + None + ) + r"""Include the `document_id` field when sending events to an Elastic TSDS (time series data stream)""" + + write_action: Annotated[ + Optional[OutputResponseWriteAction], pydantic.Field(alias="writeAction") + ] = None + r"""Action to use when writing events. Must be set to `Create` when writing to a data stream.""" + + retry_partial_errors: Annotated[ + Optional[bool], pydantic.Field(alias="retryPartialErrors") + ] = None + r"""Retry failed events when a bulk request to Elastic is successful, but the response body returns an error for one or more events in the batch""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + url: Optional[str] = None + r"""The Cloud ID or URL to an Elastic cluster to send events to. Example: http://elastic:9200/_bulk""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + + urls: Optional[List[OutputResponseURLElastic]] = None + + dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") + ] = None + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + + load_balance_stats_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") + ] = None + r"""How far back in time to keep traffic stats for load balancing purposes""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsElastic], pydantic.Field(alias="pqControls") + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_index: Annotated[ + Optional[str], pydantic.Field(alias="__template_index") + ] = None + r"""Binds 'index' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'index' at runtime.""" + + template_doc_type: Annotated[ + Optional[str], pydantic.Field(alias="__template_docType") + ] = None + r"""Binds 'docType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'docType' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_elastic_pipeline: Annotated[ + Optional[str], pydantic.Field(alias="__template_elasticPipeline") + ] = None + r"""Binds 'elasticPipeline' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'elasticPipeline' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("elastic_version") + def serialize_elastic_version(self, value): + if isinstance(value, str): + try: + return models.OutputResponseElasticVersion(value) + except ValueError: + return value + return value + + @field_serializer("write_action") + def serialize_write_action(self, value): + if isinstance(value, str): + try: + return models.OutputResponseWriteAction(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "loadBalanced", + "docType", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "extraParams", + "auth", + "elasticVersion", + "elasticPipeline", + "includeDocId", + "writeAction", + "retryPartialErrors", + "onBackpressure", + "description", + "url", + "useRoundRobinDns", + "excludeSelf", + "urls", + "dnsResolvePeriodSec", + "loadBalanceStatsPeriodSec", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_index", + "__template_docType", + "__template_failedRequestLoggingMode", + "__template_elasticPipeline", + "__template_onBackpressure", + "__template_url", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeMsk(str, Enum): + MSK = "msk" + + +class OutputResponsePqControlsMskTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsMsk(BaseModel): + pass + + +class OutputResponseOutputMskTypedDict(TypedDict): + type: OutputResponseTypeMsk + brokers: List[str] + r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" + topic: str + r"""The topic to publish events to. Can be overridden using the __topicOut field.""" + aws_authentication_method: AuthenticationMethodOptionsS3CollectorConf + r"""AWS authentication method. Choose Auto to use IAM roles.""" + region: str + r"""Region where the MSK cluster is located""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + ack: NotRequired[AcknowledgmentsOptionsAllLeader] + r"""Control the number of required acknowledgments.""" + format_: NotRequired[RecordDataFormatOptionsJSONProtobuf] + r"""Format to use to serialize events before writing to Kafka.""" + compression: NotRequired[CompressionOptionsGzipLz4] + r"""Codec to use to compress the data before sending to Kafka""" + max_record_size_kb: NotRequired[float] + r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" + flush_event_count: NotRequired[float] + r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" + flush_period_sec: NotRequired[float] + r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" + kafka_schema_registry: NotRequired[ + KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict + ] + connection_timeout: NotRequired[float] + r"""Maximum time to wait for a connection to complete successfully""" + request_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to a request""" + max_retries: NotRequired[float] + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + max_back_off: NotRequired[float] + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + initial_backoff: NotRequired[float] + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + backoff_rate: NotRequired[float] + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + authentication_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to an authentication request""" + reauthentication_threshold: NotRequired[float] + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + aws_secret_key: NotRequired[str] + endpoint: NotRequired[str] + r"""MSK cluster service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to MSK cluster-compatible endpoint.""" + reuse_connections: NotRequired[bool] + r"""Reuse connections between requests, which can improve performance""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + enable_assume_role: NotRequired[bool] + r"""Use Assume Role credentials to access MSK""" + assume_role_arn: NotRequired[str] + r"""Amazon Resource Name (ARN) of the role to assume""" + assume_role_external_id: NotRequired[str] + r"""External ID to use when assuming role""" + duration_seconds: NotRequired[float] + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + aws_api_key: NotRequired[str] + aws_secret: NotRequired[str] + r"""Select or create a stored secret that references your access key and secret key""" + protobuf_library_id: NotRequired[str] + r"""Select a set of Protobuf definitions for the events you want to send""" + protobuf_encoding_id: NotRequired[str] + r"""Select the type of object you want the Protobuf definitions to use for event encoding""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsMskTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_topic: NotRequired[str] + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_compression: NotRequired[str] + r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" + template_aws_secret_key: NotRequired[str] + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_endpoint: NotRequired[str] + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + template_assume_role_arn: NotRequired[str] + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + template_assume_role_external_id: NotRequired[str] + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_aws_api_key: NotRequired[str] + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputMsk(BaseModel): + type: OutputResponseTypeMsk + + brokers: List[str] + r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" + + topic: str + r"""The topic to publish events to. Can be overridden using the __topicOut field.""" + + aws_authentication_method: Annotated[ + AuthenticationMethodOptionsS3CollectorConf, + pydantic.Field(alias="awsAuthenticationMethod"), + ] + r"""AWS authentication method. Choose Auto to use IAM roles.""" + + region: str + r"""Region where the MSK cluster is located""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + ack: Optional[AcknowledgmentsOptionsAllLeader] = None + r"""Control the number of required acknowledgments.""" + + format_: Annotated[ + Optional[RecordDataFormatOptionsJSONProtobuf], pydantic.Field(alias="format") + ] = None + r"""Format to use to serialize events before writing to Kafka.""" + + compression: Optional[CompressionOptionsGzipLz4] = None + r"""Codec to use to compress the data before sending to Kafka""" + + max_record_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSizeKB") + ] = None + r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" + + flush_event_count: Annotated[ + Optional[float], pydantic.Field(alias="flushEventCount") + ] = None + r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" + + kafka_schema_registry: Annotated[ + Optional[KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth], + pydantic.Field(alias="kafkaSchemaRegistry"), + ] = None + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Maximum time to wait for a connection to complete successfully""" + + request_timeout: Annotated[ + Optional[float], pydantic.Field(alias="requestTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to a request""" + + max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + + max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + + initial_backoff: Annotated[ + Optional[float], pydantic.Field(alias="initialBackoff") + ] = None + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + + backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + + authentication_timeout: Annotated[ + Optional[float], pydantic.Field(alias="authenticationTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to an authentication request""" + + reauthentication_threshold: Annotated[ + Optional[float], pydantic.Field(alias="reauthenticationThreshold") + ] = None + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + + aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( + None + ) + + endpoint: Optional[str] = None + r"""MSK cluster service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to MSK cluster-compatible endpoint.""" + + reuse_connections: Annotated[ + Optional[bool], pydantic.Field(alias="reuseConnections") + ] = None + r"""Reuse connections between requests, which can improve performance""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + + enable_assume_role: Annotated[ + Optional[bool], pydantic.Field(alias="enableAssumeRole") + ] = None + r"""Use Assume Role credentials to access MSK""" + + assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( + None + ) + r"""Amazon Resource Name (ARN) of the role to assume""" + + assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="assumeRoleExternalId") + ] = None + r"""External ID to use when assuming role""" + + duration_seconds: Annotated[ + Optional[float], pydantic.Field(alias="durationSeconds") + ] = None + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None + + aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None + r"""Select or create a stored secret that references your access key and secret key""" + + protobuf_library_id: Annotated[ + Optional[str], pydantic.Field(alias="protobufLibraryId") + ] = None + r"""Select a set of Protobuf definitions for the events you want to send""" + + protobuf_encoding_id: Annotated[ + Optional[str], pydantic.Field(alias="protobufEncodingId") + ] = None + r"""Select the type of object you want the Protobuf definitions to use for event encoding""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsMsk], pydantic.Field(alias="pqControls") + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_topic: Annotated[ + Optional[str], pydantic.Field(alias="__template_topic") + ] = None + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_compression: Annotated[ + Optional[str], pydantic.Field(alias="__template_compression") + ] = None + r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" + + template_aws_secret_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsSecretKey") + ] = None + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_endpoint") + ] = None + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + + template_assume_role_arn: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleArn") + ] = None + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + + template_assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") + ] = None + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_aws_api_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsApiKey") + ] = None + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("ack") + def serialize_ack(self, value): + if isinstance(value, str): + try: + return models.AcknowledgmentsOptionsAllLeader(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.RecordDataFormatOptionsJSONProtobuf(value) + except ValueError: + return value + return value + + @field_serializer("compression") + def serialize_compression(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsGzipLz4(value) + except ValueError: + return value + return value + + @field_serializer("aws_authentication_method") + def serialize_aws_authentication_method(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsS3CollectorConf(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "ack", + "format", + "compression", + "maxRecordSizeKB", + "flushEventCount", + "flushPeriodSec", + "kafkaSchemaRegistry", + "connectionTimeout", + "requestTimeout", + "maxRetries", + "maxBackOff", + "initialBackoff", + "backoffRate", + "authenticationTimeout", + "reauthenticationThreshold", + "awsSecretKey", + "endpoint", + "reuseConnections", + "rejectUnauthorized", + "enableAssumeRole", + "assumeRoleArn", + "assumeRoleExternalId", + "durationSeconds", + "tls", + "onBackpressure", + "description", + "awsApiKey", + "awsSecret", + "protobufLibraryId", + "protobufEncodingId", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_topic", + "__template_format", + "__template_compression", + "__template_awsSecretKey", + "__template_region", + "__template_endpoint", + "__template_assumeRoleArn", + "__template_assumeRoleExternalId", + "__template_onBackpressure", + "__template_awsApiKey", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeConfluentCloud(str, Enum): + CONFLUENT_CLOUD = "confluent_cloud" + + +class OutputResponsePqControlsConfluentCloudTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsConfluentCloud(BaseModel): + pass + + +class OutputResponseOutputConfluentCloudTypedDict(TypedDict): + type: OutputResponseTypeConfluentCloud + brokers: List[str] + r"""List of Confluent Cloud bootstrap servers to use, such as yourAccount.confluent.cloud:9092.""" + topic: str + r"""The topic to publish events to. Can be overridden using the __topicOut field.""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] + ack: NotRequired[AcknowledgmentsOptionsAllLeader] + r"""Control the number of required acknowledgments.""" + format_: NotRequired[RecordDataFormatOptionsJSONProtobuf] + r"""Format to use to serialize events before writing to Kafka.""" + compression: NotRequired[CompressionOptionsGzipLz4] + r"""Codec to use to compress the data before sending to Kafka""" + max_record_size_kb: NotRequired[float] + r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" + flush_event_count: NotRequired[float] + r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" + flush_period_sec: NotRequired[float] + r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" + kafka_schema_registry: NotRequired[ + KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict + ] + connection_timeout: NotRequired[float] + r"""Maximum time to wait for a connection to complete successfully""" + request_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to a request""" + max_retries: NotRequired[float] + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + max_back_off: NotRequired[float] + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + initial_backoff: NotRequired[float] + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + backoff_rate: NotRequired[float] + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + authentication_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to an authentication request""" + reauthentication_threshold: NotRequired[float] + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + sasl: NotRequired[AuthenticationTypeTypedDict] + r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + protobuf_library_id: NotRequired[str] + r"""Select a set of Protobuf definitions for the events you want to send""" + protobuf_encoding_id: NotRequired[str] + r"""Select the type of object you want the Protobuf definitions to use for event encoding""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsConfluentCloudTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_brokers: NotRequired[str] + r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" + template_topic: NotRequired[str] + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_compression: NotRequired[str] + r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputConfluentCloud(BaseModel): + type: OutputResponseTypeConfluentCloud + + brokers: List[str] + r"""List of Confluent Cloud bootstrap servers to use, such as yourAccount.confluent.cloud:9092.""" + + topic: str + r"""The topic to publish events to. Can be overridden using the __topicOut field.""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None + + ack: Optional[AcknowledgmentsOptionsAllLeader] = None + r"""Control the number of required acknowledgments.""" + + format_: Annotated[ + Optional[RecordDataFormatOptionsJSONProtobuf], pydantic.Field(alias="format") + ] = None + r"""Format to use to serialize events before writing to Kafka.""" + + compression: Optional[CompressionOptionsGzipLz4] = None + r"""Codec to use to compress the data before sending to Kafka""" + + max_record_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSizeKB") + ] = None + r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" + + flush_event_count: Annotated[ + Optional[float], pydantic.Field(alias="flushEventCount") + ] = None + r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" + + kafka_schema_registry: Annotated[ + Optional[KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth], + pydantic.Field(alias="kafkaSchemaRegistry"), + ] = None + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Maximum time to wait for a connection to complete successfully""" + + request_timeout: Annotated[ + Optional[float], pydantic.Field(alias="requestTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to a request""" + + max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + + max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + + initial_backoff: Annotated[ + Optional[float], pydantic.Field(alias="initialBackoff") + ] = None + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + + backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + + authentication_timeout: Annotated[ + Optional[float], pydantic.Field(alias="authenticationTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to an authentication request""" + + reauthentication_threshold: Annotated[ + Optional[float], pydantic.Field(alias="reauthenticationThreshold") + ] = None + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + + sasl: Optional[AuthenticationType] = None + r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + protobuf_library_id: Annotated[ + Optional[str], pydantic.Field(alias="protobufLibraryId") + ] = None + r"""Select a set of Protobuf definitions for the events you want to send""" + + protobuf_encoding_id: Annotated[ + Optional[str], pydantic.Field(alias="protobufEncodingId") + ] = None + r"""Select the type of object you want the Protobuf definitions to use for event encoding""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsConfluentCloud], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_brokers: Annotated[ + Optional[str], pydantic.Field(alias="__template_brokers") + ] = None + r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" + + template_topic: Annotated[ + Optional[str], pydantic.Field(alias="__template_topic") + ] = None + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_compression: Annotated[ + Optional[str], pydantic.Field(alias="__template_compression") + ] = None + r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("ack") + def serialize_ack(self, value): + if isinstance(value, str): + try: + return models.AcknowledgmentsOptionsAllLeader(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.RecordDataFormatOptionsJSONProtobuf(value) + except ValueError: + return value + return value + + @field_serializer("compression") + def serialize_compression(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsGzipLz4(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "tls", + "ack", + "format", + "compression", + "maxRecordSizeKB", + "flushEventCount", + "flushPeriodSec", + "kafkaSchemaRegistry", + "connectionTimeout", + "requestTimeout", + "maxRetries", + "maxBackOff", + "initialBackoff", + "backoffRate", + "authenticationTimeout", + "reauthenticationThreshold", + "sasl", + "onBackpressure", + "description", + "protobufLibraryId", + "protobufEncodingId", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_brokers", + "__template_topic", + "__template_format", + "__template_compression", + "__template_onBackpressure", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeKafka(str, Enum): + KAFKA = "kafka" + + +class OutputResponsePqControlsKafkaTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsKafka(BaseModel): + pass + + +class OutputResponseOutputKafkaTypedDict(TypedDict): + type: OutputResponseTypeKafka + brokers: List[str] + r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" + topic: str + r"""The topic to publish events to. Can be overridden using the __topicOut field.""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + ack: NotRequired[AcknowledgmentsOptionsAllLeader] + r"""Control the number of required acknowledgments.""" + format_: NotRequired[RecordDataFormatOptionsJSONProtobuf] + r"""Format to use to serialize events before writing to Kafka.""" + compression: NotRequired[CompressionOptionsGzipLz4] + r"""Codec to use to compress the data before sending to Kafka""" + max_record_size_kb: NotRequired[float] + r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" + flush_event_count: NotRequired[float] + r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" + flush_period_sec: NotRequired[float] + r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" + kafka_schema_registry: NotRequired[ + KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuthTypedDict + ] + connection_timeout: NotRequired[float] + r"""Maximum time to wait for a connection to complete successfully""" + request_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to a request""" + max_retries: NotRequired[float] + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + max_back_off: NotRequired[float] + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + initial_backoff: NotRequired[float] + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + backoff_rate: NotRequired[float] + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + authentication_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to an authentication request""" + reauthentication_threshold: NotRequired[float] + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + sasl: NotRequired[AuthenticationTypeTypedDict] + r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + protobuf_library_id: NotRequired[str] + r"""Select a set of Protobuf definitions for the events you want to send""" + protobuf_encoding_id: NotRequired[str] + r"""Select the type of object you want the Protobuf definitions to use for event encoding""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsKafkaTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_topic: NotRequired[str] + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_compression: NotRequired[str] + r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputKafka(BaseModel): + type: OutputResponseTypeKafka + + brokers: List[str] + r"""Enter each Kafka bootstrap server you want to use. Specify hostname and port, e.g., mykafkabroker:9092, or just hostname, in which case @{product} will assign port 9092.""" + + topic: str + r"""The topic to publish events to. Can be overridden using the __topicOut field.""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + ack: Optional[AcknowledgmentsOptionsAllLeader] = None + r"""Control the number of required acknowledgments.""" + + format_: Annotated[ + Optional[RecordDataFormatOptionsJSONProtobuf], pydantic.Field(alias="format") + ] = None + r"""Format to use to serialize events before writing to Kafka.""" + + compression: Optional[CompressionOptionsGzipLz4] = None + r"""Codec to use to compress the data before sending to Kafka""" + + max_record_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSizeKB") + ] = None + r"""Maximum size of each record batch before compression. The value must not exceed the Kafka brokers' message.max.bytes setting.""" + + flush_event_count: Annotated[ + Optional[float], pydantic.Field(alias="flushEventCount") + ] = None + r"""The maximum number of events you want the Destination to allow in a batch before forcing a flush""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""The maximum amount of time you want the Destination to wait before forcing a flush. Shorter intervals tend to result in smaller batches being sent.""" + + kafka_schema_registry: Annotated[ + Optional[KafkaSchemaRegistryAuthenticationTypeTemplateschemaRegistryURLAuth], + pydantic.Field(alias="kafkaSchemaRegistry"), + ] = None + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Maximum time to wait for a connection to complete successfully""" + + request_timeout: Annotated[ + Optional[float], pydantic.Field(alias="requestTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to a request""" + + max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + + max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + + initial_backoff: Annotated[ + Optional[float], pydantic.Field(alias="initialBackoff") + ] = None + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + + backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + + authentication_timeout: Annotated[ + Optional[float], pydantic.Field(alias="authenticationTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to an authentication request""" + + reauthentication_threshold: Annotated[ + Optional[float], pydantic.Field(alias="reauthenticationThreshold") + ] = None + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + + sasl: Optional[AuthenticationType] = None + r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + protobuf_library_id: Annotated[ + Optional[str], pydantic.Field(alias="protobufLibraryId") + ] = None + r"""Select a set of Protobuf definitions for the events you want to send""" + + protobuf_encoding_id: Annotated[ + Optional[str], pydantic.Field(alias="protobufEncodingId") + ] = None + r"""Select the type of object you want the Protobuf definitions to use for event encoding""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsKafka], pydantic.Field(alias="pqControls") + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_topic: Annotated[ + Optional[str], pydantic.Field(alias="__template_topic") + ] = None + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_compression: Annotated[ + Optional[str], pydantic.Field(alias="__template_compression") + ] = None + r"""Binds 'compression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compression' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("ack") + def serialize_ack(self, value): + if isinstance(value, str): + try: + return models.AcknowledgmentsOptionsAllLeader(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.RecordDataFormatOptionsJSONProtobuf(value) + except ValueError: + return value + return value + + @field_serializer("compression") + def serialize_compression(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsGzipLz4(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "ack", + "format", + "compression", + "maxRecordSizeKB", + "flushEventCount", + "flushPeriodSec", + "kafkaSchemaRegistry", + "connectionTimeout", + "requestTimeout", + "maxRetries", + "maxBackOff", + "initialBackoff", + "backoffRate", + "authenticationTimeout", + "reauthenticationThreshold", + "sasl", + "tls", + "onBackpressure", + "description", + "protobufLibraryId", + "protobufEncodingId", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_topic", + "__template_format", + "__template_compression", + "__template_onBackpressure", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeExabeam(str, Enum): + EXABEAM = "exabeam" + + +class OutputResponseOutputExabeamTypedDict(TypedDict): + type: OutputResponseTypeExabeam + bucket: str + r"""Name of the destination bucket. A constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a JavaScript Global Variable: `myBucket-${C.vars.myVar}`.""" + region: str + r"""Region where the bucket is located""" + stage_path: str + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + endpoint: str + r"""Google Cloud Storage service endpoint""" + collector_instance_id: str + r"""ID of the Exabeam Collector where data should be sent. Example: 11112222-3333-4444-5555-666677778888 + + """ + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + object_acl: NotRequired[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol] + r"""Object ACL to assign to uploaded objects""" + storage_class: NotRequired[StorageClassOptionsArchiveColdline] + r"""Storage class to select for uploaded objects""" + reuse_connections: NotRequired[bool] + r"""Reuse connections between requests, which can improve performance""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + add_id_to_stage_path: NotRequired[bool] + r"""Add the Output ID value to staging location""" + remove_empty_dirs: NotRequired[bool] + r"""Remove empty staging directories after moving files""" + max_file_open_time_sec: NotRequired[float] + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + max_file_idle_time_sec: NotRequired[float] + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + max_open_files: NotRequired[float] + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] + r"""How to handle events when all receivers are exerting backpressure""" + deadletter_enabled: NotRequired[bool] + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + retry_settings: NotRequired[RetrySettingsTypeTypedDict] + orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] + max_file_size_mb: NotRequired[float] + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + encoded_configuration: NotRequired[str] + r"""Enter an encoded string containing Exabeam configurations""" + site_name: NotRequired[str] + r"""Constant or JavaScript expression to create an Exabeam site name. Values that aren't successfully evaluated will be treated as string constants.""" + site_id: NotRequired[str] + r"""Exabeam site ID. If left blank, @{product} will use the value of the Exabeam site name.""" + timezone_offset: NotRequired[str] + aws_api_key: NotRequired[str] + r"""HMAC access key. Can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" + aws_secret_key: NotRequired[str] + r"""HMAC secret. Can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" + description: NotRequired[str] + empty_dir_cleanup_sec: NotRequired[float] + r"""How frequently, in seconds, to clean up empty directories""" + directory_batch_size: NotRequired[float] + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + deadletter_path: NotRequired[str] + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + max_retry_num: NotRequired[float] + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_endpoint: NotRequired[str] + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + template_object_acl: NotRequired[str] + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + template_storage_class: NotRequired[str] + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputExabeam(BaseModel): + type: OutputResponseTypeExabeam + + bucket: str + r"""Name of the destination bucket. A constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a JavaScript Global Variable: `myBucket-${C.vars.myVar}`.""" + + region: str + r"""Region where the bucket is located""" + + stage_path: Annotated[str, pydantic.Field(alias="stagePath")] + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + + endpoint: str + r"""Google Cloud Storage service endpoint""" + + collector_instance_id: Annotated[str, pydantic.Field(alias="collectorInstanceId")] + r"""ID of the Exabeam Collector where data should be sent. Example: 11112222-3333-4444-5555-666677778888 + + """ + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + object_acl: Annotated[ + Optional[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol], + pydantic.Field(alias="objectACL"), + ] = None + r"""Object ACL to assign to uploaded objects""" + + storage_class: Annotated[ + Optional[StorageClassOptionsArchiveColdline], + pydantic.Field(alias="storageClass"), + ] = None + r"""Storage class to select for uploaded objects""" + + reuse_connections: Annotated[ + Optional[bool], pydantic.Field(alias="reuseConnections") + ] = None + r"""Reuse connections between requests, which can improve performance""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + + add_id_to_stage_path: Annotated[ + Optional[bool], pydantic.Field(alias="addIdToStagePath") + ] = None + r"""Add the Output ID value to staging location""" + + remove_empty_dirs: Annotated[ + Optional[bool], pydantic.Field(alias="removeEmptyDirs") + ] = None + r"""Remove empty staging directories after moving files""" + + max_file_open_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") + ] = None + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + + max_file_idle_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") + ] = None + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + + max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( + None + ) + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptionsBlockDrop], + pydantic.Field(alias="onBackpressure"), + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + deadletter_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="deadletterEnabled") + ] = None + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + + on_disk_full_backpressure: Annotated[ + Optional[DiskSpaceProtectionOptions], + pydantic.Field(alias="onDiskFullBackpressure"), + ] = None + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + + retry_settings: Annotated[ + Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") + ] = None + + orphans: Optional[OrphanFileRecoveryType] = None + + max_file_size_mb: Annotated[ + Optional[float], pydantic.Field(alias="maxFileSizeMB") + ] = None + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + + encoded_configuration: Annotated[ + Optional[str], pydantic.Field(alias="encodedConfiguration") + ] = None + r"""Enter an encoded string containing Exabeam configurations""" + + site_name: Annotated[Optional[str], pydantic.Field(alias="siteName")] = None + r"""Constant or JavaScript expression to create an Exabeam site name. Values that aren't successfully evaluated will be treated as string constants.""" + + site_id: Annotated[Optional[str], pydantic.Field(alias="siteId")] = None + r"""Exabeam site ID. If left blank, @{product} will use the value of the Exabeam site name.""" + + timezone_offset: Annotated[ + Optional[str], pydantic.Field(alias="timezoneOffset") + ] = None + + aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None + r"""HMAC access key. Can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" + + aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( + None + ) + r"""HMAC secret. Can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" + + description: Optional[str] = None + + empty_dir_cleanup_sec: Annotated[ + Optional[float], pydantic.Field(alias="emptyDirCleanupSec") + ] = None + r"""How frequently, in seconds, to clean up empty directories""" + + directory_batch_size: Annotated[ + Optional[float], pydantic.Field(alias="directoryBatchSize") + ] = None + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + + deadletter_path: Annotated[ + Optional[str], pydantic.Field(alias="deadletterPath") + ] = None + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + + max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( + None + ) + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_endpoint") + ] = None + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + + template_object_acl: Annotated[ + Optional[str], pydantic.Field(alias="__template_objectACL") + ] = None + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + + template_storage_class: Annotated[ + Optional[str], pydantic.Field(alias="__template_storageClass") + ] = None + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("object_acl") + def serialize_object_acl(self, value): + if isinstance(value, str): + try: + return models.ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol( + value + ) + except ValueError: + return value + return value + + @field_serializer("storage_class") + def serialize_storage_class(self, value): + if isinstance(value, str): + try: + return models.StorageClassOptionsArchiveColdline(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptionsBlockDrop(value) + except ValueError: + return value + return value + + @field_serializer("on_disk_full_backpressure") + def serialize_on_disk_full_backpressure(self, value): + if isinstance(value, str): + try: + return models.DiskSpaceProtectionOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "objectACL", + "storageClass", + "reuseConnections", + "rejectUnauthorized", + "addIdToStagePath", + "removeEmptyDirs", + "maxFileOpenTimeSec", + "maxFileIdleTimeSec", + "maxOpenFiles", + "onBackpressure", + "deadletterEnabled", + "onDiskFullBackpressure", + "retrySettings", + "orphans", + "maxFileSizeMB", + "encodedConfiguration", + "siteName", + "siteId", + "timezoneOffset", + "awsApiKey", + "awsSecretKey", + "description", + "emptyDirCleanupSec", + "directoryBatchSize", + "deadletterPath", + "maxRetryNum", + "__template_streamtags", + "__template_region", + "__template_endpoint", + "__template_objectACL", + "__template_storageClass", + "__template_onBackpressure", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeGooglePubsub(str, Enum): + GOOGLE_PUBSUB = "google_pubsub" + + +class OutputResponsePqControlsGooglePubsubTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsGooglePubsub(BaseModel): + pass + + +class OutputResponseOutputGooglePubsubTypedDict(TypedDict): + type: OutputResponseTypeGooglePubsub + topic_name: str + r"""ID of the topic to send events to.""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + create_topic: NotRequired[bool] + r"""If enabled, create topic if it does not exist.""" + ordered_delivery: NotRequired[bool] + r"""If enabled, send events in the order they were added to the queue. For this to work correctly, the process receiving events must have ordering enabled.""" + region: NotRequired[str] + r"""Region to publish messages to. Select 'default' to allow Google to auto-select the nearest region. When using ordered delivery, the selected region must be allowed by message storage policy.""" + google_auth_method: NotRequired[GoogleAuthenticationMethodOptions] + r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" + service_account_credentials: NotRequired[str] + r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" + secret: NotRequired[str] + r"""Select or create a stored text secret""" + batch_size: NotRequired[float] + r"""The maximum number of items the Google API should batch before it sends them to the topic.""" + batch_timeout: NotRequired[float] + r"""The maximum amount of time, in milliseconds, that the Google API should wait to send a batch (if the Batch size is not reached).""" + max_queue_size: NotRequired[float] + r"""Maximum number of queued batches before blocking.""" + max_record_size_kb: NotRequired[float] + r"""Maximum size (KB) of batches to send.""" + flush_period: NotRequired[float] + r"""Maximum time to wait before sending a batch (when batch size limit is not reached)""" + max_in_progress: NotRequired[float] + r"""The maximum number of in-progress API requests before backpressure is applied.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsGooglePubsubTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_topic_name: NotRequired[str] + r"""Binds 'topicName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicName' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputGooglePubsub(BaseModel): + type: OutputResponseTypeGooglePubsub + + topic_name: Annotated[str, pydantic.Field(alias="topicName")] + r"""ID of the topic to send events to.""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + create_topic: Annotated[Optional[bool], pydantic.Field(alias="createTopic")] = None + r"""If enabled, create topic if it does not exist.""" + + ordered_delivery: Annotated[ + Optional[bool], pydantic.Field(alias="orderedDelivery") + ] = None + r"""If enabled, send events in the order they were added to the queue. For this to work correctly, the process receiving events must have ordering enabled.""" + + region: Optional[str] = None + r"""Region to publish messages to. Select 'default' to allow Google to auto-select the nearest region. When using ordered delivery, the selected region must be allowed by message storage policy.""" + + google_auth_method: Annotated[ + Optional[GoogleAuthenticationMethodOptions], + pydantic.Field(alias="googleAuthMethod"), + ] = None + r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" + + service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="serviceAccountCredentials") + ] = None + r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" + + secret: Optional[str] = None + r"""Select or create a stored text secret""" + + batch_size: Annotated[Optional[float], pydantic.Field(alias="batchSize")] = None + r"""The maximum number of items the Google API should batch before it sends them to the topic.""" + + batch_timeout: Annotated[Optional[float], pydantic.Field(alias="batchTimeout")] = ( + None + ) + r"""The maximum amount of time, in milliseconds, that the Google API should wait to send a batch (if the Batch size is not reached).""" + + max_queue_size: Annotated[Optional[float], pydantic.Field(alias="maxQueueSize")] = ( + None + ) + r"""Maximum number of queued batches before blocking.""" + + max_record_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSizeKB") + ] = None + r"""Maximum size (KB) of batches to send.""" + + flush_period: Annotated[Optional[float], pydantic.Field(alias="flushPeriod")] = None + r"""Maximum time to wait before sending a batch (when batch size limit is not reached)""" + + max_in_progress: Annotated[ + Optional[float], pydantic.Field(alias="maxInProgress") + ] = None + r"""The maximum number of in-progress API requests before backpressure is applied.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsGooglePubsub], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_topic_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_topicName") + ] = None + r"""Binds 'topicName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topicName' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("google_auth_method") + def serialize_google_auth_method(self, value): + if isinstance(value, str): + try: + return models.GoogleAuthenticationMethodOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "createTopic", + "orderedDelivery", + "region", + "googleAuthMethod", + "serviceAccountCredentials", + "secret", + "batchSize", + "batchTimeout", + "maxQueueSize", + "maxRecordSizeKB", + "flushPeriod", + "maxInProgress", + "onBackpressure", + "description", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_topicName", + "__template_region", + "__template_onBackpressure", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeGoogleCloudObservability(str, Enum): + GOOGLE_CLOUD_OBSERVABILITY = "google_cloud_observability" + + +class OutputResponseProtocolGoogleCloudObservability( + str, Enum, metaclass=utils.OpenEnumMeta +): + GRPC = "grpc" + + +class OutputResponseOtlpVersionGoogleCloudObservability( + str, Enum, metaclass=utils.OpenEnumMeta +): + ONE_DOT_3_DOT_1 = "1.3.1" + + +class OutputResponseEndpointGoogleCloudObservability( + str, Enum, metaclass=utils.OpenEnumMeta +): + r"""Fixed Google Cloud Observability gRPC endpoint. All three signals share this transport; the OTLP service path determines whether the call lands on traces, metrics, or logs.""" + + TELEMETRY_GOOGLEAPIS_COM_443 = "telemetry.googleapis.com:443" + + +class OutputResponseGoogleAuthenticationMethod(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Choose Auto to use Google Application Default Credentials (ADC). Choose Secret to select or create a stored secret that references Google service account credentials.""" + + # Auto + AUTO = "auto" + # Secret + SECRET = "secret" + + +class OutputResponsePqControlsGoogleCloudObservabilityTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsGoogleCloudObservability(BaseModel): + pass + + +class OutputResponseOutputGoogleCloudObservabilityTypedDict(TypedDict): + type: OutputResponseTypeGoogleCloudObservability + google_auth_method: OutputResponseGoogleAuthenticationMethod + r"""Choose Auto to use Google Application Default Credentials (ADC). Choose Secret to select or create a stored secret that references Google service account credentials.""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + protocol: NotRequired[OutputResponseProtocolGoogleCloudObservability] + otlp_version: NotRequired[OutputResponseOtlpVersionGoogleCloudObservability] + endpoint: NotRequired[OutputResponseEndpointGoogleCloudObservability] + r"""Fixed Google Cloud Observability gRPC endpoint. All three signals share this transport; the OTLP service path determines whether the call lands on traces, metrics, or logs.""" + metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""List of key-value pairs to send with each gRPC request. Value supports JavaScript expressions that are evaluated just once, when the destination gets started. To pass credentials as metadata, use 'C.Secret'.""" + dynamic_headers_enabled: NotRequired[bool] + r"""Batch event data upon dynamic metadata (whether presented or not)""" + dynamic_headers_field: NotRequired[str] + r"""When presented, this field which contains metadata, will be injected into the Destination metadata and used to batch events.""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body sent to Google Cloud Observability""" + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + connection_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + keep_alive_time: NotRequired[float] + r"""How often the sender should ping the peer to keep the connection open""" + tls: NotRequired[TLSSettingsClientSideTypeExtendedTypedDict] + max_payload_events: NotRequired[float] + r"""Max number of events to include in the request body. Default is 0 (unlimited). Use to keep outgoing data points within GCO request limits. For metrics, combine with the OTLP Metrics function batchSize.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + secret: NotRequired[str] + r"""Select or create a stored text secret""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsGoogleCloudObservabilityTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputGoogleCloudObservability(BaseModel): + type: OutputResponseTypeGoogleCloudObservability + + google_auth_method: Annotated[ + OutputResponseGoogleAuthenticationMethod, + pydantic.Field(alias="googleAuthMethod"), + ] + r"""Choose Auto to use Google Application Default Credentials (ADC). Choose Secret to select or create a stored secret that references Google service account credentials.""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + protocol: Optional[OutputResponseProtocolGoogleCloudObservability] = None + + otlp_version: Annotated[ + Optional[OutputResponseOtlpVersionGoogleCloudObservability], + pydantic.Field(alias="otlpVersion"), + ] = None + + endpoint: Optional[OutputResponseEndpointGoogleCloudObservability] = None + r"""Fixed Google Cloud Observability gRPC endpoint. All three signals share this transport; the OTLP service path determines whether the call lands on traces, metrics, or logs.""" + + metadata: Optional[List[KeyValueMetadataConfOutputFilesystem]] = None + r"""List of key-value pairs to send with each gRPC request. Value supports JavaScript expressions that are evaluated just once, when the destination gets started. To pass credentials as metadata, use 'C.Secret'.""" + + dynamic_headers_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="dynamicHeadersEnabled") + ] = None + r"""Batch event data upon dynamic metadata (whether presented or not)""" + + dynamic_headers_field: Annotated[ + Optional[str], pydantic.Field(alias="dynamicHeadersField") + ] = None + r"""When presented, this field which contains metadata, will be injected into the Destination metadata and used to batch events.""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body sent to Google Cloud Observability""" + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + + keep_alive_time: Annotated[ + Optional[float], pydantic.Field(alias="keepAliveTime") + ] = None + r"""How often the sender should ping the peer to keep the connection open""" + + tls: Optional[TLSSettingsClientSideTypeExtended] = None + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Max number of events to include in the request body. Default is 0 (unlimited). Use to keep outgoing data points within GCO request limits. For metrics, combine with the OTLP Metrics function batchSize.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + secret: Optional[str] = None + r"""Select or create a stored text secret""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsGoogleCloudObservability], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("protocol") + def serialize_protocol(self, value): + if isinstance(value, str): + try: + return models.OutputResponseProtocolGoogleCloudObservability(value) + except ValueError: + return value + return value + + @field_serializer("otlp_version") + def serialize_otlp_version(self, value): + if isinstance(value, str): + try: + return models.OutputResponseOtlpVersionGoogleCloudObservability(value) + except ValueError: + return value + return value + + @field_serializer("endpoint") + def serialize_endpoint(self, value): + if isinstance(value, str): + try: + return models.OutputResponseEndpointGoogleCloudObservability(value) + except ValueError: + return value + return value + + @field_serializer("google_auth_method") + def serialize_google_auth_method(self, value): + if isinstance(value, str): + try: + return models.OutputResponseGoogleAuthenticationMethod(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "protocol", + "otlpVersion", + "endpoint", + "metadata", + "dynamicHeadersEnabled", + "dynamicHeadersField", + "concurrency", + "maxPayloadSizeKB", + "timeoutSec", + "flushPeriodSec", + "failedRequestLoggingMode", + "connectionTimeout", + "keepAliveTime", + "tls", + "maxPayloadEvents", + "onBackpressure", + "description", + "secret", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeGoogleCloudLogging(str, Enum): + GOOGLE_CLOUD_LOGGING = "google_cloud_logging" + + +class OutputResponseLogLocationType(str, Enum, metaclass=utils.OpenEnumMeta): + # Project + PROJECT = "project" + # Organization + ORGANIZATION = "organization" + # Billing Account + BILLING_ACCOUNT = "billingAccount" + # Folder + FOLDER = "folder" + + +class OutputResponsePayloadFormat(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Format to use when sending payload. Defaults to Text.""" + + # Text + TEXT = "text" + # JSON + JSON = "json" + + +class OutputResponsePqControlsGoogleCloudLoggingTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsGoogleCloudLogging(BaseModel): + pass + + +class OutputResponseOutputGoogleCloudLoggingTypedDict(TypedDict): + type: OutputResponseTypeGoogleCloudLogging + log_location_type: OutputResponseLogLocationType + log_name_expression: str + r"""JavaScript expression to compute the value of the log name. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" + log_location_expression: str + r"""JavaScript expression to compute the value of the folder ID with which log entries should be associated. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + sanitize_log_names: NotRequired[bool] + payload_format: NotRequired[OutputResponsePayloadFormat] + r"""Format to use when sending payload. Defaults to Text.""" + log_labels: NotRequired[List[LogLabelConfOutputGoogleCloudLoggingTypedDict]] + r"""Labels to apply to the log entry""" + resource_type_expression: NotRequired[str] + r"""JavaScript expression to compute the value of the managed resource type field. Must evaluate to one of the valid values [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types). Defaults to \"global\".""" + resource_type_labels: NotRequired[ + List[LogLabelConfOutputGoogleCloudLoggingTypedDict] + ] + r"""Labels to apply to the managed resource. These must correspond to the valid labels for the specified resource type (see [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types)). Otherwise, they will be dropped by Google Cloud Logging.""" + severity_expression: NotRequired[str] + r"""JavaScript expression to compute the value of the severity field. Must evaluate to one of the severity values supported by Google Cloud Logging [here](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logseverity) (case insensitive). Defaults to \"DEFAULT\".""" + insert_id_expression: NotRequired[str] + r"""JavaScript expression to compute the value of the insert ID field.""" + google_auth_method: NotRequired[GoogleAuthenticationMethodOptions] + r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" + service_account_credentials: NotRequired[str] + r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" + secret: NotRequired[str] + r"""Select or create a stored text secret""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body.""" + max_payload_events: NotRequired[float] + r"""Max number of events to include in the request body. Default is 0 (unlimited).""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking.""" + connection_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it.""" + throttle_rate_req_per_sec: NotRequired[int] + r"""Maximum number of requests to limit to per second.""" + request_method_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request method as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + request_url_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request URL as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + request_size_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + status_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request method as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + response_size_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP response size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + user_agent_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request user agent as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + remote_ip_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request remote IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + server_ip_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request server IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + referer_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request referer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + latency_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request latency, formatted as .s (for example, 1.23s). See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + cache_lookup_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request cache lookup as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + cache_hit_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request cache hit as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + cache_validated_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request cache validated with origin server as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + cache_fill_bytes_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request cache fill bytes as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + protocol_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the HTTP request protocol as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + id_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry operation ID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + producer_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry operation producer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + first_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry operation first flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + last_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry operation last flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + file_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry source location file as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" + line_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry source location line as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" + function_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry source location function as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" + uid_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry log split UID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" + index_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry log split index as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" + total_splits_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the log entry log split total splits as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" + trace_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the REST resource name of the trace being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" + span_id_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the ID of the cloud trace span associated with the current operation in which the log is being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" + trace_sampled_expression: NotRequired[str] + r"""A JavaScript expression that evaluates to the the sampling decision of the span associated with the log entry. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + total_memory_limit_kb: NotRequired[float] + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + description: NotRequired[str] + payload_expression: NotRequired[str] + r"""JavaScript expression to compute the value of the payload. Must evaluate to a JavaScript object value. If an invalid value is encountered it will result in the default value instead. Defaults to the entire event.""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsGoogleCloudLoggingTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_log_location_type: NotRequired[str] + r"""Binds 'logLocationType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationType' at runtime.""" + template_log_name_expression: NotRequired[str] + r"""Binds 'logNameExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logNameExpression' at runtime.""" + template_payload_format: NotRequired[str] + r"""Binds 'payloadFormat' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadFormat' at runtime.""" + template_resource_type_expression: NotRequired[str] + r"""Binds 'resourceTypeExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'resourceTypeExpression' at runtime.""" + template_severity_expression: NotRequired[str] + r"""Binds 'severityExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'severityExpression' at runtime.""" + template_insert_id_expression: NotRequired[str] + r"""Binds 'insertIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'insertIdExpression' at runtime.""" + template_trace_expression: NotRequired[str] + r"""Binds 'traceExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceExpression' at runtime.""" + template_span_id_expression: NotRequired[str] + r"""Binds 'spanIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'spanIdExpression' at runtime.""" + template_trace_sampled_expression: NotRequired[str] + r"""Binds 'traceSampledExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceSampledExpression' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_log_location_expression: NotRequired[str] + r"""Binds 'logLocationExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationExpression' at runtime.""" + template_payload_expression: NotRequired[str] + r"""Binds 'payloadExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadExpression' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputGoogleCloudLogging(BaseModel): + type: OutputResponseTypeGoogleCloudLogging + + log_location_type: Annotated[ + OutputResponseLogLocationType, pydantic.Field(alias="logLocationType") + ] + + log_name_expression: Annotated[str, pydantic.Field(alias="logNameExpression")] + r"""JavaScript expression to compute the value of the log name. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" + + log_location_expression: Annotated[ + str, pydantic.Field(alias="logLocationExpression") + ] + r"""JavaScript expression to compute the value of the folder ID with which log entries should be associated. If Validate and correct log name is enabled, invalid characters (characters other than alphanumerics, forward-slashes, underscores, hyphens, and periods) will be replaced with an underscore.""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + sanitize_log_names: Annotated[ + Optional[bool], pydantic.Field(alias="sanitizeLogNames") + ] = None + + payload_format: Annotated[ + Optional[OutputResponsePayloadFormat], pydantic.Field(alias="payloadFormat") + ] = None + r"""Format to use when sending payload. Defaults to Text.""" + + log_labels: Annotated[ + Optional[List[LogLabelConfOutputGoogleCloudLogging]], + pydantic.Field(alias="logLabels"), + ] = None + r"""Labels to apply to the log entry""" + + resource_type_expression: Annotated[ + Optional[str], pydantic.Field(alias="resourceTypeExpression") + ] = None + r"""JavaScript expression to compute the value of the managed resource type field. Must evaluate to one of the valid values [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types). Defaults to \"global\".""" + + resource_type_labels: Annotated[ + Optional[List[LogLabelConfOutputGoogleCloudLogging]], + pydantic.Field(alias="resourceTypeLabels"), + ] = None + r"""Labels to apply to the managed resource. These must correspond to the valid labels for the specified resource type (see [here](https://cloud.google.com/logging/docs/api/v2/resource-list#resource-types)). Otherwise, they will be dropped by Google Cloud Logging.""" + + severity_expression: Annotated[ + Optional[str], pydantic.Field(alias="severityExpression") + ] = None + r"""JavaScript expression to compute the value of the severity field. Must evaluate to one of the severity values supported by Google Cloud Logging [here](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logseverity) (case insensitive). Defaults to \"DEFAULT\".""" + + insert_id_expression: Annotated[ + Optional[str], pydantic.Field(alias="insertIdExpression") + ] = None + r"""JavaScript expression to compute the value of the insert ID field.""" + + google_auth_method: Annotated[ + Optional[GoogleAuthenticationMethodOptions], + pydantic.Field(alias="googleAuthMethod"), + ] = None + r"""Choose Auto to use Google Application Default Credentials (ADC), Manual to enter Google service account credentials directly, or Secret to select or create a stored secret that references Google service account credentials.""" + + service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="serviceAccountCredentials") + ] = None + r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" + + secret: Optional[str] = None + r"""Select or create a stored text secret""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body.""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Max number of events to include in the request body. Default is 0 (unlimited).""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking.""" + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it.""" + + throttle_rate_req_per_sec: Annotated[ + Optional[int], pydantic.Field(alias="throttleRateReqPerSec") + ] = None + r"""Maximum number of requests to limit to per second.""" + + request_method_expression: Annotated[ + Optional[str], pydantic.Field(alias="requestMethodExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request method as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + request_url_expression: Annotated[ + Optional[str], pydantic.Field(alias="requestUrlExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request URL as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + request_size_expression: Annotated[ + Optional[str], pydantic.Field(alias="requestSizeExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + status_expression: Annotated[ + Optional[str], pydantic.Field(alias="statusExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request method as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + response_size_expression: Annotated[ + Optional[str], pydantic.Field(alias="responseSizeExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP response size as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + user_agent_expression: Annotated[ + Optional[str], pydantic.Field(alias="userAgentExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request user agent as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + remote_ip_expression: Annotated[ + Optional[str], pydantic.Field(alias="remoteIpExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request remote IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + server_ip_expression: Annotated[ + Optional[str], pydantic.Field(alias="serverIpExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request server IP as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + referer_expression: Annotated[ + Optional[str], pydantic.Field(alias="refererExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request referer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + latency_expression: Annotated[ + Optional[str], pydantic.Field(alias="latencyExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request latency, formatted as .s (for example, 1.23s). See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + cache_lookup_expression: Annotated[ + Optional[str], pydantic.Field(alias="cacheLookupExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request cache lookup as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + cache_hit_expression: Annotated[ + Optional[str], pydantic.Field(alias="cacheHitExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request cache hit as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + cache_validated_expression: Annotated[ + Optional[str], pydantic.Field(alias="cacheValidatedExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request cache validated with origin server as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + cache_fill_bytes_expression: Annotated[ + Optional[str], pydantic.Field(alias="cacheFillBytesExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request cache fill bytes as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + protocol_expression: Annotated[ + Optional[str], pydantic.Field(alias="protocolExpression") + ] = None + r"""A JavaScript expression that evaluates to the HTTP request protocol as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#httprequest) for details.""" + + id_expression: Annotated[Optional[str], pydantic.Field(alias="idExpression")] = None + r"""A JavaScript expression that evaluates to the log entry operation ID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + + producer_expression: Annotated[ + Optional[str], pydantic.Field(alias="producerExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry operation producer as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + + first_expression: Annotated[ + Optional[str], pydantic.Field(alias="firstExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry operation first flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + + last_expression: Annotated[ + Optional[str], pydantic.Field(alias="lastExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry operation last flag as a boolean. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentryoperation) for details.""" + + file_expression: Annotated[ + Optional[str], pydantic.Field(alias="fileExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry source location file as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" + + line_expression: Annotated[ + Optional[str], pydantic.Field(alias="lineExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry source location line as a string, in int64 format. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" + + function_expression: Annotated[ + Optional[str], pydantic.Field(alias="functionExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry source location function as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logentrysourcelocation) for details.""" + + uid_expression: Annotated[Optional[str], pydantic.Field(alias="uidExpression")] = ( + None + ) + r"""A JavaScript expression that evaluates to the log entry log split UID as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" + + index_expression: Annotated[ + Optional[str], pydantic.Field(alias="indexExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry log split index as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" + + total_splits_expression: Annotated[ + Optional[str], pydantic.Field(alias="totalSplitsExpression") + ] = None + r"""A JavaScript expression that evaluates to the log entry log split total splits as a number. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logsplit) for details.""" + + trace_expression: Annotated[ + Optional[str], pydantic.Field(alias="traceExpression") + ] = None + r"""A JavaScript expression that evaluates to the REST resource name of the trace being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" + + span_id_expression: Annotated[ + Optional[str], pydantic.Field(alias="spanIdExpression") + ] = None + r"""A JavaScript expression that evaluates to the ID of the cloud trace span associated with the current operation in which the log is being written as a string. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" + + trace_sampled_expression: Annotated[ + Optional[str], pydantic.Field(alias="traceSampledExpression") + ] = None + r"""A JavaScript expression that evaluates to the the sampling decision of the span associated with the log entry. See the [documentation](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry) for details.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + total_memory_limit_kb: Annotated[ + Optional[float], pydantic.Field(alias="totalMemoryLimitKB") + ] = None + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + + description: Optional[str] = None + + payload_expression: Annotated[ + Optional[str], pydantic.Field(alias="payloadExpression") + ] = None + r"""JavaScript expression to compute the value of the payload. Must evaluate to a JavaScript object value. If an invalid value is encountered it will result in the default value instead. Defaults to the entire event.""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsGoogleCloudLogging], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_log_location_type: Annotated[ + Optional[str], pydantic.Field(alias="__template_logLocationType") + ] = None + r"""Binds 'logLocationType' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationType' at runtime.""" + + template_log_name_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_logNameExpression") + ] = None + r"""Binds 'logNameExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logNameExpression' at runtime.""" + + template_payload_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_payloadFormat") + ] = None + r"""Binds 'payloadFormat' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadFormat' at runtime.""" + + template_resource_type_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_resourceTypeExpression") + ] = None + r"""Binds 'resourceTypeExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'resourceTypeExpression' at runtime.""" + + template_severity_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_severityExpression") + ] = None + r"""Binds 'severityExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'severityExpression' at runtime.""" + + template_insert_id_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_insertIdExpression") + ] = None + r"""Binds 'insertIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'insertIdExpression' at runtime.""" + + template_trace_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_traceExpression") + ] = None + r"""Binds 'traceExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceExpression' at runtime.""" + + template_span_id_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_spanIdExpression") + ] = None + r"""Binds 'spanIdExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'spanIdExpression' at runtime.""" + + template_trace_sampled_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_traceSampledExpression") + ] = None + r"""Binds 'traceSampledExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'traceSampledExpression' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_log_location_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_logLocationExpression") + ] = None + r"""Binds 'logLocationExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'logLocationExpression' at runtime.""" + + template_payload_expression: Annotated[ + Optional[str], pydantic.Field(alias="__template_payloadExpression") + ] = None + r"""Binds 'payloadExpression' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'payloadExpression' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("log_location_type") + def serialize_log_location_type(self, value): + if isinstance(value, str): + try: + return models.OutputResponseLogLocationType(value) + except ValueError: + return value + return value + + @field_serializer("payload_format") + def serialize_payload_format(self, value): + if isinstance(value, str): + try: + return models.OutputResponsePayloadFormat(value) + except ValueError: + return value + return value + + @field_serializer("google_auth_method") + def serialize_google_auth_method(self, value): + if isinstance(value, str): + try: + return models.GoogleAuthenticationMethodOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "sanitizeLogNames", + "payloadFormat", + "logLabels", + "resourceTypeExpression", + "resourceTypeLabels", + "severityExpression", + "insertIdExpression", + "googleAuthMethod", + "serviceAccountCredentials", + "secret", + "maxPayloadSizeKB", + "maxPayloadEvents", + "flushPeriodSec", + "concurrency", + "connectionTimeout", + "timeoutSec", + "throttleRateReqPerSec", + "requestMethodExpression", + "requestUrlExpression", + "requestSizeExpression", + "statusExpression", + "responseSizeExpression", + "userAgentExpression", + "remoteIpExpression", + "serverIpExpression", + "refererExpression", + "latencyExpression", + "cacheLookupExpression", + "cacheHitExpression", + "cacheValidatedExpression", + "cacheFillBytesExpression", + "protocolExpression", + "idExpression", + "producerExpression", + "firstExpression", + "lastExpression", + "fileExpression", + "lineExpression", + "functionExpression", + "uidExpression", + "indexExpression", + "totalSplitsExpression", + "traceExpression", + "spanIdExpression", + "traceSampledExpression", + "onBackpressure", + "totalMemoryLimitKB", + "description", + "payloadExpression", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_logLocationType", + "__template_logNameExpression", + "__template_payloadFormat", + "__template_resourceTypeExpression", + "__template_severityExpression", + "__template_insertIdExpression", + "__template_traceExpression", + "__template_spanIdExpression", + "__template_traceSampledExpression", + "__template_onBackpressure", + "__template_logLocationExpression", + "__template_payloadExpression", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeGoogleCloudStorage(str, Enum): + GOOGLE_CLOUD_STORAGE = "google_cloud_storage" + + +class OutputResponseAuthenticationMethodGoogleCloudStorage( + str, Enum, metaclass=utils.OpenEnumMeta +): + # auto + AUTO = "auto" + # manual + MANUAL = "manual" + # Secret Key pair + SECRET = "secret" + + +class OutputResponseOutputGoogleCloudStorageTypedDict(TypedDict): + type: OutputResponseTypeGoogleCloudStorage + bucket: str + r"""Name of the destination bucket. This value can be a constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a Global Variable: `myBucket-${C.vars.myVar}`.""" + region: str + r"""Region where the bucket is located""" + endpoint: str + r"""Google Cloud Storage service endpoint""" + stage_path: str + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + aws_authentication_method: NotRequired[ + OutputResponseAuthenticationMethodGoogleCloudStorage + ] + dest_path: NotRequired[str] + r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" + verify_permissions: NotRequired[bool] + r"""Disable if you can access files within the bucket but not the bucket itself""" + object_acl: NotRequired[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol] + r"""Object ACL to assign to uploaded objects""" + storage_class: NotRequired[StorageClassOptionsArchiveColdline] + r"""Storage class to select for uploaded objects""" + reuse_connections: NotRequired[bool] + r"""Reuse connections between requests, which can improve performance""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + add_id_to_stage_path: NotRequired[bool] + r"""Add the Output ID value to staging location""" + remove_empty_dirs: NotRequired[bool] + r"""Remove empty staging directories after moving files""" + partition_expr: NotRequired[str] + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + format_: NotRequired[DataFormatOptions] + r"""Format of the output data""" + base_file_name: NotRequired[str] + r"""JavaScript expression to define the output filename prefix (can be constant)""" + file_name_suffix: NotRequired[str] + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + max_file_size_mb: NotRequired[float] + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + max_file_open_time_sec: NotRequired[float] + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + max_file_idle_time_sec: NotRequired[float] + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + max_open_files: NotRequired[float] + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + header_line: NotRequired[str] + r"""If set, this line will be written to the beginning of each output file""" + write_high_water_mark: NotRequired[float] + r"""Buffer size used to write to a file""" + on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] + r"""How to handle events when all receivers are exerting backpressure""" + deadletter_enabled: NotRequired[bool] + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + force_close_on_shutdown: NotRequired[bool] + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + retry_settings: NotRequired[RetrySettingsTypeTypedDict] + orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] + description: NotRequired[str] + compress: NotRequired[CompressionOptionsHTTP] + r"""Data compression format to apply to HTTP content before it is delivered""" + compression_level: NotRequired[CompressionLevelOptions] + r"""Compression level to apply before moving files to final destination""" + automatic_schema: NotRequired[bool] + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + parquet_schema: NotRequired[str] + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + parquet_version: NotRequired[ParquetVersionOptions] + r"""Determines which data types are supported and how they are represented""" + parquet_data_page_version: NotRequired[DataPageVersionOptions] + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + parquet_row_group_length: NotRequired[float] + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + parquet_page_size: NotRequired[str] + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + should_log_invalid_rows: NotRequired[bool] + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + enable_statistics: NotRequired[bool] + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + enable_write_page_index: NotRequired[bool] + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + enable_page_checksum: NotRequired[bool] + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + empty_dir_cleanup_sec: NotRequired[float] + r"""How frequently, in seconds, to clean up empty directories""" + directory_batch_size: NotRequired[float] + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + deadletter_path: NotRequired[str] + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + max_retry_num: NotRequired[float] + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + aws_api_key: NotRequired[str] + r"""HMAC access key. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" + aws_secret_key: NotRequired[str] + r"""HMAC secret. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" + aws_secret: NotRequired[str] + r"""Select or create a stored secret that references your access key and secret key""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_bucket: NotRequired[str] + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_endpoint: NotRequired[str] + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + template_dest_path: NotRequired[str] + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + template_object_acl: NotRequired[str] + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + template_storage_class: NotRequired[str] + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + template_partition_expr: NotRequired[str] + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_base_file_name: NotRequired[str] + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + template_file_name_suffix: NotRequired[str] + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + template_parquet_schema: NotRequired[str] + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + template_aws_api_key: NotRequired[str] + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + template_aws_secret_key: NotRequired[str] + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputGoogleCloudStorage(BaseModel): + type: OutputResponseTypeGoogleCloudStorage + + bucket: str + r"""Name of the destination bucket. This value can be a constant or a JavaScript expression that can only be evaluated at init time. Example of referencing a Global Variable: `myBucket-${C.vars.myVar}`.""" + + region: str + r"""Region where the bucket is located""" + + endpoint: str + r"""Google Cloud Storage service endpoint""" + + stage_path: Annotated[str, pydantic.Field(alias="stagePath")] + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + aws_authentication_method: Annotated[ + Optional[OutputResponseAuthenticationMethodGoogleCloudStorage], + pydantic.Field(alias="awsAuthenticationMethod"), + ] = None + + dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None + r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" + + verify_permissions: Annotated[ + Optional[bool], pydantic.Field(alias="verifyPermissions") + ] = None + r"""Disable if you can access files within the bucket but not the bucket itself""" + + object_acl: Annotated[ + Optional[ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol], + pydantic.Field(alias="objectACL"), + ] = None + r"""Object ACL to assign to uploaded objects""" + + storage_class: Annotated[ + Optional[StorageClassOptionsArchiveColdline], + pydantic.Field(alias="storageClass"), + ] = None + r"""Storage class to select for uploaded objects""" + + reuse_connections: Annotated[ + Optional[bool], pydantic.Field(alias="reuseConnections") + ] = None + r"""Reuse connections between requests, which can improve performance""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + + add_id_to_stage_path: Annotated[ + Optional[bool], pydantic.Field(alias="addIdToStagePath") + ] = None + r"""Add the Output ID value to staging location""" + + remove_empty_dirs: Annotated[ + Optional[bool], pydantic.Field(alias="removeEmptyDirs") + ] = None + r"""Remove empty staging directories after moving files""" + + partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( + None + ) + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + + format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( + None + ) + r"""Format of the output data""" + + base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( + None + ) + r"""JavaScript expression to define the output filename prefix (can be constant)""" + + file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="fileNameSuffix") + ] = None + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + + max_file_size_mb: Annotated[ + Optional[float], pydantic.Field(alias="maxFileSizeMB") + ] = None + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + + max_file_open_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") + ] = None + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + + max_file_idle_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") + ] = None + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + + max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( + None + ) + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + + header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None + r"""If set, this line will be written to the beginning of each output file""" + + write_high_water_mark: Annotated[ + Optional[float], pydantic.Field(alias="writeHighWaterMark") + ] = None + r"""Buffer size used to write to a file""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptionsBlockDrop], + pydantic.Field(alias="onBackpressure"), + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + deadletter_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="deadletterEnabled") + ] = None + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + + on_disk_full_backpressure: Annotated[ + Optional[DiskSpaceProtectionOptions], + pydantic.Field(alias="onDiskFullBackpressure"), + ] = None + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + + force_close_on_shutdown: Annotated[ + Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") + ] = None + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + + retry_settings: Annotated[ + Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") + ] = None + + orphans: Optional[OrphanFileRecoveryType] = None + + description: Optional[str] = None + + compress: Optional[CompressionOptionsHTTP] = None + r"""Data compression format to apply to HTTP content before it is delivered""" + + compression_level: Annotated[ + Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") + ] = None + r"""Compression level to apply before moving files to final destination""" + + automatic_schema: Annotated[ + Optional[bool], pydantic.Field(alias="automaticSchema") + ] = None + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + + parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( + None + ) + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + + parquet_version: Annotated[ + Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") + ] = None + r"""Determines which data types are supported and how they are represented""" + + parquet_data_page_version: Annotated[ + Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") + ] = None + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + + parquet_row_group_length: Annotated[ + Optional[float], pydantic.Field(alias="parquetRowGroupLength") + ] = None + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + + parquet_page_size: Annotated[ + Optional[str], pydantic.Field(alias="parquetPageSize") + ] = None + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + + should_log_invalid_rows: Annotated[ + Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") + ] = None + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + + key_value_metadata: Annotated[ + Optional[List[KeyValueMetadataConfOutputFilesystem]], + pydantic.Field(alias="keyValueMetadata"), + ] = None + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + + enable_statistics: Annotated[ + Optional[bool], pydantic.Field(alias="enableStatistics") + ] = None + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + + enable_write_page_index: Annotated[ + Optional[bool], pydantic.Field(alias="enableWritePageIndex") + ] = None + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + + enable_page_checksum: Annotated[ + Optional[bool], pydantic.Field(alias="enablePageChecksum") + ] = None + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + + empty_dir_cleanup_sec: Annotated[ + Optional[float], pydantic.Field(alias="emptyDirCleanupSec") + ] = None + r"""How frequently, in seconds, to clean up empty directories""" + + directory_batch_size: Annotated[ + Optional[float], pydantic.Field(alias="directoryBatchSize") + ] = None + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + + deadletter_path: Annotated[ + Optional[str], pydantic.Field(alias="deadletterPath") + ] = None + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + + max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( + None + ) + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + + aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None + r"""HMAC access key. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_ACCESS_KEY}`.""" + + aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( + None + ) + r"""HMAC secret. This value can be a constant or a JavaScript expression, such as `${C.env.GCS_SECRET}`.""" + + aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None + r"""Select or create a stored secret that references your access key and secret key""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_bucket: Annotated[ + Optional[str], pydantic.Field(alias="__template_bucket") + ] = None + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_endpoint") + ] = None + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + + template_dest_path: Annotated[ + Optional[str], pydantic.Field(alias="__template_destPath") + ] = None + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + + template_object_acl: Annotated[ + Optional[str], pydantic.Field(alias="__template_objectACL") + ] = None + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + + template_storage_class: Annotated[ + Optional[str], pydantic.Field(alias="__template_storageClass") + ] = None + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + + template_partition_expr: Annotated[ + Optional[str], pydantic.Field(alias="__template_partitionExpr") + ] = None + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_base_file_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_baseFileName") + ] = None + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + + template_file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="__template_fileNameSuffix") + ] = None + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + template_parquet_schema: Annotated[ + Optional[str], pydantic.Field(alias="__template_parquetSchema") + ] = None + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + template_aws_api_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsApiKey") + ] = None + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + template_aws_secret_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsSecretKey") + ] = None + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("aws_authentication_method") + def serialize_aws_authentication_method(self, value): + if isinstance(value, str): + try: + return models.OutputResponseAuthenticationMethodGoogleCloudStorage( + value + ) + except ValueError: + return value + return value + + @field_serializer("object_acl") + def serialize_object_acl(self, value): + if isinstance(value, str): + try: + return models.ObjectACLOptionsAuthenticatedreadBucketownerfullcontrol( + value + ) + except ValueError: + return value + return value + + @field_serializer("storage_class") + def serialize_storage_class(self, value): + if isinstance(value, str): + try: + return models.StorageClassOptionsArchiveColdline(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.DataFormatOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptionsBlockDrop(value) + except ValueError: + return value + return value + + @field_serializer("on_disk_full_backpressure") + def serialize_on_disk_full_backpressure(self, value): + if isinstance(value, str): + try: + return models.DiskSpaceProtectionOptions(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsHTTP(value) + except ValueError: + return value + return value + + @field_serializer("compression_level") + def serialize_compression_level(self, value): + if isinstance(value, str): + try: + return models.CompressionLevelOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_version") + def serialize_parquet_version(self, value): + if isinstance(value, str): + try: + return models.ParquetVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_data_page_version") + def serialize_parquet_data_page_version(self, value): + if isinstance(value, str): + try: + return models.DataPageVersionOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "awsAuthenticationMethod", + "destPath", + "verifyPermissions", + "objectACL", + "storageClass", + "reuseConnections", + "rejectUnauthorized", + "addIdToStagePath", + "removeEmptyDirs", + "partitionExpr", + "format", + "baseFileName", + "fileNameSuffix", + "maxFileSizeMB", + "maxFileOpenTimeSec", + "maxFileIdleTimeSec", + "maxOpenFiles", + "headerLine", + "writeHighWaterMark", + "onBackpressure", + "deadletterEnabled", + "onDiskFullBackpressure", + "forceCloseOnShutdown", + "retrySettings", + "orphans", + "description", + "compress", + "compressionLevel", + "automaticSchema", + "parquetSchema", + "parquetVersion", + "parquetDataPageVersion", + "parquetRowGroupLength", + "parquetPageSize", + "shouldLogInvalidRows", + "keyValueMetadata", + "enableStatistics", + "enableWritePageIndex", + "enablePageChecksum", + "emptyDirCleanupSec", + "directoryBatchSize", + "deadletterPath", + "maxRetryNum", + "awsApiKey", + "awsSecretKey", + "awsSecret", + "__template_streamtags", + "__template_bucket", + "__template_region", + "__template_endpoint", + "__template_destPath", + "__template_objectACL", + "__template_storageClass", + "__template_partitionExpr", + "__template_format", + "__template_baseFileName", + "__template_fileNameSuffix", + "__template_onBackpressure", + "__template_compress", + "__template_parquetSchema", + "__template_awsApiKey", + "__template_awsSecretKey", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeGoogleChronicle(str, Enum): + GOOGLE_CHRONICLE = "google_chronicle" + + +class OutputResponseAPIVersion(str, Enum, metaclass=utils.OpenEnumMeta): + # V1 + V1 = "v1" + # V2 + V2 = "v2" + + +class OutputResponseAuthenticationMethodGoogleChronicle( + str, Enum, metaclass=utils.OpenEnumMeta +): + # API key + MANUAL = "manual" + # API key secret + SECRET = "secret" + # Service account credentials + SERVICE_ACCOUNT = "serviceAccount" + # Service account credentials secret + SERVICE_ACCOUNT_SECRET = "serviceAccountSecret" + + +class OutputResponseSendEventsAs(str, Enum, metaclass=utils.OpenEnumMeta): + # Unstructured + UNSTRUCTURED = "unstructured" + # UDM + UDM = "udm" + + +class OutputResponseExtraLogTypeTypedDict(TypedDict): + log_type: str + description: NotRequired[str] + + +class OutputResponseExtraLogType(BaseModel): + log_type: Annotated[str, pydantic.Field(alias="logType")] + + description: Optional[str] = None + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["description"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseUDMType(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Defines the specific format for UDM events sent to Google SecOps. This must match the type of UDM data being sent.""" + + ENTITIES = "entities" + LOGS = "logs" + + +class OutputResponsePqControlsGoogleChronicleTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsGoogleChronicle(BaseModel): + pass + + +class OutputResponseOutputGoogleChronicleTypedDict(TypedDict): + type: OutputResponseTypeGoogleChronicle + log_format_type: OutputResponseSendEventsAs + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + api_version: NotRequired[OutputResponseAPIVersion] + authentication_method: NotRequired[ + OutputResponseAuthenticationMethodGoogleChronicle + ] + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + region: NotRequired[str] + r"""Regional endpoint to send events to""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + total_memory_limit_kb: NotRequired[float] + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + description: NotRequired[str] + extra_log_types: NotRequired[List[OutputResponseExtraLogTypeTypedDict]] + r"""Custom log types. If the value \"Custom\" is selected in the setting \"Default log type\" above, the first custom log type in this table will be automatically selected as default log type.""" + log_type: NotRequired[str] + r"""Default log type value to send to SecOps. Can be overwritten by event field __logType.""" + log_text_field: NotRequired[str] + r"""Name of the event field that contains the log text to send. If not specified, Stream sends a JSON representation of the whole event.""" + customer_id: NotRequired[str] + r"""A unique identifier (UUID) for your Google SecOps instance. This is provided by your Google representative and is required for API V2 authentication.""" + namespace: NotRequired[str] + r"""User-configured environment namespace to identify the data domain the logs originated from. Use namespace as a tag to identify the appropriate data domain for indexing and enrichment functionality. Can be overwritten by event field __namespace.""" + custom_labels: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""Custom labels to be added to every batch""" + udm_type: NotRequired[OutputResponseUDMType] + r"""Defines the specific format for UDM events sent to Google SecOps. This must match the type of UDM data being sent.""" + api_key: NotRequired[str] + r"""Organization's API key in Google SecOps""" + api_key_secret: NotRequired[str] + r"""Select or create a stored text secret""" + service_account_credentials: NotRequired[str] + r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" + service_account_credentials_secret: NotRequired[str] + r"""Select or create a stored text secret""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsGoogleChronicleTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_api_version: NotRequired[str] + r"""Binds 'apiVersion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'apiVersion' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_customer_id: NotRequired[str] + r"""Binds 'customerId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customerId' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputGoogleChronicle(BaseModel): + type: OutputResponseTypeGoogleChronicle + + log_format_type: Annotated[ + OutputResponseSendEventsAs, pydantic.Field(alias="logFormatType") + ] + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + api_version: Annotated[ + Optional[OutputResponseAPIVersion], pydantic.Field(alias="apiVersion") + ] = None + + authentication_method: Annotated[ + Optional[OutputResponseAuthenticationMethodGoogleChronicle], + pydantic.Field(alias="authenticationMethod"), + ] = None + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + region: Optional[str] = None + r"""Regional endpoint to send events to""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + total_memory_limit_kb: Annotated[ + Optional[float], pydantic.Field(alias="totalMemoryLimitKB") + ] = None + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + + description: Optional[str] = None + + extra_log_types: Annotated[ + Optional[List[OutputResponseExtraLogType]], + pydantic.Field(alias="extraLogTypes"), + ] = None + r"""Custom log types. If the value \"Custom\" is selected in the setting \"Default log type\" above, the first custom log type in this table will be automatically selected as default log type.""" + + log_type: Annotated[Optional[str], pydantic.Field(alias="logType")] = None + r"""Default log type value to send to SecOps. Can be overwritten by event field __logType.""" + + log_text_field: Annotated[Optional[str], pydantic.Field(alias="logTextField")] = ( + None + ) + r"""Name of the event field that contains the log text to send. If not specified, Stream sends a JSON representation of the whole event.""" + + customer_id: Annotated[Optional[str], pydantic.Field(alias="customerId")] = None + r"""A unique identifier (UUID) for your Google SecOps instance. This is provided by your Google representative and is required for API V2 authentication.""" + + namespace: Optional[str] = None + r"""User-configured environment namespace to identify the data domain the logs originated from. Use namespace as a tag to identify the appropriate data domain for indexing and enrichment functionality. Can be overwritten by event field __namespace.""" + + custom_labels: Annotated[ + Optional[List[KeyValueMetadataConfOutputFilesystem]], + pydantic.Field(alias="customLabels"), + ] = None + r"""Custom labels to be added to every batch""" + + udm_type: Annotated[ + Optional[OutputResponseUDMType], pydantic.Field(alias="udmType") + ] = None + r"""Defines the specific format for UDM events sent to Google SecOps. This must match the type of UDM data being sent.""" + + api_key: Annotated[Optional[str], pydantic.Field(alias="apiKey")] = None + r"""Organization's API key in Google SecOps""" + + api_key_secret: Annotated[Optional[str], pydantic.Field(alias="apiKeySecret")] = ( + None + ) + r"""Select or create a stored text secret""" + + service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="serviceAccountCredentials") + ] = None + r"""Contents of service account credentials (JSON keys) file downloaded from Google Cloud. To upload a file, click the upload button at this field's upper right.""" + + service_account_credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="serviceAccountCredentialsSecret") + ] = None + r"""Select or create a stored text secret""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsGoogleChronicle], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_api_version: Annotated[ + Optional[str], pydantic.Field(alias="__template_apiVersion") + ] = None + r"""Binds 'apiVersion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'apiVersion' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_customer_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_customerId") + ] = None + r"""Binds 'customerId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'customerId' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("api_version") + def serialize_api_version(self, value): + if isinstance(value, str): + try: + return models.OutputResponseAPIVersion(value) + except ValueError: + return value + return value + + @field_serializer("authentication_method") + def serialize_authentication_method(self, value): + if isinstance(value, str): + try: + return models.OutputResponseAuthenticationMethodGoogleChronicle(value) + except ValueError: + return value + return value + + @field_serializer("log_format_type") + def serialize_log_format_type(self, value): + if isinstance(value, str): + try: + return models.OutputResponseSendEventsAs(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("udm_type") + def serialize_udm_type(self, value): + if isinstance(value, str): + try: + return models.OutputResponseUDMType(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "apiVersion", + "authenticationMethod", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "region", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "failedRequestLoggingMode", + "safeHeaders", + "useRoundRobinDns", + "onBackpressure", + "totalMemoryLimitKB", + "description", + "extraLogTypes", + "logType", + "logTextField", + "customerId", + "namespace", + "customLabels", + "udmType", + "apiKey", + "apiKeySecret", + "serviceAccountCredentials", + "serviceAccountCredentialsSecret", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_apiVersion", + "__template_region", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_customerId", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeAzureEventhub(str, Enum): + AZURE_EVENTHUB = "azure_eventhub" + + +class OutputResponsePqControlsAzureEventhubTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsAzureEventhub(BaseModel): + pass + + +class OutputResponseOutputAzureEventhubTypedDict(TypedDict): + type: OutputResponseTypeAzureEventhub + brokers: List[str] + r"""List of Event Hubs Kafka brokers to connect to, eg. yourdomain.servicebus.windows.net:9093. The hostname can be found in the host portion of the primary or secondary connection string in Shared Access Policies.""" + topic: str + r"""The name of the Event Hub (Kafka Topic) to publish events. Can be overwritten using field __topicOut.""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + ack: NotRequired[AcknowledgmentsOptions] + r"""Control the number of required acknowledgments""" + format_: NotRequired[RecordDataFormatOptions] + r"""Format to use to serialize events before writing to the Event Hubs Kafka brokers""" + max_record_size_kb: NotRequired[float] + r"""Maximum size of each record batch before compression. Setting should be < message.max.bytes settings in Event Hubs brokers.""" + flush_event_count: NotRequired[float] + r"""Maximum number of events in a batch before forcing a flush""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + connection_timeout: NotRequired[float] + r"""Maximum time to wait for a connection to complete successfully""" + request_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to a request""" + max_retries: NotRequired[float] + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + max_back_off: NotRequired[float] + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + initial_backoff: NotRequired[float] + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + backoff_rate: NotRequired[float] + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + authentication_timeout: NotRequired[float] + r"""Maximum time to wait for Kafka to respond to an authentication request""" + reauthentication_threshold: NotRequired[float] + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + sasl: NotRequired[AuthenticationTypeUseTypedDict] + r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" + tls: NotRequired[TLSSettingsClientSideTypeTypedDict] + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsAzureEventhubTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_brokers: NotRequired[str] + r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" + template_topic: NotRequired[str] + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputAzureEventhub(BaseModel): + type: OutputResponseTypeAzureEventhub + + brokers: List[str] + r"""List of Event Hubs Kafka brokers to connect to, eg. yourdomain.servicebus.windows.net:9093. The hostname can be found in the host portion of the primary or secondary connection string in Shared Access Policies.""" + + topic: str + r"""The name of the Event Hub (Kafka Topic) to publish events. Can be overwritten using field __topicOut.""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + ack: Optional[AcknowledgmentsOptions] = None + r"""Control the number of required acknowledgments""" + + format_: Annotated[ + Optional[RecordDataFormatOptions], pydantic.Field(alias="format") + ] = None + r"""Format to use to serialize events before writing to the Event Hubs Kafka brokers""" + + max_record_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSizeKB") + ] = None + r"""Maximum size of each record batch before compression. Setting should be < message.max.bytes settings in Event Hubs brokers.""" + + flush_event_count: Annotated[ + Optional[float], pydantic.Field(alias="flushEventCount") + ] = None + r"""Maximum number of events in a batch before forcing a flush""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Maximum time to wait for a connection to complete successfully""" + + request_timeout: Annotated[ + Optional[float], pydantic.Field(alias="requestTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to a request""" + + max_retries: Annotated[Optional[float], pydantic.Field(alias="maxRetries")] = None + r"""If messages are failing, you can set the maximum number of retries as high as 100 to prevent loss of data""" + + max_back_off: Annotated[Optional[float], pydantic.Field(alias="maxBackOff")] = None + r"""The maximum wait time for a retry, in milliseconds. Default (and minimum) is 30,000 ms (30 seconds); maximum is 180,000 ms (180 seconds).""" + + initial_backoff: Annotated[ + Optional[float], pydantic.Field(alias="initialBackoff") + ] = None + r"""Initial value used to calculate the retry, in milliseconds. Maximum is 600,000 ms (10 minutes).""" + + backoff_rate: Annotated[Optional[float], pydantic.Field(alias="backoffRate")] = None + r"""Set the backoff multiplier (2-20) to control the retry frequency for failed messages. For faster retries, use a lower multiplier. For slower retries with more delay between attempts, use a higher multiplier. The multiplier is used in an exponential backoff formula; see the Kafka [documentation](https://kafka.js.org/docs/retry-detailed) for details.""" + + authentication_timeout: Annotated[ + Optional[float], pydantic.Field(alias="authenticationTimeout") + ] = None + r"""Maximum time to wait for Kafka to respond to an authentication request""" + + reauthentication_threshold: Annotated[ + Optional[float], pydantic.Field(alias="reauthenticationThreshold") + ] = None + r"""Specifies a time window during which @{product} can reauthenticate if needed. Creates the window measuring backward from the moment when credentials are set to expire.""" + + sasl: Optional[AuthenticationTypeUse] = None + r"""Authentication parameters to use when connecting to brokers. Using TLS is highly recommended.""" + + tls: Optional[TLSSettingsClientSideType] = None + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsAzureEventhub], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_brokers: Annotated[ + Optional[str], pydantic.Field(alias="__template_brokers") + ] = None + r"""Binds 'brokers' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'brokers' at runtime.""" + + template_topic: Annotated[ + Optional[str], pydantic.Field(alias="__template_topic") + ] = None + r"""Binds 'topic' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'topic' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("ack") + def serialize_ack(self, value): + if isinstance(value, str): + try: + return models.AcknowledgmentsOptions(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.RecordDataFormatOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "ack", + "format", + "maxRecordSizeKB", + "flushEventCount", + "flushPeriodSec", + "connectionTimeout", + "requestTimeout", + "maxRetries", + "maxBackOff", + "initialBackoff", + "backoffRate", + "authenticationTimeout", + "reauthenticationThreshold", + "sasl", + "tls", + "onBackpressure", + "description", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_brokers", + "__template_topic", + "__template_format", + "__template_onBackpressure", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeHoneycomb(str, Enum): + HONEYCOMB = "honeycomb" + + +class OutputResponsePqControlsHoneycombTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsHoneycomb(BaseModel): + pass + + +class OutputResponseOutputHoneycombTypedDict(TypedDict): + type: OutputResponseTypeHoneycomb + dataset: str + r"""Name of the dataset to send events to – e.g., observability""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[AuthenticationMethodOptionsAPI] + r"""Enter API key directly, or select a stored secret""" + description: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsHoneycombTypedDict] + team: NotRequired[str] + r"""Team API key where the dataset belongs""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputHoneycomb(BaseModel): + type: OutputResponseTypeHoneycomb + + dataset: str + r"""Name of the dataset to send events to – e.g., observability""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAPI], pydantic.Field(alias="authType") + ] = None + r"""Enter API key directly, or select a stored secret""" + + description: Optional[str] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsHoneycomb], pydantic.Field(alias="pqControls") + ] = None + + team: Optional[str] = None + r"""Team API key where the dataset belongs""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAPI(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "authType", + "description", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "team", + "textSecret", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeKinesis(str, Enum): + KINESIS = "kinesis" + + +class OutputResponseCompression(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Compression type to use for records""" + + # None + NONE = "none" + # Gzip + GZIP = "gzip" + + +class OutputResponsePqControlsKinesisTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsKinesis(BaseModel): + pass + + +class OutputResponseOutputKinesisTypedDict(TypedDict): + type: OutputResponseTypeKinesis + stream_name: str + r"""Kinesis stream name to send events to.""" + region: str + r"""Region where the Kinesis stream is located""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] + r"""AWS authentication method. Choose Auto to use IAM roles.""" + aws_secret_key: NotRequired[str] + endpoint: NotRequired[str] + r"""Kinesis stream service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to Kinesis stream-compatible endpoint.""" + reuse_connections: NotRequired[bool] + r"""Reuse connections between requests, which can improve performance""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + enable_assume_role: NotRequired[bool] + r"""Use Assume Role credentials to access Kinesis stream""" + assume_role_arn: NotRequired[str] + r"""Amazon Resource Name (ARN) of the role to assume""" + assume_role_external_id: NotRequired[str] + r"""External ID to use when assuming role""" + duration_seconds: NotRequired[float] + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing put requests before blocking.""" + max_record_size_kb: NotRequired[float] + r"""Maximum size (KB) of each individual record before compression. For uncompressed or non-compressible data 1MB is the max recommended size""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + compression: NotRequired[OutputResponseCompression] + r"""Compression type to use for records""" + use_list_shards: NotRequired[bool] + r"""Provides higher stream rate limits, improving delivery speed and reliability by minimizing throttling. See the [ListShards API](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_ListShards.html) documentation for details.""" + as_ndjson: NotRequired[bool] + r"""Batch events into a single record as NDJSON""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + aws_api_key: NotRequired[str] + aws_secret: NotRequired[str] + r"""Select or create a stored secret that references your access key and secret key""" + max_events_per_flush: NotRequired[float] + r"""Maximum number of records to send in a single request""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsKinesisTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_stream_name: NotRequired[str] + r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" + template_aws_secret_key: NotRequired[str] + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_endpoint: NotRequired[str] + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + template_assume_role_arn: NotRequired[str] + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + template_assume_role_external_id: NotRequired[str] + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_aws_api_key: NotRequired[str] + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputKinesis(BaseModel): + type: OutputResponseTypeKinesis + + stream_name: Annotated[str, pydantic.Field(alias="streamName")] + r"""Kinesis stream name to send events to.""" + + region: str + r"""Region where the Kinesis stream is located""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + aws_authentication_method: Annotated[ + Optional[AuthenticationMethodOptionsS3CollectorConf], + pydantic.Field(alias="awsAuthenticationMethod"), + ] = None + r"""AWS authentication method. Choose Auto to use IAM roles.""" + + aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( + None + ) + + endpoint: Optional[str] = None + r"""Kinesis stream service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to Kinesis stream-compatible endpoint.""" + + reuse_connections: Annotated[ + Optional[bool], pydantic.Field(alias="reuseConnections") + ] = None + r"""Reuse connections between requests, which can improve performance""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + + enable_assume_role: Annotated[ + Optional[bool], pydantic.Field(alias="enableAssumeRole") + ] = None + r"""Use Assume Role credentials to access Kinesis stream""" + + assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( + None + ) + r"""Amazon Resource Name (ARN) of the role to assume""" + + assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="assumeRoleExternalId") + ] = None + r"""External ID to use when assuming role""" + + duration_seconds: Annotated[ + Optional[float], pydantic.Field(alias="durationSeconds") + ] = None + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing put requests before blocking.""" + + max_record_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSizeKB") + ] = None + r"""Maximum size (KB) of each individual record before compression. For uncompressed or non-compressible data 1MB is the max recommended size""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Max record size.""" + + compression: Optional[OutputResponseCompression] = None + r"""Compression type to use for records""" + + use_list_shards: Annotated[ + Optional[bool], pydantic.Field(alias="useListShards") + ] = None + r"""Provides higher stream rate limits, improving delivery speed and reliability by minimizing throttling. See the [ListShards API](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_ListShards.html) documentation for details.""" + + as_ndjson: Annotated[Optional[bool], pydantic.Field(alias="asNdjson")] = None + r"""Batch events into a single record as NDJSON""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None + + aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None + r"""Select or create a stored secret that references your access key and secret key""" + + max_events_per_flush: Annotated[ + Optional[float], pydantic.Field(alias="maxEventsPerFlush") + ] = None + r"""Maximum number of records to send in a single request""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsKinesis], pydantic.Field(alias="pqControls") + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_stream_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamName") + ] = None + r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" + + template_aws_secret_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsSecretKey") + ] = None + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_endpoint") + ] = None + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + + template_assume_role_arn: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleArn") + ] = None + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + + template_assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") + ] = None + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_aws_api_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsApiKey") + ] = None + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("aws_authentication_method") + def serialize_aws_authentication_method(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsS3CollectorConf(value) + except ValueError: + return value + return value + + @field_serializer("compression") + def serialize_compression(self, value): + if isinstance(value, str): + try: + return models.OutputResponseCompression(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "awsAuthenticationMethod", + "awsSecretKey", + "endpoint", + "reuseConnections", + "rejectUnauthorized", + "enableAssumeRole", + "assumeRoleArn", + "assumeRoleExternalId", + "durationSeconds", + "concurrency", + "maxRecordSizeKB", + "flushPeriodSec", + "compression", + "useListShards", + "asNdjson", + "onBackpressure", + "description", + "awsApiKey", + "awsSecret", + "maxEventsPerFlush", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_streamName", + "__template_awsSecretKey", + "__template_region", + "__template_endpoint", + "__template_assumeRoleArn", + "__template_assumeRoleExternalId", + "__template_onBackpressure", + "__template_awsApiKey", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeAzureLogs(str, Enum): + AZURE_LOGS = "azure_logs" + + +class OutputResponseAuthenticationMethodAzureLogs( + str, Enum, metaclass=utils.OpenEnumMeta +): + r"""Enter workspace ID and workspace key directly, or select a stored secret""" + + MANUAL = "manual" + SECRET = "secret" + + +class OutputResponsePqControlsAzureLogsTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsAzureLogs(BaseModel): + pass + + +class OutputResponseOutputAzureLogsTypedDict(TypedDict): + type: OutputResponseTypeAzureLogs + log_type: str + r"""The Log Type of events sent to this LogAnalytics workspace. Defaults to `Cribl`. Use only letters, numbers, and `_` characters, and can't exceed 100 characters. Can be overwritten by event field __logType.""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + resource_id: NotRequired[str] + r"""Optional Resource ID of the Azure resource to associate the data with. Can be overridden by the __resourceId event field. This ID populates the _ResourceId property, allowing the data to be included in resource-centric queries. If the ID is neither specified nor overridden, resource-centric queries will omit the data.""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + api_url: NotRequired[str] + r"""The DNS name of the Log API endpoint that sends log data to a Log Analytics workspace in Azure Monitor. Defaults to .ods.opinsights.azure.com. @{product} will add a prefix and suffix to construct a URI in this format: /api/logs?api-version=.""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[OutputResponseAuthenticationMethodAzureLogs] + r"""Enter workspace ID and workspace key directly, or select a stored secret""" + description: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsAzureLogsTypedDict] + workspace_id: NotRequired[str] + r"""Azure Log Analytics Workspace ID. See Azure Dashboard Workspace > Advanced settings.""" + workspace_key: NotRequired[str] + r"""Azure Log Analytics Workspace Primary or Secondary Shared Key. See Azure Dashboard Workspace > Advanced settings.""" + keypair_secret: NotRequired[str] + r"""Select or create a stored secret that references your access key and secret key""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_workspace_id: NotRequired[str] + r"""Binds 'workspaceId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceId' at runtime.""" + template_workspace_key: NotRequired[str] + r"""Binds 'workspaceKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceKey' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputAzureLogs(BaseModel): + type: OutputResponseTypeAzureLogs + + log_type: Annotated[str, pydantic.Field(alias="logType")] + r"""The Log Type of events sent to this LogAnalytics workspace. Defaults to `Cribl`. Use only letters, numbers, and `_` characters, and can't exceed 100 characters. Can be overwritten by event field __logType.""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + resource_id: Annotated[Optional[str], pydantic.Field(alias="resourceId")] = None + r"""Optional Resource ID of the Azure resource to associate the data with. Can be overridden by the __resourceId event field. This ID populates the _ResourceId property, allowing the data to be included in resource-centric queries. If the ID is neither specified nor overridden, resource-centric queries will omit the data.""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + api_url: Annotated[Optional[str], pydantic.Field(alias="apiUrl")] = None + r"""The DNS name of the Log API endpoint that sends log data to a Log Analytics workspace in Azure Monitor. Defaults to .ods.opinsights.azure.com. @{product} will add a prefix and suffix to construct a URI in this format: /api/logs?api-version=.""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[OutputResponseAuthenticationMethodAzureLogs], + pydantic.Field(alias="authType"), + ] = None + r"""Enter workspace ID and workspace key directly, or select a stored secret""" + + description: Optional[str] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsAzureLogs], pydantic.Field(alias="pqControls") + ] = None + + workspace_id: Annotated[Optional[str], pydantic.Field(alias="workspaceId")] = None + r"""Azure Log Analytics Workspace ID. See Azure Dashboard Workspace > Advanced settings.""" + + workspace_key: Annotated[Optional[str], pydantic.Field(alias="workspaceKey")] = None + r"""Azure Log Analytics Workspace Primary or Secondary Shared Key. See Azure Dashboard Workspace > Advanced settings.""" + + keypair_secret: Annotated[Optional[str], pydantic.Field(alias="keypairSecret")] = ( + None + ) + r"""Select or create a stored secret that references your access key and secret key""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_workspace_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_workspaceId") + ] = None + r"""Binds 'workspaceId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceId' at runtime.""" + + template_workspace_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_workspaceKey") + ] = None + r"""Binds 'workspaceKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'workspaceKey' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.OutputResponseAuthenticationMethodAzureLogs(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "resourceId", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "apiUrl", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "authType", + "description", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "workspaceId", + "workspaceKey", + "keypairSecret", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_workspaceId", + "__template_workspaceKey", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeAzureDataExplorer(str, Enum): + AZURE_DATA_EXPLORER = "azure_data_explorer" + + +class OutputResponseIngestionMode(str, Enum, metaclass=utils.OpenEnumMeta): + # Batching + BATCHING = "batching" + # Streaming + STREAMING = "streaming" + + +class OutputResponseAuthenticationMethodAzureDataExplorer( + str, Enum, metaclass=utils.OpenEnumMeta +): + r"""The type of OAuth 2.0 client credentials grant flow to use""" + + # Client secret + CLIENT_SECRET = "clientSecret" + # Client secret (text secret) + CLIENT_TEXT_SECRET = "clientTextSecret" + # Certificate + CERTIFICATE = "certificate" + + +class OutputResponseCertificateTypedDict(TypedDict): + certificate_name: NotRequired[str] + r"""The certificate you registered as credentials for your app in the Azure portal""" + + +class OutputResponseCertificate(BaseModel): + certificate_name: Annotated[ + Optional[str], pydantic.Field(alias="certificateName") + ] = None + r"""The certificate you registered as credentials for your app in the Azure portal""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["certificateName"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponsePrefixOptional(str, Enum, metaclass=utils.OpenEnumMeta): + # drop-by + DROP_BY = "dropBy" + # ingest-by + INGEST_BY = "ingestBy" + + +class OutputResponseExtentTagTypedDict(TypedDict): + value: str + prefix: NotRequired[OutputResponsePrefixOptional] + + +class OutputResponseExtentTag(BaseModel): + value: str + + prefix: Optional[OutputResponsePrefixOptional] = None + + @field_serializer("prefix") + def serialize_prefix(self, value): + if isinstance(value, str): + try: + return models.OutputResponsePrefixOptional(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["prefix"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseIngestIfNotExistTypedDict(TypedDict): + value: str + + +class OutputResponseIngestIfNotExist(BaseModel): + value: str + + +class OutputResponseReportLevel(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Level of ingestion status reporting. Defaults to FailuresOnly.""" + + # FailuresOnly + FAILURES_ONLY = "failuresOnly" + # DoNotReport + DO_NOT_REPORT = "doNotReport" + # FailuresAndSuccesses + FAILURES_AND_SUCCESSES = "failuresAndSuccesses" + + +class OutputResponseReportMethod(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Target of the ingestion status reporting. Defaults to Queue.""" + + # Queue + QUEUE = "queue" + # Table + TABLE = "table" + # QueueAndTable + QUEUE_AND_TABLE = "queueAndTable" + + +class OutputResponseAdditionalPropertyTypedDict(TypedDict): + key: str + value: str + + +class OutputResponseAdditionalProperty(BaseModel): + key: str + + value: str + + +class OutputResponsePqControlsAzureDataExplorerTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsAzureDataExplorer(BaseModel): + pass + + +class OutputResponseOutputAzureDataExplorerTypedDict(TypedDict): + type: OutputResponseTypeAzureDataExplorer + cluster_url: str + r"""The base URI for your cluster. Typically, `https://..kusto.windows.net`.""" + database: str + r"""Name of the database containing the table where data will be ingested""" + table: str + r"""Name of the table to ingest data into""" + oauth_endpoint: MicrosoftEntraIDAuthenticationEndpointOptionsSasl + r"""Endpoint used to acquire authentication tokens from Azure""" + tenant_id: str + r"""Directory ID (tenant identifier) in Azure Active Directory""" + client_id: str + r"""client_id to pass in the OAuth request parameter""" + scope: str + r"""Scope to pass in the OAuth request parameter""" + oauth_type: OutputResponseAuthenticationMethodAzureDataExplorer + r"""The type of OAuth 2.0 client credentials grant flow to use""" + compress: CompressionOptionsHTTP + r"""Data compression format to apply to HTTP content before it is delivered""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + validate_database_settings: NotRequired[bool] + r"""When saving or starting the Destination, validate the database name and credentials; also validate table name, except when creating a new table. Disable if your Azure app does not have both the Database Viewer and the Table Viewer role.""" + ingest_mode: NotRequired[OutputResponseIngestionMode] + description: NotRequired[str] + client_secret: NotRequired[str] + r"""The client secret that you generated for your app in the Azure portal""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + certificate: NotRequired[OutputResponseCertificateTypedDict] + format_: NotRequired[DataFormatOptions] + r"""Format of the output data""" + compression_level: NotRequired[CompressionLevelOptions] + r"""Compression level to apply before moving files to final destination""" + automatic_schema: NotRequired[bool] + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + parquet_schema: NotRequired[str] + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + parquet_version: NotRequired[ParquetVersionOptions] + r"""Determines which data types are supported and how they are represented""" + parquet_data_page_version: NotRequired[DataPageVersionOptions] + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + parquet_row_group_length: NotRequired[float] + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + parquet_page_size: NotRequired[str] + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + should_log_invalid_rows: NotRequired[bool] + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + enable_statistics: NotRequired[bool] + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + enable_write_page_index: NotRequired[bool] + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + enable_page_checksum: NotRequired[bool] + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + remove_empty_dirs: NotRequired[bool] + r"""Remove empty staging directories after moving files""" + empty_dir_cleanup_sec: NotRequired[float] + r"""How frequently, in seconds, to clean up empty directories""" + directory_batch_size: NotRequired[float] + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + deadletter_enabled: NotRequired[bool] + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + deadletter_path: NotRequired[str] + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + max_retry_num: NotRequired[float] + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + is_mapping_obj: NotRequired[bool] + r"""Send a JSON mapping object instead of specifying an existing named data mapping""" + mapping_obj: NotRequired[str] + r"""Enter a JSON object that defines your desired data mapping""" + mapping_ref: NotRequired[str] + r"""Enter the name of a data mapping associated with your target table. Or, if incoming event and target table fields match exactly, you can leave the field empty.""" + ingest_url: NotRequired[str] + r"""The ingestion service URI for your cluster. Typically, `https://ingest-..kusto.windows.net`.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + stage_path: NotRequired[str] + r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" + file_name_suffix: NotRequired[str] + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + max_file_size_mb: NotRequired[float] + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + max_file_open_time_sec: NotRequired[float] + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + max_file_idle_time_sec: NotRequired[float] + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + max_open_files: NotRequired[float] + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + max_concurrent_file_parts: NotRequired[float] + r"""Maximum number of parts to upload in parallel per file""" + on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + add_id_to_stage_path: NotRequired[bool] + r"""Add the Output ID value to staging location""" + retry_settings: NotRequired[RetrySettingsTypeTypedDict] + orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_immediately: NotRequired[bool] + r"""Bypass the data management service's aggregation mechanism""" + retain_blob_on_success: NotRequired[bool] + r"""Prevent blob deletion after ingestion is complete""" + extent_tags: NotRequired[List[OutputResponseExtentTagTypedDict]] + r"""Strings or tags associated with the extent (ingested data shard)""" + ingest_if_not_exists: NotRequired[List[OutputResponseIngestIfNotExistTypedDict]] + r"""Prevents duplicate ingestion by verifying whether an extent with the specified ingest-by tag already exists""" + report_level: NotRequired[OutputResponseReportLevel] + r"""Level of ingestion status reporting. Defaults to FailuresOnly.""" + report_method: NotRequired[OutputResponseReportMethod] + r"""Target of the ingestion status reporting. Defaults to Queue.""" + additional_properties: NotRequired[List[OutputResponseAdditionalPropertyTypedDict]] + r"""Optionally, enter additional configuration properties to send to the ingestion service""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + keep_alive: NotRequired[bool] + r"""Disable to close the connection immediately after sending the outgoing request""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsAzureDataExplorerTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_cluster_url: NotRequired[str] + r"""Binds 'clusterUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clusterUrl' at runtime.""" + template_database: NotRequired[str] + r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" + template_table: NotRequired[str] + r"""Binds 'table' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'table' at runtime.""" + template_oauth_endpoint: NotRequired[str] + r"""Binds 'oauthEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'oauthEndpoint' at runtime.""" + template_tenant_id: NotRequired[str] + r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" + template_client_id: NotRequired[str] + r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" + template_scope: NotRequired[str] + r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" + template_client_secret: NotRequired[str] + r"""Binds 'clientSecret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecret' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + template_parquet_schema: NotRequired[str] + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + template_mapping_ref: NotRequired[str] + r"""Binds 'mappingRef' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'mappingRef' at runtime.""" + template_ingest_url: NotRequired[str] + r"""Binds 'ingestUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'ingestUrl' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_file_name_suffix: NotRequired[str] + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputAzureDataExplorer(BaseModel): + type: OutputResponseTypeAzureDataExplorer + + cluster_url: Annotated[str, pydantic.Field(alias="clusterUrl")] + r"""The base URI for your cluster. Typically, `https://..kusto.windows.net`.""" + + database: str + r"""Name of the database containing the table where data will be ingested""" + + table: str + r"""Name of the table to ingest data into""" + + oauth_endpoint: Annotated[ + MicrosoftEntraIDAuthenticationEndpointOptionsSasl, + pydantic.Field(alias="oauthEndpoint"), + ] + r"""Endpoint used to acquire authentication tokens from Azure""" + + tenant_id: Annotated[str, pydantic.Field(alias="tenantId")] + r"""Directory ID (tenant identifier) in Azure Active Directory""" + + client_id: Annotated[str, pydantic.Field(alias="clientId")] + r"""client_id to pass in the OAuth request parameter""" + + scope: str + r"""Scope to pass in the OAuth request parameter""" + + oauth_type: Annotated[ + OutputResponseAuthenticationMethodAzureDataExplorer, + pydantic.Field(alias="oauthType"), + ] + r"""The type of OAuth 2.0 client credentials grant flow to use""" + + compress: CompressionOptionsHTTP + r"""Data compression format to apply to HTTP content before it is delivered""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + validate_database_settings: Annotated[ + Optional[bool], pydantic.Field(alias="validateDatabaseSettings") + ] = None + r"""When saving or starting the Destination, validate the database name and credentials; also validate table name, except when creating a new table. Disable if your Azure app does not have both the Database Viewer and the Table Viewer role.""" + + ingest_mode: Annotated[ + Optional[OutputResponseIngestionMode], pydantic.Field(alias="ingestMode") + ] = None + + description: Optional[str] = None + + client_secret: Annotated[Optional[str], pydantic.Field(alias="clientSecret")] = None + r"""The client secret that you generated for your app in the Azure portal""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + certificate: Optional[OutputResponseCertificate] = None + + format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( + None + ) + r"""Format of the output data""" + + compression_level: Annotated[ + Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") + ] = None + r"""Compression level to apply before moving files to final destination""" + + automatic_schema: Annotated[ + Optional[bool], pydantic.Field(alias="automaticSchema") + ] = None + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + + parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( + None + ) + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + + parquet_version: Annotated[ + Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") + ] = None + r"""Determines which data types are supported and how they are represented""" + + parquet_data_page_version: Annotated[ + Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") + ] = None + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + + parquet_row_group_length: Annotated[ + Optional[float], pydantic.Field(alias="parquetRowGroupLength") + ] = None + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + + parquet_page_size: Annotated[ + Optional[str], pydantic.Field(alias="parquetPageSize") + ] = None + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + + should_log_invalid_rows: Annotated[ + Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") + ] = None + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + + key_value_metadata: Annotated[ + Optional[List[KeyValueMetadataConfOutputFilesystem]], + pydantic.Field(alias="keyValueMetadata"), + ] = None + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + + enable_statistics: Annotated[ + Optional[bool], pydantic.Field(alias="enableStatistics") + ] = None + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + + enable_write_page_index: Annotated[ + Optional[bool], pydantic.Field(alias="enableWritePageIndex") + ] = None + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + + enable_page_checksum: Annotated[ + Optional[bool], pydantic.Field(alias="enablePageChecksum") + ] = None + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + + remove_empty_dirs: Annotated[ + Optional[bool], pydantic.Field(alias="removeEmptyDirs") + ] = None + r"""Remove empty staging directories after moving files""" + + empty_dir_cleanup_sec: Annotated[ + Optional[float], pydantic.Field(alias="emptyDirCleanupSec") + ] = None + r"""How frequently, in seconds, to clean up empty directories""" + + directory_batch_size: Annotated[ + Optional[float], pydantic.Field(alias="directoryBatchSize") + ] = None + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + + deadletter_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="deadletterEnabled") + ] = None + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + + deadletter_path: Annotated[ + Optional[str], pydantic.Field(alias="deadletterPath") + ] = None + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + + max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( + None + ) + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + + is_mapping_obj: Annotated[Optional[bool], pydantic.Field(alias="isMappingObj")] = ( + None + ) + r"""Send a JSON mapping object instead of specifying an existing named data mapping""" + + mapping_obj: Annotated[Optional[str], pydantic.Field(alias="mappingObj")] = None + r"""Enter a JSON object that defines your desired data mapping""" + + mapping_ref: Annotated[Optional[str], pydantic.Field(alias="mappingRef")] = None + r"""Enter the name of a data mapping associated with your target table. Or, if incoming event and target table fields match exactly, you can leave the field empty.""" + + ingest_url: Annotated[Optional[str], pydantic.Field(alias="ingestUrl")] = None + r"""The ingestion service URI for your cluster. Typically, `https://ingest-..kusto.windows.net`.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + stage_path: Annotated[Optional[str], pydantic.Field(alias="stagePath")] = None + r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" + + file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="fileNameSuffix") + ] = None + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + + max_file_size_mb: Annotated[ + Optional[float], pydantic.Field(alias="maxFileSizeMB") + ] = None + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + + max_file_open_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") + ] = None + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + + max_file_idle_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") + ] = None + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + + max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( + None + ) + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + + max_concurrent_file_parts: Annotated[ + Optional[float], pydantic.Field(alias="maxConcurrentFileParts") + ] = None + r"""Maximum number of parts to upload in parallel per file""" + + on_disk_full_backpressure: Annotated[ + Optional[DiskSpaceProtectionOptions], + pydantic.Field(alias="onDiskFullBackpressure"), + ] = None + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + + add_id_to_stage_path: Annotated[ + Optional[bool], pydantic.Field(alias="addIdToStagePath") + ] = None + r"""Add the Output ID value to staging location""" + + retry_settings: Annotated[ + Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") + ] = None + + orphans: Optional[OrphanFileRecoveryType] = None + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_immediately: Annotated[ + Optional[bool], pydantic.Field(alias="flushImmediately") + ] = None + r"""Bypass the data management service's aggregation mechanism""" + + retain_blob_on_success: Annotated[ + Optional[bool], pydantic.Field(alias="retainBlobOnSuccess") + ] = None + r"""Prevent blob deletion after ingestion is complete""" + + extent_tags: Annotated[ + Optional[List[OutputResponseExtentTag]], pydantic.Field(alias="extentTags") + ] = None + r"""Strings or tags associated with the extent (ingested data shard)""" + + ingest_if_not_exists: Annotated[ + Optional[List[OutputResponseIngestIfNotExist]], + pydantic.Field(alias="ingestIfNotExists"), + ] = None + r"""Prevents duplicate ingestion by verifying whether an extent with the specified ingest-by tag already exists""" + + report_level: Annotated[ + Optional[OutputResponseReportLevel], pydantic.Field(alias="reportLevel") + ] = None + r"""Level of ingestion status reporting. Defaults to FailuresOnly.""" + + report_method: Annotated[ + Optional[OutputResponseReportMethod], pydantic.Field(alias="reportMethod") + ] = None + r"""Target of the ingestion status reporting. Defaults to Queue.""" + + additional_properties: Annotated[ + Optional[List[OutputResponseAdditionalProperty]], + pydantic.Field(alias="additionalProperties"), + ] = None + r"""Optionally, enter additional configuration properties to send to the ingestion service""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + keep_alive: Annotated[Optional[bool], pydantic.Field(alias="keepAlive")] = None + r"""Disable to close the connection immediately after sending the outgoing request""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsAzureDataExplorer], + pydantic.Field(alias="pqControls"), + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_cluster_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_clusterUrl") + ] = None + r"""Binds 'clusterUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clusterUrl' at runtime.""" + + template_database: Annotated[ + Optional[str], pydantic.Field(alias="__template_database") + ] = None + r"""Binds 'database' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'database' at runtime.""" + + template_table: Annotated[ + Optional[str], pydantic.Field(alias="__template_table") + ] = None + r"""Binds 'table' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'table' at runtime.""" + + template_oauth_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_oauthEndpoint") + ] = None + r"""Binds 'oauthEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'oauthEndpoint' at runtime.""" + + template_tenant_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_tenantId") + ] = None + r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" + + template_client_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientId") + ] = None + r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" + + template_scope: Annotated[ + Optional[str], pydantic.Field(alias="__template_scope") + ] = None + r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" + + template_client_secret: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientSecret") + ] = None + r"""Binds 'clientSecret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecret' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + template_parquet_schema: Annotated[ + Optional[str], pydantic.Field(alias="__template_parquetSchema") + ] = None + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + template_mapping_ref: Annotated[ + Optional[str], pydantic.Field(alias="__template_mappingRef") + ] = None + r"""Binds 'mappingRef' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'mappingRef' at runtime.""" + + template_ingest_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_ingestUrl") + ] = None + r"""Binds 'ingestUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'ingestUrl' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="__template_fileNameSuffix") + ] = None + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("ingest_mode") + def serialize_ingest_mode(self, value): + if isinstance(value, str): + try: + return models.OutputResponseIngestionMode(value) + except ValueError: + return value + return value + + @field_serializer("oauth_endpoint") + def serialize_oauth_endpoint(self, value): + if isinstance(value, str): + try: + return models.MicrosoftEntraIDAuthenticationEndpointOptionsSasl(value) + except ValueError: + return value + return value + + @field_serializer("oauth_type") + def serialize_oauth_type(self, value): + if isinstance(value, str): + try: + return models.OutputResponseAuthenticationMethodAzureDataExplorer(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.DataFormatOptions(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsHTTP(value) + except ValueError: + return value + return value + + @field_serializer("compression_level") + def serialize_compression_level(self, value): + if isinstance(value, str): + try: + return models.CompressionLevelOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_version") + def serialize_parquet_version(self, value): + if isinstance(value, str): + try: + return models.ParquetVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_data_page_version") + def serialize_parquet_data_page_version(self, value): + if isinstance(value, str): + try: + return models.DataPageVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_disk_full_backpressure") + def serialize_on_disk_full_backpressure(self, value): + if isinstance(value, str): + try: + return models.DiskSpaceProtectionOptions(value) + except ValueError: + return value + return value + + @field_serializer("report_level") + def serialize_report_level(self, value): + if isinstance(value, str): + try: + return models.OutputResponseReportLevel(value) + except ValueError: + return value + return value + + @field_serializer("report_method") + def serialize_report_method(self, value): + if isinstance(value, str): + try: + return models.OutputResponseReportMethod(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "validateDatabaseSettings", + "ingestMode", + "description", + "clientSecret", + "textSecret", + "certificate", + "format", + "compressionLevel", + "automaticSchema", + "parquetSchema", + "parquetVersion", + "parquetDataPageVersion", + "parquetRowGroupLength", + "parquetPageSize", + "shouldLogInvalidRows", + "keyValueMetadata", + "enableStatistics", + "enableWritePageIndex", + "enablePageChecksum", + "removeEmptyDirs", + "emptyDirCleanupSec", + "directoryBatchSize", + "deadletterEnabled", + "deadletterPath", + "maxRetryNum", + "isMappingObj", + "mappingObj", + "mappingRef", + "ingestUrl", + "onBackpressure", + "stagePath", + "fileNameSuffix", + "maxFileSizeMB", + "maxFileOpenTimeSec", + "maxFileIdleTimeSec", + "maxOpenFiles", + "maxConcurrentFileParts", + "onDiskFullBackpressure", + "addIdToStagePath", + "retrySettings", + "orphans", + "timeoutSec", + "flushImmediately", + "retainBlobOnSuccess", + "extentTags", + "ingestIfNotExists", + "reportLevel", + "reportMethod", + "additionalProperties", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "flushPeriodSec", + "rejectUnauthorized", + "useRoundRobinDns", + "keepAlive", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_clusterUrl", + "__template_database", + "__template_table", + "__template_oauthEndpoint", + "__template_tenantId", + "__template_clientId", + "__template_scope", + "__template_clientSecret", + "__template_format", + "__template_compress", + "__template_parquetSchema", + "__template_mappingRef", + "__template_ingestUrl", + "__template_onBackpressure", + "__template_fileNameSuffix", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeAzureBlob(str, Enum): + AZURE_BLOB = "azure_blob" + + +class OutputResponseBlobAccessTier(str, Enum, metaclass=utils.OpenEnumMeta): + # Default account access tier + INFERRED = "Inferred" + # Hot tier + HOT = "Hot" + # Cool tier + COOL = "Cool" + # Cold tier + COLD = "Cold" + # Archive tier + ARCHIVE = "Archive" + + +class OutputResponseOutputAzureBlobTypedDict(TypedDict): + type: OutputResponseTypeAzureBlob + container_name: str + r"""The Azure Blob Storage container name. Name can include only lowercase letters, numbers, and hyphens. For dynamic container names, enter a JavaScript expression within quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myContainer-${C.env[\"CRIBL_WORKER_ID\"]}`.""" + stage_path: str + r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + create_container: NotRequired[bool] + r"""Create the configured container in Azure Blob Storage if it does not already exist""" + dest_path: NotRequired[str] + r"""Root directory prepended to path before uploading. Value can be a JavaScript expression enclosed in quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myBlobPrefix-${C.env[\"CRIBL_WORKER_ID\"]}`.""" + add_id_to_stage_path: NotRequired[bool] + r"""Add the Output ID value to staging location""" + max_concurrent_file_parts: NotRequired[float] + r"""Maximum number of parts to upload in parallel per file""" + remove_empty_dirs: NotRequired[bool] + r"""Remove empty staging directories after moving files""" + partition_expr: NotRequired[str] + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + format_: NotRequired[DataFormatOptions] + r"""Format of the output data""" + base_file_name: NotRequired[str] + r"""JavaScript expression to define the output filename prefix (can be constant)""" + file_name_suffix: NotRequired[str] + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + max_file_size_mb: NotRequired[float] + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + max_file_open_time_sec: NotRequired[float] + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + max_file_idle_time_sec: NotRequired[float] + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + max_open_files: NotRequired[float] + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + header_line: NotRequired[str] + r"""If set, this line will be written to the beginning of each output file""" + write_high_water_mark: NotRequired[float] + r"""Buffer size used to write to a file""" + on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] + r"""How to handle events when all receivers are exerting backpressure""" + deadletter_enabled: NotRequired[bool] + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + force_close_on_shutdown: NotRequired[bool] + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + retry_settings: NotRequired[RetrySettingsTypeTypedDict] + orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] + auth_type: NotRequired[AuthenticationMethodOptions] + storage_class: NotRequired[OutputResponseBlobAccessTier] + description: NotRequired[str] + compress: NotRequired[CompressionOptionsHTTP] + r"""Data compression format to apply to HTTP content before it is delivered""" + compression_level: NotRequired[CompressionLevelOptions] + r"""Compression level to apply before moving files to final destination""" + automatic_schema: NotRequired[bool] + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + parquet_schema: NotRequired[str] + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + parquet_version: NotRequired[ParquetVersionOptions] + r"""Determines which data types are supported and how they are represented""" + parquet_data_page_version: NotRequired[DataPageVersionOptions] + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + parquet_row_group_length: NotRequired[float] + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + parquet_page_size: NotRequired[str] + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + should_log_invalid_rows: NotRequired[bool] + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + enable_statistics: NotRequired[bool] + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + enable_write_page_index: NotRequired[bool] + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + enable_page_checksum: NotRequired[bool] + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + empty_dir_cleanup_sec: NotRequired[float] + r"""How frequently, in seconds, to clean up empty directories""" + directory_batch_size: NotRequired[float] + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + deadletter_path: NotRequired[str] + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + max_retry_num: NotRequired[float] + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + connection_string: NotRequired[str] + r"""Enter your Azure Storage account connection string. If left blank, Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING.""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + storage_account_name: NotRequired[str] + r"""The name of your Azure storage account""" + tenant_id: NotRequired[str] + r"""The service principal's tenant ID""" + client_id: NotRequired[str] + r"""The service principal's client ID""" + azure_cloud: NotRequired[str] + r"""The Azure cloud to use. Defaults to Azure Public Cloud.""" + endpoint_suffix: NotRequired[str] + r"""Endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net.""" + client_text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + certificate: NotRequired[CertificateTypeAzureBlobAuthTypeClientCertTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_container_name: NotRequired[str] + r"""Binds 'containerName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'containerName' at runtime.""" + template_dest_path: NotRequired[str] + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + template_partition_expr: NotRequired[str] + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_base_file_name: NotRequired[str] + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + template_file_name_suffix: NotRequired[str] + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + template_parquet_schema: NotRequired[str] + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + template_connection_string: NotRequired[str] + r"""Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime.""" + template_storage_account_name: NotRequired[str] + r"""Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime.""" + template_tenant_id: NotRequired[str] + r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" + template_client_id: NotRequired[str] + r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" + template_azure_cloud: NotRequired[str] + r"""Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputAzureBlob(BaseModel): + type: OutputResponseTypeAzureBlob + + container_name: Annotated[str, pydantic.Field(alias="containerName")] + r"""The Azure Blob Storage container name. Name can include only lowercase letters, numbers, and hyphens. For dynamic container names, enter a JavaScript expression within quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myContainer-${C.env[\"CRIBL_WORKER_ID\"]}`.""" + + stage_path: Annotated[str, pydantic.Field(alias="stagePath")] + r"""Filesystem location in which to buffer files before compressing and moving to final destination. Use performant and stable storage.""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + create_container: Annotated[ + Optional[bool], pydantic.Field(alias="createContainer") + ] = None + r"""Create the configured container in Azure Blob Storage if it does not already exist""" + + dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None + r"""Root directory prepended to path before uploading. Value can be a JavaScript expression enclosed in quotes or backticks, to be evaluated at initialization. The expression can evaluate to a constant value and can reference Global Variables, such as `myBlobPrefix-${C.env[\"CRIBL_WORKER_ID\"]}`.""" + + add_id_to_stage_path: Annotated[ + Optional[bool], pydantic.Field(alias="addIdToStagePath") + ] = None + r"""Add the Output ID value to staging location""" + + max_concurrent_file_parts: Annotated[ + Optional[float], pydantic.Field(alias="maxConcurrentFileParts") + ] = None + r"""Maximum number of parts to upload in parallel per file""" + + remove_empty_dirs: Annotated[ + Optional[bool], pydantic.Field(alias="removeEmptyDirs") + ] = None + r"""Remove empty staging directories after moving files""" + + partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( + None + ) + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + + format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( + None + ) + r"""Format of the output data""" + + base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( + None + ) + r"""JavaScript expression to define the output filename prefix (can be constant)""" + + file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="fileNameSuffix") + ] = None + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + + max_file_size_mb: Annotated[ + Optional[float], pydantic.Field(alias="maxFileSizeMB") + ] = None + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + + max_file_open_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") + ] = None + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + + max_file_idle_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") + ] = None + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + + max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( + None + ) + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + + header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None + r"""If set, this line will be written to the beginning of each output file""" + + write_high_water_mark: Annotated[ + Optional[float], pydantic.Field(alias="writeHighWaterMark") + ] = None + r"""Buffer size used to write to a file""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptionsBlockDrop], + pydantic.Field(alias="onBackpressure"), + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + deadletter_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="deadletterEnabled") + ] = None + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + + on_disk_full_backpressure: Annotated[ + Optional[DiskSpaceProtectionOptions], + pydantic.Field(alias="onDiskFullBackpressure"), + ] = None + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + + force_close_on_shutdown: Annotated[ + Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") + ] = None + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + + retry_settings: Annotated[ + Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") + ] = None + + orphans: Optional[OrphanFileRecoveryType] = None + + auth_type: Annotated[ + Optional[AuthenticationMethodOptions], pydantic.Field(alias="authType") + ] = None + + storage_class: Annotated[ + Optional[OutputResponseBlobAccessTier], pydantic.Field(alias="storageClass") + ] = None + + description: Optional[str] = None + + compress: Optional[CompressionOptionsHTTP] = None + r"""Data compression format to apply to HTTP content before it is delivered""" + + compression_level: Annotated[ + Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") + ] = None + r"""Compression level to apply before moving files to final destination""" + + automatic_schema: Annotated[ + Optional[bool], pydantic.Field(alias="automaticSchema") + ] = None + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + + parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( + None + ) + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + + parquet_version: Annotated[ + Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") + ] = None + r"""Determines which data types are supported and how they are represented""" + + parquet_data_page_version: Annotated[ + Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") + ] = None + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + + parquet_row_group_length: Annotated[ + Optional[float], pydantic.Field(alias="parquetRowGroupLength") + ] = None + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + + parquet_page_size: Annotated[ + Optional[str], pydantic.Field(alias="parquetPageSize") + ] = None + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + + should_log_invalid_rows: Annotated[ + Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") + ] = None + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + + key_value_metadata: Annotated[ + Optional[List[KeyValueMetadataConfOutputFilesystem]], + pydantic.Field(alias="keyValueMetadata"), + ] = None + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + + enable_statistics: Annotated[ + Optional[bool], pydantic.Field(alias="enableStatistics") + ] = None + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + + enable_write_page_index: Annotated[ + Optional[bool], pydantic.Field(alias="enableWritePageIndex") + ] = None + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + + enable_page_checksum: Annotated[ + Optional[bool], pydantic.Field(alias="enablePageChecksum") + ] = None + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + + empty_dir_cleanup_sec: Annotated[ + Optional[float], pydantic.Field(alias="emptyDirCleanupSec") + ] = None + r"""How frequently, in seconds, to clean up empty directories""" + + directory_batch_size: Annotated[ + Optional[float], pydantic.Field(alias="directoryBatchSize") + ] = None + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + + deadletter_path: Annotated[ + Optional[str], pydantic.Field(alias="deadletterPath") + ] = None + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + + max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( + None + ) + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + + connection_string: Annotated[ + Optional[str], pydantic.Field(alias="connectionString") + ] = None + r"""Enter your Azure Storage account connection string. If left blank, Stream will fall back to env.AZURE_STORAGE_CONNECTION_STRING.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + storage_account_name: Annotated[ + Optional[str], pydantic.Field(alias="storageAccountName") + ] = None + r"""The name of your Azure storage account""" + + tenant_id: Annotated[Optional[str], pydantic.Field(alias="tenantId")] = None + r"""The service principal's tenant ID""" + + client_id: Annotated[Optional[str], pydantic.Field(alias="clientId")] = None + r"""The service principal's client ID""" + + azure_cloud: Annotated[Optional[str], pydantic.Field(alias="azureCloud")] = None + r"""The Azure cloud to use. Defaults to Azure Public Cloud.""" + + endpoint_suffix: Annotated[ + Optional[str], pydantic.Field(alias="endpointSuffix") + ] = None + r"""Endpoint suffix for the service URL. Takes precedence over the Azure Cloud setting. Defaults to core.windows.net.""" + + client_text_secret: Annotated[ + Optional[str], pydantic.Field(alias="clientTextSecret") + ] = None + r"""Select or create a stored text secret""" + + certificate: Optional[CertificateTypeAzureBlobAuthTypeClientCert] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_container_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_containerName") + ] = None + r"""Binds 'containerName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'containerName' at runtime.""" + + template_dest_path: Annotated[ + Optional[str], pydantic.Field(alias="__template_destPath") + ] = None + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + + template_partition_expr: Annotated[ + Optional[str], pydantic.Field(alias="__template_partitionExpr") + ] = None + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_base_file_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_baseFileName") + ] = None + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + + template_file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="__template_fileNameSuffix") + ] = None + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + template_parquet_schema: Annotated[ + Optional[str], pydantic.Field(alias="__template_parquetSchema") + ] = None + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + template_connection_string: Annotated[ + Optional[str], pydantic.Field(alias="__template_connectionString") + ] = None + r"""Binds 'connectionString' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'connectionString' at runtime.""" + + template_storage_account_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_storageAccountName") + ] = None + r"""Binds 'storageAccountName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageAccountName' at runtime.""" + + template_tenant_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_tenantId") + ] = None + r"""Binds 'tenantId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'tenantId' at runtime.""" + + template_client_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientId") + ] = None + r"""Binds 'clientId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientId' at runtime.""" + + template_azure_cloud: Annotated[ + Optional[str], pydantic.Field(alias="__template_azureCloud") + ] = None + r"""Binds 'azureCloud' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'azureCloud' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.DataFormatOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptionsBlockDrop(value) + except ValueError: + return value + return value + + @field_serializer("on_disk_full_backpressure") + def serialize_on_disk_full_backpressure(self, value): + if isinstance(value, str): + try: + return models.DiskSpaceProtectionOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptions(value) + except ValueError: + return value + return value + + @field_serializer("storage_class") + def serialize_storage_class(self, value): + if isinstance(value, str): + try: + return models.OutputResponseBlobAccessTier(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsHTTP(value) + except ValueError: + return value + return value + + @field_serializer("compression_level") + def serialize_compression_level(self, value): + if isinstance(value, str): + try: + return models.CompressionLevelOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_version") + def serialize_parquet_version(self, value): + if isinstance(value, str): + try: + return models.ParquetVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_data_page_version") + def serialize_parquet_data_page_version(self, value): + if isinstance(value, str): + try: + return models.DataPageVersionOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "createContainer", + "destPath", + "addIdToStagePath", + "maxConcurrentFileParts", + "removeEmptyDirs", + "partitionExpr", + "format", + "baseFileName", + "fileNameSuffix", + "maxFileSizeMB", + "maxFileOpenTimeSec", + "maxFileIdleTimeSec", + "maxOpenFiles", + "headerLine", + "writeHighWaterMark", + "onBackpressure", + "deadletterEnabled", + "onDiskFullBackpressure", + "forceCloseOnShutdown", + "retrySettings", + "orphans", + "authType", + "storageClass", + "description", + "compress", + "compressionLevel", + "automaticSchema", + "parquetSchema", + "parquetVersion", + "parquetDataPageVersion", + "parquetRowGroupLength", + "parquetPageSize", + "shouldLogInvalidRows", + "keyValueMetadata", + "enableStatistics", + "enableWritePageIndex", + "enablePageChecksum", + "emptyDirCleanupSec", + "directoryBatchSize", + "deadletterPath", + "maxRetryNum", + "connectionString", + "textSecret", + "storageAccountName", + "tenantId", + "clientId", + "azureCloud", + "endpointSuffix", + "clientTextSecret", + "certificate", + "__template_streamtags", + "__template_containerName", + "__template_destPath", + "__template_partitionExpr", + "__template_format", + "__template_baseFileName", + "__template_fileNameSuffix", + "__template_onBackpressure", + "__template_compress", + "__template_parquetSchema", + "__template_connectionString", + "__template_storageAccountName", + "__template_tenantId", + "__template_clientId", + "__template_azureCloud", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeS3(str, Enum): + S3 = "s3" + + +class OutputResponseOutputS3TypedDict(TypedDict): + type: OutputResponseTypeS3 + bucket: str + r"""Name of the destination S3 bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + stage_path: str + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + endpoint: NotRequired[str] + r"""S3 service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to S3-compatible endpoint.""" + enable_assume_role: NotRequired[bool] + r"""Use Assume Role credentials to access S3""" + assume_role_arn: NotRequired[str] + r"""Amazon Resource Name (ARN) of the role to assume""" + assume_role_external_id: NotRequired[str] + r"""External ID to use when assuming role""" + duration_seconds: NotRequired[float] + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + aws_authentication_method: NotRequired[AuthenticationMethodOptionsS3CollectorConf] + r"""AWS authentication method. Choose Auto to use IAM roles.""" + reuse_connections: NotRequired[bool] + r"""Reuse connections between requests, which can improve performance""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + region: NotRequired[str] + r"""Region where the S3 bucket is located""" + dest_path: NotRequired[str] + r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" + max_concurrent_file_parts: NotRequired[float] + r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" + verify_permissions: NotRequired[bool] + r"""Disable if you can access files within the bucket but not the bucket itself""" + max_closing_files_to_backpressure: NotRequired[float] + r"""Maximum number of files that can be waiting for upload before backpressure is applied""" + add_id_to_stage_path: NotRequired[bool] + r"""Add the Output ID value to staging location""" + remove_empty_dirs: NotRequired[bool] + r"""Remove empty staging directories after moving files""" + partition_expr: NotRequired[str] + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + format_: NotRequired[DataFormatOptions] + r"""Format of the output data""" + base_file_name: NotRequired[str] + r"""JavaScript expression to define the output filename prefix (can be constant)""" + file_name_suffix: NotRequired[str] + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + max_file_size_mb: NotRequired[float] + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + max_file_open_time_sec: NotRequired[float] + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + max_file_idle_time_sec: NotRequired[float] + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + max_open_files: NotRequired[float] + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + header_line: NotRequired[str] + r"""If set, this line will be written to the beginning of each output file""" + write_high_water_mark: NotRequired[float] + r"""Buffer size used to write to a file""" + on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] + r"""How to handle events when all receivers are exerting backpressure""" + deadletter_enabled: NotRequired[bool] + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + force_close_on_shutdown: NotRequired[bool] + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + retry_settings: NotRequired[RetrySettingsTypeTypedDict] + orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] + aws_secret_key: NotRequired[str] + r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" + object_acl: NotRequired[ObjectACLOptions] + r"""Object ACL to assign to uploaded objects""" + storage_class: NotRequired[StorageClassOptions] + r"""Storage class to select for uploaded objects""" + server_side_encryption: NotRequired[ServerSideEncryptionForUploadedObjectsOptions] + r"""Server-side encryption to use for uploaded objects""" + kms_key_id: NotRequired[str] + r"""ID or ARN of the KMS customer-managed key to use for encryption""" + description: NotRequired[str] + aws_api_key: NotRequired[str] + r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" + aws_secret: NotRequired[str] + r"""Select or create a stored secret that references your access key and secret key""" + compress: NotRequired[CompressionOptionsHTTP] + r"""Data compression format to apply to HTTP content before it is delivered""" + compression_level: NotRequired[CompressionLevelOptions] + r"""Compression level to apply before moving files to final destination""" + automatic_schema: NotRequired[bool] + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + parquet_schema: NotRequired[str] + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + parquet_version: NotRequired[ParquetVersionOptions] + r"""Determines which data types are supported and how they are represented""" + parquet_data_page_version: NotRequired[DataPageVersionOptions] + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + parquet_row_group_length: NotRequired[float] + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + parquet_page_size: NotRequired[str] + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + should_log_invalid_rows: NotRequired[bool] + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + enable_statistics: NotRequired[bool] + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + enable_write_page_index: NotRequired[bool] + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + enable_page_checksum: NotRequired[bool] + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + empty_dir_cleanup_sec: NotRequired[float] + r"""How frequently, in seconds, to clean up empty directories""" + directory_batch_size: NotRequired[float] + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + deadletter_path: NotRequired[str] + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + max_retry_num: NotRequired[float] + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_endpoint: NotRequired[str] + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + template_assume_role_arn: NotRequired[str] + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + template_assume_role_external_id: NotRequired[str] + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + template_bucket: NotRequired[str] + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + template_region: NotRequired[str] + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + template_dest_path: NotRequired[str] + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + template_partition_expr: NotRequired[str] + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_base_file_name: NotRequired[str] + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + template_file_name_suffix: NotRequired[str] + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_aws_secret_key: NotRequired[str] + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + template_object_acl: NotRequired[str] + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + template_storage_class: NotRequired[str] + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + template_server_side_encryption: NotRequired[str] + r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" + template_kms_key_id: NotRequired[str] + r"""Binds 'kmsKeyId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'kmsKeyId' at runtime.""" + template_aws_api_key: NotRequired[str] + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + template_parquet_schema: NotRequired[str] + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputS3(BaseModel): + type: OutputResponseTypeS3 + + bucket: str + r"""Name of the destination S3 bucket. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at initialization time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + + stage_path: Annotated[str, pydantic.Field(alias="stagePath")] + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + endpoint: Optional[str] = None + r"""S3 service endpoint. If empty, defaults to the AWS Region-specific endpoint. Otherwise, it must point to S3-compatible endpoint.""" + + enable_assume_role: Annotated[ + Optional[bool], pydantic.Field(alias="enableAssumeRole") + ] = None + r"""Use Assume Role credentials to access S3""" + + assume_role_arn: Annotated[Optional[str], pydantic.Field(alias="assumeRoleArn")] = ( + None + ) + r"""Amazon Resource Name (ARN) of the role to assume""" + + assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="assumeRoleExternalId") + ] = None + r"""External ID to use when assuming role""" + + duration_seconds: Annotated[ + Optional[float], pydantic.Field(alias="durationSeconds") + ] = None + r"""Duration of the assumed role's session, in seconds. Minimum is 900 (15 minutes), default is 3600 (1 hour), and maximum is 43200 (12 hours).""" + + aws_authentication_method: Annotated[ + Optional[AuthenticationMethodOptionsS3CollectorConf], + pydantic.Field(alias="awsAuthenticationMethod"), + ] = None + r"""AWS authentication method. Choose Auto to use IAM roles.""" + + reuse_connections: Annotated[ + Optional[bool], pydantic.Field(alias="reuseConnections") + ] = None + r"""Reuse connections between requests, which can improve performance""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates that cannot be verified against a valid CA, such as self-signed certificates""" + + region: Optional[str] = None + r"""Region where the S3 bucket is located""" + + dest_path: Annotated[Optional[str], pydantic.Field(alias="destPath")] = None + r"""Prefix to prepend to files before uploading. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myKeyPrefix-${C.vars.myVar}`""" + + max_concurrent_file_parts: Annotated[ + Optional[float], pydantic.Field(alias="maxConcurrentFileParts") + ] = None + r"""Maximum number of parts to upload in parallel per file. Minimum part size is 5MB.""" + + verify_permissions: Annotated[ + Optional[bool], pydantic.Field(alias="verifyPermissions") + ] = None + r"""Disable if you can access files within the bucket but not the bucket itself""" + + max_closing_files_to_backpressure: Annotated[ + Optional[float], pydantic.Field(alias="maxClosingFilesToBackpressure") + ] = None + r"""Maximum number of files that can be waiting for upload before backpressure is applied""" + + add_id_to_stage_path: Annotated[ + Optional[bool], pydantic.Field(alias="addIdToStagePath") + ] = None + r"""Add the Output ID value to staging location""" + + remove_empty_dirs: Annotated[ + Optional[bool], pydantic.Field(alias="removeEmptyDirs") + ] = None + r"""Remove empty staging directories after moving files""" + + partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( + None + ) + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + + format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( + None + ) + r"""Format of the output data""" + + base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( + None + ) + r"""JavaScript expression to define the output filename prefix (can be constant)""" + + file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="fileNameSuffix") + ] = None + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + + max_file_size_mb: Annotated[ + Optional[float], pydantic.Field(alias="maxFileSizeMB") + ] = None + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + + max_file_open_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") + ] = None + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + + max_file_idle_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") + ] = None + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + + max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( + None + ) + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + + header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None + r"""If set, this line will be written to the beginning of each output file""" + + write_high_water_mark: Annotated[ + Optional[float], pydantic.Field(alias="writeHighWaterMark") + ] = None + r"""Buffer size used to write to a file""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptionsBlockDrop], + pydantic.Field(alias="onBackpressure"), + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + deadletter_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="deadletterEnabled") + ] = None + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + + on_disk_full_backpressure: Annotated[ + Optional[DiskSpaceProtectionOptions], + pydantic.Field(alias="onDiskFullBackpressure"), + ] = None + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + + force_close_on_shutdown: Annotated[ + Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") + ] = None + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + + retry_settings: Annotated[ + Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") + ] = None + + orphans: Optional[OrphanFileRecoveryType] = None + + aws_secret_key: Annotated[Optional[str], pydantic.Field(alias="awsSecretKey")] = ( + None + ) + r"""Secret key. This value can be a constant or a JavaScript expression. Example: `${C.env.SOME_SECRET}`)""" + + object_acl: Annotated[ + Optional[ObjectACLOptions], pydantic.Field(alias="objectACL") + ] = None + r"""Object ACL to assign to uploaded objects""" + + storage_class: Annotated[ + Optional[StorageClassOptions], pydantic.Field(alias="storageClass") + ] = None + r"""Storage class to select for uploaded objects""" + + server_side_encryption: Annotated[ + Optional[ServerSideEncryptionForUploadedObjectsOptions], + pydantic.Field(alias="serverSideEncryption"), + ] = None + r"""Server-side encryption to use for uploaded objects""" + + kms_key_id: Annotated[Optional[str], pydantic.Field(alias="kmsKeyId")] = None + r"""ID or ARN of the KMS customer-managed key to use for encryption""" + + description: Optional[str] = None + + aws_api_key: Annotated[Optional[str], pydantic.Field(alias="awsApiKey")] = None + r"""This value can be a constant or a JavaScript expression (`${C.env.SOME_ACCESS_KEY}`)""" + + aws_secret: Annotated[Optional[str], pydantic.Field(alias="awsSecret")] = None + r"""Select or create a stored secret that references your access key and secret key""" + + compress: Optional[CompressionOptionsHTTP] = None + r"""Data compression format to apply to HTTP content before it is delivered""" + + compression_level: Annotated[ + Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") + ] = None + r"""Compression level to apply before moving files to final destination""" + + automatic_schema: Annotated[ + Optional[bool], pydantic.Field(alias="automaticSchema") + ] = None + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + + parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( + None + ) + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + + parquet_version: Annotated[ + Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") + ] = None + r"""Determines which data types are supported and how they are represented""" + + parquet_data_page_version: Annotated[ + Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") + ] = None + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + + parquet_row_group_length: Annotated[ + Optional[float], pydantic.Field(alias="parquetRowGroupLength") + ] = None + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + + parquet_page_size: Annotated[ + Optional[str], pydantic.Field(alias="parquetPageSize") + ] = None + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + + should_log_invalid_rows: Annotated[ + Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") + ] = None + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + + key_value_metadata: Annotated[ + Optional[List[KeyValueMetadataConfOutputFilesystem]], + pydantic.Field(alias="keyValueMetadata"), + ] = None + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + + enable_statistics: Annotated[ + Optional[bool], pydantic.Field(alias="enableStatistics") + ] = None + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + + enable_write_page_index: Annotated[ + Optional[bool], pydantic.Field(alias="enableWritePageIndex") + ] = None + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + + enable_page_checksum: Annotated[ + Optional[bool], pydantic.Field(alias="enablePageChecksum") + ] = None + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + + empty_dir_cleanup_sec: Annotated[ + Optional[float], pydantic.Field(alias="emptyDirCleanupSec") + ] = None + r"""How frequently, in seconds, to clean up empty directories""" + + directory_batch_size: Annotated[ + Optional[float], pydantic.Field(alias="directoryBatchSize") + ] = None + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + + deadletter_path: Annotated[ + Optional[str], pydantic.Field(alias="deadletterPath") + ] = None + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + + max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( + None + ) + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_endpoint") + ] = None + r"""Binds 'endpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'endpoint' at runtime.""" + + template_assume_role_arn: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleArn") + ] = None + r"""Binds 'assumeRoleArn' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleArn' at runtime.""" + + template_assume_role_external_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_assumeRoleExternalId") + ] = None + r"""Binds 'assumeRoleExternalId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'assumeRoleExternalId' at runtime.""" + + template_bucket: Annotated[ + Optional[str], pydantic.Field(alias="__template_bucket") + ] = None + r"""Binds 'bucket' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'bucket' at runtime.""" + + template_region: Annotated[ + Optional[str], pydantic.Field(alias="__template_region") + ] = None + r"""Binds 'region' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'region' at runtime.""" + + template_dest_path: Annotated[ + Optional[str], pydantic.Field(alias="__template_destPath") + ] = None + r"""Binds 'destPath' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'destPath' at runtime.""" + + template_partition_expr: Annotated[ + Optional[str], pydantic.Field(alias="__template_partitionExpr") + ] = None + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_base_file_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_baseFileName") + ] = None + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + + template_file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="__template_fileNameSuffix") + ] = None + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_aws_secret_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsSecretKey") + ] = None + r"""Binds 'awsSecretKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsSecretKey' at runtime.""" + + template_object_acl: Annotated[ + Optional[str], pydantic.Field(alias="__template_objectACL") + ] = None + r"""Binds 'objectACL' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'objectACL' at runtime.""" + + template_storage_class: Annotated[ + Optional[str], pydantic.Field(alias="__template_storageClass") + ] = None + r"""Binds 'storageClass' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'storageClass' at runtime.""" + + template_server_side_encryption: Annotated[ + Optional[str], pydantic.Field(alias="__template_serverSideEncryption") + ] = None + r"""Binds 'serverSideEncryption' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serverSideEncryption' at runtime.""" + + template_kms_key_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_kmsKeyId") + ] = None + r"""Binds 'kmsKeyId' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'kmsKeyId' at runtime.""" + + template_aws_api_key: Annotated[ + Optional[str], pydantic.Field(alias="__template_awsApiKey") + ] = None + r"""Binds 'awsApiKey' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'awsApiKey' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + template_parquet_schema: Annotated[ + Optional[str], pydantic.Field(alias="__template_parquetSchema") + ] = None + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("aws_authentication_method") + def serialize_aws_authentication_method(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsS3CollectorConf(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.DataFormatOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptionsBlockDrop(value) + except ValueError: + return value + return value + + @field_serializer("on_disk_full_backpressure") + def serialize_on_disk_full_backpressure(self, value): + if isinstance(value, str): + try: + return models.DiskSpaceProtectionOptions(value) + except ValueError: + return value + return value + + @field_serializer("object_acl") + def serialize_object_acl(self, value): + if isinstance(value, str): + try: + return models.ObjectACLOptions(value) + except ValueError: + return value + return value + + @field_serializer("storage_class") + def serialize_storage_class(self, value): + if isinstance(value, str): + try: + return models.StorageClassOptions(value) + except ValueError: + return value + return value + + @field_serializer("server_side_encryption") + def serialize_server_side_encryption(self, value): + if isinstance(value, str): + try: + return models.ServerSideEncryptionForUploadedObjectsOptions(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsHTTP(value) + except ValueError: + return value + return value + + @field_serializer("compression_level") + def serialize_compression_level(self, value): + if isinstance(value, str): + try: + return models.CompressionLevelOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_version") + def serialize_parquet_version(self, value): + if isinstance(value, str): + try: + return models.ParquetVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_data_page_version") + def serialize_parquet_data_page_version(self, value): + if isinstance(value, str): + try: + return models.DataPageVersionOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "endpoint", + "enableAssumeRole", + "assumeRoleArn", + "assumeRoleExternalId", + "durationSeconds", + "awsAuthenticationMethod", + "reuseConnections", + "rejectUnauthorized", + "region", + "destPath", + "maxConcurrentFileParts", + "verifyPermissions", + "maxClosingFilesToBackpressure", + "addIdToStagePath", + "removeEmptyDirs", + "partitionExpr", + "format", + "baseFileName", + "fileNameSuffix", + "maxFileSizeMB", + "maxFileOpenTimeSec", + "maxFileIdleTimeSec", + "maxOpenFiles", + "headerLine", + "writeHighWaterMark", + "onBackpressure", + "deadletterEnabled", + "onDiskFullBackpressure", + "forceCloseOnShutdown", + "retrySettings", + "orphans", + "awsSecretKey", + "objectACL", + "storageClass", + "serverSideEncryption", + "kmsKeyId", + "description", + "awsApiKey", + "awsSecret", + "compress", + "compressionLevel", + "automaticSchema", + "parquetSchema", + "parquetVersion", + "parquetDataPageVersion", + "parquetRowGroupLength", + "parquetPageSize", + "shouldLogInvalidRows", + "keyValueMetadata", + "enableStatistics", + "enableWritePageIndex", + "enablePageChecksum", + "emptyDirCleanupSec", + "directoryBatchSize", + "deadletterPath", + "maxRetryNum", + "__template_streamtags", + "__template_endpoint", + "__template_assumeRoleArn", + "__template_assumeRoleExternalId", + "__template_bucket", + "__template_region", + "__template_destPath", + "__template_partitionExpr", + "__template_format", + "__template_baseFileName", + "__template_fileNameSuffix", + "__template_onBackpressure", + "__template_awsSecretKey", + "__template_objectACL", + "__template_storageClass", + "__template_serverSideEncryption", + "__template_kmsKeyId", + "__template_awsApiKey", + "__template_compress", + "__template_parquetSchema", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeFilesystem(str, Enum): + FILESYSTEM = "filesystem" + + +class OutputResponseOutputFilesystemTypedDict(TypedDict): + type: OutputResponseTypeFilesystem + dest_path: str + r"""Final destination for the output files""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + stage_path: NotRequired[str] + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + add_id_to_stage_path: NotRequired[bool] + r"""Add the Output ID value to staging location""" + remove_empty_dirs: NotRequired[bool] + r"""Remove empty staging directories after moving files""" + partition_expr: NotRequired[str] + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + format_: NotRequired[DataFormatOptions] + r"""Format of the output data""" + base_file_name: NotRequired[str] + r"""JavaScript expression to define the output filename prefix (can be constant)""" + file_name_suffix: NotRequired[str] + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + max_file_size_mb: NotRequired[float] + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + max_file_open_time_sec: NotRequired[float] + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + max_file_idle_time_sec: NotRequired[float] + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + max_open_files: NotRequired[float] + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + header_line: NotRequired[str] + r"""If set, this line will be written to the beginning of each output file""" + write_high_water_mark: NotRequired[float] + r"""Buffer size used to write to a file""" + on_backpressure: NotRequired[BackpressureBehaviorOptionsBlockDrop] + r"""How to handle events when all receivers are exerting backpressure""" + deadletter_enabled: NotRequired[bool] + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + on_disk_full_backpressure: NotRequired[DiskSpaceProtectionOptions] + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + force_close_on_shutdown: NotRequired[bool] + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + retry_settings: NotRequired[RetrySettingsTypeTypedDict] + orphans: NotRequired[OrphanFileRecoveryTypeTypedDict] + description: NotRequired[str] + compress: NotRequired[CompressionOptionsHTTP] + r"""Data compression format to apply to HTTP content before it is delivered""" + compression_level: NotRequired[CompressionLevelOptions] + r"""Compression level to apply before moving files to final destination""" + automatic_schema: NotRequired[bool] + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + parquet_schema: NotRequired[str] + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + parquet_version: NotRequired[ParquetVersionOptions] + r"""Determines which data types are supported and how they are represented""" + parquet_data_page_version: NotRequired[DataPageVersionOptions] + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + parquet_row_group_length: NotRequired[float] + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + parquet_page_size: NotRequired[str] + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + should_log_invalid_rows: NotRequired[bool] + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + key_value_metadata: NotRequired[List[KeyValueMetadataConfOutputFilesystemTypedDict]] + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + enable_statistics: NotRequired[bool] + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + enable_write_page_index: NotRequired[bool] + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + enable_page_checksum: NotRequired[bool] + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + empty_dir_cleanup_sec: NotRequired[float] + r"""How frequently, in seconds, to clean up empty directories""" + directory_batch_size: NotRequired[float] + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + deadletter_path: NotRequired[str] + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + max_retry_num: NotRequired[float] + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_partition_expr: NotRequired[str] + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + template_format: NotRequired[str] + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + template_base_file_name: NotRequired[str] + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + template_file_name_suffix: NotRequired[str] + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + template_parquet_schema: NotRequired[str] + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputFilesystem(BaseModel): + type: OutputResponseTypeFilesystem + + dest_path: Annotated[str, pydantic.Field(alias="destPath")] + r"""Final destination for the output files""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + stage_path: Annotated[Optional[str], pydantic.Field(alias="stagePath")] = None + r"""Filesystem location in which to buffer files, before compressing and moving to final destination. Use performant and stable storage.""" + + add_id_to_stage_path: Annotated[ + Optional[bool], pydantic.Field(alias="addIdToStagePath") + ] = None + r"""Add the Output ID value to staging location""" + + remove_empty_dirs: Annotated[ + Optional[bool], pydantic.Field(alias="removeEmptyDirs") + ] = None + r"""Remove empty staging directories after moving files""" + + partition_expr: Annotated[Optional[str], pydantic.Field(alias="partitionExpr")] = ( + None + ) + r"""JavaScript expression defining how files are partitioned and organized. Default is date-based. If blank, Stream will fall back to the event's __partition field value – if present – otherwise to each location's root directory.""" + + format_: Annotated[Optional[DataFormatOptions], pydantic.Field(alias="format")] = ( + None + ) + r"""Format of the output data""" + + base_file_name: Annotated[Optional[str], pydantic.Field(alias="baseFileName")] = ( + None + ) + r"""JavaScript expression to define the output filename prefix (can be constant)""" + + file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="fileNameSuffix") + ] = None + r"""JavaScript expression to define the output filename suffix (can be constant). The `__format` variable refers to the value of the `Data format` field (`json` or `raw`). The `__compression` field refers to the kind of compression being used (`none` or `gzip`).""" + + max_file_size_mb: Annotated[ + Optional[float], pydantic.Field(alias="maxFileSizeMB") + ] = None + r"""Maximum uncompressed output file size. Files of this size will be closed and moved to final output location.""" + + max_file_open_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileOpenTimeSec") + ] = None + r"""Maximum amount of time to write to a file. Files open for longer than this will be closed and moved to final output location.""" + + max_file_idle_time_sec: Annotated[ + Optional[float], pydantic.Field(alias="maxFileIdleTimeSec") + ] = None + r"""Maximum amount of time to keep inactive files open. Files open for longer than this will be closed and moved to final output location.""" + + max_open_files: Annotated[Optional[float], pydantic.Field(alias="maxOpenFiles")] = ( + None + ) + r"""Maximum number of files to keep open concurrently. When exceeded, @{product} will close the oldest open files and move them to the final output location.""" + + header_line: Annotated[Optional[str], pydantic.Field(alias="headerLine")] = None + r"""If set, this line will be written to the beginning of each output file""" + + write_high_water_mark: Annotated[ + Optional[float], pydantic.Field(alias="writeHighWaterMark") + ] = None + r"""Buffer size used to write to a file""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptionsBlockDrop], + pydantic.Field(alias="onBackpressure"), + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + deadletter_enabled: Annotated[ + Optional[bool], pydantic.Field(alias="deadletterEnabled") + ] = None + r"""If a file fails to move to its final destination after the maximum number of retries, move it to a designated directory to prevent further errors""" + + on_disk_full_backpressure: Annotated[ + Optional[DiskSpaceProtectionOptions], + pydantic.Field(alias="onDiskFullBackpressure"), + ] = None + r"""How to handle events when disk space is below the global 'Min free disk space' limit""" + + force_close_on_shutdown: Annotated[ + Optional[bool], pydantic.Field(alias="forceCloseOnShutdown") + ] = None + r"""Force all staged files to close during an orderly Node shutdown. This triggers immediate upload of in-progress data — regardless of idle time, file age, or size thresholds — to minimize data loss.""" + + retry_settings: Annotated[ + Optional[RetrySettingsType], pydantic.Field(alias="retrySettings") + ] = None + + orphans: Optional[OrphanFileRecoveryType] = None + + description: Optional[str] = None + + compress: Optional[CompressionOptionsHTTP] = None + r"""Data compression format to apply to HTTP content before it is delivered""" + + compression_level: Annotated[ + Optional[CompressionLevelOptions], pydantic.Field(alias="compressionLevel") + ] = None + r"""Compression level to apply before moving files to final destination""" + + automatic_schema: Annotated[ + Optional[bool], pydantic.Field(alias="automaticSchema") + ] = None + r"""Automatically calculate the schema based on the events of each Parquet file generated""" + + parquet_schema: Annotated[Optional[str], pydantic.Field(alias="parquetSchema")] = ( + None + ) + r"""To add a new schema, navigate to Processing > Knowledge > Parquet Schemas""" + + parquet_version: Annotated[ + Optional[ParquetVersionOptions], pydantic.Field(alias="parquetVersion") + ] = None + r"""Determines which data types are supported and how they are represented""" + + parquet_data_page_version: Annotated[ + Optional[DataPageVersionOptions], pydantic.Field(alias="parquetDataPageVersion") + ] = None + r"""Serialization format of data pages. Note that some reader implementations use Data page V2's attributes to work more efficiently, while others ignore it.""" + + parquet_row_group_length: Annotated[ + Optional[float], pydantic.Field(alias="parquetRowGroupLength") + ] = None + r"""The number of rows that every group will contain. The final group can contain a smaller number of rows.""" + + parquet_page_size: Annotated[ + Optional[str], pydantic.Field(alias="parquetPageSize") + ] = None + r"""Target memory size for page segments, such as 1MB or 128MB. Generally, lower values improve reading speed, while higher values improve compression.""" + + should_log_invalid_rows: Annotated[ + Optional[bool], pydantic.Field(alias="shouldLogInvalidRows") + ] = None + r"""Log up to 3 rows that @{product} skips due to data mismatch""" + + key_value_metadata: Annotated[ + Optional[List[KeyValueMetadataConfOutputFilesystem]], + pydantic.Field(alias="keyValueMetadata"), + ] = None + r"""The metadata of files the Destination writes will include the properties you add here as key-value pairs. Useful for tagging. Examples: \"key\":\"OCSF Event Class\", \"value\":\"9001\" """ + + enable_statistics: Annotated[ + Optional[bool], pydantic.Field(alias="enableStatistics") + ] = None + r"""Statistics profile an entire file in terms of minimum/maximum values within data, numbers of nulls, etc. You can use Parquet tools to view statistics.""" + + enable_write_page_index: Annotated[ + Optional[bool], pydantic.Field(alias="enableWritePageIndex") + ] = None + r"""One page index contains statistics for one data page. Parquet readers use statistics to enable page skipping.""" + + enable_page_checksum: Annotated[ + Optional[bool], pydantic.Field(alias="enablePageChecksum") + ] = None + r"""Parquet tools can use the checksum of a Parquet page to verify data integrity""" + + empty_dir_cleanup_sec: Annotated[ + Optional[float], pydantic.Field(alias="emptyDirCleanupSec") + ] = None + r"""How frequently, in seconds, to clean up empty directories""" + + directory_batch_size: Annotated[ + Optional[float], pydantic.Field(alias="directoryBatchSize") + ] = None + r"""Number of directories to process in each batch during cleanup of empty directories. Minimum is 10, maximum is 10000. Higher values may require more memory.""" + + deadletter_path: Annotated[ + Optional[str], pydantic.Field(alias="deadletterPath") + ] = None + r"""Storage location for files that fail to reach their final destination after maximum retries are exceeded""" + + max_retry_num: Annotated[Optional[float], pydantic.Field(alias="maxRetryNum")] = ( + None + ) + r"""The maximum number of times a file will attempt to move to its final destination before being dead-lettered""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_partition_expr: Annotated[ + Optional[str], pydantic.Field(alias="__template_partitionExpr") + ] = None + r"""Binds 'partitionExpr' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'partitionExpr' at runtime.""" + + template_format: Annotated[ + Optional[str], pydantic.Field(alias="__template_format") + ] = None + r"""Binds 'format' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'format' at runtime.""" + + template_base_file_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_baseFileName") + ] = None + r"""Binds 'baseFileName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'baseFileName' at runtime.""" + + template_file_name_suffix: Annotated[ + Optional[str], pydantic.Field(alias="__template_fileNameSuffix") + ] = None + r"""Binds 'fileNameSuffix' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'fileNameSuffix' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + template_parquet_schema: Annotated[ + Optional[str], pydantic.Field(alias="__template_parquetSchema") + ] = None + r"""Binds 'parquetSchema' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'parquetSchema' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.DataFormatOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptionsBlockDrop(value) + except ValueError: + return value + return value + + @field_serializer("on_disk_full_backpressure") + def serialize_on_disk_full_backpressure(self, value): + if isinstance(value, str): + try: + return models.DiskSpaceProtectionOptions(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsHTTP(value) + except ValueError: + return value + return value + + @field_serializer("compression_level") + def serialize_compression_level(self, value): + if isinstance(value, str): + try: + return models.CompressionLevelOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_version") + def serialize_parquet_version(self, value): + if isinstance(value, str): + try: + return models.ParquetVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("parquet_data_page_version") + def serialize_parquet_data_page_version(self, value): + if isinstance(value, str): + try: + return models.DataPageVersionOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "stagePath", + "addIdToStagePath", + "removeEmptyDirs", + "partitionExpr", + "format", + "baseFileName", + "fileNameSuffix", + "maxFileSizeMB", + "maxFileOpenTimeSec", + "maxFileIdleTimeSec", + "maxOpenFiles", + "headerLine", + "writeHighWaterMark", + "onBackpressure", + "deadletterEnabled", + "onDiskFullBackpressure", + "forceCloseOnShutdown", + "retrySettings", + "orphans", + "description", + "compress", + "compressionLevel", + "automaticSchema", + "parquetSchema", + "parquetVersion", + "parquetDataPageVersion", + "parquetRowGroupLength", + "parquetPageSize", + "shouldLogInvalidRows", + "keyValueMetadata", + "enableStatistics", + "enableWritePageIndex", + "enablePageChecksum", + "emptyDirCleanupSec", + "directoryBatchSize", + "deadletterPath", + "maxRetryNum", + "__template_streamtags", + "__template_partitionExpr", + "__template_format", + "__template_baseFileName", + "__template_fileNameSuffix", + "__template_onBackpressure", + "__template_compress", + "__template_parquetSchema", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeSignalfx(str, Enum): + SIGNALFX = "signalfx" + + +class OutputResponsePqControlsSignalfxTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsSignalfx(BaseModel): + pass + + +class OutputResponseOutputSignalfxTypedDict(TypedDict): + type: OutputResponseTypeSignalfx + realm: str + r"""SignalFx realm name, e.g. \"us0\". For a complete list of available SignalFx realm names, please check [here](https://docs.splunk.com/observability/en/get-started/service-description.html#sd-regions).""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + token: NotRequired[str] + r"""SignalFx API access token (see [here](https://docs.signalfx.com/en/latest/admin-guide/tokens.html#working-with-access-tokens))""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsSignalfxTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputSignalfx(BaseModel): + type: OutputResponseTypeSignalfx + + realm: str + r"""SignalFx realm name, e.g. \"us0\". For a complete list of available SignalFx realm names, please check [here](https://docs.splunk.com/observability/en/get-started/service-description.html#sd-regions).""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + token: Optional[str] = None + r"""SignalFx API access token (see [here](https://docs.signalfx.com/en/latest/admin-guide/tokens.html#working-with-access-tokens))""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsSignalfx], pydantic.Field(alias="pqControls") + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "authType", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "description", + "token", + "textSecret", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeWavefront(str, Enum): + WAVEFRONT = "wavefront" + + +class OutputResponsePqControlsWavefrontTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsWavefront(BaseModel): + pass + + +class OutputResponseOutputWavefrontTypedDict(TypedDict): + type: OutputResponseTypeWavefront + domain: str + r"""WaveFront domain name, e.g. \"longboard\" """ + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + token: NotRequired[str] + r"""WaveFront API authentication token (see [here](https://docs.wavefront.com/wavefront_api.html#generating-an-api-token))""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsWavefrontTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputWavefront(BaseModel): + type: OutputResponseTypeWavefront + + domain: str + r"""WaveFront domain name, e.g. \"longboard\" """ + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + token: Optional[str] = None + r"""WaveFront API authentication token (see [here](https://docs.wavefront.com/wavefront_api.html#generating-an-api-token))""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsWavefront], pydantic.Field(alias="pqControls") + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "authType", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "description", + "token", + "textSecret", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeTcpjson(str, Enum): + TCPJSON = "tcpjson" + + +class OutputResponsePqControlsTcpjsonTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsTcpjson(BaseModel): + pass + + +class OutputResponseOutputTcpjsonTypedDict(TypedDict): + type: OutputResponseTypeTcpjson + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + load_balanced: NotRequired[bool] + r"""Use load-balanced destinations""" + compression: NotRequired[CompressionOptionsGzipNone] + r"""Codec to use to compress the data before sending""" + log_failed_requests: NotRequired[bool] + r"""Use to troubleshoot issues with sending data""" + throttle_rate_per_sec: NotRequired[str] + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] + connection_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + write_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + token_ttl_minutes: NotRequired[float] + r"""The number of minutes before the internally generated authentication token expires, valid values between 1 and 60""" + send_header: NotRequired[bool] + r"""Upon connection, send a header-like record containing the auth token and other metadata.This record will not contain an actual event – only subsequent records will.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + description: NotRequired[str] + host: NotRequired[str] + r"""The hostname of the receiver""" + port: NotRequired[float] + r"""The port to connect to on the provided host""" + exclude_self: NotRequired[bool] + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + hosts: NotRequired[List[HostConfOutputSyslogTypedDict]] + r"""Set of hosts to load-balance data to""" + dns_resolve_period_sec: NotRequired[float] + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + load_balance_stats_period_sec: NotRequired[float] + r"""How far back in time to keep traffic stats for load balancing purposes""" + max_concurrent_senders: NotRequired[float] + r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsTcpjsonTypedDict] + auth_token: NotRequired[str] + r"""Optional authentication token to include as part of the connection header""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_host: NotRequired[str] + r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" + template_port: NotRequired[str] + r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputTcpjson(BaseModel): + type: OutputResponseTypeTcpjson + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( + None + ) + r"""Use load-balanced destinations""" + + compression: Optional[CompressionOptionsGzipNone] = None + r"""Codec to use to compress the data before sending""" + + log_failed_requests: Annotated[ + Optional[bool], pydantic.Field(alias="logFailedRequests") + ] = None + r"""Use to troubleshoot issues with sending data""" + + throttle_rate_per_sec: Annotated[ + Optional[str], pydantic.Field(alias="throttleRatePerSec") + ] = None + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + + write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( + None + ) + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + + token_ttl_minutes: Annotated[ + Optional[float], pydantic.Field(alias="tokenTTLMinutes") + ] = None + r"""The number of minutes before the internally generated authentication token expires, valid values between 1 and 60""" + + send_header: Annotated[Optional[bool], pydantic.Field(alias="sendHeader")] = None + r"""Upon connection, send a header-like record containing the auth token and other metadata.This record will not contain an actual event – only subsequent records will.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + description: Optional[str] = None + + host: Optional[str] = None + r"""The hostname of the receiver""" + + port: Optional[float] = None + r"""The port to connect to on the provided host""" + + exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + + hosts: Optional[List[HostConfOutputSyslog]] = None + r"""Set of hosts to load-balance data to""" + + dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") + ] = None + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + + load_balance_stats_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") + ] = None + r"""How far back in time to keep traffic stats for load balancing purposes""" + + max_concurrent_senders: Annotated[ + Optional[float], pydantic.Field(alias="maxConcurrentSenders") + ] = None + r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsTcpjson], pydantic.Field(alias="pqControls") + ] = None + + auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None + r"""Optional authentication token to include as part of the connection header""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_host: Annotated[Optional[str], pydantic.Field(alias="__template_host")] = ( + None + ) + r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" + + template_port: Annotated[Optional[str], pydantic.Field(alias="__template_port")] = ( + None + ) + r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("compression") + def serialize_compression(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsGzipNone(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "loadBalanced", + "compression", + "logFailedRequests", + "throttleRatePerSec", + "tls", + "connectionTimeout", + "writeTimeout", + "tokenTTLMinutes", + "sendHeader", + "onBackpressure", + "authType", + "description", + "host", + "port", + "excludeSelf", + "hosts", + "dnsResolvePeriodSec", + "loadBalanceStatsPeriodSec", + "maxConcurrentSenders", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "authToken", + "textSecret", + "__template_streamtags", + "__template_onBackpressure", + "__template_host", + "__template_port", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeWizHec(str, Enum): + WIZ_HEC = "wiz_hec" + + +class OutputResponsePqControlsWizHecTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsWizHec(BaseModel): + pass + + +class OutputResponseOutputWizHecTypedDict(TypedDict): + type: OutputResponseTypeWizHec + wiz_connector_id: str + r"""The unique identifier for the specific Cribl connector defined in your Wiz Settings. This is used to cross-validate the bearer token and ensure traffic is originating from the authorized integration.""" + wiz_environment: str + r"""Your Wiz deployment environment.""" + data_center: str + r"""Your Wiz deployment data center (e.g., us1, us8, eu1). From Tenant Info → Data Center and Regions → Tenant Data Center in your Wiz console.""" + wiz_sourcetype: str + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + next_queue: NotRequired[str] + r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" + tcp_routing: NotRequired[str] + r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict] + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsWizHecTypedDict] + token: NotRequired[str] + r"""Wiz Defend Auth token""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_wiz_environment: NotRequired[str] + r"""Binds 'wiz_environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_environment' at runtime.""" + template_data_center: NotRequired[str] + r"""Binds 'data_center' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'data_center' at runtime.""" + template_wiz_sourcetype: NotRequired[str] + r"""Binds 'wiz_sourcetype' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_sourcetype' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputWizHec(BaseModel): + type: OutputResponseTypeWizHec + + wiz_connector_id: str + r"""The unique identifier for the specific Cribl connector defined in your Wiz Settings. This is used to cross-validate the bearer token and ensure traffic is originating from the authorized integration.""" + + wiz_environment: str + r"""Your Wiz deployment environment.""" + + data_center: str + r"""Your Wiz deployment data center (e.g., us1, us8, eu1). From Tenant Info → Data Center and Regions → Tenant Data Center in your Wiz console.""" + + wiz_sourcetype: str + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + next_queue: Annotated[Optional[str], pydantic.Field(alias="nextQueue")] = None + r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" + + tcp_routing: Annotated[Optional[str], pydantic.Field(alias="tcpRouting")] = None + r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPathExtended] = None + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsWizHec], pydantic.Field(alias="pqControls") + ] = None + + token: Optional[str] = None + r"""Wiz Defend Auth token""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_wiz_environment: Annotated[ + Optional[str], pydantic.Field(alias="__template_wiz_environment") + ] = None + r"""Binds 'wiz_environment' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_environment' at runtime.""" + + template_data_center: Annotated[ + Optional[str], pydantic.Field(alias="__template_data_center") + ] = None + r"""Binds 'data_center' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'data_center' at runtime.""" + + template_wiz_sourcetype: Annotated[ + Optional[str], pydantic.Field(alias="__template_wiz_sourcetype") + ] = None + r"""Binds 'wiz_sourcetype' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'wiz_sourcetype' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "nextQueue", + "tcpRouting", + "tls", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "failedRequestLoggingMode", + "safeHeaders", + "authType", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "description", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "token", + "textSecret", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_wiz_environment", + "__template_data_center", + "__template_wiz_sourcetype", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeSplunkHec(str, Enum): + SPLUNK_HEC = "splunk_hec" + + +class OutputResponseURLSplunkHecTypedDict(TypedDict): + url: str + r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" + weight: NotRequired[float] + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + +class OutputResponseURLSplunkHec(BaseModel): + url: str + r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" + + weight: Optional[float] = None + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["weight", "__template_url"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponsePqControlsSplunkHecTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsSplunkHec(BaseModel): + pass + + +class OutputResponseOutputSplunkHecTypedDict(TypedDict): + type: OutputResponseTypeSplunkHec + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + load_balanced: NotRequired[bool] + r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" + next_queue: NotRequired[str] + r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" + tcp_routing: NotRequired[str] + r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict] + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + enable_multi_metrics: NotRequired[bool] + r"""Output metrics in multiple-metric format, supported in Splunk 8.0 and above to allow multiple metrics in a single event.""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + description: NotRequired[str] + url: NotRequired[str] + r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + exclude_self: NotRequired[bool] + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + urls: NotRequired[List[OutputResponseURLSplunkHecTypedDict]] + dns_resolve_period_sec: NotRequired[float] + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + load_balance_stats_period_sec: NotRequired[float] + r"""How far back in time to keep traffic stats for load balancing purposes""" + token: NotRequired[str] + r"""Splunk HEC authentication token""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsSplunkHecTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputSplunkHec(BaseModel): + type: OutputResponseTypeSplunkHec + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( + None + ) + r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" + + next_queue: Annotated[Optional[str], pydantic.Field(alias="nextQueue")] = None + r"""In the Splunk app, define which Splunk processing queue to send the events after HEC processing.""" + + tcp_routing: Annotated[Optional[str], pydantic.Field(alias="tcpRouting")] = None + r"""In the Splunk app, set the value of _TCP_ROUTING for events that do not have _ctrl._TCP_ROUTING set.""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPathExtended] = None + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + enable_multi_metrics: Annotated[ + Optional[bool], pydantic.Field(alias="enableMultiMetrics") + ] = None + r"""Output metrics in multiple-metric format, supported in Splunk 8.0 and above to allow multiple metrics in a single event.""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + description: Optional[str] = None + + url: Optional[str] = None + r"""URL to a Splunk HEC endpoint to send events to, e.g., http://localhost:8088/services/collector/event""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + + urls: Optional[List[OutputResponseURLSplunkHec]] = None + + dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") + ] = None + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + + load_balance_stats_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") + ] = None + r"""How far back in time to keep traffic stats for load balancing purposes""" + + token: Optional[str] = None + r"""Splunk HEC authentication token""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsSplunkHec], pydantic.Field(alias="pqControls") + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "loadBalanced", + "nextQueue", + "tcpRouting", + "tls", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "failedRequestLoggingMode", + "safeHeaders", + "enableMultiMetrics", + "authType", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "description", + "url", + "useRoundRobinDns", + "excludeSelf", + "urls", + "dnsResolvePeriodSec", + "loadBalanceStatsPeriodSec", + "token", + "textSecret", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_url", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeSplunkLb(str, Enum): + SPLUNK_LB = "splunk_lb" + + +class OutputResponseAuthTokenTypedDict(TypedDict): + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + auth_token: NotRequired[str] + r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + + +class OutputResponseAuthToken(BaseModel): + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None + r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["authType", "authToken", "textSecret"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseIndexerDiscoveryConfigsTypedDict(TypedDict): + r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" + + site: str + r"""Clustering site of the indexers from where indexers need to be discovered. In case of single site cluster, it defaults to 'default' site.""" + master_uri: str + r"""Full URI of Splunk cluster manager (scheme://host:port). Example: https://managerAddress:8089""" + refresh_interval_sec: float + r"""Time interval, in seconds, between two consecutive indexer list fetches from cluster manager""" + reject_unauthorized: NotRequired[bool] + r"""During indexer discovery, reject cluster manager certificates that are not authorized by the system's CA. Disable to allow untrusted (for example, self-signed) certificates.""" + auth_tokens: NotRequired[List[OutputResponseAuthTokenTypedDict]] + r"""Tokens required to authenticate to cluster manager for indexer discovery""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + auth_token: NotRequired[str] + r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + + +class OutputResponseIndexerDiscoveryConfigs(BaseModel): + r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" + + site: str + r"""Clustering site of the indexers from where indexers need to be discovered. In case of single site cluster, it defaults to 'default' site.""" + + master_uri: Annotated[str, pydantic.Field(alias="masterUri")] + r"""Full URI of Splunk cluster manager (scheme://host:port). Example: https://managerAddress:8089""" + + refresh_interval_sec: Annotated[float, pydantic.Field(alias="refreshIntervalSec")] + r"""Time interval, in seconds, between two consecutive indexer list fetches from cluster manager""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""During indexer discovery, reject cluster manager certificates that are not authorized by the system's CA. Disable to allow untrusted (for example, self-signed) certificates.""" + + auth_tokens: Annotated[ + Optional[List[OutputResponseAuthToken]], pydantic.Field(alias="authTokens") + ] = None + r"""Tokens required to authenticate to cluster manager for indexer discovery""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None + r"""Shared secret to be provided by any client (in authToken header field). If empty, unauthorized access is permitted.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + ["rejectUnauthorized", "authTokens", "authType", "authToken", "textSecret"] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponsePqControlsSplunkLbTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsSplunkLb(BaseModel): + pass + + +class OutputResponseOutputSplunkLbTypedDict(TypedDict): + type: OutputResponseTypeSplunkLb + hosts: List[HostConfOutputSyslogTypedDict] + r"""Set of Splunk indexers to load-balance data to.""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + dns_resolve_period_sec: NotRequired[float] + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + load_balance_stats_period_sec: NotRequired[float] + r"""How far back in time to keep traffic stats for load balancing purposes""" + max_concurrent_senders: NotRequired[float] + r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" + nested_fields: NotRequired[NestedFieldSerializationOptions] + r"""How to serialize nested fields into index-time fields""" + throttle_rate_per_sec: NotRequired[str] + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + connection_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + write_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] + enable_multi_metrics: NotRequired[bool] + r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" + enable_ack: NotRequired[bool] + r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" + log_failed_requests: NotRequired[bool] + r"""Use to troubleshoot issues with sending data""" + max_s2_sversion: NotRequired[MaxS2SVersionOptions] + r"""The highest S2S protocol version to advertise during handshake""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + indexer_discovery: NotRequired[bool] + r"""Automatically discover indexers in indexer clustering environment.""" + sender_unhealthy_time_allowance: NotRequired[float] + r"""How long (in milliseconds) each LB endpoint can report blocked before the Destination reports unhealthy, blocking the sender. (Grace period for fluctuations.) Use 0 to disable; max 1 minute.""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + description: NotRequired[str] + max_failed_health_checks: NotRequired[float] + r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" + compress: NotRequired[CompressionOptions] + r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" + indexer_discovery_configs: NotRequired[ + OutputResponseIndexerDiscoveryConfigsTypedDict + ] + r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" + exclude_self: NotRequired[bool] + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsSplunkLbTypedDict] + auth_token: NotRequired[str] + r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_nested_fields: NotRequired[str] + r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" + template_max_s2_sversion: NotRequired[str] + r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputSplunkLb(BaseModel): + type: OutputResponseTypeSplunkLb + + hosts: List[HostConfOutputSyslog] + r"""Set of Splunk indexers to load-balance data to.""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") + ] = None + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + + load_balance_stats_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") + ] = None + r"""How far back in time to keep traffic stats for load balancing purposes""" + + max_concurrent_senders: Annotated[ + Optional[float], pydantic.Field(alias="maxConcurrentSenders") + ] = None + r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" + + nested_fields: Annotated[ + Optional[NestedFieldSerializationOptions], pydantic.Field(alias="nestedFields") + ] = None + r"""How to serialize nested fields into index-time fields""" + + throttle_rate_per_sec: Annotated[ + Optional[str], pydantic.Field(alias="throttleRatePerSec") + ] = None + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + + write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( + None + ) + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None + + enable_multi_metrics: Annotated[ + Optional[bool], pydantic.Field(alias="enableMultiMetrics") + ] = None + r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" + + enable_ack: Annotated[Optional[bool], pydantic.Field(alias="enableACK")] = None + r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" + + log_failed_requests: Annotated[ + Optional[bool], pydantic.Field(alias="logFailedRequests") + ] = None + r"""Use to troubleshoot issues with sending data""" + + max_s2_sversion: Annotated[ + Optional[MaxS2SVersionOptions], pydantic.Field(alias="maxS2Sversion") + ] = None + r"""The highest S2S protocol version to advertise during handshake""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + indexer_discovery: Annotated[ + Optional[bool], pydantic.Field(alias="indexerDiscovery") + ] = None + r"""Automatically discover indexers in indexer clustering environment.""" + + sender_unhealthy_time_allowance: Annotated[ + Optional[float], pydantic.Field(alias="senderUnhealthyTimeAllowance") + ] = None + r"""How long (in milliseconds) each LB endpoint can report blocked before the Destination reports unhealthy, blocking the sender. (Grace period for fluctuations.) Use 0 to disable; max 1 minute.""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + description: Optional[str] = None + + max_failed_health_checks: Annotated[ + Optional[float], pydantic.Field(alias="maxFailedHealthChecks") + ] = None + r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" + + compress: Optional[CompressionOptions] = None + r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" + + indexer_discovery_configs: Annotated[ + Optional[OutputResponseIndexerDiscoveryConfigs], + pydantic.Field(alias="indexerDiscoveryConfigs"), + ] = None + r"""List of configurations to set up indexer discovery in Splunk Indexer clustering environment.""" + + exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsSplunkLb], pydantic.Field(alias="pqControls") + ] = None + + auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None + r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_nested_fields: Annotated[ + Optional[str], pydantic.Field(alias="__template_nestedFields") + ] = None + r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" + + template_max_s2_sversion: Annotated[ + Optional[str], pydantic.Field(alias="__template_maxS2Sversion") + ] = None + r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("nested_fields") + def serialize_nested_fields(self, value): + if isinstance(value, str): + try: + return models.NestedFieldSerializationOptions(value) + except ValueError: + return value + return value + + @field_serializer("max_s2_sversion") + def serialize_max_s2_sversion(self, value): + if isinstance(value, str): + try: + return models.MaxS2SVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "dnsResolvePeriodSec", + "loadBalanceStatsPeriodSec", + "maxConcurrentSenders", + "nestedFields", + "throttleRatePerSec", + "connectionTimeout", + "writeTimeout", + "tls", + "enableMultiMetrics", + "enableACK", + "logFailedRequests", + "maxS2Sversion", + "onBackpressure", + "indexerDiscovery", + "senderUnhealthyTimeAllowance", + "authType", + "description", + "maxFailedHealthChecks", + "compress", + "indexerDiscoveryConfigs", + "excludeSelf", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "authToken", + "textSecret", + "__template_streamtags", + "__template_nestedFields", + "__template_maxS2Sversion", + "__template_onBackpressure", + "__template_compress", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeSplunk(str, Enum): + SPLUNK = "splunk" + + +class OutputResponsePqControlsSplunkTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsSplunk(BaseModel): + pass + + +class OutputResponseOutputSplunkTypedDict(TypedDict): + type: OutputResponseTypeSplunk + host: str + r"""The hostname of the receiver""" + port: float + r"""The port to connect to on the provided host""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + nested_fields: NotRequired[NestedFieldSerializationOptions] + r"""How to serialize nested fields into index-time fields""" + throttle_rate_per_sec: NotRequired[str] + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + connection_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + write_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] + enable_multi_metrics: NotRequired[bool] + r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" + enable_ack: NotRequired[bool] + r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" + log_failed_requests: NotRequired[bool] + r"""Use to troubleshoot issues with sending data""" + max_s2_sversion: NotRequired[MaxS2SVersionOptions] + r"""The highest S2S protocol version to advertise during handshake""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[AuthenticationMethodOptionsAuthTokensItems] + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + description: NotRequired[str] + max_failed_health_checks: NotRequired[float] + r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" + compress: NotRequired[CompressionOptions] + r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsSplunkTypedDict] + auth_token: NotRequired[str] + r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_host: NotRequired[str] + r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" + template_port: NotRequired[str] + r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" + template_nested_fields: NotRequired[str] + r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" + template_max_s2_sversion: NotRequired[str] + r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_compress: NotRequired[str] + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputSplunk(BaseModel): + type: OutputResponseTypeSplunk + + host: str + r"""The hostname of the receiver""" + + port: float + r"""The port to connect to on the provided host""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + nested_fields: Annotated[ + Optional[NestedFieldSerializationOptions], pydantic.Field(alias="nestedFields") + ] = None + r"""How to serialize nested fields into index-time fields""" + + throttle_rate_per_sec: Annotated[ + Optional[str], pydantic.Field(alias="throttleRatePerSec") + ] = None + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + + write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( + None + ) + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None + + enable_multi_metrics: Annotated[ + Optional[bool], pydantic.Field(alias="enableMultiMetrics") + ] = None + r"""Output metrics in multiple-metric format in a single event. Supported in Splunk 8.0 and above.""" + + enable_ack: Annotated[Optional[bool], pydantic.Field(alias="enableACK")] = None + r"""Check if indexer is shutting down and stop sending data. This helps minimize data loss during shutdown.""" + + log_failed_requests: Annotated[ + Optional[bool], pydantic.Field(alias="logFailedRequests") + ] = None + r"""Use to troubleshoot issues with sending data""" + + max_s2_sversion: Annotated[ + Optional[MaxS2SVersionOptions], pydantic.Field(alias="maxS2Sversion") + ] = None + r"""The highest S2S protocol version to advertise during handshake""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[AuthenticationMethodOptionsAuthTokensItems], + pydantic.Field(alias="authType"), + ] = None + r"""Select Manual to enter an auth token directly, or select Secret to use a text secret to authenticate""" + + description: Optional[str] = None + + max_failed_health_checks: Annotated[ + Optional[float], pydantic.Field(alias="maxFailedHealthChecks") + ] = None + r"""Maximum number of times healthcheck can fail before we close connection. If set to 0 (disabled), and the connection to Splunk is forcibly closed, some data loss might occur.""" + + compress: Optional[CompressionOptions] = None + r"""Controls whether the sender should send compressed data to the server. Select 'Disabled' to reject compressed connections or 'Always' to ignore server's configuration and send compressed data.""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsSplunk], pydantic.Field(alias="pqControls") + ] = None + + auth_token: Annotated[Optional[str], pydantic.Field(alias="authToken")] = None + r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_host: Annotated[Optional[str], pydantic.Field(alias="__template_host")] = ( + None + ) + r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" + + template_port: Annotated[Optional[str], pydantic.Field(alias="__template_port")] = ( + None + ) + r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" + + template_nested_fields: Annotated[ + Optional[str], pydantic.Field(alias="__template_nestedFields") + ] = None + r"""Binds 'nestedFields' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'nestedFields' at runtime.""" + + template_max_s2_sversion: Annotated[ + Optional[str], pydantic.Field(alias="__template_maxS2Sversion") + ] = None + r"""Binds 'maxS2Sversion' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'maxS2Sversion' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_compress: Annotated[ + Optional[str], pydantic.Field(alias="__template_compress") + ] = None + r"""Binds 'compress' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'compress' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("nested_fields") + def serialize_nested_fields(self, value): + if isinstance(value, str): + try: + return models.NestedFieldSerializationOptions(value) + except ValueError: + return value + return value + + @field_serializer("max_s2_sversion") + def serialize_max_s2_sversion(self, value): + if isinstance(value, str): + try: + return models.MaxS2SVersionOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.AuthenticationMethodOptionsAuthTokensItems(value) + except ValueError: + return value + return value + + @field_serializer("compress") + def serialize_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "nestedFields", + "throttleRatePerSec", + "connectionTimeout", + "writeTimeout", + "tls", + "enableMultiMetrics", + "enableACK", + "logFailedRequests", + "maxS2Sversion", + "onBackpressure", + "authType", + "description", + "maxFailedHealthChecks", + "compress", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "authToken", + "textSecret", + "__template_streamtags", + "__template_host", + "__template_port", + "__template_nestedFields", + "__template_maxS2Sversion", + "__template_onBackpressure", + "__template_compress", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeSyslog(str, Enum): + SYSLOG = "syslog" + + +class OutputResponseProtocolSyslog(str, Enum, metaclass=utils.OpenEnumMeta): + r"""The network protocol to use for sending out syslog messages""" + + # TCP + TCP = "tcp" + # UDP + UDP = "udp" + + +class OutputResponseFacility(int, Enum, metaclass=utils.OpenEnumMeta): + r"""Default value for message facility. Will be overwritten by value of __facility if set. Defaults to user.""" + + # kern + KERN = 0 + # user + USER = 1 + # mail + MAIL = 2 + # daemon + DAEMON = 3 + # auth + AUTH = 4 + # syslog + SYSLOG = 5 + # lpr + LPR = 6 + # news + NEWS = 7 + # uucp + UUCP = 8 + # cron + CRON = 9 + # authpriv + AUTHPRIV = 10 + # ftp + FTP = 11 + # ntp + NTP = 12 + # security + SECURITY = 13 + # console + CONSOLE = 14 + # solaris-cron + SOLARIS_CRON = 15 + # local0 + LOCAL0 = 16 + # local1 + LOCAL1 = 17 + # local2 + LOCAL2 = 18 + # local3 + LOCAL3 = 19 + # local4 + LOCAL4 = 20 + # local5 + LOCAL5 = 21 + + +class OutputResponseSeveritySyslog(int, Enum, metaclass=utils.OpenEnumMeta): + r"""Default value for message severity. Will be overwritten by value of __severity if set. Defaults to notice.""" + + # emergency + EMERGENCY = 0 + # alert + ALERT = 1 + # critical + CRITICAL = 2 + # error + ERROR = 3 + # warning + WARNING = 4 + # notice + NOTICE = 5 + # info + INFO = 6 + # debug + DEBUG = 7 + + +class OutputResponseMessageFormat(str, Enum, metaclass=utils.OpenEnumMeta): + r"""The syslog message format depending on the receiver's support""" + + # RFC3164 + RFC3164 = "rfc3164" + # RFC5424 + RFC5424 = "rfc5424" + + +class OutputResponseTimestampFormat(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Timestamp format to use when serializing event's time field""" + + # Syslog + SYSLOG = "syslog" + # ISO8601 + ISO8601 = "iso8601" + + +class OutputResponsePqControlsSyslogTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsSyslog(BaseModel): + pass + + +class OutputResponseOutputSyslogTypedDict(TypedDict): + type: OutputResponseTypeSyslog + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + protocol: NotRequired[OutputResponseProtocolSyslog] + r"""The network protocol to use for sending out syslog messages""" + facility: NotRequired[OutputResponseFacility] + r"""Default value for message facility. Will be overwritten by value of __facility if set. Defaults to user.""" + severity: NotRequired[OutputResponseSeveritySyslog] + r"""Default value for message severity. Will be overwritten by value of __severity if set. Defaults to notice.""" + app_name: NotRequired[str] + r"""Default name for device or application that originated the message. Defaults to Cribl, but will be overwritten by value of __appname if set.""" + message_format: NotRequired[OutputResponseMessageFormat] + r"""The syslog message format depending on the receiver's support""" + timestamp_format: NotRequired[OutputResponseTimestampFormat] + r"""Timestamp format to use when serializing event's time field""" + throttle_rate_per_sec: NotRequired[str] + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + octet_count_framing: NotRequired[bool] + r"""Prefix messages with the byte count of the message. If disabled, no prefix will be set, and the message will be appended with a \n.""" + log_failed_requests: NotRequired[bool] + r"""Use to troubleshoot issues with sending data""" + description: NotRequired[str] + load_balanced: NotRequired[bool] + r"""For optimal performance, enable load balancing even if you have one hostname, as it can expand to multiple IPs. If this setting is disabled, consider enabling round-robin DNS.""" + host: NotRequired[str] + r"""The hostname of the receiver""" + port: NotRequired[float] + r"""The port to connect to on the provided host""" + exclude_self: NotRequired[bool] + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + hosts: NotRequired[List[HostConfOutputSyslogTypedDict]] + r"""Set of hosts to load-balance data to""" + dns_resolve_period_sec: NotRequired[float] + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + load_balance_stats_period_sec: NotRequired[float] + r"""How far back in time to keep traffic stats for load balancing purposes""" + max_concurrent_senders: NotRequired[float] + r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" + connection_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + write_timeout: NotRequired[float] + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathTypedDict] + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + max_record_size: NotRequired[float] + r"""Maximum size of syslog messages. Make sure this value is less than or equal to the MTU to avoid UDP packet fragmentation.""" + udp_dns_resolve_period_sec: NotRequired[float] + r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every message sent will incur a DNS lookup.""" + enable_ip_spoofing: NotRequired[bool] + r"""Send Syslog traffic using the original event's Source IP and port. To enable this, you must install the external `udp-sender` helper binary at `/usr/bin/udp-sender` on all Worker Nodes and grant it the `CAP_NET_RAW` capability.""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsSyslogTypedDict] + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_host: NotRequired[str] + r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" + template_port: NotRequired[str] + r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputSyslog(BaseModel): + type: OutputResponseTypeSyslog + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + protocol: Optional[OutputResponseProtocolSyslog] = None + r"""The network protocol to use for sending out syslog messages""" + + facility: Optional[OutputResponseFacility] = None + r"""Default value for message facility. Will be overwritten by value of __facility if set. Defaults to user.""" + + severity: Optional[OutputResponseSeveritySyslog] = None + r"""Default value for message severity. Will be overwritten by value of __severity if set. Defaults to notice.""" + + app_name: Annotated[Optional[str], pydantic.Field(alias="appName")] = None + r"""Default name for device or application that originated the message. Defaults to Cribl, but will be overwritten by value of __appname if set.""" + + message_format: Annotated[ + Optional[OutputResponseMessageFormat], pydantic.Field(alias="messageFormat") + ] = None + r"""The syslog message format depending on the receiver's support""" + + timestamp_format: Annotated[ + Optional[OutputResponseTimestampFormat], pydantic.Field(alias="timestampFormat") + ] = None + r"""Timestamp format to use when serializing event's time field""" + + throttle_rate_per_sec: Annotated[ + Optional[str], pydantic.Field(alias="throttleRatePerSec") + ] = None + r"""Rate (in bytes per second) to throttle while writing to an output. Accepts values with multiple-byte units, such as KB, MB, and GB. (Example: 42 MB) Default value of 0 specifies no throttling.""" + + octet_count_framing: Annotated[ + Optional[bool], pydantic.Field(alias="octetCountFraming") + ] = None + r"""Prefix messages with the byte count of the message. If disabled, no prefix will be set, and the message will be appended with a \n.""" + + log_failed_requests: Annotated[ + Optional[bool], pydantic.Field(alias="logFailedRequests") + ] = None + r"""Use to troubleshoot issues with sending data""" + + description: Optional[str] = None + + load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( + None + ) + r"""For optimal performance, enable load balancing even if you have one hostname, as it can expand to multiple IPs. If this setting is disabled, consider enabling round-robin DNS.""" + + host: Optional[str] = None + r"""The hostname of the receiver""" + + port: Optional[float] = None + r"""The port to connect to on the provided host""" + + exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + + hosts: Optional[List[HostConfOutputSyslog]] = None + r"""Set of hosts to load-balance data to""" + + dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") + ] = None + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + + load_balance_stats_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") + ] = None + r"""How far back in time to keep traffic stats for load balancing purposes""" + + max_concurrent_senders: Annotated[ + Optional[float], pydantic.Field(alias="maxConcurrentSenders") + ] = None + r"""Maximum number of concurrent connections (per Worker Process). A random set of IPs will be picked on every DNS resolution period. Use 0 for unlimited.""" + + connection_timeout: Annotated[ + Optional[float], pydantic.Field(alias="connectionTimeout") + ] = None + r"""Amount of time (milliseconds) to wait for the connection to establish before retrying""" + + write_timeout: Annotated[Optional[float], pydantic.Field(alias="writeTimeout")] = ( + None + ) + r"""Amount of time (milliseconds) to wait for a write to complete before assuming connection is dead""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPath] = None + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + max_record_size: Annotated[ + Optional[float], pydantic.Field(alias="maxRecordSize") + ] = None + r"""Maximum size of syslog messages. Make sure this value is less than or equal to the MTU to avoid UDP packet fragmentation.""" + + udp_dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="udpDnsResolvePeriodSec") + ] = None + r"""How often to resolve the destination hostname to an IP address. Ignored if the destination is an IP address. A value of 0 means every message sent will incur a DNS lookup.""" + + enable_ip_spoofing: Annotated[ + Optional[bool], pydantic.Field(alias="enableIpSpoofing") + ] = None + r"""Send Syslog traffic using the original event's Source IP and port. To enable this, you must install the external `udp-sender` helper binary at `/usr/bin/udp-sender` on all Worker Nodes and grant it the `CAP_NET_RAW` capability.""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsSyslog], pydantic.Field(alias="pqControls") + ] = None + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_host: Annotated[Optional[str], pydantic.Field(alias="__template_host")] = ( + None + ) + r"""Binds 'host' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'host' at runtime.""" + + template_port: Annotated[Optional[str], pydantic.Field(alias="__template_port")] = ( + None + ) + r"""Binds 'port' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'port' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("protocol") + def serialize_protocol(self, value): + if isinstance(value, str): + try: + return models.OutputResponseProtocolSyslog(value) + except ValueError: + return value + return value + + @field_serializer("facility") + def serialize_facility(self, value): + if isinstance(value, str): + try: + return models.OutputResponseFacility(value) + except ValueError: + return value + return value + + @field_serializer("severity") + def serialize_severity(self, value): + if isinstance(value, str): + try: + return models.OutputResponseSeveritySyslog(value) + except ValueError: + return value + return value + + @field_serializer("message_format") + def serialize_message_format(self, value): + if isinstance(value, str): + try: + return models.OutputResponseMessageFormat(value) + except ValueError: + return value + return value + + @field_serializer("timestamp_format") + def serialize_timestamp_format(self, value): + if isinstance(value, str): + try: + return models.OutputResponseTimestampFormat(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "protocol", + "facility", + "severity", + "appName", + "messageFormat", + "timestampFormat", + "throttleRatePerSec", + "octetCountFraming", + "logFailedRequests", + "description", + "loadBalanced", + "host", + "port", + "excludeSelf", + "hosts", + "dnsResolvePeriodSec", + "loadBalanceStatsPeriodSec", + "maxConcurrentSenders", + "connectionTimeout", + "writeTimeout", + "tls", + "onBackpressure", + "maxRecordSize", + "udpDnsResolvePeriodSec", + "enableIpSpoofing", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "__template_streamtags", + "__template_host", + "__template_port", + "__template_onBackpressure", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeDevnull(str, Enum): + DEVNULL = "devnull" + + +class OutputResponseOutputDevnullTypedDict(TypedDict): + type: OutputResponseTypeDevnull + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputDevnull(BaseModel): + type: OutputResponseTypeDevnull + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "__template_streamtags", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseTypeSentinel(str, Enum): + SENTINEL = "sentinel" + + +class OutputResponseAuthType(str, Enum, metaclass=utils.OpenEnumMeta): + OAUTH = "oauth" + + +class OutputResponseEndpointConfiguration(str, Enum, metaclass=utils.OpenEnumMeta): + r"""Enter the data collection endpoint URL or the individual ID""" + + # URL + URL = "url" + # ID + ID = "ID" + + +class OutputResponseFormatSentinel(str, Enum, metaclass=utils.OpenEnumMeta): + NDJSON = "ndjson" + JSON_ARRAY = "json_array" + CUSTOM = "custom" + ADVANCED = "advanced" + + +class OutputResponsePqControlsSentinelTypedDict(TypedDict): + pass + + +class OutputResponsePqControlsSentinel(BaseModel): + pass + + +class OutputResponseOutputSentinelTypedDict(TypedDict): + type: OutputResponseTypeSentinel + login_url: str + r"""URL for OAuth""" + secret: str + r"""Secret parameter value to pass in request body""" + client_id: str + r"""JavaScript expression to compute the Client ID for the Azure application. Can be a constant.""" + endpoint_url_configuration: OutputResponseEndpointConfiguration + r"""Enter the data collection endpoint URL or the individual ID""" + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + keep_alive: NotRequired[bool] + r"""Disable to close the connection immediately after sending the outgoing request""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size (KB) of the request body (defaults to the API's maximum limit of 1000 KB)""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[OutputResponseAuthType] + scope: NotRequired[str] + r"""Scope to pass in the OAuth request""" + total_memory_limit_kb: NotRequired[float] + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + description: NotRequired[str] + format_: NotRequired[OutputResponseFormatSentinel] + custom_source_expression: NotRequired[str] + r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" + custom_drop_when_null: NotRequired[bool] + r"""Whether to drop events when the source expression evaluates to null""" + custom_event_delimiter: NotRequired[str] + r"""Delimiter string to insert between individual events. Defaults to newline character.""" + custom_content_type: NotRequired[str] + r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" + custom_payload_expression: NotRequired[str] + r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" + advanced_content_type: NotRequired[str] + r"""HTTP content-type header value""" + format_event_code: NotRequired[str] + r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + format_payload_code: NotRequired[str] + r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponsePqControlsSentinelTypedDict] + url: NotRequired[str] + r"""URL to send events to. Can be overwritten by an event's __url field.""" + dcr_id: NotRequired[str] + r"""Immutable ID for the Data Collection Rule (DCR)""" + dce_endpoint: NotRequired[str] + r"""Data collection endpoint (DCE) URL. In the format: `https://-..ingest.monitor.azure.com`""" + stream_name: NotRequired[str] + r"""The name of the stream (Sentinel table) in which to store the events""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + template_secret: NotRequired[str] + r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" + template_client_id: NotRequired[str] + r"""Binds 'client_id' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'client_id' at runtime.""" + template_scope: NotRequired[str] + r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + template_dcr_id: NotRequired[str] + r"""Binds 'dcrID' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dcrID' at runtime.""" + template_dce_endpoint: NotRequired[str] + r"""Binds 'dceEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dceEndpoint' at runtime.""" + template_stream_name: NotRequired[str] + r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputSentinel(BaseModel): + type: OutputResponseTypeSentinel + + login_url: Annotated[str, pydantic.Field(alias="loginUrl")] + r"""URL for OAuth""" + + secret: str + r"""Secret parameter value to pass in request body""" + + client_id: str + r"""JavaScript expression to compute the Client ID for the Azure application. Can be a constant.""" + + endpoint_url_configuration: Annotated[ + OutputResponseEndpointConfiguration, + pydantic.Field(alias="endpointURLConfiguration"), + ] + r"""Enter the data collection endpoint URL or the individual ID""" + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + keep_alive: Annotated[Optional[bool], pydantic.Field(alias="keepAlive")] = None + r"""Disable to close the connection immediately after sending the outgoing request""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size (KB) of the request body (defaults to the API's maximum limit of 1000 KB)""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[OutputResponseAuthType], pydantic.Field(alias="authType") + ] = None + + scope: Optional[str] = None + r"""Scope to pass in the OAuth request""" + + total_memory_limit_kb: Annotated[ + Optional[float], pydantic.Field(alias="totalMemoryLimitKB") + ] = None + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + + description: Optional[str] = None + + format_: Annotated[ + Optional[OutputResponseFormatSentinel], pydantic.Field(alias="format") + ] = None + + custom_source_expression: Annotated[ + Optional[str], pydantic.Field(alias="customSourceExpression") + ] = None + r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" + + custom_drop_when_null: Annotated[ + Optional[bool], pydantic.Field(alias="customDropWhenNull") + ] = None + r"""Whether to drop events when the source expression evaluates to null""" + + custom_event_delimiter: Annotated[ + Optional[str], pydantic.Field(alias="customEventDelimiter") + ] = None + r"""Delimiter string to insert between individual events. Defaults to newline character.""" + + custom_content_type: Annotated[ + Optional[str], pydantic.Field(alias="customContentType") + ] = None + r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" + + custom_payload_expression: Annotated[ + Optional[str], pydantic.Field(alias="customPayloadExpression") + ] = None + r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" + + advanced_content_type: Annotated[ + Optional[str], pydantic.Field(alias="advancedContentType") + ] = None + r"""HTTP content-type header value""" + + format_event_code: Annotated[ + Optional[str], pydantic.Field(alias="formatEventCode") + ] = None + r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + + format_payload_code: Annotated[ + Optional[str], pydantic.Field(alias="formatPayloadCode") + ] = None + r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponsePqControlsSentinel], pydantic.Field(alias="pqControls") + ] = None + + url: Optional[str] = None + r"""URL to send events to. Can be overwritten by an event's __url field.""" + + dcr_id: Annotated[Optional[str], pydantic.Field(alias="dcrID")] = None + r"""Immutable ID for the Data Collection Rule (DCR)""" + + dce_endpoint: Annotated[Optional[str], pydantic.Field(alias="dceEndpoint")] = None + r"""Data collection endpoint (DCE) URL. In the format: `https://-..ingest.monitor.azure.com`""" + + stream_name: Annotated[Optional[str], pydantic.Field(alias="streamName")] = None + r"""The name of the stream (Sentinel table) in which to store the events""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + template_secret: Annotated[ + Optional[str], pydantic.Field(alias="__template_secret") + ] = None + r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" + + template_client_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_client_id") + ] = None + r"""Binds 'client_id' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'client_id' at runtime.""" + + template_scope: Annotated[ + Optional[str], pydantic.Field(alias="__template_scope") + ] = None + r"""Binds 'scope' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'scope' at runtime.""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + template_dcr_id: Annotated[ + Optional[str], pydantic.Field(alias="__template_dcrID") + ] = None + r"""Binds 'dcrID' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dcrID' at runtime.""" + + template_dce_endpoint: Annotated[ + Optional[str], pydantic.Field(alias="__template_dceEndpoint") + ] = None + r"""Binds 'dceEndpoint' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'dceEndpoint' at runtime.""" + + template_stream_name: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamName") + ] = None + r"""Binds 'streamName' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamName' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.OutputResponseAuthType(value) + except ValueError: + return value + return value + + @field_serializer("endpoint_url_configuration") + def serialize_endpoint_url_configuration(self, value): + if isinstance(value, str): + try: + return models.OutputResponseEndpointConfiguration(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.OutputResponseFormatSentinel(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "keepAlive", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "authType", + "scope", + "totalMemoryLimitKB", + "description", + "format", + "customSourceExpression", + "customDropWhenNull", + "customEventDelimiter", + "customContentType", + "customPayloadExpression", + "advancedContentType", + "formatEventCode", + "formatPayloadCode", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "url", + "dcrID", + "dceEndpoint", + "streamName", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_loginUrl", + "__template_secret", + "__template_client_id", + "__template_scope", + "__template_url", + "__template_dcrID", + "__template_dceEndpoint", + "__template_streamName", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseOutputWebhookType2(str, Enum): + WEBHOOK = "webhook" + + +class OutputResponseOutputWebhookFormat2(str, Enum, metaclass=utils.OpenEnumMeta): + r"""How to format events before sending out""" + + # NDJSON (Newline Delimited JSON) + NDJSON = "ndjson" + # JSON Array + JSON_ARRAY = "json_array" + # Custom + CUSTOM = "custom" + # Advanced + ADVANCED = "advanced" + + +class OutputResponseOutputWebhookAuthenticationType2( + str, Enum, metaclass=utils.OpenEnumMeta +): + r"""Authentication method to use for the HTTP request""" + + # None + NONE = "none" + # Basic + BASIC = "basic" + # Basic (credentials secret) + CREDENTIALS_SECRET = "credentialsSecret" + # Token + TOKEN = "token" + # Token (text secret) + TEXT_SECRET = "textSecret" + # OAuth + OAUTH = "oauth" + + +class OutputResponseOutputWebhookPqControls2TypedDict(TypedDict): + pass + + +class OutputResponseOutputWebhookPqControls2(BaseModel): + pass + + +class OutputResponseOutputWebhookURL2TypedDict(TypedDict): + url: str + r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" + weight: NotRequired[float] + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + +class OutputResponseOutputWebhookURL2(BaseModel): + url: str + r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" + + weight: Optional[float] = None + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["weight", "__template_url"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseOutputWebhookWebhook2TypedDict(TypedDict): + type: OutputResponseOutputWebhookType2 + urls: List[OutputResponseOutputWebhookURL2TypedDict] + id: NotRequired[str] + r"""Unique ID for this output""" + pipeline: NotRequired[str] + r"""Pipeline to process data before sending out to this output""" + system_fields: NotRequired[List[str]] + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + environment: NotRequired[str] + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + streamtags: NotRequired[List[str]] + r"""Tags for filtering and grouping in @{product}""" + method: NotRequired[MethodOptions] + r"""The method to use when sending events""" + format_: NotRequired[OutputResponseOutputWebhookFormat2] + r"""How to format events before sending out""" + keep_alive: NotRequired[bool] + r"""Disable to close the connection immediately after sending the outgoing request""" + concurrency: NotRequired[float] + r"""Maximum number of ongoing requests before blocking""" + max_payload_size_kb: NotRequired[float] + r"""Maximum size, in KB, of the request body""" + max_payload_events: NotRequired[float] + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + compress: NotRequired[bool] + r"""Compress the payload body before sending""" + reject_unauthorized: NotRequired[bool] + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + timeout_sec: NotRequired[float] + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + flush_period_sec: NotRequired[float] + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + extra_http_headers: NotRequired[List[ExtraHTTPHeaderConfInputElasticTypedDict]] + r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" + use_round_robin_dns: NotRequired[bool] + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + failed_request_logging_mode: NotRequired[FailedRequestLoggingModeOptions] + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + safe_headers: NotRequired[List[str]] + r"""List of headers that are safe to log in plain text""" + response_retry_settings: NotRequired[ + List[ResponseRetrySettingConfOutputWebhookTypedDict] + ] + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] + response_honor_retry_after_header: NotRequired[bool] + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + on_backpressure: NotRequired[BackpressureBehaviorOptions] + r"""How to handle events when all receivers are exerting backpressure""" + auth_type: NotRequired[OutputResponseOutputWebhookAuthenticationType2] + r"""Authentication method to use for the HTTP request""" + tls: NotRequired[TLSSettingsClientSideTypeCaPathCertPathExtendedTypedDict] + total_memory_limit_kb: NotRequired[float] + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + load_balanced: NotRequired[bool] + r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" + description: NotRequired[str] + custom_source_expression: NotRequired[str] + r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" + custom_drop_when_null: NotRequired[bool] + r"""Whether to drop events when the source expression evaluates to null""" + custom_event_delimiter: NotRequired[str] + r"""Delimiter string to insert between individual events. Defaults to newline character.""" + custom_content_type: NotRequired[str] + r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" + custom_payload_expression: NotRequired[str] + r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" + advanced_content_type: NotRequired[str] + r"""HTTP content-type header value""" + format_event_code: NotRequired[str] + r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + format_payload_code: NotRequired[str] + r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + pq_strict_ordering: NotRequired[bool] + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + pq_rate_per_sec: NotRequired[float] + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + pq_mode: NotRequired[ModeOptions] + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + pq_max_buffer_size: NotRequired[float] + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + pq_max_backpressure_sec: NotRequired[float] + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + pq_max_file_size: NotRequired[str] + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + pq_max_size: NotRequired[str] + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + pq_path: NotRequired[str] + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + pq_compress: NotRequired[CompressionOptionsPq] + r"""Codec to use to compress the persisted data""" + pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + pq_max_buffer_size_bytes: NotRequired[str] + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + pq_controls: NotRequired[OutputResponseOutputWebhookPqControls2TypedDict] + username: NotRequired[str] + password: NotRequired[str] + token: NotRequired[str] + r"""Bearer token to include in the authorization header""" + credentials_secret: NotRequired[str] + r"""Select or create a secret that references your credentials""" + text_secret: NotRequired[str] + r"""Select or create a stored text secret""" + login_url: NotRequired[str] + r"""URL for OAuth""" + secret_param_name: NotRequired[str] + r"""Secret parameter name to pass in request body""" + secret: NotRequired[str] + r"""Secret parameter value to pass in request body""" + token_attribute_name: NotRequired[str] + r"""Name of the auth token attribute in the OAuth response. Can be top-level (e.g., 'token'); or nested, using a period (e.g., 'data.token').""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression to compute the Authorization header value to pass in requests. The value `${token}` is used to reference the token obtained from authentication, e.g.: `Bearer ${token}`.""" + token_timeout_secs: NotRequired[float] + r"""How often the OAuth token should be refreshed.""" + oauth_params: NotRequired[List[OauthParamConfInputServicenowTableTypedDict]] + r"""Additional parameters to send in the OAuth login request. @{product} will combine the secret with these parameters, and will send the URL-encoded result in a POST request to the endpoint specified in the 'Login URL'. We'll automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" + oauth_headers: NotRequired[List[OauthHeaderConfInputServicenowTableTypedDict]] + r"""Additional headers to send in the OAuth login request. @{product} will automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" + url: NotRequired[str] + r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" + exclude_self: NotRequired[bool] + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + dns_resolve_period_sec: NotRequired[float] + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + load_balance_stats_period_sec: NotRequired[float] + r"""How far back in time to keep traffic stats for load balancing purposes""" + template_streamtags: NotRequired[str] + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + template_failed_request_logging_mode: NotRequired[str] + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + template_on_backpressure: NotRequired[str] + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + template_secret: NotRequired[str] + r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + notifications: NotRequired[List[NotificationUnionTypedDict]] + r"""Notifications attached to the Destination.""" + status: NotRequired[StatusTypeTypedDict] + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + +class OutputResponseOutputWebhookWebhook2(BaseModel): + type: OutputResponseOutputWebhookType2 + + urls: List[OutputResponseOutputWebhookURL2] + + id: Optional[str] = None + r"""Unique ID for this output""" + + pipeline: Optional[str] = None + r"""Pipeline to process data before sending out to this output""" + + system_fields: Annotated[ + Optional[List[str]], pydantic.Field(alias="systemFields") + ] = None + r"""Fields to automatically add to events, such as cribl_pipe. Supports wildcards.""" + + environment: Optional[str] = None + r"""Optionally, enable this config only on a specified Git branch. If empty, will be enabled everywhere.""" + + streamtags: Optional[List[str]] = None + r"""Tags for filtering and grouping in @{product}""" + + method: Optional[MethodOptions] = None + r"""The method to use when sending events""" + + format_: Annotated[ + Optional[OutputResponseOutputWebhookFormat2], pydantic.Field(alias="format") + ] = None + r"""How to format events before sending out""" + + keep_alive: Annotated[Optional[bool], pydantic.Field(alias="keepAlive")] = None + r"""Disable to close the connection immediately after sending the outgoing request""" + + concurrency: Optional[float] = None + r"""Maximum number of ongoing requests before blocking""" + + max_payload_size_kb: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadSizeKB") + ] = None + r"""Maximum size, in KB, of the request body""" + + max_payload_events: Annotated[ + Optional[float], pydantic.Field(alias="maxPayloadEvents") + ] = None + r"""Maximum number of events to include in the request body. Default is 0 (unlimited).""" + + compress: Optional[bool] = None + r"""Compress the payload body before sending""" + + reject_unauthorized: Annotated[ + Optional[bool], pydantic.Field(alias="rejectUnauthorized") + ] = None + r"""Reject certificates not authorized by a CA in the CA certificate path or by another trusted CA (such as the system's). + Enabled by default. When this setting is also present in TLS Settings (Client Side), + that value will take precedence. + """ + + timeout_sec: Annotated[Optional[float], pydantic.Field(alias="timeoutSec")] = None + r"""Amount of time, in seconds, to wait for a request to complete before canceling it""" + + flush_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="flushPeriodSec") + ] = None + r"""Maximum time between requests. Small values could cause the payload size to be smaller than the configured Body size limit.""" + + extra_http_headers: Annotated[ + Optional[List[ExtraHTTPHeaderConfInputElastic]], + pydantic.Field(alias="extraHttpHeaders"), + ] = None + r"""Headers to add to all events. You can also add headers dynamically on a per-event basis in the __headers field, as explained in [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook/#internal-fields).""" + + use_round_robin_dns: Annotated[ + Optional[bool], pydantic.Field(alias="useRoundRobinDns") + ] = None + r"""Enable round-robin DNS lookup. When a DNS server returns multiple addresses, @{product} will cycle through them in the order returned. For optimal performance, consider enabling this setting for non-load balanced destinations.""" + + failed_request_logging_mode: Annotated[ + Optional[FailedRequestLoggingModeOptions], + pydantic.Field(alias="failedRequestLoggingMode"), + ] = None + r"""Data to log when a request fails. All headers are redacted by default, unless listed as safe headers below.""" + + safe_headers: Annotated[ + Optional[List[str]], pydantic.Field(alias="safeHeaders") + ] = None + r"""List of headers that are safe to log in plain text""" + + response_retry_settings: Annotated[ + Optional[List[ResponseRetrySettingConfOutputWebhook]], + pydantic.Field(alias="responseRetrySettings"), + ] = None + r"""Automatically retry after unsuccessful response status codes, such as 429 (Too Many Requests) or 503 (Service Unavailable)""" + + timeout_retry_settings: Annotated[ + Optional[TimeoutRetrySettingsType], pydantic.Field(alias="timeoutRetrySettings") + ] = None + + response_honor_retry_after_header: Annotated[ + Optional[bool], pydantic.Field(alias="responseHonorRetryAfterHeader") + ] = None + r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + + on_backpressure: Annotated[ + Optional[BackpressureBehaviorOptions], pydantic.Field(alias="onBackpressure") + ] = None + r"""How to handle events when all receivers are exerting backpressure""" + + auth_type: Annotated[ + Optional[OutputResponseOutputWebhookAuthenticationType2], + pydantic.Field(alias="authType"), + ] = None + r"""Authentication method to use for the HTTP request""" + + tls: Optional[TLSSettingsClientSideTypeCaPathCertPathExtended] = None + + total_memory_limit_kb: Annotated[ + Optional[float], pydantic.Field(alias="totalMemoryLimitKB") + ] = None + r"""Maximum total size of the batches waiting to be sent. If left blank, defaults to 5 times the max body size (if set). If 0, no limit is enforced.""" + + load_balanced: Annotated[Optional[bool], pydantic.Field(alias="loadBalanced")] = ( + None + ) + r"""Enable for optimal performance. Even if you have one hostname, it can expand to multiple IPs. If disabled, consider enabling round-robin DNS.""" + + description: Optional[str] = None + + custom_source_expression: Annotated[ + Optional[str], pydantic.Field(alias="customSourceExpression") + ] = None + r"""Expression to evaluate on events to generate output. Example: `raw=${_raw}`. See [Cribl Docs](https://docs.cribl.io/stream/destinations-webhook#custom-format) for other examples. If empty, the full event is sent as stringified JSON.""" + + custom_drop_when_null: Annotated[ + Optional[bool], pydantic.Field(alias="customDropWhenNull") + ] = None + r"""Whether to drop events when the source expression evaluates to null""" + + custom_event_delimiter: Annotated[ + Optional[str], pydantic.Field(alias="customEventDelimiter") + ] = None + r"""Delimiter string to insert between individual events. Defaults to newline character.""" + + custom_content_type: Annotated[ + Optional[str], pydantic.Field(alias="customContentType") + ] = None + r"""Content type to use for request. Defaults to application/x-ndjson. Any content types set in Advanced Settings > Extra HTTP headers will override this entry.""" + + custom_payload_expression: Annotated[ + Optional[str], pydantic.Field(alias="customPayloadExpression") + ] = None + r"""Expression specifying how to format the payload for each batch. To reference the events to send, use the `${events}` variable. Example expression: `{ \"items\" : [${events}] }` would send the batch inside a JSON object.""" + + advanced_content_type: Annotated[ + Optional[str], pydantic.Field(alias="advancedContentType") + ] = None + r"""HTTP content-type header value""" + + format_event_code: Annotated[ + Optional[str], pydantic.Field(alias="formatEventCode") + ] = None + r"""Custom JavaScript code to format incoming event data accessible through the __e variable. The formatted content is added to (__e['__eventOut']) if available. Otherwise, the original event is serialized as JSON. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + + format_payload_code: Annotated[ + Optional[str], pydantic.Field(alias="formatPayloadCode") + ] = None + r"""Optional JavaScript code to format the payload sent to the Destination. The payload, containing a batch of formatted events, is accessible through the __e['payload'] variable. The formatted payload is returned in the __e['__payloadOut'] variable. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + + pq_strict_ordering: Annotated[ + Optional[bool], pydantic.Field(alias="pqStrictOrdering") + ] = None + r"""Use FIFO (first in, first out) processing. Disable to forward new events to receivers before queue is flushed.""" + + pq_rate_per_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqRatePerSec") + ] = None + r"""Throttling rate (in events per second) to impose while writing to Destinations from PQ. Defaults to 0, which disables throttling.""" + + pq_mode: Annotated[Optional[ModeOptions], pydantic.Field(alias="pqMode")] = None + r"""In Error mode, PQ writes events to the filesystem if the Destination is unavailable. In Backpressure mode, PQ writes events to the filesystem when it detects backpressure from the Destination. In Always On mode, PQ always writes events to the filesystem.""" + + pq_max_buffer_size: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBufferSize") + ] = None + r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use pqMaxBufferSizeBytes instead.""" + + pq_max_backpressure_sec: Annotated[ + Optional[float], pydantic.Field(alias="pqMaxBackpressureSec") + ] = None + r"""How long (in seconds) to wait for backpressure to resolve before engaging the queue""" + + pq_max_file_size: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxFileSize") + ] = None + r"""The maximum size to store in each queue file before closing and optionally compressing (KB, MB, etc.)""" + + pq_max_size: Annotated[Optional[str], pydantic.Field(alias="pqMaxSize")] = None + r"""The maximum disk space that the queue can consume (as an average per Worker Process) before queueing stops. Enter a numeral with units of KB, MB, etc.""" + + pq_path: Annotated[Optional[str], pydantic.Field(alias="pqPath")] = None + r"""The location for the persistent queue files. To this field's value, the system will append: //.""" + + pq_compress: Annotated[ + Optional[CompressionOptionsPq], pydantic.Field(alias="pqCompress") + ] = None + r"""Codec to use to compress the persisted data""" + + pq_on_backpressure: Annotated[ + Optional[QueueFullBehaviorOptions], pydantic.Field(alias="pqOnBackpressure") + ] = None + r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" + + pq_max_buffer_size_bytes: Annotated[ + Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") + ] = None + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" + + pq_controls: Annotated[ + Optional[OutputResponseOutputWebhookPqControls2], + pydantic.Field(alias="pqControls"), + ] = None + + username: Optional[str] = None + + password: Optional[str] = None + + token: Optional[str] = None + r"""Bearer token to include in the authorization header""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a secret that references your credentials""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a stored text secret""" + + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL for OAuth""" + + secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="secretParamName") + ] = None + r"""Secret parameter name to pass in request body""" + + secret: Optional[str] = None + r"""Secret parameter value to pass in request body""" + + token_attribute_name: Annotated[ + Optional[str], pydantic.Field(alias="tokenAttributeName") + ] = None + r"""Name of the auth token attribute in the OAuth response. Can be top-level (e.g., 'token'); or nested, using a period (e.g., 'data.token').""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression to compute the Authorization header value to pass in requests. The value `${token}` is used to reference the token obtained from authentication, e.g.: `Bearer ${token}`.""" + + token_timeout_secs: Annotated[ + Optional[float], pydantic.Field(alias="tokenTimeoutSecs") + ] = None + r"""How often the OAuth token should be refreshed.""" + + oauth_params: Annotated[ + Optional[List[OauthParamConfInputServicenowTable]], + pydantic.Field(alias="oauthParams"), + ] = None + r"""Additional parameters to send in the OAuth login request. @{product} will combine the secret with these parameters, and will send the URL-encoded result in a POST request to the endpoint specified in the 'Login URL'. We'll automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" + + oauth_headers: Annotated[ + Optional[List[OauthHeaderConfInputServicenowTable]], + pydantic.Field(alias="oauthHeaders"), + ] = None + r"""Additional headers to send in the OAuth login request. @{product} will automatically add the content-type header 'application/x-www-form-urlencoded' when sending this request.""" + + url: Optional[str] = None + r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" + + exclude_self: Annotated[Optional[bool], pydantic.Field(alias="excludeSelf")] = None + r"""Exclude all IPs of the current host from the list of any resolved hostnames""" + + dns_resolve_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="dnsResolvePeriodSec") + ] = None + r"""The interval in which to re-resolve any hostnames and pick up destinations from A records""" + + load_balance_stats_period_sec: Annotated[ + Optional[float], pydantic.Field(alias="loadBalanceStatsPeriodSec") + ] = None + r"""How far back in time to keep traffic stats for load balancing purposes""" + + template_streamtags: Annotated[ + Optional[str], pydantic.Field(alias="__template_streamtags") + ] = None + r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" + + template_failed_request_logging_mode: Annotated[ + Optional[str], pydantic.Field(alias="__template_failedRequestLoggingMode") + ] = None + r"""Binds 'failedRequestLoggingMode' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'failedRequestLoggingMode' at runtime.""" + + template_on_backpressure: Annotated[ + Optional[str], pydantic.Field(alias="__template_onBackpressure") + ] = None + r"""Binds 'onBackpressure' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'onBackpressure' at runtime.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + template_secret: Annotated[ + Optional[str], pydantic.Field(alias="__template_secret") + ] = None + r"""Binds 'secret' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'secret' at runtime.""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + notifications: Optional[List[NotificationUnion]] = None + r"""Notifications attached to the Destination.""" + + status: Optional[StatusType] = None + r"""Runtime status: health, metrics, and optional persistent-queue info. Fields may be absent when data is unavailable.""" + + @field_serializer("method") + def serialize_method(self, value): + if isinstance(value, str): + try: + return models.MethodOptions(value) + except ValueError: + return value + return value + + @field_serializer("format_") + def serialize_format_(self, value): + if isinstance(value, str): + try: + return models.OutputResponseOutputWebhookFormat2(value) + except ValueError: + return value + return value + + @field_serializer("failed_request_logging_mode") + def serialize_failed_request_logging_mode(self, value): + if isinstance(value, str): + try: + return models.FailedRequestLoggingModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("on_backpressure") + def serialize_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.BackpressureBehaviorOptions(value) + except ValueError: + return value + return value + + @field_serializer("auth_type") + def serialize_auth_type(self, value): + if isinstance(value, str): + try: + return models.OutputResponseOutputWebhookAuthenticationType2(value) + except ValueError: + return value + return value + + @field_serializer("pq_mode") + def serialize_pq_mode(self, value): + if isinstance(value, str): + try: + return models.ModeOptions(value) + except ValueError: + return value + return value + + @field_serializer("pq_compress") + def serialize_pq_compress(self, value): + if isinstance(value, str): + try: + return models.CompressionOptionsPq(value) + except ValueError: + return value + return value + + @field_serializer("pq_on_backpressure") + def serialize_pq_on_backpressure(self, value): + if isinstance(value, str): + try: + return models.QueueFullBehaviorOptions(value) + except ValueError: + return value + return value + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set( + [ + "id", + "pipeline", + "systemFields", + "environment", + "streamtags", + "method", + "format", + "keepAlive", + "concurrency", + "maxPayloadSizeKB", + "maxPayloadEvents", + "compress", + "rejectUnauthorized", + "timeoutSec", + "flushPeriodSec", + "extraHttpHeaders", + "useRoundRobinDns", + "failedRequestLoggingMode", + "safeHeaders", + "responseRetrySettings", + "timeoutRetrySettings", + "responseHonorRetryAfterHeader", + "onBackpressure", + "authType", + "tls", + "totalMemoryLimitKB", + "loadBalanced", + "description", + "customSourceExpression", + "customDropWhenNull", + "customEventDelimiter", + "customContentType", + "customPayloadExpression", + "advancedContentType", + "formatEventCode", + "formatPayloadCode", + "pqStrictOrdering", + "pqRatePerSec", + "pqMode", + "pqMaxBufferSize", + "pqMaxBackpressureSec", + "pqMaxFileSize", + "pqMaxSize", + "pqPath", + "pqCompress", + "pqOnBackpressure", + "pqMaxBufferSizeBytes", + "pqControls", + "username", + "password", + "token", + "credentialsSecret", + "textSecret", + "loginUrl", + "secretParamName", + "secret", + "tokenAttributeName", + "authHeaderExpr", + "tokenTimeoutSecs", + "oauthParams", + "oauthHeaders", + "url", + "excludeSelf", + "dnsResolvePeriodSec", + "loadBalanceStatsPeriodSec", + "__template_streamtags", + "__template_failedRequestLoggingMode", + "__template_onBackpressure", + "__template_loginUrl", + "__template_secret", + "__template_url", + "notifications", + "status", + ] + ) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +class OutputResponseOutputWebhookType1(str, Enum): + WEBHOOK = "webhook" + + +class OutputResponseOutputWebhookFormat1(str, Enum, metaclass=utils.OpenEnumMeta): + r"""How to format events before sending out""" + + # NDJSON (Newline Delimited JSON) + NDJSON = "ndjson" + # JSON Array + JSON_ARRAY = "json_array" + # Custom + CUSTOM = "custom" + # Advanced + ADVANCED = "advanced" + + +class OutputResponseOutputWebhookAuthenticationType1( + str, Enum, metaclass=utils.OpenEnumMeta +): + r"""Authentication method to use for the HTTP request""" + + # None + NONE = "none" + # Basic + BASIC = "basic" + # Basic (credentials secret) + CREDENTIALS_SECRET = "credentialsSecret" + # Token + TOKEN = "token" + # Token (text secret) + TEXT_SECRET = "textSecret" + # OAuth + OAUTH = "oauth" + + +class OutputResponseOutputWebhookPqControls1TypedDict(TypedDict): + pass + + +class OutputResponseOutputWebhookPqControls1(BaseModel): + pass + + +class OutputResponseOutputWebhookURL1TypedDict(TypedDict): + url: str + r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" + weight: NotRequired[float] + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + +class OutputResponseOutputWebhookURL1(BaseModel): + url: str + r"""URL of a webhook endpoint to send events to, such as http://localhost:10200""" + + weight: Optional[float] = None + r"""Assign a weight (>0) to each endpoint to indicate its traffic-handling capability""" + + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + + @model_serializer(mode="wrap") + def serialize_model(self, handler): + optional_fields = set(["weight", "__template_url"]) + serialized = handler(self) + m = {} + + for n, f in type(self).model_fields.items(): + k = f.alias or n + val = serialized.get(k, serialized.get(n)) + + if val != UNSET_SENTINEL: + if val is not None or k not in optional_fields: + m[k] = val + + return m + + +try: + OutputResponseOutputStatsd.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputMinio.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputCloudwatch.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputInfluxdb.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputNewrelicEvents.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputNewrelic.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputElasticCloud.model_rebuild() +except NameError: + pass +try: + OutputResponseURLElastic.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputElastic.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputMsk.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputConfluentCloud.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputKafka.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputExabeam.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputGooglePubsub.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputGoogleCloudObservability.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputGoogleCloudLogging.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputGoogleCloudStorage.model_rebuild() +except NameError: + pass +try: + OutputResponseExtraLogType.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputGoogleChronicle.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputAzureEventhub.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputHoneycomb.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputKinesis.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputAzureLogs.model_rebuild() +except NameError: + pass +try: + OutputResponseCertificate.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputAzureDataExplorer.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputAzureBlob.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputS3.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputFilesystem.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputSignalfx.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputWavefront.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputTcpjson.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputWizHec.model_rebuild() +except NameError: + pass +try: + OutputResponseURLSplunkHec.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputSplunkHec.model_rebuild() +except NameError: + pass +try: + OutputResponseAuthToken.model_rebuild() +except NameError: + pass +try: + OutputResponseIndexerDiscoveryConfigs.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputSplunkLb.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputSplunk.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputSyslog.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputDevnull.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputSentinel.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputWebhookURL2.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputWebhookWebhook2.model_rebuild() +except NameError: + pass +try: + OutputResponseOutputWebhookURL1.model_rebuild() +except NameError: + pass diff --git a/src/cribl_control_plane/models/outputresponse_type_statsd.py b/src/cribl_control_plane/models/outputresponse_type_statsd.py index 6761ee086..4b6f30995 100644 --- a/src/cribl_control_plane/models/outputresponse_type_statsd.py +++ b/src/cribl_control_plane/models/outputresponse_type_statsd.py @@ -48,6 +48,10 @@ ) from .failedrequestloggingmodeoptions import FailedRequestLoggingModeOptions from .hostconfoutputsyslog import HostConfOutputSyslog, HostConfOutputSyslogTypedDict +from .httpdiscoveryheaderconfinputprometheus import ( + HTTPDiscoveryHeaderConfInputPrometheus, + HTTPDiscoveryHeaderConfInputPrometheusTypedDict, +) from .keyvaluemetadataconfoutputfilesystem import ( KeyValueMetadataConfOutputFilesystem, KeyValueMetadataConfOutputFilesystemTypedDict, @@ -79,10 +83,6 @@ from .queuefullbehavioroptions import QueueFullBehaviorOptions from .recorddataformatoptions import RecordDataFormatOptions from .requestformatoptions import RequestFormatOptions -from .requestparamconfinputopenai import ( - RequestParamConfInputOpenai, - RequestParamConfInputOpenaiTypedDict, -) from .responseretrysettingconfoutputwebhook import ( ResponseRetrySettingConfOutputWebhook, ResponseRetrySettingConfOutputWebhookTypedDict, @@ -5360,7 +5360,7 @@ class OutputResponseOutputMicrosoftFabricTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsMicrosoftFabricTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -5520,7 +5520,7 @@ class OutputResponseOutputMicrosoftFabric(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsMicrosoftFabric], @@ -6357,7 +6357,7 @@ class OutputResponseOutputChronicleTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsChronicleTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -6582,7 +6582,7 @@ class OutputResponseOutputChronicle(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsChronicle], pydantic.Field(alias="pqControls") @@ -6910,7 +6910,7 @@ class OutputResponseOutputSentinelOneAiSiemTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsSentinelOneAiSiemTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -7145,7 +7145,7 @@ class OutputResponseOutputSentinelOneAiSiem(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsSentinelOneAiSiem], @@ -7445,7 +7445,7 @@ class OutputResponseOutputDynatraceOtlpTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsDynatraceOtlpTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -7664,7 +7664,7 @@ class OutputResponseOutputDynatraceOtlp(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsDynatraceOtlp], @@ -7872,7 +7872,7 @@ class OutputResponseFormatDynatraceHTTP(str, Enum, metaclass=utils.OpenEnumMeta) PLAINTEXT = "plaintext" -class OutputResponseEndpoint(str, Enum, metaclass=utils.OpenEnumMeta): +class OutputResponseEndpointDynatraceHTTP(str, Enum, metaclass=utils.OpenEnumMeta): # Cloud CLOUD = "cloud" # ActiveGate @@ -7900,7 +7900,7 @@ class OutputResponseOutputDynatraceHTTPTypedDict(TypedDict): type: OutputResponseTypeDynatraceHTTP format_: OutputResponseFormatDynatraceHTTP r"""How to format events before sending. Defaults to JSON. Plaintext is not currently supported.""" - endpoint: OutputResponseEndpoint + endpoint: OutputResponseEndpointDynatraceHTTP telemetry_type: OutputResponseTelemetryType id: NotRequired[str] r"""Unique ID for this output""" @@ -7975,7 +7975,7 @@ class OutputResponseOutputDynatraceHTTPTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsDynatraceHTTPTypedDict] token: NotRequired[str] r"""Bearer token to include in the authorization header""" @@ -8009,7 +8009,7 @@ class OutputResponseOutputDynatraceHTTP(BaseModel): ] r"""How to format events before sending. Defaults to JSON. Plaintext is not currently supported.""" - endpoint: OutputResponseEndpoint + endpoint: OutputResponseEndpointDynatraceHTTP telemetry_type: Annotated[ OutputResponseTelemetryType, pydantic.Field(alias="telemetryType") @@ -8171,7 +8171,7 @@ class OutputResponseOutputDynatraceHTTP(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsDynatraceHTTP], @@ -8272,7 +8272,7 @@ def serialize_format_(self, value): def serialize_endpoint(self, value): if isinstance(value, str): try: - return models.OutputResponseEndpoint(value) + return models.OutputResponseEndpointDynatraceHTTP(value) except ValueError: return value return value @@ -8676,7 +8676,7 @@ class OutputResponseOutputXsiamTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsXsiamTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -8880,7 +8880,7 @@ class OutputResponseOutputXsiam(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsXsiam], pydantic.Field(alias="pqControls") @@ -9068,6 +9068,8 @@ class OutputResponseStatsDestinationTypedDict(TypedDict): username: NotRequired[str] sql_username: NotRequired[str] password: NotRequired[str] + wait_for_async_inserts: NotRequired[bool] + concurrency: NotRequired[float] class OutputResponseStatsDestination(BaseModel): @@ -9085,6 +9087,12 @@ class OutputResponseStatsDestination(BaseModel): password: Optional[str] = None + wait_for_async_inserts: Annotated[ + Optional[bool], pydantic.Field(alias="waitForAsyncInserts") + ] = None + + concurrency: Optional[float] = None + @model_serializer(mode="wrap") def serialize_model(self, handler): optional_fields = set( @@ -9096,6 +9104,8 @@ def serialize_model(self, handler): "username", "sqlUsername", "password", + "waitForAsyncInserts", + "concurrency", ] ) serialized = handler(self) @@ -9215,6 +9225,8 @@ class OutputResponseOutputLocalSearchStorageTypedDict(TypedDict): timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] response_honor_retry_after_header: NotRequired[bool] r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + workload: NotRequired[str] + r"""Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification.""" dump_format_errors_to_disk: NotRequired[bool] r"""Log the most recent event that fails to match the table schema""" on_backpressure: NotRequired[BackpressureBehaviorOptions] @@ -9257,7 +9269,7 @@ class OutputResponseOutputLocalSearchStorageTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsLocalSearchStorageTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -9396,6 +9408,9 @@ class OutputResponseOutputLocalSearchStorage(BaseModel): ] = None r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + workload: Optional[str] = None + r"""Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification.""" + dump_format_errors_to_disk: Annotated[ Optional[bool], pydantic.Field(alias="dumpFormatErrorsToDisk") ] = None @@ -9492,7 +9507,7 @@ class OutputResponseOutputLocalSearchStorage(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsLocalSearchStorage], @@ -9635,6 +9650,7 @@ def serialize_model(self, handler): "responseRetrySettings", "timeoutRetrySettings", "responseHonorRetryAfterHeader", + "workload", "dumpFormatErrorsToDisk", "onBackpressure", "statsDestination", @@ -9808,6 +9824,8 @@ class OutputResponseOutputClickHouseTypedDict(TypedDict): timeout_retry_settings: NotRequired[TimeoutRetrySettingsTypeTypedDict] response_honor_retry_after_header: NotRequired[bool] r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + workload: NotRequired[str] + r"""Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification.""" dump_format_errors_to_disk: NotRequired[bool] r"""Log the most recent event that fails to match the table schema""" on_backpressure: NotRequired[BackpressureBehaviorOptions] @@ -9847,7 +9865,7 @@ class OutputResponseOutputClickHouseTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsClickHouseTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -9986,6 +10004,9 @@ class OutputResponseOutputClickHouse(BaseModel): ] = None r"""Honor any Retry-After header that specifies a delay (in seconds) no longer than 180 seconds after the retry request. @{product} limits the delay to 180 seconds, even if the Retry-After header specifies a longer delay. When enabled, takes precedence over user-configured retry options. When disabled, all Retry-After headers are ignored.""" + workload: Optional[str] = None + r"""Optional ClickHouse workload name to append as a SETTINGS clause on INSERT queries. Used for workload scheduling classification.""" + dump_format_errors_to_disk: Annotated[ Optional[bool], pydantic.Field(alias="dumpFormatErrorsToDisk") ] = None @@ -10077,7 +10098,7 @@ class OutputResponseOutputClickHouse(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsClickHouse], pydantic.Field(alias="pqControls") @@ -10219,6 +10240,7 @@ def serialize_model(self, handler): "responseRetrySettings", "timeoutRetrySettings", "responseHonorRetryAfterHeader", + "workload", "dumpFormatErrorsToDisk", "onBackpressure", "description", @@ -10408,6 +10430,7 @@ class OutputResponseFormatCriblLake(str, Enum, metaclass=utils.OpenEnumMeta): JSON = "json" PARQUET = "parquet" DDSS = "ddss" + NETSKOPE = "netskope" class OutputResponseOutputCriblLakeTypedDict(TypedDict): @@ -12518,7 +12541,7 @@ class OutputResponseOutputCrowdstrikeNextGenSiemTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsCrowdstrikeNextGenSiemTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -12696,7 +12719,7 @@ class OutputResponseOutputCrowdstrikeNextGenSiem(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsCrowdstrikeNextGenSiem], @@ -12944,7 +12967,7 @@ class OutputResponseOutputHumioHecTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsHumioHecTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -13121,7 +13144,7 @@ class OutputResponseOutputHumioHec(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsHumioHec], pydantic.Field(alias="pqControls") @@ -13378,7 +13401,7 @@ class OutputResponseOutputCriblSearchEngineTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsCriblSearchEngineTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -13582,7 +13605,7 @@ class OutputResponseOutputCriblSearchEngine(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsCriblSearchEngine], @@ -13839,7 +13862,7 @@ class OutputResponseOutputCriblHTTPTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsCriblHTTPTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -14043,7 +14066,7 @@ class OutputResponseOutputCriblHTTP(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsCriblHTTP], pydantic.Field(alias="pqControls") @@ -14280,7 +14303,7 @@ class OutputResponseOutputCriblTCPTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsCriblTCPTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -14442,7 +14465,7 @@ class OutputResponseOutputCriblTCP(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsCriblTCP], pydantic.Field(alias="pqControls") @@ -14708,7 +14731,7 @@ class OutputResponseOutputDatasetTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsDatasetTypedDict] api_key: NotRequired[str] r"""A 'Log Write Access' API key for the DataSet account""" @@ -14909,7 +14932,7 @@ class OutputResponseOutputDataset(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsDataset], pydantic.Field(alias="pqControls") @@ -15197,7 +15220,7 @@ class OutputResponseOutputServiceNowTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsServiceNowTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -15413,7 +15436,7 @@ class OutputResponseOutputServiceNow(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsServiceNow], pydantic.Field(alias="pqControls") @@ -15594,7 +15617,7 @@ class OutputResponseTypeOpenTelemetry(str, Enum): OPEN_TELEMETRY = "open_telemetry" -class OutputResponseOTLPVersion(str, Enum, metaclass=utils.OpenEnumMeta): +class OutputResponseOTLPVersionOpenTelemetry(str, Enum, metaclass=utils.OpenEnumMeta): r"""The version of OTLP Protobuf definitions to use when structuring data to send""" # 0.10.0 @@ -15644,7 +15667,7 @@ class OutputResponseOutputOpenTelemetryTypedDict(TypedDict): r"""Tags for filtering and grouping in @{product}""" protocol: NotRequired[ProtocolOptions] r"""Select a transport option for OpenTelemetry""" - otlp_version: NotRequired[OutputResponseOTLPVersion] + otlp_version: NotRequired[OutputResponseOTLPVersionOpenTelemetry] r"""The version of OTLP Protobuf definitions to use when structuring data to send""" compress: NotRequired[CompressionOptionsDeflateGzip] r"""Type of compression to apply to messages sent to the OpenTelemetry endpoint""" @@ -15746,7 +15769,7 @@ class OutputResponseOutputOpenTelemetryTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsOpenTelemetryTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -15789,7 +15812,8 @@ class OutputResponseOutputOpenTelemetry(BaseModel): r"""Select a transport option for OpenTelemetry""" otlp_version: Annotated[ - Optional[OutputResponseOTLPVersion], pydantic.Field(alias="otlpVersion") + Optional[OutputResponseOTLPVersionOpenTelemetry], + pydantic.Field(alias="otlpVersion"), ] = None r"""The version of OTLP Protobuf definitions to use when structuring data to send""" @@ -16019,7 +16043,7 @@ class OutputResponseOutputOpenTelemetry(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsOpenTelemetry], @@ -16065,7 +16089,7 @@ def serialize_protocol(self, value): def serialize_otlp_version(self, value): if isinstance(value, str): try: - return models.OutputResponseOTLPVersion(value) + return models.OutputResponseOTLPVersionOpenTelemetry(value) except ValueError: return value return value @@ -16493,7 +16517,7 @@ class OutputResponseOutputPrometheusTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsPrometheusTypedDict] username: NotRequired[str] password: NotRequired[str] @@ -16686,7 +16710,7 @@ class OutputResponseOutputPrometheus(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsPrometheus], pydantic.Field(alias="pqControls") @@ -16885,7 +16909,7 @@ class OutputResponseOutputLokiTypedDict(TypedDict): r"""Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event.""" message_format: NotRequired[MessageFormatOptions] r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: NotRequired[List[RequestParamConfInputOpenaiTypedDict]] + labels: NotRequired[List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict]] r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" auth_type: NotRequired[ AuthenticationTypeOptionsPrometheusAuthBasicCredentialsSecret @@ -16960,7 +16984,7 @@ class OutputResponseOutputLokiTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsLokiTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -17005,7 +17029,7 @@ class OutputResponseOutputLoki(BaseModel): ] = None r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: Optional[List[RequestParamConfInputOpenai]] = None + labels: Optional[List[HTTPDiscoveryHeaderConfInputPrometheus]] = None r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" auth_type: Annotated[ @@ -17163,7 +17187,7 @@ class OutputResponseOutputLoki(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsLoki], pydantic.Field(alias="pqControls") @@ -17356,7 +17380,7 @@ class OutputResponseOutputGrafanaCloudGrafanaCloud2TypedDict(TypedDict): r"""Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event.""" message_format: NotRequired[MessageFormatOptions] r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: NotRequired[List[RequestParamConfInputOpenaiTypedDict]] + labels: NotRequired[List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict]] r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" metric_rename_expr: NotRequired[str] r"""JavaScript expression that can be used to rename metrics. For example, name.replace(/\./g, '_') will replace all '.' characters in a metric's name with the supported '_' character. Use the 'name' global variable to access the metric's name. You can access event fields' values via __e..""" @@ -17418,7 +17442,7 @@ class OutputResponseOutputGrafanaCloudGrafanaCloud2TypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponseOutputGrafanaCloudPqControls2TypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -17470,7 +17494,7 @@ class OutputResponseOutputGrafanaCloudGrafanaCloud2(BaseModel): ] = None r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: Optional[List[RequestParamConfInputOpenai]] = None + labels: Optional[List[HTTPDiscoveryHeaderConfInputPrometheus]] = None r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" metric_rename_expr: Annotated[ @@ -17609,7 +17633,7 @@ class OutputResponseOutputGrafanaCloudGrafanaCloud2(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponseOutputGrafanaCloudPqControls2], @@ -17800,7 +17824,7 @@ class OutputResponseOutputGrafanaCloudGrafanaCloud1TypedDict(TypedDict): r"""Name of the event field that contains the message to send. If not specified, Stream sends a JSON representation of the whole event.""" message_format: NotRequired[MessageFormatOptions] r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: NotRequired[List[RequestParamConfInputOpenaiTypedDict]] + labels: NotRequired[List[HTTPDiscoveryHeaderConfInputPrometheusTypedDict]] r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" metric_rename_expr: NotRequired[str] r"""JavaScript expression that can be used to rename metrics. For example, name.replace(/\./g, '_') will replace all '.' characters in a metric's name with the supported '_' character. Use the 'name' global variable to access the metric's name. You can access event fields' values via __e..""" @@ -17862,7 +17886,7 @@ class OutputResponseOutputGrafanaCloudGrafanaCloud1TypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponseOutputGrafanaCloudPqControls1TypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -17916,7 +17940,7 @@ class OutputResponseOutputGrafanaCloudGrafanaCloud1(BaseModel): ] = None r"""Format to use when sending logs to Loki (Protobuf or JSON)""" - labels: Optional[List[RequestParamConfInputOpenai]] = None + labels: Optional[List[HTTPDiscoveryHeaderConfInputPrometheus]] = None r"""List of labels to send with logs. Labels define Loki streams, so use static labels to avoid proliferating label value combinations and streams. Can be merged and/or overridden by the event's __labels field. Example: '__labels: {host: \"cribl.io\", level: \"error\"}'""" metric_rename_expr: Annotated[ @@ -18055,7 +18079,7 @@ class OutputResponseOutputGrafanaCloudGrafanaCloud1(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponseOutputGrafanaCloudPqControls1], @@ -18388,7 +18412,7 @@ class OutputResponseOutputDatadogTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsDatadogTypedDict] api_key: NotRequired[str] r"""Organization's API key in Datadog""" @@ -18602,7 +18626,7 @@ class OutputResponseOutputDatadog(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsDatadog], pydantic.Field(alias="pqControls") @@ -18895,7 +18919,7 @@ class OutputResponseOutputSumoLogicTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsSumoLogicTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -19075,7 +19099,7 @@ class OutputResponseOutputSumoLogic(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsSumoLogic], pydantic.Field(alias="pqControls") @@ -19466,7 +19490,7 @@ class OutputResponseOutputSqsTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsSqsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -19662,7 +19686,7 @@ class OutputResponseOutputSqs(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsSqs], pydantic.Field(alias="pqControls") @@ -19936,7 +19960,7 @@ class OutputResponseOutputSnsTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsSnsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -20098,7 +20122,7 @@ class OutputResponseOutputSns(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsSns], pydantic.Field(alias="pqControls") @@ -20468,7 +20492,7 @@ class OutputResponseOutputGraphiteTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsGraphiteTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -20591,7 +20615,7 @@ class OutputResponseOutputGraphite(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsGraphite], pydantic.Field(alias="pqControls") @@ -20773,7 +20797,7 @@ class OutputResponseOutputStatsdExtTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputResponsePqControlsStatsdExtTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -20896,7 +20920,7 @@ class OutputResponseOutputStatsdExt(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputResponsePqControlsStatsdExt], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputsentinel.py b/src/cribl_control_plane/models/outputsentinel.py index 942ec5399..02b0eb3b0 100644 --- a/src/cribl_control_plane/models/outputsentinel.py +++ b/src/cribl_control_plane/models/outputsentinel.py @@ -159,7 +159,7 @@ class OutputSentinelTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputSentinelPqControlsTypedDict] url: NotRequired[str] r"""URL to send events to. Can be overwritten by an event's __url field.""" @@ -410,7 +410,7 @@ class OutputSentinel(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputSentinelPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputsentineloneaisiem.py b/src/cribl_control_plane/models/outputsentineloneaisiem.py index c4afeb41a..7c5cafcd8 100644 --- a/src/cribl_control_plane/models/outputsentineloneaisiem.py +++ b/src/cribl_control_plane/models/outputsentineloneaisiem.py @@ -169,7 +169,7 @@ class OutputSentinelOneAiSiemTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputSentinelOneAiSiemPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -400,7 +400,7 @@ class OutputSentinelOneAiSiem(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputSentinelOneAiSiemPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputservicenow.py b/src/cribl_control_plane/models/outputservicenow.py index b462315b6..a91271847 100644 --- a/src/cribl_control_plane/models/outputservicenow.py +++ b/src/cribl_control_plane/models/outputservicenow.py @@ -147,7 +147,7 @@ class OutputServiceNowTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputServiceNowPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -359,7 +359,7 @@ class OutputServiceNow(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputServiceNowPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputsignalfx.py b/src/cribl_control_plane/models/outputsignalfx.py index 7a1a315b7..b204140c2 100644 --- a/src/cribl_control_plane/models/outputsignalfx.py +++ b/src/cribl_control_plane/models/outputsignalfx.py @@ -118,7 +118,7 @@ class OutputSignalfxTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputSignalfxPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -286,7 +286,7 @@ class OutputSignalfx(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputSignalfxPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputsns.py b/src/cribl_control_plane/models/outputsns.py index fdfde4d44..86b262321 100644 --- a/src/cribl_control_plane/models/outputsns.py +++ b/src/cribl_control_plane/models/outputsns.py @@ -93,7 +93,7 @@ class OutputSnsTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputSnsPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -251,7 +251,7 @@ class OutputSns(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputSnsPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputsplunk.py b/src/cribl_control_plane/models/outputsplunk.py index 987f8ad7b..1b8cd7286 100644 --- a/src/cribl_control_plane/models/outputsplunk.py +++ b/src/cribl_control_plane/models/outputsplunk.py @@ -99,7 +99,7 @@ class OutputSplunkTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputSplunkPqControlsTypedDict] auth_token: NotRequired[str] r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" @@ -255,7 +255,7 @@ class OutputSplunk(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputSplunkPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputsplunkhec.py b/src/cribl_control_plane/models/outputsplunkhec.py index 35cccba54..a754e1803 100644 --- a/src/cribl_control_plane/models/outputsplunkhec.py +++ b/src/cribl_control_plane/models/outputsplunkhec.py @@ -176,7 +176,7 @@ class OutputSplunkHecTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputSplunkHecPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -379,7 +379,7 @@ class OutputSplunkHec(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputSplunkHecPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputsplunklb.py b/src/cribl_control_plane/models/outputsplunklb.py index d87d9c059..1f53a7036 100644 --- a/src/cribl_control_plane/models/outputsplunklb.py +++ b/src/cribl_control_plane/models/outputsplunklb.py @@ -245,7 +245,7 @@ class OutputSplunkLbTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputSplunkLbPqControlsTypedDict] auth_token: NotRequired[str] r"""Shared secret token to use when establishing a connection to a Splunk indexer.""" @@ -428,7 +428,7 @@ class OutputSplunkLb(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputSplunkLbPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputsqs.py b/src/cribl_control_plane/models/outputsqs.py index 5d73e9a49..8de713532 100644 --- a/src/cribl_control_plane/models/outputsqs.py +++ b/src/cribl_control_plane/models/outputsqs.py @@ -114,7 +114,7 @@ class OutputSqsTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputSqsPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -306,7 +306,7 @@ class OutputSqs(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputSqsPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputstatsd.py b/src/cribl_control_plane/models/outputstatsd.py index eb2172285..69391eac6 100644 --- a/src/cribl_control_plane/models/outputstatsd.py +++ b/src/cribl_control_plane/models/outputstatsd.py @@ -81,7 +81,7 @@ class OutputStatsdTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputStatsdPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -200,7 +200,7 @@ class OutputStatsd(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputStatsdPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputstatsdext.py b/src/cribl_control_plane/models/outputstatsdext.py index c5f996ef6..7f5ebf356 100644 --- a/src/cribl_control_plane/models/outputstatsdext.py +++ b/src/cribl_control_plane/models/outputstatsdext.py @@ -81,7 +81,7 @@ class OutputStatsdExtTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputStatsdExtPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -200,7 +200,7 @@ class OutputStatsdExt(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputStatsdExtPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputsumologic.py b/src/cribl_control_plane/models/outputsumologic.py index 28de0dcb3..4e9d22774 100644 --- a/src/cribl_control_plane/models/outputsumologic.py +++ b/src/cribl_control_plane/models/outputsumologic.py @@ -126,7 +126,7 @@ class OutputSumoLogicTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputSumoLogicPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -302,7 +302,7 @@ class OutputSumoLogic(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputSumoLogicPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputsyslog.py b/src/cribl_control_plane/models/outputsyslog.py index 3f8ac1bd5..2d028d5c1 100644 --- a/src/cribl_control_plane/models/outputsyslog.py +++ b/src/cribl_control_plane/models/outputsyslog.py @@ -209,7 +209,7 @@ class OutputSyslogTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputSyslogPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -391,7 +391,7 @@ class OutputSyslog(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputSyslogPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputtcpjson.py b/src/cribl_control_plane/models/outputtcpjson.py index ffbe846f9..800565b9d 100644 --- a/src/cribl_control_plane/models/outputtcpjson.py +++ b/src/cribl_control_plane/models/outputtcpjson.py @@ -104,7 +104,7 @@ class OutputTcpjsonTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputTcpjsonPqControlsTypedDict] auth_token: NotRequired[str] r"""Optional authentication token to include as part of the connection header""" @@ -265,7 +265,7 @@ class OutputTcpjson(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputTcpjsonPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputwavefront.py b/src/cribl_control_plane/models/outputwavefront.py index 3085af07c..3170ed38a 100644 --- a/src/cribl_control_plane/models/outputwavefront.py +++ b/src/cribl_control_plane/models/outputwavefront.py @@ -118,7 +118,7 @@ class OutputWavefrontTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputWavefrontPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -286,7 +286,7 @@ class OutputWavefront(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputWavefrontPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputwebhook_union.py b/src/cribl_control_plane/models/outputwebhook_union.py index 23a12af72..0775844da 100644 --- a/src/cribl_control_plane/models/outputwebhook_union.py +++ b/src/cribl_control_plane/models/outputwebhook_union.py @@ -218,7 +218,7 @@ class OutputWebhookWebhook2TypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputWebhookPqControls2TypedDict] username: NotRequired[str] password: NotRequired[str] @@ -479,7 +479,7 @@ class OutputWebhookWebhook2(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputWebhookPqControls2], pydantic.Field(alias="pqControls") @@ -926,7 +926,7 @@ class OutputWebhookWebhook1TypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputWebhookPqControls1TypedDict] username: NotRequired[str] password: NotRequired[str] @@ -1187,7 +1187,7 @@ class OutputWebhookWebhook1(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputWebhookPqControls1], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputwizhec.py b/src/cribl_control_plane/models/outputwizhec.py index 2f5f44512..44813e3bb 100644 --- a/src/cribl_control_plane/models/outputwizhec.py +++ b/src/cribl_control_plane/models/outputwizhec.py @@ -126,7 +126,7 @@ class OutputWizHecTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputWizHecPqControlsTypedDict] token: NotRequired[str] r"""Wiz Defend Auth token""" @@ -309,7 +309,7 @@ class OutputWizHec(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputWizHecPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/outputxsiam.py b/src/cribl_control_plane/models/outputxsiam.py index c8e97aae5..4efd3adc6 100644 --- a/src/cribl_control_plane/models/outputxsiam.py +++ b/src/cribl_control_plane/models/outputxsiam.py @@ -161,7 +161,7 @@ class OutputXsiamTypedDict(TypedDict): pq_on_backpressure: NotRequired[QueueFullBehaviorOptions] r"""How to handle events when the queue is exerting backpressure (full capacity or low disk). 'Block' is the same behavior as non-PQ blocking. 'Drop new data' throws away incoming data, while leaving the contents of the PQ unchanged.""" pq_max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: NotRequired[OutputXsiamPqControlsTypedDict] template_streamtags: NotRequired[str] r"""Binds 'streamtags' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'streamtags' at runtime.""" @@ -360,7 +360,7 @@ class OutputXsiam(BaseModel): pq_max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="pqMaxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" pq_controls: Annotated[ Optional[OutputXsiamPqControls], pydantic.Field(alias="pqControls") diff --git a/src/cribl_control_plane/models/packinfo.py b/src/cribl_control_plane/models/packinfo.py index b21a77b69..df3f20461 100644 --- a/src/cribl_control_plane/models/packinfo.py +++ b/src/cribl_control_plane/models/packinfo.py @@ -14,6 +14,7 @@ class PackInfoTypedDict(TypedDict): id: str + r"""Unique identifier.""" source: str author: NotRequired[str] collectors: NotRequired[float] @@ -33,6 +34,7 @@ class PackInfoTypedDict(TypedDict): class PackInfo(BaseModel): id: str + r"""Unique identifier.""" source: str diff --git a/src/cribl_control_plane/models/packinstallinfo.py b/src/cribl_control_plane/models/packinstallinfo.py index 885d77546..605f8c42c 100644 --- a/src/cribl_control_plane/models/packinstallinfo.py +++ b/src/cribl_control_plane/models/packinstallinfo.py @@ -14,6 +14,7 @@ class PackInstallInfoTypedDict(TypedDict): id: str + r"""Unique identifier.""" source: str author: NotRequired[str] collectors: NotRequired[float] @@ -34,6 +35,7 @@ class PackInstallInfoTypedDict(TypedDict): class PackInstallInfo(BaseModel): id: str + r"""Unique identifier.""" source: str diff --git a/src/cribl_control_plane/models/paginationtyperestdiscoverydiscovertypehttp.py b/src/cribl_control_plane/models/paginationtyperestdiscoverydiscovertypehttp.py index d5e9f12bd..f422776c5 100644 --- a/src/cribl_control_plane/models/paginationtyperestdiscoverydiscovertypehttp.py +++ b/src/cribl_control_plane/models/paginationtyperestdiscoverydiscovertypehttp.py @@ -299,6 +299,10 @@ class RestDiscoveryDiscoverTypeHTTPPaginationTypeResponseHeaderLinkTypedDict(Typ r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to retrieve per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -344,6 +348,14 @@ class RestDiscoveryDiscoverTypeHTTPPaginationTypeResponseHeaderLink(BaseModel): limit: Optional[float] = None r"""Maximum number of records to retrieve per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -382,6 +394,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -439,6 +453,10 @@ class RestDiscoveryDiscoverTypeHTTPPaginationTypeResponseHeaderTypedDict(TypedDi r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to retrieve per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -489,6 +507,14 @@ class RestDiscoveryDiscoverTypeHTTPPaginationTypeResponseHeader(BaseModel): limit: Optional[float] = None r"""Maximum number of records to retrieve per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -528,6 +554,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -585,6 +613,10 @@ class RestDiscoveryDiscoverTypeHTTPPaginationTypeResponseBodyTypedDict(TypedDict r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to retrieve per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -633,6 +665,14 @@ class RestDiscoveryDiscoverTypeHTTPPaginationTypeResponseBody(BaseModel): limit: Optional[float] = None r"""Maximum number of records to retrieve per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -672,6 +712,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -695,6 +737,8 @@ def serialize_model(self, handler): class RestDiscoveryDiscoverTypeHTTPPaginationTypeNoneTypedDict(TypedDict): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: NotRequired[float] + r"""Maximum number of pages to retrieve for the discover task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" last_page_expr: NotRequired[str] r"""JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section.""" next_relation_attribute: NotRequired[str] @@ -709,6 +753,10 @@ class RestDiscoveryDiscoverTypeHTTPPaginationTypeNoneTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to retrieve per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -724,6 +772,9 @@ class RestDiscoveryDiscoverTypeHTTPPaginationTypeNoneTypedDict(TypedDict): class RestDiscoveryDiscoverTypeHTTPPaginationTypeNone(BaseModel): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: Annotated[Optional[float], pydantic.Field(alias="maxPages")] = None + r"""Maximum number of pages to retrieve for the discover task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" + last_page_expr: Annotated[Optional[str], pydantic.Field(alias="lastPageExpr")] = ( None ) @@ -751,6 +802,14 @@ class RestDiscoveryDiscoverTypeHTTPPaginationTypeNone(BaseModel): limit: Optional[float] = None r"""Maximum number of records to retrieve per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -783,6 +842,7 @@ def serialize_type(self, value): def serialize_model(self, handler): optional_fields = set( [ + "maxPages", "lastPageExpr", "nextRelationAttribute", "curRelationAttribute", @@ -790,6 +850,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -816,10 +878,10 @@ def serialize_model(self, handler): Union[ RestDiscoveryDiscoverTypeHTTPPaginationTypeNoneTypedDict, RestDiscoveryDiscoverTypeHTTPPaginationTypeResponseHeaderLinkTypedDict, - RestDiscoveryDiscoverTypeHTTPPaginationTypeResponseBodyTypedDict, - RestDiscoveryDiscoverTypeHTTPPaginationTypeResponseHeaderTypedDict, RestDiscoveryDiscoverTypeHTTPPaginationTypeRequestOffsetTypedDict, RestDiscoveryDiscoverTypeHTTPPaginationTypeRequestPageTypedDict, + RestDiscoveryDiscoverTypeHTTPPaginationTypeResponseBodyTypedDict, + RestDiscoveryDiscoverTypeHTTPPaginationTypeResponseHeaderTypedDict, ], ) diff --git a/src/cribl_control_plane/models/pipelinefunctionredis.py b/src/cribl_control_plane/models/pipelinefunctionredis.py index 2ac2dc7ac..11d36412e 100644 --- a/src/cribl_control_plane/models/pipelinefunctionredis.py +++ b/src/cribl_control_plane/models/pipelinefunctionredis.py @@ -1,6 +1,10 @@ """Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" from __future__ import annotations +from .rootnodeconfredisdeploymenttypecluster import ( + RootNodeConfRedisDeploymentTypeCluster, + RootNodeConfRedisDeploymentTypeClusterTypedDict, +) from .scalereadsoptionsredisdeploymenttypecluster import ( ScaleReadsOptionsRedisDeploymentTypeCluster, ) @@ -104,12 +108,22 @@ class RedisAuthTypeTextSecretTypedDict(TypedDict): r"""Enable client-side cache. Redundant when using Redis write operations. See more options at Settings > General > Limits > Redis Cache.""" url: NotRequired[str] r"""Redis URL to connect to. Format: redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-number[&password=bar[&option=value]]]. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" tls_options: NotRequired[TLSOptionsTypeRedisDeploymentTypeStandaloneTypedDict] + root_nodes: NotRequired[List[RootNodeConfRedisDeploymentTypeClusterTypedDict]] + r"""Root nodes to which the cluster connection should be initiated""" + tls: NotRequired[bool] + r"""Use TLS for connections to this cluster""" scale_reads: NotRequired[ScaleReadsOptionsRedisDeploymentTypeCluster] r"""Which nodes read commands should be sent to""" master_name: NotRequired[str] username: NotRequired[str] + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" password: NotRequired[str] + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" credentials_secret: NotRequired[str] r"""Secret that references Redis username and password""" @@ -144,11 +158,25 @@ class RedisAuthTypeTextSecret(BaseModel): url: Optional[str] = None r"""Redis URL to connect to. Format: redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-number[&password=bar[&option=value]]]. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + tls_options: Annotated[ Optional[TLSOptionsTypeRedisDeploymentTypeStandalone], pydantic.Field(alias="tlsOptions"), ] = None + root_nodes: Annotated[ + Optional[List[RootNodeConfRedisDeploymentTypeCluster]], + pydantic.Field(alias="rootNodes"), + ] = None + r"""Root nodes to which the cluster connection should be initiated""" + + tls: Optional[bool] = None + r"""Use TLS for connections to this cluster""" + scale_reads: Annotated[ Optional[ScaleReadsOptionsRedisDeploymentTypeCluster], pydantic.Field(alias="scaleReads"), @@ -159,8 +187,18 @@ class RedisAuthTypeTextSecret(BaseModel): username: Optional[str] = None + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: Optional[str] = None + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + credentials_secret: Annotated[ Optional[str], pydantic.Field(alias="credentialsSecret") ] = None @@ -202,11 +240,16 @@ def serialize_model(self, handler): "maxBlockSecs", "enableClientSideCaching", "url", + "__template_url", "tlsOptions", + "rootNodes", + "tls", "scaleReads", "masterName", "username", + "__template_username", "password", + "__template_password", "credentialsSecret", ] ) @@ -304,12 +347,22 @@ class RedisAuthTypeCredentialsSecretTypedDict(TypedDict): r"""Enable client-side cache. Redundant when using Redis write operations. See more options at Settings > General > Limits > Redis Cache.""" url: NotRequired[str] r"""Redis URL to connect to. Format: redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-number[&password=bar[&option=value]]]. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" tls_options: NotRequired[TLSOptionsTypeRedisDeploymentTypeStandaloneTypedDict] + root_nodes: NotRequired[List[RootNodeConfRedisDeploymentTypeClusterTypedDict]] + r"""Root nodes to which the cluster connection should be initiated""" + tls: NotRequired[bool] + r"""Use TLS for connections to this cluster""" scale_reads: NotRequired[ScaleReadsOptionsRedisDeploymentTypeCluster] r"""Which nodes read commands should be sent to""" master_name: NotRequired[str] username: NotRequired[str] + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" password: NotRequired[str] + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" text_secret: NotRequired[str] r"""Secret that references Redis admin password""" @@ -344,11 +397,25 @@ class RedisAuthTypeCredentialsSecret(BaseModel): url: Optional[str] = None r"""Redis URL to connect to. Format: redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-number[&password=bar[&option=value]]]. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + tls_options: Annotated[ Optional[TLSOptionsTypeRedisDeploymentTypeStandalone], pydantic.Field(alias="tlsOptions"), ] = None + root_nodes: Annotated[ + Optional[List[RootNodeConfRedisDeploymentTypeCluster]], + pydantic.Field(alias="rootNodes"), + ] = None + r"""Root nodes to which the cluster connection should be initiated""" + + tls: Optional[bool] = None + r"""Use TLS for connections to this cluster""" + scale_reads: Annotated[ Optional[ScaleReadsOptionsRedisDeploymentTypeCluster], pydantic.Field(alias="scaleReads"), @@ -359,8 +426,18 @@ class RedisAuthTypeCredentialsSecret(BaseModel): username: Optional[str] = None + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: Optional[str] = None + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None r"""Secret that references Redis admin password""" @@ -400,11 +477,16 @@ def serialize_model(self, handler): "maxBlockSecs", "enableClientSideCaching", "url", + "__template_url", "tlsOptions", + "rootNodes", + "tls", "scaleReads", "masterName", "username", + "__template_username", "password", + "__template_password", "textSecret", ] ) @@ -490,6 +572,10 @@ class RedisAuthTypeManualTypedDict(TypedDict): commands: List[RedisAuthTypeManualCommandTypedDict] auth_type: NotRequired[RedisAuthTypeManualAuthenticationMethod] username: NotRequired[str] + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" deployment_type: NotRequired[RedisAuthTypeManualDeploymentType] r"""How the Redis server is configured. Defaults to Standalone""" max_block_secs: NotRequired[float] @@ -498,7 +584,13 @@ class RedisAuthTypeManualTypedDict(TypedDict): r"""Enable client-side cache. Redundant when using Redis write operations. See more options at Settings > General > Limits > Redis Cache.""" url: NotRequired[str] r"""Redis URL to connect to. Format: redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-number[&password=bar[&option=value]]]. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" tls_options: NotRequired[TLSOptionsTypeRedisDeploymentTypeStandaloneTypedDict] + root_nodes: NotRequired[List[RootNodeConfRedisDeploymentTypeClusterTypedDict]] + r"""Root nodes to which the cluster connection should be initiated""" + tls: NotRequired[bool] + r"""Use TLS for connections to this cluster""" scale_reads: NotRequired[ScaleReadsOptionsRedisDeploymentTypeCluster] r"""Which nodes read commands should be sent to""" master_name: NotRequired[str] @@ -520,6 +612,16 @@ class RedisAuthTypeManual(BaseModel): username: Optional[str] = None + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + deployment_type: Annotated[ Optional[RedisAuthTypeManualDeploymentType], pydantic.Field(alias="deploymentType"), @@ -539,11 +641,25 @@ class RedisAuthTypeManual(BaseModel): url: Optional[str] = None r"""Redis URL to connect to. Format: redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-number[&password=bar[&option=value]]]. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + tls_options: Annotated[ Optional[TLSOptionsTypeRedisDeploymentTypeStandalone], pydantic.Field(alias="tlsOptions"), ] = None + root_nodes: Annotated[ + Optional[List[RootNodeConfRedisDeploymentTypeCluster]], + pydantic.Field(alias="rootNodes"), + ] = None + r"""Root nodes to which the cluster connection should be initiated""" + + tls: Optional[bool] = None + r"""Use TLS for connections to this cluster""" + scale_reads: Annotated[ Optional[ScaleReadsOptionsRedisDeploymentTypeCluster], pydantic.Field(alias="scaleReads"), @@ -593,11 +709,16 @@ def serialize_model(self, handler): [ "authType", "username", + "__template_username", + "__template_password", "deploymentType", "maxBlockSecs", "enableClientSideCaching", "url", + "__template_url", "tlsOptions", + "rootNodes", + "tls", "scaleReads", "masterName", "credentialsSecret", @@ -692,12 +813,22 @@ class RedisAuthTypeNoneTypedDict(TypedDict): r"""Enable client-side cache. Redundant when using Redis write operations. See more options at Settings > General > Limits > Redis Cache.""" url: NotRequired[str] r"""Redis URL to connect to. Format: redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-number[&password=bar[&option=value]]]. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" tls_options: NotRequired[TLSOptionsTypeRedisDeploymentTypeStandaloneTypedDict] + root_nodes: NotRequired[List[RootNodeConfRedisDeploymentTypeClusterTypedDict]] + r"""Root nodes to which the cluster connection should be initiated""" + tls: NotRequired[bool] + r"""Use TLS for connections to this cluster""" scale_reads: NotRequired[ScaleReadsOptionsRedisDeploymentTypeCluster] r"""Which nodes read commands should be sent to""" master_name: NotRequired[str] username: NotRequired[str] + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" password: NotRequired[str] + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" credentials_secret: NotRequired[str] r"""Secret that references Redis username and password""" text_secret: NotRequired[str] @@ -731,11 +862,25 @@ class RedisAuthTypeNone(BaseModel): url: Optional[str] = None r"""Redis URL to connect to. Format: redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-number[&password=bar[&option=value]]]. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + tls_options: Annotated[ Optional[TLSOptionsTypeRedisDeploymentTypeStandalone], pydantic.Field(alias="tlsOptions"), ] = None + root_nodes: Annotated[ + Optional[List[RootNodeConfRedisDeploymentTypeCluster]], + pydantic.Field(alias="rootNodes"), + ] = None + r"""Root nodes to which the cluster connection should be initiated""" + + tls: Optional[bool] = None + r"""Use TLS for connections to this cluster""" + scale_reads: Annotated[ Optional[ScaleReadsOptionsRedisDeploymentTypeCluster], pydantic.Field(alias="scaleReads"), @@ -746,8 +891,18 @@ class RedisAuthTypeNone(BaseModel): username: Optional[str] = None + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: Optional[str] = None + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + credentials_secret: Annotated[ Optional[str], pydantic.Field(alias="credentialsSecret") ] = None @@ -792,11 +947,16 @@ def serialize_model(self, handler): "maxBlockSecs", "enableClientSideCaching", "url", + "__template_url", "tlsOptions", + "rootNodes", + "tls", "scaleReads", "masterName", "username", + "__template_username", "password", + "__template_password", "credentialsSecret", "textSecret", ] @@ -828,21 +988,6 @@ class RedisDeploymentTypeSentinelDeploymentType( SENTINEL = "sentinel" -class RedisDeploymentTypeSentinelRootNodeTypedDict(TypedDict): - host: str - r"""Hostname of sentinel node. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`.""" - port: float - r"""Port of sentinel node""" - - -class RedisDeploymentTypeSentinelRootNode(BaseModel): - host: str - r"""Hostname of sentinel node. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`.""" - - port: float - r"""Port of sentinel node""" - - class RedisDeploymentTypeSentinelCommandTypedDict(TypedDict): command: str r"""Redis command to perform. For a complete list visit: https://redis.io/commands""" @@ -902,8 +1047,8 @@ class RedisDeploymentTypeSentinelTypedDict(TypedDict): commands: List[RedisDeploymentTypeSentinelCommandTypedDict] deployment_type: NotRequired[RedisDeploymentTypeSentinelDeploymentType] r"""How the Redis server is configured. Defaults to Standalone""" - root_nodes: NotRequired[List[RedisDeploymentTypeSentinelRootNodeTypedDict]] - r"""List of sentinels to be used""" + root_nodes: NotRequired[List[RootNodeConfRedisDeploymentTypeClusterTypedDict]] + r"""Root nodes to which the cluster connection should be initiated""" tls: NotRequired[bool] r"""Use TLS for connections to this cluster""" tls_options: NotRequired[TLSOptionsTypeRedisDeploymentTypeStandaloneTypedDict] @@ -914,10 +1059,16 @@ class RedisDeploymentTypeSentinelTypedDict(TypedDict): r"""Enable client-side cache. Redundant when using Redis write operations. See more options at Settings > General > Limits > Redis Cache.""" url: NotRequired[str] r"""Redis URL to connect to. Format: redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-number[&password=bar[&option=value]]]. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" scale_reads: NotRequired[ScaleReadsOptionsRedisDeploymentTypeCluster] r"""Which nodes read commands should be sent to""" username: NotRequired[str] + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" password: NotRequired[str] + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" credentials_secret: NotRequired[str] r"""Secret that references Redis username and password""" text_secret: NotRequired[str] @@ -936,10 +1087,10 @@ class RedisDeploymentTypeSentinel(BaseModel): r"""How the Redis server is configured. Defaults to Standalone""" root_nodes: Annotated[ - Optional[List[RedisDeploymentTypeSentinelRootNode]], + Optional[List[RootNodeConfRedisDeploymentTypeCluster]], pydantic.Field(alias="rootNodes"), ] = None - r"""List of sentinels to be used""" + r"""Root nodes to which the cluster connection should be initiated""" tls: Optional[bool] = None r"""Use TLS for connections to this cluster""" @@ -967,6 +1118,11 @@ class RedisDeploymentTypeSentinel(BaseModel): url: Optional[str] = None r"""Redis URL to connect to. Format: redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-number[&password=bar[&option=value]]]. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + scale_reads: Annotated[ Optional[ScaleReadsOptionsRedisDeploymentTypeCluster], pydantic.Field(alias="scaleReads"), @@ -975,8 +1131,18 @@ class RedisDeploymentTypeSentinel(BaseModel): username: Optional[str] = None + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: Optional[str] = None + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + credentials_secret: Annotated[ Optional[str], pydantic.Field(alias="credentialsSecret") ] = None @@ -1024,9 +1190,12 @@ def serialize_model(self, handler): "maxBlockSecs", "enableClientSideCaching", "url", + "__template_url", "scaleReads", "username", + "__template_username", "password", + "__template_password", "credentialsSecret", "textSecret", ] @@ -1056,21 +1225,6 @@ class RedisDeploymentTypeClusterDeploymentType(str, Enum, metaclass=utils.OpenEn SENTINEL = "sentinel" -class RedisDeploymentTypeClusterRootNodeTypedDict(TypedDict): - host: str - r"""Hostname of cluster node. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`.""" - port: float - r"""Port of cluster node""" - - -class RedisDeploymentTypeClusterRootNode(BaseModel): - host: str - r"""Hostname of cluster node. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`.""" - - port: float - r"""Port of cluster node""" - - class RedisDeploymentTypeClusterCommandTypedDict(TypedDict): command: str r"""Redis command to perform. For a complete list visit: https://redis.io/commands""" @@ -1129,7 +1283,7 @@ class RedisDeploymentTypeClusterTypedDict(TypedDict): commands: List[RedisDeploymentTypeClusterCommandTypedDict] deployment_type: NotRequired[RedisDeploymentTypeClusterDeploymentType] r"""How the Redis server is configured. Defaults to Standalone""" - root_nodes: NotRequired[List[RedisDeploymentTypeClusterRootNodeTypedDict]] + root_nodes: NotRequired[List[RootNodeConfRedisDeploymentTypeClusterTypedDict]] r"""Root nodes to which the cluster connection should be initiated""" tls: NotRequired[bool] r"""Use TLS for connections to this cluster""" @@ -1143,9 +1297,15 @@ class RedisDeploymentTypeClusterTypedDict(TypedDict): r"""Enable client-side cache. Redundant when using Redis write operations. See more options at Settings > General > Limits > Redis Cache.""" url: NotRequired[str] r"""Redis URL to connect to. Format: redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-number[&password=bar[&option=value]]]. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" master_name: NotRequired[str] username: NotRequired[str] + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" password: NotRequired[str] + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" credentials_secret: NotRequired[str] r"""Secret that references Redis username and password""" text_secret: NotRequired[str] @@ -1162,7 +1322,7 @@ class RedisDeploymentTypeCluster(BaseModel): r"""How the Redis server is configured. Defaults to Standalone""" root_nodes: Annotated[ - Optional[List[RedisDeploymentTypeClusterRootNode]], + Optional[List[RootNodeConfRedisDeploymentTypeCluster]], pydantic.Field(alias="rootNodes"), ] = None r"""Root nodes to which the cluster connection should be initiated""" @@ -1199,12 +1359,27 @@ class RedisDeploymentTypeCluster(BaseModel): url: Optional[str] = None r"""Redis URL to connect to. Format: redis[s]://[[user][:password@]][host][:port][/db-number][?db=db-number[&password=bar[&option=value]]]. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`""" + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + master_name: Annotated[Optional[str], pydantic.Field(alias="masterName")] = None username: Optional[str] = None + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: Optional[str] = None + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + credentials_secret: Annotated[ Optional[str], pydantic.Field(alias="credentialsSecret") ] = None @@ -1253,9 +1428,12 @@ def serialize_model(self, handler): "maxBlockSecs", "enableClientSideCaching", "url", + "__template_url", "masterName", "username", + "__template_username", "password", + "__template_password", "credentialsSecret", "textSecret", ] @@ -1348,16 +1526,26 @@ class RedisDeploymentTypeStandaloneTypedDict(TypedDict): deployment_type: NotRequired[RedisDeploymentTypeStandaloneDeploymentType] r"""How the Redis server is configured. Defaults to Standalone""" tls_options: NotRequired[TLSOptionsTypeRedisDeploymentTypeStandaloneTypedDict] + template_url: NotRequired[str] + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" auth_type: NotRequired[RedisDeploymentTypeStandaloneAuthenticationMethod] max_block_secs: NotRequired[float] r"""Maximum amount of time (seconds) to wait before assuming that Redis is down and passing events through. Use 0 to disable.""" enable_client_side_caching: NotRequired[bool] r"""Enable client-side cache. Redundant when using Redis write operations. See more options at Settings > General > Limits > Redis Cache.""" + root_nodes: NotRequired[List[RootNodeConfRedisDeploymentTypeClusterTypedDict]] + r"""Root nodes to which the cluster connection should be initiated""" + tls: NotRequired[bool] + r"""Use TLS for connections to this cluster""" scale_reads: NotRequired[ScaleReadsOptionsRedisDeploymentTypeCluster] r"""Which nodes read commands should be sent to""" master_name: NotRequired[str] username: NotRequired[str] + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" password: NotRequired[str] + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" credentials_secret: NotRequired[str] r"""Secret that references Redis username and password""" text_secret: NotRequired[str] @@ -1381,6 +1569,11 @@ class RedisDeploymentTypeStandalone(BaseModel): pydantic.Field(alias="tlsOptions"), ] = None + template_url: Annotated[Optional[str], pydantic.Field(alias="__template_url")] = ( + None + ) + r"""Binds 'url' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'url' at runtime.""" + auth_type: Annotated[ Optional[RedisDeploymentTypeStandaloneAuthenticationMethod], pydantic.Field(alias="authType"), @@ -1396,6 +1589,15 @@ class RedisDeploymentTypeStandalone(BaseModel): ] = None r"""Enable client-side cache. Redundant when using Redis write operations. See more options at Settings > General > Limits > Redis Cache.""" + root_nodes: Annotated[ + Optional[List[RootNodeConfRedisDeploymentTypeCluster]], + pydantic.Field(alias="rootNodes"), + ] = None + r"""Root nodes to which the cluster connection should be initiated""" + + tls: Optional[bool] = None + r"""Use TLS for connections to this cluster""" + scale_reads: Annotated[ Optional[ScaleReadsOptionsRedisDeploymentTypeCluster], pydantic.Field(alias="scaleReads"), @@ -1406,8 +1608,18 @@ class RedisDeploymentTypeStandalone(BaseModel): username: Optional[str] = None + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: Optional[str] = None + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + credentials_secret: Annotated[ Optional[str], pydantic.Field(alias="credentialsSecret") ] = None @@ -1449,13 +1661,18 @@ def serialize_model(self, handler): [ "deploymentType", "tlsOptions", + "__template_url", "authType", "maxBlockSecs", "enableClientSideCaching", + "rootNodes", + "tls", "scaleReads", "masterName", "username", + "__template_username", "password", + "__template_password", "credentialsSecret", "textSecret", ] @@ -1478,12 +1695,12 @@ def serialize_model(self, handler): "PipelineFunctionRedisConfTypedDict", Union[ RedisDeploymentTypeStandaloneTypedDict, + RedisDeploymentTypeClusterTypedDict, + RedisDeploymentTypeSentinelTypedDict, RedisAuthTypeNoneTypedDict, RedisAuthTypeManualTypedDict, RedisAuthTypeCredentialsSecretTypedDict, RedisAuthTypeTextSecretTypedDict, - RedisDeploymentTypeClusterTypedDict, - RedisDeploymentTypeSentinelTypedDict, ], ) diff --git a/src/cribl_control_plane/models/pipelinefunctionserde.py b/src/cribl_control_plane/models/pipelinefunctionserde.py index 8cf39ee62..56b2dc7ae 100644 --- a/src/cribl_control_plane/models/pipelinefunctionserde.py +++ b/src/cribl_control_plane/models/pipelinefunctionserde.py @@ -49,10 +49,18 @@ class SerdeTypeGrokTypedDict(TypedDict): r"""Field containing text to be parsed""" dst_field: NotRequired[str] r"""Name of the field to add fields to. Extract mode only.""" + keep: NotRequired[List[str]] + r"""List of fields to keep. Supports wildcards (*). Takes precedence over 'Fields to remove'.""" + remove: NotRequired[List[str]] + r"""List of fields to remove. Supports wildcards (*). Cannot remove fields that match 'Fields to keep'.""" + field_filter_expr: NotRequired[str] + r"""Expression evaluated against {index, name, value} context. Return truthy to keep a field, or falsy to remove it.""" allowed_key_chars: NotRequired[List[str]] r"""A list of characters that may be present in a key name, even though they are normally separator or control characters""" allowed_value_chars: NotRequired[List[str]] r"""A list of characters that may be present in a value, even though they are normally separator or control characters""" + fields: NotRequired[List[str]] + r"""The fields to be extracted, listed in order. Will auto-generate if empty.""" regex: NotRequired[str] r"""Regex literal with named capturing groups, such as (?bar), or _NAME_ and _VALUE_ capturing groups, such as(?<_NAME_0>[^ =]+)=(?<_VALUE_0>[^,]+)""" regex_list: NotRequired[List[RegexListConfSerdeTypeRegexTypedDict]] @@ -85,6 +93,17 @@ class SerdeTypeGrok(BaseModel): dst_field: Annotated[Optional[str], pydantic.Field(alias="dstField")] = None r"""Name of the field to add fields to. Extract mode only.""" + keep: Optional[List[str]] = None + r"""List of fields to keep. Supports wildcards (*). Takes precedence over 'Fields to remove'.""" + + remove: Optional[List[str]] = None + r"""List of fields to remove. Supports wildcards (*). Cannot remove fields that match 'Fields to keep'.""" + + field_filter_expr: Annotated[ + Optional[str], pydantic.Field(alias="fieldFilterExpr") + ] = None + r"""Expression evaluated against {index, name, value} context. Return truthy to keep a field, or falsy to remove it.""" + allowed_key_chars: Annotated[ Optional[List[str]], pydantic.Field(alias="allowedKeyChars") ] = None @@ -95,6 +114,9 @@ class SerdeTypeGrok(BaseModel): ] = None r"""A list of characters that may be present in a value, even though they are normally separator or control characters""" + fields: Optional[List[str]] = None + r"""The fields to be extracted, listed in order. Will auto-generate if empty.""" + regex: Optional[str] = None r"""Regex literal with named capturing groups, such as (?bar), or _NAME_ and _VALUE_ capturing groups, such as(?<_NAME_0>[^ =]+)=(?<_VALUE_0>[^,]+)""" @@ -138,8 +160,12 @@ def serialize_model(self, handler): "patternList", "srcField", "dstField", + "keep", + "remove", + "fieldFilterExpr", "allowedKeyChars", "allowedValueChars", + "fields", "regex", "regexList", "iterations", @@ -188,10 +214,18 @@ class SerdeTypeRegexTypedDict(TypedDict): r"""Field containing text to be parsed""" dst_field: NotRequired[str] r"""Name of the field to add fields to. Extract mode only.""" + keep: NotRequired[List[str]] + r"""List of fields to keep. Supports wildcards (*). Takes precedence over 'Fields to remove'.""" + remove: NotRequired[List[str]] + r"""List of fields to remove. Supports wildcards (*). Cannot remove fields that match 'Fields to keep'.""" + field_filter_expr: NotRequired[str] + r"""Expression evaluated against {index, name, value} context. Return truthy to keep a field, or falsy to remove it.""" allowed_key_chars: NotRequired[List[str]] r"""A list of characters that may be present in a key name, even though they are normally separator or control characters""" allowed_value_chars: NotRequired[List[str]] r"""A list of characters that may be present in a value, even though they are normally separator or control characters""" + fields: NotRequired[List[str]] + r"""The fields to be extracted, listed in order. Will auto-generate if empty.""" pattern: NotRequired[str] r"""Grok pattern to extract fields. Syntax supported: %{PATTERN_NAME:FIELD_NAME}""" pattern_list: NotRequired[List[PatternListConfSerdeTypeGrokTypedDict]] @@ -228,6 +262,17 @@ class SerdeTypeRegex(BaseModel): dst_field: Annotated[Optional[str], pydantic.Field(alias="dstField")] = None r"""Name of the field to add fields to. Extract mode only.""" + keep: Optional[List[str]] = None + r"""List of fields to keep. Supports wildcards (*). Takes precedence over 'Fields to remove'.""" + + remove: Optional[List[str]] = None + r"""List of fields to remove. Supports wildcards (*). Cannot remove fields that match 'Fields to keep'.""" + + field_filter_expr: Annotated[ + Optional[str], pydantic.Field(alias="fieldFilterExpr") + ] = None + r"""Expression evaluated against {index, name, value} context. Return truthy to keep a field, or falsy to remove it.""" + allowed_key_chars: Annotated[ Optional[List[str]], pydantic.Field(alias="allowedKeyChars") ] = None @@ -238,6 +283,9 @@ class SerdeTypeRegex(BaseModel): ] = None r"""A list of characters that may be present in a value, even though they are normally separator or control characters""" + fields: Optional[List[str]] = None + r"""The fields to be extracted, listed in order. Will auto-generate if empty.""" + pattern: Optional[str] = None r"""Grok pattern to extract fields. Syntax supported: %{PATTERN_NAME:FIELD_NAME}""" @@ -274,8 +322,12 @@ def serialize_model(self, handler): "overwrite", "srcField", "dstField", + "keep", + "remove", + "fieldFilterExpr", "allowedKeyChars", "allowedValueChars", + "fields", "pattern", "patternList", ] @@ -322,6 +374,8 @@ class SerdeTypeJSONTypedDict(TypedDict): r"""A list of characters that may be present in a key name, even though they are normally separator or control characters""" allowed_value_chars: NotRequired[List[str]] r"""A list of characters that may be present in a value, even though they are normally separator or control characters""" + fields: NotRequired[List[str]] + r"""The fields to be extracted, listed in order. Will auto-generate if empty.""" regex: NotRequired[str] r"""Regex literal with named capturing groups, such as (?bar), or _NAME_ and _VALUE_ capturing groups, such as(?<_NAME_0>[^ =]+)=(?<_VALUE_0>[^,]+)""" regex_list: NotRequired[List[RegexListConfSerdeTypeRegexTypedDict]] @@ -370,6 +424,9 @@ class SerdeTypeJSON(BaseModel): ] = None r"""A list of characters that may be present in a value, even though they are normally separator or control characters""" + fields: Optional[List[str]] = None + r"""The fields to be extracted, listed in order. Will auto-generate if empty.""" + regex: Optional[str] = None r"""Regex literal with named capturing groups, such as (?bar), or _NAME_ and _VALUE_ capturing groups, such as(?<_NAME_0>[^ =]+)=(?<_VALUE_0>[^,]+)""" @@ -425,6 +482,7 @@ def serialize_model(self, handler): "dstField", "allowedKeyChars", "allowedValueChars", + "fields", "regex", "regexList", "iterations", @@ -822,6 +880,8 @@ class SerdeTypeKvpTypedDict(TypedDict): r"""Field containing text to be parsed""" dst_field: NotRequired[str] r"""Name of the field to add fields to. Extract mode only.""" + fields: NotRequired[List[str]] + r"""The fields to be extracted, listed in order. Will auto-generate if empty.""" regex: NotRequired[str] r"""Regex literal with named capturing groups, such as (?bar), or _NAME_ and _VALUE_ capturing groups, such as(?<_NAME_0>[^ =]+)=(?<_VALUE_0>[^,]+)""" regex_list: NotRequired[List[RegexListConfSerdeTypeRegexTypedDict]] @@ -873,6 +933,9 @@ class SerdeTypeKvp(BaseModel): dst_field: Annotated[Optional[str], pydantic.Field(alias="dstField")] = None r"""Name of the field to add fields to. Extract mode only.""" + fields: Optional[List[str]] = None + r"""The fields to be extracted, listed in order. Will auto-generate if empty.""" + regex: Optional[str] = None r"""Regex literal with named capturing groups, such as (?bar), or _NAME_ and _VALUE_ capturing groups, such as(?<_NAME_0>[^ =]+)=(?<_VALUE_0>[^,]+)""" @@ -929,6 +992,7 @@ def serialize_model(self, handler): "allowedValueChars", "srcField", "dstField", + "fields", "regex", "regexList", "iterations", @@ -955,11 +1019,11 @@ def serialize_model(self, handler): PipelineFunctionSerdeConfTypedDict = TypeAliasType( "PipelineFunctionSerdeConfTypedDict", Union[ + SerdeTypeCsvTypedDict, + SerdeTypeJSONTypedDict, SerdeTypeRegexTypedDict, SerdeTypeGrokTypedDict, - SerdeTypeJSONTypedDict, SerdeTypeKvpTypedDict, - SerdeTypeCsvTypedDict, SerdeTypeDelimTypedDict, ], ) diff --git a/src/cribl_control_plane/models/pqtype.py b/src/cribl_control_plane/models/pqtype.py index c48e73035..c06acaf8f 100644 --- a/src/cribl_control_plane/models/pqtype.py +++ b/src/cribl_control_plane/models/pqtype.py @@ -23,7 +23,7 @@ class PqTypeTypedDict(TypedDict): mode: NotRequired[ModeOptionsPq] r"""With Smart mode, PQ will write events to the filesystem only when it detects backpressure from the processing engine. With Always On mode, PQ will always write events directly to the queue before forwarding them to the processing engine.""" max_buffer_size_bytes: NotRequired[str] - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" max_buffer_size: NotRequired[float] r"""Maximum number of events to hold in memory before writing the events to disk. Deprecated and only supported in workers < v4.17.0. Use maxBufferSizeBytes instead.""" commit_frequency: NotRequired[float] @@ -46,7 +46,7 @@ class PqType(BaseModel): max_buffer_size_bytes: Annotated[ Optional[str], pydantic.Field(alias="maxBufferSizeBytes") ] = None - r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 1MB.""" + r"""The maximum size to hold in memory before writing events to disk. Enter a numeral with units of KB, MB, etc. The minimum value is 64KB and the maximum value is 10MB.""" max_buffer_size: Annotated[ Optional[float], pydantic.Field(alias="maxBufferSize") diff --git a/src/cribl_control_plane/models/rbacresource.py b/src/cribl_control_plane/models/rbacresource.py index 1b2e72ae7..1f1efe17c 100644 --- a/src/cribl_control_plane/models/rbacresource.py +++ b/src/cribl_control_plane/models/rbacresource.py @@ -14,3 +14,4 @@ class RbacResource(str, Enum, metaclass=utils.OpenEnumMeta): MACROS = "macros" NOTEBOOKS = "notebooks" NOTEBOOK_TEMPLATES = "notebook-templates" + APPS = "apps" diff --git a/src/cribl_control_plane/models/restauthenticationbasic_restpaginationtyperequestoffset.py b/src/cribl_control_plane/models/restauthenticationbasic_restpaginationtyperequestoffset.py index d1f17beae..e448d6d41 100644 --- a/src/cribl_control_plane/models/restauthenticationbasic_restpaginationtyperequestoffset.py +++ b/src/cribl_control_plane/models/restauthenticationbasic_restpaginationtyperequestoffset.py @@ -65,6 +65,8 @@ class RestAuthenticationOauthRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostWith enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -122,6 +124,11 @@ class RestAuthenticationOauthRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostWith ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -161,6 +168,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -214,6 +222,8 @@ class RestAuthenticationOauthRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostType enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -271,6 +281,11 @@ class RestAuthenticationOauthRestDiscoveryDiscoverTypeHTTPDiscoverMethodPost(Bas ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -311,6 +326,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -364,6 +380,8 @@ class RestAuthenticationOauthRestDiscoveryDiscoverTypeHTTPDiscoverMethodGetTyped enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -421,6 +439,11 @@ class RestAuthenticationOauthRestDiscoveryDiscoverTypeHTTPDiscoverMethodGet(Base ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -461,6 +484,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -533,9 +557,9 @@ class UnknownRestAuthenticationOauthRestDiscoveryDiscoverTypeHTTP(BaseModel): RestAuthenticationOauthDiscoveryTypedDict = TypeAliasType( "RestAuthenticationOauthDiscoveryTypedDict", Union[ + RestAuthenticationOauthRestDiscoveryDiscoverTypeJSONTypedDict, RestAuthenticationOauthRestDiscoveryDiscoverTypeListTypedDict, RestAuthenticationOauthRestDiscoveryDiscoverTypeNoneTypedDict, - RestAuthenticationOauthRestDiscoveryDiscoverTypeJSONTypedDict, RestAuthenticationOauthRestDiscoveryDiscoverTypeHTTPTypedDict, ], ) @@ -874,6 +898,10 @@ class RestAuthenticationOauthRestPaginationTypeResponseHeaderLinkTypedDict(Typed r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -919,6 +947,14 @@ class RestAuthenticationOauthRestPaginationTypeResponseHeaderLink(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -957,6 +993,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -1014,6 +1052,10 @@ class RestAuthenticationOauthRestPaginationTypeResponseHeaderTypedDict(TypedDict r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -1062,6 +1104,14 @@ class RestAuthenticationOauthRestPaginationTypeResponseHeader(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -1101,6 +1151,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -1158,6 +1210,10 @@ class RestAuthenticationOauthRestPaginationTypeResponseBodyTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -1206,6 +1262,14 @@ class RestAuthenticationOauthRestPaginationTypeResponseBody(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -1245,6 +1309,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -1268,6 +1334,8 @@ def serialize_model(self, handler): class RestAuthenticationOauthRestPaginationTypeNoneTypedDict(TypedDict): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: NotRequired[float] + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" last_page_expr: NotRequired[str] r"""JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section.""" next_relation_attribute: NotRequired[str] @@ -1282,6 +1350,10 @@ class RestAuthenticationOauthRestPaginationTypeNoneTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -1297,6 +1369,9 @@ class RestAuthenticationOauthRestPaginationTypeNoneTypedDict(TypedDict): class RestAuthenticationOauthRestPaginationTypeNone(BaseModel): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: Annotated[Optional[float], pydantic.Field(alias="maxPages")] = None + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" + last_page_expr: Annotated[Optional[str], pydantic.Field(alias="lastPageExpr")] = ( None ) @@ -1324,6 +1399,14 @@ class RestAuthenticationOauthRestPaginationTypeNone(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -1356,6 +1439,7 @@ def serialize_type(self, value): def serialize_model(self, handler): optional_fields = set( [ + "maxPages", "lastPageExpr", "nextRelationAttribute", "curRelationAttribute", @@ -1363,6 +1447,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -1389,10 +1475,10 @@ def serialize_model(self, handler): Union[ RestAuthenticationOauthRestPaginationTypeNoneTypedDict, RestAuthenticationOauthRestPaginationTypeResponseHeaderLinkTypedDict, - RestAuthenticationOauthRestPaginationTypeResponseBodyTypedDict, - RestAuthenticationOauthRestPaginationTypeResponseHeaderTypedDict, RestAuthenticationOauthRestPaginationTypeRequestOffsetTypedDict, RestAuthenticationOauthRestPaginationTypeRequestPageTypedDict, + RestAuthenticationOauthRestPaginationTypeResponseBodyTypedDict, + RestAuthenticationOauthRestPaginationTypeResponseHeaderTypedDict, ], ) @@ -1777,9 +1863,9 @@ class RestAuthenticationOauthTypedDict(TypedDict): authentication: RestAuthenticationOauthAuthentication r"""Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers.""" login_url: str - r"""URL to use for the OAuth API call. This call is expected to be a POST.""" + r"""URL to use for login API call. This call is expected to be a POST.""" auth_header_expr: str - r"""JavaScript expression to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" client_secret_param_name: str r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" client_secret_param_value: str @@ -1798,6 +1884,10 @@ class RestAuthenticationOauthTypedDict(TypedDict): auth_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + template_client_secret_param_value: NotRequired[str] + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" discovery: NotRequired[RestAuthenticationOauthDiscoveryTypedDict] collect_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] @@ -1827,8 +1917,30 @@ class RestAuthenticationOauthTypedDict(TypedDict): ] r"""Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable.""" scheduling: NotRequired[RestAuthenticationOauthSchedulingTypedDict] + username: NotRequired[str] + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: NotRequired[str] + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + get_auth_token_from_header: NotRequired[bool] + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + text_secret: NotRequired[str] + r"""Select or create a text secret that contains the client secret's value""" + scopes: NotRequired[List[str]] + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" service_account_credentials: NotRequired[str] r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: NotRequired[str] + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + subject: NotRequired[str] + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + template_subject: NotRequired[str] + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" hmac_function_id: NotRequired[str] r"""Select or create an HMAC Function to use with authentication""" template_collect_url: NotRequired[str] @@ -1840,10 +1952,10 @@ class RestAuthenticationOauth(BaseModel): r"""Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers.""" login_url: Annotated[str, pydantic.Field(alias="loginUrl")] - r"""URL to use for the OAuth API call. This call is expected to be a POST.""" + r"""URL to use for login API call. This call is expected to be a POST.""" auth_header_expr: Annotated[str, pydantic.Field(alias="authHeaderExpr")] - r"""JavaScript expression to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" client_secret_param_name: Annotated[ str, pydantic.Field(alias="clientSecretParamName") @@ -1883,6 +1995,16 @@ class RestAuthenticationOauth(BaseModel): pydantic.Field(alias="authRequestHeaders"), ] = None + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + template_client_secret_param_value: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientSecretParamValue") + ] = None + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + discovery: Optional[RestAuthenticationOauthDiscovery] = None collect_request_headers: Annotated[ @@ -1948,11 +2070,57 @@ class RestAuthenticationOauth(BaseModel): pydantic.Field(alias="__scheduling"), ] = None + username: Optional[str] = None + + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + password: Optional[str] = None + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + + get_auth_token_from_header: Annotated[ + Optional[bool], pydantic.Field(alias="getAuthTokenFromHeader") + ] = None + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a text secret that contains the client secret's value""" + + scopes: Optional[List[str]] = None + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" + service_account_credentials: Annotated[ Optional[str], pydantic.Field(alias="serviceAccountCredentials") ] = None r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="__template_serviceAccountCredentials") + ] = None + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + + subject: Optional[str] = None + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + + template_subject: Annotated[ + Optional[str], pydantic.Field(alias="__template_subject") + ] = None + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" + hmac_function_id: Annotated[ Optional[str], pydantic.Field(alias="hmacFunctionId") ] = None @@ -1989,6 +2157,8 @@ def serialize_model(self, handler): "authHeaderKey", "authRequestParams", "authRequestHeaders", + "__template_loginUrl", + "__template_clientSecretParamValue", "discovery", "collectRequestHeaders", "pagination", @@ -2004,7 +2174,19 @@ def serialize_model(self, handler): "retryRules", "microsoftGraphDelta", "__scheduling", + "username", + "__template_username", + "password", + "__template_password", + "credentialsSecret", + "loginBody", + "getAuthTokenFromHeader", + "textSecret", + "scopes", "serviceAccountCredentials", + "__template_serviceAccountCredentials", + "subject", + "__template_subject", "hmacFunctionId", "__template_collectUrl", ] @@ -2058,11 +2240,15 @@ class RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeNoneTypedDict(TypedD r"""Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -2082,6 +2268,11 @@ class RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeNone(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -2094,6 +2285,11 @@ class RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeNone(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -2136,9 +2332,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -2179,11 +2377,15 @@ class RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeListTypedDict(TypedD r"""Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -2204,6 +2406,11 @@ class RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeList(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -2216,6 +2423,11 @@ class RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeList(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -2255,9 +2467,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -2296,9 +2510,11 @@ class RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeJSONTypedDict(TypedD manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] @@ -2324,11 +2540,16 @@ class RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeJSON(BaseModel): discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -2379,6 +2600,7 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", @@ -2440,6 +2662,8 @@ class RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodOt enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -2505,6 +2729,11 @@ class RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodOt ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -2546,6 +2775,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -2598,6 +2828,8 @@ class RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodPo enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -2655,6 +2887,11 @@ class RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodPo ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -2694,6 +2931,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -2747,6 +2985,8 @@ class RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodPo enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -2806,6 +3046,11 @@ class RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodPo ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -2846,6 +3091,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -2899,6 +3145,8 @@ class RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodGe enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -2958,6 +3206,11 @@ class RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodGe ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -2998,6 +3251,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -3070,9 +3324,9 @@ class UnknownRestAuthenticationLoginSecretRestDiscoveryDiscoverTypeHTTP(BaseMode RestAuthenticationLoginSecretDiscoveryTypedDict = TypeAliasType( "RestAuthenticationLoginSecretDiscoveryTypedDict", Union[ + RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeJSONTypedDict, RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeListTypedDict, RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeNoneTypedDict, - RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeJSONTypedDict, RestAuthenticationLoginSecretRestDiscoveryDiscoverTypeHTTPTypedDict, ], ) @@ -3415,6 +3669,10 @@ class RestAuthenticationLoginSecretRestPaginationTypeResponseHeaderLinkTypedDict r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -3460,6 +3718,14 @@ class RestAuthenticationLoginSecretRestPaginationTypeResponseHeaderLink(BaseMode limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -3498,6 +3764,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -3553,6 +3821,10 @@ class RestAuthenticationLoginSecretRestPaginationTypeResponseHeaderTypedDict(Typ r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -3603,6 +3875,14 @@ class RestAuthenticationLoginSecretRestPaginationTypeResponseHeader(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -3642,6 +3922,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -3699,6 +3981,10 @@ class RestAuthenticationLoginSecretRestPaginationTypeResponseBodyTypedDict(Typed r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -3749,6 +4035,14 @@ class RestAuthenticationLoginSecretRestPaginationTypeResponseBody(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -3788,6 +4082,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -3811,6 +4107,8 @@ def serialize_model(self, handler): class RestAuthenticationLoginSecretRestPaginationTypeNoneTypedDict(TypedDict): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: NotRequired[float] + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" last_page_expr: NotRequired[str] r"""JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section.""" next_relation_attribute: NotRequired[str] @@ -3825,6 +4123,10 @@ class RestAuthenticationLoginSecretRestPaginationTypeNoneTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -3840,6 +4142,9 @@ class RestAuthenticationLoginSecretRestPaginationTypeNoneTypedDict(TypedDict): class RestAuthenticationLoginSecretRestPaginationTypeNone(BaseModel): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: Annotated[Optional[float], pydantic.Field(alias="maxPages")] = None + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" + last_page_expr: Annotated[Optional[str], pydantic.Field(alias="lastPageExpr")] = ( None ) @@ -3867,6 +4172,14 @@ class RestAuthenticationLoginSecretRestPaginationTypeNone(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -3899,6 +4212,7 @@ def serialize_type(self, value): def serialize_model(self, handler): optional_fields = set( [ + "maxPages", "lastPageExpr", "nextRelationAttribute", "curRelationAttribute", @@ -3906,6 +4220,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -3932,10 +4248,10 @@ def serialize_model(self, handler): Union[ RestAuthenticationLoginSecretRestPaginationTypeNoneTypedDict, RestAuthenticationLoginSecretRestPaginationTypeResponseHeaderLinkTypedDict, - RestAuthenticationLoginSecretRestPaginationTypeResponseBodyTypedDict, - RestAuthenticationLoginSecretRestPaginationTypeResponseHeaderTypedDict, RestAuthenticationLoginSecretRestPaginationTypeRequestOffsetTypedDict, RestAuthenticationLoginSecretRestPaginationTypeRequestPageTypedDict, + RestAuthenticationLoginSecretRestPaginationTypeResponseBodyTypedDict, + RestAuthenticationLoginSecretRestPaginationTypeResponseHeaderTypedDict, ], ) @@ -4322,11 +4638,11 @@ class RestAuthenticationLoginSecretTypedDict(TypedDict): login_url: str r"""URL to use for login API call. This call is expected to be a POST.""" credentials_secret: str - r"""Select or create a stored secret that references your login credentials""" + r"""Select or create a stored secret that references your credentials""" login_body: str r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" auth_header_expr: str - r"""JavaScript expression to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" collect_url: str r"""URL (constant or JavaScript expression) to use for the Collect operation""" collect_method: RestAuthenticationLoginSecretCollectMethod @@ -4368,10 +4684,36 @@ class RestAuthenticationLoginSecretTypedDict(TypedDict): ] r"""Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable.""" scheduling: NotRequired[RestAuthenticationLoginSecretSchedulingTypedDict] + username: NotRequired[str] + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: NotRequired[str] + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + client_secret_param_name: NotRequired[str] + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" client_secret_param_value: NotRequired[str] r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: NotRequired[str] + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + auth_request_params: NotRequired[ + List[CollectRequestParamConfRestCollectMethodGetTypedDict] + ] + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + text_secret: NotRequired[str] + r"""Select or create a text secret that contains the client secret's value""" + scopes: NotRequired[List[str]] + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" service_account_credentials: NotRequired[str] r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: NotRequired[str] + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + subject: NotRequired[str] + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + template_subject: NotRequired[str] + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" hmac_function_id: NotRequired[str] r"""Select or create an HMAC Function to use with authentication""" template_collect_url: NotRequired[str] @@ -4386,13 +4728,13 @@ class RestAuthenticationLoginSecret(BaseModel): r"""URL to use for login API call. This call is expected to be a POST.""" credentials_secret: Annotated[str, pydantic.Field(alias="credentialsSecret")] - r"""Select or create a stored secret that references your login credentials""" + r"""Select or create a stored secret that references your credentials""" login_body: Annotated[str, pydantic.Field(alias="loginBody")] r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" auth_header_expr: Annotated[str, pydantic.Field(alias="authHeaderExpr")] - r"""JavaScript expression to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" collect_url: Annotated[str, pydantic.Field(alias="collectUrl")] r"""URL (constant or JavaScript expression) to use for the Collect operation""" @@ -4488,16 +4830,70 @@ class RestAuthenticationLoginSecret(BaseModel): pydantic.Field(alias="__scheduling"), ] = None + username: Optional[str] = None + + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + password: Optional[str] = None + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + client_secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="clientSecretParamName") + ] = None + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" + client_secret_param_value: Annotated[ Optional[str], pydantic.Field(alias="clientSecretParamValue") ] = None r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientSecretParamValue") + ] = None + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + + auth_request_params: Annotated[ + Optional[List[CollectRequestParamConfRestCollectMethodGet]], + pydantic.Field(alias="authRequestParams"), + ] = None + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a text secret that contains the client secret's value""" + + scopes: Optional[List[str]] = None + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" + service_account_credentials: Annotated[ Optional[str], pydantic.Field(alias="serviceAccountCredentials") ] = None r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="__template_serviceAccountCredentials") + ] = None + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + + subject: Optional[str] = None + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + + template_subject: Annotated[ + Optional[str], pydantic.Field(alias="__template_subject") + ] = None + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" + hmac_function_id: Annotated[ Optional[str], pydantic.Field(alias="hmacFunctionId") ] = None @@ -4549,8 +4945,21 @@ def serialize_model(self, handler): "retryRules", "microsoftGraphDelta", "__scheduling", + "username", + "__template_username", + "password", + "__template_password", + "__template_loginUrl", + "clientSecretParamName", "clientSecretParamValue", + "__template_clientSecretParamValue", + "authRequestParams", + "textSecret", + "scopes", "serviceAccountCredentials", + "__template_serviceAccountCredentials", + "subject", + "__template_subject", "hmacFunctionId", "__template_collectUrl", ] @@ -4600,11 +5009,15 @@ class RestAuthenticationLoginRestDiscoveryDiscoverTypeNoneTypedDict(TypedDict): r"""Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -4624,6 +5037,11 @@ class RestAuthenticationLoginRestDiscoveryDiscoverTypeNone(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -4636,6 +5054,11 @@ class RestAuthenticationLoginRestDiscoveryDiscoverTypeNone(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -4678,9 +5101,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -4719,11 +5144,15 @@ class RestAuthenticationLoginRestDiscoveryDiscoverTypeListTypedDict(TypedDict): r"""Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -4744,6 +5173,11 @@ class RestAuthenticationLoginRestDiscoveryDiscoverTypeList(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -4756,6 +5190,11 @@ class RestAuthenticationLoginRestDiscoveryDiscoverTypeList(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -4795,9 +5234,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -4834,9 +5275,11 @@ class RestAuthenticationLoginRestDiscoveryDiscoverTypeJSONTypedDict(TypedDict): manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] @@ -4862,11 +5305,16 @@ class RestAuthenticationLoginRestDiscoveryDiscoverTypeJSON(BaseModel): discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -4917,6 +5365,7 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", @@ -4978,6 +5427,8 @@ class RestAuthenticationLoginRestDiscoveryDiscoverTypeHTTPDiscoverMethodOtherTyp enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -5043,6 +5494,11 @@ class RestAuthenticationLoginRestDiscoveryDiscoverTypeHTTPDiscoverMethodOther( ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -5084,6 +5540,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -5136,6 +5593,8 @@ class RestAuthenticationLoginRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostWith enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -5193,6 +5652,11 @@ class RestAuthenticationLoginRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostWith ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -5232,6 +5696,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -5285,6 +5750,8 @@ class RestAuthenticationLoginRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostType enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -5342,6 +5809,11 @@ class RestAuthenticationLoginRestDiscoveryDiscoverTypeHTTPDiscoverMethodPost(Bas ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -5382,6 +5854,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -5435,6 +5908,8 @@ class RestAuthenticationLoginRestDiscoveryDiscoverTypeHTTPDiscoverMethodGetTyped enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -5492,6 +5967,11 @@ class RestAuthenticationLoginRestDiscoveryDiscoverTypeHTTPDiscoverMethodGet(Base ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -5532,6 +6012,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -5604,9 +6085,9 @@ class UnknownRestAuthenticationLoginRestDiscoveryDiscoverTypeHTTP(BaseModel): RestAuthenticationLoginDiscoveryTypedDict = TypeAliasType( "RestAuthenticationLoginDiscoveryTypedDict", Union[ + RestAuthenticationLoginRestDiscoveryDiscoverTypeJSONTypedDict, RestAuthenticationLoginRestDiscoveryDiscoverTypeListTypedDict, RestAuthenticationLoginRestDiscoveryDiscoverTypeNoneTypedDict, - RestAuthenticationLoginRestDiscoveryDiscoverTypeJSONTypedDict, RestAuthenticationLoginRestDiscoveryDiscoverTypeHTTPTypedDict, ], ) @@ -5945,6 +6426,10 @@ class RestAuthenticationLoginRestPaginationTypeResponseHeaderLinkTypedDict(Typed r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -5990,8 +6475,16 @@ class RestAuthenticationLoginRestPaginationTypeResponseHeaderLink(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" - page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None - r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None + r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: Optional[float] = None r"""Page number from which to start request. Defaults to undefined, which will start collection from the first page.""" @@ -6028,6 +6521,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -6085,6 +6580,10 @@ class RestAuthenticationLoginRestPaginationTypeResponseHeaderTypedDict(TypedDict r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -6133,6 +6632,14 @@ class RestAuthenticationLoginRestPaginationTypeResponseHeader(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -6172,6 +6679,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -6229,6 +6738,10 @@ class RestAuthenticationLoginRestPaginationTypeResponseBodyTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -6277,6 +6790,14 @@ class RestAuthenticationLoginRestPaginationTypeResponseBody(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -6316,6 +6837,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -6339,6 +6862,8 @@ def serialize_model(self, handler): class RestAuthenticationLoginRestPaginationTypeNoneTypedDict(TypedDict): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: NotRequired[float] + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" last_page_expr: NotRequired[str] r"""JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section.""" next_relation_attribute: NotRequired[str] @@ -6353,6 +6878,10 @@ class RestAuthenticationLoginRestPaginationTypeNoneTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -6368,6 +6897,9 @@ class RestAuthenticationLoginRestPaginationTypeNoneTypedDict(TypedDict): class RestAuthenticationLoginRestPaginationTypeNone(BaseModel): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: Annotated[Optional[float], pydantic.Field(alias="maxPages")] = None + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" + last_page_expr: Annotated[Optional[str], pydantic.Field(alias="lastPageExpr")] = ( None ) @@ -6395,6 +6927,14 @@ class RestAuthenticationLoginRestPaginationTypeNone(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -6427,6 +6967,7 @@ def serialize_type(self, value): def serialize_model(self, handler): optional_fields = set( [ + "maxPages", "lastPageExpr", "nextRelationAttribute", "curRelationAttribute", @@ -6434,6 +6975,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -6460,10 +7003,10 @@ def serialize_model(self, handler): Union[ RestAuthenticationLoginRestPaginationTypeNoneTypedDict, RestAuthenticationLoginRestPaginationTypeResponseHeaderLinkTypedDict, - RestAuthenticationLoginRestPaginationTypeResponseBodyTypedDict, - RestAuthenticationLoginRestPaginationTypeResponseHeaderTypedDict, RestAuthenticationLoginRestPaginationTypeRequestOffsetTypedDict, RestAuthenticationLoginRestPaginationTypeRequestPageTypedDict, + RestAuthenticationLoginRestPaginationTypeResponseBodyTypedDict, + RestAuthenticationLoginRestPaginationTypeResponseHeaderTypedDict, ], ) @@ -6867,6 +7410,12 @@ class RestAuthenticationLoginTypedDict(TypedDict): ] token_resp_attribute: NotRequired[str] r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" discovery: NotRequired[RestAuthenticationLoginDiscoveryTypedDict] collect_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] @@ -6896,10 +7445,30 @@ class RestAuthenticationLoginTypedDict(TypedDict): ] r"""Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable.""" scheduling: NotRequired[RestAuthenticationLoginSchedulingTypedDict] + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" + client_secret_param_name: NotRequired[str] + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" client_secret_param_value: NotRequired[str] r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: NotRequired[str] + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + auth_request_params: NotRequired[ + List[CollectRequestParamConfRestCollectMethodGetTypedDict] + ] + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + text_secret: NotRequired[str] + r"""Select or create a text secret that contains the client secret's value""" + scopes: NotRequired[List[str]] + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" service_account_credentials: NotRequired[str] r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: NotRequired[str] + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + subject: NotRequired[str] + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + template_subject: NotRequired[str] + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" hmac_function_id: NotRequired[str] r"""Select or create an HMAC Function to use with authentication""" template_collect_url: NotRequired[str] @@ -6950,6 +7519,21 @@ class RestAuthenticationLogin(BaseModel): ] = None r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + discovery: Optional[RestAuthenticationLoginDiscovery] = None collect_request_headers: Annotated[ @@ -7015,16 +7599,56 @@ class RestAuthenticationLogin(BaseModel): pydantic.Field(alias="__scheduling"), ] = None + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + + client_secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="clientSecretParamName") + ] = None + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" + client_secret_param_value: Annotated[ Optional[str], pydantic.Field(alias="clientSecretParamValue") ] = None r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientSecretParamValue") + ] = None + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + + auth_request_params: Annotated[ + Optional[List[CollectRequestParamConfRestCollectMethodGet]], + pydantic.Field(alias="authRequestParams"), + ] = None + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a text secret that contains the client secret's value""" + + scopes: Optional[List[str]] = None + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" + service_account_credentials: Annotated[ Optional[str], pydantic.Field(alias="serviceAccountCredentials") ] = None r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="__template_serviceAccountCredentials") + ] = None + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + + subject: Optional[str] = None + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + + template_subject: Annotated[ + Optional[str], pydantic.Field(alias="__template_subject") + ] = None + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" + hmac_function_id: Annotated[ Optional[str], pydantic.Field(alias="hmacFunctionId") ] = None @@ -7061,6 +7685,9 @@ def serialize_model(self, handler): "authHeaderKey", "authRequestHeaders", "tokenRespAttribute", + "__template_loginUrl", + "__template_username", + "__template_password", "discovery", "collectRequestHeaders", "pagination", @@ -7076,8 +7703,17 @@ def serialize_model(self, handler): "retryRules", "microsoftGraphDelta", "__scheduling", + "credentialsSecret", + "clientSecretParamName", "clientSecretParamValue", + "__template_clientSecretParamValue", + "authRequestParams", + "textSecret", + "scopes", "serviceAccountCredentials", + "__template_serviceAccountCredentials", + "subject", + "__template_subject", "hmacFunctionId", "__template_collectUrl", ] @@ -7131,11 +7767,15 @@ class RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeNoneTypedDict(TypedD r"""Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -7155,6 +7795,11 @@ class RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeNone(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -7167,6 +7812,11 @@ class RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeNone(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -7209,9 +7859,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -7252,11 +7904,15 @@ class RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeListTypedDict(TypedD r"""Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -7277,6 +7933,11 @@ class RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeList(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -7289,6 +7950,11 @@ class RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeList(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -7328,9 +7994,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -7369,9 +8037,11 @@ class RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeJSONTypedDict(TypedD manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] @@ -7397,11 +8067,16 @@ class RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeJSON(BaseModel): discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -7452,6 +8127,7 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", @@ -7513,6 +8189,8 @@ class RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodOt enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -7578,6 +8256,11 @@ class RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodOt ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -7619,6 +8302,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -7671,6 +8355,8 @@ class RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodPo enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -7728,6 +8414,11 @@ class RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodPo ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -7767,6 +8458,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -7820,6 +8512,8 @@ class RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodPo enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -7879,6 +8573,11 @@ class RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodPo ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -7919,6 +8618,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -7972,6 +8672,8 @@ class RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodGe enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -8031,6 +8733,11 @@ class RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodGe ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -8071,6 +8778,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -8143,9 +8851,9 @@ class UnknownRestAuthenticationBasicSecretRestDiscoveryDiscoverTypeHTTP(BaseMode RestAuthenticationBasicSecretDiscoveryTypedDict = TypeAliasType( "RestAuthenticationBasicSecretDiscoveryTypedDict", Union[ + RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeJSONTypedDict, RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeListTypedDict, RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeNoneTypedDict, - RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeJSONTypedDict, RestAuthenticationBasicSecretRestDiscoveryDiscoverTypeHTTPTypedDict, ], ) @@ -8488,6 +9196,10 @@ class RestAuthenticationBasicSecretRestPaginationTypeResponseHeaderLinkTypedDict r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -8533,6 +9245,14 @@ class RestAuthenticationBasicSecretRestPaginationTypeResponseHeaderLink(BaseMode limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -8571,6 +9291,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -8626,6 +9348,10 @@ class RestAuthenticationBasicSecretRestPaginationTypeResponseHeaderTypedDict(Typ r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -8676,6 +9402,14 @@ class RestAuthenticationBasicSecretRestPaginationTypeResponseHeader(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -8715,6 +9449,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -8772,6 +9508,10 @@ class RestAuthenticationBasicSecretRestPaginationTypeResponseBodyTypedDict(Typed r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -8822,6 +9562,14 @@ class RestAuthenticationBasicSecretRestPaginationTypeResponseBody(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -8861,6 +9609,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -8884,6 +9634,8 @@ def serialize_model(self, handler): class RestAuthenticationBasicSecretRestPaginationTypeNoneTypedDict(TypedDict): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: NotRequired[float] + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" last_page_expr: NotRequired[str] r"""JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section.""" next_relation_attribute: NotRequired[str] @@ -8898,6 +9650,10 @@ class RestAuthenticationBasicSecretRestPaginationTypeNoneTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -8913,6 +9669,9 @@ class RestAuthenticationBasicSecretRestPaginationTypeNoneTypedDict(TypedDict): class RestAuthenticationBasicSecretRestPaginationTypeNone(BaseModel): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: Annotated[Optional[float], pydantic.Field(alias="maxPages")] = None + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" + last_page_expr: Annotated[Optional[str], pydantic.Field(alias="lastPageExpr")] = ( None ) @@ -8940,6 +9699,14 @@ class RestAuthenticationBasicSecretRestPaginationTypeNone(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -8972,6 +9739,7 @@ def serialize_type(self, value): def serialize_model(self, handler): optional_fields = set( [ + "maxPages", "lastPageExpr", "nextRelationAttribute", "curRelationAttribute", @@ -8979,6 +9747,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -9005,10 +9775,10 @@ def serialize_model(self, handler): Union[ RestAuthenticationBasicSecretRestPaginationTypeNoneTypedDict, RestAuthenticationBasicSecretRestPaginationTypeResponseHeaderLinkTypedDict, - RestAuthenticationBasicSecretRestPaginationTypeResponseBodyTypedDict, - RestAuthenticationBasicSecretRestPaginationTypeResponseHeaderTypedDict, RestAuthenticationBasicSecretRestPaginationTypeRequestOffsetTypedDict, RestAuthenticationBasicSecretRestPaginationTypeRequestPageTypedDict, + RestAuthenticationBasicSecretRestPaginationTypeResponseBodyTypedDict, + RestAuthenticationBasicSecretRestPaginationTypeResponseHeaderTypedDict, ], ) @@ -9426,10 +10196,51 @@ class RestAuthenticationBasicSecretTypedDict(TypedDict): ] r"""Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable.""" scheduling: NotRequired[RestAuthenticationBasicSecretSchedulingTypedDict] + username: NotRequired[str] + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: NotRequired[str] + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + login_url: NotRequired[str] + r"""URL to use for login API call. This call is expected to be a POST.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + get_auth_token_from_header: NotRequired[bool] + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + auth_header_key: NotRequired[str] + r"""Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'.""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + auth_request_headers: NotRequired[ + List[CollectRequestParamConfRestCollectMethodGetTypedDict] + ] + token_resp_attribute: NotRequired[str] + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + client_secret_param_name: NotRequired[str] + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" client_secret_param_value: NotRequired[str] r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: NotRequired[str] + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + auth_request_params: NotRequired[ + List[CollectRequestParamConfRestCollectMethodGetTypedDict] + ] + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + text_secret: NotRequired[str] + r"""Select or create a text secret that contains the client secret's value""" + scopes: NotRequired[List[str]] + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" service_account_credentials: NotRequired[str] r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: NotRequired[str] + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + subject: NotRequired[str] + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + template_subject: NotRequired[str] + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" hmac_function_id: NotRequired[str] r"""Select or create an HMAC Function to use with authentication""" template_collect_url: NotRequired[str] @@ -9517,16 +10328,101 @@ class RestAuthenticationBasicSecret(BaseModel): pydantic.Field(alias="__scheduling"), ] = None + username: Optional[str] = None + + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + password: Optional[str] = None + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL to use for login API call. This call is expected to be a POST.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + + get_auth_token_from_header: Annotated[ + Optional[bool], pydantic.Field(alias="getAuthTokenFromHeader") + ] = None + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + + auth_header_key: Annotated[Optional[str], pydantic.Field(alias="authHeaderKey")] = ( + None + ) + r"""Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'.""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + + auth_request_headers: Annotated[ + Optional[List[CollectRequestParamConfRestCollectMethodGet]], + pydantic.Field(alias="authRequestHeaders"), + ] = None + + token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="tokenRespAttribute") + ] = None + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + + client_secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="clientSecretParamName") + ] = None + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" + client_secret_param_value: Annotated[ Optional[str], pydantic.Field(alias="clientSecretParamValue") ] = None r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientSecretParamValue") + ] = None + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + + auth_request_params: Annotated[ + Optional[List[CollectRequestParamConfRestCollectMethodGet]], + pydantic.Field(alias="authRequestParams"), + ] = None + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a text secret that contains the client secret's value""" + + scopes: Optional[List[str]] = None + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" + service_account_credentials: Annotated[ Optional[str], pydantic.Field(alias="serviceAccountCredentials") ] = None r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="__template_serviceAccountCredentials") + ] = None + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + + subject: Optional[str] = None + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + + template_subject: Annotated[ + Optional[str], pydantic.Field(alias="__template_subject") + ] = None + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" + hmac_function_id: Annotated[ Optional[str], pydantic.Field(alias="hmacFunctionId") ] = None @@ -9574,8 +10470,28 @@ def serialize_model(self, handler): "retryRules", "microsoftGraphDelta", "__scheduling", + "username", + "__template_username", + "password", + "__template_password", + "loginUrl", + "__template_loginUrl", + "loginBody", + "getAuthTokenFromHeader", + "authHeaderKey", + "authHeaderExpr", + "authRequestHeaders", + "tokenRespAttribute", + "clientSecretParamName", "clientSecretParamValue", + "__template_clientSecretParamValue", + "authRequestParams", + "textSecret", + "scopes", "serviceAccountCredentials", + "__template_serviceAccountCredentials", + "subject", + "__template_subject", "hmacFunctionId", "__template_collectUrl", ] @@ -9625,11 +10541,15 @@ class RestAuthenticationBasicRestDiscoveryDiscoverTypeNoneTypedDict(TypedDict): r"""Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -9649,6 +10569,11 @@ class RestAuthenticationBasicRestDiscoveryDiscoverTypeNone(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -9661,6 +10586,11 @@ class RestAuthenticationBasicRestDiscoveryDiscoverTypeNone(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -9703,9 +10633,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -9744,11 +10676,15 @@ class RestAuthenticationBasicRestDiscoveryDiscoverTypeListTypedDict(TypedDict): r"""Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -9769,6 +10705,11 @@ class RestAuthenticationBasicRestDiscoveryDiscoverTypeList(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -9781,6 +10722,11 @@ class RestAuthenticationBasicRestDiscoveryDiscoverTypeList(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -9820,9 +10766,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -9859,9 +10807,11 @@ class RestAuthenticationBasicRestDiscoveryDiscoverTypeJSONTypedDict(TypedDict): manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] @@ -9887,11 +10837,16 @@ class RestAuthenticationBasicRestDiscoveryDiscoverTypeJSON(BaseModel): discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -9942,6 +10897,7 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", @@ -10003,6 +10959,8 @@ class RestAuthenticationBasicRestDiscoveryDiscoverTypeHTTPDiscoverMethodOtherTyp enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -10068,6 +11026,11 @@ class RestAuthenticationBasicRestDiscoveryDiscoverTypeHTTPDiscoverMethodOther( ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -10109,6 +11072,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -10161,6 +11125,8 @@ class RestAuthenticationBasicRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostWith enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -10218,6 +11184,11 @@ class RestAuthenticationBasicRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostWith ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -10257,6 +11228,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -10310,6 +11282,8 @@ class RestAuthenticationBasicRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostType enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -10367,6 +11341,11 @@ class RestAuthenticationBasicRestDiscoveryDiscoverTypeHTTPDiscoverMethodPost(Bas ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -10407,6 +11386,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -10460,6 +11440,8 @@ class RestAuthenticationBasicRestDiscoveryDiscoverTypeHTTPDiscoverMethodGetTyped enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -10517,6 +11499,11 @@ class RestAuthenticationBasicRestDiscoveryDiscoverTypeHTTPDiscoverMethodGet(Base ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -10557,6 +11544,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -10629,9 +11617,9 @@ class UnknownRestAuthenticationBasicRestDiscoveryDiscoverTypeHTTP(BaseModel): RestAuthenticationBasicDiscoveryTypedDict = TypeAliasType( "RestAuthenticationBasicDiscoveryTypedDict", Union[ + RestAuthenticationBasicRestDiscoveryDiscoverTypeJSONTypedDict, RestAuthenticationBasicRestDiscoveryDiscoverTypeListTypedDict, RestAuthenticationBasicRestDiscoveryDiscoverTypeNoneTypedDict, - RestAuthenticationBasicRestDiscoveryDiscoverTypeJSONTypedDict, RestAuthenticationBasicRestDiscoveryDiscoverTypeHTTPTypedDict, ], ) diff --git a/src/cribl_control_plane/models/restauthenticationoauth_restdiscoverydiscovertypehttpdiscovermethodpostwithbody_discover_type.py b/src/cribl_control_plane/models/restauthenticationoauth_restdiscoverydiscovertypehttpdiscovermethodpostwithbody_discover_type.py index da2feec8b..752778b4d 100644 --- a/src/cribl_control_plane/models/restauthenticationoauth_restdiscoverydiscovertypehttpdiscovermethodpostwithbody_discover_type.py +++ b/src/cribl_control_plane/models/restauthenticationoauth_restdiscoverydiscovertypehttpdiscovermethodpostwithbody_discover_type.py @@ -61,11 +61,15 @@ class RestAuthenticationHmacRestDiscoveryDiscoverTypeNoneTypedDict(TypedDict): r"""Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -85,6 +89,11 @@ class RestAuthenticationHmacRestDiscoveryDiscoverTypeNone(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -97,6 +106,11 @@ class RestAuthenticationHmacRestDiscoveryDiscoverTypeNone(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -139,9 +153,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -180,11 +196,15 @@ class RestAuthenticationHmacRestDiscoveryDiscoverTypeListTypedDict(TypedDict): r"""Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -205,6 +225,11 @@ class RestAuthenticationHmacRestDiscoveryDiscoverTypeList(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -217,6 +242,11 @@ class RestAuthenticationHmacRestDiscoveryDiscoverTypeList(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -256,9 +286,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -295,9 +327,11 @@ class RestAuthenticationHmacRestDiscoveryDiscoverTypeJSONTypedDict(TypedDict): manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] @@ -323,11 +357,16 @@ class RestAuthenticationHmacRestDiscoveryDiscoverTypeJSON(BaseModel): discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -378,6 +417,7 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", @@ -439,6 +479,8 @@ class RestAuthenticationHmacRestDiscoveryDiscoverTypeHTTPDiscoverMethodOtherType enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -502,6 +544,11 @@ class RestAuthenticationHmacRestDiscoveryDiscoverTypeHTTPDiscoverMethodOther(Bas ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -543,6 +590,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -595,6 +643,8 @@ class RestAuthenticationHmacRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostWithB enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -652,6 +702,11 @@ class RestAuthenticationHmacRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostWithB ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -691,6 +746,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -744,6 +800,8 @@ class RestAuthenticationHmacRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostTyped enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -801,6 +859,11 @@ class RestAuthenticationHmacRestDiscoveryDiscoverTypeHTTPDiscoverMethodPost(Base ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -841,6 +904,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -896,6 +960,8 @@ class RestAuthenticationHmacRestDiscoveryDiscoverTypeHTTPDiscoverMethodGetTypedD enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -953,6 +1019,11 @@ class RestAuthenticationHmacRestDiscoveryDiscoverTypeHTTPDiscoverMethodGet(BaseM ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -993,6 +1064,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -1063,9 +1135,9 @@ class UnknownRestAuthenticationHmacRestDiscoveryDiscoverTypeHTTP(BaseModel): RestAuthenticationHmacDiscoveryTypedDict = TypeAliasType( "RestAuthenticationHmacDiscoveryTypedDict", Union[ + RestAuthenticationHmacRestDiscoveryDiscoverTypeJSONTypedDict, RestAuthenticationHmacRestDiscoveryDiscoverTypeListTypedDict, RestAuthenticationHmacRestDiscoveryDiscoverTypeNoneTypedDict, - RestAuthenticationHmacRestDiscoveryDiscoverTypeJSONTypedDict, RestAuthenticationHmacRestDiscoveryDiscoverTypeHTTPTypedDict, ], ) @@ -1404,6 +1476,10 @@ class RestAuthenticationHmacRestPaginationTypeResponseHeaderLinkTypedDict(TypedD r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -1449,6 +1525,14 @@ class RestAuthenticationHmacRestPaginationTypeResponseHeaderLink(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -1487,6 +1571,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -1544,6 +1630,10 @@ class RestAuthenticationHmacRestPaginationTypeResponseHeaderTypedDict(TypedDict) r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -1592,6 +1682,14 @@ class RestAuthenticationHmacRestPaginationTypeResponseHeader(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -1631,6 +1729,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -1688,6 +1788,10 @@ class RestAuthenticationHmacRestPaginationTypeResponseBodyTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -1736,6 +1840,14 @@ class RestAuthenticationHmacRestPaginationTypeResponseBody(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -1775,6 +1887,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -1798,6 +1912,8 @@ def serialize_model(self, handler): class RestAuthenticationHmacRestPaginationTypeNoneTypedDict(TypedDict): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: NotRequired[float] + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" last_page_expr: NotRequired[str] r"""JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section.""" next_relation_attribute: NotRequired[str] @@ -1812,6 +1928,10 @@ class RestAuthenticationHmacRestPaginationTypeNoneTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -1827,6 +1947,9 @@ class RestAuthenticationHmacRestPaginationTypeNoneTypedDict(TypedDict): class RestAuthenticationHmacRestPaginationTypeNone(BaseModel): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: Annotated[Optional[float], pydantic.Field(alias="maxPages")] = None + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" + last_page_expr: Annotated[Optional[str], pydantic.Field(alias="lastPageExpr")] = ( None ) @@ -1854,6 +1977,14 @@ class RestAuthenticationHmacRestPaginationTypeNone(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -1886,6 +2017,7 @@ def serialize_type(self, value): def serialize_model(self, handler): optional_fields = set( [ + "maxPages", "lastPageExpr", "nextRelationAttribute", "curRelationAttribute", @@ -1893,6 +2025,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -1919,10 +2053,10 @@ def serialize_model(self, handler): Union[ RestAuthenticationHmacRestPaginationTypeNoneTypedDict, RestAuthenticationHmacRestPaginationTypeResponseHeaderLinkTypedDict, - RestAuthenticationHmacRestPaginationTypeResponseBodyTypedDict, - RestAuthenticationHmacRestPaginationTypeResponseHeaderTypedDict, RestAuthenticationHmacRestPaginationTypeRequestOffsetTypedDict, RestAuthenticationHmacRestPaginationTypeRequestPageTypedDict, + RestAuthenticationHmacRestPaginationTypeResponseBodyTypedDict, + RestAuthenticationHmacRestPaginationTypeResponseHeaderTypedDict, ], ) @@ -2340,10 +2474,53 @@ class RestAuthenticationHmacTypedDict(TypedDict): ] r"""Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable.""" scheduling: NotRequired[RestAuthenticationHmacSchedulingTypedDict] + username: NotRequired[str] + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: NotRequired[str] + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" + login_url: NotRequired[str] + r"""URL to use for login API call. This call is expected to be a POST.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + get_auth_token_from_header: NotRequired[bool] + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + auth_header_key: NotRequired[str] + r"""Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'.""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + auth_request_headers: NotRequired[ + List[CollectRequestParamConfRestCollectMethodGetTypedDict] + ] + token_resp_attribute: NotRequired[str] + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + client_secret_param_name: NotRequired[str] + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" client_secret_param_value: NotRequired[str] r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: NotRequired[str] + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + auth_request_params: NotRequired[ + List[CollectRequestParamConfRestCollectMethodGetTypedDict] + ] + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + text_secret: NotRequired[str] + r"""Select or create a text secret that contains the client secret's value""" + scopes: NotRequired[List[str]] + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" service_account_credentials: NotRequired[str] r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: NotRequired[str] + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + subject: NotRequired[str] + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + template_subject: NotRequired[str] + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" template_collect_url: NotRequired[str] r"""Binds 'collectUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'collectUrl' at runtime.""" @@ -2426,16 +2603,106 @@ class RestAuthenticationHmac(BaseModel): Optional[RestAuthenticationHmacScheduling], pydantic.Field(alias="__scheduling") ] = None + username: Optional[str] = None + + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + password: Optional[str] = None + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL to use for login API call. This call is expected to be a POST.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + + get_auth_token_from_header: Annotated[ + Optional[bool], pydantic.Field(alias="getAuthTokenFromHeader") + ] = None + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + + auth_header_key: Annotated[Optional[str], pydantic.Field(alias="authHeaderKey")] = ( + None + ) + r"""Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'.""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + + auth_request_headers: Annotated[ + Optional[List[CollectRequestParamConfRestCollectMethodGet]], + pydantic.Field(alias="authRequestHeaders"), + ] = None + + token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="tokenRespAttribute") + ] = None + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + + client_secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="clientSecretParamName") + ] = None + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" + client_secret_param_value: Annotated[ Optional[str], pydantic.Field(alias="clientSecretParamValue") ] = None r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientSecretParamValue") + ] = None + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + + auth_request_params: Annotated[ + Optional[List[CollectRequestParamConfRestCollectMethodGet]], + pydantic.Field(alias="authRequestParams"), + ] = None + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a text secret that contains the client secret's value""" + + scopes: Optional[List[str]] = None + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" + service_account_credentials: Annotated[ Optional[str], pydantic.Field(alias="serviceAccountCredentials") ] = None r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="__template_serviceAccountCredentials") + ] = None + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + + subject: Optional[str] = None + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + + template_subject: Annotated[ + Optional[str], pydantic.Field(alias="__template_subject") + ] = None + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" + template_collect_url: Annotated[ Optional[str], pydantic.Field(alias="__template_collectUrl") ] = None @@ -2478,8 +2745,29 @@ def serialize_model(self, handler): "retryRules", "microsoftGraphDelta", "__scheduling", + "username", + "__template_username", + "password", + "__template_password", + "credentialsSecret", + "loginUrl", + "__template_loginUrl", + "loginBody", + "getAuthTokenFromHeader", + "authHeaderKey", + "authHeaderExpr", + "authRequestHeaders", + "tokenRespAttribute", + "clientSecretParamName", "clientSecretParamValue", + "__template_clientSecretParamValue", + "authRequestParams", + "textSecret", + "scopes", "serviceAccountCredentials", + "__template_serviceAccountCredentials", + "subject", + "__template_subject", "__template_collectUrl", ] ) @@ -2534,11 +2822,15 @@ class RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeNoneTypedDict( r"""Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -2558,6 +2850,11 @@ class RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeNone(BaseModel discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -2570,6 +2867,11 @@ class RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeNone(BaseModel pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -2612,9 +2914,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -2657,11 +2961,15 @@ class RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeListTypedDict( r"""Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -2682,6 +2990,11 @@ class RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeList(BaseModel discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -2694,6 +3007,11 @@ class RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeList(BaseModel pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -2733,9 +3051,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -2776,9 +3096,11 @@ class RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeJSONTypedDict( manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] @@ -2804,11 +3126,16 @@ class RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeJSON(BaseModel discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -2859,6 +3186,7 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", @@ -2920,6 +3248,8 @@ class RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeHTTPDiscoverMe enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -2985,6 +3315,11 @@ class RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeHTTPDiscoverMe ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -3026,6 +3361,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -3078,6 +3414,8 @@ class RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeHTTPDiscoverMe enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -3135,6 +3473,11 @@ class RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeHTTPDiscoverMe ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -3174,6 +3517,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -3227,6 +3571,8 @@ class RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeHTTPDiscoverMe enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -3286,6 +3632,11 @@ class RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeHTTPDiscoverMe ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -3326,6 +3677,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -3379,6 +3731,8 @@ class RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeHTTPDiscoverMe enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -3438,6 +3792,11 @@ class RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeHTTPDiscoverMe ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -3478,6 +3837,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -3552,9 +3912,9 @@ class UnknownRestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeHTTP( RestAuthenticationGoogleOauthSecretDiscoveryTypedDict = TypeAliasType( "RestAuthenticationGoogleOauthSecretDiscoveryTypedDict", Union[ + RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeJSONTypedDict, RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeListTypedDict, RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeNoneTypedDict, - RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeJSONTypedDict, RestAuthenticationGoogleOauthSecretRestDiscoveryDiscoverTypeHTTPTypedDict, ], ) @@ -3901,6 +4261,10 @@ class RestAuthenticationGoogleOauthSecretRestPaginationTypeResponseHeaderLinkTyp r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -3948,6 +4312,14 @@ class RestAuthenticationGoogleOauthSecretRestPaginationTypeResponseHeaderLink( limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -3986,6 +4358,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -4043,6 +4417,10 @@ class RestAuthenticationGoogleOauthSecretRestPaginationTypeResponseHeaderTypedDi r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -4091,6 +4469,14 @@ class RestAuthenticationGoogleOauthSecretRestPaginationTypeResponseHeader(BaseMo limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -4130,6 +4516,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -4187,6 +4575,10 @@ class RestAuthenticationGoogleOauthSecretRestPaginationTypeResponseBodyTypedDict r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -4235,6 +4627,14 @@ class RestAuthenticationGoogleOauthSecretRestPaginationTypeResponseBody(BaseMode limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -4274,6 +4674,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -4297,6 +4699,8 @@ def serialize_model(self, handler): class RestAuthenticationGoogleOauthSecretRestPaginationTypeNoneTypedDict(TypedDict): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: NotRequired[float] + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" last_page_expr: NotRequired[str] r"""JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section.""" next_relation_attribute: NotRequired[str] @@ -4311,6 +4715,10 @@ class RestAuthenticationGoogleOauthSecretRestPaginationTypeNoneTypedDict(TypedDi r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -4326,6 +4734,9 @@ class RestAuthenticationGoogleOauthSecretRestPaginationTypeNoneTypedDict(TypedDi class RestAuthenticationGoogleOauthSecretRestPaginationTypeNone(BaseModel): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: Annotated[Optional[float], pydantic.Field(alias="maxPages")] = None + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" + last_page_expr: Annotated[Optional[str], pydantic.Field(alias="lastPageExpr")] = ( None ) @@ -4353,6 +4764,14 @@ class RestAuthenticationGoogleOauthSecretRestPaginationTypeNone(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -4385,6 +4804,7 @@ def serialize_type(self, value): def serialize_model(self, handler): optional_fields = set( [ + "maxPages", "lastPageExpr", "nextRelationAttribute", "curRelationAttribute", @@ -4392,6 +4812,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -4418,10 +4840,10 @@ def serialize_model(self, handler): Union[ RestAuthenticationGoogleOauthSecretRestPaginationTypeNoneTypedDict, RestAuthenticationGoogleOauthSecretRestPaginationTypeResponseHeaderLinkTypedDict, - RestAuthenticationGoogleOauthSecretRestPaginationTypeResponseBodyTypedDict, - RestAuthenticationGoogleOauthSecretRestPaginationTypeResponseHeaderTypedDict, RestAuthenticationGoogleOauthSecretRestPaginationTypeRequestOffsetTypedDict, RestAuthenticationGoogleOauthSecretRestPaginationTypeRequestPageTypedDict, + RestAuthenticationGoogleOauthSecretRestPaginationTypeResponseBodyTypedDict, + RestAuthenticationGoogleOauthSecretRestPaginationTypeResponseHeaderTypedDict, ], ) @@ -4810,12 +5232,14 @@ class RestAuthenticationGoogleOauthSecretTypedDict(TypedDict): scopes: List[str] r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" text_secret: str - r"""Select or create a text secret that contains the Google service account credentials value""" + r"""Select or create a text secret that contains the client secret's value""" subject: str r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" collect_url: str r"""URL (constant or JavaScript expression) to use for the Collect operation""" collect_method: RestAuthenticationGoogleOauthSecretCollectMethod + template_subject: NotRequired[str] + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" discovery: NotRequired[RestAuthenticationGoogleOauthSecretDiscoveryTypedDict] collect_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] @@ -4845,10 +5269,45 @@ class RestAuthenticationGoogleOauthSecretTypedDict(TypedDict): ] r"""Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable.""" scheduling: NotRequired[RestAuthenticationGoogleOauthSecretSchedulingTypedDict] + username: NotRequired[str] + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: NotRequired[str] + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" + login_url: NotRequired[str] + r"""URL to use for login API call. This call is expected to be a POST.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + get_auth_token_from_header: NotRequired[bool] + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + auth_header_key: NotRequired[str] + r"""Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'.""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + auth_request_headers: NotRequired[ + List[CollectRequestParamConfRestCollectMethodGetTypedDict] + ] + token_resp_attribute: NotRequired[str] + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + client_secret_param_name: NotRequired[str] + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" client_secret_param_value: NotRequired[str] r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: NotRequired[str] + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + auth_request_params: NotRequired[ + List[CollectRequestParamConfRestCollectMethodGetTypedDict] + ] + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" service_account_credentials: NotRequired[str] r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: NotRequired[str] + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" hmac_function_id: NotRequired[str] r"""Select or create an HMAC Function to use with authentication""" template_collect_url: NotRequired[str] @@ -4863,7 +5322,7 @@ class RestAuthenticationGoogleOauthSecret(BaseModel): r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" text_secret: Annotated[str, pydantic.Field(alias="textSecret")] - r"""Select or create a text secret that contains the Google service account credentials value""" + r"""Select or create a text secret that contains the client secret's value""" subject: str r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" @@ -4876,6 +5335,11 @@ class RestAuthenticationGoogleOauthSecret(BaseModel): pydantic.Field(alias="collectMethod"), ] + template_subject: Annotated[ + Optional[str], pydantic.Field(alias="__template_subject") + ] = None + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" + discovery: Optional[RestAuthenticationGoogleOauthSecretDiscovery] = None collect_request_headers: Annotated[ @@ -4942,16 +5406,92 @@ class RestAuthenticationGoogleOauthSecret(BaseModel): pydantic.Field(alias="__scheduling"), ] = None + username: Optional[str] = None + + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + password: Optional[str] = None + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL to use for login API call. This call is expected to be a POST.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + + get_auth_token_from_header: Annotated[ + Optional[bool], pydantic.Field(alias="getAuthTokenFromHeader") + ] = None + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + + auth_header_key: Annotated[Optional[str], pydantic.Field(alias="authHeaderKey")] = ( + None + ) + r"""Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'.""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + + auth_request_headers: Annotated[ + Optional[List[CollectRequestParamConfRestCollectMethodGet]], + pydantic.Field(alias="authRequestHeaders"), + ] = None + + token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="tokenRespAttribute") + ] = None + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + + client_secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="clientSecretParamName") + ] = None + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" + client_secret_param_value: Annotated[ Optional[str], pydantic.Field(alias="clientSecretParamValue") ] = None r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientSecretParamValue") + ] = None + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + + auth_request_params: Annotated[ + Optional[List[CollectRequestParamConfRestCollectMethodGet]], + pydantic.Field(alias="authRequestParams"), + ] = None + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + service_account_credentials: Annotated[ Optional[str], pydantic.Field(alias="serviceAccountCredentials") ] = None r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="__template_serviceAccountCredentials") + ] = None + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + hmac_function_id: Annotated[ Optional[str], pydantic.Field(alias="hmacFunctionId") ] = None @@ -4984,6 +5524,7 @@ def serialize_collect_method(self, value): def serialize_model(self, handler): optional_fields = set( [ + "__template_subject", "discovery", "collectRequestHeaders", "pagination", @@ -4999,8 +5540,25 @@ def serialize_model(self, handler): "retryRules", "microsoftGraphDelta", "__scheduling", + "username", + "__template_username", + "password", + "__template_password", + "credentialsSecret", + "loginUrl", + "__template_loginUrl", + "loginBody", + "getAuthTokenFromHeader", + "authHeaderKey", + "authHeaderExpr", + "authRequestHeaders", + "tokenRespAttribute", + "clientSecretParamName", "clientSecretParamValue", + "__template_clientSecretParamValue", + "authRequestParams", "serviceAccountCredentials", + "__template_serviceAccountCredentials", "hmacFunctionId", "__template_collectUrl", ] @@ -5054,11 +5612,15 @@ class RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeNoneTypedDict(TypedD r"""Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -5078,6 +5640,11 @@ class RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeNone(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -5090,6 +5657,11 @@ class RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeNone(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -5132,9 +5704,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -5175,11 +5749,15 @@ class RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeListTypedDict(TypedD r"""Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -5200,6 +5778,11 @@ class RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeList(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -5212,6 +5795,11 @@ class RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeList(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -5251,9 +5839,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -5292,9 +5882,11 @@ class RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeJSONTypedDict(TypedD manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] @@ -5320,11 +5912,16 @@ class RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeJSON(BaseModel): discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -5375,6 +5972,7 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", @@ -5436,6 +6034,8 @@ class RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeHTTPDiscoverMethodOt enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -5501,6 +6101,11 @@ class RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeHTTPDiscoverMethodOt ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -5542,6 +6147,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -5594,6 +6200,8 @@ class RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeHTTPDiscoverMethodPo enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -5651,6 +6259,11 @@ class RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeHTTPDiscoverMethodPo ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -5690,6 +6303,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -5743,6 +6357,8 @@ class RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeHTTPDiscoverMethodPo enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -5802,6 +6418,11 @@ class RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeHTTPDiscoverMethodPo ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -5842,6 +6463,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -5895,6 +6517,8 @@ class RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeHTTPDiscoverMethodGe enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -5954,6 +6578,11 @@ class RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeHTTPDiscoverMethodGe ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -5994,6 +6623,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -6066,9 +6696,9 @@ class UnknownRestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeHTTP(BaseMode RestAuthenticationGoogleOauthDiscoveryTypedDict = TypeAliasType( "RestAuthenticationGoogleOauthDiscoveryTypedDict", Union[ + RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeJSONTypedDict, RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeListTypedDict, RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeNoneTypedDict, - RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeJSONTypedDict, RestAuthenticationGoogleOauthRestDiscoveryDiscoverTypeHTTPTypedDict, ], ) @@ -6411,6 +7041,10 @@ class RestAuthenticationGoogleOauthRestPaginationTypeResponseHeaderLinkTypedDict r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -6456,6 +7090,14 @@ class RestAuthenticationGoogleOauthRestPaginationTypeResponseHeaderLink(BaseMode limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -6494,6 +7136,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -6549,6 +7193,10 @@ class RestAuthenticationGoogleOauthRestPaginationTypeResponseHeaderTypedDict(Typ r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -6599,6 +7247,14 @@ class RestAuthenticationGoogleOauthRestPaginationTypeResponseHeader(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -6638,6 +7294,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -6695,6 +7353,10 @@ class RestAuthenticationGoogleOauthRestPaginationTypeResponseBodyTypedDict(Typed r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -6745,6 +7407,14 @@ class RestAuthenticationGoogleOauthRestPaginationTypeResponseBody(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -6784,6 +7454,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -6807,6 +7479,8 @@ def serialize_model(self, handler): class RestAuthenticationGoogleOauthRestPaginationTypeNoneTypedDict(TypedDict): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: NotRequired[float] + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" last_page_expr: NotRequired[str] r"""JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section.""" next_relation_attribute: NotRequired[str] @@ -6821,6 +7495,10 @@ class RestAuthenticationGoogleOauthRestPaginationTypeNoneTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -6836,6 +7514,9 @@ class RestAuthenticationGoogleOauthRestPaginationTypeNoneTypedDict(TypedDict): class RestAuthenticationGoogleOauthRestPaginationTypeNone(BaseModel): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: Annotated[Optional[float], pydantic.Field(alias="maxPages")] = None + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" + last_page_expr: Annotated[Optional[str], pydantic.Field(alias="lastPageExpr")] = ( None ) @@ -6863,6 +7544,14 @@ class RestAuthenticationGoogleOauthRestPaginationTypeNone(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -6895,6 +7584,7 @@ def serialize_type(self, value): def serialize_model(self, handler): optional_fields = set( [ + "maxPages", "lastPageExpr", "nextRelationAttribute", "curRelationAttribute", @@ -6902,6 +7592,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -6928,10 +7620,10 @@ def serialize_model(self, handler): Union[ RestAuthenticationGoogleOauthRestPaginationTypeNoneTypedDict, RestAuthenticationGoogleOauthRestPaginationTypeResponseHeaderLinkTypedDict, - RestAuthenticationGoogleOauthRestPaginationTypeResponseBodyTypedDict, - RestAuthenticationGoogleOauthRestPaginationTypeResponseHeaderTypedDict, RestAuthenticationGoogleOauthRestPaginationTypeRequestOffsetTypedDict, RestAuthenticationGoogleOauthRestPaginationTypeRequestPageTypedDict, + RestAuthenticationGoogleOauthRestPaginationTypeResponseBodyTypedDict, + RestAuthenticationGoogleOauthRestPaginationTypeResponseHeaderTypedDict, ], ) @@ -7324,6 +8016,10 @@ class RestAuthenticationGoogleOauthTypedDict(TypedDict): collect_url: str r"""URL (constant or JavaScript expression) to use for the Collect operation""" collect_method: RestAuthenticationGoogleOauthCollectMethod + template_service_account_credentials: NotRequired[str] + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + template_subject: NotRequired[str] + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" discovery: NotRequired[RestAuthenticationGoogleOauthDiscoveryTypedDict] collect_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] @@ -7353,8 +8049,43 @@ class RestAuthenticationGoogleOauthTypedDict(TypedDict): ] r"""Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable.""" scheduling: NotRequired[RestAuthenticationGoogleOauthSchedulingTypedDict] + username: NotRequired[str] + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: NotRequired[str] + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" + login_url: NotRequired[str] + r"""URL to use for login API call. This call is expected to be a POST.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + get_auth_token_from_header: NotRequired[bool] + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + auth_header_key: NotRequired[str] + r"""Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'.""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + auth_request_headers: NotRequired[ + List[CollectRequestParamConfRestCollectMethodGetTypedDict] + ] + token_resp_attribute: NotRequired[str] + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + client_secret_param_name: NotRequired[str] + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" client_secret_param_value: NotRequired[str] r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: NotRequired[str] + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + auth_request_params: NotRequired[ + List[CollectRequestParamConfRestCollectMethodGetTypedDict] + ] + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + text_secret: NotRequired[str] + r"""Select or create a text secret that contains the client secret's value""" hmac_function_id: NotRequired[str] r"""Select or create an HMAC Function to use with authentication""" template_collect_url: NotRequired[str] @@ -7384,6 +8115,16 @@ class RestAuthenticationGoogleOauth(BaseModel): pydantic.Field(alias="collectMethod"), ] + template_service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="__template_serviceAccountCredentials") + ] = None + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + + template_subject: Annotated[ + Optional[str], pydantic.Field(alias="__template_subject") + ] = None + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" + discovery: Optional[RestAuthenticationGoogleOauthDiscovery] = None collect_request_headers: Annotated[ @@ -7450,11 +8191,85 @@ class RestAuthenticationGoogleOauth(BaseModel): pydantic.Field(alias="__scheduling"), ] = None + username: Optional[str] = None + + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + password: Optional[str] = None + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL to use for login API call. This call is expected to be a POST.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + + get_auth_token_from_header: Annotated[ + Optional[bool], pydantic.Field(alias="getAuthTokenFromHeader") + ] = None + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + + auth_header_key: Annotated[Optional[str], pydantic.Field(alias="authHeaderKey")] = ( + None + ) + r"""Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'.""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + + auth_request_headers: Annotated[ + Optional[List[CollectRequestParamConfRestCollectMethodGet]], + pydantic.Field(alias="authRequestHeaders"), + ] = None + + token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="tokenRespAttribute") + ] = None + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + + client_secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="clientSecretParamName") + ] = None + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" + client_secret_param_value: Annotated[ Optional[str], pydantic.Field(alias="clientSecretParamValue") ] = None r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientSecretParamValue") + ] = None + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + + auth_request_params: Annotated[ + Optional[List[CollectRequestParamConfRestCollectMethodGet]], + pydantic.Field(alias="authRequestParams"), + ] = None + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a text secret that contains the client secret's value""" + hmac_function_id: Annotated[ Optional[str], pydantic.Field(alias="hmacFunctionId") ] = None @@ -7487,6 +8302,8 @@ def serialize_collect_method(self, value): def serialize_model(self, handler): optional_fields = set( [ + "__template_serviceAccountCredentials", + "__template_subject", "discovery", "collectRequestHeaders", "pagination", @@ -7502,7 +8319,24 @@ def serialize_model(self, handler): "retryRules", "microsoftGraphDelta", "__scheduling", + "username", + "__template_username", + "password", + "__template_password", + "credentialsSecret", + "loginUrl", + "__template_loginUrl", + "loginBody", + "getAuthTokenFromHeader", + "authHeaderKey", + "authHeaderExpr", + "authRequestHeaders", + "tokenRespAttribute", + "clientSecretParamName", "clientSecretParamValue", + "__template_clientSecretParamValue", + "authRequestParams", + "textSecret", "hmacFunctionId", "__template_collectUrl", ] @@ -7556,11 +8390,15 @@ class RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeNoneTypedDict(TypedD r"""Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -7580,6 +8418,11 @@ class RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeNone(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -7592,6 +8435,11 @@ class RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeNone(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -7634,9 +8482,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -7677,11 +8527,15 @@ class RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeListTypedDict(TypedD r"""Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -7702,6 +8556,11 @@ class RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeList(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -7714,6 +8573,11 @@ class RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeList(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -7753,9 +8617,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -7794,9 +8660,11 @@ class RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeJSONTypedDict(TypedD manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] @@ -7822,11 +8690,16 @@ class RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeJSON(BaseModel): discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -7877,6 +8750,7 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", @@ -7938,6 +8812,8 @@ class RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodOt enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -8003,6 +8879,11 @@ class RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodOt ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -8044,6 +8925,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -8096,6 +8978,8 @@ class RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodPo enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -8153,6 +9037,11 @@ class RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodPo ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -8192,6 +9081,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -8245,6 +9135,8 @@ class RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodPo enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -8304,6 +9196,11 @@ class RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodPo ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -8344,6 +9241,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -8397,6 +9295,8 @@ class RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodGe enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -8456,6 +9356,11 @@ class RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeHTTPDiscoverMethodGe ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -8496,6 +9401,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -8568,9 +9474,9 @@ class UnknownRestAuthenticationOauthSecretRestDiscoveryDiscoverTypeHTTP(BaseMode RestAuthenticationOauthSecretDiscoveryTypedDict = TypeAliasType( "RestAuthenticationOauthSecretDiscoveryTypedDict", Union[ + RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeJSONTypedDict, RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeListTypedDict, RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeNoneTypedDict, - RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeJSONTypedDict, RestAuthenticationOauthSecretRestDiscoveryDiscoverTypeHTTPTypedDict, ], ) @@ -8913,6 +9819,10 @@ class RestAuthenticationOauthSecretRestPaginationTypeResponseHeaderLinkTypedDict r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -8958,6 +9868,14 @@ class RestAuthenticationOauthSecretRestPaginationTypeResponseHeaderLink(BaseMode limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -8996,6 +9914,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -9051,6 +9971,10 @@ class RestAuthenticationOauthSecretRestPaginationTypeResponseHeaderTypedDict(Typ r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -9101,6 +10025,14 @@ class RestAuthenticationOauthSecretRestPaginationTypeResponseHeader(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -9140,6 +10072,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -9197,6 +10131,10 @@ class RestAuthenticationOauthSecretRestPaginationTypeResponseBodyTypedDict(Typed r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -9247,6 +10185,14 @@ class RestAuthenticationOauthSecretRestPaginationTypeResponseBody(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -9286,6 +10232,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -9309,6 +10257,8 @@ def serialize_model(self, handler): class RestAuthenticationOauthSecretRestPaginationTypeNoneTypedDict(TypedDict): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: NotRequired[float] + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" last_page_expr: NotRequired[str] r"""JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section.""" next_relation_attribute: NotRequired[str] @@ -9323,6 +10273,10 @@ class RestAuthenticationOauthSecretRestPaginationTypeNoneTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -9338,6 +10292,9 @@ class RestAuthenticationOauthSecretRestPaginationTypeNoneTypedDict(TypedDict): class RestAuthenticationOauthSecretRestPaginationTypeNone(BaseModel): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: Annotated[Optional[float], pydantic.Field(alias="maxPages")] = None + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" + last_page_expr: Annotated[Optional[str], pydantic.Field(alias="lastPageExpr")] = ( None ) @@ -9365,6 +10322,14 @@ class RestAuthenticationOauthSecretRestPaginationTypeNone(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -9397,6 +10362,7 @@ def serialize_type(self, value): def serialize_model(self, handler): optional_fields = set( [ + "maxPages", "lastPageExpr", "nextRelationAttribute", "curRelationAttribute", @@ -9404,6 +10370,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -9430,10 +10398,10 @@ def serialize_model(self, handler): Union[ RestAuthenticationOauthSecretRestPaginationTypeNoneTypedDict, RestAuthenticationOauthSecretRestPaginationTypeResponseHeaderLinkTypedDict, - RestAuthenticationOauthSecretRestPaginationTypeResponseBodyTypedDict, - RestAuthenticationOauthSecretRestPaginationTypeResponseHeaderTypedDict, RestAuthenticationOauthSecretRestPaginationTypeRequestOffsetTypedDict, RestAuthenticationOauthSecretRestPaginationTypeRequestPageTypedDict, + RestAuthenticationOauthSecretRestPaginationTypeResponseBodyTypedDict, + RestAuthenticationOauthSecretRestPaginationTypeResponseHeaderTypedDict, ], ) @@ -9818,9 +10786,9 @@ class RestAuthenticationOauthSecretTypedDict(TypedDict): authentication: RestAuthenticationOauthSecretAuthentication r"""Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers.""" login_url: str - r"""URL to use for the OAuth API call. This call is expected to be a POST.""" + r"""URL to use for login API call. This call is expected to be a POST.""" auth_header_expr: str - r"""JavaScript expression to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" client_secret_param_name: str r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" text_secret: str @@ -9868,10 +10836,34 @@ class RestAuthenticationOauthSecretTypedDict(TypedDict): ] r"""Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable.""" scheduling: NotRequired[RestAuthenticationOauthSecretSchedulingTypedDict] + username: NotRequired[str] + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: NotRequired[str] + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + get_auth_token_from_header: NotRequired[bool] + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" client_secret_param_value: NotRequired[str] r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: NotRequired[str] + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + scopes: NotRequired[List[str]] + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" service_account_credentials: NotRequired[str] r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: NotRequired[str] + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + subject: NotRequired[str] + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + template_subject: NotRequired[str] + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" hmac_function_id: NotRequired[str] r"""Select or create an HMAC Function to use with authentication""" template_collect_url: NotRequired[str] @@ -9883,10 +10875,10 @@ class RestAuthenticationOauthSecret(BaseModel): r"""Authentication method for Discover and Collect REST calls. You can specify API key–based authentication by adding the appropriate Collect headers.""" login_url: Annotated[str, pydantic.Field(alias="loginUrl")] - r"""URL to use for the OAuth API call. This call is expected to be a POST.""" + r"""URL to use for login API call. This call is expected to be a POST.""" auth_header_expr: Annotated[str, pydantic.Field(alias="authHeaderExpr")] - r"""JavaScript expression to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" client_secret_param_name: Annotated[ str, pydantic.Field(alias="clientSecretParamName") @@ -9991,16 +10983,69 @@ class RestAuthenticationOauthSecret(BaseModel): pydantic.Field(alias="__scheduling"), ] = None + username: Optional[str] = None + + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + password: Optional[str] = None + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + + get_auth_token_from_header: Annotated[ + Optional[bool], pydantic.Field(alias="getAuthTokenFromHeader") + ] = None + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + client_secret_param_value: Annotated[ Optional[str], pydantic.Field(alias="clientSecretParamValue") ] = None r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientSecretParamValue") + ] = None + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + + scopes: Optional[List[str]] = None + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" + service_account_credentials: Annotated[ Optional[str], pydantic.Field(alias="serviceAccountCredentials") ] = None r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="__template_serviceAccountCredentials") + ] = None + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + + subject: Optional[str] = None + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + + template_subject: Annotated[ + Optional[str], pydantic.Field(alias="__template_subject") + ] = None + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" + hmac_function_id: Annotated[ Optional[str], pydantic.Field(alias="hmacFunctionId") ] = None @@ -10052,8 +11097,21 @@ def serialize_model(self, handler): "retryRules", "microsoftGraphDelta", "__scheduling", + "username", + "__template_username", + "password", + "__template_password", + "credentialsSecret", + "__template_loginUrl", + "loginBody", + "getAuthTokenFromHeader", "clientSecretParamValue", + "__template_clientSecretParamValue", + "scopes", "serviceAccountCredentials", + "__template_serviceAccountCredentials", + "subject", + "__template_subject", "hmacFunctionId", "__template_collectUrl", ] @@ -10103,11 +11161,15 @@ class RestAuthenticationOauthRestDiscoveryDiscoverTypeNoneTypedDict(TypedDict): r"""Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -10127,6 +11189,11 @@ class RestAuthenticationOauthRestDiscoveryDiscoverTypeNone(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -10139,6 +11206,11 @@ class RestAuthenticationOauthRestDiscoveryDiscoverTypeNone(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -10181,9 +11253,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -10222,11 +11296,15 @@ class RestAuthenticationOauthRestDiscoveryDiscoverTypeListTypedDict(TypedDict): r"""Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -10247,6 +11325,11 @@ class RestAuthenticationOauthRestDiscoveryDiscoverTypeList(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -10259,6 +11342,11 @@ class RestAuthenticationOauthRestDiscoveryDiscoverTypeList(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -10298,9 +11386,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -10337,9 +11427,11 @@ class RestAuthenticationOauthRestDiscoveryDiscoverTypeJSONTypedDict(TypedDict): manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] @@ -10365,11 +11457,16 @@ class RestAuthenticationOauthRestDiscoveryDiscoverTypeJSON(BaseModel): discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -10420,6 +11517,7 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", @@ -10481,6 +11579,8 @@ class RestAuthenticationOauthRestDiscoveryDiscoverTypeHTTPDiscoverMethodOtherTyp enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -10546,6 +11646,11 @@ class RestAuthenticationOauthRestDiscoveryDiscoverTypeHTTPDiscoverMethodOther( ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -10587,6 +11692,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] diff --git a/src/cribl_control_plane/models/restcollectmethodpost_restretryrulestypenone.py b/src/cribl_control_plane/models/restcollectmethodpost_restretryrulestypenone.py index 8f5c15b31..ccf8d5496 100644 --- a/src/cribl_control_plane/models/restcollectmethodpost_restretryrulestypenone.py +++ b/src/cribl_control_plane/models/restcollectmethodpost_restretryrulestypenone.py @@ -58,6 +58,10 @@ class RestAuthenticationBasicRestPaginationTypeResponseHeaderLinkTypedDict(Typed r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -103,6 +107,14 @@ class RestAuthenticationBasicRestPaginationTypeResponseHeaderLink(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -141,6 +153,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -198,6 +212,10 @@ class RestAuthenticationBasicRestPaginationTypeResponseHeaderTypedDict(TypedDict r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -246,6 +264,14 @@ class RestAuthenticationBasicRestPaginationTypeResponseHeader(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -285,6 +311,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -342,6 +370,10 @@ class RestAuthenticationBasicRestPaginationTypeResponseBodyTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -390,6 +422,14 @@ class RestAuthenticationBasicRestPaginationTypeResponseBody(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -429,6 +469,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -452,6 +494,8 @@ def serialize_model(self, handler): class RestAuthenticationBasicRestPaginationTypeNoneTypedDict(TypedDict): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: NotRequired[float] + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" last_page_expr: NotRequired[str] r"""JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section.""" next_relation_attribute: NotRequired[str] @@ -466,6 +510,10 @@ class RestAuthenticationBasicRestPaginationTypeNoneTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -481,6 +529,9 @@ class RestAuthenticationBasicRestPaginationTypeNoneTypedDict(TypedDict): class RestAuthenticationBasicRestPaginationTypeNone(BaseModel): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: Annotated[Optional[float], pydantic.Field(alias="maxPages")] = None + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" + last_page_expr: Annotated[Optional[str], pydantic.Field(alias="lastPageExpr")] = ( None ) @@ -508,6 +559,14 @@ class RestAuthenticationBasicRestPaginationTypeNone(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -540,6 +599,7 @@ def serialize_type(self, value): def serialize_model(self, handler): optional_fields = set( [ + "maxPages", "lastPageExpr", "nextRelationAttribute", "curRelationAttribute", @@ -547,6 +607,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -573,10 +635,10 @@ def serialize_model(self, handler): Union[ RestAuthenticationBasicRestPaginationTypeNoneTypedDict, RestAuthenticationBasicRestPaginationTypeResponseHeaderLinkTypedDict, - RestAuthenticationBasicRestPaginationTypeResponseBodyTypedDict, - RestAuthenticationBasicRestPaginationTypeResponseHeaderTypedDict, RestAuthenticationBasicRestPaginationTypeRequestOffsetTypedDict, RestAuthenticationBasicRestPaginationTypeRequestPageTypedDict, + RestAuthenticationBasicRestPaginationTypeResponseBodyTypedDict, + RestAuthenticationBasicRestPaginationTypeResponseHeaderTypedDict, ], ) @@ -994,10 +1056,51 @@ class RestAuthenticationBasicTypedDict(TypedDict): ] r"""Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable.""" scheduling: NotRequired[RestAuthenticationBasicSchedulingTypedDict] + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" + login_url: NotRequired[str] + r"""URL to use for login API call. This call is expected to be a POST.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + get_auth_token_from_header: NotRequired[bool] + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + auth_header_key: NotRequired[str] + r"""Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'.""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + auth_request_headers: NotRequired[ + List[CollectRequestParamConfRestCollectMethodGetTypedDict] + ] + token_resp_attribute: NotRequired[str] + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + client_secret_param_name: NotRequired[str] + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" client_secret_param_value: NotRequired[str] r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: NotRequired[str] + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + auth_request_params: NotRequired[ + List[CollectRequestParamConfRestCollectMethodGetTypedDict] + ] + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + text_secret: NotRequired[str] + r"""Select or create a text secret that contains the client secret's value""" + scopes: NotRequired[List[str]] + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" service_account_credentials: NotRequired[str] r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: NotRequired[str] + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + subject: NotRequired[str] + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + template_subject: NotRequired[str] + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" hmac_function_id: NotRequired[str] r"""Select or create an HMAC Function to use with authentication""" template_collect_url: NotRequired[str] @@ -1084,16 +1187,102 @@ class RestAuthenticationBasic(BaseModel): pydantic.Field(alias="__scheduling"), ] = None + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL to use for login API call. This call is expected to be a POST.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + + get_auth_token_from_header: Annotated[ + Optional[bool], pydantic.Field(alias="getAuthTokenFromHeader") + ] = None + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + + auth_header_key: Annotated[Optional[str], pydantic.Field(alias="authHeaderKey")] = ( + None + ) + r"""Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'.""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + + auth_request_headers: Annotated[ + Optional[List[CollectRequestParamConfRestCollectMethodGet]], + pydantic.Field(alias="authRequestHeaders"), + ] = None + + token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="tokenRespAttribute") + ] = None + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + + client_secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="clientSecretParamName") + ] = None + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" + client_secret_param_value: Annotated[ Optional[str], pydantic.Field(alias="clientSecretParamValue") ] = None r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientSecretParamValue") + ] = None + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + + auth_request_params: Annotated[ + Optional[List[CollectRequestParamConfRestCollectMethodGet]], + pydantic.Field(alias="authRequestParams"), + ] = None + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a text secret that contains the client secret's value""" + + scopes: Optional[List[str]] = None + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" + service_account_credentials: Annotated[ Optional[str], pydantic.Field(alias="serviceAccountCredentials") ] = None r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="__template_serviceAccountCredentials") + ] = None + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + + subject: Optional[str] = None + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + + template_subject: Annotated[ + Optional[str], pydantic.Field(alias="__template_subject") + ] = None + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" + hmac_function_id: Annotated[ Optional[str], pydantic.Field(alias="hmacFunctionId") ] = None @@ -1141,8 +1330,27 @@ def serialize_model(self, handler): "retryRules", "microsoftGraphDelta", "__scheduling", + "__template_username", + "__template_password", + "credentialsSecret", + "loginUrl", + "__template_loginUrl", + "loginBody", + "getAuthTokenFromHeader", + "authHeaderKey", + "authHeaderExpr", + "authRequestHeaders", + "tokenRespAttribute", + "clientSecretParamName", "clientSecretParamValue", + "__template_clientSecretParamValue", + "authRequestParams", + "textSecret", + "scopes", "serviceAccountCredentials", + "__template_serviceAccountCredentials", + "subject", + "__template_subject", "hmacFunctionId", "__template_collectUrl", ] @@ -1192,11 +1400,15 @@ class RestAuthenticationNoneRestDiscoveryDiscoverTypeNoneTypedDict(TypedDict): r"""Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -1216,6 +1428,11 @@ class RestAuthenticationNoneRestDiscoveryDiscoverTypeNone(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -1228,6 +1445,11 @@ class RestAuthenticationNoneRestDiscoveryDiscoverTypeNone(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -1270,9 +1492,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -1311,11 +1535,15 @@ class RestAuthenticationNoneRestDiscoveryDiscoverTypeListTypedDict(TypedDict): r"""Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -1336,6 +1564,11 @@ class RestAuthenticationNoneRestDiscoveryDiscoverTypeList(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -1348,6 +1581,11 @@ class RestAuthenticationNoneRestDiscoveryDiscoverTypeList(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -1387,9 +1625,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -1426,9 +1666,11 @@ class RestAuthenticationNoneRestDiscoveryDiscoverTypeJSONTypedDict(TypedDict): manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] @@ -1454,11 +1696,16 @@ class RestAuthenticationNoneRestDiscoveryDiscoverTypeJSON(BaseModel): discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -1509,6 +1756,7 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", @@ -1570,6 +1818,8 @@ class RestAuthenticationNoneRestDiscoveryDiscoverTypeHTTPDiscoverMethodOtherType enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -1633,6 +1883,11 @@ class RestAuthenticationNoneRestDiscoveryDiscoverTypeHTTPDiscoverMethodOther(Bas ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -1674,6 +1929,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -1726,6 +1982,8 @@ class RestAuthenticationNoneRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostWithB enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -1783,6 +2041,11 @@ class RestAuthenticationNoneRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostWithB ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -1822,6 +2085,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -1875,6 +2139,8 @@ class RestAuthenticationNoneRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostTyped enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -1932,6 +2198,11 @@ class RestAuthenticationNoneRestDiscoveryDiscoverTypeHTTPDiscoverMethodPost(Base ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -1972,6 +2243,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -2027,6 +2299,8 @@ class RestAuthenticationNoneRestDiscoveryDiscoverTypeHTTPDiscoverMethodGetTypedD enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -2084,6 +2358,11 @@ class RestAuthenticationNoneRestDiscoveryDiscoverTypeHTTPDiscoverMethodGet(BaseM ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -2124,6 +2403,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -2194,9 +2474,9 @@ class UnknownRestAuthenticationNoneRestDiscoveryDiscoverTypeHTTP(BaseModel): RestAuthenticationNoneDiscoveryTypedDict = TypeAliasType( "RestAuthenticationNoneDiscoveryTypedDict", Union[ + RestAuthenticationNoneRestDiscoveryDiscoverTypeJSONTypedDict, RestAuthenticationNoneRestDiscoveryDiscoverTypeListTypedDict, RestAuthenticationNoneRestDiscoveryDiscoverTypeNoneTypedDict, - RestAuthenticationNoneRestDiscoveryDiscoverTypeJSONTypedDict, RestAuthenticationNoneRestDiscoveryDiscoverTypeHTTPTypedDict, ], ) @@ -2535,6 +2815,10 @@ class RestAuthenticationNoneRestPaginationTypeResponseHeaderLinkTypedDict(TypedD r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -2580,6 +2864,14 @@ class RestAuthenticationNoneRestPaginationTypeResponseHeaderLink(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -2618,6 +2910,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -2675,6 +2969,10 @@ class RestAuthenticationNoneRestPaginationTypeResponseHeaderTypedDict(TypedDict) r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -2723,6 +3021,14 @@ class RestAuthenticationNoneRestPaginationTypeResponseHeader(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -2762,6 +3068,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -2819,6 +3127,10 @@ class RestAuthenticationNoneRestPaginationTypeResponseBodyTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -2867,6 +3179,14 @@ class RestAuthenticationNoneRestPaginationTypeResponseBody(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -2906,6 +3226,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -2929,6 +3251,8 @@ def serialize_model(self, handler): class RestAuthenticationNoneRestPaginationTypeNoneTypedDict(TypedDict): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: NotRequired[float] + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" last_page_expr: NotRequired[str] r"""JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section.""" next_relation_attribute: NotRequired[str] @@ -2943,6 +3267,10 @@ class RestAuthenticationNoneRestPaginationTypeNoneTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -2958,6 +3286,9 @@ class RestAuthenticationNoneRestPaginationTypeNoneTypedDict(TypedDict): class RestAuthenticationNoneRestPaginationTypeNone(BaseModel): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: Annotated[Optional[float], pydantic.Field(alias="maxPages")] = None + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" + last_page_expr: Annotated[Optional[str], pydantic.Field(alias="lastPageExpr")] = ( None ) @@ -2985,6 +3316,14 @@ class RestAuthenticationNoneRestPaginationTypeNone(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -3017,6 +3356,7 @@ def serialize_type(self, value): def serialize_model(self, handler): optional_fields = set( [ + "maxPages", "lastPageExpr", "nextRelationAttribute", "curRelationAttribute", @@ -3024,6 +3364,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -3050,10 +3392,10 @@ def serialize_model(self, handler): Union[ RestAuthenticationNoneRestPaginationTypeNoneTypedDict, RestAuthenticationNoneRestPaginationTypeResponseHeaderLinkTypedDict, - RestAuthenticationNoneRestPaginationTypeResponseBodyTypedDict, - RestAuthenticationNoneRestPaginationTypeResponseHeaderTypedDict, RestAuthenticationNoneRestPaginationTypeRequestOffsetTypedDict, RestAuthenticationNoneRestPaginationTypeRequestPageTypedDict, + RestAuthenticationNoneRestPaginationTypeResponseBodyTypedDict, + RestAuthenticationNoneRestPaginationTypeResponseHeaderTypedDict, ], ) @@ -3469,10 +3811,53 @@ class RestAuthenticationNoneTypedDict(TypedDict): ] r"""Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable.""" scheduling: NotRequired[RestAuthenticationNoneSchedulingTypedDict] + username: NotRequired[str] + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: NotRequired[str] + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" + login_url: NotRequired[str] + r"""URL to use for login API call. This call is expected to be a POST.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + get_auth_token_from_header: NotRequired[bool] + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + auth_header_key: NotRequired[str] + r"""Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'.""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + auth_request_headers: NotRequired[ + List[CollectRequestParamConfRestCollectMethodGetTypedDict] + ] + token_resp_attribute: NotRequired[str] + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + client_secret_param_name: NotRequired[str] + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" client_secret_param_value: NotRequired[str] r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: NotRequired[str] + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + auth_request_params: NotRequired[ + List[CollectRequestParamConfRestCollectMethodGetTypedDict] + ] + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + text_secret: NotRequired[str] + r"""Select or create a text secret that contains the client secret's value""" + scopes: NotRequired[List[str]] + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" service_account_credentials: NotRequired[str] r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: NotRequired[str] + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + subject: NotRequired[str] + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + template_subject: NotRequired[str] + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" hmac_function_id: NotRequired[str] r"""Select or create an HMAC Function to use with authentication""" template_collect_url: NotRequired[str] @@ -3554,16 +3939,106 @@ class RestAuthenticationNone(BaseModel): Optional[RestAuthenticationNoneScheduling], pydantic.Field(alias="__scheduling") ] = None + username: Optional[str] = None + + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + password: Optional[str] = None + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL to use for login API call. This call is expected to be a POST.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + + get_auth_token_from_header: Annotated[ + Optional[bool], pydantic.Field(alias="getAuthTokenFromHeader") + ] = None + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + + auth_header_key: Annotated[Optional[str], pydantic.Field(alias="authHeaderKey")] = ( + None + ) + r"""Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'.""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + + auth_request_headers: Annotated[ + Optional[List[CollectRequestParamConfRestCollectMethodGet]], + pydantic.Field(alias="authRequestHeaders"), + ] = None + + token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="tokenRespAttribute") + ] = None + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + + client_secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="clientSecretParamName") + ] = None + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" + client_secret_param_value: Annotated[ Optional[str], pydantic.Field(alias="clientSecretParamValue") ] = None r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientSecretParamValue") + ] = None + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + + auth_request_params: Annotated[ + Optional[List[CollectRequestParamConfRestCollectMethodGet]], + pydantic.Field(alias="authRequestParams"), + ] = None + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a text secret that contains the client secret's value""" + + scopes: Optional[List[str]] = None + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" + service_account_credentials: Annotated[ Optional[str], pydantic.Field(alias="serviceAccountCredentials") ] = None r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="__template_serviceAccountCredentials") + ] = None + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + + subject: Optional[str] = None + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + + template_subject: Annotated[ + Optional[str], pydantic.Field(alias="__template_subject") + ] = None + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" + hmac_function_id: Annotated[ Optional[str], pydantic.Field(alias="hmacFunctionId") ] = None @@ -3611,8 +4086,29 @@ def serialize_model(self, handler): "retryRules", "microsoftGraphDelta", "__scheduling", + "username", + "__template_username", + "password", + "__template_password", + "credentialsSecret", + "loginUrl", + "__template_loginUrl", + "loginBody", + "getAuthTokenFromHeader", + "authHeaderKey", + "authHeaderExpr", + "authRequestHeaders", + "tokenRespAttribute", + "clientSecretParamName", "clientSecretParamValue", + "__template_clientSecretParamValue", + "authRequestParams", + "textSecret", + "scopes", "serviceAccountCredentials", + "__template_serviceAccountCredentials", + "subject", + "__template_subject", "hmacFunctionId", "__template_collectUrl", ] @@ -3658,11 +4154,15 @@ class RestCollectMethodOtherRestDiscoveryDiscoverTypeNoneTypedDict(TypedDict): r"""Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -3682,6 +4182,11 @@ class RestCollectMethodOtherRestDiscoveryDiscoverTypeNone(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -3694,6 +4199,11 @@ class RestCollectMethodOtherRestDiscoveryDiscoverTypeNone(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -3736,9 +4246,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -3777,11 +4289,15 @@ class RestCollectMethodOtherRestDiscoveryDiscoverTypeListTypedDict(TypedDict): r"""Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -3802,6 +4318,11 @@ class RestCollectMethodOtherRestDiscoveryDiscoverTypeList(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -3814,6 +4335,11 @@ class RestCollectMethodOtherRestDiscoveryDiscoverTypeList(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -3853,9 +4379,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -3892,9 +4420,11 @@ class RestCollectMethodOtherRestDiscoveryDiscoverTypeJSONTypedDict(TypedDict): manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] @@ -3920,11 +4450,16 @@ class RestCollectMethodOtherRestDiscoveryDiscoverTypeJSON(BaseModel): discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -3975,6 +4510,7 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", @@ -4036,6 +4572,8 @@ class RestCollectMethodOtherRestDiscoveryDiscoverTypeHTTPDiscoverMethodOtherType enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -4099,6 +4637,11 @@ class RestCollectMethodOtherRestDiscoveryDiscoverTypeHTTPDiscoverMethodOther(Bas ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -4140,6 +4683,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -4192,6 +4736,8 @@ class RestCollectMethodOtherRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostWithB enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -4249,6 +4795,11 @@ class RestCollectMethodOtherRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostWithB ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -4288,6 +4839,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -4341,6 +4893,8 @@ class RestCollectMethodOtherRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostTyped enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -4398,6 +4952,11 @@ class RestCollectMethodOtherRestDiscoveryDiscoverTypeHTTPDiscoverMethodPost(Base ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -4438,6 +4997,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -4493,6 +5053,8 @@ class RestCollectMethodOtherRestDiscoveryDiscoverTypeHTTPDiscoverMethodGetTypedD enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -4550,6 +5112,11 @@ class RestCollectMethodOtherRestDiscoveryDiscoverTypeHTTPDiscoverMethodGet(BaseM ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -4590,6 +5157,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -4662,9 +5230,9 @@ class UnknownRestCollectMethodOtherRestDiscoveryDiscoverTypeHTTP(BaseModel): RestCollectMethodOtherDiscoveryTypedDict = TypeAliasType( "RestCollectMethodOtherDiscoveryTypedDict", Union[ + RestCollectMethodOtherRestDiscoveryDiscoverTypeJSONTypedDict, RestCollectMethodOtherRestDiscoveryDiscoverTypeListTypedDict, RestCollectMethodOtherRestDiscoveryDiscoverTypeNoneTypedDict, - RestCollectMethodOtherRestDiscoveryDiscoverTypeJSONTypedDict, RestCollectMethodOtherRestDiscoveryDiscoverTypeHTTPTypedDict, ], ) @@ -4992,6 +5560,10 @@ class RestCollectMethodOtherRestPaginationTypeResponseHeaderLinkTypedDict(TypedD r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -5037,6 +5609,14 @@ class RestCollectMethodOtherRestPaginationTypeResponseHeaderLink(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -5075,6 +5655,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -5132,6 +5714,10 @@ class RestCollectMethodOtherRestPaginationTypeResponseHeaderTypedDict(TypedDict) r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -5180,6 +5766,14 @@ class RestCollectMethodOtherRestPaginationTypeResponseHeader(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -5219,6 +5813,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -5276,6 +5872,10 @@ class RestCollectMethodOtherRestPaginationTypeResponseBodyTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -5324,6 +5924,14 @@ class RestCollectMethodOtherRestPaginationTypeResponseBody(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -5363,6 +5971,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -5386,6 +5996,8 @@ def serialize_model(self, handler): class RestCollectMethodOtherRestPaginationTypeNoneTypedDict(TypedDict): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: NotRequired[float] + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" last_page_expr: NotRequired[str] r"""JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section.""" next_relation_attribute: NotRequired[str] @@ -5400,6 +6012,10 @@ class RestCollectMethodOtherRestPaginationTypeNoneTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -5415,6 +6031,9 @@ class RestCollectMethodOtherRestPaginationTypeNoneTypedDict(TypedDict): class RestCollectMethodOtherRestPaginationTypeNone(BaseModel): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: Annotated[Optional[float], pydantic.Field(alias="maxPages")] = None + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" + last_page_expr: Annotated[Optional[str], pydantic.Field(alias="lastPageExpr")] = ( None ) @@ -5442,6 +6061,14 @@ class RestCollectMethodOtherRestPaginationTypeNone(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -5474,6 +6101,7 @@ def serialize_type(self, value): def serialize_model(self, handler): optional_fields = set( [ + "maxPages", "lastPageExpr", "nextRelationAttribute", "curRelationAttribute", @@ -5481,6 +6109,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -5507,10 +6137,10 @@ def serialize_model(self, handler): Union[ RestCollectMethodOtherRestPaginationTypeNoneTypedDict, RestCollectMethodOtherRestPaginationTypeResponseHeaderLinkTypedDict, - RestCollectMethodOtherRestPaginationTypeResponseBodyTypedDict, - RestCollectMethodOtherRestPaginationTypeResponseHeaderTypedDict, RestCollectMethodOtherRestPaginationTypeRequestOffsetTypedDict, RestCollectMethodOtherRestPaginationTypeRequestPageTypedDict, + RestCollectMethodOtherRestPaginationTypeResponseBodyTypedDict, + RestCollectMethodOtherRestPaginationTypeResponseHeaderTypedDict, ], ) @@ -5948,10 +6578,53 @@ class RestCollectMethodOtherTypedDict(TypedDict): ] r"""Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable.""" scheduling: NotRequired[RestCollectMethodOtherSchedulingTypedDict] + username: NotRequired[str] + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: NotRequired[str] + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" + login_url: NotRequired[str] + r"""URL to use for login API call. This call is expected to be a POST.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + get_auth_token_from_header: NotRequired[bool] + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + auth_header_key: NotRequired[str] + r"""Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'.""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + auth_request_headers: NotRequired[ + List[CollectRequestParamConfRestCollectMethodGetTypedDict] + ] + token_resp_attribute: NotRequired[str] + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + client_secret_param_name: NotRequired[str] + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" client_secret_param_value: NotRequired[str] r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: NotRequired[str] + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + auth_request_params: NotRequired[ + List[CollectRequestParamConfRestCollectMethodGetTypedDict] + ] + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + text_secret: NotRequired[str] + r"""Select or create a text secret that contains the client secret's value""" + scopes: NotRequired[List[str]] + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" service_account_credentials: NotRequired[str] r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: NotRequired[str] + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + subject: NotRequired[str] + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + template_subject: NotRequired[str] + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" hmac_function_id: NotRequired[str] r"""Select or create an HMAC Function to use with authentication""" template_collect_url: NotRequired[str] @@ -6044,16 +6717,106 @@ class RestCollectMethodOther(BaseModel): Optional[RestCollectMethodOtherScheduling], pydantic.Field(alias="__scheduling") ] = None + username: Optional[str] = None + + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + password: Optional[str] = None + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL to use for login API call. This call is expected to be a POST.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + + get_auth_token_from_header: Annotated[ + Optional[bool], pydantic.Field(alias="getAuthTokenFromHeader") + ] = None + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + + auth_header_key: Annotated[Optional[str], pydantic.Field(alias="authHeaderKey")] = ( + None + ) + r"""Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'.""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + + auth_request_headers: Annotated[ + Optional[List[CollectRequestParamConfRestCollectMethodGet]], + pydantic.Field(alias="authRequestHeaders"), + ] = None + + token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="tokenRespAttribute") + ] = None + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + + client_secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="clientSecretParamName") + ] = None + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" + client_secret_param_value: Annotated[ Optional[str], pydantic.Field(alias="clientSecretParamValue") ] = None r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientSecretParamValue") + ] = None + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + + auth_request_params: Annotated[ + Optional[List[CollectRequestParamConfRestCollectMethodGet]], + pydantic.Field(alias="authRequestParams"), + ] = None + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a text secret that contains the client secret's value""" + + scopes: Optional[List[str]] = None + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" + service_account_credentials: Annotated[ Optional[str], pydantic.Field(alias="serviceAccountCredentials") ] = None r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="__template_serviceAccountCredentials") + ] = None + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + + subject: Optional[str] = None + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + + template_subject: Annotated[ + Optional[str], pydantic.Field(alias="__template_subject") + ] = None + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" + hmac_function_id: Annotated[ Optional[str], pydantic.Field(alias="hmacFunctionId") ] = None @@ -6103,8 +6866,29 @@ def serialize_model(self, handler): "retryRules", "microsoftGraphDelta", "__scheduling", + "username", + "__template_username", + "password", + "__template_password", + "credentialsSecret", + "loginUrl", + "__template_loginUrl", + "loginBody", + "getAuthTokenFromHeader", + "authHeaderKey", + "authHeaderExpr", + "authRequestHeaders", + "tokenRespAttribute", + "clientSecretParamName", "clientSecretParamValue", + "__template_clientSecretParamValue", + "authRequestParams", + "textSecret", + "scopes", "serviceAccountCredentials", + "__template_serviceAccountCredentials", + "subject", + "__template_subject", "hmacFunctionId", "__template_collectUrl", ] @@ -6154,11 +6938,15 @@ class RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeNoneTypedDict(TypedD r"""Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -6178,6 +6966,11 @@ class RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeNone(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -6190,6 +6983,11 @@ class RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeNone(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -6232,9 +7030,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -6275,11 +7075,15 @@ class RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeListTypedDict(TypedD r"""Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -6300,6 +7104,11 @@ class RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeList(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -6312,6 +7121,11 @@ class RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeList(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -6351,9 +7165,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -6392,9 +7208,11 @@ class RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeJSONTypedDict(TypedD manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] @@ -6420,11 +7238,16 @@ class RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeJSON(BaseModel): discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -6475,6 +7298,7 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", @@ -6536,6 +7360,8 @@ class RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeHTTPDiscoverMethodOt enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -6601,6 +7427,11 @@ class RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeHTTPDiscoverMethodOt ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -6642,6 +7473,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -6694,6 +7526,8 @@ class RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeHTTPDiscoverMethodPo enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -6751,6 +7585,11 @@ class RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeHTTPDiscoverMethodPo ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -6790,6 +7629,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -6843,6 +7683,8 @@ class RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeHTTPDiscoverMethodPo enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -6902,6 +7744,11 @@ class RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeHTTPDiscoverMethodPo ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -6942,6 +7789,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -6995,6 +7843,8 @@ class RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeHTTPDiscoverMethodGe enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -7054,6 +7904,11 @@ class RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeHTTPDiscoverMethodGe ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -7094,6 +7949,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -7166,9 +8022,9 @@ class UnknownRestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeHTTP(BaseMode RestCollectMethodPostWithBodyDiscoveryTypedDict = TypeAliasType( "RestCollectMethodPostWithBodyDiscoveryTypedDict", Union[ + RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeJSONTypedDict, RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeListTypedDict, RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeNoneTypedDict, - RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeJSONTypedDict, RestCollectMethodPostWithBodyRestDiscoveryDiscoverTypeHTTPTypedDict, ], ) @@ -7498,6 +8354,10 @@ class RestCollectMethodPostWithBodyRestPaginationTypeResponseHeaderLinkTypedDict r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -7543,6 +8403,14 @@ class RestCollectMethodPostWithBodyRestPaginationTypeResponseHeaderLink(BaseMode limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -7581,6 +8449,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -7636,6 +8506,10 @@ class RestCollectMethodPostWithBodyRestPaginationTypeResponseHeaderTypedDict(Typ r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -7686,6 +8560,14 @@ class RestCollectMethodPostWithBodyRestPaginationTypeResponseHeader(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -7725,6 +8607,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -7782,6 +8666,10 @@ class RestCollectMethodPostWithBodyRestPaginationTypeResponseBodyTypedDict(Typed r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -7832,6 +8720,14 @@ class RestCollectMethodPostWithBodyRestPaginationTypeResponseBody(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -7871,6 +8767,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -7894,6 +8792,8 @@ def serialize_model(self, handler): class RestCollectMethodPostWithBodyRestPaginationTypeNoneTypedDict(TypedDict): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: NotRequired[float] + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" last_page_expr: NotRequired[str] r"""JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section.""" next_relation_attribute: NotRequired[str] @@ -7908,6 +8808,10 @@ class RestCollectMethodPostWithBodyRestPaginationTypeNoneTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -7923,6 +8827,9 @@ class RestCollectMethodPostWithBodyRestPaginationTypeNoneTypedDict(TypedDict): class RestCollectMethodPostWithBodyRestPaginationTypeNone(BaseModel): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: Annotated[Optional[float], pydantic.Field(alias="maxPages")] = None + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" + last_page_expr: Annotated[Optional[str], pydantic.Field(alias="lastPageExpr")] = ( None ) @@ -7950,6 +8857,14 @@ class RestCollectMethodPostWithBodyRestPaginationTypeNone(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -7982,6 +8897,7 @@ def serialize_type(self, value): def serialize_model(self, handler): optional_fields = set( [ + "maxPages", "lastPageExpr", "nextRelationAttribute", "curRelationAttribute", @@ -7989,6 +8905,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -8015,10 +8933,10 @@ def serialize_model(self, handler): Union[ RestCollectMethodPostWithBodyRestPaginationTypeNoneTypedDict, RestCollectMethodPostWithBodyRestPaginationTypeResponseHeaderLinkTypedDict, - RestCollectMethodPostWithBodyRestPaginationTypeResponseBodyTypedDict, - RestCollectMethodPostWithBodyRestPaginationTypeResponseHeaderTypedDict, RestCollectMethodPostWithBodyRestPaginationTypeRequestOffsetTypedDict, RestCollectMethodPostWithBodyRestPaginationTypeRequestPageTypedDict, + RestCollectMethodPostWithBodyRestPaginationTypeResponseBodyTypedDict, + RestCollectMethodPostWithBodyRestPaginationTypeResponseHeaderTypedDict, ], ) @@ -8453,10 +9371,53 @@ class RestCollectMethodPostWithBodyTypedDict(TypedDict): ] r"""Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable.""" scheduling: NotRequired[RestCollectMethodPostWithBodySchedulingTypedDict] + username: NotRequired[str] + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: NotRequired[str] + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" + login_url: NotRequired[str] + r"""URL to use for login API call. This call is expected to be a POST.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + get_auth_token_from_header: NotRequired[bool] + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + auth_header_key: NotRequired[str] + r"""Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'.""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + auth_request_headers: NotRequired[ + List[CollectRequestParamConfRestCollectMethodGetTypedDict] + ] + token_resp_attribute: NotRequired[str] + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + client_secret_param_name: NotRequired[str] + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" client_secret_param_value: NotRequired[str] r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: NotRequired[str] + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + auth_request_params: NotRequired[ + List[CollectRequestParamConfRestCollectMethodGetTypedDict] + ] + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + text_secret: NotRequired[str] + r"""Select or create a text secret that contains the client secret's value""" + scopes: NotRequired[List[str]] + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" service_account_credentials: NotRequired[str] r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: NotRequired[str] + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + subject: NotRequired[str] + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + template_subject: NotRequired[str] + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" hmac_function_id: NotRequired[str] r"""Select or create an HMAC Function to use with authentication""" template_collect_url: NotRequired[str] @@ -8544,16 +9505,106 @@ class RestCollectMethodPostWithBody(BaseModel): pydantic.Field(alias="__scheduling"), ] = None + username: Optional[str] = None + + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + password: Optional[str] = None + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL to use for login API call. This call is expected to be a POST.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + + get_auth_token_from_header: Annotated[ + Optional[bool], pydantic.Field(alias="getAuthTokenFromHeader") + ] = None + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + + auth_header_key: Annotated[Optional[str], pydantic.Field(alias="authHeaderKey")] = ( + None + ) + r"""Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'.""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + + auth_request_headers: Annotated[ + Optional[List[CollectRequestParamConfRestCollectMethodGet]], + pydantic.Field(alias="authRequestHeaders"), + ] = None + + token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="tokenRespAttribute") + ] = None + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + + client_secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="clientSecretParamName") + ] = None + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" + client_secret_param_value: Annotated[ Optional[str], pydantic.Field(alias="clientSecretParamValue") ] = None r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientSecretParamValue") + ] = None + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + + auth_request_params: Annotated[ + Optional[List[CollectRequestParamConfRestCollectMethodGet]], + pydantic.Field(alias="authRequestParams"), + ] = None + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a text secret that contains the client secret's value""" + + scopes: Optional[List[str]] = None + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" + service_account_credentials: Annotated[ Optional[str], pydantic.Field(alias="serviceAccountCredentials") ] = None r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="__template_serviceAccountCredentials") + ] = None + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + + subject: Optional[str] = None + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + + template_subject: Annotated[ + Optional[str], pydantic.Field(alias="__template_subject") + ] = None + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" + hmac_function_id: Annotated[ Optional[str], pydantic.Field(alias="hmacFunctionId") ] = None @@ -8601,8 +9652,29 @@ def serialize_model(self, handler): "retryRules", "microsoftGraphDelta", "__scheduling", + "username", + "__template_username", + "password", + "__template_password", + "credentialsSecret", + "loginUrl", + "__template_loginUrl", + "loginBody", + "getAuthTokenFromHeader", + "authHeaderKey", + "authHeaderExpr", + "authRequestHeaders", + "tokenRespAttribute", + "clientSecretParamName", "clientSecretParamValue", + "__template_clientSecretParamValue", + "authRequestParams", + "textSecret", + "scopes", "serviceAccountCredentials", + "__template_serviceAccountCredentials", + "subject", + "__template_subject", "hmacFunctionId", "__template_collectUrl", ] @@ -8648,11 +9720,15 @@ class RestCollectMethodPostRestDiscoveryDiscoverTypeNoneTypedDict(TypedDict): r"""Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -8672,6 +9748,11 @@ class RestCollectMethodPostRestDiscoveryDiscoverTypeNone(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -8684,6 +9765,11 @@ class RestCollectMethodPostRestDiscoveryDiscoverTypeNone(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -8726,9 +9812,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -8767,11 +9855,15 @@ class RestCollectMethodPostRestDiscoveryDiscoverTypeListTypedDict(TypedDict): r"""Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -8792,6 +9884,11 @@ class RestCollectMethodPostRestDiscoveryDiscoverTypeList(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -8804,6 +9901,11 @@ class RestCollectMethodPostRestDiscoveryDiscoverTypeList(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -8843,9 +9945,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -8882,9 +9986,11 @@ class RestCollectMethodPostRestDiscoveryDiscoverTypeJSONTypedDict(TypedDict): manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] @@ -8910,11 +10016,16 @@ class RestCollectMethodPostRestDiscoveryDiscoverTypeJSON(BaseModel): discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -8965,6 +10076,7 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", @@ -9026,6 +10138,8 @@ class RestCollectMethodPostRestDiscoveryDiscoverTypeHTTPDiscoverMethodOtherTyped enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -9089,6 +10203,11 @@ class RestCollectMethodPostRestDiscoveryDiscoverTypeHTTPDiscoverMethodOther(Base ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -9130,6 +10249,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -9182,6 +10302,8 @@ class RestCollectMethodPostRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostWithBo enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -9239,6 +10361,11 @@ class RestCollectMethodPostRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostWithBo ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -9278,6 +10405,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -9333,6 +10461,8 @@ class RestCollectMethodPostRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostTypedD enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -9390,6 +10520,11 @@ class RestCollectMethodPostRestDiscoveryDiscoverTypeHTTPDiscoverMethodPost(BaseM ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -9430,6 +10565,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -9485,6 +10621,8 @@ class RestCollectMethodPostRestDiscoveryDiscoverTypeHTTPDiscoverMethodGetTypedDi enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -9542,6 +10680,11 @@ class RestCollectMethodPostRestDiscoveryDiscoverTypeHTTPDiscoverMethodGet(BaseMo ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -9582,6 +10725,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -9652,9 +10796,9 @@ class UnknownRestCollectMethodPostRestDiscoveryDiscoverTypeHTTP(BaseModel): RestCollectMethodPostDiscoveryTypedDict = TypeAliasType( "RestCollectMethodPostDiscoveryTypedDict", Union[ + RestCollectMethodPostRestDiscoveryDiscoverTypeJSONTypedDict, RestCollectMethodPostRestDiscoveryDiscoverTypeListTypedDict, RestCollectMethodPostRestDiscoveryDiscoverTypeNoneTypedDict, - RestCollectMethodPostRestDiscoveryDiscoverTypeJSONTypedDict, RestCollectMethodPostRestDiscoveryDiscoverTypeHTTPTypedDict, ], ) @@ -9982,6 +11126,10 @@ class RestCollectMethodPostRestPaginationTypeResponseHeaderLinkTypedDict(TypedDi r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -10027,6 +11175,14 @@ class RestCollectMethodPostRestPaginationTypeResponseHeaderLink(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -10065,6 +11221,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -10122,6 +11280,10 @@ class RestCollectMethodPostRestPaginationTypeResponseHeaderTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -10170,6 +11332,14 @@ class RestCollectMethodPostRestPaginationTypeResponseHeader(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -10209,6 +11379,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -10266,6 +11438,10 @@ class RestCollectMethodPostRestPaginationTypeResponseBodyTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -10314,6 +11490,14 @@ class RestCollectMethodPostRestPaginationTypeResponseBody(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -10353,6 +11537,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -10376,6 +11562,8 @@ def serialize_model(self, handler): class RestCollectMethodPostRestPaginationTypeNoneTypedDict(TypedDict): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: NotRequired[float] + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" last_page_expr: NotRequired[str] r"""JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section.""" next_relation_attribute: NotRequired[str] @@ -10390,6 +11578,10 @@ class RestCollectMethodPostRestPaginationTypeNoneTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -10405,6 +11597,9 @@ class RestCollectMethodPostRestPaginationTypeNoneTypedDict(TypedDict): class RestCollectMethodPostRestPaginationTypeNone(BaseModel): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: Annotated[Optional[float], pydantic.Field(alias="maxPages")] = None + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" + last_page_expr: Annotated[Optional[str], pydantic.Field(alias="lastPageExpr")] = ( None ) @@ -10432,6 +11627,14 @@ class RestCollectMethodPostRestPaginationTypeNone(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -10464,6 +11667,7 @@ def serialize_type(self, value): def serialize_model(self, handler): optional_fields = set( [ + "maxPages", "lastPageExpr", "nextRelationAttribute", "curRelationAttribute", @@ -10471,6 +11675,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -10497,10 +11703,10 @@ def serialize_model(self, handler): Union[ RestCollectMethodPostRestPaginationTypeNoneTypedDict, RestCollectMethodPostRestPaginationTypeResponseHeaderLinkTypedDict, - RestCollectMethodPostRestPaginationTypeResponseBodyTypedDict, - RestCollectMethodPostRestPaginationTypeResponseHeaderTypedDict, RestCollectMethodPostRestPaginationTypeRequestOffsetTypedDict, RestCollectMethodPostRestPaginationTypeRequestPageTypedDict, + RestCollectMethodPostRestPaginationTypeResponseBodyTypedDict, + RestCollectMethodPostRestPaginationTypeResponseHeaderTypedDict, ], ) diff --git a/src/cribl_control_plane/models/restcollectorconf.py b/src/cribl_control_plane/models/restcollectorconf.py index 88c3b7ebf..4f3b98f0d 100644 --- a/src/cribl_control_plane/models/restcollectorconf.py +++ b/src/cribl_control_plane/models/restcollectorconf.py @@ -239,10 +239,53 @@ class RestCollectMethodPostTypedDict(TypedDict): ] r"""Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable.""" scheduling: NotRequired[RestCollectMethodPostSchedulingTypedDict] + username: NotRequired[str] + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: NotRequired[str] + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" + login_url: NotRequired[str] + r"""URL to use for login API call. This call is expected to be a POST.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + get_auth_token_from_header: NotRequired[bool] + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + auth_header_key: NotRequired[str] + r"""Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'.""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + auth_request_headers: NotRequired[ + List[CollectRequestParamConfRestCollectMethodGetTypedDict] + ] + token_resp_attribute: NotRequired[str] + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + client_secret_param_name: NotRequired[str] + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" client_secret_param_value: NotRequired[str] r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: NotRequired[str] + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + auth_request_params: NotRequired[ + List[CollectRequestParamConfRestCollectMethodGetTypedDict] + ] + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + text_secret: NotRequired[str] + r"""Select or create a text secret that contains the client secret's value""" + scopes: NotRequired[List[str]] + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" service_account_credentials: NotRequired[str] r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: NotRequired[str] + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + subject: NotRequired[str] + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + template_subject: NotRequired[str] + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" hmac_function_id: NotRequired[str] r"""Select or create an HMAC Function to use with authentication""" template_collect_url: NotRequired[str] @@ -329,16 +372,106 @@ class RestCollectMethodPost(BaseModel): Optional[RestCollectMethodPostScheduling], pydantic.Field(alias="__scheduling") ] = None + username: Optional[str] = None + + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + password: Optional[str] = None + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL to use for login API call. This call is expected to be a POST.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + + get_auth_token_from_header: Annotated[ + Optional[bool], pydantic.Field(alias="getAuthTokenFromHeader") + ] = None + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + + auth_header_key: Annotated[Optional[str], pydantic.Field(alias="authHeaderKey")] = ( + None + ) + r"""Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'.""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + + auth_request_headers: Annotated[ + Optional[List[CollectRequestParamConfRestCollectMethodGet]], + pydantic.Field(alias="authRequestHeaders"), + ] = None + + token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="tokenRespAttribute") + ] = None + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + + client_secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="clientSecretParamName") + ] = None + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" + client_secret_param_value: Annotated[ Optional[str], pydantic.Field(alias="clientSecretParamValue") ] = None r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientSecretParamValue") + ] = None + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + + auth_request_params: Annotated[ + Optional[List[CollectRequestParamConfRestCollectMethodGet]], + pydantic.Field(alias="authRequestParams"), + ] = None + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a text secret that contains the client secret's value""" + + scopes: Optional[List[str]] = None + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" + service_account_credentials: Annotated[ Optional[str], pydantic.Field(alias="serviceAccountCredentials") ] = None r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="__template_serviceAccountCredentials") + ] = None + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + + subject: Optional[str] = None + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + + template_subject: Annotated[ + Optional[str], pydantic.Field(alias="__template_subject") + ] = None + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" + hmac_function_id: Annotated[ Optional[str], pydantic.Field(alias="hmacFunctionId") ] = None @@ -387,8 +520,29 @@ def serialize_model(self, handler): "retryRules", "microsoftGraphDelta", "__scheduling", + "username", + "__template_username", + "password", + "__template_password", + "credentialsSecret", + "loginUrl", + "__template_loginUrl", + "loginBody", + "getAuthTokenFromHeader", + "authHeaderKey", + "authHeaderExpr", + "authRequestHeaders", + "tokenRespAttribute", + "clientSecretParamName", "clientSecretParamValue", + "__template_clientSecretParamValue", + "authRequestParams", + "textSecret", + "scopes", "serviceAccountCredentials", + "__template_serviceAccountCredentials", + "subject", + "__template_subject", "hmacFunctionId", "__template_collectUrl", ] @@ -434,11 +588,15 @@ class RestCollectMethodGetRestDiscoveryDiscoverTypeNoneTypedDict(TypedDict): r"""Defines how task discovery will be performed. Each entry returned by the Discover operation will result in a Collect task.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -458,6 +616,11 @@ class RestCollectMethodGetRestDiscoveryDiscoverTypeNone(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -470,6 +633,11 @@ class RestCollectMethodGetRestDiscoveryDiscoverTypeNone(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -512,9 +680,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -553,11 +723,15 @@ class RestCollectMethodGetRestDiscoveryDiscoverTypeListTypedDict(TypedDict): r"""Comma-separated list of items to return from the Discover task. Each item returned generates a Collect task and can be referenced using `${id}` in the Collect URL, headers, or parameters.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] ] pagination: NotRequired[PaginationTypeRestDiscoveryDiscoverTypeHTTPTypedDict] + discover_data_field: NotRequired[str] + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" enable_strict_discover_parsing: NotRequired[bool] r"""Explicitly set the discover response format. When disabled, best effort parsing is used.""" enable_discover_code: NotRequired[bool] @@ -578,6 +752,11 @@ class RestCollectMethodGetRestDiscoveryDiscoverTypeList(BaseModel): discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -590,6 +769,11 @@ class RestCollectMethodGetRestDiscoveryDiscoverTypeList(BaseModel): pagination: Optional[PaginationTypeRestDiscoveryDiscoverTypeHTTP] = None + discover_data_field: Annotated[ + Optional[str], pydantic.Field(alias="discoverDataField") + ] = None + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" + enable_strict_discover_parsing: Annotated[ Optional[bool], pydantic.Field(alias="enableStrictDiscoverParsing") ] = None @@ -629,9 +813,11 @@ def serialize_model(self, handler): optional_fields = set( [ "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", + "discoverDataField", "enableStrictDiscoverParsing", "enableDiscoverCode", "manualDiscoverResult", @@ -668,9 +854,11 @@ class RestCollectMethodGetRestDiscoveryDiscoverTypeJSONTypedDict(TypedDict): manual_discover_result: str r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" discover_data_field: NotRequired[str] - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: NotRequired[str] r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" discover_method: NotRequired[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP] discover_request_headers: NotRequired[ List[CollectRequestParamConfRestCollectMethodGetTypedDict] @@ -696,11 +884,16 @@ class RestCollectMethodGetRestDiscoveryDiscoverTypeJSON(BaseModel): discover_data_field: Annotated[ Optional[str], pydantic.Field(alias="discoverDataField") ] = None - r"""Within the response JSON, the name of the field to pull results from, typically a JSON array. Leave blank if the result itself is an array of values. Sample entry: items, json: { items: [{id: 'first'},{id: 'second'}] }""" + r"""Path to field in the response object that contains discovery results (ex: level1.name). Leave blank if the result is an array.""" discover_url: Annotated[Optional[str], pydantic.Field(alias="discoverUrl")] = None r"""URL to use for the Discover operation. Can be a constant URL, or a JavaScript expression to derive the URL.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + discover_method: Annotated[ Optional[DiscoverMethodOptionsRestDiscoveryDiscoverTypeHTTP], pydantic.Field(alias="discoverMethod"), @@ -751,6 +944,7 @@ def serialize_model(self, handler): [ "discoverDataField", "discoverUrl", + "__template_discoverUrl", "discoverMethod", "discoverRequestHeaders", "pagination", @@ -814,6 +1008,8 @@ class RestCollectMethodGetRestDiscoveryDiscoverTypeHTTPDiscoverMethodOtherTypedD enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -877,6 +1073,11 @@ class RestCollectMethodGetRestDiscoveryDiscoverTypeHTTPDiscoverMethodOther(BaseM ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -918,6 +1119,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -970,6 +1172,8 @@ class RestCollectMethodGetRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostWithBod enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -1027,6 +1231,11 @@ class RestCollectMethodGetRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostWithBod ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -1066,6 +1275,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -1121,6 +1331,8 @@ class RestCollectMethodGetRestDiscoveryDiscoverTypeHTTPDiscoverMethodPostTypedDi enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -1178,6 +1390,11 @@ class RestCollectMethodGetRestDiscoveryDiscoverTypeHTTPDiscoverMethodPost(BaseMo ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -1218,6 +1435,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -1273,6 +1491,8 @@ class RestCollectMethodGetRestDiscoveryDiscoverTypeHTTPDiscoverMethodGetTypedDic enable_discover_code: NotRequired[bool] format_result_code: NotRequired[str] r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: NotRequired[str] + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" manual_discover_result: NotRequired[str] r"""Allows hard-coding the Discover result. Must be a JSON object or array. Works with Discover data field.""" item_list: NotRequired[List[str]] @@ -1330,6 +1550,11 @@ class RestCollectMethodGetRestDiscoveryDiscoverTypeHTTPDiscoverMethodGet(BaseMod ] = None r"""Custom JavaScript code to format the discover result through the __e variable which is a JSON object or array containing the original discover results. The object or array passed should be manipulated to contain the desired discover results, i.e.: __e['myResult'] = [{lat: -1.1234, long: 2.345, zip: 11111},{lat: -1.235, long 2.346, zip: 22222}] or ['11111','22222']. Caution: This function is evaluated in an unprotected context, allowing you to execute almost any JavaScript code.""" + template_discover_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_discoverUrl") + ] = None + r"""Binds 'discoverUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'discoverUrl' at runtime.""" + manual_discover_result: Annotated[ Optional[str], pydantic.Field(alias="manualDiscoverResult") ] = None @@ -1370,6 +1595,7 @@ def serialize_model(self, handler): "discoverResponseFormat", "enableDiscoverCode", "formatResultCode", + "__template_discoverUrl", "manualDiscoverResult", "itemList", ] @@ -1440,9 +1666,9 @@ class UnknownRestCollectMethodGetRestDiscoveryDiscoverTypeHTTP(BaseModel): RestCollectMethodGetDiscoveryTypedDict = TypeAliasType( "RestCollectMethodGetDiscoveryTypedDict", Union[ + RestCollectMethodGetRestDiscoveryDiscoverTypeJSONTypedDict, RestCollectMethodGetRestDiscoveryDiscoverTypeListTypedDict, RestCollectMethodGetRestDiscoveryDiscoverTypeNoneTypedDict, - RestCollectMethodGetRestDiscoveryDiscoverTypeJSONTypedDict, RestCollectMethodGetRestDiscoveryDiscoverTypeHTTPTypedDict, ], ) @@ -1770,6 +1996,10 @@ class RestCollectMethodGetRestPaginationTypeResponseHeaderLinkTypedDict(TypedDic r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -1815,6 +2045,14 @@ class RestCollectMethodGetRestPaginationTypeResponseHeaderLink(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -1853,6 +2091,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -1910,6 +2150,10 @@ class RestCollectMethodGetRestPaginationTypeResponseHeaderTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -1958,6 +2202,14 @@ class RestCollectMethodGetRestPaginationTypeResponseHeader(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -1997,6 +2249,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -2056,6 +2310,10 @@ class RestCollectMethodGetRestPaginationTypeResponseBodyTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -2104,6 +2362,14 @@ class RestCollectMethodGetRestPaginationTypeResponseBody(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -2143,6 +2409,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -2166,6 +2434,8 @@ def serialize_model(self, handler): class RestCollectMethodGetRestPaginationTypeNoneTypedDict(TypedDict): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: NotRequired[float] + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" last_page_expr: NotRequired[str] r"""JavaScript expression used to determine when the last page has been reached. The values tested by this expression must be in the Response attributes section.""" next_relation_attribute: NotRequired[str] @@ -2180,6 +2450,10 @@ class RestCollectMethodGetRestPaginationTypeNoneTypedDict(TypedDict): r"""Query string parameter that sets the number of records retrieved per request. Example: /api/v1/query?term=cribl&limit=100&offset=0""" limit: NotRequired[float] r"""Maximum number of records to collect per request""" + total_record_field: NotRequired[str] + r"""Name of the attribute in the response that contains the total number of records for the query""" + zero_indexed: NotRequired[bool] + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" page_field: NotRequired[str] r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" page: NotRequired[float] @@ -2195,6 +2469,9 @@ class RestCollectMethodGetRestPaginationTypeNoneTypedDict(TypedDict): class RestCollectMethodGetRestPaginationTypeNone(BaseModel): type: PaginationOptionsRestDiscoveryDiscoverTypeHTTPPagination + max_pages: Annotated[Optional[float], pydantic.Field(alias="maxPages")] = None + r"""Maximum number of pages to retrieve per collection task. Defaults to 50 pages. Set to 0 to retrieve all pages.""" + last_page_expr: Annotated[Optional[str], pydantic.Field(alias="lastPageExpr")] = ( None ) @@ -2222,6 +2499,14 @@ class RestCollectMethodGetRestPaginationTypeNone(BaseModel): limit: Optional[float] = None r"""Maximum number of records to collect per request""" + total_record_field: Annotated[ + Optional[str], pydantic.Field(alias="totalRecordField") + ] = None + r"""Name of the attribute in the response that contains the total number of records for the query""" + + zero_indexed: Annotated[Optional[bool], pydantic.Field(alias="zeroIndexed")] = None + r"""Enable to indicate that the first page in the requested data is at index 0. Disabled by default, which indicates index 1.""" + page_field: Annotated[Optional[str], pydantic.Field(alias="pageField")] = None r"""Query string parameter that sets the page index to be returned. Example: /api/v1/query?term=cribl&page_size=100&page_number=0""" @@ -2254,6 +2539,7 @@ def serialize_type(self, value): def serialize_model(self, handler): optional_fields = set( [ + "maxPages", "lastPageExpr", "nextRelationAttribute", "curRelationAttribute", @@ -2261,6 +2547,8 @@ def serialize_model(self, handler): "offset", "limitField", "limit", + "totalRecordField", + "zeroIndexed", "pageField", "page", "sizeField", @@ -2287,10 +2575,10 @@ def serialize_model(self, handler): Union[ RestCollectMethodGetRestPaginationTypeNoneTypedDict, RestCollectMethodGetRestPaginationTypeResponseHeaderLinkTypedDict, - RestCollectMethodGetRestPaginationTypeResponseBodyTypedDict, - RestCollectMethodGetRestPaginationTypeResponseHeaderTypedDict, RestCollectMethodGetRestPaginationTypeRequestOffsetTypedDict, RestCollectMethodGetRestPaginationTypeRequestPageTypedDict, + RestCollectMethodGetRestPaginationTypeResponseBodyTypedDict, + RestCollectMethodGetRestPaginationTypeResponseHeaderTypedDict, ], ) @@ -2722,10 +3010,53 @@ class RestCollectMethodGetTypedDict(TypedDict): microsoft_graph_delta: NotRequired[RestCollectMethodGetMicrosoftGraphDeltaTypedDict] r"""Internal opt-in for the Microsoft Graph deltaLink state-tracking hook. Set programmatically by the Microsoft Graph source when the configured URL targets a /delta endpoint; not user-configurable.""" scheduling: NotRequired[RestCollectMethodGetSchedulingTypedDict] + username: NotRequired[str] + template_username: NotRequired[str] + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + password: NotRequired[str] + template_password: NotRequired[str] + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" + login_url: NotRequired[str] + r"""URL to use for login API call. This call is expected to be a POST.""" + template_login_url: NotRequired[str] + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + get_auth_token_from_header: NotRequired[bool] + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + auth_header_key: NotRequired[str] + r"""Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'.""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + auth_request_headers: NotRequired[ + List[CollectRequestParamConfRestCollectMethodGetTypedDict] + ] + token_resp_attribute: NotRequired[str] + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + client_secret_param_name: NotRequired[str] + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" client_secret_param_value: NotRequired[str] r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: NotRequired[str] + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + auth_request_params: NotRequired[ + List[CollectRequestParamConfRestCollectMethodGetTypedDict] + ] + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + text_secret: NotRequired[str] + r"""Select or create a text secret that contains the client secret's value""" + scopes: NotRequired[List[str]] + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" service_account_credentials: NotRequired[str] r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: NotRequired[str] + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + subject: NotRequired[str] + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + template_subject: NotRequired[str] + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" hmac_function_id: NotRequired[str] r"""Select or create an HMAC Function to use with authentication""" template_collect_url: NotRequired[str] @@ -2812,16 +3143,106 @@ class RestCollectMethodGet(BaseModel): Optional[RestCollectMethodGetScheduling], pydantic.Field(alias="__scheduling") ] = None + username: Optional[str] = None + + template_username: Annotated[ + Optional[str], pydantic.Field(alias="__template_username") + ] = None + r"""Binds 'username' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'username' at runtime.""" + + password: Optional[str] = None + + template_password: Annotated[ + Optional[str], pydantic.Field(alias="__template_password") + ] = None + r"""Binds 'password' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'password' at runtime.""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL to use for login API call. This call is expected to be a POST.""" + + template_login_url: Annotated[ + Optional[str], pydantic.Field(alias="__template_loginUrl") + ] = None + r"""Binds 'loginUrl' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'loginUrl' at runtime.""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message. For x-www-form-urlencoded bodies, wrap values with ${C.Encode.uri(password)} to preserve special characters like +, &, and =.""" + + get_auth_token_from_header: Annotated[ + Optional[bool], pydantic.Field(alias="getAuthTokenFromHeader") + ] = None + r"""Extract the auth token from the HTTP 'Authorization' response header instead of the standard JSON body of the login response""" + + auth_header_key: Annotated[Optional[str], pydantic.Field(alias="authHeaderKey")] = ( + None + ) + r"""Authorization header key to pass in Discover and Collect calls. Defaults to the literal name 'Authorization'.""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression used to compute the Authorization header to pass in Discover and Collect calls. The value ${token} is used to reference the token obtained from login.""" + + auth_request_headers: Annotated[ + Optional[List[CollectRequestParamConfRestCollectMethodGet]], + pydantic.Field(alias="authRequestHeaders"), + ] = None + + token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="tokenRespAttribute") + ] = None + r"""Path to token attribute in login response body. Nested attributes are OK. Leave blank if the response content type is text/plain; the entire response body will be used to derive the authorization header.""" + + client_secret_param_name: Annotated[ + Optional[str], pydantic.Field(alias="clientSecretParamName") + ] = None + r"""Defaults to 'client_secret'. Automatically added to request parameters using the value specified.""" + client_secret_param_value: Annotated[ Optional[str], pydantic.Field(alias="clientSecretParamValue") ] = None r"""Secret value to add to HTTP requests as the 'client secret' parameter. Value is stored encrypted on disk and automatically added to request parameters.""" + template_client_secret_param_value: Annotated[ + Optional[str], pydantic.Field(alias="__template_clientSecretParamValue") + ] = None + r"""Binds 'clientSecretParamValue' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'clientSecretParamValue' at runtime.""" + + auth_request_params: Annotated[ + Optional[List[CollectRequestParamConfRestCollectMethodGet]], + pydantic.Field(alias="authRequestParams"), + ] = None + r"""OAuth request parameters added to the POST body. The Content-Type header will automatically be set to application/x-www-form-urlencoded.""" + + text_secret: Annotated[Optional[str], pydantic.Field(alias="textSecret")] = None + r"""Select or create a text secret that contains the client secret's value""" + + scopes: Optional[List[str]] = None + r"""Scopes to use during authentication. See [Google's docs](https://developers.google.com/identity/protocols/oauth2/scopes) for more information.""" + service_account_credentials: Annotated[ Optional[str], pydantic.Field(alias="serviceAccountCredentials") ] = None r"""Contents of Google Cloud service account credentials (JSON keys) file. To upload a file, click the upload icon in this field's upper right.""" + template_service_account_credentials: Annotated[ + Optional[str], pydantic.Field(alias="__template_serviceAccountCredentials") + ] = None + r"""Binds 'serviceAccountCredentials' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'serviceAccountCredentials' at runtime.""" + + subject: Optional[str] = None + r"""Email address of a user account with Super Admin permissions to the resources the collector will retrieve""" + + template_subject: Annotated[ + Optional[str], pydantic.Field(alias="__template_subject") + ] = None + r"""Binds 'subject' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'subject' at runtime.""" + hmac_function_id: Annotated[ Optional[str], pydantic.Field(alias="hmacFunctionId") ] = None @@ -2870,8 +3291,29 @@ def serialize_model(self, handler): "retryRules", "microsoftGraphDelta", "__scheduling", + "username", + "__template_username", + "password", + "__template_password", + "credentialsSecret", + "loginUrl", + "__template_loginUrl", + "loginBody", + "getAuthTokenFromHeader", + "authHeaderKey", + "authHeaderExpr", + "authRequestHeaders", + "tokenRespAttribute", + "clientSecretParamName", "clientSecretParamValue", + "__template_clientSecretParamValue", + "authRequestParams", + "textSecret", + "scopes", "serviceAccountCredentials", + "__template_serviceAccountCredentials", + "subject", + "__template_subject", "hmacFunctionId", "__template_collectUrl", ] @@ -2893,20 +3335,20 @@ def serialize_model(self, handler): RestCollectorConfTypedDict = TypeAliasType( "RestCollectorConfTypedDict", Union[ - RestAuthenticationNoneTypedDict, + RestAuthenticationOauthTypedDict, + RestAuthenticationGoogleOauthSecretTypedDict, RestAuthenticationHmacTypedDict, - RestCollectMethodPostTypedDict, - RestCollectMethodPostWithBodyTypedDict, - RestCollectMethodGetTypedDict, + RestAuthenticationLoginTypedDict, + RestAuthenticationNoneTypedDict, + RestAuthenticationBasicTypedDict, + RestAuthenticationLoginSecretTypedDict, RestAuthenticationBasicSecretTypedDict, RestAuthenticationGoogleOauthTypedDict, - RestAuthenticationBasicTypedDict, - RestCollectMethodOtherTypedDict, - RestAuthenticationGoogleOauthSecretTypedDict, - RestAuthenticationOauthTypedDict, RestAuthenticationOauthSecretTypedDict, - RestAuthenticationLoginSecretTypedDict, - RestAuthenticationLoginTypedDict, + RestCollectMethodGetTypedDict, + RestCollectMethodPostTypedDict, + RestCollectMethodPostWithBodyTypedDict, + RestCollectMethodOtherTypedDict, ], ) diff --git a/src/cribl_control_plane/models/rootnodeconfredisdeploymenttypecluster.py b/src/cribl_control_plane/models/rootnodeconfredisdeploymenttypecluster.py new file mode 100644 index 000000000..a2b88ef9e --- /dev/null +++ b/src/cribl_control_plane/models/rootnodeconfredisdeploymenttypecluster.py @@ -0,0 +1,20 @@ +"""Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" + +from __future__ import annotations +from cribl_control_plane.types import BaseModel +from typing_extensions import TypedDict + + +class RootNodeConfRedisDeploymentTypeClusterTypedDict(TypedDict): + host: str + r"""Hostname of cluster node. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`.""" + port: float + r"""Port of cluster node""" + + +class RootNodeConfRedisDeploymentTypeCluster(BaseModel): + host: str + r"""Hostname of cluster node. Must be a JavaScript expression (which can evaluate to a constant value), enclosed in quotes or backticks. Can be evaluated only at init time. Example referencing a Global Variable: `myBucket-${C.vars.myVar}`.""" + + port: float + r"""Port of cluster node""" diff --git a/src/cribl_control_plane/models/runnablejobcollection.py b/src/cribl_control_plane/models/runnablejobcollection.py index 956947222..0ea88c864 100644 --- a/src/cribl_control_plane/models/runnablejobcollection.py +++ b/src/cribl_control_plane/models/runnablejobcollection.py @@ -139,13 +139,11 @@ class RunnableJobCollectionRunTypedDict(TypedDict): min_task_size: NotRequired[str] r"""Limits the bundle size for small tasks. For example, - if your lower bundle size is 1MB, you can bundle up to five 200KB files into one task. """ max_task_size: NotRequired[str] r"""Limits the bundle size for files above the lower task bundle size. For example, if your upper bundle size is 10MB, - you can bundle up to five 2MB files into one task. Files greater than this size will be assigned to individual tasks. """ discover_to_routes: NotRequired[bool] @@ -201,14 +199,12 @@ class RunnableJobCollectionRun(BaseModel): min_task_size: Annotated[Optional[str], pydantic.Field(alias="minTaskSize")] = None r"""Limits the bundle size for small tasks. For example, - if your lower bundle size is 1MB, you can bundle up to five 200KB files into one task. """ max_task_size: Annotated[Optional[str], pydantic.Field(alias="maxTaskSize")] = None r"""Limits the bundle size for files above the lower task bundle size. For example, if your upper bundle size is 10MB, - you can bundle up to five 2MB files into one task. Files greater than this size will be assigned to individual tasks. """ diff --git a/src/cribl_control_plane/models/runsettingstyperunnablejobcollectionschedule.py b/src/cribl_control_plane/models/runsettingstyperunnablejobcollectionschedule.py index 4166eaa9a..6be6a91f3 100644 --- a/src/cribl_control_plane/models/runsettingstyperunnablejobcollectionschedule.py +++ b/src/cribl_control_plane/models/runsettingstyperunnablejobcollectionschedule.py @@ -68,13 +68,11 @@ class RunSettingsTypeRunnableJobCollectionScheduleTypedDict(TypedDict): min_task_size: NotRequired[str] r"""Limits the bundle size for small tasks. For example, - if your lower bundle size is 1MB, you can bundle up to five 200KB files into one task. """ max_task_size: NotRequired[str] r"""Limits the bundle size for files above the lower task bundle size. For example, if your upper bundle size is 10MB, - you can bundle up to five 2MB files into one task. Files greater than this size will be assigned to individual tasks. """ @@ -128,14 +126,12 @@ class RunSettingsTypeRunnableJobCollectionSchedule(BaseModel): min_task_size: Annotated[Optional[str], pydantic.Field(alias="minTaskSize")] = None r"""Limits the bundle size for small tasks. For example, - if your lower bundle size is 1MB, you can bundle up to five 200KB files into one task. """ max_task_size: Annotated[Optional[str], pydantic.Field(alias="maxTaskSize")] = None r"""Limits the bundle size for files above the lower task bundle size. For example, if your upper bundle size is 10MB, - you can bundle up to five 2MB files into one task. Files greater than this size will be assigned to individual tasks. """ diff --git a/src/cribl_control_plane/models/runsettingstypesavedjobresponsecollectionschedule.py b/src/cribl_control_plane/models/runsettingstypesavedjobresponsecollectionschedule.py index 23b78b5db..861cc8bf7 100644 --- a/src/cribl_control_plane/models/runsettingstypesavedjobresponsecollectionschedule.py +++ b/src/cribl_control_plane/models/runsettingstypesavedjobresponsecollectionschedule.py @@ -74,13 +74,11 @@ class RunSettingsTypeSavedJobResponseCollectionScheduleTypedDict(TypedDict): min_task_size: NotRequired[str] r"""Limits the bundle size for small tasks. For example, - if your lower bundle size is 1MB, you can bundle up to five 200KB files into one task. """ max_task_size: NotRequired[str] r"""Limits the bundle size for files above the lower task bundle size. For example, if your upper bundle size is 10MB, - you can bundle up to five 2MB files into one task. Files greater than this size will be assigned to individual tasks. """ @@ -134,14 +132,12 @@ class RunSettingsTypeSavedJobResponseCollectionSchedule(BaseModel): min_task_size: Annotated[Optional[str], pydantic.Field(alias="minTaskSize")] = None r"""Limits the bundle size for small tasks. For example, - if your lower bundle size is 1MB, you can bundle up to five 200KB files into one task. """ max_task_size: Annotated[Optional[str], pydantic.Field(alias="maxTaskSize")] = None r"""Limits the bundle size for files above the lower task bundle size. For example, if your upper bundle size is 10MB, - you can bundle up to five 2MB files into one task. Files greater than this size will be assigned to individual tasks. """ diff --git a/src/cribl_control_plane/models/splunkcollectorconf.py b/src/cribl_control_plane/models/splunkcollectorconf.py index 1e15bc388..18a3cce91 100644 --- a/src/cribl_control_plane/models/splunkcollectorconf.py +++ b/src/cribl_control_plane/models/splunkcollectorconf.py @@ -327,7 +327,21 @@ class SplunkAuthenticationTokenSecretTypedDict(TypedDict): handle_escaped_chars: NotRequired[bool] r"""Escape characters (\\") in search queries will be passed directly to Splunk""" retry_rules: NotRequired[SplunkAuthenticationTokenSecretRetryRulesTypedDict] + username: NotRequired[str] + r"""Basic authentication username""" + password: NotRequired[str] + r"""Basic authentication password""" + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" token: NotRequired[str] + login_url: NotRequired[str] + r"""URL to use for login API call. This call is expected to be a POST.""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message.""" + token_resp_attribute: NotRequired[str] + r"""Path to token attribute in login response body. Nested attributes are allowed.""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" template_search_head: NotRequired[str] r"""Binds 'searchHead' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'searchHead' at runtime.""" template_search: NotRequired[str] @@ -409,8 +423,35 @@ class SplunkAuthenticationTokenSecret(BaseModel): pydantic.Field(alias="retryRules"), ] = None + username: Optional[str] = None + r"""Basic authentication username""" + + password: Optional[str] = None + r"""Basic authentication password""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + token: Optional[str] = None + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL to use for login API call. This call is expected to be a POST.""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message.""" + + token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="tokenRespAttribute") + ] = None + r"""Path to token attribute in login response body. Nested attributes are allowed.""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" + template_search_head: Annotated[ Optional[str], pydantic.Field(alias="__template_searchHead") ] = None @@ -473,7 +514,14 @@ def serialize_model(self, handler): "rejectUnauthorized", "handleEscapedChars", "retryRules", + "username", + "password", + "credentialsSecret", "token", + "loginUrl", + "loginBody", + "tokenRespAttribute", + "authHeaderExpr", "__template_searchHead", "__template_search", "__template_earliest", @@ -803,8 +851,22 @@ class SplunkAuthenticationTokenTypedDict(TypedDict): handle_escaped_chars: NotRequired[bool] r"""Escape characters (\\") in search queries will be passed directly to Splunk""" retry_rules: NotRequired[SplunkAuthenticationTokenRetryRulesTypedDict] + username: NotRequired[str] + r"""Basic authentication username""" + password: NotRequired[str] + r"""Basic authentication password""" + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" token_secret: NotRequired[str] r"""Select or create a stored secret that references your Bearer token""" + login_url: NotRequired[str] + r"""URL to use for login API call. This call is expected to be a POST.""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message.""" + token_resp_attribute: NotRequired[str] + r"""Path to token attribute in login response body. Nested attributes are allowed.""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" template_search_head: NotRequired[str] r"""Binds 'searchHead' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'searchHead' at runtime.""" template_search: NotRequired[str] @@ -885,9 +947,36 @@ class SplunkAuthenticationToken(BaseModel): pydantic.Field(alias="retryRules"), ] = None + username: Optional[str] = None + r"""Basic authentication username""" + + password: Optional[str] = None + r"""Basic authentication password""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + token_secret: Annotated[Optional[str], pydantic.Field(alias="tokenSecret")] = None r"""Select or create a stored secret that references your Bearer token""" + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL to use for login API call. This call is expected to be a POST.""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message.""" + + token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="tokenRespAttribute") + ] = None + r"""Path to token attribute in login response body. Nested attributes are allowed.""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" + template_search_head: Annotated[ Optional[str], pydantic.Field(alias="__template_searchHead") ] = None @@ -950,7 +1039,14 @@ def serialize_model(self, handler): "rejectUnauthorized", "handleEscapedChars", "retryRules", + "username", + "password", + "credentialsSecret", "tokenSecret", + "loginUrl", + "loginBody", + "tokenRespAttribute", + "authHeaderExpr", "__template_searchHead", "__template_search", "__template_earliest", @@ -1283,9 +1379,21 @@ class SplunkAuthenticationBasicSecretTypedDict(TypedDict): handle_escaped_chars: NotRequired[bool] r"""Escape characters (\\") in search queries will be passed directly to Splunk""" retry_rules: NotRequired[SplunkAuthenticationBasicSecretRetryRulesTypedDict] + username: NotRequired[str] + r"""Basic authentication username""" + password: NotRequired[str] + r"""Basic authentication password""" token: NotRequired[str] token_secret: NotRequired[str] r"""Select or create a stored secret that references your Bearer token""" + login_url: NotRequired[str] + r"""URL to use for login API call. This call is expected to be a POST.""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message.""" + token_resp_attribute: NotRequired[str] + r"""Path to token attribute in login response body. Nested attributes are allowed.""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" template_search_head: NotRequired[str] r"""Binds 'searchHead' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'searchHead' at runtime.""" template_search: NotRequired[str] @@ -1367,11 +1475,33 @@ class SplunkAuthenticationBasicSecret(BaseModel): pydantic.Field(alias="retryRules"), ] = None + username: Optional[str] = None + r"""Basic authentication username""" + + password: Optional[str] = None + r"""Basic authentication password""" + token: Optional[str] = None token_secret: Annotated[Optional[str], pydantic.Field(alias="tokenSecret")] = None r"""Select or create a stored secret that references your Bearer token""" + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL to use for login API call. This call is expected to be a POST.""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message.""" + + token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="tokenRespAttribute") + ] = None + r"""Path to token attribute in login response body. Nested attributes are allowed.""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" + template_search_head: Annotated[ Optional[str], pydantic.Field(alias="__template_searchHead") ] = None @@ -1434,8 +1564,14 @@ def serialize_model(self, handler): "rejectUnauthorized", "handleEscapedChars", "retryRules", + "username", + "password", "token", "tokenSecret", + "loginUrl", + "loginBody", + "tokenRespAttribute", + "authHeaderExpr", "__template_searchHead", "__template_search", "__template_earliest", @@ -1768,9 +1904,19 @@ class SplunkAuthenticationBasicTypedDict(TypedDict): handle_escaped_chars: NotRequired[bool] r"""Escape characters (\\") in search queries will be passed directly to Splunk""" retry_rules: NotRequired[SplunkAuthenticationBasicRetryRulesTypedDict] + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" token: NotRequired[str] token_secret: NotRequired[str] r"""Select or create a stored secret that references your Bearer token""" + login_url: NotRequired[str] + r"""URL to use for login API call. This call is expected to be a POST.""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message.""" + token_resp_attribute: NotRequired[str] + r"""Path to token attribute in login response body. Nested attributes are allowed.""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" template_search_head: NotRequired[str] r"""Binds 'searchHead' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'searchHead' at runtime.""" template_search: NotRequired[str] @@ -1855,11 +2001,32 @@ class SplunkAuthenticationBasic(BaseModel): pydantic.Field(alias="retryRules"), ] = None + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + token: Optional[str] = None token_secret: Annotated[Optional[str], pydantic.Field(alias="tokenSecret")] = None r"""Select or create a stored secret that references your Bearer token""" + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL to use for login API call. This call is expected to be a POST.""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message.""" + + token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="tokenRespAttribute") + ] = None + r"""Path to token attribute in login response body. Nested attributes are allowed.""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" + template_search_head: Annotated[ Optional[str], pydantic.Field(alias="__template_searchHead") ] = None @@ -1922,8 +2089,13 @@ def serialize_model(self, handler): "rejectUnauthorized", "handleEscapedChars", "retryRules", + "credentialsSecret", "token", "tokenSecret", + "loginUrl", + "loginBody", + "tokenRespAttribute", + "authHeaderExpr", "__template_searchHead", "__template_search", "__template_earliest", @@ -2252,9 +2424,23 @@ class SplunkAuthenticationNoneTypedDict(TypedDict): handle_escaped_chars: NotRequired[bool] r"""Escape characters (\\") in search queries will be passed directly to Splunk""" retry_rules: NotRequired[SplunkAuthenticationNoneRetryRulesTypedDict] + username: NotRequired[str] + r"""Basic authentication username""" + password: NotRequired[str] + r"""Basic authentication password""" + credentials_secret: NotRequired[str] + r"""Select or create a stored secret that references your credentials""" token: NotRequired[str] token_secret: NotRequired[str] r"""Select or create a stored secret that references your Bearer token""" + login_url: NotRequired[str] + r"""URL to use for login API call. This call is expected to be a POST.""" + login_body: NotRequired[str] + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message.""" + token_resp_attribute: NotRequired[str] + r"""Path to token attribute in login response body. Nested attributes are allowed.""" + auth_header_expr: NotRequired[str] + r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" template_search_head: NotRequired[str] r"""Binds 'searchHead' to a variable for dynamic value resolution. Set to variable ID (pack-scoped) or 'cribl.'/'edge.' prefixed ID (group-scoped). Variable value overrides 'searchHead' at runtime.""" template_search: NotRequired[str] @@ -2332,11 +2518,38 @@ class SplunkAuthenticationNone(BaseModel): Optional[SplunkAuthenticationNoneRetryRules], pydantic.Field(alias="retryRules") ] = None + username: Optional[str] = None + r"""Basic authentication username""" + + password: Optional[str] = None + r"""Basic authentication password""" + + credentials_secret: Annotated[ + Optional[str], pydantic.Field(alias="credentialsSecret") + ] = None + r"""Select or create a stored secret that references your credentials""" + token: Optional[str] = None token_secret: Annotated[Optional[str], pydantic.Field(alias="tokenSecret")] = None r"""Select or create a stored secret that references your Bearer token""" + login_url: Annotated[Optional[str], pydantic.Field(alias="loginUrl")] = None + r"""URL to use for login API call. This call is expected to be a POST.""" + + login_body: Annotated[Optional[str], pydantic.Field(alias="loginBody")] = None + r"""Template for POST body to send with login request. ${username} and ${password} are used to specify location of these attributes in the message.""" + + token_resp_attribute: Annotated[ + Optional[str], pydantic.Field(alias="tokenRespAttribute") + ] = None + r"""Path to token attribute in login response body. Nested attributes are allowed.""" + + auth_header_expr: Annotated[ + Optional[str], pydantic.Field(alias="authHeaderExpr") + ] = None + r"""JavaScript expression to compute the Authorization header to pass in discover and collect calls. The value ${token} is used to reference the token obtained from login.""" + template_search_head: Annotated[ Optional[str], pydantic.Field(alias="__template_searchHead") ] = None @@ -2399,8 +2612,15 @@ def serialize_model(self, handler): "rejectUnauthorized", "handleEscapedChars", "retryRules", + "username", + "password", + "credentialsSecret", "token", "tokenSecret", + "loginUrl", + "loginBody", + "tokenRespAttribute", + "authHeaderExpr", "__template_searchHead", "__template_search", "__template_earliest", @@ -2427,10 +2647,10 @@ def serialize_model(self, handler): "SplunkCollectorConfTypedDict", Union[ SplunkAuthenticationNoneTypedDict, + SplunkAuthenticationBasicTypedDict, + SplunkAuthenticationBasicSecretTypedDict, SplunkAuthenticationTokenTypedDict, SplunkAuthenticationTokenSecretTypedDict, - SplunkAuthenticationBasicSecretTypedDict, - SplunkAuthenticationBasicTypedDict, ], ) diff --git a/src/cribl_control_plane/models/updatepacksop.py b/src/cribl_control_plane/models/updatepacksop.py index 966b1e0fe..e4a2ca529 100644 --- a/src/cribl_control_plane/models/updatepacksop.py +++ b/src/cribl_control_plane/models/updatepacksop.py @@ -11,7 +11,7 @@ class UpdatePacksRequestTypedDict(TypedDict): filename: str r"""Filename of the Pack file to upload.""" - request_body: Union[bytes, IO[bytes], io.BufferedReader] + request_body: Union[bytes, IO[bytes], io.IOBase] class UpdatePacksRequest(BaseModel): @@ -21,5 +21,5 @@ class UpdatePacksRequest(BaseModel): r"""Filename of the Pack file to upload.""" request_body: Annotated[ - Union[bytes, IO[bytes], io.BufferedReader], FieldMetadata(request=True) + Union[bytes, IO[bytes], io.IOBase], FieldMetadata(request=True) ] diff --git a/src/cribl_control_plane/nodes.py b/src/cribl_control_plane/nodes.py index a67ee01c6..aa9f9d5e4 100644 --- a/src/cribl_control_plane/nodes.py +++ b/src/cribl_control_plane/nodes.py @@ -9,7 +9,7 @@ from cribl_control_plane.utils import get_security_from_env from cribl_control_plane.utils.unmarshal_json_response import unmarshal_json_response from jsonpath import JSONPath -from typing import Any, Awaitable, Dict, List, Mapping, Optional, Union +from typing import Any, Awaitable, Dict, Iterable, List, Mapping, Optional, Union class Nodes(BaseSDK): @@ -215,22 +215,32 @@ async def count_async( raise errors.APIError("Unexpected response received", http_res) - def get( + def list( self, *, product: models.ProductsCore, - id: str, + filter_exp: Optional[str] = None, + sort_exp: Optional[str] = None, + filter_: Optional[str] = None, + sort: Optional[str] = None, + limit: Optional[int] = None, + offset: Optional[int] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedMasterWorkerEntry: - r"""Get detailed metadata for a Worker, Edge, or Outpost Node + ) -> Optional[models.GetProductsWorkersByProductResponse]: + r"""Get detailed metadata for Worker, Edge, or Outpost Nodes - Get detailed metadata for the specified Worker, Edge, or Outpost Node for the specified Cribl product. + Get detailed metadata for Worker, Edge, or Outpost Nodes for the specified Cribl product. - :param product: Name of the Cribl product that contains the Node. - :param id: The id of the Node to get the metadata for. + :param product: Name of the Cribl product to get Worker, Edge, or Outpost Nodes for. + :param filter_exp: Filter expression to evaluate against Nodes for inclusion in the response. + :param sort_exp: Sorting expression to evaluate against Nodes to specify the sort order for the response. + :param filter_: JSON-stringified filter object to evaluate against Nodes for inclusion in the response. + :param sort: JSON-stringified sorting object to evaluate against Nodes to specify the sort order for the response. + :param limit: Maximum number of Nodes to return in the response for this request. Use with offset to paginate the response into manageable batches. + :param offset: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -246,14 +256,19 @@ def get( else: base_url = self._get_url(base_url, url_variables) - request = models.GetProductsWorkersByProductAndIDRequest( + request = models.GetProductsWorkersByProductRequest( product=product, - id=id, + filter_exp=filter_exp, + sort_exp=sort_exp, + filter_=filter_, + sort=sort, + limit=limit, + offset=offset, ) req = self._build_request( method="GET", - path="/products/{product}/workers/{id}", + path="/products/{product}/workers", base_url=base_url, url_variables=url_variables, request=request, @@ -284,7 +299,7 @@ def get( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getProductsWorkersByProductAndId", + operation_id="getProductsWorkersByProduct", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -295,13 +310,47 @@ def get( retry_config=retry_config, ) + def next_func() -> Optional[models.GetProductsWorkersByProductResponse]: + body = utils.unmarshal_json(http_res.text, Union[Dict[Any, Any], List[Any]]) + + offset = request.offset if isinstance(request.offset, int) else 0 + + if not http_res.text: + return None + results = JSONPath("$.items").parse(body) + if len(results) == 0 or len(results[0]) == 0: + return None + limit_ = request.limit if isinstance(request.limit, int) else 0 + if len(results[0]) < limit_: + return None + next_offset = offset + len(results[0]) + + return self.list( + product=product, + filter_exp=filter_exp, + sort_exp=sort_exp, + filter_=filter_, + sort=sort, + limit=limit, + offset=next_offset, + retries=retries, + server_url=server_url, + timeout_ms=timeout_ms, + http_headers=http_headers, + ) + response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedMasterWorkerEntry, http_res) + return models.GetProductsWorkersByProductResponse( + result=unmarshal_json_response( + models.CountedMasterWorkerEntry, http_res + ), + next=next_func, + ) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) - if utils.match_response(http_res, ["401", "403", "4XX"], "*"): + if utils.match_response(http_res, ["400", "401", "403", "4XX"], "*"): http_res_text = utils.stream_to_text(http_res) raise errors.APIError("API error occurred", http_res, http_res_text) if utils.match_response(http_res, "5XX", "*"): @@ -310,22 +359,32 @@ def get( raise errors.APIError("Unexpected response received", http_res) - async def get_async( + async def list_async( self, *, product: models.ProductsCore, - id: str, + filter_exp: Optional[str] = None, + sort_exp: Optional[str] = None, + filter_: Optional[str] = None, + sort: Optional[str] = None, + limit: Optional[int] = None, + offset: Optional[int] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedMasterWorkerEntry: - r"""Get detailed metadata for a Worker, Edge, or Outpost Node + ) -> Optional[models.GetProductsWorkersByProductResponse]: + r"""Get detailed metadata for Worker, Edge, or Outpost Nodes - Get detailed metadata for the specified Worker, Edge, or Outpost Node for the specified Cribl product. + Get detailed metadata for Worker, Edge, or Outpost Nodes for the specified Cribl product. - :param product: Name of the Cribl product that contains the Node. - :param id: The id of the Node to get the metadata for. + :param product: Name of the Cribl product to get Worker, Edge, or Outpost Nodes for. + :param filter_exp: Filter expression to evaluate against Nodes for inclusion in the response. + :param sort_exp: Sorting expression to evaluate against Nodes to specify the sort order for the response. + :param filter_: JSON-stringified filter object to evaluate against Nodes for inclusion in the response. + :param sort: JSON-stringified sorting object to evaluate against Nodes to specify the sort order for the response. + :param limit: Maximum number of Nodes to return in the response for this request. Use with offset to paginate the response into manageable batches. + :param offset: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -341,14 +400,19 @@ async def get_async( else: base_url = self._get_url(base_url, url_variables) - request = models.GetProductsWorkersByProductAndIDRequest( + request = models.GetProductsWorkersByProductRequest( product=product, - id=id, + filter_exp=filter_exp, + sort_exp=sort_exp, + filter_=filter_, + sort=sort, + limit=limit, + offset=offset, ) req = self._build_request_async( method="GET", - path="/products/{product}/workers/{id}", + path="/products/{product}/workers", base_url=base_url, url_variables=url_variables, request=request, @@ -379,7 +443,7 @@ async def get_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getProductsWorkersByProductAndId", + operation_id="getProductsWorkersByProduct", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -390,13 +454,52 @@ async def get_async( retry_config=retry_config, ) + def next_func() -> ( + Awaitable[Optional[models.GetProductsWorkersByProductResponse]] + ): + body = utils.unmarshal_json(http_res.text, Union[Dict[Any, Any], List[Any]]) + + async def empty_result(): + return None + + offset = request.offset if isinstance(request.offset, int) else 0 + + if not http_res.text: + return empty_result() + results = JSONPath("$.items").parse(body) + if len(results) == 0 or len(results[0]) == 0: + return empty_result() + limit_ = request.limit if isinstance(request.limit, int) else 0 + if len(results[0]) < limit_: + return empty_result() + next_offset = offset + len(results[0]) + + return self.list_async( + product=product, + filter_exp=filter_exp, + sort_exp=sort_exp, + filter_=filter_, + sort=sort, + limit=limit, + offset=next_offset, + retries=retries, + server_url=server_url, + timeout_ms=timeout_ms, + http_headers=http_headers, + ) + response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedMasterWorkerEntry, http_res) + return models.GetProductsWorkersByProductResponse( + result=unmarshal_json_response( + models.CountedMasterWorkerEntry, http_res + ), + next=next_func, + ) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) - if utils.match_response(http_res, ["401", "403", "4XX"], "*"): + if utils.match_response(http_res, ["400", "401", "403", "4XX"], "*"): http_res_text = await utils.stream_to_text_async(http_res) raise errors.APIError("API error occurred", http_res, http_res_text) if utils.match_response(http_res, "5XX", "*"): @@ -405,32 +508,22 @@ async def get_async( raise errors.APIError("Unexpected response received", http_res) - def list( + def get( self, *, product: models.ProductsCore, - filter_exp: Optional[str] = None, - sort_exp: Optional[str] = None, - filter_: Optional[str] = None, - sort: Optional[str] = None, - limit: Optional[int] = None, - offset: Optional[int] = None, + id: str, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> Optional[models.GetProductsWorkersByProductResponse]: - r"""Get detailed metadata for Worker, Edge, or Outpost Nodes + ) -> models.CountedMasterWorkerEntry: + r"""Get detailed metadata for a Worker, Edge, or Outpost Node - Get detailed metadata for Worker, Edge, or Outpost Nodes for the specified Cribl product. + Get detailed metadata for the specified Worker, Edge, or Outpost Node for the specified Cribl product. - :param product: Name of the Cribl product to get Worker, Edge, or Outpost Nodes for. - :param filter_exp: Filter expression to evaluate against Nodes for inclusion in the response. - :param sort_exp: Sorting expression to evaluate against Nodes to specify the sort order for the response. - :param filter_: JSON-stringified filter object to evaluate against Nodes for inclusion in the response. - :param sort: JSON-stringified sorting object to evaluate against Nodes to specify the sort order for the response. - :param limit: Maximum number of Nodes to return in the response for this request. Use with offset to paginate the response into manageable batches. - :param offset: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. + :param product: Name of the Cribl product that contains the Node. + :param id: The id of the Node to get the metadata for. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -446,19 +539,14 @@ def list( else: base_url = self._get_url(base_url, url_variables) - request = models.GetProductsWorkersByProductRequest( + request = models.GetProductsWorkersByProductAndIDRequest( product=product, - filter_exp=filter_exp, - sort_exp=sort_exp, - filter_=filter_, - sort=sort, - limit=limit, - offset=offset, + id=id, ) req = self._build_request( method="GET", - path="/products/{product}/workers", + path="/products/{product}/workers/{id}", base_url=base_url, url_variables=url_variables, request=request, @@ -489,7 +577,7 @@ def list( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getProductsWorkersByProduct", + operation_id="getProductsWorkersByProductAndId", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -500,47 +588,13 @@ def list( retry_config=retry_config, ) - def next_func() -> Optional[models.GetProductsWorkersByProductResponse]: - body = utils.unmarshal_json(http_res.text, Union[Dict[Any, Any], List[Any]]) - - offset = request.offset if isinstance(request.offset, int) else 0 - - if not http_res.text: - return None - results = JSONPath("$.items").parse(body) - if len(results) == 0 or len(results[0]) == 0: - return None - limit_ = request.limit if isinstance(request.limit, int) else 0 - if len(results[0]) < limit_: - return None - next_offset = offset + len(results[0]) - - return self.list( - product=product, - filter_exp=filter_exp, - sort_exp=sort_exp, - filter_=filter_, - sort=sort, - limit=limit, - offset=next_offset, - retries=retries, - server_url=server_url, - timeout_ms=timeout_ms, - http_headers=http_headers, - ) - response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return models.GetProductsWorkersByProductResponse( - result=unmarshal_json_response( - models.CountedMasterWorkerEntry, http_res - ), - next=next_func, - ) + return unmarshal_json_response(models.CountedMasterWorkerEntry, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) - if utils.match_response(http_res, ["400", "401", "403", "4XX"], "*"): + if utils.match_response(http_res, ["401", "403", "4XX"], "*"): http_res_text = utils.stream_to_text(http_res) raise errors.APIError("API error occurred", http_res, http_res_text) if utils.match_response(http_res, "5XX", "*"): @@ -549,32 +603,22 @@ def next_func() -> Optional[models.GetProductsWorkersByProductResponse]: raise errors.APIError("Unexpected response received", http_res) - async def list_async( + async def get_async( self, *, product: models.ProductsCore, - filter_exp: Optional[str] = None, - sort_exp: Optional[str] = None, - filter_: Optional[str] = None, - sort: Optional[str] = None, - limit: Optional[int] = None, - offset: Optional[int] = None, + id: str, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> Optional[models.GetProductsWorkersByProductResponse]: - r"""Get detailed metadata for Worker, Edge, or Outpost Nodes + ) -> models.CountedMasterWorkerEntry: + r"""Get detailed metadata for a Worker, Edge, or Outpost Node - Get detailed metadata for Worker, Edge, or Outpost Nodes for the specified Cribl product. + Get detailed metadata for the specified Worker, Edge, or Outpost Node for the specified Cribl product. - :param product: Name of the Cribl product to get Worker, Edge, or Outpost Nodes for. - :param filter_exp: Filter expression to evaluate against Nodes for inclusion in the response. - :param sort_exp: Sorting expression to evaluate against Nodes to specify the sort order for the response. - :param filter_: JSON-stringified filter object to evaluate against Nodes for inclusion in the response. - :param sort: JSON-stringified sorting object to evaluate against Nodes to specify the sort order for the response. - :param limit: Maximum number of Nodes to return in the response for this request. Use with offset to paginate the response into manageable batches. - :param offset: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. + :param product: Name of the Cribl product that contains the Node. + :param id: The id of the Node to get the metadata for. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -590,19 +634,14 @@ async def list_async( else: base_url = self._get_url(base_url, url_variables) - request = models.GetProductsWorkersByProductRequest( + request = models.GetProductsWorkersByProductAndIDRequest( product=product, - filter_exp=filter_exp, - sort_exp=sort_exp, - filter_=filter_, - sort=sort, - limit=limit, - offset=offset, + id=id, ) req = self._build_request_async( method="GET", - path="/products/{product}/workers", + path="/products/{product}/workers/{id}", base_url=base_url, url_variables=url_variables, request=request, @@ -633,7 +672,7 @@ async def list_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getProductsWorkersByProduct", + operation_id="getProductsWorkersByProductAndId", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -644,52 +683,13 @@ async def list_async( retry_config=retry_config, ) - def next_func() -> ( - Awaitable[Optional[models.GetProductsWorkersByProductResponse]] - ): - body = utils.unmarshal_json(http_res.text, Union[Dict[Any, Any], List[Any]]) - - async def empty_result(): - return None - - offset = request.offset if isinstance(request.offset, int) else 0 - - if not http_res.text: - return empty_result() - results = JSONPath("$.items").parse(body) - if len(results) == 0 or len(results[0]) == 0: - return empty_result() - limit_ = request.limit if isinstance(request.limit, int) else 0 - if len(results[0]) < limit_: - return empty_result() - next_offset = offset + len(results[0]) - - return self.list_async( - product=product, - filter_exp=filter_exp, - sort_exp=sort_exp, - filter_=filter_, - sort=sort, - limit=limit, - offset=next_offset, - retries=retries, - server_url=server_url, - timeout_ms=timeout_ms, - http_headers=http_headers, - ) - response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return models.GetProductsWorkersByProductResponse( - result=unmarshal_json_response( - models.CountedMasterWorkerEntry, http_res - ), - next=next_func, - ) + return unmarshal_json_response(models.CountedMasterWorkerEntry, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) - if utils.match_response(http_res, ["400", "401", "403", "4XX"], "*"): + if utils.match_response(http_res, ["401", "403", "4XX"], "*"): http_res_text = await utils.stream_to_text_async(http_res) raise errors.APIError("API error occurred", http_res, http_res_text) if utils.match_response(http_res, "5XX", "*"): @@ -702,7 +702,7 @@ def restart( self, *, product: models.ProductsCore, - guids: List[str], + guids: Iterable[str], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, @@ -732,7 +732,7 @@ def restart( request = models.UpdateProductsWorkersRestartByProductRequest( product=product, restart_request=models.RestartRequest( - guids=guids, + guids=utils.unmarshal(guids, List[str]), ), ) @@ -802,7 +802,7 @@ async def restart_async( self, *, product: models.ProductsCore, - guids: List[str], + guids: Iterable[str], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, @@ -832,7 +832,7 @@ async def restart_async( request = models.UpdateProductsWorkersRestartByProductRequest( product=product, restart_request=models.RestartRequest( - guids=guids, + guids=utils.unmarshal(guids, List[str]), ), ) diff --git a/src/cribl_control_plane/packs.py b/src/cribl_control_plane/packs.py index c781f9f1d..8706f37ff 100644 --- a/src/cribl_control_plane/packs.py +++ b/src/cribl_control_plane/packs.py @@ -18,10 +18,10 @@ class Packs(BaseSDK): r"""Actions related to Packs""" - sources: PacksSources - destinations: PacksDestinations pipelines: PacksPipelines routes: PacksRoutes + sources: PacksSources + destinations: PacksDestinations def __init__( self, sdk_config: SDKConfiguration, parent_ref: Optional[object] = None @@ -31,14 +31,14 @@ def __init__( self._init_sdks() def _init_sdks(self): - self.sources = PacksSources(self.sdk_configuration, parent_ref=self.parent_ref) - self.destinations = PacksDestinations( - self.sdk_configuration, parent_ref=self.parent_ref - ) self.pipelines = PacksPipelines( self.sdk_configuration, parent_ref=self.parent_ref ) self.routes = PacksRoutes(self.sdk_configuration, parent_ref=self.parent_ref) + self.sources = PacksSources(self.sdk_configuration, parent_ref=self.parent_ref) + self.destinations = PacksDestinations( + self.sdk_configuration, parent_ref=self.parent_ref + ) def install( self, @@ -53,7 +53,7 @@ def install( ) -> models.CountedPackInstallInfo: r"""Install a Pack - Install a Pack.

To install an uploaded Pack, provide the source value from the PUT /packs response as the source parameter in the request body.

To install a Pack by importing from a URL, provide the direct URL location of the .crbl file for the Pack as the source parameter in the request body.

To install a Pack by importing from a Git repository, provide git+ as the source parameter in the request body.

If you do not include the source parameter in the request body, an empty Pack is created. + Install a Pack.

To install an uploaded Pack, provide the source value from the PUT /packs response as the source parameter in the request body.

To install a Pack by importing from a URL, provide the direct URL location of the .crbl file for the Pack as the source parameter in the request body.

To install a Pack by importing from a Git repository, provide git+ as the source parameter in the request body.

If you do not include the source parameter in the request body, an empty Pack is created. :param request: The request object to send. :param retries: Override the default retry configuration for this method @@ -150,7 +150,7 @@ async def install_async( ) -> models.CountedPackInstallInfo: r"""Install a Pack - Install a Pack.

To install an uploaded Pack, provide the source value from the PUT /packs response as the source parameter in the request body.

To install a Pack by importing from a URL, provide the direct URL location of the .crbl file for the Pack as the source parameter in the request body.

To install a Pack by importing from a Git repository, provide git+ as the source parameter in the request body.

If you do not include the source parameter in the request body, an empty Pack is created. + Install a Pack.

To install an uploaded Pack, provide the source value from the PUT /packs response as the source parameter in the request body.

To install a Pack by importing from a URL, provide the direct URL location of the .crbl file for the Pack as the source parameter in the request body.

To install a Pack by importing from a Git repository, provide git+ as the source parameter in the request body.

If you do not include the source parameter in the request body, an empty Pack is created. :param request: The request object to send. :param retries: Override the default retry configuration for this method @@ -422,7 +422,7 @@ def upload( self, *, filename: str, - request_body: Union[bytes, IO[bytes], io.BufferedReader], + request_body: Union[bytes, IO[bytes], io.IOBase], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, @@ -472,7 +472,7 @@ def upload( False, False, "raw", - Union[bytes, IO[bytes], io.BufferedReader], + Union[bytes, IO[bytes], io.IOBase], ), allow_empty_value=None, timeout_ms=timeout_ms, @@ -524,7 +524,7 @@ async def upload_async( self, *, filename: str, - request_body: Union[bytes, IO[bytes], io.BufferedReader], + request_body: Union[bytes, IO[bytes], io.IOBase], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, @@ -574,7 +574,7 @@ async def upload_async( False, False, "raw", - Union[bytes, IO[bytes], io.BufferedReader], + Union[bytes, IO[bytes], io.IOBase], ), allow_empty_value=None, timeout_ms=timeout_ms, @@ -622,7 +622,7 @@ async def upload_async( raise errors.APIError("Unexpected response received", http_res) - def delete( + def get( self, *, id: str, @@ -630,12 +630,12 @@ def delete( server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedPackUninstallInfo: - r"""Uninstall a Pack + ) -> models.CountedPackInfo: + r"""Get a Pack - Uninstall the specified Pack. + Get the specified Pack. - :param id: The id of the Pack to uninstall. + :param id: The id of the Pack to get. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -651,12 +651,12 @@ def delete( else: base_url = self._get_url(base_url, url_variables) - request = models.DeletePacksByIDRequest( + request = models.GetPacksByIDRequest( id=id, ) req = self._build_request( - method="DELETE", + method="GET", path="/packs/{id}", base_url=base_url, url_variables=url_variables, @@ -688,7 +688,7 @@ def delete( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="deletePacksById", + operation_id="getPacksById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -701,7 +701,7 @@ def delete( response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedPackUninstallInfo, http_res) + return unmarshal_json_response(models.CountedPackInfo, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) @@ -714,7 +714,7 @@ def delete( raise errors.APIError("Unexpected response received", http_res) - async def delete_async( + async def get_async( self, *, id: str, @@ -722,12 +722,12 @@ async def delete_async( server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedPackUninstallInfo: - r"""Uninstall a Pack + ) -> models.CountedPackInfo: + r"""Get a Pack - Uninstall the specified Pack. + Get the specified Pack. - :param id: The id of the Pack to uninstall. + :param id: The id of the Pack to get. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -743,12 +743,12 @@ async def delete_async( else: base_url = self._get_url(base_url, url_variables) - request = models.DeletePacksByIDRequest( + request = models.GetPacksByIDRequest( id=id, ) req = self._build_request_async( - method="DELETE", + method="GET", path="/packs/{id}", base_url=base_url, url_variables=url_variables, @@ -780,7 +780,7 @@ async def delete_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="deletePacksById", + operation_id="getPacksById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -793,7 +793,7 @@ async def delete_async( response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedPackUninstallInfo, http_res) + return unmarshal_json_response(models.CountedPackInfo, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) @@ -806,20 +806,28 @@ async def delete_async( raise errors.APIError("Unexpected response received", http_res) - def get( + def update( self, *, id: str, + source: str, + allow_custom_functions: Optional[bool] = None, + minor: Optional[str] = None, + spec: Optional[str] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedPackInfo: - r"""Get a Pack + r"""Upgrade a Pack - Get the specified Pack. + Upgrade the specified Pack.

If the Pack includes any user-modified versions of default Cribl Knowledge resources such as lookups, copy the modified files locally for safekeeping before upgrading the Pack. Copy the modified files back to the upgraded Pack after you install it with POST /packs to overwrite the default versions in the Pack.

After you upgrade the Pack, update any Routes, Pipelines, Sources, and Destinations that use the previous Pack version so that they reference the upgraded Pack. - :param id: The id of the Pack to get. + :param id: The id of the Pack to upgrade. + :param source: + :param allow_custom_functions: + :param minor: + :param spec: :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -835,23 +843,36 @@ def get( else: base_url = self._get_url(base_url, url_variables) - request = models.GetPacksByIDRequest( + request = models.UpdatePacksByIDRequest( id=id, + pack_upgrade_request=models.PackUpgradeRequest( + allow_custom_functions=allow_custom_functions, + minor=minor, + source=source, + spec=spec, + ), ) req = self._build_request( - method="GET", + method="PATCH", path="/packs/{id}", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=False, + request_body_required=True, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, + get_serialized_body=lambda: utils.serialize_request_body( + request.pack_upgrade_request, + False, + False, + "json", + models.PackUpgradeRequest, + ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -872,7 +893,7 @@ def get( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getPacksById", + operation_id="updatePacksById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -898,20 +919,28 @@ def get( raise errors.APIError("Unexpected response received", http_res) - async def get_async( + async def update_async( self, *, id: str, + source: str, + allow_custom_functions: Optional[bool] = None, + minor: Optional[str] = None, + spec: Optional[str] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedPackInfo: - r"""Get a Pack + r"""Upgrade a Pack - Get the specified Pack. + Upgrade the specified Pack.

If the Pack includes any user-modified versions of default Cribl Knowledge resources such as lookups, copy the modified files locally for safekeeping before upgrading the Pack. Copy the modified files back to the upgraded Pack after you install it with POST /packs to overwrite the default versions in the Pack.

After you upgrade the Pack, update any Routes, Pipelines, Sources, and Destinations that use the previous Pack version so that they reference the upgraded Pack. - :param id: The id of the Pack to get. + :param id: The id of the Pack to upgrade. + :param source: + :param allow_custom_functions: + :param minor: + :param spec: :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -927,23 +956,36 @@ async def get_async( else: base_url = self._get_url(base_url, url_variables) - request = models.GetPacksByIDRequest( + request = models.UpdatePacksByIDRequest( id=id, + pack_upgrade_request=models.PackUpgradeRequest( + allow_custom_functions=allow_custom_functions, + minor=minor, + source=source, + spec=spec, + ), ) req = self._build_request_async( - method="GET", + method="PATCH", path="/packs/{id}", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=False, + request_body_required=True, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, + get_serialized_body=lambda: utils.serialize_request_body( + request.pack_upgrade_request, + False, + False, + "json", + models.PackUpgradeRequest, + ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -964,7 +1006,7 @@ async def get_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getPacksById", + operation_id="updatePacksById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -990,28 +1032,20 @@ async def get_async( raise errors.APIError("Unexpected response received", http_res) - def update( + def delete( self, *, id: str, - source: str, - allow_custom_functions: Optional[bool] = None, - minor: Optional[str] = None, - spec: Optional[str] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedPackInfo: - r"""Upgrade a Pack + ) -> models.CountedPackUninstallInfo: + r"""Uninstall a Pack - Upgrade the specified Pack.

If the Pack includes any user-modified versions of default Cribl Knowledge resources such as lookups, copy the modified files locally for safekeeping before upgrading the Pack.Copy the modified files back to the upgraded Pack after you install it with POST /packs to overwrite the default versions in the Pack.

After you upgrade the Pack, update any Routes, Pipelines, Sources, and Destinations that use the previous Pack version so that they reference the upgraded Pack. + Uninstall the specified Pack. - :param id: The id of the Pack to upgrade. - :param source: - :param allow_custom_functions: - :param minor: - :param spec: + :param id: The id of the Pack to uninstall. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -1027,36 +1061,23 @@ def update( else: base_url = self._get_url(base_url, url_variables) - request = models.UpdatePacksByIDRequest( + request = models.DeletePacksByIDRequest( id=id, - pack_upgrade_request=models.PackUpgradeRequest( - allow_custom_functions=allow_custom_functions, - minor=minor, - source=source, - spec=spec, - ), ) req = self._build_request( - method="PATCH", + method="DELETE", path="/packs/{id}", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=True, + request_body_required=False, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, - get_serialized_body=lambda: utils.serialize_request_body( - request.pack_upgrade_request, - False, - False, - "json", - models.PackUpgradeRequest, - ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -1077,7 +1098,7 @@ def update( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="updatePacksById", + operation_id="deletePacksById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -1090,7 +1111,7 @@ def update( response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedPackInfo, http_res) + return unmarshal_json_response(models.CountedPackUninstallInfo, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) @@ -1103,28 +1124,20 @@ def update( raise errors.APIError("Unexpected response received", http_res) - async def update_async( + async def delete_async( self, *, id: str, - source: str, - allow_custom_functions: Optional[bool] = None, - minor: Optional[str] = None, - spec: Optional[str] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedPackInfo: - r"""Upgrade a Pack + ) -> models.CountedPackUninstallInfo: + r"""Uninstall a Pack - Upgrade the specified Pack.

If the Pack includes any user-modified versions of default Cribl Knowledge resources such as lookups, copy the modified files locally for safekeeping before upgrading the Pack.Copy the modified files back to the upgraded Pack after you install it with POST /packs to overwrite the default versions in the Pack.

After you upgrade the Pack, update any Routes, Pipelines, Sources, and Destinations that use the previous Pack version so that they reference the upgraded Pack. + Uninstall the specified Pack. - :param id: The id of the Pack to upgrade. - :param source: - :param allow_custom_functions: - :param minor: - :param spec: + :param id: The id of the Pack to uninstall. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -1140,36 +1153,23 @@ async def update_async( else: base_url = self._get_url(base_url, url_variables) - request = models.UpdatePacksByIDRequest( + request = models.DeletePacksByIDRequest( id=id, - pack_upgrade_request=models.PackUpgradeRequest( - allow_custom_functions=allow_custom_functions, - minor=minor, - source=source, - spec=spec, - ), ) req = self._build_request_async( - method="PATCH", + method="DELETE", path="/packs/{id}", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=True, + request_body_required=False, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, - get_serialized_body=lambda: utils.serialize_request_body( - request.pack_upgrade_request, - False, - False, - "json", - models.PackUpgradeRequest, - ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -1190,7 +1190,7 @@ async def update_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="updatePacksById", + operation_id="deletePacksById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -1203,7 +1203,7 @@ async def update_async( response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedPackInfo, http_res) + return unmarshal_json_response(models.CountedPackUninstallInfo, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) diff --git a/src/cribl_control_plane/packs_destinations_statuses.py b/src/cribl_control_plane/packs_destinations_statuses.py index 45abc5014..b25f4e0ac 100644 --- a/src/cribl_control_plane/packs_destinations_statuses.py +++ b/src/cribl_control_plane/packs_destinations_statuses.py @@ -11,26 +11,28 @@ class PacksDestinationsStatuses(BaseSDK): - def get( + def list( self, *, - id: str, pack: str, metrics: Optional[bool] = None, type_: Optional[bool] = None, + offset: Optional[int] = None, + limit: Optional[int] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedOutputStatus: - r"""Get the status of a Destination within a Pack + ) -> Optional[models.GetOutputStatusSystemOutputsByPackResponse]: + r"""List the status of all Destinations within a Pack - Get the status and optional metrics for the specified Destination within the specified Pack. + List status information and optional metrics for all configured Destinations in the Worker Group or Edge Fleet within the specified Pack. - :param id: The id of the Destination to get the status for. :param pack: The id of the Pack. :param metrics: Set to true to include metrics for each Destination. Otherwise, false (default). :param type: Set to true to prefix the Destination id with the Destination type. Otherwise, false (default). + :param offset: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. + :param limit: Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -46,16 +48,17 @@ def get( else: base_url = self._get_url(base_url, url_variables) - request = models.GetOutputStatusSystemOutputsByPackAndIDRequest( - id=id, + request = models.GetOutputStatusSystemOutputsByPackRequest( metrics=metrics, type=type_, + offset=offset, + limit=limit, pack=pack, ) req = self._build_request( method="GET", - path="/p/{pack}/system/status/outputs/{id}", + path="/p/{pack}/system/status/outputs", base_url=base_url, url_variables=url_variables, request=request, @@ -86,7 +89,7 @@ def get( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getOutputStatusSystemOutputsByPackAndId", + operation_id="getOutputStatusSystemOutputsByPack", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -97,13 +100,43 @@ def get( retry_config=retry_config, ) + def next_func() -> Optional[models.GetOutputStatusSystemOutputsByPackResponse]: + body = utils.unmarshal_json(http_res.text, Union[Dict[Any, Any], List[Any]]) + + offset = request.offset if isinstance(request.offset, int) else 0 + + if not http_res.text: + return None + results = JSONPath("$.items").parse(body) + if len(results) == 0 or len(results[0]) == 0: + return None + limit_ = request.limit if isinstance(request.limit, int) else 0 + if len(results[0]) < limit_: + return None + next_offset = offset + len(results[0]) + + return self.list( + pack=pack, + metrics=metrics, + type_=type_, + offset=next_offset, + limit=limit, + retries=retries, + server_url=server_url, + timeout_ms=timeout_ms, + http_headers=http_headers, + ) + response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedOutputStatus, http_res) + return models.GetOutputStatusSystemOutputsByPackResponse( + result=unmarshal_json_response(models.CountedOutputStatus, http_res), + next=next_func, + ) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) - if utils.match_response(http_res, ["401", "4XX"], "*"): + if utils.match_response(http_res, ["400", "401", "4XX"], "*"): http_res_text = utils.stream_to_text(http_res) raise errors.APIError("API error occurred", http_res, http_res_text) if utils.match_response(http_res, "5XX", "*"): @@ -112,26 +145,28 @@ def get( raise errors.APIError("Unexpected response received", http_res) - async def get_async( + async def list_async( self, *, - id: str, pack: str, metrics: Optional[bool] = None, type_: Optional[bool] = None, + offset: Optional[int] = None, + limit: Optional[int] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedOutputStatus: - r"""Get the status of a Destination within a Pack + ) -> Optional[models.GetOutputStatusSystemOutputsByPackResponse]: + r"""List the status of all Destinations within a Pack - Get the status and optional metrics for the specified Destination within the specified Pack. + List status information and optional metrics for all configured Destinations in the Worker Group or Edge Fleet within the specified Pack. - :param id: The id of the Destination to get the status for. :param pack: The id of the Pack. :param metrics: Set to true to include metrics for each Destination. Otherwise, false (default). :param type: Set to true to prefix the Destination id with the Destination type. Otherwise, false (default). + :param offset: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. + :param limit: Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -147,16 +182,17 @@ async def get_async( else: base_url = self._get_url(base_url, url_variables) - request = models.GetOutputStatusSystemOutputsByPackAndIDRequest( - id=id, + request = models.GetOutputStatusSystemOutputsByPackRequest( metrics=metrics, type=type_, + offset=offset, + limit=limit, pack=pack, ) req = self._build_request_async( method="GET", - path="/p/{pack}/system/status/outputs/{id}", + path="/p/{pack}/system/status/outputs", base_url=base_url, url_variables=url_variables, request=request, @@ -187,7 +223,7 @@ async def get_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getOutputStatusSystemOutputsByPackAndId", + operation_id="getOutputStatusSystemOutputsByPack", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -198,13 +234,48 @@ async def get_async( retry_config=retry_config, ) + def next_func() -> ( + Awaitable[Optional[models.GetOutputStatusSystemOutputsByPackResponse]] + ): + body = utils.unmarshal_json(http_res.text, Union[Dict[Any, Any], List[Any]]) + + async def empty_result(): + return None + + offset = request.offset if isinstance(request.offset, int) else 0 + + if not http_res.text: + return empty_result() + results = JSONPath("$.items").parse(body) + if len(results) == 0 or len(results[0]) == 0: + return empty_result() + limit_ = request.limit if isinstance(request.limit, int) else 0 + if len(results[0]) < limit_: + return empty_result() + next_offset = offset + len(results[0]) + + return self.list_async( + pack=pack, + metrics=metrics, + type_=type_, + offset=next_offset, + limit=limit, + retries=retries, + server_url=server_url, + timeout_ms=timeout_ms, + http_headers=http_headers, + ) + response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedOutputStatus, http_res) + return models.GetOutputStatusSystemOutputsByPackResponse( + result=unmarshal_json_response(models.CountedOutputStatus, http_res), + next=next_func, + ) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) - if utils.match_response(http_res, ["401", "4XX"], "*"): + if utils.match_response(http_res, ["400", "401", "4XX"], "*"): http_res_text = await utils.stream_to_text_async(http_res) raise errors.APIError("API error occurred", http_res, http_res_text) if utils.match_response(http_res, "5XX", "*"): @@ -213,28 +284,26 @@ async def get_async( raise errors.APIError("Unexpected response received", http_res) - def list( + def get( self, *, + id: str, pack: str, metrics: Optional[bool] = None, type_: Optional[bool] = None, - offset: Optional[int] = None, - limit: Optional[int] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> Optional[models.GetOutputStatusSystemOutputsByPackResponse]: - r"""List the status of all Destinations within a Pack + ) -> models.CountedOutputStatus: + r"""Get the status of a Destination within a Pack - List status information and optional metrics for all configured Destinations in the Worker Group or Edge Fleet within the specified Pack. + Get the status and optional metrics for the specified Destination within the specified Pack. + :param id: The id of the Destination to get the status for. :param pack: The id of the Pack. :param metrics: Set to true to include metrics for each Destination. Otherwise, false (default). :param type: Set to true to prefix the Destination id with the Destination type. Otherwise, false (default). - :param offset: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. - :param limit: Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -250,17 +319,16 @@ def list( else: base_url = self._get_url(base_url, url_variables) - request = models.GetOutputStatusSystemOutputsByPackRequest( + request = models.GetOutputStatusSystemOutputsByPackAndIDRequest( + id=id, metrics=metrics, type=type_, - offset=offset, - limit=limit, pack=pack, ) req = self._build_request( method="GET", - path="/p/{pack}/system/status/outputs", + path="/p/{pack}/system/status/outputs/{id}", base_url=base_url, url_variables=url_variables, request=request, @@ -291,7 +359,7 @@ def list( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getOutputStatusSystemOutputsByPack", + operation_id="getOutputStatusSystemOutputsByPackAndId", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -302,43 +370,13 @@ def list( retry_config=retry_config, ) - def next_func() -> Optional[models.GetOutputStatusSystemOutputsByPackResponse]: - body = utils.unmarshal_json(http_res.text, Union[Dict[Any, Any], List[Any]]) - - offset = request.offset if isinstance(request.offset, int) else 0 - - if not http_res.text: - return None - results = JSONPath("$.items").parse(body) - if len(results) == 0 or len(results[0]) == 0: - return None - limit_ = request.limit if isinstance(request.limit, int) else 0 - if len(results[0]) < limit_: - return None - next_offset = offset + len(results[0]) - - return self.list( - pack=pack, - metrics=metrics, - type_=type_, - offset=next_offset, - limit=limit, - retries=retries, - server_url=server_url, - timeout_ms=timeout_ms, - http_headers=http_headers, - ) - response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return models.GetOutputStatusSystemOutputsByPackResponse( - result=unmarshal_json_response(models.CountedOutputStatus, http_res), - next=next_func, - ) + return unmarshal_json_response(models.CountedOutputStatus, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) - if utils.match_response(http_res, ["400", "401", "4XX"], "*"): + if utils.match_response(http_res, ["401", "4XX"], "*"): http_res_text = utils.stream_to_text(http_res) raise errors.APIError("API error occurred", http_res, http_res_text) if utils.match_response(http_res, "5XX", "*"): @@ -347,28 +385,26 @@ def next_func() -> Optional[models.GetOutputStatusSystemOutputsByPackResponse]: raise errors.APIError("Unexpected response received", http_res) - async def list_async( + async def get_async( self, *, + id: str, pack: str, metrics: Optional[bool] = None, type_: Optional[bool] = None, - offset: Optional[int] = None, - limit: Optional[int] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> Optional[models.GetOutputStatusSystemOutputsByPackResponse]: - r"""List the status of all Destinations within a Pack + ) -> models.CountedOutputStatus: + r"""Get the status of a Destination within a Pack - List status information and optional metrics for all configured Destinations in the Worker Group or Edge Fleet within the specified Pack. + Get the status and optional metrics for the specified Destination within the specified Pack. + :param id: The id of the Destination to get the status for. :param pack: The id of the Pack. :param metrics: Set to true to include metrics for each Destination. Otherwise, false (default). :param type: Set to true to prefix the Destination id with the Destination type. Otherwise, false (default). - :param offset: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. - :param limit: Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -384,17 +420,16 @@ async def list_async( else: base_url = self._get_url(base_url, url_variables) - request = models.GetOutputStatusSystemOutputsByPackRequest( + request = models.GetOutputStatusSystemOutputsByPackAndIDRequest( + id=id, metrics=metrics, type=type_, - offset=offset, - limit=limit, pack=pack, ) req = self._build_request_async( method="GET", - path="/p/{pack}/system/status/outputs", + path="/p/{pack}/system/status/outputs/{id}", base_url=base_url, url_variables=url_variables, request=request, @@ -425,7 +460,7 @@ async def list_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getOutputStatusSystemOutputsByPack", + operation_id="getOutputStatusSystemOutputsByPackAndId", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -436,48 +471,13 @@ async def list_async( retry_config=retry_config, ) - def next_func() -> ( - Awaitable[Optional[models.GetOutputStatusSystemOutputsByPackResponse]] - ): - body = utils.unmarshal_json(http_res.text, Union[Dict[Any, Any], List[Any]]) - - async def empty_result(): - return None - - offset = request.offset if isinstance(request.offset, int) else 0 - - if not http_res.text: - return empty_result() - results = JSONPath("$.items").parse(body) - if len(results) == 0 or len(results[0]) == 0: - return empty_result() - limit_ = request.limit if isinstance(request.limit, int) else 0 - if len(results[0]) < limit_: - return empty_result() - next_offset = offset + len(results[0]) - - return self.list_async( - pack=pack, - metrics=metrics, - type_=type_, - offset=next_offset, - limit=limit, - retries=retries, - server_url=server_url, - timeout_ms=timeout_ms, - http_headers=http_headers, - ) - response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return models.GetOutputStatusSystemOutputsByPackResponse( - result=unmarshal_json_response(models.CountedOutputStatus, http_res), - next=next_func, - ) + return unmarshal_json_response(models.CountedOutputStatus, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) - if utils.match_response(http_res, ["400", "401", "4XX"], "*"): + if utils.match_response(http_res, ["401", "4XX"], "*"): http_res_text = await utils.stream_to_text_async(http_res) raise errors.APIError("API error occurred", http_res, http_res_text) if utils.match_response(http_res, "5XX", "*"): diff --git a/src/cribl_control_plane/packs_hectokens.py b/src/cribl_control_plane/packs_hectokens.py index cf1260214..4ac4ddf76 100644 --- a/src/cribl_control_plane/packs_hectokens.py +++ b/src/cribl_control_plane/packs_hectokens.py @@ -6,7 +6,7 @@ from cribl_control_plane.types import OptionalNullable, UNSET from cribl_control_plane.utils import get_security_from_env from cribl_control_plane.utils.unmarshal_json_response import unmarshal_json_response -from typing import Any, List, Mapping, Optional, Union +from typing import Any, Iterable, List, Mapping, Optional, Union class PacksHecTokens(BaseSDK): @@ -16,13 +16,13 @@ def create( id: str, pack: str, token: str, - allowed_indexes_at_token: Optional[List[str]] = None, + allowed_indexes_at_token: Optional[Iterable[str]] = None, description: Optional[str] = None, enabled: Optional[bool] = None, metadata: Optional[ Union[ - List[models.EventBreakerRuleFields], - List[models.EventBreakerRuleFieldsTypedDict], + Iterable[models.EventBreakerRuleFields], + Iterable[models.EventBreakerRuleFieldsTypedDict], ] ] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, @@ -60,7 +60,9 @@ def create( id=id, pack=pack, add_hec_token_request=models.AddHecTokenRequest( - allowed_indexes_at_token=allowed_indexes_at_token, + allowed_indexes_at_token=utils.unmarshal( + allowed_indexes_at_token, Optional[List[str]] + ), description=description, enabled=enabled, metadata=utils.get_pydantic_model( @@ -142,13 +144,13 @@ async def create_async( id: str, pack: str, token: str, - allowed_indexes_at_token: Optional[List[str]] = None, + allowed_indexes_at_token: Optional[Iterable[str]] = None, description: Optional[str] = None, enabled: Optional[bool] = None, metadata: Optional[ Union[ - List[models.EventBreakerRuleFields], - List[models.EventBreakerRuleFieldsTypedDict], + Iterable[models.EventBreakerRuleFields], + Iterable[models.EventBreakerRuleFieldsTypedDict], ] ] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, @@ -186,7 +188,9 @@ async def create_async( id=id, pack=pack, add_hec_token_request=models.AddHecTokenRequest( - allowed_indexes_at_token=allowed_indexes_at_token, + allowed_indexes_at_token=utils.unmarshal( + allowed_indexes_at_token, Optional[List[str]] + ), description=description, enabled=enabled, metadata=utils.get_pydantic_model( @@ -268,13 +272,13 @@ def update( id: str, token: str, pack: str, - allowed_indexes_at_token: Optional[List[str]] = None, + allowed_indexes_at_token: Optional[Iterable[str]] = None, description: Optional[str] = None, enabled: Optional[bool] = None, metadata: Optional[ Union[ - List[models.EventBreakerRuleFields], - List[models.EventBreakerRuleFieldsTypedDict], + Iterable[models.EventBreakerRuleFields], + Iterable[models.EventBreakerRuleFieldsTypedDict], ] ] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, @@ -313,7 +317,9 @@ def update( token=token, pack=pack, update_hec_token_request=models.UpdateHecTokenRequest( - allowed_indexes_at_token=allowed_indexes_at_token, + allowed_indexes_at_token=utils.unmarshal( + allowed_indexes_at_token, Optional[List[str]] + ), description=description, enabled=enabled, metadata=utils.get_pydantic_model( @@ -394,13 +400,13 @@ async def update_async( id: str, token: str, pack: str, - allowed_indexes_at_token: Optional[List[str]] = None, + allowed_indexes_at_token: Optional[Iterable[str]] = None, description: Optional[str] = None, enabled: Optional[bool] = None, metadata: Optional[ Union[ - List[models.EventBreakerRuleFields], - List[models.EventBreakerRuleFieldsTypedDict], + Iterable[models.EventBreakerRuleFields], + Iterable[models.EventBreakerRuleFieldsTypedDict], ] ] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, @@ -439,7 +445,9 @@ async def update_async( token=token, pack=pack, update_hec_token_request=models.UpdateHecTokenRequest( - allowed_indexes_at_token=allowed_indexes_at_token, + allowed_indexes_at_token=utils.unmarshal( + allowed_indexes_at_token, Optional[List[str]] + ), description=description, enabled=enabled, metadata=utils.get_pydantic_model( diff --git a/src/cribl_control_plane/packs_pipelines.py b/src/cribl_control_plane/packs_pipelines.py index 54edf96aa..a6b1ba721 100644 --- a/src/cribl_control_plane/packs_pipelines.py +++ b/src/cribl_control_plane/packs_pipelines.py @@ -10,24 +10,20 @@ class PacksPipelines(BaseSDK): - def create( + def list( self, *, pack: str, - id: str, - conf: Union[models.ConfInput, models.ConfInputTypedDict], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedPipeline: - r"""Create a Pipeline within a Pack + r"""List all Pipelines within a Pack - Create a new Pipeline within the specified Pack. + Get a list of all Pipelines within the specified Pack. :param pack: The id of the Pack. - :param id: - :param conf: :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -43,30 +39,23 @@ def create( else: base_url = self._get_url(base_url, url_variables) - request = models.CreatePipelinesByPackRequest( + request = models.GetPipelinesByPackRequest( pack=pack, - pipeline=models.PipelineInput( - id=id, - conf=utils.get_pydantic_model(conf, models.ConfInput), - ), ) req = self._build_request( - method="POST", + method="GET", path="/p/{pack}/pipelines", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=True, + request_body_required=False, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, - get_serialized_body=lambda: utils.serialize_request_body( - request.pipeline, False, False, "json", models.PipelineInput - ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -87,7 +76,7 @@ def create( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="createPipelinesByPack", + operation_id="getPipelinesByPack", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -113,24 +102,20 @@ def create( raise errors.APIError("Unexpected response received", http_res) - async def create_async( + async def list_async( self, *, pack: str, - id: str, - conf: Union[models.ConfInput, models.ConfInputTypedDict], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedPipeline: - r"""Create a Pipeline within a Pack + r"""List all Pipelines within a Pack - Create a new Pipeline within the specified Pack. + Get a list of all Pipelines within the specified Pack. :param pack: The id of the Pack. - :param id: - :param conf: :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -146,30 +131,23 @@ async def create_async( else: base_url = self._get_url(base_url, url_variables) - request = models.CreatePipelinesByPackRequest( + request = models.GetPipelinesByPackRequest( pack=pack, - pipeline=models.PipelineInput( - id=id, - conf=utils.get_pydantic_model(conf, models.ConfInput), - ), ) req = self._build_request_async( - method="POST", + method="GET", path="/p/{pack}/pipelines", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=True, + request_body_required=False, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, - get_serialized_body=lambda: utils.serialize_request_body( - request.pipeline, False, False, "json", models.PipelineInput - ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -190,7 +168,7 @@ async def create_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="createPipelinesByPack", + operation_id="getPipelinesByPack", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -216,20 +194,24 @@ async def create_async( raise errors.APIError("Unexpected response received", http_res) - def list( + def create( self, *, pack: str, + id: str, + conf: Union[models.ConfInput, models.ConfInputTypedDict], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedPipeline: - r"""List all Pipelines within a Pack + r"""Create a Pipeline within a Pack - Get a list of all Pipelines within the specified Pack. + Create a new Pipeline within the specified Pack. :param pack: The id of the Pack. + :param id: + :param conf: :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -245,23 +227,30 @@ def list( else: base_url = self._get_url(base_url, url_variables) - request = models.GetPipelinesByPackRequest( + request = models.CreatePipelinesByPackRequest( pack=pack, + pipeline=models.PipelineInput( + id=id, + conf=utils.get_pydantic_model(conf, models.ConfInput), + ), ) req = self._build_request( - method="GET", + method="POST", path="/p/{pack}/pipelines", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=False, + request_body_required=True, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, + get_serialized_body=lambda: utils.serialize_request_body( + request.pipeline, False, False, "json", models.PipelineInput + ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -282,7 +271,7 @@ def list( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getPipelinesByPack", + operation_id="createPipelinesByPack", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -308,20 +297,24 @@ def list( raise errors.APIError("Unexpected response received", http_res) - async def list_async( + async def create_async( self, *, pack: str, + id: str, + conf: Union[models.ConfInput, models.ConfInputTypedDict], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedPipeline: - r"""List all Pipelines within a Pack + r"""Create a Pipeline within a Pack - Get a list of all Pipelines within the specified Pack. + Create a new Pipeline within the specified Pack. :param pack: The id of the Pack. + :param id: + :param conf: :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -337,23 +330,30 @@ async def list_async( else: base_url = self._get_url(base_url, url_variables) - request = models.GetPipelinesByPackRequest( + request = models.CreatePipelinesByPackRequest( pack=pack, + pipeline=models.PipelineInput( + id=id, + conf=utils.get_pydantic_model(conf, models.ConfInput), + ), ) req = self._build_request_async( - method="GET", + method="POST", path="/p/{pack}/pipelines", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=False, + request_body_required=True, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, + get_serialized_body=lambda: utils.serialize_request_body( + request.pipeline, False, False, "json", models.PipelineInput + ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -374,7 +374,7 @@ async def list_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getPipelinesByPack", + operation_id="createPipelinesByPack", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -400,7 +400,7 @@ async def list_async( raise errors.APIError("Unexpected response received", http_res) - def delete( + def get( self, *, id: str, @@ -410,11 +410,11 @@ def delete( timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedPipeline: - r"""Delete a Pipeline within a Pack + r"""Get a Pipeline within a Pack - Delete the specified Pipeline within the specified Pack. + Get the specified Pipeline within the specified Pack. - :param id: The id of the Pipeline to delete. + :param id: The id of the Pipeline to get. :param pack: The id of the Pack. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method @@ -431,13 +431,13 @@ def delete( else: base_url = self._get_url(base_url, url_variables) - request = models.DeletePipelinesByPackAndIDRequest( + request = models.GetPipelinesByPackAndIDRequest( id=id, pack=pack, ) req = self._build_request( - method="DELETE", + method="GET", path="/p/{pack}/pipelines/{id}", base_url=base_url, url_variables=url_variables, @@ -469,7 +469,7 @@ def delete( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="deletePipelinesByPackAndId", + operation_id="getPipelinesByPackAndId", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -495,7 +495,7 @@ def delete( raise errors.APIError("Unexpected response received", http_res) - async def delete_async( + async def get_async( self, *, id: str, @@ -505,11 +505,11 @@ async def delete_async( timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedPipeline: - r"""Delete a Pipeline within a Pack + r"""Get a Pipeline within a Pack - Delete the specified Pipeline within the specified Pack. + Get the specified Pipeline within the specified Pack. - :param id: The id of the Pipeline to delete. + :param id: The id of the Pipeline to get. :param pack: The id of the Pack. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method @@ -526,13 +526,13 @@ async def delete_async( else: base_url = self._get_url(base_url, url_variables) - request = models.DeletePipelinesByPackAndIDRequest( + request = models.GetPipelinesByPackAndIDRequest( id=id, pack=pack, ) req = self._build_request_async( - method="DELETE", + method="GET", path="/p/{pack}/pipelines/{id}", base_url=base_url, url_variables=url_variables, @@ -564,7 +564,7 @@ async def delete_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="deletePipelinesByPackAndId", + operation_id="getPipelinesByPackAndId", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -590,22 +590,26 @@ async def delete_async( raise errors.APIError("Unexpected response received", http_res) - def get( + def update( self, *, - id: str, + id_param: str, pack: str, + id: str, + conf: Union[models.ConfInput, models.ConfInputTypedDict], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedPipeline: - r"""Get a Pipeline within a Pack + r"""Update a Pipeline within a Pack - Get the specified Pipeline within the specified Pack. + Update the specified Pipeline within the specified Pack.

Provide a complete representation of the Pipeline that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Pipeline.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Pipeline might not function as expected. - :param id: The id of the Pipeline to get. + :param id_param: The id of the Pipeline to update. :param pack: The id of the Pack. + :param id: + :param conf: :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -621,24 +625,31 @@ def get( else: base_url = self._get_url(base_url, url_variables) - request = models.GetPipelinesByPackAndIDRequest( - id=id, + request = models.UpdatePipelinesByPackAndIDRequest( + id_param=id_param, pack=pack, + pipeline=models.PipelineInput( + id=id, + conf=utils.get_pydantic_model(conf, models.ConfInput), + ), ) req = self._build_request( - method="GET", + method="PATCH", path="/p/{pack}/pipelines/{id}", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=False, + request_body_required=True, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, + get_serialized_body=lambda: utils.serialize_request_body( + request.pipeline, False, False, "json", models.PipelineInput + ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -659,7 +670,7 @@ def get( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getPipelinesByPackAndId", + operation_id="updatePipelinesByPackAndId", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -685,22 +696,26 @@ def get( raise errors.APIError("Unexpected response received", http_res) - async def get_async( + async def update_async( self, *, - id: str, + id_param: str, pack: str, + id: str, + conf: Union[models.ConfInput, models.ConfInputTypedDict], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedPipeline: - r"""Get a Pipeline within a Pack + r"""Update a Pipeline within a Pack - Get the specified Pipeline within the specified Pack. + Update the specified Pipeline within the specified Pack.

Provide a complete representation of the Pipeline that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Pipeline.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Pipeline might not function as expected. - :param id: The id of the Pipeline to get. + :param id_param: The id of the Pipeline to update. :param pack: The id of the Pack. + :param id: + :param conf: :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -716,24 +731,31 @@ async def get_async( else: base_url = self._get_url(base_url, url_variables) - request = models.GetPipelinesByPackAndIDRequest( - id=id, + request = models.UpdatePipelinesByPackAndIDRequest( + id_param=id_param, pack=pack, + pipeline=models.PipelineInput( + id=id, + conf=utils.get_pydantic_model(conf, models.ConfInput), + ), ) req = self._build_request_async( - method="GET", + method="PATCH", path="/p/{pack}/pipelines/{id}", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=False, + request_body_required=True, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, + get_serialized_body=lambda: utils.serialize_request_body( + request.pipeline, False, False, "json", models.PipelineInput + ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -754,7 +776,7 @@ async def get_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getPipelinesByPackAndId", + operation_id="updatePipelinesByPackAndId", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -780,26 +802,22 @@ async def get_async( raise errors.APIError("Unexpected response received", http_res) - def update( + def delete( self, *, - id_param: str, - pack: str, id: str, - conf: Union[models.ConfInput, models.ConfInputTypedDict], + pack: str, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedPipeline: - r"""Update a Pipeline within a Pack + r"""Delete a Pipeline within a Pack - Update the specified Pipeline within the specified Pack.

Provide a complete representation of the Pipeline that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Pipeline.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Pipeline might not function as expected. + Delete the specified Pipeline within the specified Pack. - :param id_param: The id of the Pipeline to update. + :param id: The id of the Pipeline to delete. :param pack: The id of the Pack. - :param id: - :param conf: :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -815,31 +833,24 @@ def update( else: base_url = self._get_url(base_url, url_variables) - request = models.UpdatePipelinesByPackAndIDRequest( - id_param=id_param, + request = models.DeletePipelinesByPackAndIDRequest( + id=id, pack=pack, - pipeline=models.PipelineInput( - id=id, - conf=utils.get_pydantic_model(conf, models.ConfInput), - ), ) req = self._build_request( - method="PATCH", + method="DELETE", path="/p/{pack}/pipelines/{id}", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=True, + request_body_required=False, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, - get_serialized_body=lambda: utils.serialize_request_body( - request.pipeline, False, False, "json", models.PipelineInput - ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -860,7 +871,7 @@ def update( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="updatePipelinesByPackAndId", + operation_id="deletePipelinesByPackAndId", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -886,26 +897,22 @@ def update( raise errors.APIError("Unexpected response received", http_res) - async def update_async( + async def delete_async( self, *, - id_param: str, - pack: str, id: str, - conf: Union[models.ConfInput, models.ConfInputTypedDict], + pack: str, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedPipeline: - r"""Update a Pipeline within a Pack + r"""Delete a Pipeline within a Pack - Update the specified Pipeline within the specified Pack.

Provide a complete representation of the Pipeline that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Pipeline.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Pipeline might not function as expected. + Delete the specified Pipeline within the specified Pack. - :param id_param: The id of the Pipeline to update. + :param id: The id of the Pipeline to delete. :param pack: The id of the Pack. - :param id: - :param conf: :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -921,31 +928,24 @@ async def update_async( else: base_url = self._get_url(base_url, url_variables) - request = models.UpdatePipelinesByPackAndIDRequest( - id_param=id_param, + request = models.DeletePipelinesByPackAndIDRequest( + id=id, pack=pack, - pipeline=models.PipelineInput( - id=id, - conf=utils.get_pydantic_model(conf, models.ConfInput), - ), ) req = self._build_request_async( - method="PATCH", + method="DELETE", path="/p/{pack}/pipelines/{id}", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=True, + request_body_required=False, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, - get_serialized_body=lambda: utils.serialize_request_body( - request.pipeline, False, False, "json", models.PipelineInput - ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -966,7 +966,7 @@ async def update_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="updatePipelinesByPackAndId", + operation_id="deletePipelinesByPackAndId", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security diff --git a/src/cribl_control_plane/packs_routes.py b/src/cribl_control_plane/packs_routes.py index 47fc48268..0aac6bb88 100644 --- a/src/cribl_control_plane/packs_routes.py +++ b/src/cribl_control_plane/packs_routes.py @@ -6,25 +6,23 @@ from cribl_control_plane.types import OptionalNullable, UNSET from cribl_control_plane.utils import get_security_from_env from cribl_control_plane.utils.unmarshal_json_response import unmarshal_json_response -from typing import Any, Dict, List, Mapping, Optional, Union +from typing import Any, Dict, Iterable, List, Mapping, Optional, Union class PacksRoutes(BaseSDK): - def get( + def list( self, *, - id: str, pack: str, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedRoutes: - r"""Get a Routing table within a Pack + r"""List all Routes within a Pack - Get the specified Routing table within the specified Pack. + Get a list of all Routes within the specified Pack. - :param id: The id of the Routing table to get. The supported value is default. :param pack: The id of the Pack. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method @@ -41,14 +39,13 @@ def get( else: base_url = self._get_url(base_url, url_variables) - request = models.GetRoutesByPackAndIDRequest( - id=id, + request = models.GetRoutesByPackRequest( pack=pack, ) req = self._build_request( method="GET", - path="/p/{pack}/routes/{id}", + path="/p/{pack}/routes", base_url=base_url, url_variables=url_variables, request=request, @@ -79,7 +76,7 @@ def get( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getRoutesByPackAndId", + operation_id="getRoutesByPack", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -105,21 +102,19 @@ def get( raise errors.APIError("Unexpected response received", http_res) - async def get_async( + async def list_async( self, *, - id: str, pack: str, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedRoutes: - r"""Get a Routing table within a Pack + r"""List all Routes within a Pack - Get the specified Routing table within the specified Pack. + Get a list of all Routes within the specified Pack. - :param id: The id of the Routing table to get. The supported value is default. :param pack: The id of the Pack. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method @@ -136,14 +131,13 @@ async def get_async( else: base_url = self._get_url(base_url, url_variables) - request = models.GetRoutesByPackAndIDRequest( - id=id, + request = models.GetRoutesByPackRequest( pack=pack, ) req = self._build_request_async( method="GET", - path="/p/{pack}/routes/{id}", + path="/p/{pack}/routes", base_url=base_url, url_variables=url_variables, request=request, @@ -174,7 +168,7 @@ async def get_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getRoutesByPackAndId", + operation_id="getRoutesByPack", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -200,39 +194,22 @@ async def get_async( raise errors.APIError("Unexpected response received", http_res) - def update( + def get( self, *, - id_param: str, - pack: str, id: str, - routes: Union[ - List[models.RouteConfInput], List[models.RouteConfInputTypedDict] - ], - comments: Optional[ - Union[List[models.RouteComment], List[models.RouteCommentTypedDict]] - ] = None, - groups: Optional[ - Union[ - Dict[str, models.AdditionalPropertiesTypeRoutesGroups], - Dict[str, models.AdditionalPropertiesTypeRoutesGroupsTypedDict], - ] - ] = None, + pack: str, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedRoutes: - r"""Update a Route within a Pack + r"""Get a Routing table within a Pack - Update the specified Route within the specified Pack.

Provide a complete representation of the Routing table, including the Route that you want to update, in the request body. This endpoint does not support partial updates. Cribl removes any omitted Routes and fields when updating.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the Routing table might not function as expected. + Get the specified Routing table within the specified Pack. - :param id_param: The id of the Routing table that contains the Route to update. The supported value is default. + :param id: The id of the Routing table to get. The supported value is default. :param pack: The id of the Pack. - :param id: Unique identifier for the Routing table. The supported value is default. - :param routes: Array of Route configurations that define how events are processed and routed. - :param comments: Array of user-provided comments that describe or annotate Routes. - :param groups: Information about the Route Groups that the Route is associated with. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -248,38 +225,24 @@ def update( else: base_url = self._get_url(base_url, url_variables) - request = models.UpdateRoutesByPackAndIDRequest( - id_param=id_param, + request = models.GetRoutesByPackAndIDRequest( + id=id, pack=pack, - routes_input=models.RoutesInput( - comments=utils.get_pydantic_model( - comments, Optional[List[models.RouteComment]] - ), - groups=utils.get_pydantic_model( - groups, - Optional[Dict[str, models.AdditionalPropertiesTypeRoutesGroups]], - ), - id=id, - routes=utils.get_pydantic_model(routes, List[models.RouteConfInput]), - ), ) req = self._build_request( - method="PATCH", + method="GET", path="/p/{pack}/routes/{id}", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=True, + request_body_required=False, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, - get_serialized_body=lambda: utils.serialize_request_body( - request.routes_input, False, False, "json", models.RoutesInput - ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -300,7 +263,7 @@ def update( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="updateRoutesByPackAndId", + operation_id="getRoutesByPackAndId", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -326,39 +289,22 @@ def update( raise errors.APIError("Unexpected response received", http_res) - async def update_async( + async def get_async( self, *, - id_param: str, - pack: str, id: str, - routes: Union[ - List[models.RouteConfInput], List[models.RouteConfInputTypedDict] - ], - comments: Optional[ - Union[List[models.RouteComment], List[models.RouteCommentTypedDict]] - ] = None, - groups: Optional[ - Union[ - Dict[str, models.AdditionalPropertiesTypeRoutesGroups], - Dict[str, models.AdditionalPropertiesTypeRoutesGroupsTypedDict], - ] - ] = None, + pack: str, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedRoutes: - r"""Update a Route within a Pack + r"""Get a Routing table within a Pack - Update the specified Route within the specified Pack.

Provide a complete representation of the Routing table, including the Route that you want to update, in the request body. This endpoint does not support partial updates. Cribl removes any omitted Routes and fields when updating.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the Routing table might not function as expected. + Get the specified Routing table within the specified Pack. - :param id_param: The id of the Routing table that contains the Route to update. The supported value is default. + :param id: The id of the Routing table to get. The supported value is default. :param pack: The id of the Pack. - :param id: Unique identifier for the Routing table. The supported value is default. - :param routes: Array of Route configurations that define how events are processed and routed. - :param comments: Array of user-provided comments that describe or annotate Routes. - :param groups: Information about the Route Groups that the Route is associated with. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -374,38 +320,24 @@ async def update_async( else: base_url = self._get_url(base_url, url_variables) - request = models.UpdateRoutesByPackAndIDRequest( - id_param=id_param, + request = models.GetRoutesByPackAndIDRequest( + id=id, pack=pack, - routes_input=models.RoutesInput( - comments=utils.get_pydantic_model( - comments, Optional[List[models.RouteComment]] - ), - groups=utils.get_pydantic_model( - groups, - Optional[Dict[str, models.AdditionalPropertiesTypeRoutesGroups]], - ), - id=id, - routes=utils.get_pydantic_model(routes, List[models.RouteConfInput]), - ), ) req = self._build_request_async( - method="PATCH", + method="GET", path="/p/{pack}/routes/{id}", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=True, + request_body_required=False, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, - get_serialized_body=lambda: utils.serialize_request_body( - request.routes_input, False, False, "json", models.RoutesInput - ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -426,7 +358,7 @@ async def update_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="updateRoutesByPackAndId", + operation_id="getRoutesByPackAndId", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -452,20 +384,39 @@ async def update_async( raise errors.APIError("Unexpected response received", http_res) - def list( + def update( self, *, + id_param: str, pack: str, + id: str, + routes: Union[ + Iterable[models.RouteConfInput], Iterable[models.RouteConfInputTypedDict] + ], + comments: Optional[ + Union[Iterable[models.RouteComment], Iterable[models.RouteCommentTypedDict]] + ] = None, + groups: Optional[ + Union[ + Mapping[str, models.AdditionalPropertiesTypeRoutesGroups], + Mapping[str, models.AdditionalPropertiesTypeRoutesGroupsTypedDict], + ] + ] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedRoutes: - r"""List all Routes within a Pack + r"""Update a Route within a Pack - Get a list of all Routes within the specified Pack. + Update the specified Route within the specified Pack.

Provide a complete representation of the Routing table, including the Route that you want to update, in the request body.

This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Routing table.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Routing table might not function as expected.

Cribl also removes any omitted Routes when updating the Routing table. + :param id_param: The id of the Routing table that contains the Route to update. The supported value is default. :param pack: The id of the Pack. + :param id: Unique identifier for the Routing table. The supported value is default. + :param routes: Array of Route configurations that define how events are processed and routed. + :param comments: Array of user-provided comments that describe or annotate Routes. + :param groups: Information about the Route Groups that the Route is associated with. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -481,23 +432,38 @@ def list( else: base_url = self._get_url(base_url, url_variables) - request = models.GetRoutesByPackRequest( + request = models.UpdateRoutesByPackAndIDRequest( + id_param=id_param, pack=pack, + routes_input=models.RoutesInput( + comments=utils.get_pydantic_model( + comments, Optional[List[models.RouteComment]] + ), + groups=utils.get_pydantic_model( + groups, + Optional[Dict[str, models.AdditionalPropertiesTypeRoutesGroups]], + ), + id=id, + routes=utils.get_pydantic_model(routes, List[models.RouteConfInput]), + ), ) req = self._build_request( - method="GET", - path="/p/{pack}/routes", + method="PATCH", + path="/p/{pack}/routes/{id}", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=False, + request_body_required=True, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, + get_serialized_body=lambda: utils.serialize_request_body( + request.routes_input, False, False, "json", models.RoutesInput + ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -518,7 +484,7 @@ def list( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getRoutesByPack", + operation_id="updateRoutesByPackAndId", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -544,20 +510,39 @@ def list( raise errors.APIError("Unexpected response received", http_res) - async def list_async( + async def update_async( self, *, + id_param: str, pack: str, + id: str, + routes: Union[ + Iterable[models.RouteConfInput], Iterable[models.RouteConfInputTypedDict] + ], + comments: Optional[ + Union[Iterable[models.RouteComment], Iterable[models.RouteCommentTypedDict]] + ] = None, + groups: Optional[ + Union[ + Mapping[str, models.AdditionalPropertiesTypeRoutesGroups], + Mapping[str, models.AdditionalPropertiesTypeRoutesGroupsTypedDict], + ] + ] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedRoutes: - r"""List all Routes within a Pack + r"""Update a Route within a Pack - Get a list of all Routes within the specified Pack. + Update the specified Route within the specified Pack.

Provide a complete representation of the Routing table, including the Route that you want to update, in the request body.

This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Routing table.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Routing table might not function as expected.

Cribl also removes any omitted Routes when updating the Routing table. + :param id_param: The id of the Routing table that contains the Route to update. The supported value is default. :param pack: The id of the Pack. + :param id: Unique identifier for the Routing table. The supported value is default. + :param routes: Array of Route configurations that define how events are processed and routed. + :param comments: Array of user-provided comments that describe or annotate Routes. + :param groups: Information about the Route Groups that the Route is associated with. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -573,23 +558,38 @@ async def list_async( else: base_url = self._get_url(base_url, url_variables) - request = models.GetRoutesByPackRequest( + request = models.UpdateRoutesByPackAndIDRequest( + id_param=id_param, pack=pack, + routes_input=models.RoutesInput( + comments=utils.get_pydantic_model( + comments, Optional[List[models.RouteComment]] + ), + groups=utils.get_pydantic_model( + groups, + Optional[Dict[str, models.AdditionalPropertiesTypeRoutesGroups]], + ), + id=id, + routes=utils.get_pydantic_model(routes, List[models.RouteConfInput]), + ), ) req = self._build_request_async( - method="GET", - path="/p/{pack}/routes", + method="PATCH", + path="/p/{pack}/routes/{id}", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=False, + request_body_required=True, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, + get_serialized_body=lambda: utils.serialize_request_body( + request.routes_input, False, False, "json", models.RoutesInput + ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -610,7 +610,7 @@ async def list_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getRoutesByPack", + operation_id="updateRoutesByPackAndId", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -642,7 +642,7 @@ def append( id: str, pack: str, request_body: Union[ - List[models.RouteConfInput], List[models.RouteConfInputTypedDict] + Iterable[models.RouteConfInput], Iterable[models.RouteConfInputTypedDict] ], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, @@ -747,7 +747,7 @@ async def append_async( id: str, pack: str, request_body: Union[ - List[models.RouteConfInput], List[models.RouteConfInputTypedDict] + Iterable[models.RouteConfInput], Iterable[models.RouteConfInputTypedDict] ], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, diff --git a/src/cribl_control_plane/packs_samples.py b/src/cribl_control_plane/packs_samples.py index 7240d1580..5cdb46d06 100644 --- a/src/cribl_control_plane/packs_samples.py +++ b/src/cribl_control_plane/packs_samples.py @@ -6,7 +6,7 @@ from cribl_control_plane.types import OptionalNullable, UNSET from cribl_control_plane.utils import get_security_from_env from cribl_control_plane.utils.unmarshal_json_response import unmarshal_json_response -from typing import Any, Dict, List, Mapping, Optional +from typing import Any, Dict, Iterable, List, Mapping, Optional class PacksSamples(BaseSDK): @@ -209,7 +209,7 @@ def create( *, id: str, pack: str, - events: List[Dict[str, Any]], + events: Iterable[Mapping[str, Any]], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, @@ -241,7 +241,7 @@ def create( id=id, pack=pack, output_test_request=models.OutputTestRequest( - events=events, + events=utils.unmarshal(events, List[Dict[str, Any]]), ), ) @@ -316,7 +316,7 @@ async def create_async( *, id: str, pack: str, - events: List[Dict[str, Any]], + events: Iterable[Mapping[str, Any]], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, @@ -348,7 +348,7 @@ async def create_async( id=id, pack=pack, output_test_request=models.OutputTestRequest( - events=events, + events=utils.unmarshal(events, List[Dict[str, Any]]), ), ) diff --git a/src/cribl_control_plane/packs_sources.py b/src/cribl_control_plane/packs_sources.py index cf65ea8ed..b6cbf9598 100644 --- a/src/cribl_control_plane/packs_sources.py +++ b/src/cribl_control_plane/packs_sources.py @@ -10,7 +10,7 @@ from cribl_control_plane.types import OptionalNullable, UNSET from cribl_control_plane.utils import get_security_from_env from cribl_control_plane.utils.unmarshal_json_response import unmarshal_json_response -from typing import Any, List, Mapping, Optional, Union +from typing import Any, Iterable, List, Mapping, Optional, Union class PacksSources(BaseSDK): @@ -38,7 +38,7 @@ def list( self, *, pack: str, - type_: Optional[List[str]] = None, + type_: Optional[Iterable[str]] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, @@ -66,7 +66,7 @@ def list( base_url = self._get_url(base_url, url_variables) request = models.GetInputSystemByPackRequest( - type=type_, + type=utils.unmarshal(type_, Optional[List[str]]), pack=pack, ) @@ -133,7 +133,7 @@ async def list_async( self, *, pack: str, - type_: Optional[List[str]] = None, + type_: Optional[Iterable[str]] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, @@ -161,7 +161,7 @@ async def list_async( base_url = self._get_url(base_url, url_variables) request = models.GetInputSystemByPackRequest( - type=type_, + type=utils.unmarshal(type_, Optional[List[str]]), pack=pack, ) @@ -641,7 +641,7 @@ def update( ) -> models.CountedInputResponse: r"""Update a Source within a Pack - Update the specified Source.

Provide a complete representation of the Source that you want to update in the request body. This endpoint does not support partial updates. Cribl removes omitted fields when updating the Source, except for criblSourceProvenance (its value is preserved when omitted and cannot be overwritten).

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Source might not function as expected within the specified Pack. + Update the specified Source.

Provide a complete representation of the Source that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Source.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Source might not function as expected.

Cribl preserves criblSourceProvenance when you omit it from the request body, and you cannot overwrite it through this endpoint within the specified Pack. :param id: The id of the Source to update. :param pack: The id of the Pack. @@ -742,7 +742,7 @@ async def update_async( ) -> models.CountedInputResponse: r"""Update a Source within a Pack - Update the specified Source.

Provide a complete representation of the Source that you want to update in the request body. This endpoint does not support partial updates. Cribl removes omitted fields when updating the Source, except for criblSourceProvenance (its value is preserved when omitted and cannot be overwritten).

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Source might not function as expected within the specified Pack. + Update the specified Source.

Provide a complete representation of the Source that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Source.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Source might not function as expected.

Cribl preserves criblSourceProvenance when you omit it from the request body, and you cannot overwrite it through this endpoint within the specified Pack. :param id: The id of the Source to update. :param pack: The id of the Pack. diff --git a/src/cribl_control_plane/packs_sources_statuses.py b/src/cribl_control_plane/packs_sources_statuses.py index 62281faa0..c254147be 100644 --- a/src/cribl_control_plane/packs_sources_statuses.py +++ b/src/cribl_control_plane/packs_sources_statuses.py @@ -11,26 +11,28 @@ class PacksSourcesStatuses(BaseSDK): - def get( + def list( self, *, - id: str, pack: str, metrics: Optional[bool] = None, type_: Optional[bool] = None, + offset: Optional[int] = None, + limit: Optional[int] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedInputStatus: - r"""Get the status of a Source within a Pack + ) -> Optional[models.GetInputStatusSystemInputsByPackResponse]: + r"""List the status of all Sources within a Pack - Get the status and optional metrics for the specified Source within the specified Pack. + List status information and optional metrics for all configured Sources in the Worker Group or Edge Fleet within the specified Pack. - :param id: The id of the Source to get the status for. :param pack: The id of the Pack. :param metrics: Set to true to include metrics for each Source. Otherwise, false (default). :param type: Set to true to prefix the Source id with the Source type. Otherwise, false (default). + :param offset: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. + :param limit: Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -46,16 +48,17 @@ def get( else: base_url = self._get_url(base_url, url_variables) - request = models.GetInputStatusSystemInputsByPackAndIDRequest( - id=id, + request = models.GetInputStatusSystemInputsByPackRequest( metrics=metrics, type=type_, + offset=offset, + limit=limit, pack=pack, ) req = self._build_request( method="GET", - path="/p/{pack}/system/status/inputs/{id}", + path="/p/{pack}/system/status/inputs", base_url=base_url, url_variables=url_variables, request=request, @@ -86,7 +89,7 @@ def get( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getInputStatusSystemInputsByPackAndId", + operation_id="getInputStatusSystemInputsByPack", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -97,13 +100,43 @@ def get( retry_config=retry_config, ) + def next_func() -> Optional[models.GetInputStatusSystemInputsByPackResponse]: + body = utils.unmarshal_json(http_res.text, Union[Dict[Any, Any], List[Any]]) + + offset = request.offset if isinstance(request.offset, int) else 0 + + if not http_res.text: + return None + results = JSONPath("$.items").parse(body) + if len(results) == 0 or len(results[0]) == 0: + return None + limit_ = request.limit if isinstance(request.limit, int) else 0 + if len(results[0]) < limit_: + return None + next_offset = offset + len(results[0]) + + return self.list( + pack=pack, + metrics=metrics, + type_=type_, + offset=next_offset, + limit=limit, + retries=retries, + server_url=server_url, + timeout_ms=timeout_ms, + http_headers=http_headers, + ) + response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedInputStatus, http_res) + return models.GetInputStatusSystemInputsByPackResponse( + result=unmarshal_json_response(models.CountedInputStatus, http_res), + next=next_func, + ) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) - if utils.match_response(http_res, ["401", "4XX"], "*"): + if utils.match_response(http_res, ["400", "401", "4XX"], "*"): http_res_text = utils.stream_to_text(http_res) raise errors.APIError("API error occurred", http_res, http_res_text) if utils.match_response(http_res, "5XX", "*"): @@ -112,26 +145,28 @@ def get( raise errors.APIError("Unexpected response received", http_res) - async def get_async( + async def list_async( self, *, - id: str, pack: str, metrics: Optional[bool] = None, type_: Optional[bool] = None, + offset: Optional[int] = None, + limit: Optional[int] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedInputStatus: - r"""Get the status of a Source within a Pack + ) -> Optional[models.GetInputStatusSystemInputsByPackResponse]: + r"""List the status of all Sources within a Pack - Get the status and optional metrics for the specified Source within the specified Pack. + List status information and optional metrics for all configured Sources in the Worker Group or Edge Fleet within the specified Pack. - :param id: The id of the Source to get the status for. :param pack: The id of the Pack. :param metrics: Set to true to include metrics for each Source. Otherwise, false (default). :param type: Set to true to prefix the Source id with the Source type. Otherwise, false (default). + :param offset: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. + :param limit: Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -147,16 +182,17 @@ async def get_async( else: base_url = self._get_url(base_url, url_variables) - request = models.GetInputStatusSystemInputsByPackAndIDRequest( - id=id, + request = models.GetInputStatusSystemInputsByPackRequest( metrics=metrics, type=type_, + offset=offset, + limit=limit, pack=pack, ) req = self._build_request_async( method="GET", - path="/p/{pack}/system/status/inputs/{id}", + path="/p/{pack}/system/status/inputs", base_url=base_url, url_variables=url_variables, request=request, @@ -187,7 +223,7 @@ async def get_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getInputStatusSystemInputsByPackAndId", + operation_id="getInputStatusSystemInputsByPack", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -198,13 +234,48 @@ async def get_async( retry_config=retry_config, ) + def next_func() -> ( + Awaitable[Optional[models.GetInputStatusSystemInputsByPackResponse]] + ): + body = utils.unmarshal_json(http_res.text, Union[Dict[Any, Any], List[Any]]) + + async def empty_result(): + return None + + offset = request.offset if isinstance(request.offset, int) else 0 + + if not http_res.text: + return empty_result() + results = JSONPath("$.items").parse(body) + if len(results) == 0 or len(results[0]) == 0: + return empty_result() + limit_ = request.limit if isinstance(request.limit, int) else 0 + if len(results[0]) < limit_: + return empty_result() + next_offset = offset + len(results[0]) + + return self.list_async( + pack=pack, + metrics=metrics, + type_=type_, + offset=next_offset, + limit=limit, + retries=retries, + server_url=server_url, + timeout_ms=timeout_ms, + http_headers=http_headers, + ) + response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedInputStatus, http_res) + return models.GetInputStatusSystemInputsByPackResponse( + result=unmarshal_json_response(models.CountedInputStatus, http_res), + next=next_func, + ) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) - if utils.match_response(http_res, ["401", "4XX"], "*"): + if utils.match_response(http_res, ["400", "401", "4XX"], "*"): http_res_text = await utils.stream_to_text_async(http_res) raise errors.APIError("API error occurred", http_res, http_res_text) if utils.match_response(http_res, "5XX", "*"): @@ -213,28 +284,26 @@ async def get_async( raise errors.APIError("Unexpected response received", http_res) - def list( + def get( self, *, + id: str, pack: str, metrics: Optional[bool] = None, type_: Optional[bool] = None, - offset: Optional[int] = None, - limit: Optional[int] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> Optional[models.GetInputStatusSystemInputsByPackResponse]: - r"""List the status of all Sources within a Pack + ) -> models.CountedInputStatus: + r"""Get the status of a Source within a Pack - List status information and optional metrics for all configured Sources in the Worker Group or Edge Fleet within the specified Pack. + Get the status and optional metrics for the specified Source within the specified Pack. + :param id: The id of the Source to get the status for. :param pack: The id of the Pack. :param metrics: Set to true to include metrics for each Source. Otherwise, false (default). :param type: Set to true to prefix the Source id with the Source type. Otherwise, false (default). - :param offset: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. - :param limit: Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -250,17 +319,16 @@ def list( else: base_url = self._get_url(base_url, url_variables) - request = models.GetInputStatusSystemInputsByPackRequest( + request = models.GetInputStatusSystemInputsByPackAndIDRequest( + id=id, metrics=metrics, type=type_, - offset=offset, - limit=limit, pack=pack, ) req = self._build_request( method="GET", - path="/p/{pack}/system/status/inputs", + path="/p/{pack}/system/status/inputs/{id}", base_url=base_url, url_variables=url_variables, request=request, @@ -291,7 +359,7 @@ def list( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getInputStatusSystemInputsByPack", + operation_id="getInputStatusSystemInputsByPackAndId", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -302,43 +370,13 @@ def list( retry_config=retry_config, ) - def next_func() -> Optional[models.GetInputStatusSystemInputsByPackResponse]: - body = utils.unmarshal_json(http_res.text, Union[Dict[Any, Any], List[Any]]) - - offset = request.offset if isinstance(request.offset, int) else 0 - - if not http_res.text: - return None - results = JSONPath("$.items").parse(body) - if len(results) == 0 or len(results[0]) == 0: - return None - limit_ = request.limit if isinstance(request.limit, int) else 0 - if len(results[0]) < limit_: - return None - next_offset = offset + len(results[0]) - - return self.list( - pack=pack, - metrics=metrics, - type_=type_, - offset=next_offset, - limit=limit, - retries=retries, - server_url=server_url, - timeout_ms=timeout_ms, - http_headers=http_headers, - ) - response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return models.GetInputStatusSystemInputsByPackResponse( - result=unmarshal_json_response(models.CountedInputStatus, http_res), - next=next_func, - ) + return unmarshal_json_response(models.CountedInputStatus, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) - if utils.match_response(http_res, ["400", "401", "4XX"], "*"): + if utils.match_response(http_res, ["401", "4XX"], "*"): http_res_text = utils.stream_to_text(http_res) raise errors.APIError("API error occurred", http_res, http_res_text) if utils.match_response(http_res, "5XX", "*"): @@ -347,28 +385,26 @@ def next_func() -> Optional[models.GetInputStatusSystemInputsByPackResponse]: raise errors.APIError("Unexpected response received", http_res) - async def list_async( + async def get_async( self, *, + id: str, pack: str, metrics: Optional[bool] = None, type_: Optional[bool] = None, - offset: Optional[int] = None, - limit: Optional[int] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> Optional[models.GetInputStatusSystemInputsByPackResponse]: - r"""List the status of all Sources within a Pack + ) -> models.CountedInputStatus: + r"""Get the status of a Source within a Pack - List status information and optional metrics for all configured Sources in the Worker Group or Edge Fleet within the specified Pack. + Get the status and optional metrics for the specified Source within the specified Pack. + :param id: The id of the Source to get the status for. :param pack: The id of the Pack. :param metrics: Set to true to include metrics for each Source. Otherwise, false (default). :param type: Set to true to prefix the Source id with the Source type. Otherwise, false (default). - :param offset: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. - :param limit: Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -384,17 +420,16 @@ async def list_async( else: base_url = self._get_url(base_url, url_variables) - request = models.GetInputStatusSystemInputsByPackRequest( + request = models.GetInputStatusSystemInputsByPackAndIDRequest( + id=id, metrics=metrics, type=type_, - offset=offset, - limit=limit, pack=pack, ) req = self._build_request_async( method="GET", - path="/p/{pack}/system/status/inputs", + path="/p/{pack}/system/status/inputs/{id}", base_url=base_url, url_variables=url_variables, request=request, @@ -425,7 +460,7 @@ async def list_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getInputStatusSystemInputsByPack", + operation_id="getInputStatusSystemInputsByPackAndId", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -436,48 +471,13 @@ async def list_async( retry_config=retry_config, ) - def next_func() -> ( - Awaitable[Optional[models.GetInputStatusSystemInputsByPackResponse]] - ): - body = utils.unmarshal_json(http_res.text, Union[Dict[Any, Any], List[Any]]) - - async def empty_result(): - return None - - offset = request.offset if isinstance(request.offset, int) else 0 - - if not http_res.text: - return empty_result() - results = JSONPath("$.items").parse(body) - if len(results) == 0 or len(results[0]) == 0: - return empty_result() - limit_ = request.limit if isinstance(request.limit, int) else 0 - if len(results[0]) < limit_: - return empty_result() - next_offset = offset + len(results[0]) - - return self.list_async( - pack=pack, - metrics=metrics, - type_=type_, - offset=next_offset, - limit=limit, - retries=retries, - server_url=server_url, - timeout_ms=timeout_ms, - http_headers=http_headers, - ) - response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return models.GetInputStatusSystemInputsByPackResponse( - result=unmarshal_json_response(models.CountedInputStatus, http_res), - next=next_func, - ) + return unmarshal_json_response(models.CountedInputStatus, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) - if utils.match_response(http_res, ["400", "401", "4XX"], "*"): + if utils.match_response(http_res, ["401", "4XX"], "*"): http_res_text = await utils.stream_to_text_async(http_res) raise errors.APIError("API error occurred", http_res, http_res_text) if utils.match_response(http_res, "5XX", "*"): diff --git a/src/cribl_control_plane/pipelines.py b/src/cribl_control_plane/pipelines.py index be963924c..4dced2064 100644 --- a/src/cribl_control_plane/pipelines.py +++ b/src/cribl_control_plane/pipelines.py @@ -12,22 +12,18 @@ class Pipelines(BaseSDK): r"""Actions related to Pipelines""" - def create( + def list( self, *, - id: str, - conf: Union[models.ConfInput, models.ConfInputTypedDict], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedPipeline: - r"""Create a Pipeline + r"""List all Pipelines - Create a new Pipeline. + Get a list of all Pipelines. - :param id: - :param conf: :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -42,28 +38,19 @@ def create( base_url = server_url else: base_url = self._get_url(base_url, url_variables) - - request = models.PipelineInput( - id=id, - conf=utils.get_pydantic_model(conf, models.ConfInput), - ) - req = self._build_request( - method="POST", + method="GET", path="/pipelines", base_url=base_url, url_variables=url_variables, - request=request, - request_body_required=True, + request=None, + request_body_required=False, request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, - get_serialized_body=lambda: utils.serialize_request_body( - request, False, False, "json", models.PipelineInput - ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -84,7 +71,7 @@ def create( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="createPipelines", + operation_id="getPipelines", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -110,22 +97,18 @@ def create( raise errors.APIError("Unexpected response received", http_res) - async def create_async( + async def list_async( self, *, - id: str, - conf: Union[models.ConfInput, models.ConfInputTypedDict], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedPipeline: - r"""Create a Pipeline + r"""List all Pipelines - Create a new Pipeline. + Get a list of all Pipelines. - :param id: - :param conf: :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -140,28 +123,19 @@ async def create_async( base_url = server_url else: base_url = self._get_url(base_url, url_variables) - - request = models.PipelineInput( - id=id, - conf=utils.get_pydantic_model(conf, models.ConfInput), - ) - req = self._build_request_async( - method="POST", + method="GET", path="/pipelines", base_url=base_url, url_variables=url_variables, - request=request, - request_body_required=True, + request=None, + request_body_required=False, request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, - get_serialized_body=lambda: utils.serialize_request_body( - request, False, False, "json", models.PipelineInput - ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -182,7 +156,7 @@ async def create_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="createPipelines", + operation_id="getPipelines", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -208,18 +182,22 @@ async def create_async( raise errors.APIError("Unexpected response received", http_res) - def list( + def create( self, *, + id: str, + conf: Union[models.ConfInput, models.ConfInputTypedDict], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedPipeline: - r"""List all Pipelines + r"""Create a Pipeline - Get a list of all Pipelines. + Create a new Pipeline. + :param id: + :param conf: :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -234,19 +212,28 @@ def list( base_url = server_url else: base_url = self._get_url(base_url, url_variables) + + request = models.PipelineInput( + id=id, + conf=utils.get_pydantic_model(conf, models.ConfInput), + ) + req = self._build_request( - method="GET", + method="POST", path="/pipelines", base_url=base_url, url_variables=url_variables, - request=None, - request_body_required=False, + request=request, + request_body_required=True, request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, + get_serialized_body=lambda: utils.serialize_request_body( + request, False, False, "json", models.PipelineInput + ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -267,7 +254,7 @@ def list( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getPipelines", + operation_id="createPipelines", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -293,18 +280,22 @@ def list( raise errors.APIError("Unexpected response received", http_res) - async def list_async( + async def create_async( self, *, + id: str, + conf: Union[models.ConfInput, models.ConfInputTypedDict], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedPipeline: - r"""List all Pipelines + r"""Create a Pipeline - Get a list of all Pipelines. + Create a new Pipeline. + :param id: + :param conf: :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -319,19 +310,28 @@ async def list_async( base_url = server_url else: base_url = self._get_url(base_url, url_variables) + + request = models.PipelineInput( + id=id, + conf=utils.get_pydantic_model(conf, models.ConfInput), + ) + req = self._build_request_async( - method="GET", + method="POST", path="/pipelines", base_url=base_url, url_variables=url_variables, - request=None, - request_body_required=False, + request=request, + request_body_required=True, request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, + get_serialized_body=lambda: utils.serialize_request_body( + request, False, False, "json", models.PipelineInput + ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -352,7 +352,7 @@ async def list_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getPipelines", + operation_id="createPipelines", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -759,7 +759,7 @@ def update( ) -> models.CountedPipeline: r"""Update a Pipeline - Update the specified Pipeline.

Provide a complete representation of the Pipeline that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Pipeline.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Pipeline might not function as expected. + Update the specified Pipeline.

Provide a complete representation of the Pipeline that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Pipeline.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Pipeline might not function as expected. :param id_param: The id of the Pipeline to update. :param id: @@ -862,7 +862,7 @@ async def update_async( ) -> models.CountedPipeline: r"""Update a Pipeline - Update the specified Pipeline.

Provide a complete representation of the Pipeline that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Pipeline.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Pipeline might not function as expected. + Update the specified Pipeline.

Provide a complete representation of the Pipeline that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Pipeline.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Pipeline might not function as expected. :param id_param: The id of the Pipeline to update. :param id: diff --git a/src/cribl_control_plane/routes_sdk.py b/src/cribl_control_plane/routes_sdk.py index c5ee7bee9..b248bfa3e 100644 --- a/src/cribl_control_plane/routes_sdk.py +++ b/src/cribl_control_plane/routes_sdk.py @@ -6,26 +6,24 @@ from cribl_control_plane.types import OptionalNullable, UNSET from cribl_control_plane.utils import get_security_from_env from cribl_control_plane.utils.unmarshal_json_response import unmarshal_json_response -from typing import Any, Dict, List, Mapping, Optional, Union +from typing import Any, Dict, Iterable, List, Mapping, Optional, Union class RoutesSDK(BaseSDK): r"""Actions related to Routes""" - def get( + def list( self, *, - id: str, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedRoutes: - r"""Get a Routing table + r"""List all Routes - Get the specified Routing table. + Get a list of all Routes. - :param id: The id of the Routing table to get. The supported value is default. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -40,19 +38,14 @@ def get( base_url = server_url else: base_url = self._get_url(base_url, url_variables) - - request = models.GetRoutesByIDRequest( - id=id, - ) - req = self._build_request( method="GET", - path="/routes/{id}", + path="/routes", base_url=base_url, url_variables=url_variables, - request=request, + request=None, request_body_required=False, - request_has_path_params=True, + request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", @@ -78,7 +71,7 @@ def get( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getRoutesById", + operation_id="getRoutes", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -104,20 +97,18 @@ def get( raise errors.APIError("Unexpected response received", http_res) - async def get_async( + async def list_async( self, *, - id: str, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedRoutes: - r"""Get a Routing table + r"""List all Routes - Get the specified Routing table. + Get a list of all Routes. - :param id: The id of the Routing table to get. The supported value is default. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -132,19 +123,14 @@ async def get_async( base_url = server_url else: base_url = self._get_url(base_url, url_variables) - - request = models.GetRoutesByIDRequest( - id=id, - ) - req = self._build_request_async( method="GET", - path="/routes/{id}", + path="/routes", base_url=base_url, url_variables=url_variables, - request=request, + request=None, request_body_required=False, - request_has_path_params=True, + request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", @@ -170,7 +156,7 @@ async def get_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getRoutesById", + operation_id="getRoutes", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -196,37 +182,20 @@ async def get_async( raise errors.APIError("Unexpected response received", http_res) - def update( + def get( self, *, - id_param: str, id: str, - routes: Union[ - List[models.RouteConfInput], List[models.RouteConfInputTypedDict] - ], - comments: Optional[ - Union[List[models.RouteComment], List[models.RouteCommentTypedDict]] - ] = None, - groups: Optional[ - Union[ - Dict[str, models.AdditionalPropertiesTypeRoutesGroups], - Dict[str, models.AdditionalPropertiesTypeRoutesGroupsTypedDict], - ] - ] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedRoutes: - r"""Update a Route + r"""Get a Routing table - Update a Route in the specified Routing table.

Provide a complete representation of the Routing table, including the Route that you want to update, in the request body. This endpoint does not support partial updates. Cribl removes any omitted Routes and fields when updating.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the Routing table might not function as expected. + Get the specified Routing table. - :param id_param: The id of the Routing table that contains the Route to update. The supported value is default. - :param id: Unique identifier for the Routing table. The supported value is default. - :param routes: Array of Route configurations that define how events are processed and routed. - :param comments: Array of user-provided comments that describe or annotate Routes. - :param groups: Information about the Route Groups that the Route is associated with. + :param id: The id of the Routing table to get. The supported value is default. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -242,37 +211,23 @@ def update( else: base_url = self._get_url(base_url, url_variables) - request = models.UpdateRoutesByIDRequest( - id_param=id_param, - routes_input=models.RoutesInput( - comments=utils.get_pydantic_model( - comments, Optional[List[models.RouteComment]] - ), - groups=utils.get_pydantic_model( - groups, - Optional[Dict[str, models.AdditionalPropertiesTypeRoutesGroups]], - ), - id=id, - routes=utils.get_pydantic_model(routes, List[models.RouteConfInput]), - ), + request = models.GetRoutesByIDRequest( + id=id, ) req = self._build_request( - method="PATCH", + method="GET", path="/routes/{id}", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=True, + request_body_required=False, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, - get_serialized_body=lambda: utils.serialize_request_body( - request.routes_input, False, False, "json", models.RoutesInput - ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -293,7 +248,7 @@ def update( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="updateRoutesById", + operation_id="getRoutesById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -319,37 +274,20 @@ def update( raise errors.APIError("Unexpected response received", http_res) - async def update_async( + async def get_async( self, *, - id_param: str, id: str, - routes: Union[ - List[models.RouteConfInput], List[models.RouteConfInputTypedDict] - ], - comments: Optional[ - Union[List[models.RouteComment], List[models.RouteCommentTypedDict]] - ] = None, - groups: Optional[ - Union[ - Dict[str, models.AdditionalPropertiesTypeRoutesGroups], - Dict[str, models.AdditionalPropertiesTypeRoutesGroupsTypedDict], - ] - ] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedRoutes: - r"""Update a Route + r"""Get a Routing table - Update a Route in the specified Routing table.

Provide a complete representation of the Routing table, including the Route that you want to update, in the request body. This endpoint does not support partial updates. Cribl removes any omitted Routes and fields when updating.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the Routing table might not function as expected. + Get the specified Routing table. - :param id_param: The id of the Routing table that contains the Route to update. The supported value is default. - :param id: Unique identifier for the Routing table. The supported value is default. - :param routes: Array of Route configurations that define how events are processed and routed. - :param comments: Array of user-provided comments that describe or annotate Routes. - :param groups: Information about the Route Groups that the Route is associated with. + :param id: The id of the Routing table to get. The supported value is default. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -365,37 +303,23 @@ async def update_async( else: base_url = self._get_url(base_url, url_variables) - request = models.UpdateRoutesByIDRequest( - id_param=id_param, - routes_input=models.RoutesInput( - comments=utils.get_pydantic_model( - comments, Optional[List[models.RouteComment]] - ), - groups=utils.get_pydantic_model( - groups, - Optional[Dict[str, models.AdditionalPropertiesTypeRoutesGroups]], - ), - id=id, - routes=utils.get_pydantic_model(routes, List[models.RouteConfInput]), - ), + request = models.GetRoutesByIDRequest( + id=id, ) req = self._build_request_async( - method="PATCH", + method="GET", path="/routes/{id}", base_url=base_url, url_variables=url_variables, request=request, - request_body_required=True, + request_body_required=False, request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, - get_serialized_body=lambda: utils.serialize_request_body( - request.routes_input, False, False, "json", models.RoutesInput - ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -416,7 +340,7 @@ async def update_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="updateRoutesById", + operation_id="getRoutesById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -442,18 +366,37 @@ async def update_async( raise errors.APIError("Unexpected response received", http_res) - def list( + def update( self, *, + id_param: str, + id: str, + routes: Union[ + Iterable[models.RouteConfInput], Iterable[models.RouteConfInputTypedDict] + ], + comments: Optional[ + Union[Iterable[models.RouteComment], Iterable[models.RouteCommentTypedDict]] + ] = None, + groups: Optional[ + Union[ + Mapping[str, models.AdditionalPropertiesTypeRoutesGroups], + Mapping[str, models.AdditionalPropertiesTypeRoutesGroupsTypedDict], + ] + ] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedRoutes: - r"""List all Routes + r"""Update a Route - Get a list of all Routes. + Update a Route in the specified Routing table.

\1 This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Routing table.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Routing table might not function as expected.

Cribl also removes any omitted Routes when updating the Routing table. + :param id_param: The id of the Routing table that contains the Route to update. The supported value is default. + :param id: Unique identifier for the Routing table. The supported value is default. + :param routes: Array of Route configurations that define how events are processed and routed. + :param comments: Array of user-provided comments that describe or annotate Routes. + :param groups: Information about the Route Groups that the Route is associated with. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -468,19 +411,38 @@ def list( base_url = server_url else: base_url = self._get_url(base_url, url_variables) + + request = models.UpdateRoutesByIDRequest( + id_param=id_param, + routes_input=models.RoutesInput( + comments=utils.get_pydantic_model( + comments, Optional[List[models.RouteComment]] + ), + groups=utils.get_pydantic_model( + groups, + Optional[Dict[str, models.AdditionalPropertiesTypeRoutesGroups]], + ), + id=id, + routes=utils.get_pydantic_model(routes, List[models.RouteConfInput]), + ), + ) + req = self._build_request( - method="GET", - path="/routes", + method="PATCH", + path="/routes/{id}", base_url=base_url, url_variables=url_variables, - request=None, - request_body_required=False, - request_has_path_params=False, + request=request, + request_body_required=True, + request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, + get_serialized_body=lambda: utils.serialize_request_body( + request.routes_input, False, False, "json", models.RoutesInput + ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -501,7 +463,7 @@ def list( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getRoutes", + operation_id="updateRoutesById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -527,18 +489,37 @@ def list( raise errors.APIError("Unexpected response received", http_res) - async def list_async( + async def update_async( self, *, + id_param: str, + id: str, + routes: Union[ + Iterable[models.RouteConfInput], Iterable[models.RouteConfInputTypedDict] + ], + comments: Optional[ + Union[Iterable[models.RouteComment], Iterable[models.RouteCommentTypedDict]] + ] = None, + groups: Optional[ + Union[ + Mapping[str, models.AdditionalPropertiesTypeRoutesGroups], + Mapping[str, models.AdditionalPropertiesTypeRoutesGroupsTypedDict], + ] + ] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, ) -> models.CountedRoutes: - r"""List all Routes + r"""Update a Route - Get a list of all Routes. + Update a Route in the specified Routing table.

\1 This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Routing table.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Routing table might not function as expected.

Cribl also removes any omitted Routes when updating the Routing table. + :param id_param: The id of the Routing table that contains the Route to update. The supported value is default. + :param id: Unique identifier for the Routing table. The supported value is default. + :param routes: Array of Route configurations that define how events are processed and routed. + :param comments: Array of user-provided comments that describe or annotate Routes. + :param groups: Information about the Route Groups that the Route is associated with. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -553,19 +534,38 @@ async def list_async( base_url = server_url else: base_url = self._get_url(base_url, url_variables) + + request = models.UpdateRoutesByIDRequest( + id_param=id_param, + routes_input=models.RoutesInput( + comments=utils.get_pydantic_model( + comments, Optional[List[models.RouteComment]] + ), + groups=utils.get_pydantic_model( + groups, + Optional[Dict[str, models.AdditionalPropertiesTypeRoutesGroups]], + ), + id=id, + routes=utils.get_pydantic_model(routes, List[models.RouteConfInput]), + ), + ) + req = self._build_request_async( - method="GET", - path="/routes", + method="PATCH", + path="/routes/{id}", base_url=base_url, url_variables=url_variables, - request=None, - request_body_required=False, - request_has_path_params=False, + request=request, + request_body_required=True, + request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", http_headers=http_headers, security=self.sdk_configuration.security, + get_serialized_body=lambda: utils.serialize_request_body( + request.routes_input, False, False, "json", models.RoutesInput + ), allow_empty_value=None, timeout_ms=timeout_ms, ) @@ -586,7 +586,7 @@ async def list_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getRoutes", + operation_id="updateRoutesById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -617,7 +617,7 @@ def append( *, id: str, request_body: Union[ - List[models.RouteConfInput], List[models.RouteConfInputTypedDict] + Iterable[models.RouteConfInput], Iterable[models.RouteConfInputTypedDict] ], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, @@ -719,7 +719,7 @@ async def append_async( *, id: str, request_body: Union[ - List[models.RouteConfInput], List[models.RouteConfInputTypedDict] + Iterable[models.RouteConfInput], Iterable[models.RouteConfInputTypedDict] ], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, diff --git a/src/cribl_control_plane/samples.py b/src/cribl_control_plane/samples.py index 147b8d8a6..4996acb6f 100644 --- a/src/cribl_control_plane/samples.py +++ b/src/cribl_control_plane/samples.py @@ -6,7 +6,7 @@ from cribl_control_plane.types import OptionalNullable, UNSET from cribl_control_plane.utils import get_security_from_env from cribl_control_plane.utils.unmarshal_json_response import unmarshal_json_response -from typing import Any, Dict, List, Mapping, Optional +from typing import Any, Dict, Iterable, List, Mapping, Optional class Samples(BaseSDK): @@ -202,7 +202,7 @@ def create( self, *, id: str, - events: List[Dict[str, Any]], + events: Iterable[Mapping[str, Any]], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, @@ -232,7 +232,7 @@ def create( request = models.CreateOutputTestByIDRequest( id=id, output_test_request=models.OutputTestRequest( - events=events, + events=utils.unmarshal(events, List[Dict[str, Any]]), ), ) @@ -306,7 +306,7 @@ async def create_async( self, *, id: str, - events: List[Dict[str, Any]], + events: Iterable[Mapping[str, Any]], retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, @@ -336,7 +336,7 @@ async def create_async( request = models.CreateOutputTestByIDRequest( id=id, output_test_request=models.OutputTestRequest( - events=events, + events=utils.unmarshal(events, List[Dict[str, Any]]), ), ) diff --git a/src/cribl_control_plane/sdk.py b/src/cribl_control_plane/sdk.py index 765b05b94..7cd8f6fed 100644 --- a/src/cribl_control_plane/sdk.py +++ b/src/cribl_control_plane/sdk.py @@ -42,49 +42,49 @@ class CriblControlPlane(BaseSDK): https://docs.cribl.io - See our complementary product documentation """ - database_connections: "DatabaseConnections" - r"""Actions related to DatabaseConnections""" + auth: "AuthSDK" functions: "Functions" r"""Actions related to functions""" - sources: "Sources" - r"""Actions related to Sources""" + health: "Health" + r"""Actions related to REST server health""" + database_connections: "DatabaseConnections" + r"""Actions related to DatabaseConnections""" + collectors: "CollectorsSDK" + r"""Actions related to Collectors""" packs: "Packs" r"""Actions related to Packs""" - destinations: "Destinations" - r"""Actions related to Destinations""" pipelines: "Pipelines" r"""Actions related to Pipelines""" - routes: "RoutesSDK" - r"""Actions related to Routes""" - collectors: "CollectorsSDK" - r"""Actions related to Collectors""" groups: "GroupsSDK" r"""Actions related to Groups""" + nodes: "Nodes" lakes: "Lakes" - auth: "AuthSDK" + routes: "RoutesSDK" + r"""Actions related to Routes""" system: "SystemSDK" - nodes: "Nodes" - health: "Health" - r"""Actions related to REST server health""" + sources: "Sources" + r"""Actions related to Sources""" + destinations: "Destinations" + r"""Actions related to Destinations""" versions: "Versions" _sub_sdk_map = { + "auth": ("cribl_control_plane.auth_sdk", "AuthSDK"), + "functions": ("cribl_control_plane.functions", "Functions"), + "health": ("cribl_control_plane.health", "Health"), "database_connections": ( "cribl_control_plane.databaseconnections", "DatabaseConnections", ), - "functions": ("cribl_control_plane.functions", "Functions"), - "sources": ("cribl_control_plane.sources", "Sources"), + "collectors": ("cribl_control_plane.collectors_sdk", "CollectorsSDK"), "packs": ("cribl_control_plane.packs", "Packs"), - "destinations": ("cribl_control_plane.destinations", "Destinations"), "pipelines": ("cribl_control_plane.pipelines", "Pipelines"), - "routes": ("cribl_control_plane.routes_sdk", "RoutesSDK"), - "collectors": ("cribl_control_plane.collectors_sdk", "CollectorsSDK"), "groups": ("cribl_control_plane.groups_sdk", "GroupsSDK"), + "nodes": ("cribl_control_plane.nodes", "Nodes"), "lakes": ("cribl_control_plane.lakes", "Lakes"), - "auth": ("cribl_control_plane.auth_sdk", "AuthSDK"), + "routes": ("cribl_control_plane.routes_sdk", "RoutesSDK"), "system": ("cribl_control_plane.system_sdk", "SystemSDK"), - "nodes": ("cribl_control_plane.nodes", "Nodes"), - "health": ("cribl_control_plane.health", "Health"), + "sources": ("cribl_control_plane.sources", "Sources"), + "destinations": ("cribl_control_plane.destinations", "Destinations"), "versions": ("cribl_control_plane.versions", "Versions"), } diff --git a/src/cribl_control_plane/settings.py b/src/cribl_control_plane/settings.py index 7011e534e..ebc2e5f28 100644 --- a/src/cribl_control_plane/settings.py +++ b/src/cribl_control_plane/settings.py @@ -34,7 +34,7 @@ def restart( ) -> models.CountedSystemRestartResponse: r"""Restart the Cribl server - Restart the Cribl server.Useful for applying configuration changes that require a full process restart, such as changes to system-level settings that cannot be applied by reloading. + Restart the Cribl server. Useful for applying configuration changes that require a full process restart, such as changes to system-level settings that cannot be applied by reloading. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method @@ -121,7 +121,7 @@ async def restart_async( ) -> models.CountedSystemRestartResponse: r"""Restart the Cribl server - Restart the Cribl server.Useful for applying configuration changes that require a full process restart, such as changes to system-level settings that cannot be applied by reloading. + Restart the Cribl server. Useful for applying configuration changes that require a full process restart, such as changes to system-level settings that cannot be applied by reloading. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method diff --git a/src/cribl_control_plane/sources.py b/src/cribl_control_plane/sources.py index 9e0cc6e79..ca250dd17 100644 --- a/src/cribl_control_plane/sources.py +++ b/src/cribl_control_plane/sources.py @@ -10,7 +10,7 @@ from cribl_control_plane.types import BaseModel, OptionalNullable, UNSET from cribl_control_plane.utils import get_security_from_env from cribl_control_plane.utils.unmarshal_json_response import unmarshal_json_response -from typing import Any, List, Mapping, Optional, Union, cast +from typing import Any, Iterable, List, Mapping, Optional, Union, cast class Sources(BaseSDK): @@ -37,7 +37,7 @@ def _init_sdks(self): def list( self, *, - type_: Optional[List[str]] = None, + type_: Optional[Iterable[str]] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, @@ -64,7 +64,7 @@ def list( base_url = self._get_url(base_url, url_variables) request = models.ListInputRequest( - type=type_, + type=utils.unmarshal(type_, Optional[List[str]]), ) req = self._build_request( @@ -129,7 +129,7 @@ def list( async def list_async( self, *, - type_: Optional[List[str]] = None, + type_: Optional[Iterable[str]] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, @@ -156,7 +156,7 @@ async def list_async( base_url = self._get_url(base_url, url_variables) request = models.ListInputRequest( - type=type_, + type=utils.unmarshal(type_, Optional[List[str]]), ) req = self._build_request_async( @@ -604,7 +604,7 @@ def update( ) -> models.CountedInputResponse: r"""Update a Source - Update the specified Source.

Provide a complete representation of the Source that you want to update in the request body. This endpoint does not support partial updates. Cribl removes omitted fields when updating the Source, except for criblSourceProvenance (its value is preserved when omitted and cannot be overwritten).

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Source might not function as expected. + Update the specified Source.

Provide a complete representation of the Source that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Source.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Source might not function as expected.

Cribl preserves criblSourceProvenance when you omit it from the request body, and you cannot overwrite it through this endpoint. :param id: The id of the Source to update. :param input: Input object. @@ -702,7 +702,7 @@ async def update_async( ) -> models.CountedInputResponse: r"""Update a Source - Update the specified Source.

Provide a complete representation of the Source that you want to update in the request body. This endpoint does not support partial updates. Cribl removes omitted fields when updating the Source, except for criblSourceProvenance (its value is preserved when omitted and cannot be overwritten).

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Source might not function as expected. + Update the specified Source.

Provide a complete representation of the Source that you want to update in the request body. This endpoint does not support partial updates. Cribl removes any omitted fields when updating the Source.

Confirm that the configuration in your request body is correct before sending the request. If the configuration is incorrect, the updated Source might not function as expected.

Cribl preserves criblSourceProvenance when you omit it from the request body, and you cannot overwrite it through this endpoint. :param id: The id of the Source to update. :param input: Input object. diff --git a/src/cribl_control_plane/sources_pq.py b/src/cribl_control_plane/sources_pq.py index 74e452ecd..acecc6b70 100644 --- a/src/cribl_control_plane/sources_pq.py +++ b/src/cribl_control_plane/sources_pq.py @@ -10,7 +10,7 @@ class SourcesPq(BaseSDK): - def clear( + def get( self, *, id: str, @@ -18,12 +18,12 @@ def clear( server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedString: - r"""Clear the persistent queue for a Source + ) -> models.CountedJobInfo: + r"""Get information about the latest job to clear the persistent queue for a Source - Clear the persistent queue (PQ) for the specified Source. + Get information about the latest job to clear the persistent queue (PQ) for the specified Source. - :param id: The id of the Source to clear the PQ for. + :param id: The id of the Source to get PQ job information for. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -39,12 +39,12 @@ def clear( else: base_url = self._get_url(base_url, url_variables) - request = models.DeleteInputPqByIDRequest( + request = models.GetInputPqByIDRequest( id=id, ) req = self._build_request( - method="DELETE", + method="GET", path="/system/inputs/{id}/pq", base_url=base_url, url_variables=url_variables, @@ -76,7 +76,7 @@ def clear( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="deleteInputPqById", + operation_id="getInputPqById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -88,8 +88,8 @@ def clear( ) response_data: Any = None - if utils.match_response(http_res, "201", "application/json"): - return unmarshal_json_response(models.CountedString, http_res) + if utils.match_response(http_res, "200", "application/json"): + return unmarshal_json_response(models.CountedJobInfo, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) @@ -102,7 +102,7 @@ def clear( raise errors.APIError("Unexpected response received", http_res) - async def clear_async( + async def get_async( self, *, id: str, @@ -110,12 +110,12 @@ async def clear_async( server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedString: - r"""Clear the persistent queue for a Source + ) -> models.CountedJobInfo: + r"""Get information about the latest job to clear the persistent queue for a Source - Clear the persistent queue (PQ) for the specified Source. + Get information about the latest job to clear the persistent queue (PQ) for the specified Source. - :param id: The id of the Source to clear the PQ for. + :param id: The id of the Source to get PQ job information for. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -131,12 +131,12 @@ async def clear_async( else: base_url = self._get_url(base_url, url_variables) - request = models.DeleteInputPqByIDRequest( + request = models.GetInputPqByIDRequest( id=id, ) req = self._build_request_async( - method="DELETE", + method="GET", path="/system/inputs/{id}/pq", base_url=base_url, url_variables=url_variables, @@ -168,7 +168,7 @@ async def clear_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="deleteInputPqById", + operation_id="getInputPqById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -180,8 +180,8 @@ async def clear_async( ) response_data: Any = None - if utils.match_response(http_res, "201", "application/json"): - return unmarshal_json_response(models.CountedString, http_res) + if utils.match_response(http_res, "200", "application/json"): + return unmarshal_json_response(models.CountedJobInfo, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) @@ -194,7 +194,7 @@ async def clear_async( raise errors.APIError("Unexpected response received", http_res) - def get( + def clear( self, *, id: str, @@ -202,12 +202,12 @@ def get( server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedJobInfo: - r"""Get information about the latest job to clear the persistent queue for a Source + ) -> models.CountedString: + r"""Clear the persistent queue for a Source - Get information about the latest job to clear the persistent queue (PQ) for the specified Source. + Clear the persistent queue (PQ) for the specified Source. - :param id: The id of the Source to get PQ job information for. + :param id: The id of the Source to clear the PQ for. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -223,12 +223,12 @@ def get( else: base_url = self._get_url(base_url, url_variables) - request = models.GetInputPqByIDRequest( + request = models.DeleteInputPqByIDRequest( id=id, ) req = self._build_request( - method="GET", + method="DELETE", path="/system/inputs/{id}/pq", base_url=base_url, url_variables=url_variables, @@ -260,7 +260,7 @@ def get( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getInputPqById", + operation_id="deleteInputPqById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -272,8 +272,8 @@ def get( ) response_data: Any = None - if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedJobInfo, http_res) + if utils.match_response(http_res, "201", "application/json"): + return unmarshal_json_response(models.CountedString, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) @@ -286,7 +286,7 @@ def get( raise errors.APIError("Unexpected response received", http_res) - async def get_async( + async def clear_async( self, *, id: str, @@ -294,12 +294,12 @@ async def get_async( server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedJobInfo: - r"""Get information about the latest job to clear the persistent queue for a Source + ) -> models.CountedString: + r"""Clear the persistent queue for a Source - Get information about the latest job to clear the persistent queue (PQ) for the specified Source. + Clear the persistent queue (PQ) for the specified Source. - :param id: The id of the Source to get PQ job information for. + :param id: The id of the Source to clear the PQ for. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -315,12 +315,12 @@ async def get_async( else: base_url = self._get_url(base_url, url_variables) - request = models.GetInputPqByIDRequest( + request = models.DeleteInputPqByIDRequest( id=id, ) req = self._build_request_async( - method="GET", + method="DELETE", path="/system/inputs/{id}/pq", base_url=base_url, url_variables=url_variables, @@ -352,7 +352,7 @@ async def get_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getInputPqById", + operation_id="deleteInputPqById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -364,8 +364,8 @@ async def get_async( ) response_data: Any = None - if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedJobInfo, http_res) + if utils.match_response(http_res, "201", "application/json"): + return unmarshal_json_response(models.CountedString, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) diff --git a/src/cribl_control_plane/sources_statuses.py b/src/cribl_control_plane/sources_statuses.py index dec13f925..3e5c86476 100644 --- a/src/cribl_control_plane/sources_statuses.py +++ b/src/cribl_control_plane/sources_statuses.py @@ -11,24 +11,26 @@ class SourcesStatuses(BaseSDK): - def get( + def list( self, *, - id: str, metrics: Optional[bool] = None, type_: Optional[bool] = None, + offset: Optional[int] = None, + limit: Optional[int] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedInputStatus: - r"""Get the status of a Source + ) -> Optional[models.GetInputStatusResponse]: + r"""List the status of all Sources - Get the status and optional metrics for the specified Source. + List status information and optional metrics for all configured Sources in the Worker Group or Edge Fleet. - :param id: The id of the Source to get the status for. :param metrics: Set to true to include metrics for each Source. Otherwise, false (default). :param type: Set to true to prefix the Source id with the Source type. Otherwise, false (default). + :param offset: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. + :param limit: Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -44,20 +46,21 @@ def get( else: base_url = self._get_url(base_url, url_variables) - request = models.GetInputStatusByIDRequest( - id=id, + request = models.GetInputStatusRequest( metrics=metrics, type=type_, + offset=offset, + limit=limit, ) req = self._build_request( method="GET", - path="/system/status/inputs/{id}", + path="/system/status/inputs", base_url=base_url, url_variables=url_variables, request=request, request_body_required=False, - request_has_path_params=True, + request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", @@ -83,7 +86,7 @@ def get( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getInputStatusById", + operation_id="getInputStatus", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -94,13 +97,42 @@ def get( retry_config=retry_config, ) + def next_func() -> Optional[models.GetInputStatusResponse]: + body = utils.unmarshal_json(http_res.text, Union[Dict[Any, Any], List[Any]]) + + offset = request.offset if isinstance(request.offset, int) else 0 + + if not http_res.text: + return None + results = JSONPath("$.items").parse(body) + if len(results) == 0 or len(results[0]) == 0: + return None + limit_ = request.limit if isinstance(request.limit, int) else 0 + if len(results[0]) < limit_: + return None + next_offset = offset + len(results[0]) + + return self.list( + metrics=metrics, + type_=type_, + offset=next_offset, + limit=limit, + retries=retries, + server_url=server_url, + timeout_ms=timeout_ms, + http_headers=http_headers, + ) + response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedInputStatus, http_res) + return models.GetInputStatusResponse( + result=unmarshal_json_response(models.CountedInputStatus, http_res), + next=next_func, + ) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) - if utils.match_response(http_res, ["401", "4XX"], "*"): + if utils.match_response(http_res, ["400", "401", "4XX"], "*"): http_res_text = utils.stream_to_text(http_res) raise errors.APIError("API error occurred", http_res, http_res_text) if utils.match_response(http_res, "5XX", "*"): @@ -109,24 +141,26 @@ def get( raise errors.APIError("Unexpected response received", http_res) - async def get_async( + async def list_async( self, *, - id: str, metrics: Optional[bool] = None, type_: Optional[bool] = None, + offset: Optional[int] = None, + limit: Optional[int] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> models.CountedInputStatus: - r"""Get the status of a Source + ) -> Optional[models.GetInputStatusResponse]: + r"""List the status of all Sources - Get the status and optional metrics for the specified Source. + List status information and optional metrics for all configured Sources in the Worker Group or Edge Fleet. - :param id: The id of the Source to get the status for. :param metrics: Set to true to include metrics for each Source. Otherwise, false (default). :param type: Set to true to prefix the Source id with the Source type. Otherwise, false (default). + :param offset: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. + :param limit: Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -142,20 +176,21 @@ async def get_async( else: base_url = self._get_url(base_url, url_variables) - request = models.GetInputStatusByIDRequest( - id=id, + request = models.GetInputStatusRequest( metrics=metrics, type=type_, + offset=offset, + limit=limit, ) req = self._build_request_async( method="GET", - path="/system/status/inputs/{id}", + path="/system/status/inputs", base_url=base_url, url_variables=url_variables, request=request, request_body_required=False, - request_has_path_params=True, + request_has_path_params=False, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", @@ -181,7 +216,7 @@ async def get_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getInputStatusById", + operation_id="getInputStatus", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -192,13 +227,45 @@ async def get_async( retry_config=retry_config, ) + def next_func() -> Awaitable[Optional[models.GetInputStatusResponse]]: + body = utils.unmarshal_json(http_res.text, Union[Dict[Any, Any], List[Any]]) + + async def empty_result(): + return None + + offset = request.offset if isinstance(request.offset, int) else 0 + + if not http_res.text: + return empty_result() + results = JSONPath("$.items").parse(body) + if len(results) == 0 or len(results[0]) == 0: + return empty_result() + limit_ = request.limit if isinstance(request.limit, int) else 0 + if len(results[0]) < limit_: + return empty_result() + next_offset = offset + len(results[0]) + + return self.list_async( + metrics=metrics, + type_=type_, + offset=next_offset, + limit=limit, + retries=retries, + server_url=server_url, + timeout_ms=timeout_ms, + http_headers=http_headers, + ) + response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return unmarshal_json_response(models.CountedInputStatus, http_res) + return models.GetInputStatusResponse( + result=unmarshal_json_response(models.CountedInputStatus, http_res), + next=next_func, + ) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) - if utils.match_response(http_res, ["401", "4XX"], "*"): + if utils.match_response(http_res, ["400", "401", "4XX"], "*"): http_res_text = await utils.stream_to_text_async(http_res) raise errors.APIError("API error occurred", http_res, http_res_text) if utils.match_response(http_res, "5XX", "*"): @@ -207,26 +274,24 @@ async def get_async( raise errors.APIError("Unexpected response received", http_res) - def list( + def get( self, *, + id: str, metrics: Optional[bool] = None, type_: Optional[bool] = None, - offset: Optional[int] = None, - limit: Optional[int] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> Optional[models.GetInputStatusResponse]: - r"""List the status of all Sources + ) -> models.CountedInputStatus: + r"""Get the status of a Source - List status information and optional metrics for all configured Sources in the Worker Group or Edge Fleet. + Get the status and optional metrics for the specified Source. + :param id: The id of the Source to get the status for. :param metrics: Set to true to include metrics for each Source. Otherwise, false (default). :param type: Set to true to prefix the Source id with the Source type. Otherwise, false (default). - :param offset: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. - :param limit: Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -242,21 +307,20 @@ def list( else: base_url = self._get_url(base_url, url_variables) - request = models.GetInputStatusRequest( + request = models.GetInputStatusByIDRequest( + id=id, metrics=metrics, type=type_, - offset=offset, - limit=limit, ) req = self._build_request( method="GET", - path="/system/status/inputs", + path="/system/status/inputs/{id}", base_url=base_url, url_variables=url_variables, request=request, request_body_required=False, - request_has_path_params=False, + request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", @@ -282,7 +346,7 @@ def list( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getInputStatus", + operation_id="getInputStatusById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -293,42 +357,13 @@ def list( retry_config=retry_config, ) - def next_func() -> Optional[models.GetInputStatusResponse]: - body = utils.unmarshal_json(http_res.text, Union[Dict[Any, Any], List[Any]]) - - offset = request.offset if isinstance(request.offset, int) else 0 - - if not http_res.text: - return None - results = JSONPath("$.items").parse(body) - if len(results) == 0 or len(results[0]) == 0: - return None - limit_ = request.limit if isinstance(request.limit, int) else 0 - if len(results[0]) < limit_: - return None - next_offset = offset + len(results[0]) - - return self.list( - metrics=metrics, - type_=type_, - offset=next_offset, - limit=limit, - retries=retries, - server_url=server_url, - timeout_ms=timeout_ms, - http_headers=http_headers, - ) - response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return models.GetInputStatusResponse( - result=unmarshal_json_response(models.CountedInputStatus, http_res), - next=next_func, - ) + return unmarshal_json_response(models.CountedInputStatus, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) - if utils.match_response(http_res, ["400", "401", "4XX"], "*"): + if utils.match_response(http_res, ["401", "4XX"], "*"): http_res_text = utils.stream_to_text(http_res) raise errors.APIError("API error occurred", http_res, http_res_text) if utils.match_response(http_res, "5XX", "*"): @@ -337,26 +372,24 @@ def next_func() -> Optional[models.GetInputStatusResponse]: raise errors.APIError("Unexpected response received", http_res) - async def list_async( + async def get_async( self, *, + id: str, metrics: Optional[bool] = None, type_: Optional[bool] = None, - offset: Optional[int] = None, - limit: Optional[int] = None, retries: OptionalNullable[utils.RetryConfig] = UNSET, server_url: Optional[str] = None, timeout_ms: Optional[int] = None, http_headers: Optional[Mapping[str, str]] = None, - ) -> Optional[models.GetInputStatusResponse]: - r"""List the status of all Sources + ) -> models.CountedInputStatus: + r"""Get the status of a Source - List status information and optional metrics for all configured Sources in the Worker Group or Edge Fleet. + Get the status and optional metrics for the specified Source. + :param id: The id of the Source to get the status for. :param metrics: Set to true to include metrics for each Source. Otherwise, false (default). :param type: Set to true to prefix the Source id with the Source type. Otherwise, false (default). - :param offset: Starting point from which to retrieve results for this request. Use with limit to paginate the response into manageable batches. - :param limit: Maximum number of items to return in the response for this request. Use with offset to paginate the response into manageable batches. :param retries: Override the default retry configuration for this method :param server_url: Override the default server URL for this method :param timeout_ms: Override the default request timeout configuration for this method in milliseconds @@ -372,21 +405,20 @@ async def list_async( else: base_url = self._get_url(base_url, url_variables) - request = models.GetInputStatusRequest( + request = models.GetInputStatusByIDRequest( + id=id, metrics=metrics, type=type_, - offset=offset, - limit=limit, ) req = self._build_request_async( method="GET", - path="/system/status/inputs", + path="/system/status/inputs/{id}", base_url=base_url, url_variables=url_variables, request=request, request_body_required=False, - request_has_path_params=False, + request_has_path_params=True, request_has_query_params=True, user_agent_header="user-agent", accept_header_value="application/json", @@ -412,7 +444,7 @@ async def list_async( hook_ctx=HookContext( config=self.sdk_configuration, base_url=base_url or "", - operation_id="getInputStatus", + operation_id="getInputStatusById", oauth2_scopes=[], security_source=get_security_from_env( self.sdk_configuration.security, models.Security @@ -423,45 +455,13 @@ async def list_async( retry_config=retry_config, ) - def next_func() -> Awaitable[Optional[models.GetInputStatusResponse]]: - body = utils.unmarshal_json(http_res.text, Union[Dict[Any, Any], List[Any]]) - - async def empty_result(): - return None - - offset = request.offset if isinstance(request.offset, int) else 0 - - if not http_res.text: - return empty_result() - results = JSONPath("$.items").parse(body) - if len(results) == 0 or len(results[0]) == 0: - return empty_result() - limit_ = request.limit if isinstance(request.limit, int) else 0 - if len(results[0]) < limit_: - return empty_result() - next_offset = offset + len(results[0]) - - return self.list_async( - metrics=metrics, - type_=type_, - offset=next_offset, - limit=limit, - retries=retries, - server_url=server_url, - timeout_ms=timeout_ms, - http_headers=http_headers, - ) - response_data: Any = None if utils.match_response(http_res, "200", "application/json"): - return models.GetInputStatusResponse( - result=unmarshal_json_response(models.CountedInputStatus, http_res), - next=next_func, - ) + return unmarshal_json_response(models.CountedInputStatus, http_res) if utils.match_response(http_res, "500", "application/json"): response_data = unmarshal_json_response(errors.ErrorData, http_res) raise errors.Error(response_data, http_res) - if utils.match_response(http_res, ["400", "401", "4XX"], "*"): + if utils.match_response(http_res, ["401", "4XX"], "*"): http_res_text = await utils.stream_to_text_async(http_res) raise errors.APIError("API error occurred", http_res, http_res_text) if utils.match_response(http_res, "5XX", "*"): diff --git a/src/cribl_control_plane/summaries.py b/src/cribl_control_plane/summaries.py index 8f14c2c25..9f2c5dd89 100644 --- a/src/cribl_control_plane/summaries.py +++ b/src/cribl_control_plane/summaries.py @@ -21,7 +21,7 @@ def get( ) -> models.CountedDistributedSummary: r"""Get a summary of the deployment for a specific product. - Get a summary of the deployment for the specified Cribl product (Stream or Edge).

The summary includes a count of Worker Groups or Edge Fleets and resources such as Pipelines, Routes, Sources, and Destinations. For Distributed deployments, it also includes a count and statistics for Worker or Edge Nodes. + Get a summary of the deployment for the specified Cribl product (Stream or Edge).

The summary includes a count of Worker Groups or Edge Fleets and resources such as Pipelines, Routes, Sources, and Destinations. For Distributed deployments, it also includes a count and statistics for Worker or Edge Nodes. :param product: Name of the Cribl product to get the summary for. :param retries: Override the default retry configuration for this method @@ -113,7 +113,7 @@ async def get_async( ) -> models.CountedDistributedSummary: r"""Get a summary of the deployment for a specific product. - Get a summary of the deployment for the specified Cribl product (Stream or Edge).

The summary includes a count of Worker Groups or Edge Fleets and resources such as Pipelines, Routes, Sources, and Destinations. For Distributed deployments, it also includes a count and statistics for Worker or Edge Nodes. + Get a summary of the deployment for the specified Cribl product (Stream or Edge).

The summary includes a count of Worker Groups or Edge Fleets and resources such as Pipelines, Routes, Sources, and Destinations. For Distributed deployments, it also includes a count and statistics for Worker or Edge Nodes. :param product: Name of the Cribl product to get the summary for. :param retries: Override the default retry configuration for this method diff --git a/src/cribl_control_plane/tokens.py b/src/cribl_control_plane/tokens.py index fcc499163..268fe919b 100644 --- a/src/cribl_control_plane/tokens.py +++ b/src/cribl_control_plane/tokens.py @@ -21,7 +21,7 @@ def get( ) -> models.CreateAuthLoginResponse: r"""Log in and fetch an authentication token - This endpoint is unavailable on Cribl.Cloud.Instead, follow the instructions at https://docs.cribl.io/stream/api-tutorials/#criblcloud to get an Auth token for Cribl.Cloud. + This endpoint is unavailable on Cribl.Cloud. Instead, follow the instructions at https://docs.cribl.io/stream/api-tutorials/#criblcloud to get an Auth token for Cribl.Cloud. :param password: :param username: @@ -121,7 +121,7 @@ async def get_async( ) -> models.CreateAuthLoginResponse: r"""Log in and fetch an authentication token - This endpoint is unavailable on Cribl.Cloud.Instead, follow the instructions at https://docs.cribl.io/stream/api-tutorials/#criblcloud to get an Auth token for Cribl.Cloud. + This endpoint is unavailable on Cribl.Cloud. Instead, follow the instructions at https://docs.cribl.io/stream/api-tutorials/#criblcloud to get an Auth token for Cribl.Cloud. :param password: :param username: diff --git a/src/cribl_control_plane/types/__init__.py b/src/cribl_control_plane/types/__init__.py index fc76fe0c5..faa268137 100644 --- a/src/cribl_control_plane/types/__init__.py +++ b/src/cribl_control_plane/types/__init__.py @@ -1,5 +1,6 @@ """Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" +from .base64fileinput import Base64EncodedString, Base64FileInput from .basemodel import ( BaseModel, Nullable, @@ -11,6 +12,8 @@ ) __all__ = [ + "Base64EncodedString", + "Base64FileInput", "BaseModel", "Nullable", "OptionalNullable", diff --git a/src/cribl_control_plane/types/base64fileinput.py b/src/cribl_control_plane/types/base64fileinput.py new file mode 100644 index 000000000..862566fe2 --- /dev/null +++ b/src/cribl_control_plane/types/base64fileinput.py @@ -0,0 +1,43 @@ +"""Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" + +from __future__ import annotations + +import base64 +import io +from os import PathLike +from typing import IO, Any, Union + +from pydantic.functional_validators import BeforeValidator +from typing_extensions import Annotated + + +Base64FileInput = Union[IO[bytes], PathLike[str]] + + +def encode_base64_file_input(value: Any) -> Any: + """Convert PathLike or IO[bytes] inputs to a base64 string. All standard binary streams + that inherit from io.IOBase are handled. Other values pass through. + """ + if isinstance(value, (PathLike, io.IOBase)): + if isinstance(value, PathLike): + with open(value, "rb") as fh: + binary = fh.read() + else: + # Restore position after reading: pydantic may validate the same stream more than once. + position = value.tell() if value.seekable() else None + binary = value.read() + if position is not None: + value.seek(position) + if isinstance(binary, str): + binary = binary.encode() + if not isinstance(binary, (bytes, bytearray)): + raise TypeError( + f"Base64FileInput expected binary IO returning bytes; got {type(binary).__name__}" + ) + return base64.b64encode(binary).decode("ascii") + return value + + +# Non-str inputs are converted to base64 by the BeforeValidator at construction time. +# Callers can also pass a pre-encoded base64 str. +Base64EncodedString = Annotated[str, BeforeValidator(encode_base64_file_input)] diff --git a/src/cribl_control_plane/utils/eventstreaming.py b/src/cribl_control_plane/utils/eventstreaming.py index 3bdcd6d3d..a8d4fe5cc 100644 --- a/src/cribl_control_plane/utils/eventstreaming.py +++ b/src/cribl_control_plane/utils/eventstreaming.py @@ -7,6 +7,7 @@ Any, Callable, Generic, + List, TypeVar, Optional, Generator, @@ -53,6 +54,9 @@ def __enter__(self): return self def __exit__(self, exc_type, exc_val, exc_tb): + self.close() + + def close(self): self._closed = True self.response.close() @@ -92,6 +96,9 @@ async def __aenter__(self): return self async def __aexit__(self, exc_type, exc_val, exc_tb): + await self.close() + + async def close(self): self._closed = True await self.response.aclose() @@ -114,6 +121,7 @@ class ServerEvent: b"\n\r", b"\n\n", ] +MAX_BOUNDARY_LEN = max(len(b) for b in MESSAGE_BOUNDARIES) UTF8_BOM = b"\xef\xbb\xbf" @@ -124,52 +132,56 @@ async def stream_events_async( sentinel: Optional[str] = None, data_required: bool = True, ) -> AsyncGenerator[T, None]: - buffer = bytearray() - position = 0 - event_id: Optional[str] = None - async for chunk in response.aiter_bytes(): - if len(buffer) == 0 and chunk.startswith(UTF8_BOM): - chunk = chunk[len(UTF8_BOM) :] - buffer += chunk - for i in range(position, len(buffer)): - char = buffer[i : i + 1] - seq: Optional[bytes] = None - if char in [b"\r", b"\n"]: - for boundary in MESSAGE_BOUNDARIES: - seq = _peek_sequence(i, buffer, boundary) - if seq is not None: - break - if seq is None: - continue - - block = buffer[position:i] - position = i + len(seq) - event, discard, event_id = _parse_event( - raw=block, - decoder=decoder, - sentinel=sentinel, - event_id=event_id, - data_required=data_required, - ) - if event is not None: - yield event - if discard: - await response.aclose() - return - - if position > 0: - buffer = buffer[position:] - position = 0 - - event, discard, _ = _parse_event( - raw=buffer, - decoder=decoder, - sentinel=sentinel, - event_id=event_id, - data_required=data_required, - ) - if event is not None: - yield event + try: + buffer = bytearray() + position = 0 + event_id: Optional[str] = None + async for chunk in response.aiter_bytes(): + if len(buffer) == 0 and chunk.startswith(UTF8_BOM): + chunk = chunk[len(UTF8_BOM) :] + old_len = len(buffer) + buffer += chunk + search_start = max(position, old_len - MAX_BOUNDARY_LEN + 1) + for i in range(search_start, len(buffer)): + char = buffer[i : i + 1] + seq: Optional[bytes] = None + if char in [b"\r", b"\n"]: + for boundary in MESSAGE_BOUNDARIES: + seq = _peek_sequence(i, buffer, boundary) + if seq is not None: + break + if seq is None: + continue + + block = buffer[position:i] + position = i + len(seq) + event, discard, event_id = _parse_event( + raw=block, + decoder=decoder, + sentinel=sentinel, + event_id=event_id, + data_required=data_required, + ) + if event is not None: + yield event + if discard: + return + + if position > 0: + buffer = buffer[position:] + position = 0 + + event, discard, _ = _parse_event( + raw=buffer, + decoder=decoder, + sentinel=sentinel, + event_id=event_id, + data_required=data_required, + ) + if event is not None: + yield event + finally: + await response.aclose() def stream_events( @@ -178,52 +190,56 @@ def stream_events( sentinel: Optional[str] = None, data_required: bool = True, ) -> Generator[T, None, None]: - buffer = bytearray() - position = 0 - event_id: Optional[str] = None - for chunk in response.iter_bytes(): - if len(buffer) == 0 and chunk.startswith(UTF8_BOM): - chunk = chunk[len(UTF8_BOM) :] - buffer += chunk - for i in range(position, len(buffer)): - char = buffer[i : i + 1] - seq: Optional[bytes] = None - if char in [b"\r", b"\n"]: - for boundary in MESSAGE_BOUNDARIES: - seq = _peek_sequence(i, buffer, boundary) - if seq is not None: - break - if seq is None: - continue - - block = buffer[position:i] - position = i + len(seq) - event, discard, event_id = _parse_event( - raw=block, - decoder=decoder, - sentinel=sentinel, - event_id=event_id, - data_required=data_required, - ) - if event is not None: - yield event - if discard: - response.close() - return - - if position > 0: - buffer = buffer[position:] - position = 0 - - event, discard, _ = _parse_event( - raw=buffer, - decoder=decoder, - sentinel=sentinel, - event_id=event_id, - data_required=data_required, - ) - if event is not None: - yield event + try: + buffer = bytearray() + position = 0 + event_id: Optional[str] = None + for chunk in response.iter_bytes(): + if len(buffer) == 0 and chunk.startswith(UTF8_BOM): + chunk = chunk[len(UTF8_BOM) :] + old_len = len(buffer) + buffer += chunk + search_start = max(position, old_len - MAX_BOUNDARY_LEN + 1) + for i in range(search_start, len(buffer)): + char = buffer[i : i + 1] + seq: Optional[bytes] = None + if char in [b"\r", b"\n"]: + for boundary in MESSAGE_BOUNDARIES: + seq = _peek_sequence(i, buffer, boundary) + if seq is not None: + break + if seq is None: + continue + + block = buffer[position:i] + position = i + len(seq) + event, discard, event_id = _parse_event( + raw=block, + decoder=decoder, + sentinel=sentinel, + event_id=event_id, + data_required=data_required, + ) + if event is not None: + yield event + if discard: + return + + if position > 0: + buffer = buffer[position:] + position = 0 + + event, discard, _ = _parse_event( + raw=buffer, + decoder=decoder, + sentinel=sentinel, + event_id=event_id, + data_required=data_required, + ) + if event is not None: + yield event + finally: + response.close() def _parse_event( @@ -238,7 +254,7 @@ def _parse_event( lines = re.split(r"\r?\n|\r", block) publish = False event = ServerEvent() - data = "" + data_parts: List[str] = [] for line in lines: if not line: continue @@ -259,7 +275,7 @@ def _parse_event( event.event = value publish = True elif field == "data": - data += value + "\n" + data_parts.append(value) publish = True elif field == "id": publish = True @@ -271,16 +287,17 @@ def _parse_event( publish = True event.id = event_id + has_data = bool(data_parts) + data = "\n".join(data_parts) - if sentinel and data == f"{sentinel}\n": + if sentinel and has_data and data == sentinel: return None, True, event_id # Skip data-less events when data is required - if not data and publish and data_required: + if not has_data and publish and data_required: return None, False, event_id - if data: - data = data[:-1] + if has_data: try: event.data = json.loads(data) except json.JSONDecodeError: @@ -291,7 +308,7 @@ def _parse_event( out_dict = { k: v for k, v in asdict(event).items() - if v is not None or (k == "data" and data) + if v is not None or (k == "data" and has_data) } out = decoder(json.dumps(out_dict)) diff --git a/src/cribl_control_plane/utils/forms.py b/src/cribl_control_plane/utils/forms.py index f961e76be..fdf0dc9b2 100644 --- a/src/cribl_control_plane/utils/forms.py +++ b/src/cribl_control_plane/utils/forms.py @@ -1,5 +1,6 @@ """Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.""" +import io from typing import ( Any, Dict, @@ -103,6 +104,10 @@ def _extract_file_properties(file_obj: Any) -> Tuple[str, Any, Any]: if file_metadata.content: content = getattr(file_obj, file_field_name, None) + if isinstance(content, io.TextIOBase): + content = content.read().encode( + getattr(content, "encoding", None) or "utf-8" + ) elif file_field_name == "content_type": content_type = getattr(file_obj, file_field_name, None) else: diff --git a/src/cribl_control_plane/utils/requestbodies.py b/src/cribl_control_plane/utils/requestbodies.py index 1de32b6d2..591415af8 100644 --- a/src/cribl_control_plane/utils/requestbodies.py +++ b/src/cribl_control_plane/utils/requestbodies.py @@ -46,6 +46,7 @@ def serialize_request_body( if re.match(r"^(application|text)\/([^+]+\+)*json.*", media_type) is not None: serialized_request_body.content = marshal_json(request_body, request_body_type) + elif re.match(r"^multipart\/.*", media_type) is not None: ( serialized_request_body.media_type, diff --git a/src/cribl_control_plane/utils/retries.py b/src/cribl_control_plane/utils/retries.py index af07d4e94..ca7b59efe 100644 --- a/src/cribl_control_plane/utils/retries.py +++ b/src/cribl_control_plane/utils/retries.py @@ -11,10 +11,13 @@ class BackoffStrategy: + """Exponential backoff strategy configuration.""" + initial_interval: int max_interval: int exponent: float max_elapsed_time: int + jitter_ms: Optional[int] def __init__( self, @@ -22,24 +25,63 @@ def __init__( max_interval: int, exponent: float, max_elapsed_time: int, + jitter_ms: Optional[int] = None, ): + """Initialize a backoff strategy. + + Args: + initial_interval: Initial retry interval in milliseconds. + max_interval: Maximum retry interval in milliseconds. + exponent: Base of the exponential backoff; the interval grows as + ``initial_interval * exponent ** retries``. + max_elapsed_time: Maximum total elapsed time in milliseconds. + jitter_ms: Additive jitter bound in milliseconds. When set, adds a random + value in ``[0, jitter_ms]`` to each computed backoff interval (default + ``+[0, 1s]``). + + Note: + When a response carries a ``Retry-After`` or ``retry-after-ms`` header, + that delay is used as-is and the sleep-shaping parameters + (``initial_interval``, ``max_interval``, ``exponent``, ``jitter_ms``) are + ignored for that attempt. + """ + if jitter_ms is not None and jitter_ms < 0: + raise ValueError("jitter_ms must be >= 0") self.initial_interval = initial_interval self.max_interval = max_interval self.exponent = exponent self.max_elapsed_time = max_elapsed_time + self.jitter_ms = jitter_ms class RetryConfig: + """Runtime retry configuration.""" + strategy: str backoff: BackoffStrategy retry_connection_errors: bool + status_codes_override: Optional[List[str]] def __init__( - self, strategy: str, backoff: BackoffStrategy, retry_connection_errors: bool + self, + strategy: str, + backoff: BackoffStrategy, + retry_connection_errors: bool, + status_codes_override: Optional[List[str]] = None, ): + """Initialize a retry configuration. + + Args: + strategy: Retry strategy: ``"none"`` or ``"backoff"``. + backoff: Backoff parameters. + retry_connection_errors: Whether to also retry transport-level connection errors. + status_codes_override: Retryable HTTP status codes that take precedence over the + per-operation defaults when non-empty. + """ self.strategy = strategy self.backoff = backoff self.retry_connection_errors = retry_connection_errors + self.status_codes_override = status_codes_override class Retries: @@ -48,7 +90,7 @@ class Retries: def __init__(self, config: RetryConfig, status_codes: List[str]): self.config = config - self.status_codes = status_codes + self.status_codes = config.status_codes_override or status_codes class TemporaryError(Exception): @@ -93,12 +135,28 @@ def _parse_retry_after_header(response: httpx.Response) -> Optional[int]: return None +def _parse_retry_after_ms_header(response: httpx.Response) -> Optional[int]: + retry_after_ms_header = response.headers.get("retry-after-ms") + if not retry_after_ms_header: + return None + + try: + milliseconds = float(retry_after_ms_header) + if milliseconds >= 0: + return round(milliseconds) + except (OverflowError, ValueError): + pass + + return None + + def _get_sleep_interval( exception: Exception, initial_interval: int, max_interval: int, exponent: float, retries: int, + jitter_ms: Optional[int] = None, ) -> float: """Get sleep interval for retry with exponential backoff. @@ -108,6 +166,7 @@ def _get_sleep_interval( max_interval: Maximum retry interval in milliseconds. exponent: Base for exponential backoff calculation. retries: Current retry attempt count. + jitter_ms: Additive jitter bound in ms; see ``BackoffStrategy.jitter_ms``. Returns: Sleep interval in seconds. @@ -119,7 +178,11 @@ def _get_sleep_interval( ): return exception.retry_after / 1000 - sleep = (initial_interval / 1000) * exponent**retries + random.uniform(0, 1) + sleep = (initial_interval / 1000) * exponent**retries + if jitter_ms is not None: + sleep += random.uniform(0, jitter_ms / 1000) + else: + sleep += random.uniform(0, 1) return min(sleep, max_interval / 1000) @@ -162,6 +225,7 @@ def do_request() -> httpx.Response: retries.config.backoff.max_interval, retries.config.backoff.exponent, retries.config.backoff.max_elapsed_time, + retries.config.backoff.jitter_ms, ) return func() @@ -206,6 +270,7 @@ async def do_request() -> httpx.Response: retries.config.backoff.max_interval, retries.config.backoff.exponent, retries.config.backoff.max_elapsed_time, + retries.config.backoff.jitter_ms, ) return await func() @@ -217,6 +282,7 @@ def retry_with_backoff( max_interval=60000, exponent=1.5, max_elapsed_time=3600000, + jitter_ms=None, ): start = round(time.time() * 1000) retries = 0 @@ -234,8 +300,17 @@ def retry_with_backoff( raise + if isinstance(exception, TemporaryError): + retry_after_ms = _parse_retry_after_ms_header(exception.response) + if retry_after_ms is not None: + exception.retry_after = retry_after_ms sleep = _get_sleep_interval( - exception, initial_interval, max_interval, exponent, retries + exception, + initial_interval, + max_interval, + exponent, + retries, + jitter_ms=jitter_ms, ) time.sleep(sleep) retries += 1 @@ -247,6 +322,7 @@ async def retry_with_backoff_async( max_interval=60000, exponent=1.5, max_elapsed_time=3600000, + jitter_ms=None, ): start = round(time.time() * 1000) retries = 0 @@ -264,8 +340,17 @@ async def retry_with_backoff_async( raise + if isinstance(exception, TemporaryError): + retry_after_ms = _parse_retry_after_ms_header(exception.response) + if retry_after_ms is not None: + exception.retry_after = retry_after_ms sleep = _get_sleep_interval( - exception, initial_interval, max_interval, exponent, retries + exception, + initial_interval, + max_interval, + exponent, + retries, + jitter_ms=jitter_ms, ) await asyncio.sleep(sleep) retries += 1 diff --git a/src/cribl_control_plane/utils/serializers.py b/src/cribl_control_plane/utils/serializers.py index d2149f8b9..1031ed930 100644 --- a/src/cribl_control_plane/utils/serializers.py +++ b/src/cribl_control_plane/utils/serializers.py @@ -4,7 +4,7 @@ import functools import json import typing -from typing import Any, Dict, List, Tuple, Union, get_args +from typing import Any, Dict, Iterable, List, Mapping, Tuple, Union, get_args import typing_extensions from typing_extensions import get_origin @@ -113,10 +113,12 @@ def validate(c): def unmarshal_json(raw, typ: Any) -> Any: - return unmarshal(from_json(raw), typ) + return unmarshal(from_json(raw), typ, coerce_iterables=False) -def unmarshal(val, typ: Any) -> Any: +def unmarshal(val, typ: Any, coerce_iterables: bool = True) -> Any: + if coerce_iterables: + val = _coerce_iterables_for_type(val, typ) unmarshaller = create_model( "Unmarshaller", body=(typ, ...), @@ -193,9 +195,88 @@ def get_pydantic_model(data: Any, typ: Any) -> Any: if not _contains_pydantic_model(data): return unmarshal(data, typ) + return _coerce_iterables_for_type(data, typ) + + +def _coerce_iterables_for_type(data: Any, typ: Any) -> Any: + if data is None or isinstance(data, (BaseModel, Unset)): + return data + + typ = _resolve_type_alias(typ) + origin = get_origin(typ) + + if _is_annotated_type(origin): + args = get_args(typ) + return _coerce_iterables_for_type(data, args[0]) if args else data + + if is_union(origin): + for arg in (arg for arg in get_args(typ) if arg is not type(None)): + coerced = _coerce_iterables_for_type(data, arg) + if coerced is not data: + return coerced + return data + + if _is_list_type(typ): + item_type = get_args(typ)[0] if get_args(typ) else Any + if isinstance(data, (str, bytes, bytearray, Mapping)): + return data + if isinstance(data, Iterable): + return [_coerce_iterables_for_type(item, item_type) for item in data] + return data + + if _is_mapping_type(typ): + value_type = get_args(typ)[1] if len(get_args(typ)) > 1 else Any + if isinstance(data, Mapping): + return { + key: _coerce_iterables_for_type(value, value_type) + for key, value in data.items() + } + return data + + if _is_pydantic_model_type(typ) and isinstance(data, Mapping): + coerced = None + for field_name, field in typ.model_fields.items(): + field_type = field.annotation + for key in (field_name, field.alias): + if key is not None and key in data: + value = data[key] if coerced is None else coerced[key] + coerced_value = _coerce_iterables_for_type(value, field_type) + if coerced_value is not value: + if coerced is None: + coerced = dict(data) + coerced[key] = coerced_value + return coerced if coerced is not None else data + return data +def _resolve_type_alias(typ: Any) -> Any: + return getattr(typ, "__value__", typ) + + +def _is_annotated_type(origin: Any) -> bool: + return any( + origin is typing_obj + for typing_obj in _get_typing_objects_by_name_of("Annotated") + ) + + +def _is_list_type(typ: Any) -> bool: + typ = _resolve_type_alias(typ) + return typ is list or get_origin(typ) is list + + +def _is_mapping_type(typ: Any) -> bool: + typ = _resolve_type_alias(typ) + origin = get_origin(typ) + mapping_origin = get_origin(Mapping[Any, Any]) + return typ in (dict, Dict, Mapping) or origin in (dict, Mapping, mapping_origin) + + +def _is_pydantic_model_type(typ: Any) -> bool: + return isinstance(typ, type) and issubclass(typ, BaseModel) + + def _contains_pydantic_model(data: Any) -> bool: if isinstance(data, BaseModel): return True diff --git a/src/cribl_control_plane/utils/unions.py b/src/cribl_control_plane/utils/unions.py index a227f4e87..243464023 100644 --- a/src/cribl_control_plane/utils/unions.py +++ b/src/cribl_control_plane/utils/unions.py @@ -2,7 +2,7 @@ from typing import Any -from pydantic import BaseModel, TypeAdapter +from pydantic import BaseModel, TypeAdapter, ValidationError def parse_open_union( @@ -16,8 +16,14 @@ def parse_open_union( """Parse an open discriminated union value with forward-compatibility. Known discriminator values are dispatched to their variant types. - Unknown discriminator values produce an instance of the fallback class, - preserving the raw payload for inspection. + Unknown discriminator values — or known discriminator values whose + payload fails variant validation (e.g. a partial variant emitted by a + newer server) — produce an instance of the fallback class, preserving + the raw payload for inspection. + + Non-dict values and dicts missing the discriminator deliberately raise + instead of falling back, so pydantic can try sibling branches of an + enclosing union (e.g. None in Optional[...]). """ if isinstance(v, BaseModel): return v @@ -26,7 +32,10 @@ def parse_open_union( disc = v[disc_key] variant_cls = variants.get(disc) if variant_cls is not None: - if isinstance(variant_cls, type) and issubclass(variant_cls, BaseModel): - return variant_cls.model_validate(v) - return TypeAdapter(variant_cls).validate_python(v) + try: + if isinstance(variant_cls, type) and issubclass(variant_cls, BaseModel): + return variant_cls.model_validate(v) + return TypeAdapter(variant_cls).validate_python(v) + except ValidationError: + return unknown_cls(raw=v) return unknown_cls(raw=v) diff --git a/src/cribl_control_plane/versions.py b/src/cribl_control_plane/versions.py index 876be9a93..030038d11 100644 --- a/src/cribl_control_plane/versions.py +++ b/src/cribl_control_plane/versions.py @@ -10,8 +10,8 @@ class Versions(BaseSDK): - branches: Branches commits: Commits + branches: Branches configs: VersionsConfigs statuses: VersionsStatuses @@ -23,8 +23,8 @@ def __init__( self._init_sdks() def _init_sdks(self): - self.branches = Branches(self.sdk_configuration, parent_ref=self.parent_ref) self.commits = Commits(self.sdk_configuration, parent_ref=self.parent_ref) + self.branches = Branches(self.sdk_configuration, parent_ref=self.parent_ref) self.configs = VersionsConfigs( self.sdk_configuration, parent_ref=self.parent_ref ) From bc05efc0f27847af47e6cabdd2bac7dbfc955347 Mon Sep 17 00:00:00 2001 From: "speakeasy-github[bot]" <128539517+speakeasy-github[bot]@users.noreply.github.com> Date: Wed, 24 Jun 2026 02:19:58 +0000 Subject: [PATCH 2/2] empty commit to trigger [run-tests] workflow